[BUG] Shared Album via Link throws UnauthorizedException error

[deiop]

The bug

When sharing an album via link, CommunicationRespository throws Authentication required Exception

The OS that Immich Server is running on

Ubuntu 22.04.3 LTS

Version of Immich Server

1.84.0

Version of Immich Mobile App

1.84.0 108

Platform with the issue

• [X] Server
• [ ] Web
• [ ] Mobile

Your docker-compose.yml content

version: "3.8"

services:
  immich-caddy:
    container_name: caddy
    image: caddy:2-alpine
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./caddy/Caddyfile:/etc/caddy/Caddyfile
      - ./caddy/data:/data
      - ./caddy/config:/config
    environment:
      ACME_AGREE: 'true'
      DOMAIN: 'X'
      EMAIL: 'X'

  immich-server:
    container_name: immich_server
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
    command: [ "start.sh", "immich" ]
    volumes:
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
    env_file:
      - .env
    depends_on:
      - redis
      - database
      - typesense
    restart: always

  immich-microservices:
    container_name: immich_microservices
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
    # extends:
    #   file: hwaccel.yml
    #   service: hwaccel
    command: [ "start.sh", "microservices" ]
    volumes:
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
    env_file:
      - .env
    depends_on:
      - redis
      - database
      - typesense
    restart: always

  immich-machine-learning:
    container_name: immich_machine_learning
    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
    volumes:
      - model-cache:/cache
    env_file:
      - .env
    restart: always

  immich-web:
    container_name: immich_web
    image: ghcr.io/immich-app/immich-web:${IMMICH_VERSION:-release}
    env_file:
      - .env
    restart: always

  typesense:
    container_name: immich_typesense
    image: typesense/typesense:0.24.1@sha256:9bcff2b829f12074426ca044b56160ca9d777a0c488303469143dd9f8259d4dd
    environment:
      - TYPESENSE_API_KEY=${TYPESENSE_API_KEY}
      - TYPESENSE_DATA_DIR=/data
      # remove this to get debug messages
      - GLOG_minloglevel=1
    volumes:
      - tsdata:/data
    restart: always

  redis:
    container_name: immich_redis
    image: redis:6.2-alpine@sha256:70a7a5b641117670beae0d80658430853896b5ef269ccf00d1827427e3263fa3
    restart: always

  database:
    container_name: immich_postgres
    image: postgres:14-alpine@sha256:28407a9961e76f2d285dc6991e8e48893503cc3836a4755bbc2d40bcc272a441
    env_file:
      - .env
    environment:
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_USER: ${DB_USERNAME}
      POSTGRES_DB: ${DB_DATABASE_NAME}
    volumes:
      - pgdata:/var/lib/postgresql/data
    restart: always

  immich-proxy:
    container_name: immich_proxy
    image: ghcr.io/immich-app/immich-proxy:${IMMICH_VERSION:-release}
    environment:
      # Make sure these values get passed through from the env file
      - IMMICH_SERVER_URL
      - IMMICH_WEB_URL
    ports:
      - 2283:8080
    depends_on:
      - immich-server
      - immich-web
    restart: always

volumes:
  pgdata:
  model-cache:
  tsdata:

Your .env content

# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables

# The location where your uploaded files are stored
UPLOAD_LOCATION=./data

# The Immich version to use. You can pin this to a specific version like "v1.71.0"
IMMICH_VERSION=release

# Connection secrets for postgres and typesense. You should change these to random passwords
TYPESENSE_API_KEY=XXX
DB_PASSWORD=XXX

# The values below this line do not need to be changed
###################################################################################
DB_HOSTNAME=immich_postgres
DB_USERNAME=postgres
DB_DATABASE_NAME=immich

REDIS_HOSTNAME=immich_redis

Reproduction steps

1.Create a new album under V.1.84
2.Share album via link
3.open link without beeing logged in to immich
...

Additional information

[Nest] 6 - 11/06/2023, 12:13:18 PM LOG [CommunicationRepository] Websocket Connect: DIEN7leiGuntS6GGAACf immich_server | [Nest] 6 - 11/06/2023, 12:13:18 PM ERROR [CommunicationRepository] Websocket connection error: UnauthorizedException: Authentication required immich_server | UnauthorizedException: Authentication required immich_server | at AuthService.validate (/usr/src/app/dist/domain/auth/auth.service.js:113:15) immich_server | at CommunicationRepository.handleConnection (/usr/src/app/dist/infra/repositories/communication.repository.js:30:49) immich_server | at Object.next (/usr/src/app/node_modules/@nestjs/websockets/web-sockets-controller.js:77:47) immich_server | at ConsumerObserver.next (/usr/src/app/node_modules/rxjs/dist/cjs/internal/Subscriber.js:113:33) immich_server | at Subscriber._next (/usr/src/app/node_modules/rxjs/dist/cjs/internal/Subscriber.js:80:26) immich_server | at Subscriber.next (/usr/src/app/node_modules/rxjs/dist/cjs/internal/Subscriber.js:51:18) immich_server | at /usr/src/app/node_modules/rxjs/dist/cjs/internal/operators/distinctUntilChanged.js:18:28 immich_server | at OperatorSubscriber._this._next (/usr/src/app/node_modules/rxjs/dist/cjs/internal/operators/OperatorSubscriber.js:33:21) immich_server | at Subscriber.next (/usr/src/app/node_modules/rxjs/dist/cjs/internal/Subscriber.js:51:18) immich_server | at /usr/src/app/node_modules/rxjs/dist/cjs/internal/Subject.js:69:34 immich_server | [Nest] 6 - 11/06/2023, 12:13:18 PM LOG [CommunicationRepository] Websocket Disconnect: DIEN7leiGuntS6GGAACf

[bo0tzz]

Does anything actually go wrong on the client with regards to viewing the shared link? The error you posted is from the websocket connection, which is expected to fail as the viewing user is not authenticated, but this should not affect the shared link content.

[deiop]

Hi bo0tzz - you are correct - shared link content is not affected, works.

[alextran1502]

Fixed