kevisual/code-center
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: kevisual:82c9b834e95aa5d3d8764aad40b0df5be9071957
Branches Tags
kevisual:main
...
compare: kevisual:main
Branches Tags
kevisual:main

13 Commits
82c9b834e9 ... main

Author SHA1 Message Date
abearxiong
bd7525efb0 添加心跳机制以保持 WebSocket 连接,优化连接关闭时的资源清理 2026-02-05 04:58:28 +08:00
abearxiong
f616045625 优化用户代理逻辑,移除非管理员用户的敏感数据 2026-02-05 04:50:54 +08:00
abearxiong
a51d04341e 添加 @kevisual/api 依赖,更新 WebSocket 消息发送逻辑,支持上下文参数 2026-02-05 04:06:34 +08:00
abearxiong
7bbefd8a4a 添加自动检测最新版本功能,更新应用信息时支持检测参数 2026-02-05 01:07:44 +08:00
abearxiong
db5c5a89b3 clear 2026-02-04 19:48:02 +08:00
abearxiong
86d4c7f75b 移除不再支持的文件扩展名 '.mjs' 从文本内容类型列表中 2026-02-04 19:45:01 +08:00
abearxiong
cbc9b54284 update 2026-02-04 03:08:53 +08:00
abearxiong
b1d3ca241c 优化 token 处理逻辑,统一过期时间字段命名 2026-02-03 17:09:09 +08:00
abearxiong
158dd9e85c Refactor AI proxy error handling and remove deprecated upload and event routes 
- Updated `getAiProxy` function to return a JSON response for missing objects when the user is the owner.
- Removed the `upload.ts`, `event.ts`, and related middleware files to streamline the codebase.
- Cleaned up `handle-request.ts` and `index.ts` by removing unused imports and routes.
- Deleted chunk upload handling and related utility functions to simplify resource management.
- Enhanced app manager list functionality to support app creation if not found.
 2026-02-02 18:06:31 +08:00
abearxiong
82e3392b36 优化 token 处理逻辑,统一 createCookie 调用格式,返回 token 过期时间 2026-02-02 17:02:20 +08:00
abearxiong
a0f0f65d20 update 2026-02-01 19:26:44 +08:00
abearxiong
337abd2bc3 temp 2026-02-01 16:04:03 +08:00
abearxiong
32167faf67 重构 postProxy 函数,移动到新文件 ai-proxy-chunk/post-proxy.ts,优化文件上传处理逻辑 2026-02-01 14:33:26 +08:00
25 changed files with 616 additions and 1514 deletions
Expand all files Collapse all files

16
package.json
View File

@@ -49,7 +49,8 @@
"dependencies": {
"@kevisual/ai": "^0.0.24",
"@kevisual/auth": "^2.0.3",
"@kevisual/query": "^0.0.38",
"@kevisual/js-filter": "^0.0.5",
"@kevisual/query": "^0.0.39",
"@types/busboy": "^1.5.4",
"@types/send": "^1.2.1",
"@types/ws": "^8.18.1",
@@ -71,22 +72,23 @@
"zod-to-json-schema": "^3.25.1"
},
"devDependencies": {
"@aws-sdk/client-s3": "^3.980.0",
"@aws-sdk/client-s3": "^3.981.0",
"@kevisual/api": "^0.0.44",
"@kevisual/code-center-module": "0.0.24",
"@kevisual/context": "^0.0.4",
"@kevisual/file-listener": "^0.0.2",
"@kevisual/local-app-manager": "0.1.32",
"@kevisual/logger": "^0.0.4",
"@kevisual/oss": "0.0.18",
"@kevisual/permission": "^0.0.3",
"@kevisual/router": "0.0.65",
"@kevisual/oss": "0.0.19",
"@kevisual/permission": "^0.0.4",
"@kevisual/router": "0.0.70",
"@kevisual/types": "^0.0.12",
"@kevisual/use-config": "^1.0.28",
"@kevisual/use-config": "^1.0.30",
"@types/archiver": "^7.0.0",
"@types/bun": "^1.3.8",
"@types/crypto-js": "^4.2.2",
"@types/jsonwebtoken": "^9.0.10",
"@types/node": "^25.1.0",
"@types/node": "^25.2.0",
"@types/pg": "^8.16.0",
"@types/semver": "^7.7.1",
"@types/xml2js": "^0.4.14",

