🔖 Update to v1.2.31

support empty secret key
This commit is contained in:
xtaodada 2023-02-01 00:46:26 +08:00
parent 29ae48d1ae
commit 5a49bec540
Signed by: xtaodada
GPG Key ID: 4CBB3F4FA8C85659
6 changed files with 23 additions and 7 deletions

View File

@ -22,6 +22,7 @@ web_interface:
secret_key: "RANDOM_STRING_HERE" secret_key: "RANDOM_STRING_HERE"
host: "127.0.0.1" host: "127.0.0.1"
port: "3333" port: "3333"
origins: ["*"]
# Locale settings # Locale settings
application_language: "zh-cn" application_language: "zh-cn"

View File

@ -12,7 +12,7 @@ from pagermaid.scheduler import scheduler
import pyromod.listen import pyromod.listen
from pyrogram import Client from pyrogram import Client
pgm_version = "1.2.30" pgm_version = "1.2.31"
CMD_LIST = {} CMD_LIST = {}
module_dir = __path__[0] module_dir = __path__[0]
working_dir = getcwd() working_dir = getcwd()

View File

@ -103,6 +103,7 @@ class Config:
WEB_SECRET_KEY = os.environ.get("WEB_SECRET_KEY", web_interface.get("secret_key", "secret_key")) WEB_SECRET_KEY = os.environ.get("WEB_SECRET_KEY", web_interface.get("secret_key", "secret_key"))
WEB_HOST = os.environ.get("WEB_HOST", web_interface.get("host", "127.0.0.1")) WEB_HOST = os.environ.get("WEB_HOST", web_interface.get("host", "127.0.0.1"))
WEB_PORT = int(os.environ.get("WEB_PORT", web_interface.get("port", 3333))) WEB_PORT = int(os.environ.get("WEB_PORT", web_interface.get("port", 3333)))
WEB_ORIGINS = web_interface.get("origins", ["*"])
except ValueError as e: except ValueError as e:
print(e) print(e)
sys.exit(1) sys.exit(1)

View File

@ -1,3 +1,4 @@
from pagermaid import logs
from pagermaid.config import Config from pagermaid.config import Config
from pagermaid.hook import Hook from pagermaid.hook import Hook
from pagermaid.services import bot from pagermaid.services import bot
@ -7,6 +8,8 @@ from pagermaid.services import bot
async def init_web(): async def init_web():
if not Config.WEB_ENABLE: if not Config.WEB_ENABLE:
return return
if not Config.WEB_SECRET_KEY:
logs.warn("未设置 WEB_SECRET_KEY ,请勿将 PagerMaid-Pyro 暴露在公网")
import uvicorn import uvicorn
from pagermaid.web import app, init_web from pagermaid.web import app, init_web

View File

@ -1,9 +1,11 @@
from fastapi import FastAPI from fastapi import FastAPI
from fastapi.responses import HTMLResponse from fastapi.responses import HTMLResponse
from starlette.middleware.cors import CORSMiddleware
from starlette.responses import RedirectResponse from starlette.responses import RedirectResponse
from .api import base_api_router from pagermaid.config import Config
from .pages import admin_app, login_page from pagermaid.web.api import base_api_router
from pagermaid.web.pages import admin_app, login_page
requestAdaptor = ''' requestAdaptor = '''
requestAdaptor(api) { requestAdaptor(api) {
@ -29,6 +31,14 @@ app: FastAPI = FastAPI()
def init_web(): def init_web():
app.include_router(base_api_router) app.include_router(base_api_router)
app.add_middleware(
CORSMiddleware,
allow_origins=Config.WEB_ORIGINS,
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"]
)
@app.get('/', response_class=RedirectResponse) @app.get('/', response_class=RedirectResponse)
async def index(): async def index():
return '/admin' return '/admin'

View File

@ -12,10 +12,11 @@ TOKEN_EXPIRE_MINUTES = 30
def authentication(): def authentication():
def inner(token: Optional[str] = Header(...)): def inner(token: Optional[str] = Header(...)):
try: if Config.WEB_SECRET_KEY:
jwt.decode(token, Config.WEB_SECRET_KEY, algorithms=ALGORITHM) try:
except (jwt.JWTError, jwt.ExpiredSignatureError, AttributeError): jwt.decode(token, Config.WEB_SECRET_KEY, algorithms=ALGORITHM)
raise HTTPException(status_code=400, detail='登录验证失败或已失效,请重新登录') except (jwt.JWTError, jwt.ExpiredSignatureError, AttributeError):
raise HTTPException(status_code=400, detail='登录验证失败或已失效,请重新登录')
return Depends(inner) return Depends(inner)