immich/web/src/lib/utils/auth.ts

import { browser } from '$app/environment';
import { licenseStore } from '$lib/stores/license.store';
import { serverInfo } from '$lib/stores/server-info.store';
import { preferences as preferences$, user as user$ } from '$lib/stores/user.store';
import { getAboutInfo, getMyPreferences, getMyUser, getStorage } from '@immich/sdk';
import { redirect } from '@sveltejs/kit';
import { DateTime } from 'luxon';
import { get } from 'svelte/store';
import { AppRoute } from '../constants';

export interface AuthOptions {
  admin?: true;
  public?: true;
}

export const loadUser = async () => {
  try {
    let user = get(user$);
    let preferences = get(preferences$);
    let serverInfo;

    if ((!user || !preferences) && hasAuthCookie()) {
      [user, preferences, serverInfo] = await Promise.all([getMyUser(), getMyPreferences(), getAboutInfo()]);
      user$.set(user);
      preferences$.set(preferences);

      // Check for license status
      if (serverInfo.licensed || user.license?.activatedAt) {
        licenseStore.setLicenseStatus(true);
      }
    }
    return user;
  } catch {
    return null;
  }
};

const hasAuthCookie = (): boolean => {
  if (!browser) {
    return false;
  }

  for (const cookie of document.cookie.split('; ')) {
    const [name] = cookie.split('=');
    if (name === 'immich_is_authenticated') {
      return true;
    }
  }

  return false;
};

export const authenticate = async (options?: AuthOptions) => {
  const { public: publicRoute, admin: adminRoute } = options || {};
  const user = await loadUser();

  if (publicRoute) {
    return;
  }

  if (!user) {
    redirect(302, AppRoute.AUTH_LOGIN);
  }

  if (adminRoute && !user.isAdmin) {
    redirect(302, AppRoute.PHOTOS);
  }
};

export const requestServerInfo = async () => {
  if (get(user$)) {
    const data = await getStorage();
    serverInfo.set(data);
  }
};

export const getAccountAge = (): number => {
  const user = get(user$);

  if (!user) {
    return 0;
  }

  const createdDate = DateTime.fromISO(user.createdAt);
  const now = DateTime.now();
  const accountAge = now.diff(createdDate, 'days').days.toFixed(0);

  return Number(accountAge);
};
refactor: authentication on public routes (#6765) * refactor: authentication on public routes * fix: remove public user * pr feedback * pr feedback * pr feedback * pr feedback * remove unused method * fix: tests * fix: useless methods * fix: tests * pr feedback * pr feedback * chore: cleanup --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2024-02-13 02:47:26 +01:00			`import { browser } from '$app/environment';`
feat(web): license UI (#11182) 2024-07-18 10:56:27 -05:00			`import { licenseStore } from '$lib/stores/license.store';`
refactor(web): use new open api client (#7097) * refactor(web): use new open api client * refactor: remove activity api * refactor: trash, oauth, and partner apis * refactor: job api * refactor: face, library, system config * refactor: user api * refactor: album api 2024-02-13 17:07:37 -05:00			`import { serverInfo } from '$lib/stores/server-info.store';`
feat(server): user preferences (#9736) * refactor(server): user endpoints * feat(server): user preferences * mobile: user preference * wording --------- Co-authored-by: Alex <alex.tran1502@gmail.com> 2024-05-27 22:16:53 -04:00			`import { preferences as preferences$, user as user$ } from '$lib/stores/user.store';`
feat(web): license UI (#11182) 2024-07-18 10:56:27 -05:00			`import { getAboutInfo, getMyPreferences, getMyUser, getStorage } from '@immich/sdk';`
refactor(web): use new open api client (#7097) * refactor(web): use new open api client * refactor: remove activity api * refactor: trash, oauth, and partner apis * refactor: job api * refactor: face, library, system config * refactor: user api * refactor: album api 2024-02-13 17:07:37 -05:00			`import { redirect } from '@sveltejs/kit';`
feat(web): license UI (#11182) 2024-07-18 10:56:27 -05:00			`import { DateTime } from 'luxon';`
refactor(web): use new open api client (#7097) * refactor(web): use new open api client * refactor: remove activity api * refactor: trash, oauth, and partner apis * refactor: job api * refactor: face, library, system config * refactor: user api * refactor: album api 2024-02-13 17:07:37 -05:00			`import { get } from 'svelte/store';`
			`import { AppRoute } from '../constants';`
feat(web)!: SPA (#5069) * feat(web): SPA * chore: remove unnecessary prune * feat(web): merge with immich-server * Correct method name * fix: bugs, docs, workflows, etc. * chore: keep dockerignore for dev * chore: remove license * fix: expose 2283 --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-17 23:13:36 -05:00
			`export interface AuthOptions {`
			`admin?: true;`
refactor: authentication on public routes (#6765) * refactor: authentication on public routes * fix: remove public user * pr feedback * pr feedback * pr feedback * pr feedback * remove unused method * fix: tests * fix: useless methods * fix: tests * pr feedback * pr feedback * chore: cleanup --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2024-02-13 02:47:26 +01:00			`public?: true;`
feat(web)!: SPA (#5069) * feat(web): SPA * chore: remove unnecessary prune * feat(web): merge with immich-server * Correct method name * fix: bugs, docs, workflows, etc. * chore: keep dockerignore for dev * chore: remove license * fix: expose 2283 --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-17 23:13:36 -05:00			`}`

