新增功能：1）下载链接验证开关；优化：1）aria2信息不对时，无法添加任务

5 years ago · 88bf159788
parent 1662585d7c
commit 88bf159788
35 changed files with 339 additions and 76 deletions
--- a/app/admin/pan_move.py
+++ b/app/admin/pan_move.py
@ -49,6 +49,9 @@ def panmove():

@admin.route('/panmove/create',methods=['POST'])
 def panmove_create():
+    p,status=get_aria2()
+    if not status:
+        return jsonify({'status':False,'msg':p})
    pan_from=request.form.get('pan_from')
    pan_to=request.form.get('pan_to')
    user_to=request.form.get('user_to')
--- a/app/admin/setting.py
+++ b/app/admin/setting.py
@ -58,6 +58,7 @@ def sys_setting():
        show_secret=request.form.get('show_secret','no')
        encrypt_file=request.form.get('encrypt_file','no')
        thread_num=request.form.get('thread_num','5')
+        verify_url=request.form.get('verify_url','False')

        set('downloadUrl_timeout',downloadUrl_timeout)
        set('allow_site',allow_site)
@ -85,6 +86,7 @@ def sys_setting():
        set('show_secret',show_secret)
        set('encrypt_file',encrypt_file)
        set('thread_num',thread_num)
+        set('verify_url',verify_url)
        # reload()

        redis_client.set('downloadUrl_timeout',downloadUrl_timeout)
@ -115,6 +117,7 @@ def sys_setting():
        redis_client.set('show_secret',show_secret)
        redis_client.set('encrypt_file',encrypt_file)
        redis_client.set('thread_num',thread_num)
+        redis_client.set('verify_url',verify_url)
        flash('更新成功')
        resp=MakeResponse(redirect(url_for('admin.sys_setting')))
        return resp
--- a/app/front/views.py
+++ b/app/front/views.py
@ -51,7 +51,7 @@ def index(path=None):
    balance=eval(GetConfig('balance'))
    if path is None:
        path='{}:/'.format(GetConfig('default_pan'))
-    path=urllib.unquote(path).replace('&action=play','').replace('&action=share','')
+    path=urllib.unquote(path).split('?')[0]
    if not os.path.exists(os.path.join(config_dir,'.install')):
        resp=redirect(url_for('admin.install',step=0,user=GetConfig('default_pan')))
        return resp
@ -72,6 +72,7 @@ def index(path=None):
    sortby=GetCookie(key='sortby',default=GetConfig('default_sort'))
    order=GetCookie(key='order',default=GetConfig('order_m'))
    action=request.args.get('action','download')
+    token=request.args.get('token')
    data,total = FetchData(path=path,page=page,per_page=50,sortby=sortby,order=order,action=action,dismiss=True)
    #是否有密码
    password,_,cur=has_item(path,'.password')
@ -87,11 +88,27 @@ def index(path=None):
    if password!=False:
        if (not request.cookies.get(md5_p) or request.cookies.get(md5_p)!=password) and has_verify_==False:
            if total=='files' and GetConfig('encrypt_file')=="no":
-                return show(data['id'],data['user'],action)
+                if GetConfig("verify_url")=="True":
+                    if token is None:
+                        return abort(403)
+                    elif VerifyToken(token,path):
+                        return show(data['id'],data['user'],action,token=token)
+                    else:
+                        return abort(403)
+                else:
+                    return show(data['id'],data['user'],action,token=token)
            resp=MakeResponse(render_template('theme/{}/password.html'.format(GetConfig('theme')),path=path,cur_user=user))
            return resp
    if total=='files':
-        return show(data['id'],data['user'],action)
+        if GetConfig("verify_url")=="True":
+            if token is None:
+                return abort(403)
+            elif VerifyToken(token,path):
+                return show(data['id'],data['user'],action,token=token)
+            else:
+                return abort(403)
+        else:
+            return show(data['id'],data['user'],action,token=token)
    readme,ext_r=GetReadMe(path)
    head,ext_d=GetHead(path)
    #参数
@ -118,13 +135,21 @@ def index(path=None):
    resp.set_cookie('order',str(order))
    return resp

-@front.route('/file/<user>/<fileid>/<action>')
-def show(fileid,user,action='download'):
+@front.route('/file/<user>/<fileid>/<action>/<token>')
+def show(fileid,user,action='download',token=None):
+    if token is None:
+        token=request.args.get('token')
+    path=GetPath(fileid)
    name=GetName(fileid)
    ext=name.split('.')[-1].lower()
-    path=GetPath(fileid)
    url=request.url.replace(':80','').replace(':443','').encode('utf-8').split('?')[0]
    inner_url='/'+urllib.quote('/'.join(url.split('/')[3:]))
+    if GetConfig("verify_url")=="True":
+        url=url+'?token='+token
+        if token is None:
+            return abort(403)
+        elif VerifyToken(token,path)==False:
+            return abort(403)
    if request.method=='POST' or action=='share':
        InfoLogger().print_r(u'share page:{}'.format(path))
        if ext in ['csv','doc','docx','odp','ods','odt','pot','potm','potx','pps','ppsx','ppsxm','ppt','pptm','pptx','rtf','xls','xlsx']:
@ -155,11 +180,11 @@ def show(fileid,user,action='download'):
        downloadUrl,play_url=GetDownloadUrl(fileid,user)
        if not downloadUrl.startswith('http'):
            return MakeResponse(downloadUrl)
-        if ext in ['webm','avi','mpg', 'mpeg', 'rm', 'rmvb', 'mov', 'wmv', 'mkv', 'asf']:
-            if action=='play':
-                resp=MakeResponse(redirect(play_url))
-            else:
-                resp=MakeResponse(redirect(downloadUrl))
+        # if ext in ['webm','avi','mpg', 'mpeg', 'rm', 'rmvb', 'mov', 'wmv', 'mkv', 'asf']:
+        #     if action=='play':
+        #         resp=MakeResponse(redirect(play_url))
+        #     else:
+        #         resp=MakeResponse(redirect(downloadUrl))
        else:
            resp=MakeResponse(redirect(play_url))
    else:
--- a/app/templates/admin/pan_move/pan_move.html
+++ b/app/templates/admin/pan_move/pan_move.html
@ -112,7 +112,12 @@
                data:{pan_from:pan_from,pan_to:pan_to,user_to:to_pan},
                dataType: "json",
                success: function(data) {
-                    layer.msg(data.msg, {icon: 1});
+                    if(data.status==false){
+                      layer.msg(data.msg, {icon: 2});
+                    }
+                    else{
+                      layer.msg(data.msg, {icon: 1});
+                    }
                },
                  error: function(){
                      layer.msg('服务器内部错误！');
--- a/app/templates/admin/setting/sys_setting.html
+++ b/app/templates/admin/setting/sys_setting.html
@ -8,13 +8,29 @@
    </div>
    <form action="{{url_for('admin.sys_setting')}}" method="POST">

