Restore secret requirement for HTTP API auth

2026-06-24 15:47:49 +08:00 · 2026-06-13 01:38:44 -07:00 · 2026-06-13 01:38:44 -07:00 · 899ab77bb0
commit 899ab77bb0
parent 0f704cca47
1 changed files with 3 additions and 25 deletions
--- a/server/WebApi.cpp
+++ b/server/WebApi.cpp
@ -741,31 +741,9 @@ void check_secret(toolkit::SockInfo &sender, mediakit::HttpSession::KeyValue &he
        throw AuthException("Your ip is not allowed to access the service.");
    }

-    try {
-        auto logined_cookie = HttpCookieManager::Instance().getCookie(kLoginedCookieName, allArgs.getParser().getHeader());
-        if (!logined_cookie) {
-            auto unlogin_cookie = HttpCookieManager::Instance().getCookie(kUnLoginCookieName, allArgs.getParser().getHeader());
-            if (!unlogin_cookie) {
-                unlogin_cookie = HttpCookieManager::Instance().addCookie(kUnLoginCookieName, "", kUnLoginCookieLifeSeconds);
-                headerOut["Set-Cookie"] = unlogin_cookie->getCookie(kLoginCookiePath);
-            }
-            val["cookie"] = unlogin_cookie->getCookie();
-            throw AuthException("Please login first", headerOut, val);
-        }
-        // 优先cookie登陆鉴权
-    } catch (...) {
-        try {
-            // cookie登陆鉴权失败了再比对secret
-            CHECK_ARGS("secret");
-            if (api_secret != allArgs["secret"]) {
-                throw AuthException("Incorrect secret");
-            }
-            return;
-        } catch (...) {
-            // 未提供secret或secret不匹配，这个异常隐藏
-        }
-        // secret鉴权模式失败，抛出要求cookie登录的异常
-        throw;
+    CHECK_ARGS("secret");
+    if (api_secret != allArgs["secret"]) {
+        throw AuthException("Incorrect secret");
    }
 }