cuishibing/myoss
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 添加管理员密码保护 bootstrap 接口

Browse Source
This commit is contained in:
Cuishibing
2026-04-26 10:53:16 +08:00
parent b2ed9002dd
commit e53a674bff
3 changed files with 18 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/routes/index.js
View File

@@ -22,16 +22,20 @@ const initModels = async () => {
initModels().catch(console.error);
router.post('/keys/bootstrap', async (req, res) => {
if (!models) return res.status(500).json({ error: 'Not initialized' });
const { APIKey } = models;
const { APIKey } = getModels();
const count = APIKey.count();
if (count > 0) {
return res.status(403).json({ error: 'Bootstrap not allowed' });
}
const { password, name } = req.body;
if (!config.admin.password || password !== config.admin.password) {
return res.status(401).json({ error: 'Invalid admin password' });
}
const key = CryptoJS.lib.WordArray.random(16).toString();
const name = req.body.name || 'Root';
const apiKey = APIKey.create({ key, name, ownerId: 0 });
const keyName = name || 'Root';
const apiKey = APIKey.create({ key, name: keyName, ownerId: 0 });
const dir = path.join(config.storage.filesDir, 'root');
if (!fs.existsSync(dir)) {