hyungi/hyungi_document_server
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: add query param token auth for file serving (iframe compat)

Browse Source 
iframe/img tags can't send Bearer headers. File endpoint now accepts
?token= query parameter for authentication. Frontend passes access
token in URL for PDF/image viewers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Hyungi Ahn
2026-04-03 08:34:45 +09:00
parent e14084d5cd
commit 1affcb1afd
2 changed files with 18 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
frontend/src/routes/documents/[id]/+page.svelte
View File

@@ -1,7 +1,7 @@
<script>
import { onMount } from 'svelte';
import { page } from '$app/stores';
import { api } from '$lib/api';
import { api, getAccessToken } from '$lib/api';
import { addToast } from '$lib/stores/ui';
import { marked } from 'marked';
@@ -56,12 +56,12 @@
</div>
{:else if viewerType === 'pdf'}
<iframe
src="/api/documents/{doc.id}/file"
src="/api/documents/{doc.id}/file?token={getAccessToken()}"
class="w-full h-[80vh] rounded"
title={doc.title}
></iframe>
{:else if viewerType === 'image'}
<img src="/api/documents/{doc.id}/file" alt={doc.title} class="max-w-full rounded" />
<img src="/api/documents/{doc.id}/file?token={getAccessToken()}" alt={doc.title} class="max-w-full rounded" />
{:else if viewerType === 'synology'}
<div class="text-center py-10">
<p class="text-[var(--text-dim)] mb-4">Synology Office 문서</p>