chore: bump version

fix: allow unresolved page access during setup flow
- Remove premature auth redirect in unresolved.html fetchUnresolved() - Add /api/setup/ to middleware exempt paths - Unresolved page now loads without auth token (part of setup flow) - Only redirect to login on 401 (expired token) or when all folders resolved
2026-06-06 23:09:47 +02:00 · 2026-06-06 23:08:54 +02:00
4 changed files with 8 additions and 9 deletions
--- a/Docker/VERSION
+++ b/Docker/VERSION
@@ -1 +1 @@
-v1.4.9
+v1.4.10
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "aniworld-web",
-  "version": "1.4.9",
+  "version": "1.4.10",
  "description": "Aniworld Anime Download Manager - Web Frontend",
  "type": "module",
  "scripts": {
--- a/src/server/middleware/setup_redirect.py
+++ b/src/server/middleware/setup_redirect.py
@@ -37,6 +37,7 @@ class SetupRedirectMiddleware(BaseHTTPMiddleware):
        "/login",  # Login page (needs to be accessible after setup)
        "/queue",  # Queue page (for initial load)
        "/api/auth/",  # All auth endpoints (setup, login, logout, register)
+        "/api/setup/",  # Setup API (unresolved folders, etc.)
        "/ws/connect",  # WebSocket connection (needed for loading page)
        "/api/queue/",  # Queue API endpoints
        "/api/downloads/",  # Download API endpoints
--- a/src/server/web/templates/unresolved.html
+++ b/src/server/web/templates/unresolved.html
@@ -443,15 +443,13 @@

        // API client helpers
        async function fetchUnresolved() {
+            // Note: /api/setup/unresolved does not require auth
+            // It's accessible during the initial setup flow
            const token = localStorage.getItem('auth_token');
-            if (!token) {
-                window.location.href = '/login';
-                return null;
-            }
-            const res = await fetch('/api/setup/unresolved', {
-                headers: { 'Authorization': `Bearer ${token}` }
-            });
+            const headers = token ? { 'Authorization': `Bearer ${token}` } : {};
+            const res = await fetch('/api/setup/unresolved', { headers });
            if (res.status === 401) {
+                // Redirect to login only if we had a token but it expired
                localStorage.removeItem('auth_token');
                window.location.href = '/login';
                return null;