2022-09-28 09:01:17 +02:00
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
|
|
|
"github.com/photoprism/photoprism/internal/entity"
|
2022-10-15 21:54:11 +02:00
|
|
|
"github.com/photoprism/photoprism/internal/get"
|
2024-01-14 18:28:17 +01:00
|
|
|
"github.com/photoprism/photoprism/internal/server/limiter"
|
2024-01-06 17:35:19 +01:00
|
|
|
"github.com/photoprism/photoprism/pkg/rnd"
|
2022-09-28 09:01:17 +02:00
|
|
|
)
|
|
|
|
|
2024-01-14 18:28:17 +01:00
|
|
|
// Session finds the client session for the specified auth token, or returns nil if not found.
|
|
|
|
func Session(clientIp, authToken string) *entity.Session {
|
2024-01-06 17:35:19 +01:00
|
|
|
// Skip authentication when running in public mode.
|
2022-10-15 21:54:11 +02:00
|
|
|
if get.Config().Public() {
|
|
|
|
return get.Session().Public()
|
2024-01-14 18:28:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// Fail if the auth token does not have a supported format.
|
|
|
|
if !rnd.IsAuthAny(authToken) {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Fail if authentication error rate limit is exceeded.
|
|
|
|
if clientIp != "" && limiter.Auth.Reject(clientIp) {
|
2022-09-28 09:01:17 +02:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2024-01-14 18:28:17 +01:00
|
|
|
// Find the session based on the hashed auth token, or return nil otherwise.
|
|
|
|
if s, err := entity.FindSession(rnd.SessionID(authToken)); err != nil {
|
|
|
|
if clientIp != "" {
|
|
|
|
limiter.Auth.Reserve(clientIp)
|
|
|
|
}
|
|
|
|
|
2022-09-28 09:01:17 +02:00
|
|
|
return nil
|
2024-01-06 17:35:19 +01:00
|
|
|
} else {
|
|
|
|
return s
|
2022-09-28 09:01:17 +02:00
|
|
|
}
|
2024-01-06 17:35:19 +01:00
|
|
|
}
|