merge: resolve conflicts with main

- Take main's router.go, rich-text-editor.tsx, comment-card.tsx - Remove deleted daemon_pairing.go - Keep issue mention card feature
2026-03-31 16:25:20 +08:00 · 2026-03-31 16:25:20 +08:00 · b8c784dda3
commit b8c784dda3
parent e16f1579a9 2c76a0b905
68 changed files with 2359 additions and 1139 deletions
--- a/server/internal/middleware/cloudfront.go
+++ b/server/internal/middleware/cloudfront.go
@ -0,0 +1,28 @@
+package middleware
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/multica-ai/multica/server/internal/auth"
+)
+
+// RefreshCloudFrontCookies is middleware that refreshes CloudFront signed cookies
+// on authenticated requests when the cookie is missing (expired or first request
+// after login). This prevents 403s from the CDN when cookies expire before the
+// user's session does.
+func RefreshCloudFrontCookies(signer *auth.CloudFrontSigner) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		if signer == nil {
+			return next
+		}
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			if _, err := r.Cookie("CloudFront-Policy"); err != nil {
+				for _, cookie := range signer.SignedCookies(time.Now().Add(72 * time.Hour)) {
+					http.SetCookie(w, cookie)
+				}
+			}
+			next.ServeHTTP(w, r)
+		})
+	}
+}