removing use of single sue auth tokens for assets

2026-04-03 22:30:49 +02:00
parent 9ddb101135
commit b6686a462f
2 changed files with 2 additions and 16 deletions
--- a/server/src/routes/synology.ts
+++ b/server/src/routes/synology.ts
@@ -12,7 +12,6 @@ import {
    searchSynologyPhotos,
    getSynologyAssetInfo,
    pipeSynologyProxy,
-    synologyAuthFromQuery,
    getSynologyTargetUserId,
    streamSynologyAsset,
    handleSynologyError,
@@ -133,7 +132,7 @@ router.get('/assets/:photoId/info', authenticate, async (req: Request, res: Resp
    }
 });

-router.get('/assets/:photoId/thumbnail', synologyAuthFromQuery, async (req: Request, res: Response) => {
+router.get('/assets/:photoId/thumbnail', authenticate, async (req: Request, res: Response) => {
    const authReq = req as AuthRequest;
    const { photoId } = req.params;
    const { size = 'sm' } = req.query;
@@ -149,7 +148,7 @@ router.get('/assets/:photoId/thumbnail', synologyAuthFromQuery, async (req: Requ
    }
 });

-router.get('/assets/:photoId/original', synologyAuthFromQuery, async (req: Request, res: Response) => {
+router.get('/assets/:photoId/original', authenticate, async (req: Request, res: Response) => {
    const authReq = req as AuthRequest;
    const { photoId } = req.params;

--- a/server/src/services/synologyService.ts
+++ b/server/src/services/synologyService.ts
@@ -270,19 +270,6 @@ function normalizeSynologyPhotoInfo(item: SynologyPhotoItem): SynologyPhotoInfo
    };
 }

-export function synologyAuthFromQuery(req: Request, res: ExpressResponse, next: NextFunction) {
-    const queryToken = req.query.token as string | undefined;
-    if (queryToken) {
-        const userId = consumeEphemeralToken(queryToken, SYNOLOGY_PROVIDER);
-        if (!userId) return res.status(401).send('Invalid or expired token');
-        const user = db.prepare('SELECT id, username, email, role, mfa_enabled FROM users WHERE id = ?').get(userId) as any;
-        if (!user) return res.status(401).send('User not found');
-        (req as AuthRequest).user = user;
-        return next();
-    }
-    return (authenticate as any)(req, res, next);
-}
-
 export function getSynologyTargetUserId(req: Request): number {
    const { userId } = req.query;
    return Number(userId);