[API?] How to programmatically download an attachment?

[bergziege]

Hi there,

i am currently trying to create a static side generator based on data I have in planka (v1).
I can successfully authenticate (api/access-tokens, bearer token ...) and access the API to get the lists, cards, attachment metadata and so on. But when I try to access an attachment URL I get a 401 error.

Any hints how to programmatically download attachments?

Cheers
Bernd

---- Some more info

• selfhosting planka with docker behind nginx proxy manager
• Using c# .net8 HttpClient
• The url the api gives me for the attachment is https://xxx/attachments/1672413130380018888/download/something.gpx
• multiple, subsequent calls to the api itself work just fine
• Id does not matter if I post an auth request directly before starting the download or not as the api call to get card data happens just before that and I am still authorized
• The planka container does not give me ANY log messages
• I do not see any calls to the backend when I trigger the download within the browser (firefox)

[meltyshev]

Hey! That's a good question. From what I can see in the code, authentication for non-API endpoints is handled via cookies, and the Authorization header is skipped (though ideally it shouldn't be).

In the upcoming final v2 release, there will be per-user API key management, so you'll be able to create an API key and pass it to the attachment URL using the X-Api-Key header. But for now, you can pass an access token via the accessToken cookie.