mirror of
https://github.com/Kareadita/Kavita.git
synced 2025-05-24 00:52:23 -04:00
eb7e2781c1
* Partially complete, got some code to validate your Role. Needs to be applied to all methods and made a filter. * Cleaned up the code on the backend to validate each call. The reason the RequireDownloadRole doesn't work is that the user still has the claim in their token so the simple validation isn't working. We need explicit checks. * Don't allow users to download files if they have lost the claim but not refreshed token. * Don't allow users to download files if they have lost the claim but not refreshed token.