fix: /verify Endpoint für PW-Check ohne Auto-Download
This commit is contained in:
@@ -2951,23 +2951,13 @@ function PublicFileShare({ token }) {
|
||||
setFiles(d.files || []);
|
||||
setPhase('ready');
|
||||
} else {
|
||||
// Datei: erst PW testen via Download (streams bei Erfolg)
|
||||
const res = await fetch(BASE + '/download', {
|
||||
// Datei: nur PW prüfen via /verify (kein Download)
|
||||
const res = await fetch(BASE + '/verify', {
|
||||
method:'POST', headers:{'Content-Type':'application/json'},
|
||||
body: JSON.stringify({ password: pw }),
|
||||
});
|
||||
if (!res.ok) {
|
||||
const d = await res.json().catch(() => ({}));
|
||||
setErrMsg(d.error || 'Falsches Passwort');
|
||||
return;
|
||||
}
|
||||
// Korrekt → Download starten + Phase wechseln
|
||||
const blob = await res.blob();
|
||||
const objUrl = URL.createObjectURL(blob);
|
||||
const a = document.createElement('a');
|
||||
a.href = objUrl; a.download = info.file_name || 'download';
|
||||
document.body.appendChild(a); a.click(); document.body.removeChild(a);
|
||||
setTimeout(() => URL.revokeObjectURL(objUrl), 5000);
|
||||
const d = await res.json().catch(() => ({}));
|
||||
if (!res.ok) { setErrMsg(d.error || 'Falsches Passwort'); return; }
|
||||
setPassword(pw);
|
||||
setPhase('ready');
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user