-        <h4><font color="red">是否开启负载均衡</font></h4>
-        <small><p>开启之后，只显示默认盘文件；如果默认盘有的文件，其他盘也有，则会在这几个盘之间切换获取直链</p>
-        <p>仅限<font color="blue">不同域</font>的onedrive开启负载均衡才有意义！！！</p></small>
-        <select class="mdui-select" name="balance" mdui-select>
-            <option value="True"{%if GetConfig('balance')=='True'%} selected{%endif%}>开启</option>
-            <option value="False"{%if GetConfig('balance')=='False'%} selected{%endif%}>关闭</option>
-        </select>
+            <h4><font color="red">是否开启负载均衡</font></h4>
+            <small>
+              <p>开启之后，只显示默认盘文件；如果默认盘有的文件，其他盘也有，则会在这几个盘之间切换获取直链</p>
+              <p>仅限<font color="blue">不同域</font>的onedrive开启负载均衡才有意义！！！</p>
+            </small>
+            <select class="mdui-select" name="balance" mdui-select>
+                <option value="True"{%if GetConfig('balance')=='True'%} selected{%endif%}>开启</option>
+                <option value="False"{%if GetConfig('balance')=='False'%} selected{%endif%}>关闭</option>
+            </select>
+
+        <hr>
+          <h4><font color="red">是否开启下载验证</font></h4>
+          <small>
+            <p>开启之后，他人无法直接通过文件链接下载文件，必须带token</p>
+            <p>比如，未开启，可通过：<a href="https://pyone.me/A:/run.py">https://pyone.me/A:/run.py</a>下载到文件</p>
+            <p>如果开启，通过：<a href="https://pyone.me/A:/run.py">https://pyone.me/A:/run.py</a>会返回403，此时必须带token</p>
+          </small>
+          <select class="mdui-select" name="verify_url" mdui-select>
+              <option value="True"{%if GetConfig('verify_url')=='True'%} selected{%endif%}>开启</option>
+              <option value="False"{%if GetConfig('verify_url')=='False'%} selected{%endif%}>关闭</option>
+          </select>
+
+        <hr>

        <div class="mdui-textfield">
          <h4>*后台路径（默认是admin，如果改为uadmin，则进后台路径为：/uadmin）</h4>
@ -23,7 +39,7 @@
        </div>

        <div class="mdui-textfield">
-          <h4>防盗链设置（不限制，则设置：no-referrer；仅限3pp.me调用，则设置：3pp.me；可调用域名通过英文逗号分隔）</h4>
+          <h4>防盗链设置（不限制，则设置：no-referrer；仅限3pp.me调用，则设置：3pp.me；可调用域名通过<font color="red">英文逗号(,)</font>分隔）</h4>
          <input class="mdui-textfield-input" type="text" name="allow_site" value="{{GetConfig('allow_site')}}"/>
        </div>

--- a/app/templates/theme/bst4/index.html
+++ b/app/templates/theme/bst4/index.html
@ -43,10 +43,14 @@
                    </div>
                {%else%}
                    <div class="row file mt-15">
-                        <a href="{{url_for('front.index',path=data['path'])}}" target="_blank">
+                       {%if GetConfig("verify_url")=="True"%}
+                       <a href="{{url_for('front.index',path=data['path'],token=GenerateToken(data['path']))}}" target="_blank">
+                       {%else%}
+                       <a href="{{url_for('front.index',path=data['path'])}}" target="_blank">
+                       {%endif%}
                            {%if image_mode==1%}
                                {%if file_ico(data)=='image'%}
-                                    <img class="img-responsive" src="{{url_for('front.show',fileid=data['id'],user=cur_user,action='download')}}"/>
+                                    <img class="img-responsive" src="{{url_for('front.show',fileid=data['id'],user=cur_user,action='download',token=GenerateToken(data['path']))}}"/>
                                {%else%}
                                    <div class="col-xs-8 col-md-6 text-left cut">{{ macros.get_ico(file_ico(data)) }}{{data['name']}}</div>
                                    <div class="col-xs-4 col-md-2">{{data['lastModtime']}}</div>
@ -103,7 +107,11 @@ $(function() {
                shadeClose: true,
                shade: 0.8,
                area: ['100%', '100%'],
+                {%if GetConfig("verify_url")=="True"%}
+                content: $(this).attr('href') + "&action=share" //iframe的url
+                {%else%}
                content: $(this).attr('href') + "?action=share" //iframe的url
+                {%endif%}
            });
            return false;
        });
--- a/app/templates/theme/bst4/show/audio.html
+++ b/app/templates/theme/bst4/show/audio.html
@ -16,7 +16,11 @@
            <span class="input-group-addon" id="basic-addon1">
                    <i class="fa fa-share-alt" aria-hidden="true"></i>分享地址
                </span>
+            {%if GetConfig("verify_url")=="True"%}
+            <input id="share" class="form-control" type="text" value="{{url}}&action=share" />
+            {%else%}
            <input id="share" class="form-control" type="text" value="{{url}}?action=share" />
+            {%endif%}
            <a class="input-group-addon" onclick="copyUrl('share')">点击复制</a>
        </div>
        <div class="input-group">
@ -66,5 +70,5 @@
          }, 1000 * 60 * 25)
      });
 </script>
-    <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+    <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 {%endblock content%}
--- a/app/templates/theme/bst4/show/code.html
+++ b/app/templates/theme/bst4/show/code.html
@ -15,7 +15,11 @@
            <span class="input-group-addon" id="basic-addon1">
                    <i class="fa fa-share-alt" aria-hidden="true"></i>分享地址
                </span>
+            {%if GetConfig("verify_url")=="True"%}
+            <input id="share" class="form-control" type="text" value="{{url}}&action=share" />
+            {%else%}
            <input id="share" class="form-control" type="text" value="{{url}}?action=share" />
+            {%endif%}
            <a class="input-group-addon" onclick="copyUrl('share')">点击复制</a>
        </div>
        <div class="input-group">
@ -26,7 +30,7 @@
            <a class="input-group-addon" onclick="copyUrl('use_outer')">点击复制</a>
        </div>
    </div>
-    <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+    <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>
 <script src="https://cdn.staticfile.org/ace/1.4.2/ace.js"></script>
 <script src="https://cdn.staticfile.org/ace/1.4.2/ext-language_tools.js"></script>
--- a/app/templates/theme/bst4/show/image.html
+++ b/app/templates/theme/bst4/show/image.html
@ -3,7 +3,7 @@
 {%block content%}
 <div class="container">
    <br>
-    <img class="img-responsive" src="{{inner_url}}"/>
+    <img class="img-responsive" src="{{url}}"/>
    <br>
    <!-- 固定标签 -->
    <div class="form-horizontal">
@ -11,7 +11,11 @@
            <span class="input-group-addon" id="basic-addon1">
                    <i class="fa fa-share-alt" aria-hidden="true"></i>分享地址
                </span>
+            {%if GetConfig("verify_url")=="True"%}
+            <input id="share" class="form-control" type="text" value="{{url}}&action=share" />
+            {%else%}
            <input id="share" class="form-control" type="text" value="{{url}}?action=share" />
+            {%endif%}
            <a class="input-group-addon" onclick="copyUrl('share')">点击复制</a>
        </div>
        <div class="input-group">
@ -23,7 +27,7 @@
        </div>
    </div>
        <br>
- <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+ <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>


