server/src/immich/controllers/auth.controller.ts

import {
  AuthDeviceResponseDto,
  AuthDto,
  AuthService,
  ChangePasswordDto,
  IMMICH_ACCESS_COOKIE,
  IMMICH_AUTH_TYPE_COOKIE,
  LoginCredentialDto,
  LoginDetails,
  LoginResponseDto,
  LogoutResponseDto,
  SignUpDto,
  UserResponseDto,
  ValidateAccessTokenResponseDto,
  mapUser,
} from '@app/domain';
import { Body, Controller, Delete, Get, HttpCode, HttpStatus, Param, Post, Req, Res } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger';
import { Request, Response } from 'express';
import { Auth, Authenticated, GetLoginDetails, PublicRoute } from '../app.guard';
import { UseValidation } from '../app.utils';
import { UUIDParamDto } from './dto/uuid-param.dto';

@ApiTags('Authentication')
@Controller('auth')
@Authenticated()
@UseValidation()
export class AuthController {
  constructor(private service: AuthService) {}

  @PublicRoute()
  @Post('login')
  async login(
    @Body() loginCredential: LoginCredentialDto,
    @Res({ passthrough: true }) res: Response,
    @GetLoginDetails() loginDetails: LoginDetails,
  ): Promise<LoginResponseDto> {
    const { response, cookie } = await this.service.login(loginCredential, loginDetails);
    res.header('Set-Cookie', cookie);
    return response;
  }

  @PublicRoute()
  @Post('admin-sign-up')
  signUpAdmin(@Body() dto: SignUpDto): Promise<UserResponseDto> {
    return this.service.adminSignUp(dto);
  }

  @Get('devices')
  getAuthDevices(@Auth() auth: AuthDto): Promise<AuthDeviceResponseDto[]> {
    return this.service.getDevices(auth);
  }

  @Delete('devices')
  @HttpCode(HttpStatus.NO_CONTENT)
  logoutAuthDevices(@Auth() auth: AuthDto): Promise<void> {
    return this.service.logoutDevices(auth);
  }

  @Delete('devices/:id')
  @HttpCode(HttpStatus.NO_CONTENT)
  logoutAuthDevice(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<void> {
    return this.service.logoutDevice(auth, id);
  }

  @Post('validateToken')
  @HttpCode(HttpStatus.OK)
  validateAccessToken(): ValidateAccessTokenResponseDto {
    return { authStatus: true };
  }

  @Post('change-password')
  @HttpCode(HttpStatus.OK)
  changePassword(@Auth() auth: AuthDto, @Body() dto: ChangePasswordDto): Promise<UserResponseDto> {
    return this.service.changePassword(auth, dto).then(mapUser);
  }

  @Post('logout')
  @HttpCode(HttpStatus.OK)
  logout(
    @Req() req: Request,
    @Res({ passthrough: true }) res: Response,
    @Auth() auth: AuthDto,
  ): Promise<LogoutResponseDto> {
    res.clearCookie(IMMICH_ACCESS_COOKIE);
    res.clearCookie(IMMICH_AUTH_TYPE_COOKIE);

    return this.service.logout(auth, (req.cookies || {})[IMMICH_AUTH_TYPE_COOKIE]);
  }
}
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`import {`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`AuthDeviceResponseDto,`
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-09 23:34:12 -05:00			`AuthDto,`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`AuthService,`
			`ChangePasswordDto,`
			`IMMICH_ACCESS_COOKIE,`
			`IMMICH_AUTH_TYPE_COOKIE,`
			`LoginCredentialDto,`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`LoginDetails,`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`LoginResponseDto,`
			`LogoutResponseDto,`
			`SignUpDto,`
			`UserResponseDto,`
			`ValidateAccessTokenResponseDto,`
feat(web,server): user avatar color (#4779) 2023-11-14 04:10:35 +01:00			`mapUser,`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`} from '@app/domain';`
test(server): auth e2e (#3492) * test(server): auth controller e2e test * test(server): user e2e test * refactor(server): album e2e * fix: linting 2023-08-01 11:49:50 -04:00			`import { Body, Controller, Delete, Get, HttpCode, HttpStatus, Param, Post, Req, Res } from '@nestjs/common';`
refactor(server): auth dtos (#4881) * refactor: auth dtos * chore: open api 2023-11-09 10:14:15 -05:00			`import { ApiTags } from '@nestjs/swagger';`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`import { Request, Response } from 'express';`
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-09 23:34:12 -05:00			`import { Auth, Authenticated, GetLoginDetails, PublicRoute } from '../app.guard';`
refactor(server): guards, decorators, and utils (#3060) 2023-07-01 14:27:34 -04:00			`import { UseValidation } from '../app.utils';`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`import { UUIDParamDto } from './dto/uuid-param.dto';`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00
			`@ApiTags('Authentication')`
			`@Controller('auth')`
refactor(server): auth decorator (#2588) 2023-05-28 12:30:01 -04:00			`@Authenticated()`
feat(server): improve validation in controllers (#2149) * feat(server): improve validation in controllers * set ValidationPipe config with decorator 2023-04-03 06:24:18 +02:00			`@UseValidation()`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`export class AuthController {`
refactor(server): send job command (#2777) * refactor: send job command * chore: open api 2023-06-16 15:36:07 -04:00			`constructor(private service: AuthService) {}`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00
refactor(server): auth decorator (#2588) 2023-05-28 12:30:01 -04:00			`@PublicRoute()`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`@Post('login')`
			`async login(`
feat(server): apply ValidationPipe on controllers (#2137) 2023-03-31 17:14:01 +02:00			`@Body() loginCredential: LoginCredentialDto,`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`@Res({ passthrough: true }) res: Response,`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`@GetLoginDetails() loginDetails: LoginDetails,`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`): Promise<LoginResponseDto> {`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`const { response, cookie } = await this.service.login(loginCredential, loginDetails);`
chore(server): cleanup controllers (#2065) 2023-03-24 00:53:56 -04:00			`res.header('Set-Cookie', cookie);`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`return response;`
			`}`

