feat(server,web,mobile): Add optional password option for share links. (#4655)

* feat(server,web,mobile): Add optional password option for share links. Signed-off-by: jarvis2f <137974272+jarvis2f@users.noreply.github.com> * feat(server,web): Update shared-link.controller and page.svelte for improved cookie handling and metadata updates. Signed-off-by: jarvis2f <137974272+jarvis2f@users.noreply.github.com> --------- Signed-off-by: jarvis2f <137974272+jarvis2f@users.noreply.github.com>
2023-10-29 09:35:38 +08:00
parent b34cbd881a
commit 8a6889529c
33 changed files with 556 additions and 41 deletions
--- a/server/src/immich/controllers/shared-link.controller.ts
+++ b/server/src/immich/controllers/shared-link.controller.ts
@@ -2,13 +2,16 @@ import {
  AssetIdsDto,
  AssetIdsResponseDto,
  AuthUserDto,
+  IMMICH_SHARED_LINK_ACCESS_COOKIE,
  SharedLinkCreateDto,
  SharedLinkEditDto,
+  SharedLinkPasswordDto,
  SharedLinkResponseDto,
  SharedLinkService,
 } from '@app/domain';
-import { Body, Controller, Delete, Get, Param, Patch, Post, Put } from '@nestjs/common';
+import { Body, Controller, Delete, Get, Param, Patch, Post, Put, Query, Req, Res } from '@nestjs/common';
 import { ApiTags } from '@nestjs/swagger';
+import { Request, Response } from 'express';
 import { AuthUser, Authenticated, SharedLinkRoute } from '../app.guard';
 import { UseValidation } from '../app.utils';
 import { UUIDParamDto } from './dto/uuid-param.dto';
@@ -27,8 +30,25 @@ export class SharedLinkController {

  @SharedLinkRoute()
  @Get('me')
-  getMySharedLink(@AuthUser() authUser: AuthUserDto): Promise<SharedLinkResponseDto> {
-    return this.service.getMine(authUser);
+  async getMySharedLink(
+    @AuthUser() authUser: AuthUserDto,
+    @Query() dto: SharedLinkPasswordDto,
+    @Req() req: Request,
+    @Res({ passthrough: true }) res: Response,
+  ): Promise<SharedLinkResponseDto> {
+    const sharedLinkToken = req.cookies?.[IMMICH_SHARED_LINK_ACCESS_COOKIE];
+    if (sharedLinkToken) {
+      dto.token = sharedLinkToken;
+    }
+    const sharedLinkResponse = await this.service.getMine(authUser, dto);
+    if (sharedLinkResponse.token) {
+      res.cookie(IMMICH_SHARED_LINK_ACCESS_COOKIE, sharedLinkResponse.token, {
+        expires: new Date(Date.now() + 1000 * 60 * 60 * 24),
+        httpOnly: true,
+        sameSite: 'lax',
+      });
+    }
+    return sharedLinkResponse;
  }

  @Get(':id')