photoview/api/graphql/resolvers/share_token.go

package resolvers

import (
	"context"
	"time"

	"github.com/pkg/errors"
	"gorm.io/gorm"
	"gorm.io/gorm/clause"

	api "github.com/photoview/photoview/api/graphql"
	"github.com/photoview/photoview/api/graphql/auth"
	"github.com/photoview/photoview/api/graphql/models"
	"github.com/photoview/photoview/api/graphql/models/actions"
	"golang.org/x/crypto/bcrypt"
)

type shareTokenResolver struct {
	*Resolver
}

func (r *Resolver) ShareToken() api.ShareTokenResolver {
	return &shareTokenResolver{r}
}

func (r *shareTokenResolver) Owner(ctx context.Context, obj *models.ShareToken) (*models.User, error) {
	return &obj.Owner, nil
}

func (r *shareTokenResolver) Album(ctx context.Context, obj *models.ShareToken) (*models.Album, error) {
	return obj.Album, nil
}

func (r *shareTokenResolver) Media(ctx context.Context, obj *models.ShareToken) (*models.Media, error) {
	return obj.Media, nil
}

func (r *shareTokenResolver) HasPassword(ctx context.Context, obj *models.ShareToken) (bool, error) {
	hasPassword := obj.Password != nil
	return hasPassword, nil
}

func (r *queryResolver) ShareToken(ctx context.Context, credentials models.ShareTokenCredentials) (*models.ShareToken, error) {

	var token models.ShareToken
	if err := r.DB(ctx).Preload(clause.Associations).Where("value = ?", credentials.Token).First(&token).Error; err != nil {
		if errors.Is(err, gorm.ErrRecordNotFound) {
			return nil, errors.New("share not found")
		} else {
			return nil, errors.Wrap(err, "failed to get share token from database")
		}
	}

	if token.Password != nil {
		if err := bcrypt.CompareHashAndPassword([]byte(*token.Password), []byte(*credentials.Password)); err != nil {
			if err == bcrypt.ErrMismatchedHashAndPassword {
				return nil, errors.New("unauthorized")
			} else {
				return nil, errors.Wrap(err, "failed to compare token password hashes")
			}
		}
	}

	return &token, nil
}

func (r *queryResolver) ShareTokenValidatePassword(ctx context.Context, credentials models.ShareTokenCredentials) (bool, error) {
	var token models.ShareToken
	if err := r.DB(ctx).Where("value = ?", credentials.Token).First(&token).Error; err != nil {
		if errors.Is(err, gorm.ErrRecordNotFound) {
			return false, errors.New("share not found")
		} else {
			return false, errors.Wrap(err, "failed to get share token from database")
		}
	}

	if token.Password == nil {
		return true, nil
	}

	if credentials.Password == nil {
		return false, nil
	}

	if err := bcrypt.CompareHashAndPassword([]byte(*token.Password), []byte(*credentials.Password)); err != nil {
		if err == bcrypt.ErrMismatchedHashAndPassword {
			return false, nil
		} else {
			return false, errors.Wrap(err, "could not compare token password hashes")
		}
	}

	return true, nil
}

func (r *mutationResolver) ShareAlbum(ctx context.Context, albumID int, expire *time.Time, password *string) (*models.ShareToken, error) {
	user := auth.UserFromContext(ctx)
	if user == nil {
		return nil, auth.ErrUnauthorized
	}

	return actions.AddAlbumShare(r.DB(ctx), user, albumID, expire, password)
}

func (r *mutationResolver) ShareMedia(ctx context.Context, mediaID int, expire *time.Time, password *string) (*models.ShareToken, error) {
	user := auth.UserFromContext(ctx)
	if user == nil {
		return nil, auth.ErrUnauthorized
	}

	return actions.AddMediaShare(r.DB(ctx), user, mediaID, expire, password)
}

func (r *mutationResolver) DeleteShareToken(ctx context.Context, tokenValue string) (*models.ShareToken, error) {
	user := auth.UserFromContext(ctx)
	if user == nil {
		return nil, auth.ErrUnauthorized
	}

	return actions.DeleteShareToken(r.DB(ctx), user.ID, tokenValue)
}

func (r *mutationResolver) ProtectShareToken(ctx context.Context, tokenValue string, password *string) (*models.ShareToken, error) {
	user := auth.UserFromContext(ctx)
	if user == nil {
		return nil, auth.ErrUnauthorized
	}

	return actions.ProtectShareToken(r.DB(ctx), user.ID, tokenValue, password)
}
Work on share tokens 2020-02-09 21:25:33 +01:00			`package resolvers`

