LIComputerGuy/media-downloader
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Encrypt file paths in API URLs using Fernet tokens

Browse Source 
Raw filesystem paths were exposed in browser URLs, dev tools, and proxy logs.
Now all file-serving endpoints accept an opaque encrypted token (t= param)
derived from the session secret via HKDF, with a 4-hour TTL.

Backend:
- Add core/path_tokens.py with Fernet encrypt/decrypt (HKDF from .session_secret)
- Add file_token to all list/gallery/feed/search responses across 7 routers
- Accept optional t= param on all file-serving endpoints (backward compatible)

Frontend:
- Update 4 URL helpers in api.ts to prefer token when available
- Add 4 new helpers for paid-content/embedded-metadata URLs
- Update all 14 page/component files to pass file_token to URL builders
- Add file_token to all relevant TypeScript interfaces

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Todd
2026-03-30 08:25:22 -04:00
parent 523f91788e
commit 49e72207bf
24 changed files with 295 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
web/frontend/src/pages/paid-content/Feed.tsx
View File

@@ -150,7 +150,7 @@ function AttachmentThumbnail({
const isImage = attachment.file_type === 'image' || isPF
const isVideo = attachment.file_type === 'video' && !isPF
const fileUrl = attachment.local_path
? `/api/paid-content/files/serve?path=${encodeURIComponent(attachment.local_path)}`
? attachment.file_token ? `/api/paid-content/files/serve?t=${encodeURIComponent(attachment.file_token)}` : `/api/paid-content/files/serve?path=${encodeURIComponent(attachment.local_path)}`
: null
const isMissing = attachment.status === 'failed' || attachment.status === 'pending'
@@ -938,7 +938,7 @@ function PostCard({
>
{completedAttachments.filter(a => a.file_type === 'audio').map((audio) => {
const audioUrl = audio.local_path
? `/api/paid-content/files/serve?path=${encodeURIComponent(audio.local_path)}`
? audio.file_token ? `/api/paid-content/files/serve?t=${encodeURIComponent(audio.file_token)}` : `/api/paid-content/files/serve?path=${encodeURIComponent(audio.local_path)}`
: null
const fileSizeMB = audio.file_size ? (audio.file_size / 1024 / 1024).toFixed(1) : null
return (