summaryrefslogtreecommitdiff
path: root/app/routes
diff options
context:
space:
mode:
authoryyamashita <yyamashita@hetzner.yyamashita.com>2026-06-19 23:31:30 +0900
committeryyamashita <yyamashita@hetzner.yyamashita.com>2026-06-19 23:31:30 +0900
commitaf1f23466c46bf4cebc42ab1687552b1a4baafd5 (patch)
tree0ac6513263d33307d5f010d788fa9cba4fd84bb5 /app/routes
parentb5a24a1dcf5cdce6da925bb30d57b9f2a124f1dd (diff)
Separate API_TOKEN from REGISTER_TOKEN
REGISTER_TOKEN: passkey registration only API_TOKEN: POST /api/posts authentication Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Diffstat (limited to 'app/routes')
-rw-r--r--app/routes/api.posts.tsx2
1 files changed, 1 insertions, 1 deletions
diff --git a/app/routes/api.posts.tsx b/app/routes/api.posts.tsx
index 8ef7639..ea86365 100644
--- a/app/routes/api.posts.tsx
+++ b/app/routes/api.posts.tsx
@@ -14,7 +14,7 @@ export async function action({ request }: Route.ActionArgs) {
return Response.json({ error: "Method not allowed" }, { status: 405 });
}
- const token = process.env.REGISTER_TOKEN;
+ const token = process.env.API_TOKEN;
const auth = request.headers.get("Authorization") ?? "";
if (!token || auth !== `Bearer ${token}`) {
return Response.json({ error: "Unauthorized" }, { status: 401 });