添加token验证规则

防止某些不怀好意的入调用
2025-07-04 14:49:19 +00:00 · 2025-04-29 13:25:18 +08:00 · 2025-04-29 13:25:18 +08:00 · c96d53dc44
commit c96d53dc44
parent 5e1911a2c3
3 changed files with 15 additions and 3 deletions
--- a/.env
+++ b/.env
@ -4,3 +4,4 @@ RD_PORT=6379
 RD_ADD=127.0.0.1
 WS_SECRET=114514
 WS_PORT=4001
 TOKEN=54188
--- a/src/modules/bot/bot.controller.ts
+++ b/src/modules/bot/bot.controller.ts
@ -1,6 +1,7 @@
 import express from 'express';
 import response from '../../utils/core/response';
 import BotService from './bot.service';
 import Config from '../../utils/core/config';
 class BotController {
  private readonly router: express.Router;
@ -20,8 +21,18 @@ class BotController {
  private postBotsId = async (req: express.Request, res: express.Response): Promise<void> => {
    try {
      const token = req.body.token;
      if (token.toString() === Config.get('TOKEN').toString()) {
        const result = await BotService.getBotId();
        await response.success(res, result);
      } else {
        await response.error(
          res,
          'token验证失败..',
          404,
          `有个小可爱使用了错误的token:${JSON.stringify(token)}`
        );
      }
    } catch (err) {
      await response.error(res, `请求失败..`, 500, err);
    }
--- a/src/test/wsTestClient.ts
+++ b/src/test/wsTestClient.ts
@ -48,7 +48,7 @@ async function testGetAPI() {
 async function testPostAPI() {
  try {
-    const response = await axios.post('http://localhost:4000/api/bot/getBotId', {});
+    const response = await axios.post('http://localhost:4000/api/bot/getBotId', { token: 54188 });
    console.log('[HTTP][POST] Response:', response.data);
  } catch (err) {
    console.error('[HTTP][POST] Error:', err);