kevisual/code-center
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更新依赖项,使用 Busboy 替代 formidable 处理文件上传,优化上传逻辑,改进权限检查

Browse Source
This commit is contained in:
熊潇
2025-12-21 06:41:27 +08:00
parent 15fcfdad18
commit 8a633feb4f
12 changed files with 344 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

157
src/routes-simple/code/upload.ts
View File

@@ -1,4 +1,4 @@
import { IncomingForm } from 'formidable';
import Busboy from 'busboy';
import { checkAuth } from '../middleware/auth.ts';
import { router, clients, writeEvents } from '../router.ts';
import { error } from '../middleware/auth.ts';
@@ -7,50 +7,94 @@ import { useFileStore } from '@kevisual/use-config/file-store';
import { app, minioClient } from '@/app.ts';
import { bucketName } from '@/modules/minio.ts';
import { getContentType } from '@/utils/get-content-type.ts';
import path from 'path';
import { createWriteStream } from 'fs';
import crypto from 'crypto';
import { pipeBusboy } from '@/modules/fm-manager/index.ts';
const cacheFilePath = useFileStore('cache-file', { needExists: true });
router.post('/api/micro-app/upload', async (req, res) => {
if (res.headersSent) return; // 如果响应已发送不再处理
if (res.headersSent) return; // 如果响应已发送,不再处理
res.writeHead(200, { 'Content-Type': 'application/json' });
const { tokenUser, token } = await checkAuth(req, res);
if (!tokenUser) return;
//
// 使用 formidable 解析 multipart/form-data
const form = new IncomingForm({
multiples: false, // 支持多文件上传
uploadDir: cacheFilePath, // 上传文件存储目录
allowEmptyFiles: true, // 允许空
minFileSize: 0, // 最小文件大小
maxFiles: 1, // 最大文件数量
createDirsFromUploads: false, // 根据上传的文件夹结构创建目录
keepExtensions: true, // 保留文件
hashAlgorithm: 'md5', // 文件哈希算法
// 使用 busboy 解析 multipart/form-data
const busboy = Busboy({ headers: req.headers });
const fields: any = {};
let file: any = null;
let filePromise: Promise<void> | null = null;
let bytesReceived = 0;
let bytesExpected = parseInt(req.headers['content-length'] || '0');
busboy.on('field', (fieldname, value) => {
fields[fieldname] = value;
});
form.on('progress', (bytesReceived, bytesExpected) => {
const progress = (bytesReceived / bytesExpected) * 100;
console.log(`Upload progress: ${progress.toFixed(2)}%`);
const data = {
progress: progress.toFixed(2),
message: `Upload progress: ${progress.toFixed(2)}%`,
};
writeEvents(req, data);
});
// 解析上传的文件
form.parse(req, async (err, fields, files) => {
if (err) {
res.end(error(`Upload error: ${err.message}`));
const uploadedFiles = Array.isArray(files.file) ? files.file : [files.file];
uploadedFiles.forEach((file) => {
fs.unlinkSync(file.filepath);
busboy.on('file', (fieldname, fileStream, info) => {
const { filename, encoding, mimeType } = info;
const tempPath = path.join(cacheFilePath, `${Date.now()}-${Math.random().toString(36).substring(7)}-${filename}`);
const writeStream = createWriteStream(tempPath);
const hash = crypto.createHash('md5');
let size = 0;
filePromise = new Promise<void>((resolve, reject) => {
fileStream.on('data', (chunk) => {
bytesReceived += chunk.length;
size += chunk.length;
