feat: 新增文件流代理接口，并增加授权码

Author: Taois

.env.development

@@ -49,6 +49,9 @@ CLIPBOARD_ALLOWED_CHARSET=
 # 最大可读取问文本体积，默认2mb
 CLIPBOARD_MAX_READ_SIZE=
 
+# 允许清理文件代理缓存
+allow_file_cache_clear=1
+
 # API超时配置（秒）
 # 默认API超时时间
 API_TIMEOUT=20

controllers/file-proxy.js

@@ -21,6 +21,27 @@ export default (fastify, options, done) => {
     // 缓存超时时间（5分钟）
     const cacheTimeout = 5 * 60 * 1000;
 
+    /**
+     * 验证身份认证
+     * @param {Object} request - Fastify请求对象
+     * @param {Object} reply - Fastify响应对象
+     * @returns {boolean} 验证是否通过
+     */
+    function verifyAuth(request, reply) {
+        const requiredAuth = ENV.get('PROXY_AUTH', 'drpys');
+        const providedAuth = request.query.auth;
+        
+        if (!providedAuth || providedAuth !== requiredAuth) {
+            reply.status(401).send({
+                error: 'Unauthorized',
+                message: 'Missing or invalid auth parameter',
+                code: 401
+            });
+            return false;
+        }
+        return true;
+    }
+
     /**
      * 解码参数 - 支持 base64 解码
      * @param {string} param - 需要解码的参数
@@ -187,6 +208,11 @@ export default (fastify, options, done) => {
         method: ['GET', 'HEAD'],
         url: '/file-proxy/proxy',
         handler: async (request, reply) => {
+            // 验证身份认证
+            if (!verifyAuth(request, reply)) {
+                return;
+            }
+
             const { url: urlParam, headers: headersParam } = request.query;
 
             console.log(`[fileProxyController] ${request.method} request for URL: ${urlParam}`);
@@ -284,6 +310,11 @@ export default (fastify, options, done) => {
      * GET /file-proxy/info - 获取远程文件信息（HEAD 请求）
      */
     fastify.get('/file-proxy/info', async (request, reply) => {
+        // 验证身份认证
+        if (!verifyAuth(request, reply)) {
+            return;
+        }
+
         const { url: urlParam, headers: headersParam } = request.query;
 
         console.log(`[fileProxyController] Info request for URL: ${urlParam}`);
@@ -352,12 +383,17 @@ export default (fastify, options, done) => {
      * DELETE /file-proxy/cache - 清理缓存
      */
     fastify.delete('/file-proxy/cache', async (request, reply) => {
+        // 验证身份认证
+        if (!verifyAuth(request, reply)) {
+            return;
+        }
+
         console.log(`[fileProxyController] Cache clear request`);
 
         try {
             // 非VERCEL环境可在设置中心控制此功能是否开启
             if (!process.env.VERCEL) {
-                if (ENV.get('allow_file_cache_clear') !== '1') {
+                if (!Number(process.env.allow_file_cache_clear)) {
                     return reply.status(403).send({ error: 'Cache clear is not allowed by owner' });
                 }
             }
@@ -401,16 +437,22 @@ export default (fastify, options, done) => {
                     'Base64 parameter decoding',
                     'Range request support',
                     'Custom headers support',
-                    'CORS support'
+                    'CORS support',
+                    'Authentication protection'
                 ],
                 endpoints: [
-                    'GET /file-proxy/health - Health check',
-                    'GET /file-proxy/proxy?url=<remote_url>&headers=<custom_headers> - Proxy remote file',
-                    'HEAD /file-proxy/proxy?url=<remote_url>&headers=<custom_headers> - Get remote file headers',
-                    'GET /file-proxy/info?url=<remote_url>&headers=<custom_headers> - Get remote file information',
-                    'DELETE /file-proxy/cache - Clear cache',
-                    'GET /file-proxy/status - Get service status'
-                ]
+                    'GET /file-proxy/health - Health check (no auth required)',
+                    'GET /file-proxy/proxy?url=<remote_url>&auth=<auth_code>&headers=<custom_headers> - Proxy remote file',
+                    'HEAD /file-proxy/proxy?url=<remote_url>&auth=<auth_code>&headers=<custom_headers> - Get remote file headers',
+                    'GET /file-proxy/info?url=<remote_url>&auth=<auth_code>&headers=<custom_headers> - Get remote file information',
+                    'DELETE /file-proxy/cache?auth=<auth_code> - Clear cache',
+                    'GET /file-proxy/status - Get service status (no auth required)'
+                ],
+                auth: {
+                    required: true,
+                    parameter: 'auth',
+                    description: 'Authentication code required for protected endpoints'
+                }
             });
         } catch (error) {
             console.error('[fileProxyController] Status request error:', error);

examples/test-file-proxy-auth.js

@@ -0,0 +1,216 @@
+import http from 'http';
+
+// 测试配置
+const config = {
+    proxyHost: 'localhost',
+    proxyPort: 3001,
+    authCode: 'drpys',
+    wrongAuthCode: 'wrong_auth',
+    testUrl: 'https://httpbin.org/json'
+};
+
+// 发送 HTTP 请求的辅助函数
+function makeRequest(options) {
+    return new Promise((resolve, reject) => {
+        const req = http.request(options, (res) => {
+            let data = '';
+            res.on('data', chunk => data += chunk);
+            res.on('end', () => {
+                resolve({
+                    statusCode: res.statusCode,
+                    headers: res.headers,
+                    data: data
+                });
+            });
+        });
+        
+        req.on('error', reject);
+        req.end();
+    });
+}
+
+// 测试 1: 无身份验证参数
+async function testNoAuth() {
+    console.log('\n=== 测试 1: 无身份验证参数 ===');
+    
+    try {
+        const options = {
+            hostname: config.proxyHost,
+            port: config.proxyPort,
+            path: `/file-proxy/proxy?url=${encodeURIComponent(config.testUrl)}`,
+            method: 'GET'
+        };
+        
+        console.log(`请求路径: ${options.path}`);
+        const response = await makeRequest(options);
+        
+        console.log(`状态码: ${response.statusCode}`);
+        console.log(`响应数据: ${response.data.substring(0, 200)}`);
+        
+        if (response.statusCode === 401) {
+            console.log('✅ 无身份验证参数测试通过 - 正确返回 401');
+        } else {
+            console.log('❌ 无身份验证参数测试失败 - 应该返回 401');
+        }
+    } catch (error) {
+        console.log(`❌ 无身份验证参数测试出错: ${error.message}`);
+    }
+}
+
+// 测试 2: 错误的身份验证参数
+async function testWrongAuth() {
+    console.log('\n=== 测试 2: 错误的身份验证参数 ===');
+    
+    try {
+        const options = {
+            hostname: config.proxyHost,
+            port: config.proxyPort,
+            path: `/file-proxy/proxy?url=${encodeURIComponent(config.testUrl)}&auth=${config.wrongAuthCode}`,
+            method: 'GET'
+        };
+        
+        console.log(`请求路径: ${options.path}`);
+        const response = await makeRequest(options);
+        
+        console.log(`状态码: ${response.statusCode}`);
+        console.log(`响应数据: ${response.data.substring(0, 200)}`);
+        
+        if (response.statusCode === 401) {
+            console.log('✅ 错误身份验证参数测试通过 - 正确返回 401');
+        } else {
+            console.log('❌ 错误身份验证参数测试失败 - 应该返回 401');
+        }
+    } catch (error) {
+        console.log(`❌ 错误身份验证参数测试出错: ${error.message}`);
+    }
+}
+
+// 测试 3: 正确的身份验证参数
+async function testCorrectAuth() {
+    console.log('\n=== 测试 3: 正确的身份验证参数 ===');
+    
+    try {
+        const options = {
+            hostname: config.proxyHost,
+            port: config.proxyPort,
+            path: `/file-proxy/proxy?url=${encodeURIComponent(config.testUrl)}&auth=${config.authCode}`,
+            method: 'GET'
+        };
+        
+        console.log(`请求路径: ${options.path}`);
+        const response = await makeRequest(options);
+        
+        console.log(`状态码: ${response.statusCode}`);
+        console.log(`响应数据: ${response.data.substring(0, 200)}...`);
+        
+        if (response.statusCode === 200) {
+            console.log('✅ 正确身份验证参数测试通过 - 正确返回 200');
+        } else {
+            console.log('❌ 正确身份验证参数测试失败 - 应该返回 200');
+        }
+    } catch (error) {
+        console.log(`❌ 正确身份验证参数测试出错: ${error.message}`);
+    }
+}
+
+// 测试 4: info 接口身份验证
+async function testInfoAuth() {
+    console.log('\n=== 测试 4: info 接口身份验证 ===');
+    
+    try {
+        // 无 auth 参数
+        const optionsNoAuth = {
+            hostname: config.proxyHost,
+            port: config.proxyPort,
+            path: `/file-proxy/info?url=${encodeURIComponent(config.testUrl)}`,
+            method: 'GET'
+        };
+        
+        console.log(`无 auth 请求路径: ${optionsNoAuth.path}`);
+        const responseNoAuth = await makeRequest(optionsNoAuth);
+        console.log(`无 auth 状态码: ${responseNoAuth.statusCode}`);
+        
+        // 有 auth 参数
+        const optionsWithAuth = {
+            hostname: config.proxyHost,
+            port: config.proxyPort,
+            path: `/file-proxy/info?url=${encodeURIComponent(config.testUrl)}&auth=${config.authCode}`,
+            method: 'GET'
+        };
+        
+        console.log(`有 auth 请求路径: ${optionsWithAuth.path}`);
+        const responseWithAuth = await makeRequest(optionsWithAuth);
+        console.log(`有 auth 状态码: ${responseWithAuth.statusCode}`);
+        
+        if (responseNoAuth.statusCode === 401 && responseWithAuth.statusCode === 200) {
+            console.log('✅ info 接口身份验证测试通过');
+        } else {
+            console.log('❌ info 接口身份验证测试失败');
+        }
+    } catch (error) {
+        console.log(`❌ info 接口身份验证测试出错: ${error.message}`);
+    }
+}
+
+// 测试 5: cache 接口身份验证
+async function testCacheAuth() {
+    console.log('\n=== 测试 5: cache 接口身份验证 ===');
+    
+    try {
+        // 无 auth 参数
+        const optionsNoAuth = {
+            hostname: config.proxyHost,
+            port: config.proxyPort,
+            path: `/file-proxy/cache`,
+            method: 'DELETE'
+        };
+        
+        console.log(`无 auth 请求路径: ${optionsNoAuth.path}`);
+        const responseNoAuth = await makeRequest(optionsNoAuth);
+        console.log(`无 auth 状态码: ${responseNoAuth.statusCode}`);
+        
+        // 有 auth 参数
+        const optionsWithAuth = {
+            hostname: config.proxyHost,
+            port: config.proxyPort,
+            path: `/file-proxy/cache?auth=${config.authCode}`,
+            method: 'DELETE'
+        };
+        
+        console.log(`有 auth 请求路径: ${optionsWithAuth.path}`);
+        const responseWithAuth = await makeRequest(optionsWithAuth);
+        console.log(`有 auth 状态码: ${responseWithAuth.statusCode}`);
+        
+        if (responseNoAuth.statusCode === 401 && responseWithAuth.statusCode === 200) {
+            console.log('✅ cache 接口身份验证测试通过');
+        } else {
+            console.log('❌ cache 接口身份验证测试失败');
+        }
+    } catch (error) {
+        console.log(`❌ cache 接口身份验证测试出错: ${error.message}`);
+    }
+}
+
+// 运行所有身份验证测试
+async function runAuthTests() {
+    console.log('开始运行文件代理身份验证测试...');
+    
+    await testNoAuth();
+    await testWrongAuth();
+    await testCorrectAuth();
+    await testInfoAuth();
+    await testCacheAuth();
+    
+    console.log('\n身份验证测试完成！');
+}
+
+runAuthTests().catch(console.error);
+
+export {
+    runAuthTests,
+    testNoAuth,
+    testWrongAuth,
+    testCorrectAuth,
+    testInfoAuth,
+    testCacheAuth
+};

