apunkt/rowboat
1
0
Fork 0
mirror of https://github.com/rowboatlabs/rowboat.git synced 2026-05-25 18:55:19 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

added proper auth

Browse source
This commit is contained in:
arkml 2025-09-26 17:11:12 +05:30
parent bf6d04c4ea
commit 58d83796c9
1 changed files with 3 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

13
apps/rowboat/app/api/uploaded-images/[id]/route.ts
View file

@ -1,20 +1,13 @@
import { NextRequest, NextResponse } from 'next/server'; import { NextRequest, NextResponse } from 'next/server';
import { S3Client, GetObjectCommand, HeadObjectCommand } from '@aws-sdk/client-s3'; import { S3Client, GetObjectCommand, HeadObjectCommand } from '@aws-sdk/client-s3';
import { Readable } from 'stream'; import { Readable } from 'stream';
import { authCheck } from '@/app/actions/auth.actions'; import { requireAuth } from '@/app/lib/auth';
import { USE_AUTH } from '@/app/lib/feature_flags';
// Serves uploaded images from S3 by UUID-only path: /api/uploaded-images/{id} // Serves uploaded images from S3 by UUID-only path: /api/uploaded-images/{id}
// Reconstructs the S3 key using the same sharding logic as image upload. // Reconstructs the S3 key using the same sharding logic as image upload.
export async function GET(request: NextRequest, props: { params: Promise<{ id: string }> }) { export async function GET(request: NextRequest, props: { params: Promise<{ id: string }> }) {
// Require authentication if enabled // Require authentication (handles guest mode internally when USE_AUTH is disabled)
try { await requireAuth();
if (USE_AUTH) {
await authCheck();
}
} catch (_) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const params = await props.params; const params = await props.params;
const id = params.id; const id = params.id;