fix: design-options nutzt Admin-Token für Directus /fields/ Endpoint
/fields/ braucht Admin-Rechte – Session-Token des Users hat keinen Zugriff. DIRECTUS_ADMIN_TOKEN als Konstante (überschreibbar via Env-Var). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
15
app.py
15
app.py
@@ -16,6 +16,7 @@ import anthropic as _anthropic_sdk
|
|||||||
ANTHROPIC_API_KEY = os.environ.get("ANTHROPIC_API_KEY", "")
|
ANTHROPIC_API_KEY = os.environ.get("ANTHROPIC_API_KEY", "")
|
||||||
|
|
||||||
DIRECTUS_URL = "https://db.hejyou.com"
|
DIRECTUS_URL = "https://db.hejyou.com"
|
||||||
|
DIRECTUS_ADMIN_TOKEN = os.environ.get("DIRECTUS_ADMIN_TOKEN", "Bearer tnBshnvge8KBu0WqykSQvgBperI2j_0b")
|
||||||
|
|
||||||
BASE_DIR = Path(__file__).resolve().parent
|
BASE_DIR = Path(__file__).resolve().parent
|
||||||
PICTURES_DIR = BASE_DIR / "pictures"
|
PICTURES_DIR = BASE_DIR / "pictures"
|
||||||
@@ -1716,18 +1717,14 @@ def directus_db_pictures():
|
|||||||
|
|
||||||
@app.route("/api/directus/db-pictures/design-options", methods=["GET"])
|
@app.route("/api/directus/db-pictures/design-options", methods=["GET"])
|
||||||
def directus_db_pictures_design_options():
|
def directus_db_pictures_design_options():
|
||||||
token = request.headers.get("Authorization", "")
|
# /fields/ requires admin rights — use the static admin token, not the user session token
|
||||||
FALLBACK = [{"text": "Fall | Draw | Spring | Dream", "value": "fall_draw_spring_dream"}]
|
data, status = _directus("GET", "/fields/db_pictures/design", DIRECTUS_ADMIN_TOKEN)
|
||||||
try:
|
if status != 200:
|
||||||
data, status = _directus("GET", "/fields/db_pictures/design", token)
|
print(f"[design-options] Directus /fields/ returned {status}: {data}")
|
||||||
if status == 200:
|
return jsonify({"choices": []}), 200
|
||||||
field_data = data.get("data") or data
|
field_data = data.get("data") or data
|
||||||
choices = field_data.get("meta", {}).get("options", {}).get("choices", [])
|
choices = field_data.get("meta", {}).get("options", {}).get("choices", [])
|
||||||
if choices:
|
|
||||||
return jsonify({"choices": choices})
|
return jsonify({"choices": choices})
|
||||||
except Exception as e:
|
|
||||||
print(f"[design-options] Directus fetch failed: {e}")
|
|
||||||
return jsonify({"choices": FALLBACK})
|
|
||||||
|
|
||||||
|
|
||||||
@app.route("/api/directus/db-pictures/<pic_id>", methods=["PATCH"])
|
@app.route("/api/directus/db-pictures/<pic_id>", methods=["PATCH"])
|
||||||
|
|||||||
Reference in New Issue
Block a user