fix: PW-Verify bei Datei-Download (Binary statt JSON), Datum+Uhrzeit

This commit is contained in:
2026-06-13 13:13:06 +02:00
parent 617946893f
commit e6f5189448

View File

@@ -2932,17 +2932,42 @@ function PublicFileShare({ token }) {
async function handlePw() { async function handlePw() {
if (!pw.trim()) return; if (!pw.trim()) return;
const url = BASE + (info?.is_folder ? '/folder' : '/download'); setErrMsg('');
const res = await fetch(url, {
if (info?.is_folder) {
// Ordner: JSON-Response mit Dateiliste
const res = await fetch(BASE + '/folder', {
method:'POST', headers:{'Content-Type':'application/json'}, method:'POST', headers:{'Content-Type':'application/json'},
body: JSON.stringify({ password: pw }), body: JSON.stringify({ password: pw }),
}); });
const d = await res.json(); const d = await res.json();
if (!res.ok) { setErrMsg(d.error || 'Falsches Passwort'); return; } if (!res.ok) { setErrMsg(d.error || 'Falsches Passwort'); return; }
setPassword(pw); setPassword(pw);
setErrMsg(''); setFiles(d.files || []);
if (info?.is_folder) { setFiles(d.files || []); setPhase('ready'); } setPhase('ready');
else { setPhase('ready'); } } else {
// Datei: erst Passwort verifizieren, dann Phase wechseln
// Download-Endpoint streamt direkt → wir prüfen Content-Type
const res = await fetch(BASE + '/download', {
method:'POST', headers:{'Content-Type':'application/json'},
body: JSON.stringify({ password: pw }),
});
if (!res.ok) {
const d = await res.json().catch(() => ({}));
setErrMsg(d.error || 'Falsches Passwort');
return;
}
// Passwort korrekt → direkt Download starten
setPassword(pw);
const blob = await res.blob();
const objUrl = URL.createObjectURL(blob);
const a = document.createElement('a');
a.href = objUrl;
a.download = info.file_name || 'download';
document.body.appendChild(a); a.click(); document.body.removeChild(a);
setTimeout(() => URL.revokeObjectURL(objUrl), 5000);
setPhase('ready');
}
} }
async function downloadFile(fileId, fileName) { async function downloadFile(fileId, fileName) {
@@ -2983,7 +3008,7 @@ function PublicFileShare({ token }) {
{info?.folder_name || info?.file_name || info?.label || 'Öffentlicher Link'} {info?.folder_name || info?.file_name || info?.label || 'Öffentlicher Link'}
{info?.expires_at && ( {info?.expires_at && (
<span style={{marginLeft:8}}> <span style={{marginLeft:8}}>
· Gültig bis {new Date(info.expires_at*1000).toLocaleDateString('de-DE')} · Gültig bis {new Date(info.expires_at*1000).toLocaleDateString('de-DE', {day:'2-digit',month:'2-digit',year:'numeric'})} {new Date(info.expires_at*1000).toLocaleTimeString('de-DE', {hour:'2-digit',minute:'2-digit'})} Uhr
</span> </span>
)} )}
</div> </div>
@@ -3010,9 +3035,12 @@ function PublicFileShare({ token }) {
<div style={{color:'rgba(255,255,255,0.4)',fontFamily:'monospace',fontSize:11}}>{fmtSize(info.file_size)}</div> <div style={{color:'rgba(255,255,255,0.4)',fontFamily:'monospace',fontSize:11}}>{fmtSize(info.file_size)}</div>
</div> </div>
</div> </div>
<div style={{color:'rgba(74,222,128,0.8)',fontFamily:'monospace',fontSize:12,marginBottom:10,textAlign:'center'}}>
Download gestartet
</div>
<button onClick={() => downloadFile(null, info.file_name)} disabled={dlLoading==='single'} <button onClick={() => downloadFile(null, info.file_name)} disabled={dlLoading==='single'}
style={S2.btn('#4ade80')}> style={S2.btn('#4ade80')}>
{dlLoading==='single' ? '⏳ Lädt...' : '⬇ Datei herunterladen'} {dlLoading==='single' ? '⏳ Lädt...' : '⬇ Erneut herunterladen'}
</button> </button>
</> </>
)} )}