--- a/app/templates/theme/bst4/show/video.html
+++ b/app/templates/theme/bst4/show/video.html
@ -13,7 +13,11 @@
            <span class="input-group-addon" id="basic-addon1">
                    <i class="fa fa-share-alt" aria-hidden="true"></i>分享地址
                </span>
+            {%if GetConfig("verify_url")=="True"%}
+            <input id="share" class="form-control" type="text" value="{{url}}&action=share" />
+            {%else%}
            <input id="share" class="form-control" type="text" value="{{url}}?action=share" />
+            {%endif%}
            <a class="input-group-addon" onclick="copyUrl('share')">点击复制</a>
        </div>
        <div class="input-group">
@ -30,7 +34,7 @@
          container: document.getElementById('dplayer'),
          lang: 'zh-cn',
          video: {
-              url: "{{inner_url}}",
+              url: "{{url}}",
              type: 'auto'
          },
          autoplay: true
@ -41,7 +45,7 @@
          if(cnt<=3){
              console.log('获取资源错误，开始重新加载！');
              let last = dp.video.currentTime;
-              dp.video.src = "{{inner_url}}";
+              dp.video.src = "{{url}}";
              dp.video.load();
              dp.video.currentTime = last;
              dp.play();
@ -54,7 +58,7 @@
          if (!dp.video.paused && !dp.video.ended) {
              console.log('开始重新加载！');
              let last = dp.video.currentTime;
-              dp.video.src = "{{inner_url}}";
+              dp.video.src = "{{url}}";
              dp.video.load();
              dp.video.currentTime = last;
              dp.play();
@ -62,6 +66,6 @@
      }, 1000 * 60 * 25)
  });
 </script>
- <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+ <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>
 {%endblock content%}
--- a/app/templates/theme/bst4/show/video2.html
+++ b/app/templates/theme/bst4/show/video2.html
@ -13,7 +13,11 @@
            <span class="input-group-addon" id="basic-addon1">
                    <i class="fa fa-share-alt" aria-hidden="true"></i>分享地址
                </span>
+            {%if GetConfig("verify_url")=="True"%}
+            <input id="share" class="form-control" type="text" value="{{url}}&action=share" />
+            {%else%}
            <input id="share" class="form-control" type="text" value="{{url}}?action=share" />
+            {%endif%}
            <a class="input-group-addon" onclick="copyUrl('share')">点击复制</a>
        </div>
        <div class="input-group">
@ -30,7 +34,7 @@
            container: document.getElementById('dplayer'),
            lang: 'zh-cn',
            video: {
-                url: "{{inner_url}}?action=play",
+                url: "{{url}}",
                type: 'auto'
            },
            autoplay: true
@ -41,7 +45,7 @@
            if(cnt<=3){
                console.log('获取资源错误，开始重新加载！');
                let last = dp.video.currentTime;
-                dp.video.src = "{{inner_url}}?action=play";
+                dp.video.src = "{{url}}";
                dp.video.load();
                dp.video.currentTime = last;
                dp.play();
@ -54,7 +58,7 @@
            if (!dp.video.paused && !dp.video.ended) {
                console.log('开始重新加载！');
                let last = dp.video.currentTime;
-                dp.video.src = "{{inner_url}}?action=play";
+                dp.video.src = "{{url}}";
                dp.video.load();
                dp.video.currentTime = last;
                dp.play();
@ -62,6 +66,6 @@
        }, 1000 * 60 * 25)
    });
    </script>
-    <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+    <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>
 {%endblock content%}
--- a/app/templates/theme/bst_sketchy/index.html
+++ b/app/templates/theme/bst_sketchy/index.html
@ -48,10 +48,14 @@
                        </li>
                    {%else%}
                       <li class="list-group-item list-group-item-action file">
+                            {%if GetConfig("verify_url")=="True"%}
+                            <a href="{{url_for('front.index',path=data['path'],token=GenerateToken(data['path']))}}" target="_blank">
+                            {%else%}
                            <a href="{{url_for('front.index',path=data['path'])}}" target="_blank">
+                            {%endif%}
                                {%if image_mode==1%}
                                    {%if file_ico(data)=='image'%}
-                                    <img class="img-fluid" src="{{url_for('front.show',fileid=data['id'],user=cur_user,action='download')}}"/>
+                                        <img class="img-fluid" src="{{url_for('front.show',fileid=data['id'],user=cur_user,action='download',token=GenerateToken(data['path']))}}"/>
                                    {%else%}
                                    <div class="row">
                                        <div class="col-8 col-sm-6" style="text-overflow:ellipsis;overflow:hidden;white-space:nowrap;">{{ macros.get_ico(file_ico(data)) }}{{data['name']}}</div>
@ -113,7 +117,11 @@ $(function() {
                shadeClose: true,
                shade: 0.8,
                area: ['100%', '100%'],
+                {%if GetConfig("verify_url")=="True"%}
+                content: $(this).attr('href') + "&action=share" //iframe的url
+                {%else%}
                content: $(this).attr('href') + "?action=share" //iframe的url
+                {%endif%}
            });
            return false;
        });
--- a/app/templates/theme/bst_sketchy/show/audio.html
+++ b/app/templates/theme/bst_sketchy/show/audio.html
@ -18,7 +18,11 @@
              <div class="input-group-prepend">
                <span class="input-group-text"><i class="fa fa-share-alt" aria-hidden="true"></i>分享地址</span>
              </div>
+              {%if GetConfig("verify_url")=="True"%}
+              <input type="text" class="form-control" value='{{url}}&action=share' id="share">
+              {%else%}
              <input type="text" class="form-control" value='{{url}}?action=share' id="share">
+              {%endif%}
              <a onclick="copyUrl('share')">
              <div class="input-group-append">
                <span class="input-group-text">点击复制</span>
@ -83,5 +87,5 @@
          }, 1000 * 60 * 25)
      });
 </script>
-    <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+    <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 {%endblock content%}
--- a/app/templates/theme/bst_sketchy/show/code.html
+++ b/app/templates/theme/bst_sketchy/show/code.html
@ -17,7 +17,11 @@
              <div class="input-group-prepend">
                <span class="input-group-text"><i class="fa fa-share-alt" aria-hidden="true"></i>分享地址</span>
              </div>
+              {%if GetConfig("verify_url")=="True"%}
+              <input type="text" class="form-control" value='{{url}}&action=share' id="share">
+              {%else%}
              <input type="text" class="form-control" value='{{url}}?action=share' id="share">
+              {%endif%}
              <a onclick="copyUrl('share')">
              <div class="input-group-append">
                <span class="input-group-text">点击复制</span>
@ -44,7 +48,7 @@
        </div>
    </div>

