From f1603977f4d25a7f7a3c0256b75029f1f0b13eb9 Mon Sep 17 00:00:00 2001
From: zzlgreat <zzlgreat@gmail.com>
Date: Mon, 15 Dec 2025 08:19:40 +0800
Subject: [PATCH] =?UTF-8?q?security:=20app=5Fvx.py=20=E6=B7=BB=E5=8A=A0=20?=
 =?UTF-8?q?Redis=20=E5=AF=86=E7=A0=81=E8=AE=A4=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 修改 3 处 Redis 连接，添加密码参数
- 与 app.py 保持一致的安全配置

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 app_vx.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app_vx.py b/app_vx.py
index c65f100d..92a90b33 100644
--- a/app_vx.py
+++ b/app_vx.py
@@ -575,7 +575,7 @@ class TokenStore:
             return
         self._initialized = True
 
-        redis_url = os.environ.get('REDIS_URL', 'redis://localhost:6379/0')
+        redis_url = os.environ.get('REDIS_URL', 'redis://:VF_Redis_Secure_2024!@localhost:6379/0')
         try:
             import redis
             self._redis_client = redis.from_url(redis_url)
@@ -676,7 +676,7 @@ JWT_EXPIRATION_HOURS = 24 * 7  # Token有效期7天
 
 # Session 配置
 # 优先使用 Redis（支持多 worker 共享），否则回退到文件系统
-_REDIS_URL = os.environ.get('REDIS_URL', 'redis://localhost:6379/0')
+_REDIS_URL = os.environ.get('REDIS_URL', 'redis://:VF_Redis_Secure_2024!@localhost:6379/0')
 _USE_REDIS_SESSION = os.environ.get('USE_REDIS_SESSION', 'true').lower() == 'true'
 
 try:
@@ -4170,7 +4170,7 @@ def get_wechat_access_token(force_refresh=False):
     redis_client = None
     try:
         import redis
-        redis_client = redis.from_url(os.environ.get('REDIS_URL', 'redis://localhost:6379/0'))
+        redis_client = redis.from_url(os.environ.get('REDIS_URL', 'redis://:VF_Redis_Secure_2024!@localhost:6379/0'))
 
         # 如果不是强制刷新，尝试从 Redis 获取缓存的 token
         if not force_refresh: