完成密码设计

cloudflare-page-build/scripts/quick-build.js

@@ -21,8 +21,8 @@ fs.readFile(destPath, 'utf8', function (err, data) {
         return console.log(err);
     }
 
-    let finalApiEndpoint;
-    // 检查API_ENDPOINT_BASE64环境变量是否存在
+    let finalApiEndpoint, finalApiPassword;
+    // 处理API_ENDPOINT
     if (process.env.API_ENDPOINT_BASE64) {
         // 如果存在，直接使用API_ENDPOINT_BASE64的值
         finalApiEndpoint = process.env.API_ENDPOINT_BASE64;
@@ -34,14 +34,31 @@ fs.readFile(destPath, 'utf8', function (err, data) {
         finalApiEndpoint = Buffer.from('https://github.com/BlueSkyXN/WorkerJS_CloudFlare_ImageBed').toString('base64');
     }
 
+    // 处理API_PASSWORD
+    if (process.env.API_PASSWORD_BASE64) {
+        // 如果存在已经Base64编码的密码，直接使用
+        finalApiPassword = process.env.API_PASSWORD_BASE64;
+    } else if (process.env.API_PASSWORD) {
+        // 如果存在原始密码，将其转换为Base64编码
+        finalApiPassword = Buffer.from(process.env.API_PASSWORD).toString('base64');
+    } else {
+        // 如果两者都不存在，使用默认密码，并将其转换为Base64编码
+        finalApiPassword = Buffer.from('123456').toString('base64');
+    }
+
     // 在HTML文件内容中查找{{API_ENDPOINT_BASE64}}占位符，并用最终确定的Base64编码值替换它
-    const result = data.replace(/{{API_ENDPOINT_BASE64}}/g, finalApiEndpoint);
+    const resultWithEndpoint = data.replace(/{{API_ENDPOINT_BASE64}}/g, finalApiEndpoint);
+    // 在HTML文件内容中查找{{API_PASSWORD_BASE64}}占位符，并用最终确定的Base64编码值替换它
+    const resultWithPassword = resultWithEndpoint.replace(/{{API_PASSWORD_BASE64}}/g, finalApiPassword);
 
     // 将修改后的内容写回文件
-    fs.writeFile(destPath, result, 'utf8', function (err) {
+    fs.writeFile(destPath, resultWithPassword, 'utf8', function (err) {
          if (err) return console.log(err);
          // 解码finalApiEndpoint以显示实际URL
-         const actualUrl = Buffer.from(finalApiEndpoint, 'base64').toString('utf8');
-         console.log(`API_ENDPOINT_BASE64已替换为: ${finalApiEndpoint}, 实际URL是: ${actualUrl} 并保存到: ${destPath}`);
+         const actualEndpoint = Buffer.from(finalApiEndpoint, 'base64').toString('utf8');
+         // 解码finalApiPassword以显示实际密码
+         const actualPassword = Buffer.from(finalApiPassword, 'base64').toString('utf8');
+         console.log(`API_ENDPOINT_BASE64已替换为: ${finalApiEndpoint}, 实际Endpoint是: ${actualEndpoint} 并保存到: ${destPath}`);
+         console.log(`API_PASSWORD_BASE64已替换为: ${finalApiPassword}, 实际密码是: ${actualPassword} 并保存到: ${destPath}`);
     });
 });