examples/test-file-proxy.js

@@ -4,6 +4,7 @@ import http from 'http';
 const config = {
     proxyHost: 'localhost',
     proxyPort: 3001,
+    authCode: 'drpys', // 身份验证码
     testUrls: [
         'https://httpbin.org/json',
         'https://httpbin.org/headers',
@@ -45,7 +46,7 @@ async function testBasicProxy() {
         const options = {
             hostname: config.proxyHost,
             port: config.proxyPort,
-            path: `/file-proxy/proxy?url=${encodeURIComponent(testUrl)}`,
+            path: `/file-proxy/proxy?url=${encodeURIComponent(testUrl)}&auth=${config.authCode}`,
             method: 'GET'
         };
 
@@ -78,7 +79,7 @@ async function testBase64UrlProxy() {
         const options = {
             hostname: config.proxyHost,
             port: config.proxyPort,
-            path: `/file-proxy/proxy?url=${encodedUrl}`,
+            path: `/file-proxy/proxy?url=${encodedUrl}&auth=${config.authCode}`,
             method: 'GET'
         };
 
@@ -118,7 +119,7 @@ async function testCustomHeaders() {
         const options = {
             hostname: config.proxyHost,
             port: config.proxyPort,
-            path: `/file-proxy/proxy?url=${encodeURIComponent(testUrl)}&headers=${encodedHeaders}`,
+            path: `/file-proxy/proxy?url=${encodeURIComponent(testUrl)}&headers=${encodedHeaders}&auth=${config.authCode}`,
             method: 'GET'
         };
 
@@ -150,7 +151,7 @@ async function testHeadRequest() {
         const options = {
             hostname: config.proxyHost,
             port: config.proxyPort,
-            path: `/file-proxy/proxy?url=${encodeURIComponent(testUrl)}`,
+            path: `/file-proxy/proxy?url=${encodeURIComponent(testUrl)}&auth=${config.authCode}`,
             method: 'HEAD'
         };
 

spider/js/设置中心.js

@@ -454,6 +454,9 @@ var rule = {
             case 'videoParse':
                 d.push(genMultiInput('mg_hz', '设置芒果解析画质', '默认为4，可自行配置成其他值 (视频质量，9=4K, 4=1080p, 3=720p, 2=560p)', images.settings));
                 d.push(getInput('get_mg_hz', '查看芒果解析画质', images.settings));
+
+                d.push(genMultiInput('PROXY_AUTH', '设置代理播放授权', '默认为drpys，可自行配置成其他值', images.settings));
+                d.push(getInput('get_PROXY_AUTH', '查看代理播放授权', images.settings));
                 break;
         }
         return d
@@ -1286,6 +1289,7 @@ var rule = {
             'cat_sub_code',
             'must_sub_code',
             'mg_hz',
+            'PROXY_AUTH',
         ];
         let get_cookie_sets = [
             'get_quark_cookie',
@@ -1319,6 +1323,7 @@ var rule = {
             'get_cat_sub_code',
             'get_must_sub_code',
             'get_mg_hz',
+            'get_PROXY_AUTH',
         ];
         if (cookie_sets.includes(action) && value) {
             try {