From c0c9975be35cc63c2c4ff51ef0e596af72391436 Mon Sep 17 00:00:00 2001
From: wangruidong <940853815@qq.com>
Date: Fri, 27 Feb 2026 14:24:17 +0800
Subject: [PATCH] fix: timing-unsafe `bootstrap_token` comparison

---
 apps/common/permissions.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/apps/common/permissions.py b/apps/common/permissions.py
index 72948d4b1..cb6f902ca 100644
--- a/apps/common/permissions.py
+++ b/apps/common/permissions.py
@@ -1,5 +1,6 @@
 # -*- coding: utf-8 -*-
 #
+import hmac
 import time
 
 from django.conf import settings
@@ -48,7 +49,10 @@ class WithBootstrapToken(permissions.BasePermission):
             return False
 
         request_bootstrap_token = authorization.split()[-1]
-        return settings.BOOTSTRAP_TOKEN == request_bootstrap_token
+        return hmac.compare_digest(
+            settings.BOOTSTRAP_TOKEN.encode(),
+            request_bootstrap_token.encode()
+        )
 
 
 class ServiceAccountSignaturePermission(permissions.BasePermission):