Northern_Lights/NapCatQQ
1
0
Fork 0
mirror of https://github.com/NapNeko/NapCatQQ.git synced 2026-02-13 00:10:27 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

fix: 移除 defaultToken 字段,彻底移除硬编码的默认密码,采用全随机密码

Browse Source
This commit is contained in:
时瑾
2025-09-12 18:50:21 +08:00
parent a05150ebe1
commit 8be7f74e9f
7 changed files with 28 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/webui/index.ts
View File

@@ -4,14 +4,14 @@
import express from 'express';
import { createServer } from 'http';
import { randomUUID, randomBytes } from 'node:crypto'
import { randomUUID } from 'node:crypto'
import { createServer as createHttpsServer } from 'https';
import { LogWrapper } from '@/common/log';
import { NapCatPathWrapper } from '@/common/path';
import { WebUiConfigWrapper } from '@webapi/helper/config';
import { ALLRouter } from '@webapi/router';
import { cors } from '@webapi/middleware/cors';
import { createUrl } from '@webapi/utils/url';
import { createUrl, getRandomToken } from '@webapi/utils/url';
import { sendError } from '@webapi/utils/response';
import { join } from 'node:path';
import { terminalManager } from '@webapi/terminal/terminal_manager';
@@ -90,9 +90,9 @@ export async function InitWebUi(logger: LogWrapper, pathWrapper: NapCatPathWrapp
let config = await WebUiConfig.GetWebUIConfig();
// 检查并更新默认密码 - 最高优先级
if (config.defaultToken || config.token === 'napcat' || !config.token) {
const randomToken = randomBytes(6).toString('hex');
await WebUiConfig.UpdateWebUIConfig({ token: randomToken, defaultToken: false });
if (config.token === 'napcat' || !config.token) {
const randomToken = getRandomToken(8);
await WebUiConfig.UpdateWebUIConfig({ token: randomToken });
logger.log(`[NapCat] [WebUi] 🔐 检测到默认密码,已自动更新为安全密码`);
// 存储token到全局变量等待QQ登录成功后发送