hash.update(chunk);
if (bytesExpected > 0) {
const progress = (bytesReceived / bytesExpected) * 100;
console.log(`Upload progress: ${progress.toFixed(2)}%`);
const data = {
progress: progress.toFixed(2),
message: `Upload progress: ${progress.toFixed(2)}%`,
};
writeEvents(req, data);
}
});
return;
fileStream.pipe(writeStream);
writeStream.on('finish', () => {
file = {
filepath: tempPath,
originalFilename: filename,
mimetype: mimeType,
hash: hash.digest('hex'),
size: size,
};
resolve();
});
writeStream.on('error', (err) => {
reject(err);
});
});
});
busboy.on('finish', async () => {
// 等待文件写入完成
if (filePromise) {
try {
await filePromise;
} catch (err) {
console.error(`File write error: ${err.message}`);
res.end(error(`File write error: ${err.message}`));
return;
}
}
const clearFiles = () => {
const uploadedFiles = Array.isArray(files.file) ? files.file : [files.file];
uploadedFiles.forEach((file) => {
if (file?.filepath && fs.existsSync(file.filepath)) {
fs.unlinkSync(file.filepath);
});
}
};
if (!file) {
res.end(error('No file uploaded'));
return;
}
let appKey, collection;
const { appKey: _appKey, collection: _collecion } = fields;
if (Array.isArray(_appKey)) {
@@ -68,31 +112,28 @@ router.post('/api/micro-app/upload', async (req, res) => {
appKey = appKey || 'micro-app';
console.log('Appkey', appKey);
console.log('collection', collection);
// 逐个处理每个上传的文件
const uploadedFiles = Array.isArray(files.file) ? files.file : [files.file];
// 处理上传的文件
const uploadResults = [];
for (let i = 0; i < uploadedFiles.length; i++) {
const file = uploadedFiles[i];
// @ts-ignore
const tempPath = file.filepath; // 文件上传时的临时路径
const relativePath = file.originalFilename; // 保留表单中上传的文件名 (包含文件夹结构)
// 比如 child2/b.txt
const minioPath = `private/${tokenUser.username}/${appKey}/${relativePath}`;
// 上传到 MinIO 并保留文件夹结构
const isHTML = relativePath.endsWith('.html');
await minioClient.fPutObject(bucketName, minioPath, tempPath, {
'Content-Type': getContentType(relativePath),
'app-source': 'user-micro-app',
'Cache-Control': isHTML ? 'no-cache' : 'max-age=31536000, immutable', // 缓存一年
});
uploadResults.push({
name: relativePath,
path: minioPath,
hash: file.hash,
size: file.size,
});
fs.unlinkSync(tempPath); // 删除临时文件
}
const tempPath = file.filepath; // 文件上传时的临时路径
const relativePath = file.originalFilename; // 保留表单中上传的文件名 (包含文件夹结构)
// 比如 child2/b.txt
const minioPath = `private/${tokenUser.username}/${appKey}/${relativePath}`;
// 上传到 MinIO 并保留文件夹结构
const isHTML = relativePath.endsWith('.html');
await minioClient.fPutObject(bucketName, minioPath, tempPath, {
'Content-Type': getContentType(relativePath),
'app-source': 'user-micro-app',
'Cache-Control': isHTML ? 'no-cache' : 'max-age=31536000, immutable', // 缓存一年
});
uploadResults.push({
name: relativePath,
path: minioPath,
hash: file.hash,
size: file.size,
});
fs.unlinkSync(tempPath); // 删除临时文件
// 受控
const r = await app.call({
path: 'micro-app',
@@ -115,6 +156,8 @@ router.post('/api/micro-app/upload', async (req, res) => {
}
res.end(JSON.stringify(data));
});
pipeBusboy(req, res, busboy);
});