630
pnpm-lock.yaml generated
View File

File diff suppressed because it is too large Load Diff

8
src/auth/models/user.ts
View File

@@ -62,7 +62,13 @@ export class User extends Model {
oauthUser.orgId = id;
}
const token = await oauth.generateToken(oauthUser, { type: loginType, hasRefreshToken: true, ...expand });
return { accessToken: token.accessToken, refreshToken: token.refreshToken, token: token.accessToken };
return {
accessToken: token.accessToken,
refreshToken: token.refreshToken,
token: token.accessToken,
refreshTokenExpiresIn: token.refreshTokenExpiresIn,
accessTokenExpiresIn: token.accessTokenExpiresIn,
};
}
/**
* 验证token

36
src/auth/oauth/oauth.ts
View File

@@ -70,9 +70,16 @@ interface Store<T> {
expire: (key: string, ttl?: number) => Promise<void>;
delObject: (value?: T) => Promise<void>;
keys: (key?: string) => Promise<string[]>;
setToken: (value: { accessToken: string; refreshToken: string; value?: T }, opts?: StoreSetOpts) => Promise<void>;
setToken: (value: { accessToken: string; refreshToken: string; value?: T }, opts?: StoreSetOpts) => Promise<TokenData>;
delKeys: (keys: string[]) => Promise<number>;
}
type TokenData = {
accessToken: string;
accessTokenExpiresIn?: number;
refreshToken?: string;
refreshTokenExpiresIn?: number;
}
export class RedisTokenStore implements Store<OauthUser> {
redis: Redis;
private prefix: string = 'oauth:';
@@ -131,7 +138,7 @@ export class RedisTokenStore implements Store<OauthUser> {
await this.del(userPrefix + ':token:' + accessToken);
}
}
async setToken(data: { accessToken: string; refreshToken: string; value?: OauthUser }, opts?: StoreSetOpts) {
async setToken(data: { accessToken: string; refreshToken: string; value?: OauthUser }, opts?: StoreSetOpts): Promise<TokenData> {
const { accessToken, refreshToken, value } = data;
let userPrefix = 'user:' + value?.id;
if (value?.orgId) {
@@ -163,14 +170,20 @@ export class RedisTokenStore implements Store<OauthUser> {
await this.set(accessToken, JSON.stringify(value), expire);
await this.set(userPrefix + ':token:' + accessToken, accessToken, expire);
let refreshTokenExpiresIn = Math.min(expire * 7, 60 * 60 * 24 * 30, 60 * 60 * 24 * 365); // 最大为一年
if (refreshToken) {
let refreshTokenExpire = Math.min(expire * 7, 60 * 60 * 24 * 30, 60 * 60 * 24 * 365); // 最大为一年
// 小于7天, 则设置为7天
if (refreshTokenExpire < 60 * 60 * 24 * 7) {
refreshTokenExpire = 60 * 60 * 24 * 7;
if (refreshTokenExpiresIn < 60 * 60 * 24 * 7) {
refreshTokenExpiresIn = 60 * 60 * 24 * 7;
}
await this.set(refreshToken, JSON.stringify(value), refreshTokenExpire);
await this.set(userPrefix + ':refreshToken:' + refreshToken, refreshToken, refreshTokenExpire);
await this.set(refreshToken, JSON.stringify(value), refreshTokenExpiresIn);
await this.set(userPrefix + ':refreshToken:' + refreshToken, refreshToken, refreshTokenExpiresIn);
}
return {
accessToken,
accessTokenExpiresIn: expire,
refreshToken,
refreshTokenExpiresIn: refreshTokenExpiresIn,
}
}
async delKeys(keys: string[]) {
@@ -206,10 +219,7 @@ export class OAuth<T extends OauthUser> {
async generateToken(
user: T,
expandOpts?: StoreSetOpts,
): Promise<{
accessToken: string;
refreshToken?: string;
}> {
): Promise<TokenData> {
// 拥有refreshToken 为 true 时accessToken 为 st_ 开头refreshToken 为 rk_开头
// 意思是secretToken 和 secretKey的缩写
const accessToken = expandOpts?.hasRefreshToken ? 'st_' + randomId32() : 'sk_' + randomId64();
@@ -227,9 +237,9 @@ export class OAuth<T extends OauthUser> {
user.oauthExpand.refreshToken = refreshToken;
}
}
await this.store.setToken({ accessToken, refreshToken, value: user }, expandOpts);
const tokenData = await this.store.setToken({ accessToken, refreshToken, value: user }, expandOpts);
return { accessToken, refreshToken };
return tokenData;
}
async saveSecretKey(oauthUser: T, secretKey: string, opts?: StoreSetOpts) {
// 生成一个secretKey

1
src/modules/fm-manager/get-content-type.ts
View File

@@ -11,7 +11,6 @@ export const getTextContentType = (filePath: string, isFilePath = false) => {
'.env',
'.example',
'.log',
'.mjs',
'.map',
'.json5',
'.pem',

