luisgulo/photoprism
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
photoprism/internal/api/auth_test.go
Michael Mayer 467f7b1585 OAuth2: Add Client Credentials Authentication #213 #782 #808 #3730 #3943 
This adds standard OAuth2 client credentials and bearer token support as
well as scope-based authorization checks for REST API clients. Note that
this initial implementation should not be used in production and that
the access token limit has not been implemented yet.

Signed-off-by: Michael Mayer <michael@photoprism.app>
2023-12-12 18:42:50 +01:00

62 lines
1.7 KiB
Go
Raw Blame History

package api
import (
"net/http"
"net/http/httptest"
"strings"
"github.com/gin-gonic/gin"
"github.com/photoprism/photoprism/internal/form"
"github.com/photoprism/photoprism/internal/server/header"
)
// AuthenticateAdmin Register session routes and returns valid SessionId.
// Call this func after registering other routes and before performing other requests.
func AuthenticateAdmin(app *gin.Engine, router *gin.RouterGroup) (sessId string) {
return AuthenticateUser(app, router, "admin", "photoprism")
}
// AuthenticateUser Register session routes and returns valid SessionId.
// Call this func after registering other routes and before performing other requests.
func AuthenticateUser(app *gin.Engine, router *gin.RouterGroup, name string, password string) (sessId string) {
CreateSession(router)
r := PerformRequestWithBody(app, http.MethodPost, "/api/v1/session", form.AsJson(form.Login{
UserName: name,
Password: password,
}))
sessId = r.Header().Get(header.SessionID)
return
}
// Performs authenticated API request with empty request body.
func AuthenticatedRequest(r http.Handler, method, path, sess string) *httptest.ResponseRecorder {
req, _ := http.NewRequest(method, path, nil)
if sess != "" {
req.Header.Add(header.SessionID, sess)
}
w := httptest.NewRecorder()
r.ServeHTTP(w, req)
return w
}
// Performs an authenticated API request containing the request body as a string.
func AuthenticatedRequestWithBody(r http.Handler, method, path, body string, sess string) *httptest.ResponseRecorder {
reader := strings.NewReader(body)
req, _ := http.NewRequest(method, path, reader)
if sess != "" {
req.Header.Add(header.SessionID, sess)
}
w := httptest.NewRecorder()
r.ServeHTTP(w, req)
return w
}
Reference in a new issue View git blame Copy permalink