/uploads/files/ and /uploads/photos/ now require a valid Bearer token. Covers and avatars remain public (needed for shared pages and profiles). Prevents unauthenticated access to uploaded documents and trip photos. |
||
|---|---|---|
| .. | ||
| src | ||
| .env.example | ||
| package-lock.json | ||
| package.json | ||
| reset-admin.js | ||
| tsconfig.json | ||