53 lines
1.7 KiB
Python
53 lines
1.7 KiB
Python
"""认证与后台账户配置。"""
|
|
|
|
import os
|
|
|
|
from pathlib import Path
|
|
|
|
|
|
def _dotenv_cache():
|
|
cache = getattr(_dotenv_cache, "_cache", None)
|
|
if cache is not None:
|
|
return cache
|
|
env_path = Path(__file__).resolve().parents[1] / ".env"
|
|
data = {}
|
|
if env_path.exists():
|
|
for raw in env_path.read_text(encoding="utf-8").splitlines():
|
|
line = raw.strip()
|
|
if not line or line.startswith("#") or "=" not in line:
|
|
continue
|
|
key, value = line.split("=", 1)
|
|
data[key.strip()] = value.strip().strip('"').strip("'")
|
|
_dotenv_cache._cache = data
|
|
return data
|
|
|
|
|
|
def _get(name: str, default: str = "") -> str:
|
|
# 优先读取 .env 文件,未找到再回退环境变量
|
|
return _dotenv_cache().get(name, os.environ.get(name, default))
|
|
|
|
|
|
ADMIN_USERNAME = _get("AGENT_ADMIN_USERNAME", "")
|
|
ADMIN_PASSWORD_HASH = _get("AGENT_ADMIN_PASSWORD_HASH", "")
|
|
|
|
# 管理员二级密码(可选)。
|
|
# 优先使用哈希值;若未提供哈希,将回退到明文配置。
|
|
ADMIN_SECONDARY_PASSWORD_HASH = _get("ADMIN_SECONDARY_PASSWORD_HASH", "")
|
|
ADMIN_SECONDARY_PASSWORD = _get("ADMIN_SECONDARY_PASSWORD", "")
|
|
|
|
# 二级密码会话有效期(秒)。默认为 30 分钟,可根据需要在环境变量中覆盖。
|
|
ADMIN_SECONDARY_TTL_SECONDS = int(_get("AGENT_ADMIN_SECONDARY_TTL_SECONDS", "1800") or 1800)
|
|
|
|
# API Token 加密密钥来源;用于后台安全存储可回显的 Token。
|
|
# 使用任意字符串即可,内部会通过 SHA256 导出 Fernet key。
|
|
API_TOKEN_SECRET = _get("API_TOKEN_SECRET", "")
|
|
|
|
__all__ = [
|
|
"ADMIN_USERNAME",
|
|
"ADMIN_PASSWORD_HASH",
|
|
"ADMIN_SECONDARY_PASSWORD_HASH",
|
|
"ADMIN_SECONDARY_PASSWORD",
|
|
"ADMIN_SECONDARY_TTL_SECONDS",
|
|
"API_TOKEN_SECRET",
|
|
]
|