Mirrors/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-12-28 13:05:26 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: Invalidate Expired Shared Links (#5065)

Browse Source
This commit is contained in:
Michael Genson
2025-02-25 07:01:32 -06:00
committed by GitHub
parent a2c6b3f69b
commit df8dd3fe4a
8 changed files with 128 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
mealie/routes/recipe/shared_routes.py
View File

@@ -2,6 +2,7 @@ from fastapi import APIRouter, Depends, HTTPException
from pydantic import UUID4
from sqlalchemy.orm.session import Session
from mealie.core.root_logger import get_logger
from mealie.db.db_setup import generate_session
from mealie.repos.all_repositories import get_repositories
from mealie.schema.recipe import Recipe
@@ -9,12 +10,22 @@ from mealie.schema.response import ErrorResponse
router = APIRouter()
logger = get_logger()
@router.get("/shared/{token_id}", response_model=Recipe)
def get_shared_recipe(token_id: UUID4, session: Session = Depends(generate_session)):
db = get_repositories(session, group_id=None, household_id=None)
token_summary = db.recipe_share_tokens.get_one(token_id)
if token_summary and token_summary.is_expired:
try:
db.recipe_share_tokens.delete(token_id)
session.commit()
except Exception:
logger.exception(f"Failed to delete expired token {token_id}")
session.rollback()
token_summary = None
if token_summary is None:
raise HTTPException(status_code=404, detail=ErrorResponse.respond("Token Not Found"))

4
mealie/routes/shared/__init__.py
View File

@@ -3,6 +3,7 @@ from functools import cached_property
from fastapi import HTTPException
from pydantic import UUID4
from mealie.repos.all_repositories import get_repositories
from mealie.routes._base import BaseUserController, controller
from mealie.routes._base.mixins import HttpRepo
from mealie.routes._base.routers import UserAPIRouter
@@ -32,7 +33,8 @@ class RecipeSharedController(BaseUserController):
@router.post("", response_model=RecipeShareToken, status_code=201)
def create_one(self, data: RecipeShareTokenCreate) -> RecipeShareToken:
# check if recipe group id is the same as the user group id
recipe = self.repos.recipes.get_one(data.recipe_id, "id")
group_repos = get_repositories(self.repos.session, group_id=self.group_id, household_id=None)
recipe = group_repos.recipes.get_one(data.recipe_id, "id")
if recipe is None or recipe.group_id != self.group_id:
raise HTTPException(status_code=404, detail="Recipe not found in your group")