fix: make assets endpoint public for <img src> usage
Images are non-sensitive learning content; removing auth from /assets/:fileId so React app can use URLs directly in <img src>. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -78,8 +78,8 @@ content.get('/qa-pairs', requireAuth, async (c) => {
|
||||
}
|
||||
})
|
||||
|
||||
// GET /assets/:fileId [auth]
|
||||
content.get('/assets/:fileId', requireAuth, async (c) => {
|
||||
// GET /assets/:fileId — public (images are non-sensitive learning content)
|
||||
content.get('/assets/:fileId', async (c) => {
|
||||
const fileId = c.req.param('fileId')
|
||||
if (!fileId) return c.json({ error: 'fileId required' }, 400)
|
||||
const assetUrl = dAssetUrl(fileId)
|
||||
|
||||
Reference in New Issue
Block a user