}) {
const { req, res, video, paramId } = options
- if (video.requiresAuth(paramId)) {
+ if (video.requiresAuth({ urlParamId: paramId, checkBlacklist: true })) {
return checkCanSeeAuthVideo(req, res, video)
}
res: Response
paramId: string
}) {
- const { video, req, res, paramId } = options
+ const { video, req, res } = options
if (res.locals.oauth?.token.User) {
return checkCanSeeVideo(options)
}
- if (!video.requiresAuth(paramId)) return true
-
const videoFileToken = req.query.videoFileToken
- if (!videoFileToken) {
- res.sendStatus(HttpStatusCode.FORBIDDEN_403)
- return false
- }
+ if (videoFileToken && VideoTokensManager.Instance.hasToken({ token: videoFileToken, videoUUID: video.uuid })) {
+ const user = VideoTokensManager.Instance.getUserFromToken({ token: videoFileToken })
- if (VideoTokensManager.Instance.hasToken({ token: videoFileToken, videoUUID: video.uuid })) {
+ res.locals.videoFileToken = { user }
return true
}
+ if (!video.hasPrivateStaticPath()) return true
+
res.sendStatus(HttpStatusCode.FORBIDDEN_403)
return false
}