Fix token-based file downloads authentication #54
@@ -279,7 +279,7 @@ app.include_router(
|
||||
gitea.router, prefix="/api/gitea", dependencies=[Depends(_inject_user), Depends(require_page("gitea"))]
|
||||
)
|
||||
app.include_router(
|
||||
files.router, prefix="/api/files", dependencies=[Depends(_inject_user), Depends(require_page("files"))]
|
||||
files.router, prefix="/api/files"
|
||||
)
|
||||
app.include_router(
|
||||
system.router, prefix="/api/system", dependencies=[Depends(_inject_user), Depends(require_page("dashboard"))]
|
||||
|
||||
@@ -66,7 +66,7 @@ def _sanitize_filename(name: str) -> str:
|
||||
return name
|
||||
|
||||
|
||||
@router.get("/browse")
|
||||
@router.get("/browse", dependencies=[Depends(require_admin())])
|
||||
def browse(path: str = ""):
|
||||
try:
|
||||
target = _safe_path(path)
|
||||
@@ -94,7 +94,7 @@ def browse(path: str = ""):
|
||||
return {"path": str(target.relative_to(BASE)), "entries": entries}
|
||||
|
||||
|
||||
@router.post("/download-token")
|
||||
@router.post("/download-token", dependencies=[Depends(require_admin())])
|
||||
def create_download_token(path: str):
|
||||
"""Generate a temporary download token for large file downloads."""
|
||||
try:
|
||||
|
||||
Reference in New Issue
Block a user