✨feat: Add conversation share#3308
Conversation
…istory # Conflicts: # deploy/sql/migrations/v2.2.1_0618_add_conversation_share_tables.sql # docker/init.sql
…istory # Conflicts: # frontend/app/[locale]/chat/components/chatAttachment.tsx # frontend/services/conversationService.ts
| @@ -0,0 +1,202 @@ | |||
| import logging | |||
There was a problem hiding this comment.
Missing Auth Check
get_conversation_share_endpoint, download_share_asset_endpoint, preview_share_asset_endpoint have NO authentication checks. Anyone with share_token can access conversations and download assets. Add rate limiting and optional password protection.
| @@ -0,0 +1,86 @@ | |||
| from datetime import datetime | |||
There was a problem hiding this comment.
Weak Share Token
Share token uses uuid.uuid4().hex + uuid.uuid4().hex[:16]. For public URLs granting file access, use secrets.token_urlsafe(32) for 256 bits of entropy.
| @@ -0,0 +1,86 @@ | |||
| from datetime import datetime | |||
There was a problem hiding this comment.
Asset ID Enumeration
get_share_asset_service validates share_token is active and asset_id exists but asset_ids use same uuid4 pattern. Attacker could enumerate asset_ids across shares.
| @@ -0,0 +1,202 @@ | |||
| import logging | |||
There was a problem hiding this comment.
Missing Expire Time Validation
CreateConversationShareRequest accepts expire_time without validation. User could set year 3000 creating permanent shares. Reject expire_time > 1 year and < now.
| @@ -0,0 +1,202 @@ | |||
| import logging | |||
There was a problem hiding this comment.
No Share Revocation Endpoint
revoke_conversation_share exists in DB layer but NO API endpoint calls it. Users cannot revoke shares. Add DELETE /share/{share_token} with auth check.
| @@ -0,0 +1,202 @@ | |||
| import logging | |||
There was a problem hiding this comment.
Missing Rate Limiting
create_conversation_share_endpoint has no rate limiting. Malicious user could create thousands of shares. Add per-user and per-conversation rate limits.
| @@ -0,0 +1,202 @@ | |||
| import logging | |||
There was a problem hiding this comment.
Snapshot Content Exposure
snapshot_json stores full conversation history returned to unauthenticated users. Ensure sensitive data (API keys, internal URLs, debug info) is filtered before storing.
3 participants
Uh oh!
There was an error while loading. Please reload this page.