-    <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+    <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>
 <script src="https://cdn.staticfile.org/ace/1.4.2/ace.js"></script>
 <script src="https://cdn.staticfile.org/ace/1.4.2/ext-language_tools.js"></script>
--- a/app/templates/theme/bst_sketchy/show/image.html
+++ b/app/templates/theme/bst_sketchy/show/image.html
@ -3,7 +3,7 @@
 {%block content%}
 <div class="container">
    <br>
-    <img class="img-responsive" src="{{inner_url}}"/>
+    <img class="img-responsive" src="{{url}}"/>
    <br>
    <!-- 固定标签 -->
    <div class="form-horizontal">
@ -13,7 +13,11 @@
              <div class="input-group-prepend">
                <span class="input-group-text"><i class="fa fa-share-alt" aria-hidden="true"></i>分享地址</span>
              </div>
+              {%if GetConfig("verify_url")=="True"%}
+              <input type="text" class="form-control" value='{{url}}&action=share' id="share">
+              {%else%}
              <input type="text" class="form-control" value='{{url}}?action=share' id="share">
+              {%endif%}
              <a onclick="copyUrl('share')">
              <div class="input-group-append">
                <span class="input-group-text">点击复制</span>
@ -40,7 +44,7 @@
        </div>
    </div>
        <br>
- <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+ <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>


