server/src/immich/controllers/auth.controller.ts

import {
  AdminSignupResponseDto,
  AuthDeviceResponseDto,
  AuthService,
  AuthType,
  AuthUserDto,
  ChangePasswordDto,
  IMMICH_ACCESS_COOKIE,
  IMMICH_AUTH_TYPE_COOKIE,
  LoginCredentialDto,
  LoginDetails,
  LoginResponseDto,
  LogoutResponseDto,
  SignUpDto,
  UserResponseDto,
  ValidateAccessTokenResponseDto,
} from '@app/domain';
import { Body, Controller, Delete, Get, Param, Post, Req, Res } from '@nestjs/common';
import { ApiBadRequestResponse, ApiTags } from '@nestjs/swagger';
import { Request, Response } from 'express';
import { Authenticated, AuthUser, GetLoginDetails, PublicRoute } from '../app.guard';
import { UseValidation } from '../app.utils';
import { UUIDParamDto } from './dto/uuid-param.dto';

@ApiTags('Authentication')
@Controller('auth')
@Authenticated()
@UseValidation()
export class AuthController {
  constructor(private service: AuthService) {}

  @PublicRoute()
  @Post('login')
  async login(
    @Body() loginCredential: LoginCredentialDto,
    @Res({ passthrough: true }) res: Response,
    @GetLoginDetails() loginDetails: LoginDetails,
  ): Promise<LoginResponseDto> {
    const { response, cookie } = await this.service.login(loginCredential, loginDetails);
    res.header('Set-Cookie', cookie);
    return response;
  }

  @PublicRoute()
  @Post('admin-sign-up')
  @ApiBadRequestResponse({ description: 'The server already has an admin' })
  adminSignUp(@Body() signUpCredential: SignUpDto): Promise<AdminSignupResponseDto> {
    return this.service.adminSignUp(signUpCredential);
  }

  @Get('devices')
  getAuthDevices(@AuthUser() authUser: AuthUserDto): Promise<AuthDeviceResponseDto[]> {
    return this.service.getDevices(authUser);
  }

  @Delete('devices')
  logoutAuthDevices(@AuthUser() authUser: AuthUserDto): Promise<void> {
    return this.service.logoutDevices(authUser);
  }

  @Delete('devices/:id')
  logoutAuthDevice(@AuthUser() authUser: AuthUserDto, @Param() { id }: UUIDParamDto): Promise<void> {
    return this.service.logoutDevice(authUser, id);
  }

  @Post('validateToken')
  validateAccessToken(): ValidateAccessTokenResponseDto {
    return { authStatus: true };
  }

  @Post('change-password')
  changePassword(@AuthUser() authUser: AuthUserDto, @Body() dto: ChangePasswordDto): Promise<UserResponseDto> {
    return this.service.changePassword(authUser, dto);
  }

  @Post('logout')
  logout(
    @Req() req: Request,
    @Res({ passthrough: true }) res: Response,
    @AuthUser() authUser: AuthUserDto,
  ): Promise<LogoutResponseDto> {
    const authType: AuthType = req.cookies[IMMICH_AUTH_TYPE_COOKIE];

    res.clearCookie(IMMICH_ACCESS_COOKIE);
    res.clearCookie(IMMICH_AUTH_TYPE_COOKIE);

    return this.service.logout(authUser, authType);
  }
}
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`import {`
			`AdminSignupResponseDto,`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`AuthDeviceResponseDto,`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`AuthService,`
			`AuthType,`
			`AuthUserDto,`
			`ChangePasswordDto,`
			`IMMICH_ACCESS_COOKIE,`
			`IMMICH_AUTH_TYPE_COOKIE,`
			`LoginCredentialDto,`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`LoginDetails,`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`LoginResponseDto,`
			`LogoutResponseDto,`
			`SignUpDto,`
			`UserResponseDto,`
			`ValidateAccessTokenResponseDto,`
			`} from '@app/domain';`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`import { Body, Controller, Delete, Get, Param, Post, Req, Res } from '@nestjs/common';`
feat(server): improve API specification (#1853) 2023-02-24 17:01:10 +01:00			`import { ApiBadRequestResponse, ApiTags } from '@nestjs/swagger';`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`import { Request, Response } from 'express';`
refactor(server): guards, decorators, and utils (#3060) 2023-07-01 14:27:34 -04:00			`import { Authenticated, AuthUser, GetLoginDetails, PublicRoute } from '../app.guard';`
			`import { UseValidation } from '../app.utils';`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`import { UUIDParamDto } from './dto/uuid-param.dto';`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00
			`@ApiTags('Authentication')`
			`@Controller('auth')`
refactor(server): auth decorator (#2588) 2023-05-28 12:30:01 -04:00			`@Authenticated()`
feat(server): improve validation in controllers (#2149) * feat(server): improve validation in controllers * set ValidationPipe config with decorator 2023-04-03 06:24:18 +02:00			`@UseValidation()`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`export class AuthController {`
refactor(server): send job command (#2777) * refactor: send job command * chore: open api 2023-06-16 15:36:07 -04:00			`constructor(private service: AuthService) {}`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00
refactor(server): auth decorator (#2588) 2023-05-28 12:30:01 -04:00			`@PublicRoute()`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`@Post('login')`
			`async login(`
feat(server): apply ValidationPipe on controllers (#2137) 2023-03-31 17:14:01 +02:00			`@Body() loginCredential: LoginCredentialDto,`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`@Res({ passthrough: true }) res: Response,`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`@GetLoginDetails() loginDetails: LoginDetails,`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`): Promise<LoginResponseDto> {`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`const { response, cookie } = await this.service.login(loginCredential, loginDetails);`
chore(server): cleanup controllers (#2065) 2023-03-24 00:53:56 -04:00			`res.header('Set-Cookie', cookie);`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`return response;`
			`}`

