xia.silei/DanDingNoneBot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: move onmyoji_gacha BOT_TOKEN to env var (was hardcoded plaintext)

Browse Source
This commit is contained in:
夏斯雷
2026-05-09 23:42:48 +08:00
parent fd2fd90f05
commit b444bd62f5
2 changed files with 125 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
danding_bot/plugins/onmyoji_gacha/api_utils.py
View File

@@ -31,10 +31,11 @@ def mask_username(username: str) -> str:
# 获取配置
config = Config()
# API 端点配置
DD_API_HOST = "https://api.danding.vip/DD/" # 蛋定服务器连接地址
BOT_TOKEN = "3340e353a49447f1be640543cbdcd937" # 对接服务器的Token
BOT_USER_ID = "1424473282" # 机器人用户ID
# API endpoint from config
DD_API_HOST = config.DD_API_HOST
# Secrets from config (sourced from environment variables)
BOT_TOKEN = config.BOT_TOKEN
BOT_USER_ID = config.BOT_USER_ID
async def query_qq_binding(qq: str) -> Tuple[bool, Optional[str], Optional[str]]:
"""

6
danding_bot/plugins/onmyoji_gacha/config.py
View File

@@ -111,5 +111,11 @@ class Config(BaseSettings):
WEB_ADMIN_TOKEN: str = os.getenv("WEB_ADMIN_TOKEN", "onmyoji_admin_token_2024")
WEB_ADMIN_PORT: int = int(os.getenv("WEB_ADMIN_PORT", "8080"))
# 蛋定服务器对接配置
DD_API_HOST: str = "https://api.danding.vip/DD/"
BOT_TOKEN: str = os.getenv("ONMYOJI_BOT_TOKEN", os.getenv("BOT_TOKEN", "")) # 必须设置
BOT_USER_ID: str = "1424473282"
# 时区
TIMEZONE: str = "Asia/Shanghai"