add token check

6 months ago · 3187dfc0ee
1 changed files with 22 additions and 3 deletions
--- a/router_loki.js
+++ b/router_loki.js
@ -7,23 +7,42 @@
				@@ -7,23 +7,42 @@
 const express = require('express');
 const { resolve } = require('node:path');
 const {default: common} = require('./common.js');
-
+const {default: defaultConfig, getCustomConfigs: getCustomConfigs} = require('./conf/config');

 const router = express.Router();

+let customConfig = null;

 //写入文件接口
 //@group - 分组，log文件名
 //其它所有参数均会写入log
-router.post('/save', (req, res) => {
+router.post('/save', async (req, res) => {
    let out = {code: 1};

+    //使用默认配置
+    let myConfig = defaultConfig;
+
+    //加载自定义配置
+    if (!customConfig) {
+        customConfig = await getCustomConfigs('./conf/custom_config.json');
+    }
+
+    //使用自定义配置
+    myConfig = customConfig;
+
    const group = req.body.group ? req.body.group : 'test';
+    const token = req.body.token ? req.body.token : '';
+
+    //参数检查
+    if (!token || token != myConfig.secret) {
+        return res.status(403).json({code:0, error: '403 Forbidden'});
+    }
+

    const logDir = '/var/log/loki/';    //日志保存目录
    const logFile = resolve(logDir, `${group}.log`);

-    const ignoreKeys = ['group', 'timestamp'];
+    const ignoreKeys = ['group', 'timestamp', 'token'];
    let params = common.copyBodyParams(req.body, ignoreKeys);
    params.timestamp = common.getTimestampInSeconds();