refactor: authentication on public routes (#6765) * refactor: authentication on public routes * fix: remove public user * pr feedback * pr feedback * pr feedback * pr feedback * remove unused method * fix: tests * fix: useless methods * fix: tests * pr feedback * pr feedback * chore: cleanup --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2024-02-13 02:47:26 +01:00			`export const loadUser = async () => {`
feat(web)!: SPA (#5069) * feat(web): SPA * chore: remove unnecessary prune * feat(web): merge with immich-server * Correct method name * fix: bugs, docs, workflows, etc. * chore: keep dockerignore for dev * chore: remove license * fix: expose 2283 --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-17 23:13:36 -05:00			`try {`
feat(server): user preferences (#9736) * refactor(server): user endpoints * feat(server): user preferences * mobile: user preference * wording --------- Co-authored-by: Alex <alex.tran1502@gmail.com> 2024-05-27 22:16:53 -04:00			`let user = get(user$);`
			`let preferences = get(preferences$);`
feat(web): license UI (#11182) 2024-07-18 10:56:27 -05:00			`let serverInfo;`

feat(server): user preferences (#9736) * refactor(server): user endpoints * feat(server): user preferences * mobile: user preference * wording --------- Co-authored-by: Alex <alex.tran1502@gmail.com> 2024-05-27 22:16:53 -04:00			`if ((!user \|\| !preferences) && hasAuthCookie()) {`
feat(web): license UI (#11182) 2024-07-18 10:56:27 -05:00			`[user, preferences, serverInfo] = await Promise.all([getMyUser(), getMyPreferences(), getAboutInfo()]);`
feat(server): user preferences (#9736) * refactor(server): user endpoints * feat(server): user preferences * mobile: user preference * wording --------- Co-authored-by: Alex <alex.tran1502@gmail.com> 2024-05-27 22:16:53 -04:00			`user$.set(user);`
			`preferences$.set(preferences);`
feat(web): license UI (#11182) 2024-07-18 10:56:27 -05:00
			`// Check for license status`
			`if (serverInfo.licensed \|\| user.license?.activatedAt) {`
			`licenseStore.setLicenseStatus(true);`
			`}`
refactor: authentication on public routes (#6765) * refactor: authentication on public routes * fix: remove public user * pr feedback * pr feedback * pr feedback * pr feedback * remove unused method * fix: tests * fix: useless methods * fix: tests * pr feedback * pr feedback * chore: cleanup --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2024-02-13 02:47:26 +01:00			`}`
feat(server): user preferences (#9736) * refactor(server): user endpoints * feat(server): user preferences * mobile: user preference * wording --------- Co-authored-by: Alex <alex.tran1502@gmail.com> 2024-05-27 22:16:53 -04:00			`return user;`
feat(web)!: SPA (#5069) * feat(web): SPA * chore: remove unnecessary prune * feat(web): merge with immich-server * Correct method name * fix: bugs, docs, workflows, etc. * chore: keep dockerignore for dev * chore: remove license * fix: expose 2283 --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-17 23:13:36 -05:00			`} catch {`
			`return null;`
			`}`
			`};`

refactor: authentication on public routes (#6765) * refactor: authentication on public routes * fix: remove public user * pr feedback * pr feedback * pr feedback * pr feedback * remove unused method * fix: tests * fix: useless methods * fix: tests * pr feedback * pr feedback * chore: cleanup --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2024-02-13 02:47:26 +01:00			`const hasAuthCookie = (): boolean => {`
			`if (!browser) {`
			`return false;`
			`}`

			`for (const cookie of document.cookie.split('; ')) {`
			`const [name] = cookie.split('=');`
			`if (name === 'immich_is_authenticated') {`
			`return true;`
			`}`
			`}`

