Mr.Xia
c01338f496
Phase 1 - Plugin code review (14/14 plugins): - Security: 3x token leak in print→logger.debug, Bearer prefix handling - Bug: bare except→specific exceptions, HorseState type safety, sync→async - Critical: response_model undefined, route dead code, sync blocking event loop - Quality: 11x print()→logger, variable name shadowing, consistent logging Phase 2 - Deep analysis: - Fix: payout int truncation→max(1, round(amount*odds)) - Fix: room_store get_lock race condition→dict.setdefault() - Verify: data_manager f-string SQL is safe (uses ? placeholders) Infrastructure: review reports generated for all plugins.
53 lines
1.2 KiB
Python
53 lines
1.2 KiB
Python
"""工具函数模块"""
|
|
import secrets
|
|
import string
|
|
|
|
|
|
def generate_token(length: int = 16, prefix: str = "danding-") -> str:
|
|
"""
|
|
生成随机 Token
|
|
|
|
Args:
|
|
length: 随机部分长度
|
|
prefix: Token 前缀
|
|
|
|
Returns:
|
|
生成的 Token
|
|
"""
|
|
# 生成随机字符串(字母和数字)
|
|
alphabet = string.ascii_letters + string.digits
|
|
random_part = ''.join(secrets.choice(alphabet) for _ in range(length))
|
|
|
|
return f"{prefix}{random_part}"
|
|
|
|
|
|
def validate_token(token: str, expected_token: str) -> bool:
|
|
"""
|
|
验证 Token 是否正确
|
|
|
|
Args:
|
|
token: 待验证的 Token
|
|
expected_token: 期望的 Token
|
|
|
|
Returns:
|
|
是否匹配
|
|
"""
|
|
if not token or not expected_token:
|
|
return False
|
|
|
|
return secrets.compare_digest(token.encode(), expected_token.encode())
|
|
|
|
|
|
def format_log_message(message: str, level: str = "INFO") -> str:
|
|
"""
|
|
格式化日志消息
|
|
|
|
Args:
|
|
message: 原始消息
|
|
level: 日志级别
|
|
|
|
Returns:
|
|
格式化后的消息
|
|
"""
|
|
return f"[Danding_QqPush] [{level}] {message}"
|