mirror of
https://github.com/penpot/penpot.git
synced 2026-05-20 07:23:42 +00:00
ff23f786b4
- Add ::setup/props and ::db/pool to :app.http.assets/routes config so session renewal works correctly for asset requests. - Add actoken/authz middleware to the assets middleware chain so access tokens are properly recognized. - Add authenticated? helper that checks both ::session/profile-id and ::actoken/profile-id, fixing 401 errors when accessing protected assets with a valid access token. - Add comprehensive test suite for assets auth scenarios. Closes #9677 Signed-off-by: Andrey Antukh <niwi@niwi.nz>