admin/honeyDueAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add secure media access control with authenticated proxy endpoints

Browse Source 
- Add MediaHandler with token-based proxy endpoints for serving media:
  - GET /api/media/document/:id
  - GET /api/media/document-image/:id
  - GET /api/media/completion-image/:id
- Add MediaURL fields to response DTOs for documents and task completions
- Add FindImageByID and FindCompletionImageByID repository methods
- Preload Completions.Images in all task queries for proper media URLs
- Remove public /uploads static file serving for security
- Verify residence access before serving any media files

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Trey t
2025-12-02 19:47:39 -06:00
parent ed21d9267d
commit 76579e8bf8
7 changed files with 250 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
internal/repositories/document_repo.go
View File

@@ -143,3 +143,13 @@ func (r *DocumentRepository) DeleteDocumentImage(id uint) error {
func (r *DocumentRepository) DeleteDocumentImages(documentID uint) error {
return r.db.Where("document_id = ?", documentID).Delete(&models.DocumentImage{}).Error
}
// FindImageByID finds a document image by ID
func (r *DocumentRepository) FindImageByID(id uint) (*models.DocumentImage, error) {
var image models.DocumentImage
err := r.db.First(&image, id).Error
if err != nil {
return nil, err
}
return &image, nil
}