108
src/routes-simple/handle-request.ts
View File

@@ -1,7 +1,7 @@
import { useFileStore } from '@kevisual/use-config/file-store';
import http from 'node:http';
import fs from 'fs';
import { IncomingForm } from 'formidable';
import Busboy from 'busboy';
import { app, minioClient } from '@/app.ts';
import { bucketName } from '@/modules/minio.ts';
@@ -11,6 +11,9 @@ import { getContainerById } from '@/routes/container/module/get-container-file.t
import { router, error, checkAuth, writeEvents } from './router.ts';
import './index.ts';
import { handleRequest as PageProxy } from './page-proxy.ts';
import path from 'path';
import { createWriteStream } from 'fs';
import { pipeBusboy } from '@/modules/fm-manager/pipe-busboy.ts';
const cacheFilePath = useFileStore('cache-file', { needExists: true });
router.get('/api/app/upload', async (req, res) => {
@@ -23,41 +26,80 @@ router.post('/api/app/upload', async (req, res) => {
res.writeHead(200, { 'Content-Type': 'application/json' });
const { tokenUser, token } = await checkAuth(req, res);
if (!tokenUser) return;
// 使用 formidable 解析 multipart/form-data
const form = new IncomingForm({
multiples: true, // 支持多文件上传
uploadDir: cacheFilePath, // 上传文件存储目录
allowEmptyFiles: true, // 允许空
minFileSize: 0, // 最小文件大小
createDirsFromUploads: false, // 根据上传的文件夹结构创建目录
keepExtensions: true, // 保留文件
hashAlgorithm: 'md5', // 文件哈希算法
// 使用 busboy 解析 multipart/form-data
const busboy = Busboy({ headers: req.headers });
const fields: any = {};
const files: any = [];
const filePromises: Promise<void>[] = [];
let bytesReceived = 0;
let bytesExpected = parseInt(req.headers['content-length'] || '0');
busboy.on('field', (fieldname, value) => {
fields[fieldname] = value;
});
form.on('progress', (bytesReceived, bytesExpected) => {
const progress = (bytesReceived / bytesExpected) * 100;
console.log(`Upload progress: ${progress.toFixed(2)}%`);
const data = {
progress: progress.toFixed(2),
message: `Upload progress: ${progress.toFixed(2)}%`,
};
writeEvents(req, data);
});
// 解析上传的文件
form.parse(req, async (err, fields, files) => {
if (err) {
res.end(error(`Upload error: ${err.message}`));
const uploadedFiles = Array.isArray(files.file) ? files.file : [files.file];
uploadedFiles.forEach((file) => {
fs.unlinkSync(file.filepath);
busboy.on('file', (fieldname, fileStream, info) => {
const { filename, encoding, mimeType } = info;
const tempPath = path.join(cacheFilePath, `${Date.now()}-${Math.random().toString(36).substring(7)}-${filename}`);
const writeStream = createWriteStream(tempPath);
const filePromise = new Promise<void>((resolve, reject) => {
fileStream.on('data', (chunk) => {
bytesReceived += chunk.length;
if (bytesExpected > 0) {
const progress = (bytesReceived / bytesExpected) * 100;
console.log(`Upload progress: ${progress.toFixed(2)}%`);
const data = {
progress: progress.toFixed(2),
message: `Upload progress: ${progress.toFixed(2)}%`,
};
writeEvents(req, data);
}
});
fileStream.pipe(writeStream);
writeStream.on('finish', () => {
files.push({
filepath: tempPath,
originalFilename: filename,
mimetype: mimeType,
});
resolve();
});
writeStream.on('error', (err) => {
reject(err);
});
});
filePromises.push(filePromise);
});
busboy.on('finish', async () => {
// 等待所有文件写入完成
try {
await Promise.all(filePromises);
} catch (err) {
console.error(`File write error: ${err.message}`);
res.end(error(`File write error: ${err.message}`));
return;
}
const clearFiles = () => {
const uploadedFiles = Array.isArray(files.file) ? files.file : [files.file];
uploadedFiles.forEach((file) => {
fs.unlinkSync(file.filepath);
files.forEach((file: any) => {
if (file?.filepath && fs.existsSync(file.filepath)) {
fs.unlinkSync(file.filepath);
}
});
};
// 检查是否有文件上传
if (files.length === 0) {
res.end(error('files is required'));
return;
}
let appKey,
version,
username = '';
@@ -99,11 +141,9 @@ router.post('/api/app/upload', async (req, res) => {
console.log('Appkey', appKey, version);
// 逐个处理每个上传的文件
const uploadedFiles = Array.isArray(files.file) ? files.file : [files.file];
const uploadResults = [];
for (let i = 0; i < uploadedFiles.length; i++) {
const file = uploadedFiles[i];
// @ts-ignore
for (let i = 0; i < files.length; i++) {
const file = files[i];
const tempPath = file.filepath; // 文件上传时的临时路径
const relativePath = file.originalFilename; // 保留表单中上传的文件名 (包含文件夹结构)
// 比如 child2/b.txt
@@ -144,6 +184,8 @@ router.post('/api/app/upload', async (req, res) => {
}
res.end(JSON.stringify(data));
});
pipeBusboy(req, res, busboy);
});
router.get('/api/container/file/:id', async (req, res) => {