cloudflare-page/OneAPI-imgbed-MIX.html

@@ -57,6 +57,10 @@
                 <label for="apiUrl">API Endpoint</label>
                 <input type="text" class="form-control" id="apiUrl" placeholder="Input API Endpoint with http(s)://***.***" required>
             </div>
+            <div class="form-group">
+                <label for="apiPassword">API Password</label>
+                <input type="text" class="form-control" id="apiPassword" placeholder="Enter API Password">
+            </div>
             <div class="form-group">
                 <label for="fileInput">Select Files</label>
                 <input type="file" class="form-control-file" id="fileInput" multiple required>
@@ -90,6 +94,7 @@
         document.addEventListener('DOMContentLoaded', function() {
             updateConvertButtonVisibility(); // 页面加载时更新按钮状态
             setApiUrl();
+            setApiPassword();
             document.getElementById('apiSelect').addEventListener('change', updateConvertButtonVisibility);
             document.getElementById('upload-form').addEventListener('submit', handleFormSubmit);
             document.getElementById('convertButton').addEventListener('click', function() {
@@ -102,6 +107,11 @@
             const decodedApiEndpoint = atob(encodedApiEndpoint);
             document.getElementById('apiUrl').value = decodedApiEndpoint;
         }
+        function setApiPassword() {
+            const encodedApiPassword = '{{API_PASSWORD_BASE64}}'; // 将这里替换为您的Base64编码后的API密码
+            const decodedApiPassword = atob(encodedApiPassword); // 使用atob函数解码Base64字符串
+            document.getElementById('apiPassword').value = decodedApiPassword; // 设置解码后的密码到密码输入框
+        }
         function updateConvertButtonVisibility() {
             const convertButton = document.getElementById('convertButton');
             const apiSelect = document.getElementById('apiSelect').value;
@@ -125,6 +135,9 @@
                 fetch(apiUrl, {
                 method: 'POST',
                 body: formData,
+                headers: {
+                        'Authorization': 'Bearer ' + document.getElementById('apiPassword').value // 使用密码输入框中的密码作为请求头中的密码
+                    }
                 })
                 .then(response => response.text())
                 .then(data => {

cloudflare-worker-js-api/API_IMG_tgphimg.js

@@ -2,7 +2,7 @@ addEventListener('fetch', event => {
   event.respondWith(handleTgphimgRequest(event.request));
 })
 
-async function handleRequest(request) {
+async function handleTgphimgRequest(request) {
   // 确认请求方法为 POST 并且内容类型正确
   if (request.method !== 'POST' || !request.headers.get('Content-Type').includes('multipart/form-data')) {
     return new Response('Invalid request', { status: 400 });

cloudflare-worker-js-api/index.js

@@ -11,6 +11,26 @@ addEventListener('fetch', event => {
 
 // 处理常规请求
 async function handleRequest(request) {
+  // 从环境变量中获取API密码（作为Token使用）
+  const apiToken = API_PASSWORD; // Cloudflare Worker中直接使用环境变量名
+
+  // 如果API_TOKEN存在且非空，则进行Token验证
+  if (apiToken) {
+    // 获取请求头中的Authorization字段
+    const authHeader = request.headers.get('Authorization');
+    
+    // 检查Authorization头是否存在且格式正确
+    if (!authHeader || !authHeader.startsWith('Bearer ')) {
+      return new Response('Unauthorized', { status: 401 });
+    }
+
+    // 提取Token并验证
+    const token = authHeader.split(' ')[1];
+    if (token !== apiToken) {
+      return new Response('Unauthorized', { status: 401 });
+    }
+  }
+
   const url = new URL(request.url);
 
   let response;

cloudflare-worker-js-api/worker.js

@@ -11,6 +11,26 @@ addEventListener('fetch', event => {
 
 // 处理常规请求
 async function handleRequest(request) {
+  // 从环境变量中获取API密码（作为Token使用）
+  const apiToken = API_PASSWORD; // Cloudflare Worker中直接使用环境变量名
+
+  // 如果API_TOKEN存在且非空，则进行Token验证
+  if (apiToken) {
+    // 获取请求头中的Authorization字段
+    const authHeader = request.headers.get('Authorization');
+    
+    // 检查Authorization头是否存在且格式正确
+    if (!authHeader || !authHeader.startsWith('Bearer ')) {
+      return new Response('Unauthorized', { status: 401 });
+    }
+
+    // 提取Token并验证
+    const token = authHeader.split(' ')[1];
+    if (token !== apiToken) {
+      return new Response('Unauthorized', { status: 401 });
+    }
+  }
+
   const url = new URL(request.url);
 
   let response;
@@ -56,6 +76,8 @@ addEventListener('fetch', event => {
       });
     }
   }
+
+
   async function handle58imgRequest(request) {
     // 确认请求方法为 POST 并且内容类型正确
     if (request.method !== 'POST' || !request.headers.get('Content-Type').includes('multipart/form-data')) {
@@ -102,7 +124,6 @@ addEventListener('fetch', event => {
       return new Response("Error: " + await response.text(), { status: response.status });
     }
   }
-  
   async function handleTgphimgRequest(request) {
     // 确认请求方法为 POST 并且内容类型正确
     if (request.method !== 'POST' || !request.headers.get('Content-Type').includes('multipart/form-data')) {