🚀 feat: Add Option to Disable Shared Links (#2986)

* feat: add option to disable shared links * chore: update languages --------- Co-authored-by: Danny Avila <danny@librechat.ai>
2026-01-17 07:55:32 +01:00 · 2024-06-15 08:12:03 -07:00 · 2024-06-15 08:12:03 -07:00 · 8d8b17e7ed
commit 8d8b17e7ed
parent 04502e9525
26 changed files with 618 additions and 467 deletions
--- a/api/server/routes/config.js
+++ b/api/server/routes/config.js
@ -8,6 +8,14 @@ const emailLoginEnabled =
  process.env.ALLOW_EMAIL_LOGIN === undefined || isEnabled(process.env.ALLOW_EMAIL_LOGIN);
 const passwordResetEnabled = isEnabled(process.env.ALLOW_PASSWORD_RESET);

+const sharedLinksEnabled =
+  process.env.ALLOW_SHARED_LINKS === undefined || isEnabled(process.env.ALLOW_SHARED_LINKS);
+
+const publicSharedLinksEnabled =
+  sharedLinksEnabled &&
+  (process.env.ALLOW_SHARED_LINKS_PUBLIC === undefined ||
+    isEnabled(process.env.ALLOW_SHARED_LINKS_PUBLIC));
+
 router.get('/', async function (req, res) {
  const isBirthday = () => {
    const today = new Date();
@ -52,6 +60,8 @@ router.get('/', async function (req, res) {
      helpAndFaqURL: process.env.HELP_AND_FAQ_URL || 'https://librechat.ai',
      interface: req.app.locals.interfaceConfig,
      modelSpecs: req.app.locals.modelSpecs,
+      sharedLinksEnabled,
+      publicSharedLinksEnabled,
      analyticsGtmId: process.env.ANALYTICS_GTM_ID,
    };

--- a/api/server/routes/share.js
+++ b/api/server/routes/share.js
@ -8,21 +8,33 @@ const {
  deleteSharedLink,
 } = require('~/models/Share');
 const requireJwtAuth = require('~/server/middleware/requireJwtAuth');
+const { isEnabled } = require('~/server/utils');
 const router = express.Router();

 /**
 * Shared messages
- * this route does not require authentication
 */
-router.get('/:shareId', async (req, res) => {
-  const share = await getSharedMessages(req.params.shareId);
+const allowSharedLinks =
+  process.env.ALLOW_SHARED_LINKS === undefined || isEnabled(process.env.ALLOW_SHARED_LINKS);

-  if (share) {
-    res.status(200).json(share);
-  } else {
-    res.status(404).end();
-  }
-});
+if (allowSharedLinks) {
+  const allowSharedLinksPublic =
+    process.env.ALLOW_SHARED_LINKS_PUBLIC === undefined ||
+    isEnabled(process.env.ALLOW_SHARED_LINKS_PUBLIC);
+  router.get(
+    '/:shareId',
+    allowSharedLinksPublic ? (req, res, next) => next() : requireJwtAuth,
+    async (req, res) => {
+      const share = await getSharedMessages(req.params.shareId);
+
+      if (share) {
+        res.status(200).json(share);
+      } else {
+        res.status(404).end();
+      }
+    },
+  );
+}

 /**
 * Shared links