refactor(server): auth decorator (#2588) 2023-05-28 12:30:01 -04:00			`@PublicRoute()`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`@Post('admin-sign-up')`
			`@ApiBadRequestResponse({ description: 'The server already has an admin' })`
feat(server): apply ValidationPipe on controllers (#2137) 2023-03-31 17:14:01 +02:00			`adminSignUp(@Body() signUpCredential: SignUpDto): Promise<AdminSignupResponseDto> {`
chore(server): cleanup controllers (#2065) 2023-03-24 00:53:56 -04:00			`return this.service.adminSignUp(signUpCredential);`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`}`

feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`@Get('devices')`
refactor: rename get auth user decorator (#2778) Co-authored-by: Alex <alex.tran1502@gmail.com> 2023-06-16 15:39:53 -04:00			`getAuthDevices(@AuthUser() authUser: AuthUserDto): Promise<AuthDeviceResponseDto[]> {`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`return this.service.getDevices(authUser);`
			`}`

feat(web,server): logout all devices (#2415) * feat: logout all devices * chore: regenerate openapi * chore: add test * chore: logout vs log out 2023-05-09 15:34:17 -04:00			`@Delete('devices')`
refactor: rename get auth user decorator (#2778) Co-authored-by: Alex <alex.tran1502@gmail.com> 2023-06-16 15:39:53 -04:00			`logoutAuthDevices(@AuthUser() authUser: AuthUserDto): Promise<void> {`
feat(web,server): logout all devices (#2415) * feat: logout all devices * chore: regenerate openapi * chore: add test * chore: logout vs log out 2023-05-09 15:34:17 -04:00			`return this.service.logoutDevices(authUser);`
			`}`

feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`@Delete('devices/:id')`
refactor: rename get auth user decorator (#2778) Co-authored-by: Alex <alex.tran1502@gmail.com> 2023-06-16 15:39:53 -04:00			`logoutAuthDevice(@AuthUser() authUser: AuthUserDto, @Param() { id }: UUIDParamDto): Promise<void> {`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`return this.service.logoutDevice(authUser, id);`
			`}`

refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`@Post('validateToken')`
chore(server): cleanup controllers (#2065) 2023-03-24 00:53:56 -04:00			`validateAccessToken(): ValidateAccessTokenResponseDto {`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`return { authStatus: true };`
			`}`

			`@Post('change-password')`
refactor: rename get auth user decorator (#2778) Co-authored-by: Alex <alex.tran1502@gmail.com> 2023-06-16 15:39:53 -04:00			`changePassword(@AuthUser() authUser: AuthUserDto, @Body() dto: ChangePasswordDto): Promise<UserResponseDto> {`
chore(server): cleanup controllers (#2065) 2023-03-24 00:53:56 -04:00			`return this.service.changePassword(authUser, dto);`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`}`

			`@Post('logout')`
chore(server): cleanup controllers (#2065) 2023-03-24 00:53:56 -04:00			`logout(`
chore(server): remove token when logged out (#1560) * chore(mobile): invoke logout() on mobile app * feat: add mechanism to delete token from logging out endpoint * fix: set state after login sequence success * fix: not removing token when logging out from OAuth * fix: prettier * refactor: using accessTokenId to delete * chore: pr comments * fix: test * fix: test threshold 2023-02-05 23:31:16 -06:00			`@Req() req: Request,`
			`@Res({ passthrough: true }) res: Response,`
refactor: rename get auth user decorator (#2778) Co-authored-by: Alex <alex.tran1502@gmail.com> 2023-06-16 15:39:53 -04:00			`@AuthUser() authUser: AuthUserDto,`
chore(server): remove token when logged out (#1560) * chore(mobile): invoke logout() on mobile app * feat: add mechanism to delete token from logging out endpoint * fix: set state after login sequence success * fix: not removing token when logging out from OAuth * fix: prettier * refactor: using accessTokenId to delete * chore: pr comments * fix: test * fix: test threshold 2023-02-05 23:31:16 -06:00			`): Promise<LogoutResponseDto> {`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`const authType: AuthType = req.cookies[IMMICH_AUTH_TYPE_COOKIE];`

			`res.clearCookie(IMMICH_ACCESS_COOKIE);`
			`res.clearCookie(IMMICH_AUTH_TYPE_COOKIE);`

chore(server): cleanup controllers (#2065) 2023-03-24 00:53:56 -04:00			`return this.service.logout(authUser, authType);`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`}`
			`}`