Harden auth and security controls with session auth and docs
This commit is contained in:
@@ -52,7 +52,8 @@ Do not hardcode new palette or spacing values in component styles when a token a
|
||||
## Authenticated Media Delivery
|
||||
|
||||
- Document previews and thumbnails must load through authenticated fetch flows in `frontend/src/lib/api.ts`, then render via temporary object URLs.
|
||||
- Runtime auth should prefer per-user token resolution (`setApiTokenResolver` and `setRuntimeApiToken`) rather than static build-time token distribution, with `VITE_API_TOKEN` used only as fallback compatibility.
|
||||
- Runtime auth uses server-issued per-user session tokens persisted with `setRuntimeApiToken` and read by `getRuntimeApiToken`.
|
||||
- Static build-time token distribution is not supported.
|
||||
- Direct `window.open` calls for protected media endpoints are not allowed because browser navigation requests do not include the API token header.
|
||||
- Download actions for original files and markdown exports must use authenticated blob fetches plus controlled browser download triggers.
|
||||
- Revoke all temporary object URLs after replacement, unmount, or completion to prevent browser memory leaks.
|
||||
|
||||
Reference in New Issue
Block a user