v3: fixed authorization bug with stale tokens, fixed private dump access bug, various small fixes across the app
Some checks failed
Build and Publish Docker Image / build-and-push (push) Failing after 20s

This commit is contained in:
khannurien
2026-06-27 10:40:07 +00:00
parent 73e0114bf7
commit 76de798faf
24 changed files with 236 additions and 194 deletions

View File

@@ -1,3 +1,28 @@
import { API_URL } from "../config/api.ts";
/**
* Direct URL to a dump's uploaded file. The viewer's token is passed as a query
* param — media elements (`<audio>`, `<img>`, …) can't send an `Authorization`
* header — so the server can authorize access to private dumps. Same approach as
* the WebSocket connection (`?token=`).
*/
export function dumpFileUrl(
dump: { id: string; fileSize?: number },
token?: string | null,
): string {
const auth = token ? `&token=${encodeURIComponent(token)}` : "";
return `${API_URL}/api/files/${dump.id}?v=${dump.fileSize ?? 0}${auth}`;
}
/** Thumbnail URL for a dump, with the viewer's token (see {@link dumpFileUrl}). */
export function dumpThumbnailUrl(
dump: { id: string },
token?: string | null,
): string {
const auth = token ? `?token=${encodeURIComponent(token)}` : "";
return `${API_URL}/api/thumbnails/${dump.id}${auth}`;
}
export function normalizeUrl(input: string): string {
const s = input.trim();
if (!s || /^https?:\/\//i.test(s)) return s;