fix: 修复了部分错误

1..env更名为.env.template， 2. pretor/utils/access.py 和 main.py 对于secret_key的逻辑进行优化，如果密钥为默认密钥会强行生成一个安全的密钥. 3.pretor/api/platform/frontend.py 的 upload_file函数改为了异步读写
2026-05-01 01:41:37 +08:00
5 changed files with 17 additions and 7 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -6,6 +6,6 @@ __pycache__
 frontend/node_modules
 frontend/dist
 docker-compose.yml
-.env
+.env.template
 .env.example
 .idea
--- a/.env.template
+++ b/.env.template
--- a/main.py
+++ b/main.py
@ -11,8 +11,13 @@ from pretor.core.workflow.workflow_runner import WorkflowRunningEngine
 from pretor.core.api import PretorGateway
 from ray import serve
 import os
+import secrets

-
+_secret_key = os.getenv("SECRET_KEY")
+if not _secret_key or _secret_key in {"secret", "114514"}:
+    _secret_key = secrets.token_urlsafe(32)
+    os.environ["SECRET_KEY"] = _secret_key
+    print("⚠️ 警告: 未提供有效的 SECRET_KEY 或使用了不安全的默认值，已生成并设置随机密钥。")

 async def start_system():
    env_vars = {
@ -21,7 +26,7 @@ async def start_system():
        "POSTGRES_HOST": os.getenv("POSTGRES_HOST", "db"),
        "POSTGRES_PORT": os.getenv("POSTGRES_PORT", "5432"),
        "POSTGRES_DB": os.getenv("POSTGRES_DB", "postgres"),
-        "SECRET_KEY": os.getenv("SECRET_KEY", "secret"),
+        "SECRET_KEY": os.getenv("SECRET_KEY"),
    }

    ray.init(ignore_reinit_error=True,
--- a/pretor/api/platform/frontend.py
+++ b/pretor/api/platform/frontend.py
@ -18,9 +18,10 @@ from pretor.utils.access import Accessor, TokenData
 from pretor.api.platform.event import PretorEvent
 from pretor.utils.ray_hook import ray_actor_hook
 import os
-import shutil
-
+import anyio
 from pretor.utils.logger import get_logger
+
+
 logger = get_logger('frontend')
 client_router = APIRouter(prefix="/api/v1/adapter/client", tags=["client"])

@ -54,8 +55,9 @@ async def upload_file(file: UploadFile = File(...),
        upload_dir = "uploads"
        os.makedirs(upload_dir, exist_ok=True)
        file_path = os.path.join(upload_dir, file.filename)
-        with open(file_path, "wb") as buffer:
-            shutil.copyfileobj(file.file, buffer)
+        async with await anyio.open_file(file_path, "wb") as buffer:
+            while chunk := await file.read(64 * 1024):  # 64KB chunks
+                await buffer.write(chunk)
        logger.info(f"用户 {token_data.username} 上传了文件: {file.filename}")
        return {"filename": file.filename, "message": f"File {file.filename} uploaded successfully"}
    except Exception as e:
--- a/pretor/utils/access.py
+++ b/pretor/utils/access.py
@ -31,6 +31,9 @@ SECRET_KEY = os.getenv("SECRET_KEY")
 ALGORITHM = "HS256"
 ACCESS_TOKEN_EXPIRE_MINUTES = 60 * 24

+if not SECRET_KEY or SECRET_KEY in {"secret", "114514"}:
+    raise RuntimeError("未提供有效的 SECRET_KEY 或使用了不安全的默认值")
+
 password_hasher = PasswordHash.recommended()