Northern_Lights/NapCatQQ
1
0
Fork 0
mirror of https://github.com/NapNeko/NapCatQQ.git synced 2026-02-11 23:40:24 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

feat: 安全性提升

Browse Source
This commit is contained in:
手瓜一十雪
2025-09-06 11:23:09 +08:00
parent a0ef738bcf
commit 53a83b9b60
3 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/webui/src/api/Auth.ts
View File

@@ -10,7 +10,7 @@ import { isEmpty } from '@webapi/utils/check';
// 检查是否使用默认Token
export const CheckDefaultTokenHandler: RequestHandler = async (_, res) => {
const webuiToken = await WebUiConfig.GetWebUIConfig();
if (webuiToken.token === 'napcat') {
if (webuiToken.token.startsWith('napcat')) {
return sendSuccess(res, true);
}
return sendSuccess(res, false);

4
src/webui/src/api/Log.ts
View File

@@ -47,8 +47,8 @@ export const CreateTerminalHandler: RequestHandler = async (req, res) => {
if (isMacOS) {
return sendError(res, 'MacOS不支持终端');
}
if ((await WebUiConfig.GetWebUIConfig()).token === 'napcat') {
return sendError(res, '默认密码禁止创建终端');
if ((await WebUiConfig.GetWebUIConfig()).token.startsWith('napcat')) {
return sendError(res, '密码禁止创建终端');
}
try {
const { cols, rows } = req.body;