feat(); Criação do ProtectedStaticFiles que protege rotas de arquivos estaticos, agora solicita Token

actions/validations/staticFiles.py

@@ -0,0 +1,31 @@
+from fastapi import Request, HTTPException, status
+from fastapi.responses import FileResponse
+from fastapi.staticfiles import StaticFiles
+from actions.jwt.verify_token import VerifyToken
+import os
+
+
+class ProtectedStaticFiles(StaticFiles):
+    async def get_response(self, path, scope):
+        # Extrai o token do cabeçalho Authorization
+        headers = dict(scope["headers"])
+        auth_header = headers.get(b"authorization", b"").decode()
+
+        if not auth_header.startswith("Bearer "):
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED, detail="Token ausente"
+            )
+
+        token = auth_header.split("Bearer ")[1]
+
+        # Valida o token
+        verify = VerifyToken()
+        result = verify.execute(token)
+
+        if result["status"] != "valid":
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED, detail="Token inválido"
+            )
+
+        # Token válido → entrega o arquivo
+        return await super().get_response(path, scope)

main.py

@@ -16,6 +16,7 @@ from fastapi.middleware.cors import CORSMiddleware
 from fastapi.responses import Response
 from starlette.middleware.base import BaseHTTPMiddleware
 from actions.validations.hash import generate_storage_hash
+from actions.validations.staticFiles import ProtectedStaticFiles
 
 # Importa middleware de captura de erros junto ao banco de dados
 from middlewares.error_handler import database_error_handler
@@ -45,7 +46,7 @@ if not os.path.isdir(STORAGE_DIR):
 # Isso mapeia o caminho local STORAGE_DIR para o prefixo de URL '/storage-files'
 app.mount(
     "/" + generate_storage_hash(),  # <- ESTE É O PREFIXO DA URL PÚBLICA
-    StaticFiles(directory=STORAGE_DIR),
+    ProtectedStaticFiles(directory=STORAGE_DIR),
     name="storage_access",
 )