|
|
df0f2ebfbe
|
fix(danding_api): 手动读取环境变量兜底token配置
get_plugin_config(BaseSettings) 不一定从 .env 读取环境变量,
直接用 os.environ.get 兜底确保 DANDING_API_TOKEN 能被加载。
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-05-28 12:11:02 +08:00 |
|
|
|
d77007f5a2
|
debug(danding_api): 添加post_vcode请求参数调试日志
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-05-28 11:41:04 +08:00 |
|
|
|
e68305d306
|
fix(danding_api): 将Config改为BaseSettings以支持环境变量读取
BaseModel 的 Field(env=...) 不会自动读取环境变量,
需要继承 pydantic_settings.BaseSettings 才能生效。
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-05-28 11:27:49 +08:00 |
|
|
|
d1f97eccc2
|
fix(danding_api): 修复配置未从环境变量读取导致API鉴权失败
Token 和 EMAIL_PASSWORD 字段缺少 Field(env=...) 声明,
导致 .env 中的 DANDING_API_TOKEN 始终无法被读取,
后端 API 返回"你没有权限这样做"。
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
2026-05-28 11:17:26 +08:00 |
|
|
|
44052bc6e8
|
docs: add REVIEW_REPORT.md for all 11 plugins (round 2 review)
|
2026-05-10 00:39:37 +08:00 |
|
|
|
f61465a95b
|
fix(danding_api): 安全修复+性能改进
- config.py: 硬编码Token/EMAIL_PASSWORD→环境变量
- utils.py: requests→aiohttp异步IO
- utils.py: 移除硬编码用户ID
- utils.py: 可变默认参数dict()→None
- utils.py: 全局session_id封装为函数
- utils.py: tab→4空格统一缩进
|
2026-05-09 23:52:10 +08:00 |
|
|
|
c01338f496
|
refactor(plugins): comprehensive code review - ~35 fixes across 14 plugins
Phase 1 - Plugin code review (14/14 plugins):
- Security: 3x token leak in print→logger.debug, Bearer prefix handling
- Bug: bare except→specific exceptions, HorseState type safety, sync→async
- Critical: response_model undefined, route dead code, sync blocking event loop
- Quality: 11x print()→logger, variable name shadowing, consistent logging
Phase 2 - Deep analysis:
- Fix: payout int truncation→max(1, round(amount*odds))
- Fix: room_store get_lock race condition→dict.setdefault()
- Verify: data_manager f-string SQL is safe (uses ? placeholders)
Infrastructure: review reports generated for all plugins.
|
2026-05-09 23:22:28 +08:00 |
|
|
|
4a944316fe
|
首次提交
|
2025-12-26 22:41:42 +08:00 |
|
