Merge b408033e43 into d0fef4395f

modules/lfs/server.go

@@ -452,7 +452,6 @@ func unpack(ctx *context.Context) *RequestVars {
 
 // TODO cheap hack, unify with unpack
 func unpackbatch(ctx *context.Context) *BatchVars {
-
 	r := ctx.Req
 	var bv BatchVars
 
@@ -577,11 +576,33 @@ func parseToken(authorization string) (*models.User, *models.Repository, string,
 		user, password := cs[:i], cs[i+1:]
 		u, err := models.GetUserByName(user)
 		if err != nil {
-			return nil, nil, "basic", err
-		}
-		if !u.ValidatePassword(password) {
-			return nil, nil, "basic", fmt.Errorf("Basic auth failed")
+			if models.IsErrUserNotExist(err) {
+				isUsernameToken := len(password) == 0 || password == "x-oauth-basic"
+				authToken := user
+
+				if !isUsernameToken {
+					authToken = password
+				}
+
+				token, err := models.GetAccessTokenBySHA(authToken)
+				if err != nil {
+					return nil, nil, "basic", fmt.Errorf("Token not found")
+				}
+
+				u, err = models.GetUserByID(token.UID)
+				if err != nil {
+					return nil, nil, "basic", err
+				}
+
+			} else {
+				return nil, nil, "basic", err
+			}
+		} else {
+			if !u.ValidatePassword(password) {
+				return nil, nil, "basic", fmt.Errorf("Basic auth failed")
+			}
 		}
+
 		return u, nil, "basic", nil
 	}