photoprism/internal/api/headers.go
Michael Mayer 467f7b1585 OAuth2: Add Client Credentials Authentication #213 #782 #808 #3730 #3943
This adds standard OAuth2 client credentials and bearer token support as
well as scope-based authorization checks for REST API clients. Note that
this initial implementation should not be used in production and that
the access token limit has not been implemented yet.

Signed-off-by: Michael Mayer <michael@photoprism.app>
2023-12-12 18:42:50 +01:00

62 lines
1.8 KiB
Go

package api
import (
"fmt"
"strconv"
"github.com/gin-gonic/gin"
"github.com/photoprism/photoprism/internal/entity"
"github.com/photoprism/photoprism/internal/get"
"github.com/photoprism/photoprism/internal/server/header"
)
// AddCountHeader adds the actual result count to the response.
func AddCountHeader(c *gin.Context, count int) {
c.Header("X-Count", strconv.Itoa(count))
}
// AddLimitHeader adds the max result count to the response.
func AddLimitHeader(c *gin.Context, limit int) {
c.Header("X-Limit", strconv.Itoa(limit))
}
// AddOffsetHeader adds the result offset to the response.
func AddOffsetHeader(c *gin.Context, offset int) {
c.Header("X-Offset", strconv.Itoa(offset))
}
// AddDownloadHeader adds a header indicating the response is expected to be downloaded.
func AddDownloadHeader(c *gin.Context, fileName string) {
c.Header("Content-Disposition", fmt.Sprintf("attachment; filename=%s", fileName))
}
// AddSessionHeader adds a session id header to the response.
func AddSessionHeader(c *gin.Context, id string) {
c.Header(header.SessionID, id)
}
// AddContentTypeHeader adds a content type header to the response.
func AddContentTypeHeader(c *gin.Context, contentType string) {
c.Header("Content-Type", contentType)
}
// AddFileCountHeaders adds file and folder counts to the response.
func AddFileCountHeaders(c *gin.Context, filesCount, foldersCount int) {
c.Header("X-Files", strconv.Itoa(filesCount))
c.Header("X-Folders", strconv.Itoa(foldersCount))
}
// AddTokenHeaders adds preview token headers to the response.
func AddTokenHeaders(c *gin.Context, s *entity.Session) {
if get.Config().Public() {
return
}
if s.PreviewToken != "" {
c.Header("X-Preview-Token", s.PreviewToken)
}
if s.DownloadToken != "" {
c.Header("X-Download-Token", s.DownloadToken)
}
}