fix: make assets endpoint public for <img src> usage

Images are non-sensitive learning content; removing auth from
/assets/:fileId so React app can use URLs directly in <img src>.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-05-14 22:43:19 +02:00
parent 311d35fac0
commit 593753fa4d

View File

@@ -78,8 +78,8 @@ content.get('/qa-pairs', requireAuth, async (c) => {
} }
}) })
// GET /assets/:fileId [auth] // GET /assets/:fileId — public (images are non-sensitive learning content)
content.get('/assets/:fileId', requireAuth, async (c) => { content.get('/assets/:fileId', async (c) => {
const fileId = c.req.param('fileId') const fileId = c.req.param('fileId')
if (!fileId) return c.json({ error: 'fileId required' }, 400) if (!fileId) return c.json({ error: 'fileId required' }, 400)
const assetUrl = dAssetUrl(fileId) const assetUrl = dAssetUrl(fileId)