+async function checkCanAccessVideoStaticFiles (options: {
+ video: MVideo
+ req: Request
+ res: Response
+ paramId: string
+}) {
+ const { video, req, res } = options
+
+ if (res.locals.oauth?.token.User) {
+ return checkCanSeeVideo(options)
+ }
+
+ if (!video.hasPrivateStaticPath()) return true
+
+ const videoFileToken = req.query.videoFileToken
+ if (!videoFileToken) {
+ res.sendStatus(HttpStatusCode.FORBIDDEN_403)
+ return false
+ }
+
+ if (VideoTokensManager.Instance.hasToken({ token: videoFileToken, videoUUID: video.uuid })) {
+ return true
+ }
+
+ res.sendStatus(HttpStatusCode.FORBIDDEN_403)
+ return false
+}
+
+// ---------------------------------------------------------------------------
+