Skip to main content
Retrieve all photos in the user’s gallery.

Endpoint

GET https://api.mentra.glass/api/gallery

Headers

Authorization: Bearer <glassesJwt>
This endpoint requires glasses authentication, not regular user authentication.

Response

Success (200): 
{
  "success": true,
  "photos": [
    {
      "_id": "photo-id-123",
      "userId": "[email protected]",
      "userEmail": "[email protected]",
      "filename": "photo_2024_01_20_103000.jpg",
      "uploadedAt": "2024-01-20T10:30:00Z",
      "size": 1048576,
      "mimeType": "image/jpeg",
      "metadata": {
        "requestId": "req-123",
        "origin": "app",
        "packageName": "com.example.app"
      }
    }
  ]
}
Error (500): 
{
  "error": "Failed to fetch gallery photos"
}

Implementation

  • File: packages/cloud/src/routes/gallery.routes.ts:19-37
  • Middleware: validateGlassesAuth
  • Service: Uses GalleryPhoto.findByUserId() with email from decoded token
Delete a specific photo from the user’s gallery.

Endpoint

DELETE https://api.mentra.glass/api/gallery/:photoId

Headers

Authorization: Bearer <glassesJwt>

Parameters

ParameterTypeDescription
photoIdstringThe ID of the photo to delete (in URL)

Response

Success (200): 
{
  "success": true,
  "message": "Photo deleted successfully"
}
Error (403): 
{
  "error": "Not authorized to delete this photo"
}
Error (404): 
{
  "error": "Photo not found" // or "Failed to delete photo"
}
Error (500): 
{
  "error": "Failed to delete photo"
}

Implementation

  • File: packages/cloud/src/routes/gallery.routes.ts:44-88
  • Authorization: Checks that the user owns the photo
  • Cleanup: Attempts to delete physical file (non-critical)

Deletion Process

  1. Validates user authentication
  2. Verifies photo exists and user owns it
  3. Deletes photo record from database
  4. Attempts to delete physical file from uploads directory (if exists)
There’s an inconsistency in the code: The GET endpoint uses decodedToken.email while the DELETE endpoint uses decodedToken.userId. This should be standardized to use the same field.

Error Codes

CodeDescription
401Unauthorized - invalid glasses token
403Forbidden - user doesn’t own the photo
404Photo not found
500Internal server error

Data Model

Gallery photos contain:
  • _id: Unique photo identifier
  • userId: Owner’s user ID
  • userEmail: Owner’s email address
  • filename: Generated filename
  • uploadedAt: Upload timestamp
  • size: File size in bytes
  • mimeType: Image MIME type
  • metadata: Additional photo metadata including:
    • requestId: The original photo request ID
    • origin: Source of the photo (e.g., “app”)
    • packageName: App that requested the photo

Notes

  • Gallery photos are stored in MongoDB using the GalleryPhoto model
  • Physical files are stored in the uploads directory
  • File deletion failures are logged but don’t fail the API request
  • All endpoints require glasses authentication (not regular user authentication)
  • Photos are associated with users by their email address