--- a/app/templates/theme/bst_sketchy/show/video.html
+++ b/app/templates/theme/bst_sketchy/show/video.html
@ -15,7 +15,11 @@
              <div class="input-group-prepend">
                <span class="input-group-text"><i class="fa fa-share-alt" aria-hidden="true"></i>分享地址</span>
              </div>
+              {%if GetConfig("verify_url")=="True"%}
+              <input type="text" class="form-control" value='{{url}}&action=share' id="share">
+              {%else%}
              <input type="text" class="form-control" value='{{url}}?action=share' id="share">
+              {%endif%}
              <a onclick="copyUrl('share')">
              <div class="input-group-append">
                <span class="input-group-text">点击复制</span>
@ -47,7 +51,7 @@
          container: document.getElementById('dplayer'),
          lang: 'zh-cn',
          video: {
-              url: "{{inner_url}}",
+              url: "{{url}}",
              type: 'auto'
          },
          autoplay: true
@ -58,7 +62,7 @@
          if(cnt<=3){
              console.log('获取资源错误，开始重新加载！');
              let last = dp.video.currentTime;
-              dp.video.src = "{{inner_url}}";
+              dp.video.src = "{{url}}";
              dp.video.load();
              dp.video.currentTime = last;
              dp.play();
@ -71,7 +75,7 @@
          if (!dp.video.paused && !dp.video.ended) {
              console.log('开始重新加载！');
              let last = dp.video.currentTime;
-              dp.video.src = "{{inner_url}}";
+              dp.video.src = "{{url}}";
              dp.video.load();
              dp.video.currentTime = last;
              dp.play();
@ -79,6 +83,6 @@
      }, 1000 * 60 * 25)
  });
 </script>
- <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+ <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>
 {%endblock content%}
--- a/app/templates/theme/bst_sketchy/show/video2.html
+++ b/app/templates/theme/bst_sketchy/show/video2.html
@ -15,7 +15,11 @@
              <div class="input-group-prepend">
                <span class="input-group-text"><i class="fa fa-share-alt" aria-hidden="true"></i>分享地址</span>
              </div>
+              {%if GetConfig("verify_url")=="True"%}
+              <input type="text" class="form-control" value='{{url}}&action=share' id="share">
+              {%else%}
              <input type="text" class="form-control" value='{{url}}?action=share' id="share">
+              {%endif%}
              <a onclick="copyUrl('share')">
              <div class="input-group-append">
                <span class="input-group-text">点击复制</span>
@ -47,7 +51,7 @@
              container: document.getElementById('dplayer'),
              lang: 'zh-cn',
              video: {
-                  url: "{{inner_url}}?action=play",
+                  url: "{{url}}",
                  type: 'auto'
              },
              autoplay: true
@ -58,7 +62,7 @@
              if(cnt<=3){
                  console.log('获取资源错误，开始重新加载！');
                  let last = dp.video.currentTime;
-                  dp.video.src = "{{inner_url}}?action=play";
+                  dp.video.src = "{{url}}";
                  dp.video.load();
                  dp.video.currentTime = last;
                  dp.play();
@ -71,7 +75,7 @@
              if (!dp.video.paused && !dp.video.ended) {
                  console.log('开始重新加载！');
                  let last = dp.video.currentTime;
-                  dp.video.src = "{{inner_url}}?action=play";
+                  dp.video.src = "{{url}}";
                  dp.video.load();
                  dp.video.currentTime = last;
                  dp.play();
@ -79,6 +83,6 @@
          }, 1000 * 60 * 25)
      });
    </script>
-    <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+    <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>
 {%endblock content%}
--- a/app/templates/theme/layui/index.html
+++ b/app/templates/theme/layui/index.html
@ -50,7 +50,7 @@
                        {%if data['type']=='folder' %}
                            <tr>
                                <td>
-                                        <a href="{{url_for('front.index',path=data['path'])}}"><i class="fa fa-folder-o"></i> {{CutText(data['name'])}}</a>
+                                    <a href="{{url_for('front.index',path=data['path'])}}"><i class="fa fa-folder-o"></i> {{CutText(data['name'])}}</a>
                                </td>
                                <td class="layui-hide-xs">{{data['lastModtime']}}</td>
                                <td class="layui-hide-xs">{{data['type']}}</td>
@ -61,7 +61,11 @@
                                {%if file_ico(data)!='image'%}
                                    <tr>
                                        <td>
+                                            {%if GetConfig("verify_url")=="True"%}
+                                            <a href="{{url_for('front.index',path=data['path'],action='share',token=GenerateToken(data['path']))}}" target="_blank">
+                                            {%else%}
                                            <a href="{{url_for('front.index',path=data['path'],action='share')}}" target="_blank">
+                                            {%endif%}
                                                {{ macros.get_ico(file_ico(data)) }} {{CutText(data['name'])}}
                                            </a>
                                        </td>
@ -73,7 +77,11 @@
                            {%else%}
                                <tr>
                                    <td>
+                                        {%if GetConfig("verify_url")=="True"%}
+                                        <a href="{{url_for('front.index',path=data['path'],action='share',token=GenerateToken(data['path']))}}" target="_blank">
+                                        {%else%}
                                        <a href="{{url_for('front.index',path=data['path'],action='share')}}" target="_blank">
+                                        {%endif%}
                                            {{ macros.get_ico(file_ico(data)) }} {{CutText(data['name'])}}
                                        </a>
                                    </td>
@ -94,8 +102,12 @@
        <div style="max-width: 600px;">
        {%for data in items%}
            {%if file_ico(data)=='image'%}
+                {%if GetConfig("verify_url")=="True"%}
+                <a href="{{url_for('front.index',path=data['path'],action='share',token=GenerateToken(data['path']))}}" target="_blank">
+                {%else%}
                <a href="{{url_for('front.index',path=data['path'],action='share')}}" target="_blank">
-                <img class="img-responsive" src="{{url_for('front.show',fileid=data['id'],user=cur_user,action='download')}}"/>
+                {%endif%}
+                    <img class="img-responsive" src="{{url_for('front.show',fileid=data['id'],user=cur_user,action='download',token=GenerateToken(data['path']))}}"/>
                </a>
            {%endif%}
        {%endfor%}
--- a/app/templates/theme/layui/show/audio.html
+++ b/app/templates/theme/layui/show/audio.html
@ -16,7 +16,11 @@
      <div class="layui-form-item" pane>
        <label class="layui-form-label"><a onclick="copyUrl('share')"><i class="fa fa-share-alt" aria-hidden="true"></i>分享地址(点击复制)</a></label>
        <div class="layui-input-block">
+          {%if GetConfig("verify_url")=="True"%}
+          <input type="text" id="share" class="layui-input" value="{{url}}&action=share" >
+          {%else%}
          <input type="text" id="share" class="layui-input" value="{{url}}?action=share" >
+          {%endif%}
        </div>
      </div>
    </div>
@ -67,5 +71,5 @@
          });
    </script>
 </div>
-    <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+    <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 {%endblock content%}
--- a/app/templates/theme/layui/show/code.html
+++ b/app/templates/theme/layui/show/code.html
@ -13,7 +13,11 @@
  <div class="layui-form-item" pane>
    <label class="layui-form-label"><a onclick="copyUrl('share')"><i class="fa fa-share-alt" aria-hidden="true"></i>分享地址(点击复制)</a></label>
    <div class="layui-input-block">
+      {%if GetConfig("verify_url")=="True"%}
+      <input type="text" id="share" class="layui-input" value="{{url}}&action=share" >
+      {%else%}
      <input type="text" id="share" class="layui-input" value="{{url}}?action=share" >
+      {%endif%}
    </div>
  </div>
 </div>
@ -25,7 +29,7 @@
    </div>
  </div>
 </div>
-    <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+    <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>
 <script src="https://cdn.staticfile.org/ace/1.4.2/ace.js"></script>
 <script src="https://cdn.staticfile.org/ace/1.4.2/ext-language_tools.js"></script>
--- a/app/templates/theme/layui/show/image.html
+++ b/app/templates/theme/layui/show/image.html
@ -3,14 +3,18 @@
 {%block content%}
 <div class="layui-container">
    <br>
-    <img class="img-responsive" src="{{inner_url}}"/>
+    <img class="img-responsive" src="{{url}}"/>
    <br>
    <!-- 固定标签 -->
    <div class="layui-form layui-form-pane">
      <div class="layui-form-item" pane>
        <label class="layui-form-label"><a onclick="copyUrl('share')"><i class="fa fa-share-alt" aria-hidden="true"></i>分享地址(点击复制)</a></label>
        <div class="layui-input-block">
+          {%if GetConfig("verify_url")=="True"%}
+          <input type="text" id="share" class="layui-input" value="{{url}}&action=share" >
+          {%else%}
          <input type="text" id="share" class="layui-input" value="{{url}}?action=share" >
+          {%endif%}
        </div>
      </div>
    </div>
@ -23,7 +27,7 @@
      </div>
    </div>
        <br>
- <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+ <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>


