photoprism/internal/api/session.go

package api

import (
	"github.com/photoprism/photoprism/internal/entity"
	"github.com/photoprism/photoprism/internal/get"
	"github.com/photoprism/photoprism/pkg/rnd"
)

// Session finds the client session for the specified
// auth token, or returns nil if not found.
func Session(authToken string) *entity.Session {
	// Skip authentication when running in public mode.
	if get.Config().Public() {
		return get.Session().Public()
	} else if !rnd.IsAuthToken(authToken) {
		return nil
	}

	// Find the session based on the hashed auth
	// token used as id, or return nil otherwise.
	if s, err := get.Session().Get(rnd.SessionID(authToken)); err != nil {
		return nil
	} else {
		return s
	}
}
Auth: Session and ACL enhancements #98 #1746 Signed-off-by: Michael Mayer <michael@photoprism.app> 2022-09-28 09:01:17 +02:00			`package api`

			`import (`
			`"github.com/photoprism/photoprism/internal/entity"`
Routing: Prefix frontend UI routes with /library #840 #2466 Also improves migrations and updates the db schema docs. Signed-off-by: Michael Mayer <michael@photoprism.app> 2022-10-15 21:54:11 +02:00			`"github.com/photoprism/photoprism/internal/get"`
Auth: Use hashed auth tokens for enhanced security #3943 #808 #782 Signed-off-by: Michael Mayer <michael@photoprism.app> 2024-01-06 17:35:19 +01:00			`"github.com/photoprism/photoprism/pkg/rnd"`
Auth: Session and ACL enhancements #98 #1746 Signed-off-by: Michael Mayer <michael@photoprism.app> 2022-09-28 09:01:17 +02:00			`)`

Auth: Use hashed auth tokens for enhanced security #3943 #808 #782 Signed-off-by: Michael Mayer <michael@photoprism.app> 2024-01-06 17:35:19 +01:00			`// Session finds the client session for the specified`
			`// auth token, or returns nil if not found.`
			`func Session(authToken string) *entity.Session {`
			`// Skip authentication when running in public mode.`
Routing: Prefix frontend UI routes with /library #840 #2466 Also improves migrations and updates the db schema docs. Signed-off-by: Michael Mayer <michael@photoprism.app> 2022-10-15 21:54:11 +02:00			`if get.Config().Public() {`
			`return get.Session().Public()`
Auth: Use hashed auth tokens for enhanced security #3943 #808 #782 Signed-off-by: Michael Mayer <michael@photoprism.app> 2024-01-06 17:35:19 +01:00			`} else if !rnd.IsAuthToken(authToken) {`
Auth: Session and ACL enhancements #98 #1746 Signed-off-by: Michael Mayer <michael@photoprism.app> 2022-09-28 09:01:17 +02:00			`return nil`
			`}`

Auth: Use hashed auth tokens for enhanced security #3943 #808 #782 Signed-off-by: Michael Mayer <michael@photoprism.app> 2024-01-06 17:35:19 +01:00			`// Find the session based on the hashed auth`
			`// token used as id, or return nil otherwise.`
			`if s, err := get.Session().Get(rnd.SessionID(authToken)); err != nil {`
Auth: Session and ACL enhancements #98 #1746 Signed-off-by: Michael Mayer <michael@photoprism.app> 2022-09-28 09:01:17 +02:00			`return nil`
Auth: Use hashed auth tokens for enhanced security #3943 #808 #782 Signed-off-by: Michael Mayer <michael@photoprism.app> 2024-01-06 17:35:19 +01:00			`} else {`
			`return s`
Auth: Session and ACL enhancements #98 #1746 Signed-off-by: Michael Mayer <michael@photoprism.app> 2022-09-28 09:01:17 +02:00			`}`
Auth: Use hashed auth tokens for enhanced security #3943 #808 #782 Signed-off-by: Michael Mayer <michael@photoprism.app> 2024-01-06 17:35:19 +01:00			`}`