feat: auth hardening + codebase quality sweep

Refresh tokens: RefreshToken entity, PostgresRefreshTokenRepository, login returns refresh token, POST /auth/refresh (rotation), POST /auth/logout, JWT expiry 24h→1h, configurable via with_expiry(). Route protection: require_auth middleware on protected routes, public routes split (register, login, refresh, sharing/access). Authorization: caller_id added to ReadAssetFileQuery, ReadDerivativeQuery, GetStackQuery, DeleteStackCommand with ownership checks. Admin-only gates on processing, storage, sidecar, duplicates handlers. Quality fixes: visibility filtering bypass in search(), unwrap panics in date parsing, DRY auth header parsing, centralized parsers module, email validation via email_address crate, value objects (Username, MimeType, RelativePath), domain events (UserCreated, UserDeleted, AlbumCreated, TagCreated, DuplicateDetected), postgres error mapping for constraint violations, OptionExt::or_not_found helper, in_memory_repo! macro, GetStackQuery moved to queries, album add_entry 200→201.
2026-05-31 22:26:02 +02:00
parent 84fb410316
commit c6f82090d2
71 changed files with 2311 additions and 563 deletions
--- a/crates/bootstrap/src/factory.rs
+++ b/crates/bootstrap/src/factory.rs
@@ -66,7 +66,7 @@ pub async fn build_app(config: &Config) -> Result<Router> {
        .allow_methods(Any)
        .allow_headers(Any);

-    Ok(app_router()
+    Ok(app_router(&state)
        .with_state(state)
        .layer(TraceLayer::new_for_http())
        .layer(cors))
--- a/crates/bootstrap/src/services/catalog.rs
+++ b/crates/bootstrap/src/services/catalog.rs
@@ -1,13 +1,16 @@
 use std::sync::Arc;

 use adapters_postgres::{
-    PgPool, PostgresAssetMetadataRepository, PostgresAssetRepository, PostgresDerivativeRepository,
-    PostgresDuplicateRepository, PostgresIngestTransaction,
+    PgPool, PostgresAssetMetadataRepository, PostgresAssetRepository, PostgresAssetStackRepository,
+    PostgresDerivativeRepository, PostgresDuplicateRepository, PostgresIngestTransaction,
+    PostgresSidecarRepository,
 };
 use adapters_storage::LocalFileStorage;
 use application::catalog::{
-    GetAssetHandler, GetTimelineHandler, ReadAssetFileHandler, ReadDerivativeHandler,
-    RegisterAssetHandler, UpdateMetadataHandler,
+    CreateStackHandler, DeleteAssetHandler, DeleteStackHandler, DetectLivePhotosHandler,
+    GetAssetHandler, GetStackHandler, GetTimelineHandler, ListDuplicatesHandler,
+    ReadAssetFileHandler, ReadDerivativeHandler, RegisterAssetHandler, ResolveDuplicateHandler,
+    SearchAssetsHandler, UpdateMetadataHandler,
 };
 use application::storage::IngestAssetHandler;
 use domain::ports::EventPublisher;
@@ -25,6 +28,8 @@ pub fn build(
    let metadata_repo = Arc::new(PostgresAssetMetadataRepository::new(pool.clone()));
    let derivative_repo = Arc::new(PostgresDerivativeRepository::new(pool.clone()));
    let duplicate_repo = Arc::new(PostgresDuplicateRepository::new(pool.clone()));
+    let sidecar_repo = Arc::new(PostgresSidecarRepository::new(pool.clone()));
+    let stack_repo = Arc::new(PostgresAssetStackRepository::new(pool.clone()));
    let ingest_tx = Arc::new(PostgresIngestTransaction::new(pool.clone()));

    let ingest_asset = Arc::new(IngestAssetHandler::new(
@@ -55,7 +60,35 @@ pub fn build(
        file_storage.clone(),
    ));

-    let read_derivative = Arc::new(ReadDerivativeHandler::new(derivative_repo, file_storage));
+    let read_derivative = Arc::new(ReadDerivativeHandler::new(
+        derivative_repo.clone(),
+        asset_repo.clone(),
+        file_storage.clone(),
+    ));
+
+    let search_assets = Arc::new(SearchAssetsHandler::new(asset_repo.clone()));
+
+    let delete_asset = Arc::new(DeleteAssetHandler::new(
+        asset_repo.clone(),
+        derivative_repo.clone(),
+        sidecar_repo,
+        file_storage.clone(),
+        event_publisher.clone(),
+    ));
+
+    let list_duplicates = Arc::new(ListDuplicatesHandler::new(duplicate_repo.clone()));
+    let resolve_duplicate = Arc::new(ResolveDuplicateHandler::new(
+        duplicate_repo.clone(),
+        delete_asset.clone(),
+    ));
+
+    let create_stack = Arc::new(CreateStackHandler::new(
+        asset_repo.clone(),
+        stack_repo.clone(),
+    ));
+    let get_stack = Arc::new(GetStackHandler::new(stack_repo.clone()));
+    let delete_stack = Arc::new(DeleteStackHandler::new(stack_repo.clone()));
+    let detect_live_photos = Arc::new(DetectLivePhotosHandler::new(asset_repo.clone(), stack_repo));

