From a30080209d1488a7241e9d0f94904ee06af80303 Mon Sep 17 00:00:00 2001
From: Ivan Mahonin <bh@icystar.com>
Date: Sep 24 2019 18:56:22 +0000
Subject: fix bugs


---

diff --git a/model/users.py b/model/users.py
index 3b0dbba..4b98f83 100644
--- a/model/users.py
+++ b/model/users.py
@@ -88,7 +88,7 @@ class Users(ModelBase):
     return hashlib.sha512(bytes(str(id) + '|' + str(salt) + '|' + password, 'utf8')).hexdigest()
 
   def verify_login(self, login):
-    return self.model.identifier(login)
+    return self.model.verify_identifier(login)
 
   def can_create(self):
     return self.rights.issuperuser() or self.server.config['users']['selfcreate']
diff --git a/page/repo.py b/page/repo.py
index 36c809f..6f75931 100644
--- a/page/repo.py
+++ b/page/repo.py
@@ -74,6 +74,7 @@ class RepoViewPage(Page):
     answer.content += '<p>' + answer.te('clone url:') + ' ' \
                     + request.protocol \
                     + request.domain \
+                    + request.prefix \
                     + '/repo/' \
                     + repo.gen_subpath() \
                     + '</p>\n'
diff --git a/repoproxy.py b/repoproxy.py
index f9eae16..cf82bd2 100644
--- a/repoproxy.py
+++ b/repoproxy.py
@@ -149,8 +149,6 @@ class RepoProxy:
           return self.unauthorized()
         user = request.model.users.get_by_id(user_id)
         assert(user)
-      elif post:
-        return self.unauthorized()
       
       owner = request.model.users.get_by_login( repoowner )
       if not owner:
@@ -160,7 +158,12 @@ class RepoProxy:
       if not repo:
         return self.forbidden()
       
+      if repo.type == 'git' and len(nextpath) == 1 and nextpath[0] == 'git-upload-pack':
+        post = False
+
       if post:
+        if not user:
+          return self.unauthorized()
         if user.id != repo.user_id and not request.model.rights.get_superuser(user.id):
           return self.unauthorized()