helpy4/immich
1
0
Fork 0
mirror of https://github.com/immich-app/immich synced 2025-11-14 17:36:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor(server): narrow auth types (#16066)

Browse source
This commit is contained in:
Jason Rasmussen 2025-02-12 15:23:08 -05:00 committed by GitHub
parent 7c821dd205
commit 2d7c333c8c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
25 changed files with 265 additions and 239 deletions
Download patch file Download diff file Expand all files Collapse all files

24
server/src/services/auth.service.ts
View file

@ -17,12 +17,10 @@ import {
mapLoginResponse,
} from 'src/dtos/auth.dto';
import { UserAdminResponseDto, mapUserAdmin } from 'src/dtos/user.dto';
import { SessionEntity } from 'src/entities/session.entity';
import { UserEntity } from 'src/entities/user.entity';
import { AuthType, ImmichCookie, ImmichHeader, ImmichQuery, Permission } from 'src/enum';
import { OAuthProfile } from 'src/repositories/oauth.repository';
import { BaseService } from 'src/services/base.service';
import { AuthApiKey } from 'src/types';
import { isGranted } from 'src/utils/access';
import { HumanReadableSize } from 'src/utils/bytes';
@ -298,11 +296,11 @@ export class AuthService extends BaseService {
const bytes = Buffer.from(key, key.length === 100 ? 'hex' : 'base64url');
const sharedLink = await this.sharedLinkRepository.getByKey(bytes);
if (sharedLink && (!sharedLink.expiresAt || new Date(sharedLink.expiresAt) > new Date())) {
const user = sharedLink.user;
if (user) {
return { user, sharedLink };
}
if (sharedLink?.user && (!sharedLink.expiresAt || new Date(sharedLink.expiresAt) > new Date())) {
return {
user: sharedLink.user,
sharedLink,
};
}
throw new UnauthorizedException('Invalid share key');
}
@ -310,10 +308,10 @@ export class AuthService extends BaseService {
private async validateApiKey(key: string): Promise<AuthDto> {
const hashedKey = this.cryptoRepository.hashSha256(key);
const apiKey = await this.keyRepository.getKey(hashedKey);
if (apiKey) {
if (apiKey?.user) {
return {
user: apiKey.user as unknown as UserEntity,
apiKey: apiKey as unknown as AuthApiKey,
user: apiKey.user,
apiKey,
};
}
@ -330,7 +328,6 @@ export class AuthService extends BaseService {
private async validateSession(tokenValue: string): Promise<AuthDto> {
const hashedToken = this.cryptoRepository.hashSha256(tokenValue);
const session = await this.sessionRepository.getByToken(hashedToken);
if (session?.user) {
const now = DateTime.now();
const updatedAt = DateTime.fromJSDate(session.updatedAt);
@ -339,7 +336,10 @@ export class AuthService extends BaseService {
await this.sessionRepository.update(session.id, { id: session.id, updatedAt: new Date() });
}
return { user: session.user as unknown as UserEntity, session: session as unknown as SessionEntity };
return {
user: session.user,
session,
};
}
throw new UnauthorizedException('Invalid user token');