239
src/modules/fm-manager/proxy/ai-proxy-chunk/post-proxy.ts Normal file
View File

@@ -0,0 +1,239 @@
import { IncomingMessage, ServerResponse } from 'http';
import busboy from 'busboy';
import fs from 'fs';
import path from 'path';
import { createWriteStream } from 'fs';
import { parseSearchValue } from '@kevisual/router/src/server/parse-body.ts';
import { pipeBusboy } from '../../pipe-busboy.ts';
import { ProxyOptions, getMetadata, getObjectName } from '../ai-proxy.ts';
import { fileIsExist, useFileStore } from '@kevisual/use-config';
import { getContentType } from '../../get-content-type.ts';
const cacheFilePath = useFileStore('cache-file', { needExists: true });
export const postProxy = async (req: IncomingMessage, res: ServerResponse, opts: ProxyOptions) => {
const _u = new URL(req.url, 'http://localhost');
const pathname = _u.pathname;
const oss = opts.oss;
const params = _u.searchParams;
const force = !!params.get('force');
const hash = params.get('hash');
const _fileSize: string = params.get('size');
let fileSize: number | undefined = undefined;
if (_fileSize) {
fileSize = parseInt(_fileSize, 10);
}
console.log('postProxy', { hash, force, fileSize });
let meta = parseSearchValue(params.get('meta'), { decode: true });
if (!hash && !force) {
return opts?.createNotFoundPage?.('no hash');
}
const { objectName, isOwner } = await getObjectName(req);
if (!isOwner) {
return opts?.createNotFoundPage?.('no permission');
}
const end = (data: any, message?: string, code = 200) => {
res.writeHead(code, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({ code: code, data: data, message: message || 'success' }));
};
let statMeta: any = {};
if (!force) {
const check = await oss.checkObjectHash(objectName, hash, meta);
statMeta = check?.metaData || {};
let isNewMeta = false;
if (check.success && JSON.stringify(meta) !== '{}' && !check.equalMeta) {
meta = { ...statMeta, ...getMetadata(pathname), ...meta };
isNewMeta = true;
await oss.replaceObject(objectName, { ...meta });
}
if (check.success) {
return end({ success: true, hash, meta, isNewMeta, equalMeta: check.equalMeta }, '文件已存在');
}
}
const bb = busboy({
headers: req.headers,
limits: {
fileSize: 100 * 1024 * 1024, // 100MB
files: 1,
},
defCharset: 'utf-8',
});
let fileProcessed = false;
bb.on('file', async (name, file, info) => {
fileProcessed = true;
try {
await oss.putObject(
objectName,
file,
{
...statMeta,
...getMetadata(pathname),
...meta,
},
{ check: false, isStream: true },
);
end({ success: true, name, info, isNew: true, hash, meta: meta?.metaData, statMeta }, '上传成功', 200);
} catch (error) {
console.log('postProxy upload error', error);
end({ error: error }, '上传失败', 500);
}
});
bb.on('finish', () => {
// 只有当没有文件被处理时才执行end
if (!fileProcessed) {
end({ success: false }, '没有接收到文件', 400);
}
});
bb.on('error', (err) => {
console.error('Busboy 错误:', err);
end({ error: err }, '文件解析失败', 500);
});
pipeBusboy(req, res, bb);
};
export const postChunkProxy = async (req: IncomingMessage, res: ServerResponse, opts: ProxyOptions) => {
const oss = opts.oss;
const { objectName, isOwner } = await getObjectName(req);
if (!isOwner) {
return opts?.createNotFoundPage?.('no permission');
}
const _u = new URL(req.url, 'http://localhost');
const params = _u.searchParams;
const meta = parseSearchValue(params.get('meta'), { decode: true });
const end = (data: any, message?: string, code = 200) => {
res.writeHead(code, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({ code: code, data: data, message: message || 'success' }));
};
const bb = busboy({
headers: req.headers,
limits: {
fileSize: 100 * 1024 * 1024, // 100MB
files: 1,
},
defCharset: 'utf-8',
});
const fields: any = {};
let filePromise: Promise<void> | null = null;
let tempPath = '';
let file: any = null;
bb.on('field', (fieldname, value) => {
fields[fieldname] = value;
});
bb.on('file', (_fieldname, fileStream, info) => {
const { filename, mimeType } = info;
const decodedFilename = typeof filename === 'string' ? Buffer.from(filename, 'latin1').toString('utf8') : filename;
tempPath = path.join(cacheFilePath, `${Date.now()}-${Math.random().toString(36).substring(7)}`);
const writeStream = createWriteStream(tempPath);
filePromise = new Promise<void>((resolve, reject) => {
fileStream.pipe(writeStream);
writeStream.on('finish', () => {
file = {
filepath: tempPath,
originalFilename: decodedFilename,
mimetype: mimeType,
};
resolve();
});
writeStream.on('error', reject);
});
});
bb.on('finish', async () => {
if (filePromise) {
try {
await filePromise;
} catch (err) {
console.error(`File write error: ${err.message}`);
return end({ error: err }, '文件写入失败', 500);
}
}
const clearFiles = () => {
if (tempPath && fs.existsSync(tempPath)) {
fs.unlinkSync(tempPath);
}
};
if (!file) {
clearFiles();
return end({ success: false }, '没有接收到文件', 400);
}
let { chunkIndex, totalChunks } = fields;
chunkIndex = parseInt(chunkIndex, 10);
totalChunks = parseInt(totalChunks, 10);
if (isNaN(chunkIndex) || isNaN(totalChunks) || totalChunks <= 0) {
clearFiles();
return end({ success: false }, 'chunkIndex 和 totalChunks 参数无效', 400);
}
const finalFilePath = path.join(cacheFilePath, `chunk-${objectName.replace(/[\/\.]/g, '-')}`);
const relativePath = file.originalFilename;
const writeStream = fs.createWriteStream(finalFilePath, { flags: 'a' });
const readStream = fs.createReadStream(tempPath);
readStream.pipe(writeStream);
writeStream.on('finish', async () => {
fs.unlinkSync(tempPath);
if (chunkIndex + 1 === totalChunks) {
try {
const metadata = {
...getMetadata(relativePath),
...meta,
'app-source': 'user-app',
};
if (fileIsExist(finalFilePath)) {
console.log('上传到对象存储', { objectName, metadata });
const content = fs.readFileSync(finalFilePath);
await oss.putObject(objectName, content, metadata);
console.log('上传到对象存储完成', { objectName });
fs.unlinkSync(finalFilePath);
}
return end({
success: true,
name: relativePath,
chunkIndex,
totalChunks,
objectName,
}, '分块上传完成', 200);
} catch (error) {
console.error('postChunkProxy upload error', error);
clearFiles();
if (fs.existsSync(finalFilePath)) {
fs.unlinkSync(finalFilePath);
}
return end({ error }, '上传失败', 500);
}
} else {
return end({
success: true,
chunkIndex,
totalChunks,
progress: ((chunkIndex + 1) / totalChunks) * 100,
}, '分块上传成功', 200);
}
});
writeStream.on('error', (err) => {
console.error('Write stream error', err);
clearFiles();
return end({ error: err }, '文件写入失败', 500);
});
});
bb.on('error', (err) => {
console.error('Busboy 错误:', err);
end({ error: err }, '文件解析失败', 500);
});
pipeBusboy(req, res, bb);
};

