Secure file download

GET 
/b/utilities/secure-file/:token/

Download sensitive files using temporary authenticated tokens.

How it works:

1. Backend generates a UUID token when file download is requested
2. Token is stored in Redis with 15-minute TTL (configurable)
3. Client receives download URL with token
4. Client makes GET request with JWT authentication
5. Server validates token, checks authorization, and serves file

Token expiration: Tokens expire after 15 minutes (default). If you receive a 410 GONE response, refresh the resource to get a new download link.

File storage: Works with both S3 (returns redirect to presigned URL) and local storage (returns file with X-Sendfile header for Apache).

Authorization: Users can only download files they own, unless they are superusers.

Request

Responses

200

302

401

403

404

410