From d53b2665d546e11f9502ea72703aaa241cbd4dcc Mon Sep 17 00:00:00 2001 From: Radek Davidek Date: Fri, 22 May 2026 18:34:34 +0200 Subject: [PATCH] fixed Apikey --- .../cz/kamma/fileshare/handlers/PublicDownload.java | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/main/java/cz/kamma/fileshare/handlers/PublicDownload.java b/src/main/java/cz/kamma/fileshare/handlers/PublicDownload.java index 16c6e8b..7376461 100644 --- a/src/main/java/cz/kamma/fileshare/handlers/PublicDownload.java +++ b/src/main/java/cz/kamma/fileshare/handlers/PublicDownload.java @@ -22,10 +22,14 @@ public class PublicDownload extends BaseHandler { String code = path.substring(lastSlash + 1); String filename = path.substring(3, lastSlash); + if (tryHandleApiKey(ex, filename, code)) { + return; + } + if (code.matches(OTP_PATTERN)) { handleOtp(ex, filename, code); } else { - handleApiKey(ex, filename, code); + writeError(ex, 404, "file not found"); } } @@ -63,7 +67,7 @@ public class PublicDownload extends BaseHandler { } } - void handleApiKey(Exchange ex, String filename, String apiKey) throws Exception { + boolean tryHandleApiKey(Exchange ex, String filename, String apiKey) throws Exception { String sql = "SELECT f.filename, f.mime_type, f.data FROM files f " + "JOIN accounts a ON f.account_id = a.id " + "WHERE f.filename = ? AND a.api_key = ? LIMIT 1"; @@ -73,14 +77,14 @@ public class PublicDownload extends BaseHandler { ps.setString(2, apiKey); try (ResultSet rs = ps.executeQuery()) { if (!rs.next()) { - writeError(ex, 404, "file not found"); - return; + return false; } String fname = rs.getString("filename"); String mimeType = rs.getString("mime_type"); byte[] data = rs.getBytes("data"); ex.writeDownload(200, mimeType, fname, new ByteArrayInputStream(data), data.length); + return true; } } }