@muhgholy/next-drive 4.23.10 → 4.23.11

package/dist/{chunk-XUPDNN2U.js → chunk-26KZWPCF.js}

@@ -2173,7 +2173,7 @@ var withSignedUrls = (items, config) => {
 
 // src/server/actions/drive.ts
 var handleDriveAction = async (ctx) => {
-  const { req, res, action, config, owner, isRootMode, information, provider, accountId } = ctx;
+  const { req, res, action, config, owner, isRootMode, authenticated, information, provider, accountId } = ctx;
   switch (action) {
     case "list": {
       if (req.method !== "GET") return void res.status(405).json({ status: 405, message: "Listing files requires a GET request" });
@@ -2312,6 +2312,10 @@ var handleDriveAction = async (ctx) => {
             store.concurrent++;
           }
         } else {
+          if (!authenticated) {
+            cleanupTempFiles(files);
+            return void res.status(401).json({ status: 401, message: "Authentication required to upload" });
+          }
           if (fileType && config.security) {
             if (!validateMimeType(fileType, config.security.allowedMimeTypes)) {
               cleanupTempFiles(files);
@@ -2676,12 +2680,12 @@ var driveAPIHandler = async (req, res) => {
     if (action === "information") {
       const { clientId, clientSecret, redirectUri } = config.storage?.google || {};
       const googleConfigured = !!(clientId && clientSecret && redirectUri);
-      let authenticated = false;
+      let authenticated2 = false;
       try {
         await getDriveInformation({ method: "REQUEST", req });
-        authenticated = true;
+        authenticated2 = true;
       } catch {
-        authenticated = false;
+        authenticated2 = false;
       }
       res.status(200).json({
         status: 200,
@@ -2691,15 +2695,26 @@ var driveAPIHandler = async (req, res) => {
             google: googleConfigured
           },
           mode,
-          authenticated,
+          authenticated: authenticated2,
           unauthenticatedUploads: !!config.security?.unauthenticated?.enabled
         }
       });
       return;
     }
-    const information = await getDriveInformation({ method: "REQUEST", req });
-    const { key: owner } = information;
     const isRootMode = mode === "ROOT";
+    let information;
+    let authenticated = true;
+    try {
+      information = await getDriveInformation({ method: "REQUEST", req });
+    } catch (err) {
+      if ((action === "upload" || action === "cancel") && config.security?.unauthenticated?.enabled) {
+        information = { key: null, storage: { quotaInBytes: 0 } };
+        authenticated = false;
+      } else {
+        throw err;
+      }
+    }
+    const { key: owner } = information;
     const wasAuthHandled = await handleAuthAction(req, res, action, config, owner);
     if (wasAuthHandled) return;
     const { provider, accountId } = await resolveProvider(req, owner);
@@ -2710,6 +2725,7 @@ var driveAPIHandler = async (req, res) => {
       config,
       owner,
       isRootMode,
+      authenticated,
       information,
       provider,
       accountId
@@ -2722,5 +2738,5 @@ var driveAPIHandler = async (req, res) => {
 };
 
 export { driveAPIHandler, driveCleanup, driveConfiguration, driveConfirm, driveDelete, driveFilePath, driveFileSchemaZod, driveGetUrl, driveInfo, driveList, driveListFiles, drivePurgeExpired, driveReadFile, driveUpload, drive_default, getDriveConfig, getDriveInformation };
-//# sourceMappingURL=chunk-XUPDNN2U.js.map
-//# sourceMappingURL=chunk-XUPDNN2U.js.map
+//# sourceMappingURL=chunk-26KZWPCF.js.map
+//# sourceMappingURL=chunk-26KZWPCF.js.map