feat(server): move authentication to tokens stored in the database (#1381)

* chore: add typeorm commands to npm and set default database config values * feat: move to server side authentication tokens * fix: websocket should emit error and disconnect on error thrown by the server * refactor: rename cookie-auth-strategy to user-auth-strategy * feat: user tokens and API keys now use SHA256 hash for performance improvements * test: album e2e test remove unneeded module import * infra: truncate api key table as old keys will no longer work with new hash algorithm * fix(server): e2e tests (#1435) * fix: root module paths * chore: linting * chore: rename user-auth to strategy.ts and make validate return AuthUserDto * fix: we should always send HttpOnly for our auth cookies * chore: remove now unused crypto functions and jwt dependencies * fix: return the extra fields for AuthUserDto in auth service validate --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
2025-12-19 09:13:14 +03:00 · 2023-01-27 20:50:07 +00:00
parent 9be71f603e
commit 3f2513a717
61 changed files with 373 additions and 517 deletions
--- a/server/libs/infra/src/infra.module.ts
+++ b/server/libs/infra/src/infra.module.ts
@@ -7,17 +7,17 @@ import {
  IUserRepository,
  QueueName,
 } from '@app/domain';
-import { databaseConfig, UserEntity } from './db';
+import { databaseConfig, UserEntity, UserTokenEntity } from './db';
 import { BullModule } from '@nestjs/bull';
 import { Global, Module, Provider } from '@nestjs/common';
-import { JwtModule } from '@nestjs/jwt';
 import { TypeOrmModule } from '@nestjs/typeorm';
 import { APIKeyEntity, SharedLinkEntity, SystemConfigEntity, UserRepository } from './db';
 import { APIKeyRepository, SharedLinkRepository } from './db/repository';
-import { jwtConfig } from '@app/domain';
 import { CryptoRepository } from './auth/crypto.repository';
 import { SystemConfigRepository } from './db/repository/system-config.repository';
 import { JobRepository } from './job';
+import { IUserTokenRepository } from '@app/domain/user-token';
+import { UserTokenRepository } from '@app/infra/db/repository/user-token.repository';

 const providers: Provider[] = [
  { provide: ICryptoRepository, useClass: CryptoRepository },
@@ -26,14 +26,14 @@ const providers: Provider[] = [
  { provide: ISharedLinkRepository, useClass: SharedLinkRepository },
  { provide: ISystemConfigRepository, useClass: SystemConfigRepository },
  { provide: IUserRepository, useClass: UserRepository },
+  { provide: IUserTokenRepository, useClass: UserTokenRepository },
 ];

@Global()
@Module({
  imports: [
-    JwtModule.register(jwtConfig),
    TypeOrmModule.forRoot(databaseConfig),
-    TypeOrmModule.forFeature([APIKeyEntity, UserEntity, SharedLinkEntity, SystemConfigEntity]),
+    TypeOrmModule.forFeature([APIKeyEntity, UserEntity, SharedLinkEntity, SystemConfigEntity, UserTokenEntity]),
    BullModule.forRootAsync({
      useFactory: async () => ({
        prefix: 'immich_bull',
@@ -64,6 +64,6 @@ const providers: Provider[] = [
    ),
  ],
  providers: [...providers],
-  exports: [...providers, BullModule, JwtModule],
+  exports: [...providers, BullModule],
 })
 export class InfraModule {}