Signed-off-by: Michael Mayer <michael@photoprism.app>
This commit is contained in:
parent
fed1d8ad95
commit
5dedc8a7c0
2 changed files with 22 additions and 10 deletions
|
@ -356,6 +356,27 @@ func (m *Session) SetAuthID(id string) *Session {
|
||||||
return m
|
return m
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Scope returns the authorization scope as a sanitized string.
|
||||||
|
func (m *Session) Scope() string {
|
||||||
|
return clean.Scope(m.AuthScope)
|
||||||
|
}
|
||||||
|
|
||||||
|
// HasScope checks if the session has the given authorization scope.
|
||||||
|
func (m *Session) HasScope(scope string) bool {
|
||||||
|
return list.ParseAttr(m.Scope()).Contains(scope)
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetScope sets a custom authentication scope.
|
||||||
|
func (m *Session) SetScope(scope string) *Session {
|
||||||
|
if scope == "" {
|
||||||
|
return m
|
||||||
|
}
|
||||||
|
|
||||||
|
m.AuthScope = clean.Scope(scope)
|
||||||
|
|
||||||
|
return m
|
||||||
|
}
|
||||||
|
|
||||||
// Method returns the authentication method.
|
// Method returns the authentication method.
|
||||||
func (m *Session) Method() authn.MethodType {
|
func (m *Session) Method() authn.MethodType {
|
||||||
return authn.Method(m.AuthMethod)
|
return authn.Method(m.AuthMethod)
|
||||||
|
@ -793,13 +814,3 @@ func (m *Session) HttpStatus() int {
|
||||||
|
|
||||||
return http.StatusUnauthorized
|
return http.StatusUnauthorized
|
||||||
}
|
}
|
||||||
|
|
||||||
// Scope returns the authorization scope as a sanitized string.
|
|
||||||
func (m *Session) Scope() string {
|
|
||||||
return clean.Scope(m.AuthScope)
|
|
||||||
}
|
|
||||||
|
|
||||||
// HasScope checks if the session has the given authorization scope.
|
|
||||||
func (m *Session) HasScope(scope string) bool {
|
|
||||||
return list.ParseAttr(m.Scope()).Contains(scope)
|
|
||||||
}
|
|
||||||
|
|
|
@ -126,6 +126,7 @@ func AuthLocal(user *User, f form.Login, m *Session, c *gin.Context) (authn.Prov
|
||||||
return authn.ProviderNone, i18n.Error(i18n.ErrInvalidCredentials)
|
return authn.ProviderNone, i18n.Error(i18n.ErrInvalidCredentials)
|
||||||
} else {
|
} else {
|
||||||
m.SetAuthID(authSess.AuthID)
|
m.SetAuthID(authSess.AuthID)
|
||||||
|
m.SetScope(authSess.Scope())
|
||||||
m.SetMethod(authn.MethodSession)
|
m.SetMethod(authn.MethodSession)
|
||||||
event.AuditInfo([]string{clientIp, "session %s", "login as %s with auth secret", "succeeded"}, m.RefID, clean.LogQuote(userName))
|
event.AuditInfo([]string{clientIp, "session %s", "login as %s with auth secret", "succeeded"}, m.RefID, clean.LogQuote(userName))
|
||||||
event.LoginInfo(clientIp, "api", userName, m.UserAgent)
|
event.LoginInfo(clientIp, "api", userName, m.UserAgent)
|
||||||
|
|
Loading…
Reference in a new issue