fix: /render Token als Query-Parameter statt Authorization-Header

This commit is contained in:
2026-06-12 16:18:34 +02:00
parent 5469a17a3f
commit 51dcaffe0e
2 changed files with 12 additions and 4 deletions

View File

@@ -41,9 +41,17 @@ function fetchHtml(url, redirects = 0) {
});
}
// ── GET /api/tools/paywallkiller/render?url=... ───────────────────────────
// ── GET /api/tools/paywallkiller/render?url=...&token=... ────────────────
// Holt archive.ph Seite, entfernt Banner + schreibt Links um → sauberes HTML
router.get('/render', authenticate, async (req, res) => {
// Token als Query-Parameter da der Endpoint direkt im Browser geöffnet wird
router.get('/render', (req, res, next) => {
const jwt = require('jsonwebtoken');
const SECRET = process.env.JWT_SECRET || 'dev-secret';
const token = req.query.token || (req.headers.authorization || '').replace('Bearer ', '');
if (!token) return res.status(401).send('Nicht eingeloggt');
try { req.user = jwt.verify(token, SECRET); next(); }
catch { return res.status(401).send('Token ungültig'); }
}, async (req, res) => {
const { url } = req.query;
if (!url) return res.status(400).send('url fehlt');