refactor(server): auth decorator (#2588) 2023-05-28 12:30:01 -04:00			`@PublicRoute()`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`@Post('admin-sign-up')`
refactor(server): auth dtos (#4881) * refactor: auth dtos * chore: open api 2023-11-09 10:14:15 -05:00			`signUpAdmin(@Body() dto: SignUpDto): Promise<UserResponseDto> {`
			`return this.service.adminSignUp(dto);`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`}`

feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`@Get('devices')`
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-09 23:34:12 -05:00			`getAuthDevices(@Auth() auth: AuthDto): Promise<AuthDeviceResponseDto[]> {`
			`return this.service.getDevices(auth);`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`}`

feat(web,server): logout all devices (#2415) * feat: logout all devices * chore: regenerate openapi * chore: add test * chore: logout vs log out 2023-05-09 15:34:17 -04:00			`@Delete('devices')`
test(server): auth e2e (#3492) * test(server): auth controller e2e test * test(server): user e2e test * refactor(server): album e2e * fix: linting 2023-08-01 11:49:50 -04:00			`@HttpCode(HttpStatus.NO_CONTENT)`
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-09 23:34:12 -05:00			`logoutAuthDevices(@Auth() auth: AuthDto): Promise<void> {`
			`return this.service.logoutDevices(auth);`
feat(web,server): logout all devices (#2415) * feat: logout all devices * chore: regenerate openapi * chore: add test * chore: logout vs log out 2023-05-09 15:34:17 -04:00			`}`

feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`@Delete('devices/:id')`
test(server): auth e2e (#3492) * test(server): auth controller e2e test * test(server): user e2e test * refactor(server): album e2e * fix: linting 2023-08-01 11:49:50 -04:00			`@HttpCode(HttpStatus.NO_CONTENT)`
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-09 23:34:12 -05:00			`logoutAuthDevice(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<void> {`
			`return this.service.logoutDevice(auth, id);`
feat(web,server): manage authorized devices (#2329) * feat: manage authorized devices * chore: open api * get header from mobile app * write header from mobile app * styling * fix unit test * feat: use relative time * feat: update access time * fix: tests * chore: confirm wording * chore: bump test coverage thresholds * feat: add some icons * chore: icon tweaks --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-04-25 22:19:23 -04:00			`}`

refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`@Post('validateToken')`
test(server): auth e2e (#3492) * test(server): auth controller e2e test * test(server): user e2e test * refactor(server): album e2e * fix: linting 2023-08-01 11:49:50 -04:00			`@HttpCode(HttpStatus.OK)`
chore(server): cleanup controllers (#2065) 2023-03-24 00:53:56 -04:00			`validateAccessToken(): ValidateAccessTokenResponseDto {`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`return { authStatus: true };`
			`}`

			`@Post('change-password')`
test(server): auth e2e (#3492) * test(server): auth controller e2e test * test(server): user e2e test * refactor(server): album e2e * fix: linting 2023-08-01 11:49:50 -04:00			`@HttpCode(HttpStatus.OK)`
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-09 23:34:12 -05:00			`changePassword(@Auth() auth: AuthDto, @Body() dto: ChangePasswordDto): Promise<UserResponseDto> {`
			`return this.service.changePassword(auth, dto).then(mapUser);`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`}`

			`@Post('logout')`
test(server): auth e2e (#3492) * test(server): auth controller e2e test * test(server): user e2e test * refactor(server): album e2e * fix: linting 2023-08-01 11:49:50 -04:00			`@HttpCode(HttpStatus.OK)`
chore(server): cleanup controllers (#2065) 2023-03-24 00:53:56 -04:00			`logout(`
chore(server): remove token when logged out (#1560) * chore(mobile): invoke logout() on mobile app * feat: add mechanism to delete token from logging out endpoint * fix: set state after login sequence success * fix: not removing token when logging out from OAuth * fix: prettier * refactor: using accessTokenId to delete * chore: pr comments * fix: test * fix: test threshold 2023-02-05 23:31:16 -06:00			`@Req() req: Request,`
			`@Res({ passthrough: true }) res: Response,`
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-09 23:34:12 -05:00			`@Auth() auth: AuthDto,`
chore(server): remove token when logged out (#1560) * chore(mobile): invoke logout() on mobile app * feat: add mechanism to delete token from logging out endpoint * fix: set state after login sequence success * fix: not removing token when logging out from OAuth * fix: prettier * refactor: using accessTokenId to delete * chore: pr comments * fix: test * fix: test threshold 2023-02-05 23:31:16 -06:00			`): Promise<LogoutResponseDto> {`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`res.clearCookie(IMMICH_ACCESS_COOKIE);`
			`res.clearCookie(IMMICH_AUTH_TYPE_COOKIE);`

refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-09 23:34:12 -05:00			`return this.service.logout(auth, (req.cookies \|\| {})[IMMICH_AUTH_TYPE_COOKIE]);`
refactor(server): auth service (#1383) * refactor: auth * chore: tests * Remove await on non-async method * refactor: constants * chore: remove extra async Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-01-23 23:13:42 -05:00			`}`
			`}`