176
src/modules/fm-manager/proxy/ai-proxy.ts
View File

@@ -12,7 +12,7 @@ import { logger } from '@/modules/logger.ts';
import { pipeBusboy } from '../pipe-busboy.ts';
import { pipeMinioStream } from '../pipe.ts';
import { Readable } from 'stream';
import { postChunkProxy, postProxy } from './ai-proxy-chunk/post-proxy.ts'
type FileList = {
name: string;
prefix?: string;
@@ -54,6 +54,14 @@ export const getFileList = async (list: any, opts?: { objectName: string; app: s
});
};
// import { logger } from '@/module/logger.ts';
/**
* GET 处理 AI 代理请求
* 1. 如果是目录请求,返回目录列表
* 2. 如果是文件请求,返回文件流
*
* 如果是 stat
* 只返回对应的 stat 信息
*/
const getAiProxy = async (req: IncomingMessage, res: ServerResponse, opts: ProxyOptions) => {
const { createNotFoundPage } = opts;
const _u = new URL(req.url, 'http://localhost');
@@ -63,6 +71,7 @@ const getAiProxy = async (req: IncomingMessage, res: ServerResponse, opts: Proxy
const hash = params.get('hash');
let dir = !!params.get('dir');
const recursive = !!params.get('recursive');
const showStat = !!params.get('stat');
const { objectName, app, owner, loginUser, isOwner } = await getObjectName(req);
if (!dir && _u.pathname.endsWith('/')) {
dir = true; // 如果是目录请求强制设置为true
@@ -89,10 +98,19 @@ const getAiProxy = async (req: IncomingMessage, res: ServerResponse, opts: Proxy
return true;
}
const stat = await oss.statObject(objectName);
if (!stat) {
createNotFoundPage('Invalid proxy url');
if (!stat && isOwner) {
// createNotFoundPage('文件不存在');
res.writeHead(200, { 'content-type': 'application/json' });
res.end(
JSON.stringify({
code: 404,
message: 'object not found',
}),
);
logger.debug('no stat', objectName, owner, req.url);
return true;
} else if (!stat && !isOwner) {
return createNotFoundPage('Invalid ai proxy url');
}
const permissionInstance = new UserPermission({ permission: stat.metaData as Permission, owner: owner });
const checkPermission = permissionInstance.checkPermissionSuccess({
@@ -103,6 +121,20 @@ const getAiProxy = async (req: IncomingMessage, res: ServerResponse, opts: Proxy
logger.info('no permission', checkPermission, loginUser, owner);
return createNotFoundPage('no permission');
}
if (showStat) {
res.writeHead(200, { 'content-type': 'application/json' });
res.end(
JSON.stringify({
code: 200,
data: {
...stat,
metaData: filterKeys(stat.metaData, ['etag', 'size']),
},
}),
);
return true;
}
if (hash && stat.etag === hash) {
res.writeHead(304); // not modified
res.end('not modified');
@@ -153,88 +185,6 @@ export const getMetadata = (pathname: string) => {
return meta;
};
export const postProxy = async (req: IncomingMessage, res: ServerResponse, opts: ProxyOptions) => {
const _u = new URL(req.url, 'http://localhost');
const pathname = _u.pathname;
const oss = opts.oss;
const params = _u.searchParams;
const force = !!params.get('force');
const hash = params.get('hash');
const _fileSize: string = params.get('size');
let fileSize: number | undefined = undefined;
if (_fileSize) {
fileSize = parseInt(_fileSize, 10);
}
let meta = parseSearchValue(params.get('meta'), { decode: true });
if (!hash && !force) {
return opts?.createNotFoundPage?.('no hash');
}
const { objectName, isOwner } = await getObjectName(req);
if (!isOwner) {
return opts?.createNotFoundPage?.('no permission');
}
const end = (data: any, message?: string, code = 200) => {
res.writeHead(code, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({ code: code, data: data, message: message || 'success' }));
};
let statMeta: any = {};
if (!force) {
const check = await oss.checkObjectHash(objectName, hash, meta);
statMeta = check?.metaData || {};
let isNewMeta = false;
if (check.success && JSON.stringify(meta) !== '{}' && !check.equalMeta) {
meta = { ...statMeta, ...getMetadata(pathname), ...meta };
isNewMeta = true;
