From 3187dfc0eed6f31be2221bcb9b85448187ca506d Mon Sep 17 00:00:00 2001
From: filesite <release@filesite.io>
Date: Wed, 5 Jun 2024 07:38:35 +0800
Subject: [PATCH] add token check

---
 router_loki.js | 25 ++++++++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)

diff --git a/router_loki.js b/router_loki.js
index cca5ace..57a0260 100644
--- a/router_loki.js
+++ b/router_loki.js
@@ -7,23 +7,42 @@
 const express = require('express');
 const { resolve } = require('node:path');
 const {default: common} = require('./common.js');
-
+const {default: defaultConfig, getCustomConfigs: getCustomConfigs} = require('./conf/config');
 
 const router = express.Router();
 
+let customConfig = null;
 
 //写入文件接口
 //@group - 分组，log文件名
 //其它所有参数均会写入log
-router.post('/save', (req, res) => {
+router.post('/save', async (req, res) => {
     let out = {code: 1};
 
+    //使用默认配置
+    let myConfig = defaultConfig;
+
+    //加载自定义配置
+    if (!customConfig) {
+        customConfig = await getCustomConfigs('./conf/custom_config.json');
+    }
+
+    //使用自定义配置
+    myConfig = customConfig;
+
     const group = req.body.group ? req.body.group : 'test';
+    const token = req.body.token ? req.body.token : '';
+
+    //参数检查
+    if (!token || token != myConfig.secret) {
+        return res.status(403).json({code:0, error: '403 Forbidden'});
+    }
+
 
     const logDir = '/var/log/loki/';    //日志保存目录
     const logFile = resolve(logDir, `${group}.log`);
 
-    const ignoreKeys = ['group', 'timestamp'];
+    const ignoreKeys = ['group', 'timestamp', 'token'];
     let params = common.copyBodyParams(req.body, ignoreKeys);
     params.timestamp = common.getTimestampInSeconds();