修复中控

This commit is contained in:
dekun
2026-05-25 13:47:34 +08:00
parent 1347441bb3
commit 9556c4673d
4 changed files with 26 additions and 3 deletions
+7 -1
View File
@@ -58,6 +58,9 @@ HUB_PORT = int(os.getenv("HUB_PORT", "5100"))
HUB_BRIDGE_TOKEN = (os.getenv("HUB_BRIDGE_TOKEN") or os.getenv("CONTROL_TOKEN") or "").strip()
_trust_raw = (os.getenv("HUB_TRUST_LAN", "true") or "").strip().lower()
HUB_TRUST_LAN = _trust_raw not in ("0", "false", "no", "off")
_allow_pub_raw = (os.getenv("HUB_ALLOW_PUBLIC") or "").strip().lower()
# 云服务器 + 域名反代时设为 true:不做 IP 限制,仅靠 HUB_PASSWORD / 登录页保护
HUB_ALLOW_PUBLIC = _allow_pub_raw in ("1", "true", "yes", "on")
DIR = Path(__file__).resolve().parent
HUB_BUILD = "20260525-hub-sso"
HUB_AGENT_TIMEOUT = float(os.getenv("HUB_AGENT_TIMEOUT", "8"))
@@ -130,7 +133,10 @@ if STATIC_DIR.is_dir():
@app.middleware("http")
async def local_only(request: Request, call_next):
if request.client and not _client_allowed(request.client.host):
if HUB_ALLOW_PUBLIC:
return await call_next(request)
peer = request.client.host if request.client else None
if not _client_allowed(peer):
return JSONResponse({"detail": "forbidden"}, status_code=403)
return await call_next(request)