immich/server/src/dtos/auth.dto.ts

import { ApiProperty } from '@nestjs/swagger';
import { Transform } from 'class-transformer';
import { IsEmail, IsNotEmpty, IsString, MinLength } from 'class-validator';
import { APIKeyEntity } from 'src/entities/api-key.entity';
import { SessionEntity } from 'src/entities/session.entity';
import { SharedLinkEntity } from 'src/entities/shared-link.entity';
import { UserEntity } from 'src/entities/user.entity';

export enum ImmichCookie {
  ACCESS_TOKEN = 'immich_access_token',
  AUTH_TYPE = 'immich_auth_type',
  IS_AUTHENTICATED = 'immich_is_authenticated',
  SHARED_LINK_TOKEN = 'immich_shared_link_token',
}

export enum ImmichHeader {
  API_KEY = 'x-api-key',
  USER_TOKEN = 'x-immich-user-token',
  SESSION_TOKEN = 'x-immich-session-token',
  SHARED_LINK_KEY = 'x-immich-share-key',
  CHECKSUM = 'x-immich-checksum',
  CID = 'x-immich-cid',
}

export enum ImmichQuery {
  SHARED_LINK_KEY = 'key',
}

export type CookieResponse = {
  isSecure: boolean;
  values: Array<{ key: ImmichCookie; value: string }>;
};

export class AuthDto {
  user!: UserEntity;

  apiKey?: APIKeyEntity;
  sharedLink?: SharedLinkEntity;
  session?: SessionEntity;
}

export class LoginCredentialDto {
  @IsEmail({ require_tld: false })
  @Transform(({ value }) => value?.toLowerCase())
  @IsNotEmpty()
  @ApiProperty({ example: 'testuser@email.com' })
  email!: string;

  @IsString()
  @IsNotEmpty()
  @ApiProperty({ example: 'password' })
  password!: string;
}

export class LoginResponseDto {
  accessToken!: string;
  userId!: string;
  userEmail!: string;
  name!: string;
  profileImagePath!: string;
  isAdmin!: boolean;
  shouldChangePassword!: boolean;
}

export function mapLoginResponse(entity: UserEntity, accessToken: string): LoginResponseDto {
  return {
    accessToken,
    userId: entity.id,
    userEmail: entity.email,
    name: entity.name,
    isAdmin: entity.isAdmin,
    profileImagePath: entity.profileImagePath,
    shouldChangePassword: entity.shouldChangePassword,
  };
}

export class LogoutResponseDto {
  successful!: boolean;
  redirectUri!: string;
}

export class SignUpDto extends LoginCredentialDto {
  @IsString()
  @IsNotEmpty()
  @ApiProperty({ example: 'Admin' })
  name!: string;
}

export class ChangePasswordDto {
  @IsString()
  @IsNotEmpty()
  @ApiProperty({ example: 'password' })
  password!: string;

  @IsString()
  @IsNotEmpty()
  @MinLength(8)
  @ApiProperty({ example: 'password' })
  newPassword!: string;
}

export class ValidateAccessTokenResponseDto {
  authStatus!: boolean;
}

export class OAuthCallbackDto {
  @IsNotEmpty()
  @IsString()
  @ApiProperty()
  url!: string;
}

export class OAuthConfigDto {
  @IsNotEmpty()
  @IsString()
  redirectUri!: string;
}

export class OAuthAuthorizeResponseDto {
  url!: string;
}
refactor(server): auth dtos (#4881) * refactor: auth dtos * chore: open api 2023-11-09 10:14:15 -05:00			`import { ApiProperty } from '@nestjs/swagger';`
			`import { Transform } from 'class-transformer';`
			`import { IsEmail, IsNotEmpty, IsString, MinLength } from 'class-validator';`
chore: migrate database files (#8126) 2024-03-20 16:02:51 -05:00			`import { APIKeyEntity } from 'src/entities/api-key.entity';`
refactor(server): sessions (#8915) * refactor: auth device => sessions * chore: open api 2024-04-19 06:47:29 -04:00			`import { SessionEntity } from 'src/entities/session.entity';`
chore: migrate database files (#8126) 2024-03-20 16:02:51 -05:00			`import { SharedLinkEntity } from 'src/entities/shared-link.entity';`
			`import { UserEntity } from 'src/entities/user.entity';`
refactor(server): auth dtos (#4881) * refactor: auth dtos * chore: open api 2023-11-09 10:14:15 -05:00
refactor(server): cookies (#8920) 2024-04-19 11:19:23 -04:00			`export enum ImmichCookie {`
			`ACCESS_TOKEN = 'immich_access_token',`
			`AUTH_TYPE = 'immich_auth_type',`
			`IS_AUTHENTICATED = 'immich_is_authenticated',`
			`SHARED_LINK_TOKEN = 'immich_shared_link_token',`
			`}`

			`export enum ImmichHeader {`
			`API_KEY = 'x-api-key',`
			`USER_TOKEN = 'x-immich-user-token',`
			`SESSION_TOKEN = 'x-immich-session-token',`
refactor(server): auth route metadata (#9344) 2024-05-09 13:58:44 -04:00			`SHARED_LINK_KEY = 'x-immich-share-key',`
feat(server): immich checksum header (#9229) * feat: dedupe by checksum header * chore: open api 2024-05-02 15:42:26 -04:00			`CHECKSUM = 'x-immich-checksum',`
feat(server): log http exceptions (#9996) 2024-06-05 17:07:47 -04:00			`CID = 'x-immich-cid',`
refactor(server): cookies (#8920) 2024-04-19 11:19:23 -04:00			`}`

refactor(server): auth route metadata (#9344) 2024-05-09 13:58:44 -04:00			`export enum ImmichQuery {`
			`SHARED_LINK_KEY = 'key',`
			`}`

refactor(server): cookies (#8920) 2024-04-19 11:19:23 -04:00			`export type CookieResponse = {`
			`isSecure: boolean;`
			`values: Array<{ key: ImmichCookie; value: string }>;`
			`};`

refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-09 23:34:12 -05:00			`export class AuthDto {`
			`user!: UserEntity;`

			`apiKey?: APIKeyEntity;`
			`sharedLink?: SharedLinkEntity;`
refactor(server): sessions (#8915) * refactor: auth device => sessions * chore: open api 2024-04-19 06:47:29 -04:00			`session?: SessionEntity;`
refactor(server): auth dtos (#4881) * refactor: auth dtos * chore: open api 2023-11-09 10:14:15 -05:00			`}`

			`export class LoginCredentialDto {`
			`@IsEmail({ require_tld: false })`
			`@Transform(({ value }) => value?.toLowerCase())`
			`@IsNotEmpty()`
			`@ApiProperty({ example: 'testuser@email.com' })`
			`email!: string;`

			`@IsString()`
			`@IsNotEmpty()`
			`@ApiProperty({ example: 'password' })`
			`password!: string;`
			`}`

			`export class LoginResponseDto {`
			`accessToken!: string;`
			`userId!: string;`
			`userEmail!: string;`
fix: replace first and last name with single field (#4915) 2023-11-11 20:03:32 -05:00			`name!: string;`
refactor(server): auth dtos (#4881) * refactor: auth dtos * chore: open api 2023-11-09 10:14:15 -05:00			`profileImagePath!: string;`
			`isAdmin!: boolean;`
			`shouldChangePassword!: boolean;`
			`}`

			`export function mapLoginResponse(entity: UserEntity, accessToken: string): LoginResponseDto {`
			`return {`
refactor(server): cookies (#8920) 2024-04-19 11:19:23 -04:00			`accessToken,`
refactor(server): auth dtos (#4881) * refactor: auth dtos * chore: open api 2023-11-09 10:14:15 -05:00			`userId: entity.id,`
			`userEmail: entity.email,`
fix: replace first and last name with single field (#4915) 2023-11-11 20:03:32 -05:00			`name: entity.name,`
refactor(server): auth dtos (#4881) * refactor: auth dtos * chore: open api 2023-11-09 10:14:15 -05:00			`isAdmin: entity.isAdmin,`
			`profileImagePath: entity.profileImagePath,`
			`shouldChangePassword: entity.shouldChangePassword,`
			`};`
			`}`

			`export class LogoutResponseDto {`
			`successful!: boolean;`
			`redirectUri!: string;`
			`}`

			`export class SignUpDto extends LoginCredentialDto {`
			`@IsString()`
			`@IsNotEmpty()`
			`@ApiProperty({ example: 'Admin' })`
fix: replace first and last name with single field (#4915) 2023-11-11 20:03:32 -05:00			`name!: string;`
refactor(server): auth dtos (#4881) * refactor: auth dtos * chore: open api 2023-11-09 10:14:15 -05:00			`}`

			`export class ChangePasswordDto {`
			`@IsString()`
			`@IsNotEmpty()`
			`@ApiProperty({ example: 'password' })`
			`password!: string;`

			`@IsString()`
			`@IsNotEmpty()`
			`@MinLength(8)`
			`@ApiProperty({ example: 'password' })`
			`newPassword!: string;`
			`}`

			`export class ValidateAccessTokenResponseDto {`
			`authStatus!: boolean;`
			`}`

			`export class OAuthCallbackDto {`
			`@IsNotEmpty()`
			`@IsString()`
			`@ApiProperty()`
			`url!: string;`
			`}`

			`export class OAuthConfigDto {`
			`@IsNotEmpty()`
			`@IsString()`
			`redirectUri!: string;`
			`}`

			`export class OAuthAuthorizeResponseDto {`
			`url!: string;`
			`}`