security: restrict public access to only login and static assets

This commit is contained in:
2026-04-20 16:45:58 +02:00
parent a49fba220f
commit e6f8f6cdc0

View File

@@ -15,11 +15,7 @@ type AccessPolicy struct {
func NewAccessPolicy() AccessPolicy {
return AccessPolicy{
PublicPaths: map[string]struct{}{
"/": {},
"/login": {},
"/search": {},
"/api/search": {},
"/api/search-quick": {},
"/login": {},
},
PublicHeads: []string{
"/static/",