80
src/routes-simple/resources/chunk.ts
View File

@@ -1,6 +1,6 @@
import { useFileStore } from '@kevisual/use-config/file-store';
import { checkAuth, error, router, writeEvents, getKey, getTaskId } from '../router.ts';
import { IncomingForm } from 'formidable';
import Busboy from 'busboy';
import { app, oss } from '@/app.ts';
import { getContentType } from '@/utils/get-content-type.ts';
@@ -8,6 +8,9 @@ import { User } from '@/models/user.ts';
import fs from 'fs';
import { ConfigModel } from '@/routes/config/models/model.ts';
import { validateDirectory } from './util.ts';
import path from 'path';
import { createWriteStream } from 'fs';
import { pipeBusboy } from '@/modules/fm-manager/index.ts';
const cacheFilePath = useFileStore('cache-file', { needExists: true });
@@ -23,35 +26,70 @@ router.post('/api/s1/resources/upload/chunk', async (req, res) => {
const url = new URL(req.url || '', 'http://localhost');
const share = !!url.searchParams.get('public');
const noCheckAppFiles = !!url.searchParams.get('noCheckAppFiles');
// 使用 formidable 解析 multipart/form-data
const form = new IncomingForm({
multiples: false, // 改为单文件上传
uploadDir: cacheFilePath, // 上传文件存储目录
allowEmptyFiles: true, // 允许空
minFileSize: 0, // 最小文件大小
createDirsFromUploads: false, // 根据上传的文件夹结构创建目录
keepExtensions: true, // 保留文件拓展名
hashAlgorithm: 'md5', // 文件哈希算法
});
const taskId = getTaskId(req);
const finalFilePath = `${cacheFilePath}/${taskId}`;
if (!taskId) {
res.end(error('taskId is required'));
return;
}
// 解析上传的文件
form.parse(req, async (err, fields, files) => {
const file = Array.isArray(files.file) ? files.file[0] : files.file;
// 使用 busboy 解析 multipart/form-data
const busboy = Busboy({ headers: req.headers });
const fields: any = {};
let file: any = null;
let tempPath = '';
let filePromise: Promise<void> | null = null;
busboy.on('field', (fieldname, value) => {
fields[fieldname] = value;
});
busboy.on('file', (fieldname, fileStream, info) => {
const { filename, encoding, mimeType } = info;
tempPath = path.join(cacheFilePath, `${Date.now()}-${Math.random().toString(36).substring(7)}-${filename}`);
const writeStream = createWriteStream(tempPath);
filePromise = new Promise<void>((resolve, reject) => {
fileStream.pipe(writeStream);
writeStream.on('finish', () => {
file = {
filepath: tempPath,
originalFilename: filename,
mimetype: mimeType,
};
resolve();
});
writeStream.on('error', (err) => {
reject(err);
});
});
});
busboy.on('finish', async () => {
// 等待文件写入完成
if (filePromise) {
try {
await filePromise;
} catch (err) {
console.error(`File write error: ${err.message}`);
res.end(error(`File write error: ${err.message}`));
return;
}
}
const clearFiles = () => {
if (file) {
fs.unlinkSync(file.filepath);
if (tempPath && fs.existsSync(tempPath)) {
fs.unlinkSync(tempPath);
}
if (fs.existsSync(finalFilePath)) {
fs.unlinkSync(finalFilePath);
}
};
if (err) {
res.end(error(`Upload error: ${err.message}`));
clearFiles();
if (!file) {
res.end(error('No file uploaded'));
return;
}
@@ -69,9 +107,7 @@ router.post('/api/s1/resources/upload/chunk', async (req, res) => {
clearFiles();
return;
}
const tempPath = file.filepath;
const relativePath = file.originalFilename;
// Append chunk to the final file
const writeStream = fs.createWriteStream(finalFilePath, { flags: 'a' });
const readStream = fs.createReadStream(tempPath);
@@ -195,4 +231,6 @@ router.post('/api/s1/resources/upload/chunk', async (req, res) => {
}
});
});
pipeBusboy(req, res, busboy);
});

