feat: 支持多个请求key

2025-05-23 19:17:41 +08:00 · 2024-02-06 21:54:10 +08:00 · 2024-02-06 21:54:10 +08:00 · 6ef26f864c
commit 6ef26f864c
parent 46a270f4f4
3 changed files with 5 additions and 5 deletions
--- a/common/config.py
+++ b/common/config.py
@ -124,7 +124,7 @@ default = {
            "enable": False,
            "_enable-desc": "是否开启请求key，开启后只有请求头中包含key，且值一样时可以访问API",
            "ban": True,
-            "value": "114514",
+            "values": ["114514"],
        },
        "whitelist_host": [
            "localhost",
--- a/common/lx_script.py
+++ b/common/lx_script.py
@ -68,7 +68,7 @@ async def get_script():
        logger.warning('请求源脚本内容失败')
 async def generate_script_response(request):
-    if (request.query.get('key') != config.read_config('security.key.value') and config.read_config('security.key.enable')):
+    if (request.query.get('key') not in config.read_config('security.key.values') and config.read_config('security.key.enable')):
        return {'code': 6, 'msg': 'key验证失败', 'data': None}, 403
    try:
        with open('./lx-music-source-example.js', 'r', encoding='utf-8') as f:
@ -83,13 +83,13 @@ async def generate_script_response(request):
        if (line.startswith('const API_URL')):
            newScriptLines.append(f'''const API_URL = "{'https' if config.read_config('common.ssl_info.is_https') else 'http'}://{request.host}"''')
        elif (line.startswith('const API_KEY')):
-            newScriptLines.append(f'const API_KEY = "{config.read_config("security.key.value")}"')
+            newScriptLines.append(f"""const API_KEY = `{request.query.get("key") if request.query.get("key") else ''''''}`""")
        elif (line.startswith("* @name")):
            newScriptLines.append(" * @name " + config.read_config("common.download_config.name"))
        elif (line.startswith("* @description")):
            newScriptLines.append(" * @description " + config.read_config("common.download_config.intro"))
        elif (line.startswith("* @author")):
-            newScriptLines.append((" * @author helloplhm-qwq & Folltoshe & " + config.read_config("common.download_config.author")) if config.read_config("common.download_config.author") else " * @author helloplhm-qwq & Folltoshe")
+            newScriptLines.append(" * @author " + config.read_config("common.download_config.author"))
        elif (line.startswith("* @version")):
            newScriptLines.append(" * @version " + config.read_config("common.download_config.version"))
        elif (line.startswith("const DEV_ENABLE ")):
--- a/main.py
+++ b/main.py
@ -126,7 +126,7 @@ async def handle(request):
    songId = request.match_info.get('songId')
    quality = request.match_info.get('quality')
    if (config.read_config("security.key.enable") and request.host.split(':')[0] not in config.read_config('security.whitelist_host')):
-        if (request.headers.get("X-Request-Key")) != config.read_config("security.key.value"):
+        if (request.headers.get("X-Request-Key")) not in config.read_config("security.key.values"):
            if (config.read_config("security.key.ban")):
                config.ban_ip(request.remote_addr)
            return handleResult({"code": 1, "msg": "key验证失败", "data": None}, 403)