--- a/app/templates/theme/layui/show/video.html
+++ b/app/templates/theme/layui/show/video.html
@ -12,7 +12,11 @@
      <div class="layui-form-item" pane>
        <label class="layui-form-label"><a onclick="copyUrl('share')"><i class="fa fa-share-alt" aria-hidden="true"></i>分享地址(点击复制)</a></label>
        <div class="layui-input-block">
+          {%if GetConfig("verify_url")=="True"%}
+          <input type="text" id="share" class="layui-input" value="{{url}}&action=share" >
+          {%else%}
          <input type="text" id="share" class="layui-input" value="{{url}}?action=share" >
+          {%endif%}
        </div>
      </div>
    </div>
@ -30,7 +34,7 @@
            container: document.getElementById('dplayer'),
            lang: 'zh-cn',
            video: {
-                url: "{{inner_url}}",
+                url: "{{url}}",
                type: 'auto'
            },
            autoplay: true
@ -41,7 +45,7 @@
            if(cnt<=3){
                console.log('获取资源错误，开始重新加载！');
                let last = dp.video.currentTime;
-                dp.video.src = "{{inner_url}}";
+                dp.video.src = "{{url}}";
                dp.video.load();
                dp.video.currentTime = last;
                dp.play();
@ -54,7 +58,7 @@
            if (!dp.video.paused && !dp.video.ended) {
                console.log('开始重新加载！');
                let last = dp.video.currentTime;
-                dp.video.src = "{{inner_url}}";
+                dp.video.src = "{{url}}";
                dp.video.load();
                dp.video.currentTime = last;
                dp.play();
@ -63,6 +67,6 @@
    });

