From b14ee894926da97f534b8bf1383363ec85558d95 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Simon=20K=C3=BCnzel?= <simonk@fsmpi.rwth-aachen.de>
Date: Sun, 13 Apr 2025 19:46:37 +0200
Subject: [PATCH] Try fix internal auth check

---
 api/src/api/routes/resources.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/api/src/api/routes/resources.py b/api/src/api/routes/resources.py
index b1ccf29..1210dc9 100644
--- a/api/src/api/routes/resources.py
+++ b/api/src/api/routes/resources.py
@@ -86,7 +86,13 @@ def api_route_resource_internal_auth_check():
 
     medium_file = _check_access_medium_file(course_handle, medium_file_id)
     
-    if f"{url_result.scheme}://{url_result.netloc}{url_result.path}" != f"{_FILE_PATH_PREFIX}/{medium_file.file_path}":
-        raise ApiClientException(ERROR_UNAUTHORIZED)
+    given_url = f"{url_result.scheme}://{url_result.netloc}{url_result.path}"
+    expected_url = f"{_FILE_PATH_PREFIX}/{medium_file.file_path}"
+    if given_url != expected_url:
+        # TODO
+        print("URLS")
+        print(given_url)
+        print(expected_url)
+        raise ApiClientException(ERROR_BAD_REQUEST("Url does not match medium location"))
     
     return {}, HTTP_200_OK
-- 
GitLab