From 319c8b2f2a6d065519c7774fc34a67d50257ebc0 Mon Sep 17 00:00:00 2001
From: Felix <Felix>
Date: Fri, 5 Dec 2025 21:06:38 +0800
Subject: [PATCH] add init token

---
 backend/app/admin/api/v1/product.py | 12 ++++++++----
 backend/core/conf.py                |  1 +
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/backend/app/admin/api/v1/product.py b/backend/app/admin/api/v1/product.py
index 4c526a5..509e3d1 100644
--- a/backend/app/admin/api/v1/product.py
+++ b/backend/app/admin/api/v1/product.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
-from fastapi import APIRouter, Depends, Request
+from fastapi import APIRouter, Depends, Request, HTTPException
 
 from backend.app.admin.schema.product import ProductItem, InitProductsRequest, InitProductsResponse
 from backend.app.admin.service.product_service import product_service
@@ -8,6 +8,7 @@ from backend.app.admin.crud.wx_order_crud import wx_order_dao
 from backend.common.response.response_schema import response_base, ResponseSchemaModel
 from backend.common.security.jwt import DependsJwtAuth
 from backend.database.db import async_db_session
+from backend.core.conf import settings
 
 
 router = APIRouter()
@@ -30,7 +31,10 @@ async def list_products(request: Request) -> ResponseSchemaModel[list[ProductIte
     return response_base.success(data=data)
 
 
-@router.post('/init', summary='初始化积分商品')
-async def init_products(body: InitProductsRequest) -> ResponseSchemaModel[InitProductsResponse]:
-    count = await product_service.init_products([i.model_dump() for i in (body.items or [])])
+@router.get('/init', summary='初始化积分商品')
+async def init_products(request: Request) -> ResponseSchemaModel[InitProductsResponse]:
+    t = request.query_params.get('t')
+    if not t or t == '' or t != settings.INIT_TOKEN:
+        raise HTTPException(status_code=403, detail='Forbidden')
+    count = await product_service.init_products(None)
     return response_base.success(data=InitProductsResponse(count=count))
diff --git a/backend/core/conf.py b/backend/core/conf.py
index ed3fa75..e7ec239 100755
--- a/backend/core/conf.py
+++ b/backend/core/conf.py
@@ -68,6 +68,7 @@ class Settings(BaseSettings):
     COS_BASIC_DIR: str
     YOUDAO_APP_ID: str
     YOUDAO_APP_SECRET: str
+    INIT_TOKEN: str = ""
 
     # .env 数据库
     DATABASE_ECHO: bool | Literal['debug'] = False