97
src/routes-simple/resources/upload.ts
View File

@@ -1,12 +1,15 @@
import { useFileStore } from '@kevisual/use-config/file-store';
import { checkAuth, error, router, writeEvents, getKey } from '../router.ts';
import { IncomingForm } from 'formidable';
import Busboy from 'busboy';
import { app, minioClient } from '@/app.ts';
import { bucketName } from '@/modules/minio.ts';
import { getContentType } from '@/utils/get-content-type.ts';
import { User } from '@/models/user.ts';
import fs from 'fs';
import path from 'path';
import { createWriteStream } from 'fs';
import { pipeBusboy } from '@/modules/fm-manager/pipe-busboy.ts';
import { ConfigModel } from '@/routes/config/models/model.ts';
import { validateDirectory } from './util.ts';
import { pick } from 'lodash-es';
@@ -103,41 +106,79 @@ router.post('/api/s1/resources/upload', async (req, res) => {
const share = !!url.searchParams.get('public');
const meta = parseIfJson(url.searchParams.get('meta'));
const noCheckAppFiles = !!url.searchParams.get('noCheckAppFiles');
// 使用 formi dable 解析 multipart/form-data
const form = new IncomingForm({
multiples: true, // 支持多文件上传
uploadDir: cacheFilePath, // 上传文件存储目录
allowEmptyFiles: true, // 允许空
minFileSize: 0, // 最小文件大小
createDirsFromUploads: false, // 根据上传的文件夹结构创建目录
keepExtensions: true, // 保留文件拓展名
hashAlgorithm: 'md5', // 文件哈希算法
// 使用 busboy 解析 multipart/form-data
const busboy = Busboy({ headers: req.headers });
const fields: any = {};
const files: any[] = [];
const filePromises: Promise<void>[] = [];
let bytesReceived = 0;
let bytesExpected = parseInt(req.headers['content-length'] || '0');
busboy.on('field', (fieldname, value) => {
fields[fieldname] = value;
});
form.on('progress', (bytesReceived, bytesExpected) => {
const progress = (bytesReceived / bytesExpected) * 100;
const data = {
progress: progress.toFixed(2),
message: `Upload progress: ${progress.toFixed(2)}%`,
};
console.log('progress-upload', data);
writeEvents(req, data);
busboy.on('file', (fieldname, fileStream, info) => {
const { filename, encoding, mimeType } = info;
const tempPath = path.join(cacheFilePath, `${Date.now()}-${Math.random().toString(36).substring(7)}-${filename}`);
const writeStream = createWriteStream(tempPath);
const filePromise = new Promise<void>((resolve, reject) => {
fileStream.on('data', (chunk) => {
bytesReceived += chunk.length;
if (bytesExpected > 0) {
const progress = (bytesReceived / bytesExpected) * 100;
const data = {
progress: progress.toFixed(2),
message: `Upload progress: ${progress.toFixed(2)}%`,
};
console.log('progress-upload', data);
writeEvents(req, data);
}
});
fileStream.pipe(writeStream);
writeStream.on('finish', () => {
files.push({
filepath: tempPath,
originalFilename: filename,
mimetype: mimeType,
});
resolve();
});
writeStream.on('error', (err) => {
reject(err);
});
});
filePromises.push(filePromise);
});
// 解析上传的文件
form.parse(req, async (err, fields, files) => {
busboy.on('finish', async () => {
// 等待所有文件写入完成
try {
await Promise.all(filePromises);
} catch (err) {
logger.error(`File write error: ${err.message}`);
res.end(error(`File write error: ${err.message}`));
return;
}
const clearFiles = () => {
const uploadedFiles = Array.isArray(files.file) ? files.file : [files.file];
uploadedFiles.forEach((file) => {
files.forEach((file) => {
if (file?.filepath && fs.existsSync(file.filepath)) {
fs.unlinkSync(file.filepath);
}
});
};
if (err) {
logger.error(`Upload error: ${err.message}`);
res.end(error(`Upload error: ${err.message}`));
clearFiles();
// 检查是否有文件上传
if (files.length === 0) {
res.end(error('files is required'));
return;
}
let { appKey, version, username, directory, description } = getKey(fields, ['appKey', 'version', 'username', 'directory', 'description']);
let uid = tokenUser.id;
if (username) {
@@ -170,7 +211,7 @@ router.post('/api/s1/resources/upload', async (req, res) => {
return;
}
// 逐个处理每个上传的文件
const uploadedFiles = Array.isArray(files.file) ? files.file : [files.file];
const uploadedFiles = files;
logger.info(
'upload files',
uploadedFiles.map((item) => {
@@ -244,4 +285,6 @@ router.post('/api/s1/resources/upload', async (req, res) => {
);
}
});
pipeBusboy(req, res, busboy);
});

3
src/routes-simple/router.ts
View File

@@ -2,7 +2,6 @@ import { router } from '@/app.ts';
import http from 'http';
import { useContextKey } from '@kevisual/context';
import { checkAuth, error } from './middleware/auth.ts';
import formidable from 'formidable';
export { router, checkAuth, error };
/**
@@ -68,7 +67,7 @@ export const deleteOldClients = () => {
* @param parseKeys 需要解析的键
* @returns 解析后的数据
*/
export const getKey = (fields: formidable.Fields<string>, parseKeys: string[]) => {
export const getKey = (fields: Record<string, any>, parseKeys: string[]) => {
let value: Record<string, any> = {};
for (const key of parseKeys) {
const v = fields[key];