From 466eb7506744021c37afcaa97e8a5c5b3b3aeadd Mon Sep 17 00:00:00 2001
From: Jerry <JerryTech.Y@outlook.com>
Date: Tue, 13 May 2025 13:42:17 +0800
Subject: [PATCH] =?UTF-8?q?=E4=B8=8A=E4=BC=A0=E6=96=87=E4=BB=B6=E9=9C=80?=
 =?UTF-8?q?=E8=A6=81token=E8=AE=A4=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/modules/public/file.controller.ts | 38 ++++++++++++++++-----------
 1 file changed, 22 insertions(+), 16 deletions(-)

diff --git a/src/modules/public/file.controller.ts b/src/modules/public/file.controller.ts
index 5cbbdcf..5a1bba3 100644
--- a/src/modules/public/file.controller.ts
+++ b/src/modules/public/file.controller.ts
@@ -4,6 +4,7 @@ import logger from '../../utils/core/logger';
 import response from '../../utils/core/response';
 import paths from '../../utils/core/path';
 import multer from 'multer';
+import tools from '../../utils/modules/tools';
 
 const uploadDir = paths.get('uploads');
 const upload = multer({
@@ -78,23 +79,28 @@ class FileController {
    */
   private handleUploadFile = async (req: express.Request, res: express.Response): Promise<void> => {
     try {
-      if (!req.file) {
-        await response.error(res, `未检测到上传文件`, 400);
-        return;
-      }
+      const token = req.body.token;
+      if (tools.checkToken(token.toString())) {
+        if (!req.file) {
+          await response.error(res, `未检测到上传文件`, 400);
+          return;
+        }
 
-      const uploadDir = req.query.dir?.toString() || '';
-      const deleteAfter = parseInt(req.query.expire as string) || 10 * 60;
-      const { fullPath, relativePath } = await this.FileService.saveUploadedFile(
-        req.file,
-        uploadDir
-      );
-      await this.FileService.scheduleDelete(fullPath, deleteAfter * 1000);
-      await response.success(res, {
-        message: '文件上传成功..',
-        filePath: fullPath,
-        url: relativePath,
-      });
+        const uploadDir = req.query.dir?.toString() || '';
+        const deleteAfter = parseInt(req.query.expire as string) || 10 * 60;
+        const { fullPath, relativePath } = await this.FileService.saveUploadedFile(
+          req.file,
+          uploadDir
+        );
+        await this.FileService.scheduleDelete(fullPath, deleteAfter * 1000);
+        await response.success(res, {
+          message: '文件上传成功..',
+          filePath: fullPath,
+          url: relativePath,
+        });
+      } else {
+        await tools.tokenCheckFailed(res, token);
+      }
     } catch (e) {
       await response.error(res, `文件上传失败..`, 500);
       logger.error(e);