await oss.replaceObject(objectName, { ...meta });
}
if (check.success) {
return end({ success: true, hash, meta, isNewMeta, equalMeta: check.equalMeta }, '文件已存在');
}
}
const bb = busboy({
headers: req.headers,
limits: {
fileSize: 100 * 1024 * 1024, // 100MB
files: 1,
},
defCharset: 'utf-8',
});
let fileProcessed = false;
bb.on('file', async (name, file, info) => {
fileProcessed = true;
try {
await oss.putObject(
objectName,
file,
{
...statMeta,
...getMetadata(pathname),
...meta,
},
{ check: false, isStream: true },
);
end({ success: true, name, info, isNew: true, hash, meta: meta?.metaData, statMeta }, '上传成功', 200);
} catch (error) {
console.log('postProxy upload error', error);
end({ error: error }, '上传失败', 500);
}
});
bb.on('finish', () => {
// 只有当没有文件被处理时才执行end
if (!fileProcessed) {
end({ success: false }, '没有接收到文件', 400);
}
});
bb.on('error', (err) => {
console.error('Busboy 错误:', err);
end({ error: err }, '文件解析失败', 500);
});
pipeBusboy(req, res, bb);
};
export const getObjectByPathname = (opts: {
pathname: string,
version?: string,
@@ -272,7 +222,7 @@ export const getObjectName = async (req: IncomingMessage, opts?: { checkOwner?:
let loginUser: Awaited<ReturnType<typeof getLoginUser>> = null;
if (checkOwner) {
loginUser = await getLoginUser(req);
logger.debug('getObjectName', loginUser, user, app);
logger.debug('getObjectName', user, app);
isOwner = loginUser?.tokenUser?.username === owner;
}
return {
@@ -377,7 +327,49 @@ export const renameProxy = async (req: IncomingMessage, res: ServerResponse, opt
}
};
type ProxyOptions = {
export const updateMetadataProxy = async (req: IncomingMessage, res: ServerResponse, opts: ProxyOptions) => {
const { objectName, isOwner } = await getObjectName(req);
let oss = opts.oss;
if (!isOwner) {
return opts?.createNotFoundPage?.('no permission');
}
const end = (data: any, message?: string, code = 200) => {
res.writeHead(code, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({ code: code, data: data, message: message || 'success' }));
};
const _u = new URL(req.url, 'http://localhost');
const params = _u.searchParams;
const metaParam = params.get('meta');
if (!metaParam) {
return end({ success: false }, 'meta parameter required', 400);
}
const meta = parseSearchValue(metaParam, { decode: true });
try {
const stat = await oss.statObject(objectName);
if (!stat) {
return end({ success: false }, 'object not found', 404);
}
const newMeta = {
"app-source": "user-app",
...meta,
};
console.log('update metadata', objectName, newMeta);
// 过滤掉包含无效字符的 keyS3 元数据头不支持某些字符)
const filteredMeta: Record<string, string> = {};
for (const [key, value] of Object.entries(newMeta)) {
if (/^[\w\-]+$/.test(key)) {
filteredMeta[key] = String(value);
}
}
await oss.replaceObject(objectName, filteredMeta);
end({ success: true, objectName, meta }, 'update metadata success', 200);
} catch (error) {
logger.error('updateMetadataProxy error', error);
end({ success: false, error }, 'update metadata failed', 500);
}
};
export type ProxyOptions = {
createNotFoundPage: (msg?: string) => any;
oss?: OssBase;
};
@@ -385,13 +377,23 @@ export const aiProxy = async (req: IncomingMessage, res: ServerResponse, opts: P
if (!opts.oss) {
opts.oss = oss;
}
const searchParams = new URL(req.url || '', 'http://localhost').searchParams;
if (req.method === 'POST') {
const chunk = searchParams.get('chunk');
const chunked = searchParams.get('chunked');
if (chunk !== null || chunked !== null) {
return postChunkProxy(req, res, opts);
}
return postProxy(req, res, opts);
}
if (req.method === 'DELETE') {
return deleteProxy(req, res, opts);
}
if (req.method === 'PUT') {
const meta = searchParams.get('meta');
if (meta) {
return updateMetadataProxy(req, res, opts);
}
return renameProxy(req, res, opts);
}

