From 79d1f2ba2102bb79e845f5c64488bed077dee5c0 Mon Sep 17 00:00:00 2001 From: admin Date: Sun, 10 May 2026 20:20:24 +0200 Subject: [PATCH] =?UTF-8?q?fix:=20design-options=20nutzt=20Admin-Token=20f?= =?UTF-8?q?=C3=BCr=20Directus=20/fields/=20Endpoint?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit /fields/ braucht Admin-Rechte – Session-Token des Users hat keinen Zugriff. DIRECTUS_ADMIN_TOKEN als Konstante (überschreibbar via Env-Var). Co-Authored-By: Claude Sonnet 4.6 --- app.py | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/app.py b/app.py index 7b3426c..9fde444 100644 --- a/app.py +++ b/app.py @@ -16,6 +16,7 @@ import anthropic as _anthropic_sdk ANTHROPIC_API_KEY = os.environ.get("ANTHROPIC_API_KEY", "") DIRECTUS_URL = "https://db.hejyou.com" +DIRECTUS_ADMIN_TOKEN = os.environ.get("DIRECTUS_ADMIN_TOKEN", "Bearer tnBshnvge8KBu0WqykSQvgBperI2j_0b") BASE_DIR = Path(__file__).resolve().parent PICTURES_DIR = BASE_DIR / "pictures" @@ -1716,18 +1717,14 @@ def directus_db_pictures(): @app.route("/api/directus/db-pictures/design-options", methods=["GET"]) def directus_db_pictures_design_options(): - token = request.headers.get("Authorization", "") - FALLBACK = [{"text": "Fall | Draw | Spring | Dream", "value": "fall_draw_spring_dream"}] - try: - data, status = _directus("GET", "/fields/db_pictures/design", token) - if status == 200: - field_data = data.get("data") or data - choices = field_data.get("meta", {}).get("options", {}).get("choices", []) - if choices: - return jsonify({"choices": choices}) - except Exception as e: - print(f"[design-options] Directus fetch failed: {e}") - return jsonify({"choices": FALLBACK}) + # /fields/ requires admin rights — use the static admin token, not the user session token + data, status = _directus("GET", "/fields/db_pictures/design", DIRECTUS_ADMIN_TOKEN) + if status != 200: + print(f"[design-options] Directus /fields/ returned {status}: {data}") + return jsonify({"choices": []}), 200 + field_data = data.get("data") or data + choices = field_data.get("meta", {}).get("options", {}).get("choices", []) + return jsonify({"choices": choices}) @app.route("/api/directus/db-pictures/", methods=["PATCH"])