Update main.py

main.py

@@ -6,17 +6,27 @@ import json
 import base64
 from io import BytesIO
 from datetime import datetime
-import logging
+import hashlib
+import time
 
-# 配置日志记录器
-logging.basicConfig(
-    level=logging.INFO,  # 设置日志级别为INFO
-    format="%(asctime)s - %(name)s - %(levelname)s - %(message)s",  # 定义日志格式
-)
 
-# 获取 FastAPI 应用日志记录器
-logger = logging.getLogger("fastapi")
-app = FastAPI()
+async def verify_internal_token(request: Request):
+    auth_key = request.query_params.get("auth_key")
+    if not auth_key:
+        raise HTTPException(status_code=403, detail="Forbidden")
+    timestamp = int(time.time())
+    timestampStr,rand,uid,hashStr = auth_key.split('-', 3)
+    path = request.url.path
+    if timestamp > int(timestampStr):
+        raise HTTPException(status_code=403, detail="Forbidden")
+    md5hash = hashlib.md5(f"{path}-{timestampStr}-{rand}-{uid}-{os.env.get('AUTH_KEY')}".encode())
+    md5 = md5hash.hexdigest()
+    if md5 != hashStr:
+        raise HTTPException(status_code=403, detail="Forbidden")
+    
+
+
+app = FastAPI(dependencies=[Depends(verify_internal_token)])
 
 
 UPLOAD_DIRECTORY = "/tmp/uploaded_files"
@@ -40,13 +50,11 @@ def read_root():
 
 @app.post("/upload")
 async def upload_file(file: UploadFile = File(...)):
-    logger.info(f'收到请求 {file.filename}')
     # 定义文件存储路径和名称
     file_location = os.path.join(UPLOAD_DIRECTORY, file.filename)
 
     # 将上传的文件写入本地文件系统
     with open(file_location, "wb") as buffer:
-        logger.info(f'写入本地文件 {file.filename}')
         buffer.write(await file.read())
 
     return {"info": f"file '{file.filename}' saved at '{file_location}'"}