			`import (`
			`"context"`
			`"time"`

Add set password from share dropdown in sidebar 2020-06-14 15:07:07 +02:00			`"github.com/pkg/errors"`
Start on migrating database integration to gorm 2020-11-23 19:39:44 +01:00			`"gorm.io/gorm"`
Migrate album and media sharing 2020-12-17 22:29:24 +01:00			`"gorm.io/gorm/clause"`
Add set password from share dropdown in sidebar 2020-06-14 15:07:07 +02:00
Update gomod to reflect repo transfer 2020-12-17 22:51:43 +01:00			`api "github.com/photoview/photoview/api/graphql"`
			`"github.com/photoview/photoview/api/graphql/auth"`
			`"github.com/photoview/photoview/api/graphql/models"`
Add test for routes authenticateMedia 2021-04-26 22:35:10 +02:00			`"github.com/photoview/photoview/api/graphql/models/actions"`
Work on share tokens 2020-02-09 21:25:33 +01:00			`"golang.org/x/crypto/bcrypt"`
			`)`

			`type shareTokenResolver struct {`
			`*Resolver`
			`}`

			`func (r *Resolver) ShareToken() api.ShareTokenResolver {`
			`return &shareTokenResolver{r}`
			`}`

Migrate album and media sharing 2020-12-17 22:29:24 +01:00			`func (r shareTokenResolver) Owner(ctx context.Context, obj models.ShareToken) (*models.User, error) {`
			`return &obj.Owner, nil`
			`}`
Replace database, mostly share token 2020-11-27 16:02:10 +01:00
Migrate album and media sharing 2020-12-17 22:29:24 +01:00			`func (r shareTokenResolver) Album(ctx context.Context, obj models.ShareToken) (*models.Album, error) {`
			`return obj.Album, nil`
			`}`
Replace database, mostly share token 2020-11-27 16:02:10 +01:00
Migrate album and media sharing 2020-12-17 22:29:24 +01:00			`func (r shareTokenResolver) Media(ctx context.Context, obj models.ShareToken) (*models.Media, error) {`
			`return obj.Media, nil`
			`}`
Work on share tokens 2020-02-09 21:25:33 +01:00
Add set password from share dropdown in sidebar 2020-06-14 15:07:07 +02:00			`func (r shareTokenResolver) HasPassword(ctx context.Context, obj models.ShareToken) (bool, error) {`
			`hasPassword := obj.Password != nil`
			`return hasPassword, nil`
			`}`

Load shared albums recursively This solves #143 and #229 2021-03-03 15:55:55 +01:00			`func (r queryResolver) ShareToken(ctx context.Context, credentials models.ShareTokenCredentials) (models.ShareToken, error) {`
Work on share tokens 2020-02-09 21:25:33 +01:00
Replace database, mostly share token 2020-11-27 16:02:10 +01:00			`var token models.ShareToken`
Refactoring of API - Add request context to all database calls - Update deprecated gqlgen functions - Update go.mod dependencies 2021-11-11 18:57:02 +01:00			`if err := r.DB(ctx).Preload(clause.Associations).Where("value = ?", credentials.Token).First(&token).Error; err != nil {`
Replace database, mostly share token 2020-11-27 16:02:10 +01:00			`if errors.Is(err, gorm.ErrRecordNotFound) {`
Further work on shares 2020-02-11 15:36:12 +01:00			`return nil, errors.New("share not found")`
Work on shares 2020-02-11 14:32:35 +01:00			`} else {`
Fix share pages 2020-07-10 18:35:37 +02:00			`return nil, errors.Wrap(err, "failed to get share token from database")`
Work on shares 2020-02-11 14:32:35 +01:00			`}`
			`}`

Add login page for protected shares 2020-06-14 20:56:48 +02:00			`if token.Password != nil {`
Load shared albums recursively This solves #143 and #229 2021-03-03 15:55:55 +01:00			`if err := bcrypt.CompareHashAndPassword([]byte(token.Password), []byte(credentials.Password)); err != nil {`
Add login page for protected shares 2020-06-14 20:56:48 +02:00			`if err == bcrypt.ErrMismatchedHashAndPassword {`
			`return nil, errors.New("unauthorized")`
			`} else {`
Fix share pages 2020-07-10 18:35:37 +02:00			`return nil, errors.Wrap(err, "failed to compare token password hashes")`
Add login page for protected shares 2020-06-14 20:56:48 +02:00			`}`
			`}`
Prepare back-end for token password 2020-06-14 17:58:50 +02:00			`}`

Replace database, mostly share token 2020-11-27 16:02:10 +01:00			`return &token, nil`
Work on share tokens 2020-02-09 21:25:33 +01:00			`}`

