Basic login for admin #16

Signed-off-by: Michael Mayer <michael@liquidbytes.net>
2025-12-12 00:34:13 +01:00 · 2019-11-08 06:53:40 +01:00
parent 49c7fafa87
commit 56c97ec057
27 changed files with 255 additions and 139 deletions
--- a/internal/api/session.go
+++ b/internal/api/session.go
@@ -0,0 +1,57 @@
+package api
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	"github.com/patrickmn/go-cache"
+	"github.com/photoprism/photoprism/internal/config"
+	"github.com/photoprism/photoprism/internal/util"
+)
+
+type CreateSessionParams struct {
+	Email string `json:"email"`
+	Password string `json:"password"`
+}
+
+// POST /api/v1/session
+func CreateSession(router *gin.RouterGroup, conf *config.Config) {
+	router.POST("/session", func(c *gin.Context) {
+		var params CreateSessionParams
+
+		if err := c.BindJSON(&params); err != nil {
+			c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": util.UcFirst(err.Error())})
+			return
+		}
+
+		if params.Password != conf.AdminPassword() {
+			c.AbortWithStatusJSON(400, gin.H{"error": "Invalid password"})
+			return
+		}
+
+		token, _ := util.RandomToken(16)
+
+		c.Header("X-Session-Token", token)
+
+		gc := conf.Cache()
+
+		gc.Set(token, 1, cache.DefaultExpiration);
+
+		s := gin.H{"token": token, "user": gin.H{"ID": 1, "FirstName": "Admin", "LastName": "", "Role": "admin", "Email": "photoprism@localhost"}}
+
+		c.JSON(http.StatusOK, s)
+	})
+}
+
+// DELETE /api/v1/session/
+func DeleteSession(router *gin.RouterGroup, conf *config.Config) {
+	router.DELETE("/session/:token", func(c *gin.Context) {
+		token := c.Param("token")
+
+		gc := conf.Cache()
+
+		gc.Delete(token)
+
+		c.JSON(http.StatusOK, gin.H{"status": "ok", "token": token})
+	})
+}