    let register_asset = Arc::new(RegisterAssetHandler::new(
        asset_repo,
@@ -71,5 +104,13 @@ pub fn build(
        read_asset_file,
        read_derivative,
        register_asset,
+        delete_asset,
+        search_assets,
+        list_duplicates,
+        resolve_duplicate,
+        create_stack,
+        get_stack,
+        delete_stack,
+        detect_live_photos,
    }
 }
--- a/crates/bootstrap/src/services/identity.rs
+++ b/crates/bootstrap/src/services/identity.rs
@@ -1,8 +1,10 @@
 use std::sync::Arc;

 use adapters_auth::{BcryptPasswordHasher, JwtTokenIssuer};
-use adapters_postgres::{PgPool, PostgresUserRepository};
-use application::identity::{GetProfileHandler, LoginUserHandler, RegisterUserHandler};
+use adapters_postgres::{PgPool, PostgresRefreshTokenRepository, PostgresUserRepository};
+use application::identity::{
+    GetProfileHandler, LoginUserHandler, LogoutHandler, RefreshTokenHandler, RegisterUserHandler,
+};
 use domain::ports::TokenIssuer;
 use presentation::state::IdentityHandlers;

@@ -15,20 +17,30 @@ pub fn build(pool: &PgPool, jwt_secret: &str) -> IdentityServices {
    let user_repo = Arc::new(PostgresUserRepository::new(pool.clone()));
    let hasher = Arc::new(BcryptPasswordHasher);
    let issuer: Arc<JwtTokenIssuer> = Arc::new(JwtTokenIssuer::new(jwt_secret));
+    let refresh_repo = Arc::new(PostgresRefreshTokenRepository::new(pool.clone()));

    let register = Arc::new(RegisterUserHandler::new(user_repo.clone(), hasher.clone()));
    let login = Arc::new(LoginUserHandler::new(
        user_repo.clone(),
        hasher,
        issuer.clone(),
+        refresh_repo.clone(),
    ));
    let get_profile = Arc::new(GetProfileHandler::new(user_repo));
+    let refresh = Arc::new(RefreshTokenHandler::new(
+        refresh_repo.clone(),
+        issuer.clone(),
+    ));
+    let logout = Arc::new(LogoutHandler::new(refresh_repo.clone()));

    IdentityServices {
        handlers: IdentityHandlers {
            register,
            login,
            get_profile,
+            refresh,
+            logout,
+            refresh_token_repo: refresh_repo,
        },
        token_issuer: issuer,
    }
--- a/crates/bootstrap/src/services/processing.rs
+++ b/crates/bootstrap/src/services/processing.rs
@@ -6,7 +6,7 @@ use adapters_postgres::{
 };
 use application::processing::{
    CompleteJobHandler, ConfigurePipelineHandler, EnqueueJobHandler, FailJobHandler,
-    ManagePluginHandler, ReportBatchProgressHandler, StartJobHandler,
+    ListJobsHandler, ManagePluginHandler, ReportBatchProgressHandler, StartJobHandler,
 };
 use domain::ports::EventPublisher;
 use presentation::state::ProcessingHandlers;
@@ -32,6 +32,7 @@ pub fn build(pool: &PgPool, event_publisher: Arc<dyn EventPublisher>) -> Process
        batch_repo.clone(),
        event_publisher,
    ));
+    let list_jobs = Arc::new(ListJobsHandler::new(job_repo.clone()));
    let batch_progress = Arc::new(ReportBatchProgressHandler::new(batch_repo, job_repo));
    let manage_plugin = Arc::new(ManagePluginHandler::new(plugin_repo.clone()));
    let configure_pipeline = Arc::new(ConfigurePipelineHandler::new(pipeline_repo, plugin_repo));
@@ -41,6 +42,7 @@ pub fn build(pool: &PgPool, event_publisher: Arc<dyn EventPublisher>) -> Process
        start_job,
        complete_job,
        fail_job,
+        list_jobs,
        batch_progress,
        manage_plugin,
        configure_pipeline,