feat: 加强安全性传输过程使用salt sha256

2025-07-19 12:03:37 +00:00 · 2025-04-19 19:50:52 +08:00
parent b1047309c9
commit fda050d3fe
6 changed files with 40 additions and 17 deletions
--- a/napcat.webui/src/controllers/webui_manager.ts
+++ b/napcat.webui/src/controllers/webui_manager.ts
@@ -3,7 +3,7 @@ import { EventSourcePolyfill } from 'event-source-polyfill'
 import { LogLevel } from '@/const/enum'

 import { serverRequest } from '@/utils/request'
-
+import CryptoJS from "crypto-js";
 export interface Log {
  level: LogLevel
  message: string
@@ -17,9 +17,10 @@ export default class WebUIManager {
  }

  public static async loginWithToken(token: string) {
+    const sha256 = CryptoJS.SHA256(token + '.napcat').toString();
    const { data } = await serverRequest.post<ServerResponse<AuthResponse>>(
      '/auth/login',
-      { token }
+      { hash: sha256 }
    )
    return data.data.Credential
  }