Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/hxmz-axfn07/qr-printing-sfw/llms.txt

Use this file to discover all available pages before exploring further.

After a customer uploads documents with POST /api/orders, staff can view or download each file via the /files/:doc_id endpoint. The server looks up the document UUID in the database, resolves the stored filename in the uploads/ directory, and streams the binary content back with the correct MIME type and the original filename.

GET /files/:doc_id

GET /files/:doc_id
Requires admin authentication via X-Admin-Token header or ?token= query parameter.

Path Parameter

doc_id
string
required
The UUID of the document, taken from the id field of any entry in an order’s documents array. UUIDs are assigned at submission time and never change.

Response — 200 OK

Binary file content streamed directly from disk. The response headers are:
HeaderValue
Content-TypeOriginal MIME type detected at upload time, e.g. application/pdf, image/jpeg. Falls back to application/octet-stream if unknown.
Content-Dispositioninline; filename="<original_name>" — browsers open PDFs and images inline rather than forcing a download.
Content-LengthSize of the file in bytes.

Error Cases

StatusCondition
404 Not FoundNo document with doc_id exists in any order ({"error": "Not found"})
404 Not FoundDocument record exists in the database but the physical file is missing from uploads/
401 UnauthorizedMissing or invalid admin token ({"error": "Admin token required"})

URL Format Used by the Admin Dashboard

The admin dashboard (dashboard.js) constructs document links by appending the token as a query parameter so that clicking the link in a browser tab opens the file without needing a custom header: 
/files/<doc_id>?token=<admin_token>
This URL pattern is also safe to pass as an href in <a target="_blank"> tags since the browser automatically sends the URL including the query string.

Download Example

curl http://localhost:8000/files/<doc_id> \
  -H "X-Admin-Token: your-token" \
  -o downloaded.pdf
Or using the query-parameter form: 
curl "http://localhost:8000/files/<doc_id>?token=your-token" \
  -o downloaded.pdf
Document IDs are UUIDs generated at submission time and are not guessable — but the admin token is still required. Do not share file links publicly; they embed the admin token in the URL as a query parameter.
Files are stored on disk under the uploads/ directory using the naming convention <order_id>_<doc_id>.<ext> — for example 550e8400-..._doc-uuid.pdf. The /files/:doc_id endpoint resolves the correct stored filename from the database using the doc_id alone; you never need to construct the stored filename manually.

Build docs developers (and LLMs) love

Get started for freeTalk to us