Greg/MyFavStuff3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement secure Express API server for markdown content management

Browse Source
This commit is contained in:
greg 2025-05-24 09:22:07 +02:00
parent 165c473915
commit 321cbe8789
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/api/server.js
View File

@ -22,6 +22,8 @@ app.use(cors());
app.use(bodyParser.json({ limit: '1mb' })); // Added body parser size limit app.use(bodyParser.json({ limit: '1mb' })); // Added body parser size limit
// Basic authentication - only if credentials are set // Basic authentication - only if credentials are set
// Commenting out API-level Basic Auth as Caddy reverse proxy will handle it.
/*
if (USERNAME && PASSWORD) { if (USERNAME && PASSWORD) {
app.use(basicAuth({ app.use(basicAuth({
users: { [USERNAME]: PASSWORD }, users: { [USERNAME]: PASSWORD },
@ -35,6 +37,7 @@ if (USERNAME && PASSWORD) {
// A better approach for production would be to throw an error and exit: // A better approach for production would be to throw an error and exit:
// throw new Error('Admin credentials not configured'); // throw new Error('Admin credentials not configured');
} }
*/
// Helper function for filename validation and path construction // Helper function for filename validation and path construction
function getSafeFilePath(filename) { function getSafeFilePath(filename) {