 </script>
- <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+ <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>
 {%endblock content%}
--- a/app/templates/theme/layui/show/video2.html
+++ b/app/templates/theme/layui/show/video2.html
@ -12,7 +12,11 @@
      <div class="layui-form-item" pane>
        <label class="layui-form-label"><a onclick="copyUrl('share')"><i class="fa fa-share-alt" aria-hidden="true"></i>分享地址(点击复制)</a></label>
        <div class="layui-input-block">
-          <input type="text" id="share" class="layui-input" value="{{url}}?action=share" >
+            {%if GetConfig("verify_url")=="True"%}
+            <input type="text" id="share" class="layui-input" value="{{url}}&action=share" >
+            {%else%}
+            <input type="text" id="share" class="layui-input" value="{{url}}?action=share" >
+            {%endif%}
        </div>
      </div>
    </div>
@ -30,7 +34,7 @@
            container: document.getElementById('dplayer'),
            lang: 'zh-cn',
            video: {
-                url: "{{inner_url}}?action=play",
+                url: "{{url}}",
                type: 'auto'
            },
            autoplay: true
@ -41,7 +45,7 @@
            if(cnt<=3){
                console.log('获取资源错误，开始重新加载！');
                let last = dp.video.currentTime;
-                dp.video.src = "{{inner_url}}?action=play";
+                dp.video.src = "{{url}}";
                dp.video.load();
                dp.video.currentTime = last;
                dp.play();
@ -54,7 +58,7 @@
            if (!dp.video.paused && !dp.video.ended) {
                console.log('开始重新加载！');
                let last = dp.video.currentTime;
-                dp.video.src = "{{inner_url}}?action=play";
+                dp.video.src = "{{url}}";
                dp.video.load();
                dp.video.currentTime = last;
                dp.play();
@ -62,6 +66,6 @@
        }, 1000 * 60 * 25)
    });
    </script>
-    <a href="{{inner_url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
+    <a href="{{url}}" class="fab-fixed"><i class="fa fa-download fa-3x" aria-hidden="true"></i></a>
 </div>
 {%endblock content%}
--- a/app/templates/theme/material/index.html
+++ b/app/templates/theme/material/index.html
@ -51,10 +51,14 @@
                    </li>
                    {%else%}
                        <li class="mdui-list-item file mdui-ripple">
-                            <a href="{{url_for('front.index',path=data['path'])|safe}}" target="_blank">
+                            {%if GetConfig("verify_url")=="True"%}
+                            <a href="{{url_for('front.index',path=data['path'],token=GenerateToken(data['path']))}}" target="_blank">
+                            {%else%}
+                            <a href="{{url_for('front.index',path=data['path'])}}" target="_blank">
+                            {%endif%}
                                {%if image_mode==1%}
                                    {%if file_ico(data)=='image'%}
-                                        <img class="mdui-img-fluid" src="{{url_for('front.show',fileid=data['id'],user=cur_user,action='download')}}"/>
+                                        <img class="mdui-img-fluid" src="{{url_for('front.show',fileid=data['id'],user=cur_user,action='download',token=GenerateToken(data['path']))}}"/>
                                    {%else%}
                                        <div class="mdui-col-xs-8 mdui-col-sm-5 mdui-text-truncate">
                                            <i class="mdui-icon material-icons">{{file_ico(data)}}</i> {{data['name']}}
@ -112,7 +116,11 @@ $$(function() {
              shadeClose: true,
              shade: 0.8,
              area: ['100%', '100%'],
+              {%if GetConfig("verify_url")=="True"%}
+              content: $$(this).attr('href')+"&action=share" //iframe的url
+              {%else%}
              content: $$(this).attr('href')+"?action=share" //iframe的url
+              {%endif%}
            });
            return false;
        });
--- a/app/templates/theme/material/show/audio.html
+++ b/app/templates/theme/material/show/audio.html
@ -13,7 +13,11 @@
  <!-- 固定标签 -->
  <div class="mdui-textfield">
    <label class="mdui-textfield-label">分享地址</label>
+    {%if GetConfig("verify_url")=="True"%}
+    <input class="mdui-textfield-input" type="text" id="share" value="{{url}}&action=share" onclick="copyUrl('share')"/>
+    {%else%}
    <input class="mdui-textfield-input" type="text" id="share" value="{{url}}?action=share" onclick="copyUrl('share')"/>
+    {%endif%}
  </div>
  <div class="mdui-textfield">
    <label class="mdui-textfield-label">调用地址</label>
--- a/app/templates/theme/material/show/code.html
+++ b/app/templates/theme/material/show/code.html
@ -11,7 +11,11 @@
 </div>
 <div class="mdui-textfield">
  <label class="mdui-textfield-label">分享地址</label>
-  <input class="mdui-textfield-input" type="text" id="share" value="{{url}}?action=share" onclick="copyUrl('share')"/>
+ {%if GetConfig("verify_url")=="True"%}
+ <input class="mdui-textfield-input" type="text" id="share" value="{{url}}&action=share" onclick="copyUrl('share')"/>
+ {%else%}
+ <input class="mdui-textfield-input" type="text" id="share" value="{{url}}?action=share" onclick="copyUrl('share')"/>
+ {%endif%}
 </div>
 <div class="mdui-textfield">
  <label class="mdui-textfield-label">调用地址</label>
--- a/app/templates/theme/material/show/image.html
+++ b/app/templates/theme/material/show/image.html
@ -3,11 +3,15 @@
 {%block content%}
 <div class="mdui-container-fluid">
    <br>
-    <img class="mdui-img-fluid" src="{{inner_url}}"/>
+    <img class="mdui-img-fluid" src="{{url}}"/>
    <br>
    <div class="mdui-textfield">
      <label class="mdui-textfield-label">分享地址</label>
+      {%if GetConfig("verify_url")=="True"%}
+      <input class="mdui-textfield-input" type="text" id="share" value="{{url}}&action=share" onclick="copyUrl('share')"/>
+      {%else%}
      <input class="mdui-textfield-input" type="text" id="share" value="{{url}}?action=share" onclick="copyUrl('share')"/>
+      {%endif%}
    </div>
    <div class="mdui-textfield">
      <label class="mdui-textfield-label">调用地址</label>
@ -19,5 +23,5 @@
    </div>
    <br>
 </div>
-<a href="{{inner_url}}" class="mdui-fab mdui-fab-fixed mdui-ripple mdui-color-theme-accent"><i class="mdui-icon material-icons">file_download</i></a>
+<a href="{{url}}" class="mdui-fab mdui-fab-fixed mdui-ripple mdui-color-theme-accent"><i class="mdui-icon material-icons">file_download</i></a>
 {%endblock content%}
--- a/app/templates/theme/material/show/video.html
+++ b/app/templates/theme/material/show/video.html
@ -10,7 +10,11 @@
  <!-- 固定标签 -->
  <div class="mdui-textfield">
    <label class="mdui-textfield-label">分享地址</label>
+    {%if GetConfig("verify_url")=="True"%}
+    <input class="mdui-textfield-input" type="text" id="share" value="{{url}}&action=share" onclick="copyUrl('share')"/>
+    {%else%}
    <input class="mdui-textfield-input" type="text" id="share" value="{{url}}?action=share" onclick="copyUrl('share')"/>
+    {%endif%}
  </div>
  <div class="mdui-textfield">
    <label class="mdui-textfield-label">调用地址</label>
@ -23,7 +27,7 @@
          container: document.getElementById('dplayer'),
          lang: 'zh-cn',
          video: {
-              url: "{{inner_url}}",
+              url: "{{url}}",
              type: 'auto'
          },
          autoplay: true
@ -34,7 +38,7 @@
          if(cnt<=3){
              console.log('获取资源错误，开始重新加载！');
              let last = dp.video.currentTime;
-              dp.video.src = "{{inner_url}}";
+              dp.video.src = "{{url}}";
              dp.video.load();
              dp.video.currentTime = last;
              dp.play();
@ -47,7 +51,7 @@
          if (!dp.video.paused && !dp.video.ended) {
              console.log('开始重新加载！');
              let last = dp.video.currentTime;
-              dp.video.src = "{{inner_url}}";
+              dp.video.src = "{{url}}";
              dp.video.load();
              dp.video.currentTime = last;
              dp.play();
@ -55,5 +59,5 @@
      }, 1000 * 60 * 25)
  });
 </script>
-<a href="{{inner_url}}" class="mdui-fab mdui-fab-fixed mdui-ripple mdui-color-theme-accent"><i class="mdui-icon material-icons">file_download</i></a>
+<a href="{{url}}" class="mdui-fab mdui-fab-fixed mdui-ripple mdui-color-theme-accent"><i class="mdui-icon material-icons">file_download</i></a>
 {%endblock content%}
--- a/app/templates/theme/material/show/video2.html
+++ b/app/templates/theme/material/show/video2.html
@ -11,7 +11,11 @@
  <!-- 固定标签 -->
  <div class="mdui-textfield">
    <label class="mdui-textfield-label">分享地址</label>
+    {%if GetConfig("verify_url")=="True"%}
+    <input class="mdui-textfield-input" type="text" id="share" value="{{url}}&action=share" onclick="copyUrl('share')"/>
+    {%else%}
    <input class="mdui-textfield-input" type="text" id="share" value="{{url}}?action=share" onclick="copyUrl('share')"/>
+    {%endif%}
  </div>
  <div class="mdui-textfield">
    <label class="mdui-textfield-label">调用地址</label>
@ -24,7 +28,7 @@
          container: document.getElementById('dplayer'),
          lang: 'zh-cn',
          video: {
-              url: "{{inner_url}}?action=play",
+              url: "{{url}}",
              type: 'auto'
          },
          autoplay: true
@ -35,7 +39,7 @@
          if(cnt<=3){
              console.log('获取资源错误，开始重新加载！');
              let last = dp.video.currentTime;
-              dp.video.src = "{{inner_url}}?action=play";
+              dp.video.src = "{{url}}";
              dp.video.load();
              dp.video.currentTime = last;
              dp.play();
@ -48,7 +52,7 @@
          if (!dp.video.paused && !dp.video.ended) {
              console.log('开始重新加载！');
              let last = dp.video.currentTime;
-              dp.video.src = "{{inner_url}}?action=play";
+              dp.video.src = "{{url}}";
              dp.video.load();
              dp.video.currentTime = last;
              dp.play();
@ -56,5 +60,5 @@
      }, 1000 * 60 * 25)
  });
 </script>
-<a href="{{inner_url}}" class="mdui-fab mdui-fab-fixed mdui-ripple mdui-color-theme-accent"><i class="mdui-icon material-icons">file_download</i></a>
+<a href="{{url}}" class="mdui-fab mdui-fab-fixed mdui-ripple mdui-color-theme-accent"><i class="mdui-icon material-icons">file_download</i></a>
 {%endblock content%}
--- a/app/utils/init.py
+++ b/app/utils/init.py
@ -8,4 +8,5 @@ from upload_method import *
 from header import *
 from logmanage import *
 from pan_move import *
+from aes import *

