22 lines
899 B
Python
22 lines
899 B
Python
from fastapi import APIRouter, Query, HTTPException
|
|
from fastapi.responses import FileResponse
|
|
from jose import jwt, JWTError
|
|
|
|
router = APIRouter(prefix="/view")
|
|
|
|
|
|
@router.get("/{file_id}/{filename}")
|
|
def visualizar_arquivo(file_id: str, filename: str, token: str = Query(...)):
|
|
"""Valida o token e retorna o arquivo se autorizado."""
|
|
try:
|
|
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
|
|
if payload["sub"] != file_id or payload["filename"] != filename:
|
|
raise HTTPException(status_code=403, detail="Token inválido.")
|
|
except JWTError:
|
|
raise HTTPException(status_code=401, detail="Token expirado ou inválido.")
|
|
|
|
file_path = f"files/{filename}"
|
|
try:
|
|
return FileResponse(file_path, media_type="application/pdf")
|
|
except FileNotFoundError:
|
|
raise HTTPException(status_code=404, detail="Arquivo não encontrado.")
|