chore: 清理敏感与开发文档，仅同步代码

- 永久忽略并从仓库移除开发文档/ - 移除并忽略 .env 与小程序私有配置 - 同步小程序/管理端/API与脚本改动 Made-with: Cursor
2026-03-17 17:50:12 +08:00
parent 868b0a10d9
commit 76965adb23
443 changed files with 24175 additions and 64154 deletions
--- a/soul-api/internal/middleware/cron_auth.go
+++ b/soul-api/internal/middleware/cron_auth.go
@@ -0,0 +1,30 @@
+package middleware
+
+import (
+	"net/http"
+	"os"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+// CronAuth 定时任务鉴权：校验 X-Cron-Secret 请求头或 ?secret= 参数与 CRON_SECRET 环境变量一致
+// 若 CRON_SECRET 未配置则直接放行（开发环境兼容）
+func CronAuth() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		secret := strings.TrimSpace(os.Getenv("CRON_SECRET"))
+		if secret == "" {
+			c.Next()
+			return
+		}
+		provided := c.GetHeader("X-Cron-Secret")
+		if provided == "" {
+			provided = c.Query("secret")
+		}
+		if provided != secret {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"success": false, "error": "cron secret 不匹配"})
+			return
+		}
+		c.Next()
+	}
+}