From c96d53dc44926f15bffeb41f1ba4f2ef4fd94883 Mon Sep 17 00:00:00 2001
From: Jerry <JerryTech.Y@outlook.com>
Date: Tue, 29 Apr 2025 13:25:18 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0token=E9=AA=8C=E8=AF=81?=
 =?UTF-8?q?=E8=A7=84=E5=88=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

防止某些不怀好意的入调用
---
 .env                              |  1 +
 src/modules/bot/bot.controller.ts | 15 +++++++++++++--
 src/test/wsTestClient.ts          |  2 +-
 3 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/.env b/.env
index e6d4afa..7d3078d 100644
--- a/.env
+++ b/.env
@@ -4,3 +4,4 @@ RD_PORT=6379
 RD_ADD=127.0.0.1
 WS_SECRET=114514
 WS_PORT=4001
+TOKEN=54188
diff --git a/src/modules/bot/bot.controller.ts b/src/modules/bot/bot.controller.ts
index 79fd487..f01b4d1 100644
--- a/src/modules/bot/bot.controller.ts
+++ b/src/modules/bot/bot.controller.ts
@@ -1,6 +1,7 @@
 import express from 'express';
 import response from '../../utils/core/response';
 import BotService from './bot.service';
+import Config from '../../utils/core/config';
 
 class BotController {
   private readonly router: express.Router;
@@ -20,8 +21,18 @@ class BotController {
 
   private postBotsId = async (req: express.Request, res: express.Response): Promise<void> => {
     try {
-      const result = await BotService.getBotId();
-      await response.success(res, result);
+      const token = req.body.token;
+      if (token.toString() === Config.get('TOKEN').toString()) {
+        const result = await BotService.getBotId();
+        await response.success(res, result);
+      } else {
+        await response.error(
+          res,
+          'token验证失败..',
+          404,
+          `有个小可爱使用了错误的token:${JSON.stringify(token)}`
+        );
+      }
     } catch (err) {
       await response.error(res, `请求失败..`, 500, err);
     }
diff --git a/src/test/wsTestClient.ts b/src/test/wsTestClient.ts
index 9f1a46f..4b8450f 100644
--- a/src/test/wsTestClient.ts
+++ b/src/test/wsTestClient.ts
@@ -48,7 +48,7 @@ async function testGetAPI() {
 
 async function testPostAPI() {
   try {
-    const response = await axios.post('http://localhost:4000/api/bot/getBotId', {});
+    const response = await axios.post('http://localhost:4000/api/bot/getBotId', { token: 54188 });
     console.log('[HTTP][POST] Response:', response.data);
   } catch (err) {
     console.error('[HTTP][POST] Error:', err);