Security: Refactor cache headers, auth token validation & UI #782 #808

Signed-off-by: Michael Mayer <michael@photoprism.app>
2025-12-12 00:34:13 +01:00 · 2024-01-17 14:16:02 +01:00
parent 0c4cd8d1b9
commit 2912ac9464
21 changed files with 367 additions and 197 deletions
--- a/internal/api/session_get.go
+++ b/internal/api/session_get.go
@@ -19,9 +19,6 @@ import (
 // GET /api/v1/sessions/:id
 func GetSession(router *gin.RouterGroup) {
 	getSessionHandler := func(c *gin.Context) {
-		// Disable caching of responses.
-		c.Header(header.CacheControl, header.CacheControlNoStore)
-
 		// Prevent CDNs from caching this endpoint.
 		if header.IsCdn(c.Request) {
 			AbortNotFound(c)