Sign media URLs to avoid becoming an open proxy

Signatures are valid for ~1 week.

app/templates.py

@@ -60,12 +60,7 @@ def _filter_domain(text: str) -> str:
 def _media_proxy_url(url: str | None) -> str:
     if not url:
         return BASE_URL + "/static/nopic.png"
-
-    if url.startswith(BASE_URL):
-        return url
-
-    encoded_url = base64.urlsafe_b64encode(url.encode()).decode()
-    return BASE_URL + f"/proxy/media/{encoded_url}"
+    return proxied_media_url(url)
 
 
 def is_current_user_admin(request: Request) -> bool: