luisgulo/photoprism
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
8458 commits 22 branches 65 tags 324 MiB
Commit graph

8458 commits

This branch
This branch
All branches
Author SHA1 Message Date
Michael Mayer
c38962e469 API: Deny client access if the scope is not authorized #782 #808 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 19:27:38 +01:00
Michael Mayer
5dedc8a7c0 Auth: Apply same scope when session is created from auth token #782 #808 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 18:53:27 +01:00
Michael Mayer
fed1d8ad95 Auth: Accept access token as passwd with fail rate limit #782 #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 18:28:17 +01:00
Michael Mayer
9586a9ec69 Auth: Refactor API to allow auth secrets to be used as tokens #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 12:01:26 +01:00
Michael Mayer
b9b12fd56a Backend: Update deps in go.mod and go.sum 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 11:49:36 +01:00
Michael Mayer
7e964268a0 Frontend: Update deps in package.json and package-lock.json 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 11:49:00 +01:00
Michael Mayer
7840858b3e Frontend: Update translations.json #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 11:15:53 +01:00
Weblate
35fd8052b5 Weblate: Update frontend translations 2024-01-14 11:15:00 +01:00
Michael Mayer
23c0751171 Frontend: Update session.js and translations.pot #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 11:11:05 +01:00
Michael Mayer
d7710adce0 Auth: Improve "auth add" and "client add" CLI commands #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-14 09:51:49 +01:00
Michael Mayer
d89d3eaebf Frontend: Update deps in package.json and package-lock.json 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-13 16:31:18 +01:00
Michael Mayer
c5db7519b4 Frontend: Update translations.pot and translations.json #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-13 16:28:45 +01:00
Michael Mayer
e21e462f00 Auth: Improve "auth add" and "client add" CLI commands #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-13 16:27:05 +01:00
Weblate
94370bbc39 Weblate: Update frontend translations 2024-01-13 14:51:27 +01:00
Michael Mayer
91eadbc21f Auth: Reset existing user/browser sessions when upgrading #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-12 12:50:52 +01:00
Michael Mayer
9305f7fd68 Backend: Update deps in go.mod 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-12 12:46:47 +01:00
Michael Mayer
34b41cf606 Config: Update default wallpaper image 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-12 12:46:18 +01:00
Michael Mayer
7bdba93909 Develop: Upgrade base image from 240110-mantic to 240112-mantic 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-12 12:18:56 +01:00
Michael Mayer
93bc8996bc Entities: Update schema/mariadb.mmd 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-12 12:02:38 +01:00
Michael Mayer
c86764fa4b Entities: Update database schema SQL and mariadb.mmd 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-12 10:30:11 +01:00
Michael Mayer
cf71582e3f WebDAV: Require username when authenticating with basic auth #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 18:51:38 +01:00
Michael Mayer
584418cdb4 Search: Add photo.isStack() method to only flag actual stacks #3993 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 15:30:24 +01:00
Michael Mayer
b259d8fcd3 Frontend: Add closing div tag in component/photo/list.vue #3992 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 14:43:59 +01:00
Michael Mayer
e8ca9b8db2 WebDAV: Check if basic auth user matches the token, if set #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 12:49:31 +01:00
Michael Mayer
5bdc2a8b39 Frontend: Update deps in package.json and package-lock.json 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 12:10:34 +01:00
Michael Mayer
d481bc3d34 WebDAV: Add token authentication tests #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 12:08:39 +01:00
Michael Mayer
eff130cf90 WebDAV: Allow authentication with auth token and any username #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-11 11:37:36 +01:00
Michael Mayer
cc356abe03 WebDAV: Allow authentication with auth token and no username #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 18:03:38 +01:00
Michael Mayer
7d78ee803a Use human-friendly secrets & names for personal access tokens #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 17:23:08 +01:00
Michael Mayer
94e361a8fd WebDAV: Add authorization check based on auth tokens #782 #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 16:54:13 +01:00
Michael Mayer
7ef544fa53 Docs: Improve inline comments of the internal/server package #782 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 12:46:00 +01:00
Michael Mayer
7a05c5553b OAuth2: Add "POST /api/v1/oauth/revoke" API endpoint #782 #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 12:21:43 +01:00
Michael Mayer
481c207897 Cache: Refactor internal/ttl package 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 10:26:38 +01:00
Michael Mayer
2897248f1e Scripts: Add "golang.org/x/tools/cmd/godoc" to install-go-tools.sh 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 10:11:51 +01:00
Michael Mayer
dd1847efd3 Frontend: Update deps in package.json and package-lock.json 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 10:03:38 +01:00
Michael Mayer
63ad161b96 WebDAV: Refactor authentication and HTTP request handlers #3942 #3959 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-10 09:56:46 +01:00
Michael Mayer
e03dbe5d16 OAuth2: Refactor limit for number of access tokens / sessions #808 #3943 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-09 13:46:55 +01:00
Michael Mayer
0a50d1ac3b Develop: Update docker-compose.yml for testing with valid HTTPS certs 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-09 11:45:22 +01:00
Michael Mayer
3e924b70c7 API: Move handling of HTTP auth headers to pkg/header #808 #3943 #3959 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-09 10:58:47 +01:00
Michael Mayer
881bc4cb28 Backend: Update deps in go.mod and go.sum 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-09 10:35:56 +01:00
Michael Mayer
b8e14b5c34 Frontend: Update deps in package.json and package-lock.json 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-09 10:35:35 +01:00
Michael Mayer
8db853109e WebDAV: Set file mod time based on the "X-OC-MTime" header #3942 #3959 
Note that this is still experimental and the implementation needs to be
tested with a WebDAV client that sends a valid "X-OC-MTime" header.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 18:46:42 +01:00
Michael Mayer
64b8ed572d API: Add .well-known/openid-configuration route handler #808 #3943 
This adds an initial "/.well-known/openid-configuration" service
discovery endpoint for use by OpenID Connect clients.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 17:25:07 +01:00
Michael Mayer
ec13ccb6d5 OAuth2: Enforce limit for number of access tokens / sessions #808 #3943 
These changes ensure that OAuth2 clients cannot create an unlimited
number of access tokens (sessions) with their client credentials.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 16:57:07 +01:00
Michael Mayer
42fbf70dcf API: Update markers.go handler docs 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 14:56:07 +01:00
Michael Mayer
0e4d81853c API: Add .well-known/oauth-authorization-server route handler #808 #3943 
This commit also adds an /api/v1/oauth/logout endpoint that allows
clients to delete their sessions (access tokens) as needed.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-08 14:53:39 +01:00
Michael Mayer
f8e0615cc8 Auth: Ensure backwards compatibility for existing API clients #808 #3943 
These changes ensure that the new (SHA256) session ID is returned in the
"session_id" field, so that developers have time to update their client
implementations to use the new "access_token" field.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-07 12:25:56 +01:00
Michael Mayer
0d2f8be522 Auth: Use hashed auth tokens for enhanced security #3943 #808 #782 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-06 17:35:19 +01:00
Michael Mayer
1d28cbcd92 Frontend: Update deps in package.json and package-lock.json 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-06 13:31:14 +01:00
Michael Mayer
0ca37b2c92 Docs: Update year in backend and frontend package file headers 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-05 16:38:36 +01:00