40
src/modules/ws-proxy/manager.ts
View File

@@ -2,21 +2,50 @@ import { nanoid } from 'nanoid';
import { WebSocket } from 'ws';
import { logger } from '../logger.ts';
import { EventEmitter } from 'eventemitter3';
class WsMessage {
ws: WebSocket;
user?: string;
emitter: EventEmitter;;
emitter: EventEmitter;
private pingTimer?: NodeJS.Timeout;
private readonly PING_INTERVAL = 30000; // 30 秒发送一次 ping
constructor({ ws, user }: WssMessageOptions) {
this.ws = ws;
this.user = user;
this.emitter = new EventEmitter();
this.startPing();
}
private startPing() {
this.stopPing();
this.pingTimer = setInterval(() => {
if (this.ws.readyState === WebSocket.OPEN) {
this.ws.ping();
} else {
this.stopPing();
}
}, this.PING_INTERVAL);
}
private stopPing() {
if (this.pingTimer) {
clearInterval(this.pingTimer);
this.pingTimer = undefined;
}
}
destroy() {
this.stopPing();
this.emitter.removeAllListeners();
}
async sendResponse(data: any) {
if (data.id) {
this.emitter.emit(data.id, data?.data);
}
}
async sendData(data: any, opts?: { timeout?: number }) {
async sendData(data: any, context?: any, opts?: { timeout?: number }) {
if (this.ws.readyState !== WebSocket.OPEN) {
return { code: 500, message: 'WebSocket is not open' };
}
@@ -25,7 +54,10 @@ class WsMessage {
const message = JSON.stringify({
id,
type: 'proxy',
data,
data: {
message: data,
context: context || {},
},
});
logger.info('ws-proxy sendData', message);
this.ws.send(message);
@@ -56,6 +88,7 @@ export class WsProxyManager {
const value = this.wssMap.get(id);
if (value) {
value.ws.close();
value.destroy();
}
}
const [username, appId] = id.split('-');
@@ -68,6 +101,7 @@ export class WsProxyManager {
const value = this.wssMap.get(id);
if (value) {
value.ws.close();
value.destroy();
}
this.wssMap.delete(id);
}

