photoprism/internal/config/auth.go

62 lines
1.4 KiB
Go

package config
import (
"regexp"
"github.com/photoprism/photoprism/pkg/rnd"
"golang.org/x/crypto/bcrypt"
)
func isBcrypt(s string) bool {
b, err := regexp.MatchString(`^\$2[ayb]\$.{56}$`, s)
if err != nil {
return false
}
return b
}
// CheckPassword compares given password p with the admin password
func (c *Config) CheckPassword(p string) bool {
ap := c.AdminPassword()
if isBcrypt(ap) {
err := bcrypt.CompareHashAndPassword([]byte(ap), []byte(p))
return err == nil
}
return ap == p
}
// InvalidDownloadToken checks if the token is invalid.
func (c *Config) InvalidDownloadToken(t string) bool {
return c.DownloadToken() != t
}
// DownloadToken returns the DOWNLOAD api token (you can optionally use a static value for permanent caching).
func (c *Config) DownloadToken() string {
if c.options.DownloadToken == "" {
c.options.DownloadToken = rnd.Token(8)
}
return c.options.DownloadToken
}
// InvalidPreviewToken checks if the preview token is invalid.
func (c *Config) InvalidPreviewToken(t string) bool {
return c.PreviewToken() != t && c.DownloadToken() != t
}
// PreviewToken returns the preview image api token (based on the unique storage serial by default).
func (c *Config) PreviewToken() string {
if c.options.PreviewToken == "" {
if c.Public() {
c.options.PreviewToken = "public"
} else if c.Serial() == "" {
return "********"
} else {
c.options.PreviewToken = c.SerialChecksum()
}
}
return c.options.PreviewToken
}