xinyin025/ChatGPT-Next-Web
1
0
Fork 0
mirror of https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web.git synced 2025-10-10 20:16:37 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

支持禁止用户输入API Key

Browse Source
This commit is contained in:
dreamagician 2023-04-23 22:35:52 +08:00
parent 71aa9d05ed
commit 05ae0b8161
6 changed files with 47 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/api/config/route.ts
View File

@ -8,6 +8,7 @@ const serverConfig = getServerSideConfig();
// 警告!不要在这里写入任何敏感信息! // 警告!不要在这里写入任何敏感信息!
const DANGER_CONFIG = { const DANGER_CONFIG = {
needCode: serverConfig.needCode, needCode: serverConfig.needCode,
disableUserToken: serverConfig.disableUserToken,
}; };
declare global { declare global {
@ -17,5 +18,6 @@ declare global {
export async function POST(req: NextRequest) { export async function POST(req: NextRequest) {
return NextResponse.json({ return NextResponse.json({
needCode: serverConfig.needCode, needCode: serverConfig.needCode,
disableUserToken: serverConfig.disableUserToken,
}); });
} }

10
app/components/settings.tsx
View File

@ -215,8 +215,8 @@ export function Settings() {
} }
const accessStore = useAccessStore(); const accessStore = useAccessStore();
const enabledAccessControl = useMemo( const accessControl = useMemo(
() => accessStore.enabledAccessControl(), () => accessStore.accessControl(),
// eslint-disable-next-line react-hooks/exhaustive-deps // eslint-disable-next-line react-hooks/exhaustive-deps
[], [],
); );
@ -450,7 +450,7 @@ export function Settings() {
</List> </List>
<List> <List>
{enabledAccessControl ? ( {accessControl.needCode ? (
<SettingItem <SettingItem
title={Locale.Settings.AccessCode.Title} title={Locale.Settings.AccessCode.Title}
subTitle={Locale.Settings.AccessCode.SubTitle} subTitle={Locale.Settings.AccessCode.SubTitle}
@ -468,6 +468,7 @@ export function Settings() {
<></> <></>
)} )}
{!accessControl.disableUserToken ? (
<SettingItem <SettingItem
title={Locale.Settings.Token.Title} title={Locale.Settings.Token.Title}
subTitle={Locale.Settings.Token.SubTitle} subTitle={Locale.Settings.Token.SubTitle}
@ -481,6 +482,9 @@ export function Settings() {
}} }}
/> />
</SettingItem> </SettingItem>
) : (
<></>
)}
<SettingItem <SettingItem
title={Locale.Settings.Usage.Title} title={Locale.Settings.Usage.Title}

1
app/config/server.ts
View File

@ -36,6 +36,7 @@ export const getServerSideConfig = () => {
code: process.env.CODE, code: process.env.CODE,
codes: ACCESS_CODES, codes: ACCESS_CODES,
needCode: ACCESS_CODES.size > 0, needCode: ACCESS_CODES.size > 0,
disableUserToken: process.env.DISABLE_USER_TOKEN === "true",
proxyUrl: process.env.PROXY_URL, proxyUrl: process.env.PROXY_URL,
isVercel: !!process.env.VERCEL, isVercel: !!process.env.VERCEL,
}; };

9
app/requests.ts
View File

@ -50,11 +50,16 @@ function getHeaders() {
const accessStore = useAccessStore.getState(); const accessStore = useAccessStore.getState();
let headers: Record<string, string> = {}; let headers: Record<string, string> = {};
if (accessStore.enabledAccessControl()) { const accessControl = accessStore.accessControl();
if (accessControl.needCode) {
headers["access-code"] = accessStore.accessCode; headers["access-code"] = accessStore.accessCode;
} }
if (accessStore.token && accessStore.token.length > 0) { if (
!accessControl.disableUserToken &&
accessStore.token &&
accessStore.token.length > 0
) {
headers["token"] = accessStore.token; headers["token"] = accessStore.token;
} }

19
app/store/access.ts
View File

@ -6,10 +6,14 @@ export interface AccessControlStore {
token: string; token: string;
needCode: boolean; needCode: boolean;
disableUserToken: boolean;
updateToken: (_: string) => void; updateToken: (_: string) => void;
updateCode: (_: string) => void; updateCode: (_: string) => void;
enabledAccessControl: () => boolean; accessControl: () => {
needCode: boolean;
disableUserToken: boolean;
};
isAuthorized: () => boolean; isAuthorized: () => boolean;
fetch: () => void; fetch: () => void;
} }
@ -24,10 +28,14 @@ export const useAccessStore = create<AccessControlStore>()(
token: "", token: "",
accessCode: "", accessCode: "",
needCode: true, needCode: true,
enabledAccessControl() { disableUserToken: false,
accessControl() {
get().fetch(); get().fetch();
return get().needCode; return {
needCode: get().needCode,
disableUserToken: get().disableUserToken,
};
}, },
updateCode(code: string) { updateCode(code: string) {
set((state) => ({ accessCode: code })); set((state) => ({ accessCode: code }));
@ -37,8 +45,11 @@ export const useAccessStore = create<AccessControlStore>()(
}, },
isAuthorized() { isAuthorized() {
// has token or has code or disabled access control // has token or has code or disabled access control
const accessControl = get().accessControl();
return ( return (
!!get().token || !!get().accessCode || !get().enabledAccessControl() !accessControl.needCode ||
!!get().accessCode ||
(!!get().token && !accessControl.disableUserToken)
); );
}, },
fetch() { fetch() {

4
middleware.ts
View File

@ -30,7 +30,7 @@ export function middleware(req: NextRequest) {
console.log("[User IP] ", getIP(req)); console.log("[User IP] ", getIP(req));
console.log("[Time] ", new Date().toLocaleString()); console.log("[Time] ", new Date().toLocaleString());
if (serverConfig.needCode && !serverConfig.codes.has(hashedCode) && !token) { if (serverConfig.needCode && !serverConfig.codes.has(hashedCode) && (!token || serverConfig.disableUserToken)) {
return NextResponse.json( return NextResponse.json(
{ {
error: true, error: true,
@ -44,7 +44,7 @@ export function middleware(req: NextRequest) {
} }
// inject api key // inject api key
if (!token) { if (!token || serverConfig.disableUserToken) {
const apiKey = serverConfig.apiKey; const apiKey = serverConfig.apiKey;
if (apiKey) { if (apiKey) {
console.log("[Auth] set system token"); console.log("[Auth] set system token");