9
src/modules/ws-proxy/proxy.ts
View File

@@ -5,6 +5,7 @@ import { App } from '@kevisual/router';
import { logger } from '../logger.ts';
import { getLoginUser } from '@/modules/auth.ts';
import { createStudioAppListHtml } from '../html/studio-app-list/index.ts';
import { omit } from 'es-toolkit';
type ProxyOptions = {
createNotFoundPage: (msg?: string) => any;
@@ -74,7 +75,13 @@ export const UserV1Proxy = async (req: IncomingMessage, res: ServerResponse, opt
res.end(await html);
return true;
}
const value = await client.sendData(data);
let message: any = data;
if (!isAdmin) {
message = omit(data, ['token', 'cookies']);
}
const value = await client.sendData(message, {
state: { tokenUser: omit(loginUser.tokenUser, ['oauthExpand']) },
});
if (value) {
res.writeHead(200, { 'Content-Type': 'application/json' });
res.end(JSON.stringify(value));

171
src/routes-simple/code/upload.ts
View File

@@ -1,171 +0,0 @@
import Busboy from 'busboy';
import { checkAuth } from '../middleware/auth.ts';
import { router, clients, writeEvents } from '../router.ts';
import { error } from '../middleware/auth.ts';
import fs from 'fs';
import { useFileStore } from '@kevisual/use-config';
import { app, oss } from '@/app.ts';
import { getContentType } from '@/utils/get-content-type.ts';
import path from 'path';
import { createWriteStream } from 'fs';
import crypto from 'crypto';
import { pipeBusboy } from '@/modules/fm-manager/index.ts';
const cacheFilePath = useFileStore('cache-file', { needExists: true });
router.post('/api/micro-app/upload', async (req, res) => {
if (res.headersSent) return; // 如果响应已发送,不再处理
res.writeHead(200, { 'Content-Type': 'application/json' });
const { tokenUser, token } = await checkAuth(req, res);
if (!tokenUser) return;
// 使用 busboy 解析 multipart/form-data
const busboy = Busboy({ headers: req.headers, preservePath: true, defCharset: 'utf-8' });
const fields: any = {};
let file: any = null;
let filePromise: Promise<void> | null = null;
let bytesReceived = 0;
let bytesExpected = parseInt(req.headers['content-length'] || '0');
busboy.on('field', (fieldname, value) => {
fields[fieldname] = value;
});
busboy.on('file', (fieldname, fileStream, info) => {
const { filename, encoding, mimeType } = info;
// 处理 UTF-8 文件名编码
const decodedFilename = typeof filename === 'string' ? Buffer.from(filename, 'latin1').toString('utf8') : filename;
const tempPath = path.join(cacheFilePath, `${Date.now()}-${Math.random().toString(36).substring(7)}`);
const writeStream = createWriteStream(tempPath);
const hash = crypto.createHash('md5');
let size = 0;
filePromise = new Promise<void>((resolve, reject) => {
fileStream.on('data', (chunk) => {
bytesReceived += chunk.length;
size += chunk.length;
hash.update(chunk);
if (bytesExpected > 0) {
const progress = (bytesReceived / bytesExpected) * 100;
console.log(`Upload progress: ${progress.toFixed(2)}%`);
const data = {
progress: progress.toFixed(2),
message: `Upload progress: ${progress.toFixed(2)}%`,
};
writeEvents(req, data);
}
});
fileStream.pipe(writeStream);
writeStream.on('finish', () => {
file = {
filepath: tempPath,
originalFilename: decodedFilename,
mimetype: mimeType,
hash: hash.digest('hex'),
size: size,
};
resolve();
});
writeStream.on('error', (err) => {
reject(err);
});
});
});
busboy.on('finish', async () => {
// 等待文件写入完成
if (filePromise) {
try {
await filePromise;
} catch (err) {
console.error(`File write error: ${err.message}`);
res.end(error(`File write error: ${err.message}`));
return;
}
}
const clearFiles = () => {
if (file?.filepath && fs.existsSync(file.filepath)) {
fs.unlinkSync(file.filepath);
}
};
if (!file) {
res.end(error('No file uploaded'));
return;
}
let appKey, collection;
const { appKey: _appKey, collection: _collecion } = fields;
if (Array.isArray(_appKey)) {
appKey = _appKey?.[0];
} else {
appKey = _appKey;
}
if (Array.isArray(_collecion)) {
collection = _collecion?.[0];
} else {
collection = _collecion;
}
collection = parseIfJson(collection);
appKey = appKey || 'micro-app';
console.log('Appkey', appKey);
console.log('collection', collection);
// 处理上传的文件
const uploadResults = [];
const tempPath = file.filepath; // 文件上传时的临时路径
const relativePath = file.originalFilename; // 保留表单中上传的文件名 (包含文件夹结构)
// 比如 child2/b.txt
const minioPath = `private/${tokenUser.username}/${appKey}/${relativePath}`;
// 上传到 MinIO 并保留文件夹结构
const isHTML = relativePath.endsWith('.html');
await oss.fPutObject(minioPath, tempPath, {
'Content-Type': getContentType(relativePath),
'app-source': 'user-micro-app',
'Cache-Control': isHTML ? 'no-cache' : 'max-age=31536000, immutable', // 缓存一年
});
uploadResults.push({
name: relativePath,
path: minioPath,
hash: file.hash,
size: file.size,
});
fs.unlinkSync(tempPath); // 删除临时文件
// 受控
const r = await app.call({
path: 'micro-app',
key: 'upload',
payload: {
token: token,
data: {
appKey,
collection,
files: uploadResults,
},
},
});
const data: any = {
code: r.code,
data: r.body,
};
if (r.message) {
data.message = r.message;
}
res.end(JSON.stringify(data));
});
pipeBusboy(req, res, busboy);
});
function parseIfJson(collection: any): any {
try {
return JSON.parse(collection);
} catch (e) {
return collection;
}
}

