2024-01-05 16:31:07 +01:00
|
|
|
package commands
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
|
|
|
|
"github.com/manifoldco/promptui"
|
|
|
|
"github.com/urfave/cli"
|
|
|
|
|
|
|
|
"github.com/photoprism/photoprism/internal/config"
|
|
|
|
"github.com/photoprism/photoprism/internal/entity"
|
|
|
|
"github.com/photoprism/photoprism/pkg/clean"
|
|
|
|
"github.com/photoprism/photoprism/pkg/report"
|
2024-01-10 17:23:08 +01:00
|
|
|
"github.com/photoprism/photoprism/pkg/rnd"
|
2024-01-05 16:31:07 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
// AuthAddFlags specifies the "photoprism auth add" command flags.
|
|
|
|
var AuthAddFlags = []cli.Flag{
|
|
|
|
cli.StringFlag{
|
|
|
|
Name: "name, n",
|
2024-01-18 16:53:05 +01:00
|
|
|
Usage: "access `TOKEN` name to help identify the client application",
|
2024-01-05 16:31:07 +01:00
|
|
|
},
|
|
|
|
cli.StringFlag{
|
|
|
|
Name: "scope, s",
|
2024-01-18 16:53:05 +01:00
|
|
|
Usage: "authorization `SCOPES` e.g. \"metrics\" or \"photos albums\" (\"*\" to allow all)",
|
2024-01-05 16:31:07 +01:00
|
|
|
},
|
|
|
|
cli.Int64Flag{
|
|
|
|
Name: "expires, e",
|
2024-01-18 16:53:05 +01:00
|
|
|
Usage: "authentication `LIFETIME` in seconds, after which the access token expires (-1 to disable the limit)",
|
2024-01-05 16:31:07 +01:00
|
|
|
Value: entity.UnixYear,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
// AuthAddCommand configures the command name, flags, and action.
|
|
|
|
var AuthAddCommand = cli.Command{
|
2024-01-14 09:51:49 +01:00
|
|
|
Name: "add",
|
2024-01-18 17:53:53 +01:00
|
|
|
Usage: "Creates a new access token for client authentication",
|
|
|
|
Description: "If you provide a username as argument, a personal access token for registered users will be created.",
|
2024-01-14 09:51:49 +01:00
|
|
|
ArgsUsage: "[username]",
|
|
|
|
Flags: AuthAddFlags,
|
|
|
|
Action: authAddAction,
|
2024-01-05 16:31:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// authAddAction shows detailed session information.
|
|
|
|
func authAddAction(ctx *cli.Context) error {
|
|
|
|
return CallWithDependencies(ctx, func(conf *config.Config) error {
|
2024-01-13 16:27:05 +01:00
|
|
|
// Get username from command flag.
|
2024-01-14 09:51:49 +01:00
|
|
|
userName := clean.Username(ctx.Args().First())
|
2024-01-13 16:27:05 +01:00
|
|
|
|
|
|
|
// Find user account.
|
|
|
|
user := entity.FindUserByName(userName)
|
2024-01-05 16:31:07 +01:00
|
|
|
|
2024-01-13 16:27:05 +01:00
|
|
|
if user == nil && userName != "" {
|
|
|
|
return fmt.Errorf("user %s not found", clean.LogQuote(userName))
|
|
|
|
}
|
|
|
|
|
2024-01-18 16:53:05 +01:00
|
|
|
// Get client name from command flag or ask for it.
|
|
|
|
clientName := ctx.String("name")
|
2024-01-13 16:27:05 +01:00
|
|
|
|
2024-01-18 16:53:05 +01:00
|
|
|
if clientName == "" {
|
2024-01-05 16:31:07 +01:00
|
|
|
prompt := promptui.Prompt{
|
2024-01-13 16:27:05 +01:00
|
|
|
Label: "Token Name",
|
|
|
|
Default: rnd.Name(),
|
2024-01-05 16:31:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
res, err := prompt.Run()
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2024-01-18 16:53:05 +01:00
|
|
|
clientName = clean.Name(res)
|
2024-01-05 16:31:07 +01:00
|
|
|
}
|
|
|
|
|
2024-01-13 16:27:05 +01:00
|
|
|
// Get auth scope from command flag or ask for it.
|
|
|
|
authScope := ctx.String("scope")
|
2024-01-05 16:31:07 +01:00
|
|
|
|
2024-01-13 16:27:05 +01:00
|
|
|
if authScope == "" {
|
|
|
|
prompt := promptui.Prompt{
|
|
|
|
Label: "Authorization Scope",
|
|
|
|
Default: "*",
|
|
|
|
}
|
2024-01-05 16:31:07 +01:00
|
|
|
|
2024-01-13 16:27:05 +01:00
|
|
|
res, err := prompt.Run()
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
authScope = clean.Scope(res)
|
2024-01-05 16:31:07 +01:00
|
|
|
}
|
|
|
|
|
2024-01-18 16:53:05 +01:00
|
|
|
// Create session with client access token.
|
|
|
|
sess, err := entity.CreateClientAccessToken(clientName, ctx.Int64("expires"), authScope, user)
|
2024-01-05 16:31:07 +01:00
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("failed to create access token: %s", err)
|
|
|
|
} else {
|
|
|
|
// Show client authentication credentials.
|
|
|
|
if sess.UserUID == "" {
|
|
|
|
fmt.Printf("\nPLEASE WRITE DOWN THE FOLLOWING RANDOMLY GENERATED CLIENT ACCESS TOKEN, AS YOU WILL NOT BE ABLE TO SEE IT AGAIN:\n")
|
|
|
|
} else {
|
|
|
|
fmt.Printf("\nPLEASE WRITE DOWN THE FOLLOWING RANDOMLY GENERATED PERSONAL ACCESS TOKEN, AS YOU WILL NOT BE ABLE TO SEE IT AGAIN:\n")
|
|
|
|
}
|
|
|
|
|
2024-01-06 17:35:19 +01:00
|
|
|
result := report.Credentials("Access Token", sess.AuthToken(), "Authorization Scope", sess.Scope())
|
2024-01-05 16:31:07 +01:00
|
|
|
|
|
|
|
fmt.Printf("\n%s\n", result)
|
|
|
|
}
|
|
|
|
|
|
|
|
return err
|
|
|
|
})
|
|
|
|
}
|