--- a/app/utils/aes.py
+++ b/app/utils/aes.py
@ -0,0 +1,77 @@
+#-*- coding=utf-8 -*-
+from header import *
+from Crypto import Random
+from Crypto.Cipher import AES
+import hashlib
+import base64
+import time
+import urllib
+
+
+class AesCls(object):
+    def __init__(self,key):
+        self.key=key
+
+    def pad(self,data):
+        length = 16 - (len(data) % 16)
+        return data + (chr(length)*length).encode()
+
+    def unpad(self,data):
+        return data[:-(data[-1] if type(data[-1]) == int else ord(data[-1]))]
+
+    def bytes_to_key(self,data, salt, output=48):
+        # extended from https://gist.github.com/gsakkis/4546068
+        assert len(salt) == 8, len(salt)
+        data=data.encode('utf-8')
+        data += salt
+        key = hashlib.md5(data).digest()
+        final_key = key
+        while len(final_key) < output:
+            key = hashlib.md5(key + data).digest()
+            final_key += key
+        return final_key[:output]
+
+    def encrypt(self,message):
+        salt = Random.new().read(8)
+        key_iv = self.bytes_to_key(self.key, salt, 32+16)
+        key = key_iv[:32]
+        iv = key_iv[32:]
+        aes = AES.new(key, AES.MODE_CBC, iv)
+        return base64.b64encode(b"Salted__" + salt + aes.encrypt(self.pad(message)))
+
+    def decrypt(self,encrypted):
+        encrypted = base64.b64decode(encrypted)
+        assert encrypted[0:8] == b"Salted__"
+        salt = encrypted[8:16]
+        key_iv = self.bytes_to_key(self.key, salt, 32+16)
+        key = key_iv[:32]
+        iv = key_iv[32:]
+        aes = AES.new(key, AES.MODE_CBC, iv)
+        return self.unpad(aes.decrypt(encrypted[16:]))
+
+
+def replace_token(token):
+    return token.replace('+','plus').replace('/','xiegang').replace('=','equal')
+
+def reverse_token(token):
+    return token.replace('plus','+').replace('xiegang','/').replace('equal','=')
+
+def VerifyToken(token,filepath):
+    print token
+    token=reverse_token(token)
+    print token
+    path=filepath.split(':')[-1]
+    ae=AesCls(GetConfig("password"))
+    msg=ae.decrypt(token)
+    r_filepath,timeout=msg.split('#$#')
+    if r_filepath==path and int(timeout)>time.time():
+        return True
+    else:
+        return False
+
+def GenerateToken(filepath):
+    path=filepath.split(':')[-1]
+    ae=AesCls(GetConfig("password"))
+    timeout=int(time.time())+int(GetConfig("downloadUrl_timeout"))
+    key="{}#$#{}".format(path,timeout)
+    return replace_token(ae.encrypt(key))
--- a/config.py
+++ b/config.py
@ -14,7 +14,7 @@ class config:
    if REDIS_PASSWORD!='':
        CACHE_REDIS_PASSWORD=REDIS_PASSWORD
    SEND_FILE_MAX_AGE_DEFAULT=timedelta(seconds=1)
-    version='4.190529'
+    version='4.190531'

    @staticmethod
    def init_app(app):
--- a/run.py
+++ b/run.py
@ -39,6 +39,10 @@ tmp_rd.set('ARIA2_PORT',ARIA2_PORT)
 tmp_rd.set('ARIA2_SECRET',ARIA2_SECRET)
 tmp_rd.set('ARIA2_SCHEME',ARIA2_SCHEME)
 tmp_rd.set('password',password)
+tmp_rd.set('verify_url',verify_url)
+tmp_rd.set('balance',balance)
+tmp_rd.set('admin_prefix',admin_prefix)
+tmp_rd.set('thread_num',thread_num)
 config_path=os.path.join(config_dir,'self_config.py')
 with open(config_path,'r') as f:
    text=f.read()
@ -62,6 +66,7 @@ app.jinja_env.globals['CutText']=CutText
 app.jinja_env.globals['GetConfig']=GetConfig
 app.jinja_env.globals['config_dir']=config_dir
 app.jinja_env.globals['GetThemeList']=GetThemeList
+app.jinja_env.globals['GenerateToken']=GenerateToken
 app.jinja_env.globals['get_od_user']=get_od_user

 ################################################################################
--- a/self_config.py.sample
+++ b/self_config.py.sample
@ -79,6 +79,10 @@ balance="False"
 #多线程最大线程
 thread_num="5"

+#是否开启下载链接验证
+verify_url="True"
+
+
 od_users={
    "A":{
        "client_id":"",
--- a/update.sh
+++ b/update.sh
@ -111,6 +111,13 @@ Disallow:  /
        echo 'thread_num="5"' >> self_config.py
    fi

+    num=`cat self_config.py | grep "verify_url" | wc -l`
+    if [ $num == 0 ]; then
+        echo '' >> self_config.py
+        echo 'verify_url="False"' >> self_config.py
+    fi
+
+
 }


@ -194,6 +201,7 @@ echo "2019.05.24更新版本：支持世纪互联版本onedrive"
 echo "2019.05.25更新版本：参考olaindex，视频和音频出错自动加载&每25分钟重新加载一次"
 echo "2019.05.28更新版本：修复开启负债均衡之后，文件名有特殊符号播放不了的bug"
 echo "2019.05.29更新版本：支持自定义线程数"
+echo "2019.05.31更新版本：新增功能：1）下载链接验证开关；优化：1）aria2信息不对时，无法添加任务"
 echo "---------------------------------------------------------------"
 echo "更新完成！"
 echo "如果网站无法访问，请检查config.py!"