LibreChat/api/server/middleware
Danny Avila 96367828e1
Some checks failed
Docker Dev Branch Images Build / build (Dockerfile, lc-dev, node) (push) Waiting to run
Docker Dev Branch Images Build / build (Dockerfile.multi, lc-dev-api, api-build) (push) Waiting to run
Docker Dev Images Build / build (Dockerfile, librechat-dev, node) (push) Has been cancelled
Docker Dev Images Build / build (Dockerfile.multi, librechat-dev-api, api-build) (push) Has been cancelled
GitNexus Index / index (push) Has been cancelled
Sync Locize Translations & Create Translation PR / Sync Translation Keys with Locize (push) Has been cancelled
Sync Helm Chart Tags / Ignore non-main push (push) Has been cancelled
Sync Helm Chart Tags / Sync chart tags (push) Has been cancelled
GitNexus Index / post-index (push) Has been cancelled
Sync Locize Translations & Create Translation PR / Create Translation PR on Version Published (push) Has been cancelled
🧷 fix: Align Agent File Attachment Ownership (#14149)
* fix: Align agent file attachment ownership

* fix: Harden agent file unlink validation

* test: Align file preview agent attachment access

* test: Add agent file ownership e2e regression
2026-07-07 16:23:48 -04:00
..
__tests__ ⚙️ perf: reduce first-load MongoDB round trips (#14101) 2026-07-06 09:36:34 -04:00
accessResources 🧷 fix: Align Agent File Attachment Ownership (#14149) 2026-07-07 16:23:48 -04:00
assistants ⚗️ feat: Agent Context Compaction/Summarization (#12287) 2026-03-21 14:28:56 -04:00
config ⚙️ perf: reduce first-load MongoDB round trips (#14101) 2026-07-06 09:36:34 -04:00
limiters 🪣 refactor: Rate-Limit Token Routes and Cap Remote File Downloads (#13978) 2026-06-26 12:19:03 -04:00
roles ⚗️ feat: Agent Context Compaction/Summarization (#12287) 2026-03-21 14:28:56 -04:00
spec 🧭 fix: Add Base Path Support for Login/Register and Image Paths (#10116) 2025-11-21 11:25:14 -05:00
validate 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
abortMiddleware.js 🛑 refactor: Demote User Abort Logs (#13904) 2026-06-23 09:55:21 -04:00
abortMiddleware.spec.js 🛑 refactor: Demote User Abort Logs (#13904) 2026-06-23 09:55:21 -04:00
abortRun.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
buildEndpointOption.js 🧾 fix: Harden Historical File Authorization (#13918) 2026-06-23 15:49:57 -04:00
buildEndpointOption.spec.js 🧾 fix: Harden Historical File Authorization (#13918) 2026-06-23 15:49:57 -04:00
canAccessSharedLink.js 🔗 feat: Add Granular Access Control to Shared Links via ACL System (#13051) 2026-06-03 14:17:17 -04:00
canDeleteAccount.js 📜 feat: Implement System Grants for Capability-Based Authorization (#11896) 2026-03-21 14:28:54 -04:00
canDeleteAccount.spec.js 📜 feat: Implement System Grants for Capability-Based Authorization (#11896) 2026-03-21 14:28:54 -04:00
checkBan.js ♾️ fix: Permanent Ban Cache and Expired Ban Cleanup Defects (#12324) 2026-03-20 12:47:51 -04:00
checkDomainAllowed.js ⚙️ perf: reduce first-load MongoDB round trips (#14101) 2026-07-06 09:36:34 -04:00
checkInviteUser.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
checkPeoplePickerAccess.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
checkPeoplePickerAccess.spec.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
checkSharePublicAccess.js 🗝️ fix: Enforce Skill Share Role Permission (#13062) 2026-05-11 09:39:58 -04:00
checkSharePublicAccess.spec.js 🗝️ fix: Enforce Skill Share Role Permission (#13062) 2026-05-11 09:39:58 -04:00
denyRequest.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
error.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
index.js ⚙️ perf: reduce first-load MongoDB round trips (#14101) 2026-07-06 09:36:34 -04:00
logHeaders.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
messageValidation.js ⚙️ perf: reduce first-load MongoDB round trips (#14101) 2026-07-06 09:36:34 -04:00
moderateText.js 🪝 feat: Human-in-the-Loop Runtime - Tool Approval + Ask-User-Question (Slice B) (#13942) 2026-06-29 16:56:41 -04:00
noIndex.js 🚫🔍 feat: disallow search indexing (#1409) 2023-12-29 20:42:04 -05:00
optionalJwtAuth.js 🔐 feat: Mint Code API Auth Tokens (#13028) 2026-05-09 16:09:10 -04:00
optionalShareFileAuth.js 🍪 fix: Validate Shared-File Cookie Auth Against the Live Refresh Session (#13908) 2026-06-23 08:32:28 -04:00
optionalShareFileAuth.spec.js 🍪 fix: Validate Shared-File Cookie Auth Against the Live Refresh Session (#13908) 2026-06-23 08:32:28 -04:00
requireJwtAuth.js 📈 fix: Isolate RUM Telemetry Proxy Auth from App Auth (#13765) 2026-06-15 12:49:44 -04:00
requireLdapAuth.js 🚀 feat(LDAP): Add Flexible Configuration Options (#3124) 2024-06-21 10:14:53 -04:00
requireLocalAuth.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
setHeaders.js feat(GPT/Anthropic): Continue Regenerating & Generation Buttons (#808) 2023-08-17 12:50:05 -04:00
setTwoFactorTempUser.js 🚦 fix: Guard Auth Continuation with Dedicated Limiter (#13555) 2026-06-06 14:21:28 -04:00
uaParser.js 🏦 refactor: Centralize Caching & Redis Key Prefixing (#8457) 2025-07-15 18:24:31 -04:00
validateImageRequest.js 🍪 refactor: Move OpenID Tokens from Cookies to Server-Side Sessions (#11236) 2026-01-06 15:22:10 -05:00
validateMessageReq.js ⚙️ perf: reduce first-load MongoDB round trips (#14101) 2026-07-06 09:36:34 -04:00
validateModel.js 🏗️ refactor: Remove Redundant Caching, Migrate Config Services to TypeScript (#12466) 2026-03-30 16:49:48 -04:00
validatePasswordReset.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
validateRegistration.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00