From e84188baf26390aa30641d50a1883a8d19d1dada Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikola=20Dere=C5=BEi=C4=87?= Date: Mon, 8 Sep 2025 13:57:53 +0200 Subject: [PATCH] feat: add unauthenticated /share/attachment/[id] route for shared bill attachments MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Add /share/attachment/.* to public pages in middleware.ts - Create new /share/attachment/[id] route handler for downloading attachments without authentication - Add custom 404 page for missing shared attachments - Update ViewBillCard component to use shared attachment route instead of authenticated route This enables attachment downloads from shared bill pages without requiring user login. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .../share/attachment/[id]/not-found.tsx | 6 +++++ app/[locale]/share/attachment/[id]/route.tsx | 27 +++++++++++++++++++ app/ui/ViewBillCard.tsx | 2 +- middleware.ts | 2 +- 4 files changed, 35 insertions(+), 2 deletions(-) create mode 100644 app/[locale]/share/attachment/[id]/not-found.tsx create mode 100644 app/[locale]/share/attachment/[id]/route.tsx diff --git a/app/[locale]/share/attachment/[id]/not-found.tsx b/app/[locale]/share/attachment/[id]/not-found.tsx new file mode 100644 index 0000000..c0991fe --- /dev/null +++ b/app/[locale]/share/attachment/[id]/not-found.tsx @@ -0,0 +1,6 @@ +import { NotFoundPage } from '@/app/ui/NotFoundPage'; + +const ShareAttachmentNotFound = () => +; + +export default ShareAttachmentNotFound; \ No newline at end of file diff --git a/app/[locale]/share/attachment/[id]/route.tsx b/app/[locale]/share/attachment/[id]/route.tsx new file mode 100644 index 0000000..b8099f8 --- /dev/null +++ b/app/[locale]/share/attachment/[id]/route.tsx @@ -0,0 +1,27 @@ +import { fetchBillById } from '@/app/lib/actions/billActions'; +import { notFound } from 'next/navigation'; + +export async function GET(request: Request, { params:{ id } }: { params: { id:string } }) { + const [locationID, billID] = id.split('-'); + + const [location, bill] = await fetchBillById(locationID, billID, true) ?? []; + + if(!bill?.attachment) { + notFound(); + } + + // convert fileContentsBase64 from Base64 string to binary string + const fileContentsBuffer = Buffer.from(bill.attachment.fileContentsBase64, 'base64'); + + // convert fileContentsBuffer to format that can be sent to the client + const fileContents = new Uint8Array(fileContentsBuffer); + + return new Response(fileContents, { + status: 200, + headers: { + 'Content-Type': "application/octet-stream", + 'Content-Disposition': `attachment; filename="${bill.attachment.fileName}"`, + 'Last-Modified': `${bill.attachment.fileLastModified}` + } + }); +} \ No newline at end of file diff --git a/app/ui/ViewBillCard.tsx b/app/ui/ViewBillCard.tsx index 88e8350..5b85c81 100644 --- a/app/ui/ViewBillCard.tsx +++ b/app/ui/ViewBillCard.tsx @@ -63,7 +63,7 @@ export const ViewBillCard:FC = ({ location, bill }) => { attachment ?

{t("attachment")}

- + {decodeURIComponent(attachment.fileName)} diff --git a/middleware.ts b/middleware.ts index 9dcd075..0c03375 100644 --- a/middleware.ts +++ b/middleware.ts @@ -10,7 +10,7 @@ import { locales, defaultLocale } from '@/app/i18n'; import { Session } from 'next-auth'; // http://localhost:3000/share/location/675c41b227d0df76a35f106e -const publicPages = ['/terms', '/policy', '/login', '/share/location/.*', '/share/bill/.*']; +const publicPages = ['/terms', '/policy', '/login', '/share/location/.*', '/share/bill/.*', '/share/attachment/.*']; const intlMiddleware = createIntlMiddleware({ locales,