git.gladyson/openmonetis
1
0
Fork 1
mirror of https://github.com/felipegcoutinho/openmonetis.git synced 2026-05-10 03:11:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(segurança): endurecer autenticação e rotas privadas

Browse Source
This commit is contained in:
Felipe Coutinho
2026-04-03 18:10:23 +00:00
parent ba369e8a83
commit e4c6a91350
12 changed files with 357 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/app/api/attachments/[attachmentId]/presign/route.ts
View File

@@ -5,6 +5,10 @@ import { getUserId } from "@/shared/lib/auth/server";
import { db } from "@/shared/lib/db";
import { createPresignedGetUrl } from "@/shared/lib/storage/presign";
const PRIVATE_RESPONSE_HEADERS = {
"Cache-Control": "private, no-store",
};
export async function GET(
_request: Request,
{ params }: { params: Promise<{ attachmentId: string }> },
@@ -19,9 +23,20 @@ export async function GET(
);
if (!row) {
return NextResponse.json({ error: "Not found" }, { status: 404 });
return NextResponse.json(
{ error: "Not found" },
{
status: 404,
headers: PRIVATE_RESPONSE_HEADERS,
},
);
}
const url = await createPresignedGetUrl(row.fileKey);
return NextResponse.json({ url });
return NextResponse.json(
{ url },
{
headers: PRIVATE_RESPONSE_HEADERS,
},
);
}