Comments (27)
That was a huge one! Almost done, only expiration check is missing 🥳
from photoprism.
Using JWT tokens actually makes it easier, because they are persistent across restarts without having to save them to a file/database, that's why I suggested that. You just the sign the id of the image you want to share with a secret and share that signed string. Then when receiving a request for a shared image you can check the provided token was indeed signed by you and not anyone else, state-less.
from photoprism.
Album title and description are now used for site metadata, e.g. when you share a link on social media. Shared albums will look like this:
from photoprism.
I'm testing this tomorrow. This is clearly going to be a big game changer when working perfectly. Good job guys!
from photoprism.
Received some test reports and it seems to work for everyone. Please create a new issue for bug reports!
from photoprism.
I would suggest that the link could be either
- a JWT token that expires
- a unique decryption key (might be better privacy wise)
from photoprism.
A random token is a random token, no?
from photoprism.
- a JWT token would remove the need to keep track of generated token and the need to remove them after.
- a decryption key is interesting in the case where encryption would be implemented (which would be nice)
from photoprism.
Need to think about it, but nothing I would do for a first release. Adds complexity.
from photoprism.
But we need to save the photos anyways? Also we don't want a super long URL
from photoprism.
URL would be a bit long like http://photoprism.org/s/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaWF0IjoxNTE2MjM5MDIyfQ.My0Z4aAFwQeWBEcThI0V9tqCzTojhL9imCgZj1N0-HA
But that makes it quicker and more stable to implement share tokens/authentication than a database save. URL shorteners can be used if it needs to be smaller
from photoprism.
The way I approached this problem in a similar project of mine is to have different user accounts, and set albums and photos sharable to particular set of users, as well as being able to make them public. This way, you can share specific albums/photos to specific people, in addition to setting them public, so that anyone can view them without having to have an account.
The idea is basically that the GET request for an image comes with a cookie that has a JWT token in it for the signed in user, and check if this user belongs to allowed users for the image, or for the album that has the image. If yes, then redirect with X-sendfile so that the webserver can serve the media, otherwise return 404. For public photos/albums, in the photo and album models, I have a boolean field for 'public', and the request goes through the same mechanism.
from photoprism.
Has this been considered as a part of the self-hosted solution as well? (I am not sure if you were discussing having it on a paid-service-website or so) - I'd love to see this coming up in photoprism and I know it is on your timeline. Sharing albums + individual photos.
Can I somehow fund this part of the project as a sponsor as well?
from photoprism.
We'll get to this when browsing by date / timeline is done :)
from photoprism.
I like the idea of JWT in the URL which would make sure we do not ( in my opinion ) compromise security in favour of sharing album.
In regards to the long url - we could try maybe to do the same as tinyurl ? Make it base36 ?
And we can also make it similar to what dropbox does when u share an album/folder = https://www.dropbox.com/sh/uymjsmjp92aeqsns/AABVOdUO2I0aHwc5Y0s6wmd4a
Where from the above we could have https://some-domain.com/share/<base36-token>
and in token itself we could save information regarding expiration and in future expand it if needed.
from photoprism.
@RafPe What's the specific advantage of using a JWT compared to just use a random token (plus optional password) and store expiration etc in our database?
from photoprism.
I could see this as a potential step into future multi user auth.
If we are ok with extending database entity for this purpose then I see no objections on that approach as well if it would help with MVP
Regarding random token - we had in one of my previous project nice function of 4 digit PIN ( with random token ). Which for was really positively received by end users ;)
from photoprism.
I noticed you created the album share functionality already. So would we consider this to be done then ?
from photoprism.
Where did you see that? :D It's not complete, started working on it though.
from photoprism.
I pulled most recent versions as I still try to set up my env to contribute :) And saw that albums now got ShareUID which led me to the remaining structs and objects 👍
from photoprism.
True, but there is no UI / UX yet. Did the file browser today, tomorrow moments. Maybe I get to sharing later this week or next week.
from photoprism.
Ok - so will not try to imterfere on this one. Will try to peak some other parts for MVP. On a sidenote - whenever you could - can you share how u set up your dev env ?
from photoprism.
Did you see our Wiki / Developer Guide? https://github.com/photoprism/photoprism/wiki/Getting-Started
Edit: Not completely up to date anymore, but setup steps are still the same.
from photoprism.
Looks done to me, please test :)
from photoprism.
Another UX improvement: URL will now include a slug instead of the album id. When you click it, you will be redirected.
from photoprism.
Today's change improves share preview images. Make sure to test with a fresh database (or manually delete the table) as the links
table was modified once again, basically just renaming columns. We want to make sure our concept is clear to developers: One token can be valid for multiple albums (shares), so that you don't need to create multiple links for the same group of people if you want to share more than one album.
from photoprism.
is sorting/filtering in shares planned?
from photoprism.
Related Issues (20)
- Idea: CalDAV support / Memories Improvement
- BUG: Incorrect Creation/Modification Date for Uploaded Files HOT 1
- Search: Allow sorting of results by UTC instead of local time HOT 2
- Setup: Improve docker-compose.yml inline docs for INIT and MARIADB_PASSWORD HOT 6
- Frontend: Upgrade MapLibre GL JS from v3.6 to v4.0
- MariaDB: Show info when waiting for the database to become available HOT 11
- Albums: Fix links to albums in the settings tab of the edit dialog HOT 11
- Indexed Image Names Differ From Original File Names
- Index: Create a new photo or find an existing one if the photo UID has been restored from a sidecar YAML file HOT 1
- Library: Live photo / video preview loading delay (1-2 seconds)
- Video: Allow streaming of all HEVC videos under Windows, e.g. by transcoding to AVC HOT 4
- WebDAV: Adding TrueNAS as a service for syncing files does not work HOT 2
- Idea: As a User, I would like to see the current upload speed of the file being uploaded in the iOS/Android app
- Support for Cryptomator FS under Windows HOT 1
- Setup: Provide ARMv7 installation packages HOT 1
- Develop: Upgrade base image to Ubuntu 24.04 LTS (Noble Numbat)
- task "convert" takes a very long time to sort through the already encoded files HOT 1
- Picture Handling: Use Archive to conveniently manage second priority pictures
- Docker Photoprism error after server reboot
- Stacks: Stack files by dc:identifier HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from photoprism.