Enhancement: Add download restrictions for uploaded image files

[ykare]

What features would you like to see added?

Currently, image files uploaded to LibreChat can be downloaded by unauthenticated users through the /images endpoint.
I would like to request the following restrictions to be added:

1. Only authenticated users should be able to download image files.
2. Users should only be able to download image files that they have uploaded themselves.

I have already implemented and verified the restriction to allow only authenticated users to download images in my local environment.

More details

By imposing restrictions on downloading image files, I believe there will be the following benefits:

• User privacy will be protected.
• The spread of inappropriate images can be prevented.
• Server load can be reduced.

Moreover, I consider this feature addition to be important for enhancing the security of LibreChat. Currently, even unauthenticated users can access image files, which poses a risk of misuse by malicious users.
By placing restrictions on downloading image files, such security risks can be mitigated.

Technically, I believe this would involve adding a process to verify the authentication status and the uploader of the requesting user when downloading image files.

Please consider this request. Thank you.

Which components are impacted by your request?

UI, Endpoints

Pictures

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

[danny-avila]

Note: several users wit intranet solutions that don't use HTTPS reported issues with images loading after locking them down. for this reason, I'm making lcoal image security via URL optional via config file: #2415

See docs: https://docs.librechat.ai/install/configuration/custom_config.html#config-structure