Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Add ACCESS_TOKEN authentication with frontend input #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add ACCESS_TOKEN authentication with frontend input #17

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,12 @@ CREATE TABLE IF NOT EXISTS logs (
```
8. 选择部署完成short项目,前往后台依次点击`设置`->`函数`->`D1 数据库绑定`->`编辑绑定`->变量名称填写:`DB` 命名空间 `选择你提前创建好的D1` 数据库绑定

9. 重新部署项目,完成。
9. (可选)如需启用访问令牌保护,前往`设置`->`环境变量`,添加环境变量:
- 变量名称:`ACCESS_TOKEN`
- 值:设置你的访问令牌(例如:`your-secret-token-here`)
- 如果设置了此环境变量,所有创建短链接的请求都需要在 Authorization 头中提供该令牌

10. 重新部署项目,完成。


### API
Expand All @@ -63,6 +68,9 @@ curl -X POST -H "Content-Type: application/json" -d '{"url":"https://131213.xyz"
# 指定slug
curl -X POST -H "Content-Type: application/json" -d '{"url":"https://131213.xyz","slug":"scxs"}' https://d.131213.xyz/create

# 使用访问令牌(如果服务器设置了 ACCESS_TOKEN 环境变量)
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer your-token-here" -d '{"url":"https://131213.xyz"}' https://d.131213.xyz/create

```


Expand Down
18 changes: 16 additions & 2 deletions functions/create.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ export async function onRequest(context) {
headers: {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'POST, OPTIONS',
'Access-Control-Allow-Headers': 'Content-Type',
'Access-Control-Allow-Headers': 'Content-Type, Authorization',
'Access-Control-Max-Age': '86400', // 24小时
},
});
Expand All @@ -49,9 +49,23 @@ export async function onRequest(context) {
const { url, slug } = await request.json();
const corsHeaders = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': 'Content-Type',
'Access-Control-Allow-Headers': 'Content-Type, Authorization',
'Access-Control-Max-Age': '86400', // 24 hours
};

// Check ACCESS_TOKEN if set
if (env.ACCESS_TOKEN) {
const authHeader = request.headers.get('Authorization');
const token = authHeader?.replace('Bearer ', '');

if (!token || token !== env.ACCESS_TOKEN) {
return Response.json({ message: 'Unauthorized: Invalid or missing access token.' }, {
headers: corsHeaders,
status: 401
});
}
}

if (!url) return Response.json({ message: 'Missing required parameter: url.' });

// url格式检查
Expand Down
10 changes: 9 additions & 1 deletion index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -213,6 +213,10 @@
<input placeholder="slug" x-model="slug" />
<small>Slug 默认是随机生成的短 id。</small>
</div>
<div>
<input placeholder="access token (可选)" x-model="token" type="password" />
<small>如果服务器设置了访问令牌,请在此输入。</small>
</div>
</details>
<button :class="{ loading }" :disabled="loading || isValidated()" @click="submit($refs, $nextTick)">生成</button>
</main>
Expand All @@ -224,6 +228,7 @@
const app = {
url: '',
slug: '',
token: '',
alert: null,
loading: false,
isValidated () {
Expand All @@ -246,9 +251,12 @@
const body = { url: this.url }
if (this.slug) body.slug = this.slug

const headers = { 'content-type': 'application/json' }
if (this.token) headers['Authorization'] = `Bearer ${this.token}`

fetch('/create', {
method: 'post',
headers: { 'content-type': 'application/json' },
headers: headers,
body: JSON.stringify(body)
})
.then(res => res.json())
Expand Down