helpy4/immich
1
0
Fork 0
mirror of https://github.com/immich-app/immich synced 2025-11-07 17:27:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Added mechanism of required password change of new user's first login (#272)

Browse source 
* Deprecate login scenarios that support pre-web era

* refactor and simplify setup

* Added user info to change password form

* change isFistLogin column to shouldChangePassword

* Implemented change user password

* Implement the change password page for mobile

* Change label

* Added changes log and up minor version

* Fixed typo in the release note

* Up server version
This commit is contained in:
Alex 2022-06-27 15:13:07 -05:00 committed by GitHub
parent 2e85e18020
commit 5f00d8b9c6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
33 changed files with 738 additions and 562 deletions
Download patch file Download diff file Expand all files Collapse all files

56
web/src/lib/components/forms/admin-registration-form.svelte
View file

@ -5,20 +5,36 @@
let error: string;
let success: string;
async function registerAdmin(event: SubmitEvent) {
error = '';
let password: string = '';
let confirmPassowrd: string = '';
const formElement = event.target as HTMLFormElement;
let canRegister = false;
const response = await sendRegistrationForm(formElement);
if (response.error) {
error = JSON.stringify(response.error);
$: {
if (password !== confirmPassowrd && confirmPassowrd.length > 0) {
error = 'Password does not match';
canRegister = false;
} else {
error = '';
canRegister = true;
}
}
async function registerAdmin(event: SubmitEvent) {
if (canRegister) {
error = '';
if (response.success) {
success = response.success;
goto('/auth/login');
const formElement = event.target as HTMLFormElement;
const response = await sendRegistrationForm(formElement);
if (response.error) {
error = JSON.stringify(response.error);
}
if (response.success) {
success = response.success;
goto('/auth/login');
}
}
}
</script>
@ -41,21 +57,33 @@
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="password">Admin Password</label>
<input class="immich-form-input" id="password" name="password" type="password" required />
<input class="immich-form-input" id="password" name="password" type="password" required bind:value={password} />
</div>
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="password">First Name</label>
<label class="immich-form-label" for="confirmPassword">Confirm Admin Password</label>
<input
class="immich-form-input"
id="confirmPassword"
name="password"
type="password"
required
bind:value={confirmPassowrd}
/>
</div>
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="firstName">First Name</label>
<input class="immich-form-input" id="firstName" name="firstName" type="text" required />
</div>
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="password">Last Name</label>
<label class="immich-form-label" for="lastName">Last Name</label>
<input class="immich-form-input" id="lastName" name="lastName" type="text" required />
</div>
{#if error}
<p class="text-red-400">{error}</p>
<p class="text-red-400 ml-4">{error}</p>
{/if}
{#if success}

97
web/src/lib/components/forms/change-password-form.svelte Normal file
View file

@ -0,0 +1,97 @@
<script lang="ts">
import { session } from '$app/stores';
import { sendRegistrationForm, sendUpdateForm } from '$lib/auth-api';
import { createEventDispatcher } from 'svelte';
import type { ImmichUser } from '../../models/immich-user';
export let user: ImmichUser;
let error: string;
let success: string;
let password: string = '';
let confirmPassowrd: string = '';
let changeChagePassword = false;
$: {
if (password !== confirmPassowrd && confirmPassowrd.length > 0) {
error = 'Password does not match';
changeChagePassword = false;
} else {
error = '';
changeChagePassword = true;
}
}
const dispatch = createEventDispatcher();
async function changePassword(event: SubmitEvent) {
if (changeChagePassword) {
error = '';
const formElement = event.target as HTMLFormElement;
const response = await sendUpdateForm(formElement);
if (response.error) {
error = JSON.stringify(response.error);
}
if (response.success) {
success = 'Password has been changed';
dispatch('success');
}
}
}
</script>
<div class="border bg-white p-4 shadow-sm w-[500px] rounded-md py-8">
<div class="flex flex-col place-items-center place-content-center gap-4 px-4">
<img class="text-center" src="/immich-logo.svg" height="100" width="100" alt="immich-logo" />
<h1 class="text-2xl text-immich-primary font-medium">Chage Password</h1>
<p class="text-sm border rounded-md p-4 font-mono text-gray-600">
Hi {user.firstName}
{user.lastName} ({user.email}),
<br />
<br />
This is either the first time you are signing into the system or a request has been made to change your password. Please
enter the new password below.
</p>
</div>
<form on:submit|preventDefault={changePassword} method="post" autocomplete="off">
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="password">New Password</label>
<input class="immich-form-input" id="password" name="password" type="password" required bind:value={password} />
</div>
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="confirmPassword">Confirm Password</label>
<input
class="immich-form-input"
id="confirmPassword"
name="password"
type="password"
required
bind:value={confirmPassowrd}
/>
</div>
{#if error}
<p class="text-red-400 ml-4 text-sm">{error}</p>
{/if}
{#if success}
<p class="text-immich-primary ml-4 text-sm">{success}</p>
{/if}
<div class="flex w-full">
<button
type="submit"
class="m-4 p-2 bg-immich-primary hover:bg-immich-primary/75 px-6 py-4 text-white rounded-md shadow-md w-full"
>Change Password</button
>
</div>
</form>
</div>

