update authorization tokens and add/fix create album endpoint

backend/internal/db/db.go

@@ -22,6 +22,7 @@ func Init() bool {
 		&models.Album{},
 		&models.User{},
 		&models.AccessToken{},
+		&models.UserAlbumAccess{},
 	)
 	if err != nil {
 		log.Fatal("failed to migrate database: ", err)

backend/internal/models/album.go

@@ -19,7 +19,7 @@ type Album struct {
 	UpdatedAt time.Time
 }
 
-type UserAccess struct {
+type UserAlbumAccess struct {
 	UserID      string `gorm:"not null"`
 	AlbumID     string `gorm:"not null"`
 	AccessLevel int    `gorm:"not null"` // 0: View, 1: Upload, 2: Edit, 3: Edit/Delete, 4: Admin (manage other users)

backend/internal/routes/album.go

@@ -40,6 +40,10 @@ func RegisterAlbumRoutes(rg *gin.RouterGroup) {
 			Description string `json:"description"`
 			ParentID    string `json:"parentId"`
 		}
+		if err := c.ShouldBindJSON(&request); err != nil {
+			c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+			return
+		}
 		result, err := services.CreateAlbum(accessToken, request.Title, request.Description, request.ParentID)
 		if err != nil {
 			c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})

backend/internal/routes/user.go

@@ -62,11 +62,11 @@ func RegisterUserRoutes(rg *gin.RouterGroup) {
 	})
 	user.GET("/getUserData", func(c *gin.Context) {
 		authHeader := c.GetHeader("Authorization")
-		token := authHeader
+		if authHeader == "" {
-		if len(authHeader) > 7 && authHeader[:7] == "Bearer " {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
-			token = authHeader[7:]
+			return
 		}
-		userData, err := services.GetUserData(token)
+		userData, err := services.GetUserData(authHeader)
 		if err != nil {
 			c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 			return

backend/internal/services/album.go

@@ -82,7 +82,7 @@ func CreateAlbum(accessToken string, title string, description string, parentID
 }
 
 func CheckUserAlbumAccess(userID string, albumID string) (int, error) {
-	userAccess := models.UserAccess{}
+	userAccess := models.UserAlbumAccess{}
 	result := db.GetDB().First(&userAccess, "user_id = ? AND album_id = ?", userID, albumID)
 	if result.Error != nil {
 		if result.Error == gorm.ErrRecordNotFound {

frontend/src/contexts/useAccount.jsx

@@ -36,7 +36,7 @@ export const AccountProvider = ({ children }) => {
         }
         const response = await fetch(`${getServerUrl()}/api/user/getUserData`, {
             headers: {
-                'Authorization': `Bearer ${accessToken}`,
+                'Authorization': accessToken,
             },
         })
         const data = await response.json()

frontend/src/gallery/components/AlbumCreateModal.jsx

@@ -1,13 +1,36 @@
 import Modal from '../../components/Modal'
-export default function AlbumCreateModal({ open, onOpenChange, trigger }) {
+import { getServerUrl } from '../../hooks/getConstants'
-    const handleCreateAlbum = () => {
+import { useAccount } from '../../contexts/useAccount'
-        console.log('Create Album')
+import { useState } from 'react'
+export default function AlbumCreateModal({ open, onOpenChange, trigger, parentId }) {
+    const { getAccessToken } = useAccount()
+    const [title, setTitle] = useState('')
+    const [description, setDescription] = useState('')
+    const handleCreateAlbum = async () => {
+        const response = await fetch(`${getServerUrl()}/api/albums/createAlbum`, {
+            method: 'POST',
+            headers: {
+                'Authorization': getAccessToken(),
+                'Content-Type': 'application/json',
+            },
+            body: JSON.stringify({
+                title: title,
+                description: description,
+                parentId: parentId
+            })
+        })
+        const data = await response.json()
+        if (data.error) {
+            console.error(data.error)
+        } else {
+            onOpenChange(false)
+        }
     }
     return (
         <Modal open={open} onOpenChange={onOpenChange} trigger={trigger} title="Create Album">
             <div className="flex flex-col gap-2">
-                <input type="text" placeholder="Name" className="w-full px-3 py-2.5 bg-[#141414] border border-[#2B2B2B] rounded-md text-white placeholder-gray-600 focus:outline-none focus:border-[#3B3B3B] transition-colors red-hat-text" />
+                <input type="text" placeholder="Name" className="w-full px-3 py-2.5 bg-[#141414] border border-[#2B2B2B] rounded-md text-white placeholder-gray-600 focus:outline-none focus:border-[#3B3B3B] transition-colors red-hat-text" value={title} onChange={(e) => setTitle(e.target.value)} />
-                <textarea type="text" placeholder="Description" className="w-full h-[20vh] px-3 py-2.5 bg-[#141414] border border-[#2B2B2B] rounded-md text-white placeholder-gray-600 focus:outline-none focus:border-[#3B3B3B] transition-colors red-hat-text resize-none" />
+                <textarea type="text" placeholder="Description" className="w-full h-[20vh] px-3 py-2.5 bg-[#141414] border border-[#2B2B2B] rounded-md text-white placeholder-gray-600 focus:outline-none focus:border-[#3B3B3B] transition-colors red-hat-text resize-none" value={description} onChange={(e) => setDescription(e.target.value)} />
                 <button className="w-full py-2.5 bg-[#2B2B2B] hover:bg-[#3B3B3B] text-white rounded-md font-medium transition-colors red-hat-mono cursor-pointer mt-2" onClick={handleCreateAlbum}>Create Album</button>
             </div>
         </Modal>