d1dc095cb1
- 新增 auth-middleware.js 验证客户端 API Key - 支持 Authorization: Bearer <key> 和 x-api-key 两种方式 - API Keys 只通过环境变量配置(安全最佳实践) - 公开路径: /, /health, /status - 可配置 /v1/models 是否需要认证 - 启动时输出认证状态日志 配置方式: AUTH_ENABLED=true API_KEYS=sk-key1,sk-key2 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
42 lines
1.4 KiB
Plaintext
42 lines
1.4 KiB
Plaintext
# 认证配置(按优先级选择其一)
|
||
|
||
# 方式1:使用固定API密钥(推荐生产环境,最高优先级)
|
||
FACTORY_API_KEY=your_factory_api_key_here
|
||
|
||
# 方式2:使用refresh token自动刷新(次优先级)
|
||
DROID_REFRESH_KEY=your_refresh_token_here
|
||
|
||
# refresh token 请求超时与重试(可选)
|
||
DROID_REFRESH_TIMEOUT_MS=15000
|
||
DROID_REFRESH_RETRIES=2
|
||
DROID_REFRESH_RETRY_BASE_MS=500
|
||
|
||
# 阿里云日志服务配置
|
||
SLS_ENABLED=false
|
||
ALIYUN_ACCESS_KEY_ID=your_access_key_id
|
||
ALIYUN_ACCESS_KEY_SECRET=your_access_key_secret
|
||
ALIYUN_SLS_ENDPOINT=cn-hangzhou.log.aliyuncs.com
|
||
ALIYUN_SLS_PROJECT=your_project_name
|
||
ALIYUN_SLS_LOGSTORE=your_logstore_name
|
||
|
||
# Deploy Configuration (sync-accounts.sh)
|
||
SYNC_SERVER=user@your-server.com
|
||
SYNC_REMOTE_PATH=/opt/droid2api
|
||
DEPLOY_TYPE=docker-compose
|
||
DOCKER_SERVICE_NAME=droid2api
|
||
PM2_APP_NAME=droid2api
|
||
|
||
# Cloudflare Tunnel Configuration (Optional)
|
||
# Get token from: https://one.dash.cloudflare.com/ -> Networks -> Tunnels
|
||
TUNNEL_TOKEN=
|
||
|
||
# CORS Configuration (Optional, overrides config.json)
|
||
# CORS_ENABLED=true
|
||
# CORS_ALLOW_ALL=false
|
||
# CORS_ORIGINS=https://app1.com,https://app2.com
|
||
|
||
# API Authentication - Protect your API endpoints
|
||
# AUTH_ENABLED=true # Enable authentication (required for production)
|
||
# API_KEYS=sk-key1,sk-key2,sk-key3 # Comma-separated API keys (ONLY via env var for security)
|
||
# AUTH_PUBLIC_MODELS=true # Allow /v1/models without auth
|