docs: Update README for local file saving and simplified flow
Co-authored-by: aider (gemini/gemini-2.5-pro) <aider@aider.chat>
This commit is contained in:
31
README.md
31
README.md
@@ -200,33 +200,28 @@ You can keep a checked‑in `/.env.example` with the keys above for onboarding.
|
|||||||
|
|
||||||
## How it works
|
## How it works
|
||||||
|
|
||||||
1. **Queue** – Files selected in the browser are queued; each gets a client‑side ID.
|
1. **Queue** – Files selected in the browser are queued; each gets a client-side ID.
|
||||||
2. **De‑dupe (local)** – Server computes **SHA‑1** and checks `state.db`. If seen, marks as **duplicate**.
|
2. **De-dupe (local)** – Server computes **SHA‑1** and checks `state.db`. If seen, marks as **duplicate**.
|
||||||
3. **De‑dupe (server)** – Attempts Immich `/assets/bulk-upload-check`; if Immich reports duplicate, marks accordingly.
|
3. **Save** – The file is saved to the local filesystem under `./data/uploads`.
|
||||||
4. **Upload** – Multipart POST to `${IMMICH_BASE_URL}/assets` with:
|
4. **Album** – If an album is specified via an invite link, or a folder name is provided on the public page, the file is saved into a corresponding subdirectory. Client-side folder structure is also preserved.
|
||||||
- `assetData`, `deviceAssetId`, `deviceId`,
|
5. **Progress** – Backend streams progress via WebSocket to the same session.
|
||||||
- `fileCreatedAt`, `fileModifiedAt` (from EXIF when available; else `lastModified`),
|
6. **Privacy** – The UI shows only the current session's items. It does not provide a way to browse saved files.
|
||||||
- `isFavorite=false`, `filename`, and header `x-immich-checksum`.
|
|
||||||
5. **Album** – If `IMMICH_ALBUM_NAME` is configured, adds the uploaded asset to the album (creates album if it doesn't exist).
|
|
||||||
6. **Progress** – Backend streams progress via WebSocket to the same session.
|
|
||||||
7. **Privacy** – UI shows only the current session's items. It never lists server media.
|
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
## Security notes
|
## Security notes
|
||||||
|
|
||||||
- The menu and invite creation are behind login. Logout clears the session.
|
- The menu and invite creation are behind login. Logout clears the session.
|
||||||
- Invite links are public by URL; share only with intended recipients.
|
- Invite links are public by URL; share only with intended recipients.
|
||||||
- The default uploader page at `/` is disabled unless `PUBLIC_UPLOAD_PAGE_ENABLED=true`.
|
- The default uploader page at `/` is disabled unless `PUBLIC_UPLOAD_PAGE_ENABLED=true`.
|
||||||
- The Immich API key remains **server‑side**; the browser never sees it.
|
- No browsing of uploaded media; only ephemeral session state is shown.
|
||||||
- No browsing of uploaded media; only ephemeral session state is shown.
|
|
||||||
- Run behind HTTPS with a reverse proxy and restrict CORS to your domain(s).
|
- Run behind HTTPS with a reverse proxy and restrict CORS to your domain(s).
|
||||||
|
|
||||||
## Usage flow
|
## Usage flow
|
||||||
|
|
||||||
- Admin: Login → Menu → Create invite link (optionally one‑time / expiry / album) → Share link or QR.
|
- Admin: Login → Menu → Create invite link (optionally one-time / expiry / album) → Share link or QR.
|
||||||
- Guest: Open invite link → Drop files → Upload progress and results shown.
|
- Guest: Open invite link → Drop files → Upload progress and results shown.
|
||||||
- Optional: Enable public uploader and set `IMMICH_ALBUM_NAME` for a default landing page.
|
- Optional: Enable public uploader for a default landing page.
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user