56
web/src/lib/components/forms/create-user-form.svelte
View file

@ -5,23 +5,39 @@
let error: string;
let success: string;
let password: string = '';
let confirmPassowrd: string = '';
let canCreateUser = false;
$: {
if (password !== confirmPassowrd && confirmPassowrd.length > 0) {
error = 'Password does not match';
canCreateUser = false;
} else {
error = '';
canCreateUser = true;
}
}
const dispatch = createEventDispatcher();
async function registerUser(event: SubmitEvent) {
error = '';
if (canCreateUser) {
error = '';
const formElement = event.target as HTMLFormElement;
const formElement = event.target as HTMLFormElement;
const response = await sendRegistrationForm(formElement);
const response = await sendRegistrationForm(formElement);
if (response.error) {
error = JSON.stringify(response.error);
}
if (response.error) {
error = JSON.stringify(response.error);
}
if (response.success) {
success = 'New user created';
if (response.success) {
success = 'New user created';
dispatch('user-created');
dispatch('user-created');
}
}
}
</script>
@ -43,25 +59,37 @@
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="password">Password</label>
<input class="immich-form-input" id="password" name="password" type="password" required />
<input class="immich-form-input" id="password" name="password" type="password" required bind:value={password} />
</div>
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="password">First Name</label>
<label class="immich-form-label" for="confirmPassword">Confirm Password</label>
<input
class="immich-form-input"
id="confirmPassword"
name="password"
type="password"
required
bind:value={confirmPassowrd}
/>
</div>
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="firstName">First Name</label>
<input class="immich-form-input" id="firstName" name="firstName" type="text" required />
</div>
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="password">Last Name</label>
<label class="immich-form-label" for="lastName">Last Name</label>
<input class="immich-form-input" id="lastName" name="lastName" type="text" required />
</div>
{#if error}
<p class="text-red-400">{error}</p>
<p class="text-red-400 ml-4 text-sm">{error}</p>
{/if}
{#if success}
<p class="text-immich-primary">{success}</p>
<p class="text-immich-primary ml-4 text-sm">{success}</p>
{/if}
<div class="flex w-full">
<button

12
web/src/lib/components/forms/login-form.svelte
View file

@ -18,14 +18,6 @@
error = response.error;
}
if (response.needUpdate) {
return dispatch('need-update');
}
if (response.needSelectAdmin) {
return dispatch('need-select-admin');
}
if (response.success) {
$session.user = {
accessToken: response.user!.accessToken,
@ -36,6 +28,10 @@
email: response.user!.email,
};
if (!response.user?.isAdmin && response.user?.shouldChangePassword) {
return dispatch('first-login');
}
return dispatch('success');
}
}

