luisgulo/photoprism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8,479 Commits 22 Branches 65 Tags 324 MiB
127b30dd31
Commit Graph

2875 Commits

Author SHA1 Message Date
Michael Mayer
127b30dd31 Config: Allow CORS for additional file types when using a CDN #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 21:25:29 +01:00
Michael Mayer
3946e2a16f API: Refactor "404 Not Found" response handler #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 20:56:43 +01:00
Michael Mayer
abfea6354c Config: Allow CORS for fonts and CSS when using a CDN #3931 
see https://www.w3.org/TR/css-fonts-3/#font-fetching-requirements

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 20:04:36 +01:00
graciousgrey
c478025513 Tests: Add unit tests #3943 2024-01-16 18:10:59 +01:00
graciousgrey
2bf65737d3 Tests: Add unit tests #3943 2024-01-16 18:10:59 +01:00
Michael Mayer
da10b30fdf API: Add auth token to vary header for caching proxies and CDNs #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 16:42:21 +01:00
Michael Mayer
c3b9b73d1d API: Only allow CDNs to cache GET, HEAD, and OPTIONS requests #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 16:17:16 +01:00
graciousgrey
e5aa76730f Tests: Add unit tests #3943 2024-01-16 16:10:57 +01:00
graciousgrey
121a19c58c Tests: Add unit tests #3943 2024-01-16 16:10:57 +01:00
Michael Mayer
02a1b12edb Config: Update CORS header defaults and add /api/v1/echo endpoint #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 14:36:08 +01:00
Michael Mayer
239708f00f Config: Add options to configure CORS origin, headers and methods #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 12:14:06 +01:00
graciousgrey
4e7a61ffe5 Tests: Add unit tests 2024-01-15 17:12:34 +01:00
Michael Mayer
c5f6a28448 Config: Add PHOTOPRISM_HTTP_CORS option for CDN users #3931 #3940 
In addition, the Access-Control-Allow-Origin header is set to the same
URL if an Origin header is found in the request (experimental).

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-15 13:06:27 +01:00
Michael Mayer
e44262d4ea Config: Ignore configured CDN URL if the same as the Site URL #3931 
see https://docs.photoprism.app/getting-started/using-a-cdn/#cloudflare

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-15 10:54:03 +01:00
Michael Mayer
c38962e469 API: Deny client access if the scope is not authorized #782 #808 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 19:27:38 +01:00
Michael Mayer
5dedc8a7c0 Auth: Apply same scope when session is created from auth token #782 #808 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 18:53:27 +01:00
Michael Mayer
fed1d8ad95 Auth: Accept access token as passwd with fail rate limit #782 #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 18:28:17 +01:00
Michael Mayer
9586a9ec69 Auth: Refactor API to allow auth secrets to be used as tokens #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 12:01:26 +01:00
Michael Mayer
d7710adce0 Auth: Improve "auth add" and "client add" CLI commands #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 09:51:49 +01:00
Michael Mayer
e21e462f00 Auth: Improve "auth add" and "client add" CLI commands #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-13 16:27:05 +01:00
Michael Mayer
91eadbc21f Auth: Reset existing user/browser sessions when upgrading #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-12 12:50:52 +01:00
Michael Mayer
34b41cf606 Config: Update default wallpaper image 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-12 12:46:18 +01:00
Michael Mayer
93bc8996bc Entities: Update schema/mariadb.mmd 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-12 12:02:38 +01:00
Michael Mayer
c86764fa4b Entities: Update database schema SQL and mariadb.mmd 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-12 10:30:11 +01:00
Michael Mayer
cf71582e3f WebDAV: Require username when authenticating with basic auth #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 18:51:38 +01:00
Michael Mayer
e8ca9b8db2 WebDAV: Check if basic auth user matches the token, if set #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 12:49:31 +01:00
Michael Mayer
d481bc3d34 WebDAV: Add token authentication tests #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 12:08:39 +01:00
Michael Mayer
eff130cf90 WebDAV: Allow authentication with auth token and any username #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 11:37:36 +01:00
Michael Mayer
cc356abe03 WebDAV: Allow authentication with auth token and no username #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 18:03:38 +01:00
Michael Mayer
7d78ee803a Use human-friendly secrets & names for personal access tokens #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 17:23:08 +01:00
Michael Mayer
94e361a8fd WebDAV: Add authorization check based on auth tokens #782 #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 16:54:13 +01:00
Michael Mayer
7ef544fa53 Docs: Improve inline comments of the internal/server package #782 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 12:46:00 +01:00
Michael Mayer
7a05c5553b OAuth2: Add "POST /api/v1/oauth/revoke" API endpoint #782 #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 12:21:43 +01:00
Michael Mayer
481c207897 Cache: Refactor internal/ttl package 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 10:26:38 +01:00
Michael Mayer
63ad161b96 WebDAV: Refactor authentication and HTTP request handlers #3942 #3959 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 09:56:46 +01:00
Michael Mayer
e03dbe5d16 OAuth2: Refactor limit for number of access tokens / sessions #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-09 13:46:55 +01:00
Michael Mayer
3e924b70c7 API: Move handling of HTTP auth headers to pkg/header #808 #3943 #3959 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-09 10:58:47 +01:00
Michael Mayer
8db853109e WebDAV: Set file mod time based on the "X-OC-MTime" header #3942 #3959 
Note that this is still experimental and the implementation needs to be
tested with a WebDAV client that sends a valid "X-OC-MTime" header.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 18:46:42 +01:00
Michael Mayer
64b8ed572d API: Add .well-known/openid-configuration route handler #808 #3943 
This adds an initial "/.well-known/openid-configuration" service
discovery endpoint for use by OpenID Connect clients.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 17:25:07 +01:00
Michael Mayer
ec13ccb6d5 OAuth2: Enforce limit for number of access tokens / sessions #808 #3943 
These changes ensure that OAuth2 clients cannot create an unlimited
number of access tokens (sessions) with their client credentials.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 16:57:07 +01:00
Michael Mayer
42fbf70dcf API: Update markers.go handler docs 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 14:56:07 +01:00
Michael Mayer
0e4d81853c API: Add .well-known/oauth-authorization-server route handler #808 #3943 
This commit also adds an /api/v1/oauth/logout endpoint that allows
clients to delete their sessions (access tokens) as needed.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 14:53:39 +01:00
Michael Mayer
f8e0615cc8 Auth: Ensure backwards compatibility for existing API clients #808 #3943 
These changes ensure that the new (SHA256) session ID is returned in the
"session_id" field, so that developers have time to update their client
implementations to use the new "access_token" field.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-07 12:25:56 +01:00
Michael Mayer
0d2f8be522 Auth: Use hashed auth tokens for enhanced security #3943 #808 #782 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-06 17:35:19 +01:00
Michael Mayer
0ca37b2c92 Docs: Update year in backend and frontend package file headers 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-05 16:38:36 +01:00
Michael Mayer
713593da4e Auth: Add CLI command to create access tokens for apps #782 #808 #3943 
You can now run "photoprism auth add" to create new client access tokens
that allow external applications to use the built-in REST API.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-05 16:31:07 +01:00
Michael Mayer
910e3becbb Auth: Refactor existing CLI sub-commands #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-02 17:06:57 +01:00
graciousgrey
04e8dfe6cb Tests: Add unit tests #3943 2023-12-21 16:00:28 +01:00
graciousgrey
0f8d5073dd Tests: Add unit tests #3943 2023-12-21 11:17:33 +01:00
graciousgrey
b6cb478cfb Tests: Add unit tests 2023-12-19 17:03:50 +01:00