This commit also adds an /api/v1/oauth/logout endpoint that allows
clients to delete their sessions (access tokens) as needed.
Signed-off-by: Michael Mayer <michael@photoprism.app>
You can now run "photoprism auth add" to create new client access tokens
that allow external applications to use the built-in REST API.
Signed-off-by: Michael Mayer <michael@photoprism.app>
This adds standard OAuth2 client credentials and bearer token support as
well as scope-based authorization checks for REST API clients. Note that
this initial implementation should not be used in production and that
the access token limit has not been implemented yet.
Signed-off-by: Michael Mayer <michael@photoprism.app>