			`return false;`
			`};`

feat(web)!: SPA (#5069) * feat(web): SPA * chore: remove unnecessary prune * feat(web): merge with immich-server * Correct method name * fix: bugs, docs, workflows, etc. * chore: keep dockerignore for dev * chore: remove license * fix: expose 2283 --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-17 23:13:36 -05:00			`export const authenticate = async (options?: AuthOptions) => {`
refactor: authentication on public routes (#6765) * refactor: authentication on public routes * fix: remove public user * pr feedback * pr feedback * pr feedback * pr feedback * remove unused method * fix: tests * fix: useless methods * fix: tests * pr feedback * pr feedback * chore: cleanup --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2024-02-13 02:47:26 +01:00			`const { public: publicRoute, admin: adminRoute } = options \|\| {};`
			`const user = await loadUser();`
feat(web)!: SPA (#5069) * feat(web): SPA * chore: remove unnecessary prune * feat(web): merge with immich-server * Correct method name * fix: bugs, docs, workflows, etc. * chore: keep dockerignore for dev * chore: remove license * fix: expose 2283 --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-17 23:13:36 -05:00
refactor: authentication on public routes (#6765) * refactor: authentication on public routes * fix: remove public user * pr feedback * pr feedback * pr feedback * pr feedback * remove unused method * fix: tests * fix: useless methods * fix: tests * pr feedback * pr feedback * chore: cleanup --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2024-02-13 02:47:26 +01:00			`if (publicRoute) {`
			`return;`
			`}`
feat: use <a> tag for albums in list view (#5645) * fix: multiple improvements * pr feedback * optimize 2023-12-12 03:35:57 +01:00
feat(web)!: SPA (#5069) * feat(web): SPA * chore: remove unnecessary prune * feat(web): merge with immich-server * Correct method name * fix: bugs, docs, workflows, etc. * chore: keep dockerignore for dev * chore: remove license * fix: expose 2283 --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-17 23:13:36 -05:00			`if (!user) {`
chore: svelte-kit-2 (#6103) * chore: upgrade svelte * chore: type imports * chore: types 2024-01-20 13:47:41 -05:00			`redirect(302, AppRoute.AUTH_LOGIN);`
feat(web)!: SPA (#5069) * feat(web): SPA * chore: remove unnecessary prune * feat(web): merge with immich-server * Correct method name * fix: bugs, docs, workflows, etc. * chore: keep dockerignore for dev * chore: remove license * fix: expose 2283 --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-17 23:13:36 -05:00			`}`

refactor: authentication on public routes (#6765) * refactor: authentication on public routes * fix: remove public user * pr feedback * pr feedback * pr feedback * pr feedback * remove unused method * fix: tests * fix: useless methods * fix: tests * pr feedback * pr feedback * chore: cleanup --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2024-02-13 02:47:26 +01:00			`if (adminRoute && !user.isAdmin) {`
chore: svelte-kit-2 (#6103) * chore: upgrade svelte * chore: type imports * chore: types 2024-01-20 13:47:41 -05:00			`redirect(302, AppRoute.PHOTOS);`
feat(web)!: SPA (#5069) * feat(web): SPA * chore: remove unnecessary prune * feat(web): merge with immich-server * Correct method name * fix: bugs, docs, workflows, etc. * chore: keep dockerignore for dev * chore: remove license * fix: expose 2283 --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-17 23:13:36 -05:00			`}`
feat(web): automatically update user info (#5647) * use svelte store * fix: websocket error when not authenticated * more routes 2023-12-12 17:35:28 +01:00			`};`
feat: use <a> tag for albums in list view (#5645) * fix: multiple improvements * pr feedback * optimize 2023-12-12 03:35:57 +01:00
feat(web): add warning when setting a quota superior to the disk size (#6737) * refactor: inline warning * fix: do not use onmount * chore: remove outdated comment * wording --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2024-01-30 18:21:45 +01:00			`export const requestServerInfo = async () => {`
feat(server): user preferences (#9736) * refactor(server): user endpoints * feat(server): user preferences * mobile: user preference * wording --------- Co-authored-by: Alex <alex.tran1502@gmail.com> 2024-05-27 22:16:53 -04:00			`if (get(user$)) {`
refactor: deprecate /server-info and replace with /server-info/storage (#9645) 2024-05-22 10:25:55 +01:00			`const data = await getStorage();`
feat(web): add warning when setting a quota superior to the disk size (#6737) * refactor: inline warning * fix: do not use onmount * chore: remove outdated comment * wording --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2024-01-30 18:21:45 +01:00			`serverInfo.set(data);`
			`}`
			`};`
feat(web): license UI (#11182) 2024-07-18 10:56:27 -05:00
			`export const getAccountAge = (): number => {`
			`const user = get(user$);`

			`if (!user) {`
			`return 0;`
			`}`

			`const createdDate = DateTime.fromISO(user.createdAt);`
			`const now = DateTime.now();`
			`const accountAge = now.diff(createdDate, 'days').days.toFixed(0);`

			`return Number(accountAge);`
			`};`