refactor: authentication on public routes (#6765)

* refactor: authentication on public routes * fix: remove public user * pr feedback * pr feedback * pr feedback * pr feedback * remove unused method * fix: tests * fix: useless methods * fix: tests * pr feedback * pr feedback * chore: cleanup --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
2025-06-29 05:21:38 +02:00 · 2024-02-13 02:47:26 +01:00
parent 45ea0bb689
commit f1e4fdf175
16 changed files with 92 additions and 75 deletions
--- a/web/src/lib/utils/auth.ts
+++ b/web/src/lib/utils/auth.ts
@ -1,53 +1,65 @@
 import { api } from '@api';
 import { redirect } from '@sveltejs/kit';
 import { AppRoute } from '../constants';
-import { getSavedUser, setUser } from '$lib/stores/user.store';
+import { get } from 'svelte/store';
 import { serverInfo } from '$lib/stores/server-info.store';
+import { browser } from '$app/environment';
+import { user } from '$lib/stores/user.store';

 export interface AuthOptions {
  admin?: true;
+  public?: true;
 }

-export const getAuthUser = async () => {
+export const loadUser = async () => {
  try {
-    const { data: user } = await api.userApi.getMyUserInfo();
-    return user;
+    let loaded = get(user);
+    if (!loaded && hasAuthCookie()) {
+      const { data } = await api.userApi.getMyUserInfo();
+      loaded = data;
+      user.set(loaded);
+    }
+    return loaded;
  } catch {
    return null;
  }
 };

-export const authenticate = async (options?: AuthOptions) => {
-  options = options || {};
+const hasAuthCookie = (): boolean => {
+  if (!browser) {
+    return false;
+  }

-  const savedUser = getSavedUser();
-  const user = savedUser || (await getAuthUser());
+  for (const cookie of document.cookie.split('; ')) {
+    const [name] = cookie.split('=');
+    if (name === 'immich_is_authenticated') {
+      return true;
+    }
+  }
+
+  return false;
+};
+
+export const authenticate = async (options?: AuthOptions) => {
+  const { public: publicRoute, admin: adminRoute } = options || {};
+  const user = await loadUser();
+
+  if (publicRoute) {
+    return;
+  }

  if (!user) {
    redirect(302, AppRoute.AUTH_LOGIN);
  }

-  if (options.admin && !user.isAdmin) {
+  if (adminRoute && !user.isAdmin) {
    redirect(302, AppRoute.PHOTOS);
  }
-
-  if (!savedUser) {
-    setUser(user);
-  }
 };

 export const requestServerInfo = async () => {
-  if (getSavedUser()) {
+  if (get(user)) {
    const { data } = await api.serverInfoApi.getServerInfo();
    serverInfo.set(data);
  }
 };
-
-export const isLoggedIn = async () => {
-  const savedUser = getSavedUser();
-  const user = savedUser || (await getAuthUser());
-  if (!savedUser) {
-    setUser(user);
-  }
-  return user;
-};