From ee3ec615488854aa50c39abd3a5ede7bb4bbeb0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BE=9F=E7=94=B7=E6=97=A5=E8=AE=B0=5Cwww?= Date: Mon, 16 Feb 2026 04:39:32 +0800 Subject: [PATCH] =?UTF-8?q?=E9=AA=8C=E8=AF=81key?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env.example | 4 ++-- src/app/api/public/hero-slider/route.ts | 9 +++++++++ src/app/api/public/product-recommendations/route.ts | 9 +++++++++ 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/.env.example b/.env.example index 4f23125..9e72b50 100644 --- a/.env.example +++ b/.env.example @@ -10,8 +10,8 @@ REDIS_PORT=6379 REDIS_PASSWORD= REDIS_DB=0 -# 公开 API 密钥(用于外部调用 /api/public/* 端点) -PUBLIC_API_KEY=your-secret-api-key-here +# Store API Key(用于访问 hero-slider 和 product-recommendations 接口) +STORE_API_KEY=your-store-api-key-here # Cloudflare R2 配置 CLOUDFLARE_R2_BUCKET=your-bucket diff --git a/src/app/api/public/hero-slider/route.ts b/src/app/api/public/hero-slider/route.ts index 1fb763b..886945d 100644 --- a/src/app/api/public/hero-slider/route.ts +++ b/src/app/api/public/hero-slider/route.ts @@ -6,9 +6,18 @@ import { getCache, setCache } from '@/lib/redis' /** * GET /api/public/hero-slider * 获取首页幻灯片数据(带缓存) + * 需要 x-store-api-key 验证 */ export async function GET(req: NextRequest) { try { + // 验证 API Key + const apiKey = req.headers.get('x-store-api-key') + const validApiKey = process.env.STORE_API_KEY + + if (!apiKey || !validApiKey || apiKey !== validApiKey) { + return NextResponse.json({ success: false, error: 'Unauthorized' }, { status: 401 }) + } + // 生成缓存 key const cacheKey = 'hero-slider:data' diff --git a/src/app/api/public/product-recommendations/route.ts b/src/app/api/public/product-recommendations/route.ts index 2a5aa36..8f8c623 100644 --- a/src/app/api/public/product-recommendations/route.ts +++ b/src/app/api/public/product-recommendations/route.ts @@ -6,9 +6,18 @@ import { getCache, setCache } from '@/lib/redis' /** * GET /api/public/product-recommendations * 获取商品推荐列表数据(带缓存) + * 需要 x-store-api-key 验证 */ export async function GET(req: NextRequest) { try { + // 验证 API Key + const apiKey = req.headers.get('x-store-api-key') + const validApiKey = process.env.STORE_API_KEY + + if (!apiKey || !validApiKey || apiKey !== validApiKey) { + return NextResponse.json({ success: false, error: 'Unauthorized' }, { status: 401 }) + } + // 生成缓存 key const cacheKey = 'product-recommendations:data'