feat(server,web,mobile): Add optional password option for share links. (#4655)

* feat(server,web,mobile): Add optional password option for share links. Signed-off-by: jarvis2f <137974272+jarvis2f@users.noreply.github.com> * feat(server,web): Update shared-link.controller and page.svelte for improved cookie handling and metadata updates. Signed-off-by: jarvis2f <137974272+jarvis2f@users.noreply.github.com> --------- Signed-off-by: jarvis2f <137974272+jarvis2f@users.noreply.github.com>
2025-10-29 17:40:28 +00:00 · 2023-10-29 09:35:38 +08:00
parent b34cbd881a
commit 8a6889529c
33 changed files with 556 additions and 41 deletions
--- a/server/test/e2e/shared-link.e2e-spec.ts
+++ b/server/test/e2e/shared-link.e2e-spec.ts
@@ -111,6 +111,34 @@ describe(`${PartnerController.name} (e2e)`, () => {
      expect(status).toBe(401);
      expect(body).toEqual(errorStub.invalidShareKey);
    });
+
+    it('should return unauthorized for password protected link', async () => {
+      const passwordProtectedLink = await api.sharedLinkApi.create(server, user1.accessToken, {
+        type: SharedLinkType.ALBUM,
+        albumId: album.id,
+        password: 'foo',
+      });
+
+      const { status, body } = await request(server).get('/shared-link/me').query({ key: passwordProtectedLink.key });
+
+      expect(status).toBe(401);
+      expect(body).toEqual(errorStub.invalidSharePassword);
+    });
+
+    it('should get data for correct password protected link', async () => {
+      const passwordProtectedLink = await api.sharedLinkApi.create(server, user1.accessToken, {
+        type: SharedLinkType.ALBUM,
+        albumId: album.id,
+        password: 'foo',
+      });
+
+      const { status, body } = await request(server)
+        .get('/shared-link/me')
+        .query({ key: passwordProtectedLink.key, password: 'foo' });
+
+      expect(status).toBe(200);
+      expect(body).toEqual(expect.objectContaining({ album, userId: user1.userId, type: SharedLinkType.ALBUM }));
+    });
  });

  describe('GET /shared-link/:id', () => {
--- a/server/test/fixtures/error.stub.ts
+++ b/server/test/fixtures/error.stub.ts
@@ -24,6 +24,11 @@ export const errorStub = {
    statusCode: 401,
    message: 'Invalid share key',
  },
+  invalidSharePassword: {
+    error: 'Unauthorized',
+    statusCode: 401,
+    message: 'Invalid password',
+  },
  badRequest: (message: any = null) => ({
    error: 'Bad Request',
    statusCode: 400,
--- a/server/test/fixtures/shared-link.stub.ts
+++ b/server/test/fixtures/shared-link.stub.ts
@@ -132,6 +132,7 @@ export const sharedLinkStub = {
    album: undefined,
    albumId: null,
    description: null,
+    password: null,
    assets: [],
  } as SharedLinkEntity),
  expired: Object.freeze({
@@ -146,6 +147,7 @@ export const sharedLinkStub = {
    allowDownload: true,
    showExif: true,
    description: null,
+    password: null,
    albumId: null,
    assets: [],
  } as SharedLinkEntity),
@@ -161,6 +163,7 @@ export const sharedLinkStub = {
    allowDownload: false,
    showExif: false,
    description: null,
+    password: null,
    assets: [],
    albumId: 'album-123',
    album: {
@@ -254,6 +257,22 @@ export const sharedLinkStub = {
      ],
    },
  }),
+  passwordRequired: Object.freeze<SharedLinkEntity>({
+    id: '123',
+    userId: authStub.admin.id,
+    user: userStub.admin,
+    key: sharedLinkBytes,
+    type: SharedLinkType.ALBUM,
+    createdAt: today,
+    expiresAt: tomorrow,
+    allowUpload: true,
+    allowDownload: true,
+    showExif: true,
+    description: null,
+    password: 'password',
+    assets: [],
+    albumId: null,
+  }),
 };

 export const sharedLinkResponseStub = {
@@ -263,6 +282,7 @@ export const sharedLinkResponseStub = {
    assets: [],
    createdAt: today,
    description: null,
+    password: null,
    expiresAt: tomorrow,
    id: '123',
    key: sharedLinkBytes.toString('base64url'),
@@ -277,6 +297,7 @@ export const sharedLinkResponseStub = {
    assets: [],
    createdAt: today,
    description: null,
+    password: null,
    expiresAt: yesterday,
    id: '123',
    key: sharedLinkBytes.toString('base64url'),
@@ -292,6 +313,7 @@ export const sharedLinkResponseStub = {
    createdAt: today,
    expiresAt: tomorrow,
    description: null,
+    password: null,
    allowUpload: false,
    allowDownload: false,
    showMetadata: true,
@@ -306,6 +328,7 @@ export const sharedLinkResponseStub = {
    createdAt: today,
    expiresAt: tomorrow,
    description: null,
+    password: null,
    allowUpload: false,
    allowDownload: false,
    showMetadata: false,