Load shared albums recursively This solves #143 and #229 2021-03-03 15:55:55 +01:00			`func (r *queryResolver) ShareTokenValidatePassword(ctx context.Context, credentials models.ShareTokenCredentials) (bool, error) {`
Replace database, mostly share token 2020-11-27 16:02:10 +01:00			`var token models.ShareToken`
Refactoring of API - Add request context to all database calls - Update deprecated gqlgen functions - Update go.mod dependencies 2021-11-11 18:57:02 +01:00			`if err := r.DB(ctx).Where("value = ?", credentials.Token).First(&token).Error; err != nil {`
Replace database, mostly share token 2020-11-27 16:02:10 +01:00			`if errors.Is(err, gorm.ErrRecordNotFound) {`
Detect if share token is password protected 2020-06-14 18:28:12 +02:00			`return false, errors.New("share not found")`
			`} else {`
Fix share pages 2020-07-10 18:35:37 +02:00			`return false, errors.Wrap(err, "failed to get share token from database")`
Detect if share token is password protected 2020-06-14 18:28:12 +02:00			`}`
			`}`

Add login page for protected shares 2020-06-14 20:56:48 +02:00			`if token.Password == nil {`
			`return true, nil`
			`}`

Load shared albums recursively This solves #143 and #229 2021-03-03 15:55:55 +01:00			`if credentials.Password == nil {`
Add login page for protected shares 2020-06-14 20:56:48 +02:00			`return false, nil`
			`}`

Load shared albums recursively This solves #143 and #229 2021-03-03 15:55:55 +01:00			`if err := bcrypt.CompareHashAndPassword([]byte(token.Password), []byte(credentials.Password)); err != nil {`
Add login page for protected shares 2020-06-14 20:56:48 +02:00			`if err == bcrypt.ErrMismatchedHashAndPassword {`
			`return false, nil`
			`} else {`
Fix share pages 2020-07-10 18:35:37 +02:00			`return false, errors.Wrap(err, "could not compare token password hashes")`
Add login page for protected shares 2020-06-14 20:56:48 +02:00			`}`
			`}`

			`return true, nil`
Detect if share token is password protected 2020-06-14 18:28:12 +02:00			`}`

Replace database, resolve all build-time errors 2020-11-28 21:29:31 +01:00			`func (r mutationResolver) ShareAlbum(ctx context.Context, albumID int, expire time.Time, password string) (models.ShareToken, error) {`
Work on share tokens 2020-02-09 21:25:33 +01:00			`user := auth.UserFromContext(ctx)`
			`if user == nil {`
			`return nil, auth.ErrUnauthorized`
			`}`

Refactoring of API - Add request context to all database calls - Update deprecated gqlgen functions - Update go.mod dependencies 2021-11-11 18:57:02 +01:00			`return actions.AddAlbumShare(r.DB(ctx), user, albumID, expire, password)`
Work on share tokens 2020-02-09 21:25:33 +01:00			`}`

Replace database, resolve all build-time errors 2020-11-28 21:29:31 +01:00			`func (r mutationResolver) ShareMedia(ctx context.Context, mediaID int, expire time.Time, password string) (models.ShareToken, error) {`
Further work on shares 2020-02-11 15:36:12 +01:00			`user := auth.UserFromContext(ctx)`
			`if user == nil {`
			`return nil, auth.ErrUnauthorized`
			`}`

Refactoring of API - Add request context to all database calls - Update deprecated gqlgen functions - Update go.mod dependencies 2021-11-11 18:57:02 +01:00			`return actions.AddMediaShare(r.DB(ctx), user, mediaID, expire, password)`
Further work on shares 2020-02-11 15:36:12 +01:00			`}`

			`func (r mutationResolver) DeleteShareToken(ctx context.Context, tokenValue string) (models.ShareToken, error) {`
			`user := auth.UserFromContext(ctx)`
			`if user == nil {`
			`return nil, auth.ErrUnauthorized`
			`}`

Refactoring of API - Add request context to all database calls - Update deprecated gqlgen functions - Update go.mod dependencies 2021-11-11 18:57:02 +01:00			`return actions.DeleteShareToken(r.DB(ctx), user.ID, tokenValue)`
Add set password from share dropdown in sidebar 2020-06-14 15:07:07 +02:00			`}`

			`func (r mutationResolver) ProtectShareToken(ctx context.Context, tokenValue string, password string) (*models.ShareToken, error) {`
			`user := auth.UserFromContext(ctx)`
			`if user == nil {`
			`return nil, auth.ErrUnauthorized`
			`}`

Refactoring of API - Add request context to all database calls - Update deprecated gqlgen functions - Update go.mod dependencies 2021-11-11 18:57:02 +01:00			`return actions.ProtectShareToken(r.DB(ctx), user.ID, tokenValue, password)`
Work on share tokens 2020-02-09 21:25:33 +01:00			`}`