@muhgholy/next-drive 4.23.10 → 4.23.11

package/dist/{chunk-V75PCJHT.cjs → chunk-NDHVF2IB.cjs}

@@ -2186,7 +2186,7 @@ var withSignedUrls = (items, config) => {
 
 // src/server/actions/drive.ts
 var handleDriveAction = async (ctx) => {
-  const { req, res, action, config, owner, isRootMode, information, provider, accountId } = ctx;
+  const { req, res, action, config, owner, isRootMode, authenticated, information, provider, accountId } = ctx;
   switch (action) {
     case "list": {
       if (req.method !== "GET") return void res.status(405).json({ status: 405, message: "Listing files requires a GET request" });
@@ -2325,6 +2325,10 @@ var handleDriveAction = async (ctx) => {
             store.concurrent++;
           }
         } else {
+          if (!authenticated) {
+            cleanupTempFiles(files);
+            return void res.status(401).json({ status: 401, message: "Authentication required to upload" });
+          }
           if (fileType && config.security) {
             if (!validateMimeType(fileType, config.security.allowedMimeTypes)) {
               cleanupTempFiles(files);
@@ -2689,12 +2693,12 @@ var driveAPIHandler = async (req, res) => {
     if (action === "information") {
       const { clientId, clientSecret, redirectUri } = config.storage?.google || {};
       const googleConfigured = !!(clientId && clientSecret && redirectUri);
-      let authenticated = false;
+      let authenticated2 = false;
       try {
         await getDriveInformation({ method: "REQUEST", req });
-        authenticated = true;
+        authenticated2 = true;
       } catch {
-        authenticated = false;
+        authenticated2 = false;
       }
       res.status(200).json({
         status: 200,
@@ -2704,15 +2708,26 @@ var driveAPIHandler = async (req, res) => {
             google: googleConfigured
           },
           mode,
-          authenticated,
+          authenticated: authenticated2,
           unauthenticatedUploads: !!config.security?.unauthenticated?.enabled
         }
       });
       return;
     }
-    const information = await getDriveInformation({ method: "REQUEST", req });
-    const { key: owner } = information;
     const isRootMode = mode === "ROOT";
+    let information;
+    let authenticated = true;
+    try {
+      information = await getDriveInformation({ method: "REQUEST", req });
+    } catch (err) {
+      if ((action === "upload" || action === "cancel") && config.security?.unauthenticated?.enabled) {
+        information = { key: null, storage: { quotaInBytes: 0 } };
+        authenticated = false;
+      } else {
+        throw err;
+      }
+    }
+    const { key: owner } = information;
     const wasAuthHandled = await handleAuthAction(req, res, action, config, owner);
     if (wasAuthHandled) return;
     const { provider, accountId } = await resolveProvider(req, owner);
@@ -2723,6 +2738,7 @@ var driveAPIHandler = async (req, res) => {
       config,
       owner,
       isRootMode,
+      authenticated,
       information,
       provider,
       accountId
@@ -2751,5 +2767,5 @@ exports.driveUpload = driveUpload;
 exports.drive_default = drive_default;
 exports.getDriveConfig = getDriveConfig;
 exports.getDriveInformation = getDriveInformation;
-//# sourceMappingURL=chunk-V75PCJHT.cjs.map
-//# sourceMappingURL=chunk-V75PCJHT.cjs.map
+//# sourceMappingURL=chunk-NDHVF2IB.cjs.map
+//# sourceMappingURL=chunk-NDHVF2IB.cjs.map