93
web/src/lib/components/forms/select-admin-form.svelte
View file

@ -1,93 +0,0 @@
<script lang="ts">
import { session } from '$app/stores';
import { createEventDispatcher, onMount } from 'svelte';
import { fade } from 'svelte/transition';
import type { ImmichUser } from '../../models/immich-user';
import Check from 'svelte-material-icons/Check.svelte';
let error: string = '';
let allUsers: Array<ImmichUser> = [];
let selectedUserId: string;
const dispatch = createEventDispatcher();
onMount(async () => {
const res = await fetch('/auth/login/api/get-users', { method: 'GET' });
const data = await res.json();
allUsers = data.allUsers;
});
const assignAdmin = async () => {
const res = await fetch('/auth/login/api/select-admin', {
method: 'POST',
body: JSON.stringify({
id: selectedUserId,
isAdmin: true,
}),
});
if (res.status === 200) {
const data = await res.json();
$session.user = {
accessToken: '',
firstName: data.userInfo.firstName,
lastName: data.userInfo.lastName,
isAdmin: data.userInfo.isAdmin,
id: data.userInfo.id,
email: data.userInfo.email,
};
dispatch('success');
} else {
error = JSON.stringify(await res.json());
}
};
</script>
<div class="border bg-white p-4 shadow-sm w-[500px] rounded-md py-8">
<div class="flex flex-col place-items-center place-content-center gap-4 px-4">
<img class="text-center" src="/immich-logo.svg" height="100" width="100" alt="immich-logo" />
<h1 class="text-2xl text-immich-primary font-medium">Select Admin</h1>
<p class="text-sm border rounded-md p-4 font-mono text-gray-600">
There are multiple users on the server, and none have been selected to be the admin. Please assign one as the
admin, who will be responsible for administrative tasks
</p>
</div>
<div class="text-xs m-4">USERS ON SERVER, CLICK TO SELECT ONE</div>
<div class="overflow-y-auto rounded-md max-h-[300px] block border mx-4 px-4 py-2">
{#each allUsers as user, i}
<div
class="p-4 flex justify-between place-items-center my-4 rounded-md hover:cursor-pointer shadow-sm bg-gray-50 hover:bg-gray-100"
on:click={() => (selectedUserId = user.id)}
>
<p class="test-sm text-slate-600">{i + 1} | {user.email}</p>
<!-- Icon -->
{#if selectedUserId == user.id}
<div
in:fade={{ duration: 100 }}
class="border rounded-full border-gray-300 bg-immich-primary w-8 h-8 flex place-items-center place-content-center"
>
<Check color="white" size="24" />
</div>
{:else}
<div in:fade={{ duration: 100 }} class="border rounded-full border-gray-300 w-8 h-8" />
{/if}
</div>
{/each}
</div>
{#if error}
<div class="text-xs m-4 text-red-400">Error: {error}</div>
{/if}
<div class="flex w-full">
<button
type="submit"
class="m-4 p-2 bg-immich-primary hover:bg-immich-primary/75 px-6 py-4 text-white rounded-md shadow-md w-full font-semibold"
on:click={assignAdmin}>Assign as Admin</button
>
</div>
</div>

68
web/src/lib/components/forms/update-form.svelte
View file

@ -1,68 +0,0 @@
<script lang="ts">
import { goto } from '$app/navigation';
import { session } from '$app/stores';
import { sendUpdateForm } from '$lib/auth-api';
import { createEventDispatcher } from 'svelte';
let error: string;
const dispatch = createEventDispatcher();
async function updateInfo(event: SubmitEvent) {
error = '';
const formElement = event.target as HTMLFormElement;
const response = await sendUpdateForm(formElement);
if (response.error) {
error = response.error;
}
if (response.success) {
$session.user = {
accessToken: response.user!.accessToken,
firstName: response.user!.firstName,
lastName: response.user!.lastName,
isAdmin: response.user!.isAdmin,
id: response.user!.id,
email: response.user!.email,
};
dispatch('success');
}
}
</script>
<div class="border bg-white p-4 shadow-sm w-[500px] rounded-md py-8">
<div class="flex flex-col place-items-center place-content-center gap-4 px-4">
<img class="text-center" src="/immich-logo.svg" height="100" width="100" alt="immich-logo" />
<h1 class="text-2xl text-immich-primary font-medium">Update User Info</h1>
<p class="text-sm border rounded-md p-4 font-mono text-gray-600">
Your account doesn't have information about your name, please update to continue the login process.
</p>
</div>
<form on:submit|preventDefault={updateInfo} method="post" action="/auth/login/update" autocomplete="off">
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="firstName">First name</label>
<input class="immich-form-input" id="firstName" name="firstName" type="text" required />
</div>
<div class="m-4 flex flex-col gap-2">
<label class="immich-form-label" for="lastName">Last name</label>
<input class="immich-form-input" id="lastName" name="lastName" type="text" required />
</div>
{#if error}
<p class="text-red-400 pl-4">{error}</p>
{/if}
<div class="flex w-full">
<button
type="submit"
class="m-4 p-2 bg-immich-primary hover:bg-immich-primary/75 px-6 py-4 text-white rounded-md shadow-md w-full font-semibold"
>Update</button
>
</div>
</form>
</div>