From 593753fa4d39fa40b546d34ae1a0dd6b0b186041 Mon Sep 17 00:00:00 2001 From: admin Date: Thu, 14 May 2026 22:43:19 +0200 Subject: [PATCH] fix: make assets endpoint public for usage Images are non-sensitive learning content; removing auth from /assets/:fileId so React app can use URLs directly in . Co-Authored-By: Claude Sonnet 4.6 --- src/routes/content.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/routes/content.ts b/src/routes/content.ts index 6e03013..7650a78 100644 --- a/src/routes/content.ts +++ b/src/routes/content.ts @@ -78,8 +78,8 @@ content.get('/qa-pairs', requireAuth, async (c) => { } }) -// GET /assets/:fileId [auth] -content.get('/assets/:fileId', requireAuth, async (c) => { +// GET /assets/:fileId — public (images are non-sensitive learning content) +content.get('/assets/:fileId', async (c) => { const fileId = c.req.param('fileId') if (!fileId) return c.json({ error: 'fileId required' }, 400) const assetUrl = dAssetUrl(fileId)