49
src/routes-simple/event.ts
View File

@@ -1,49 +0,0 @@
import { router, error, checkAuth, clients, getTaskId, writeEvents, deleteOldClients } from './router.ts';
router.get('/api/events', async (req, res) => {
res.writeHead(200, {
'Content-Type': 'text/event-stream',
'Cache-Control': 'no-cache',
Connection: 'keep-alive',
});
const taskId = getTaskId(req);
if (!taskId) {
res.end(error('task-id is required'));
return;
}
// 将客户端连接推送到 clients 数组
clients.set(taskId, { client: res, createTime: Date.now() });
// 移除客户端连接
req.on('close', () => {
clients.delete(taskId);
});
});
router.get('/api/s1/events', async (req, res) => {
res.writeHead(200, {
'Content-Type': 'text/event-stream',
'Cache-Control': 'no-cache',
Connection: 'keep-alive',
});
const taskId = getTaskId(req);
if (!taskId) {
res.end(error('task-id is required'));
return;
}
// 将客户端连接推送到 clients 数组
clients.set(taskId, { client: res, createTime: Date.now() });
writeEvents(req, { progress: 0, message: 'start' });
// 不自动关闭连接
// res.end('ok');
});
router.get('/api/s1/events/close', async (req, res) => {
const taskId = getTaskId(req);
if (!taskId) {
res.end(error('task-id is required'));
return;
}
deleteOldClients();
clients.delete(taskId);
res.end('ok');
});

13
src/routes-simple/handle-request.ts
View File

@@ -1,20 +1,9 @@
import { useFileStore } from '@kevisual/use-config';
import http from 'node:http';
import fs from 'fs';
import Busboy from 'busboy';
import { app, oss } from '@/app.ts';
import { getContentType } from '@/utils/get-content-type.ts';
import { User } from '@/models/user.ts';
import { router, error, checkAuth, writeEvents } from './router.ts';
import { router } from './router.ts';
import './index.ts';
import { handleRequest as PageProxy } from './page-proxy.ts';
const simpleAppsPrefixs = [
"/api/micro-app/",
"/api/events",
"/api/s1/",
"/api/resource/",
"/api/wxmsg"
];

6
src/routes-simple/index.ts
View File

@@ -1,6 +0,0 @@
// import './code/upload.ts';
import './event.ts';
import './resources/upload.ts';
import './resources/chunk.ts';
// import './resources/get-resources.ts';

61
src/routes-simple/middleware/auth.ts
View File

@@ -1,61 +0,0 @@
import { User } from '@/models/user.ts';
import http from 'http';
import { parse } from '@kevisual/router/src/server/cookie.ts';
export const error = (msg: string, code = 500) => {
return JSON.stringify({ code, message: msg });
};
export const checkAuth = async (req: http.IncomingMessage, res: http.ServerResponse) => {
let token = (req.headers?.['authorization'] as string) || (req.headers?.['Authorization'] as string) || '';
const url = new URL(req.url || '', 'http://localhost');
const resNoPermission = () => {
res.statusCode = 401;
res.end(error('Invalid authorization'));
return { tokenUser: null, token: null };
};
if (!token) {
token = url.searchParams.get('token') || '';
}
if (!token) {
const parsedCookies = parse(req.headers.cookie || '');
token = parsedCookies.token || '';
}
if (!token) {
return resNoPermission();
}
if (token) {
token = token.replace('Bearer ', '');
}
let tokenUser;
try {
tokenUser = await User.verifyToken(token);
} catch (e) {
console.log('checkAuth error', e);
res.statusCode = 401;
res.end(error('Invalid token'));
return { tokenUser: null, token: null };
}
return { tokenUser, token };
};
export const getLoginUser = async (req: http.IncomingMessage) => {
let token = (req.headers?.['authorization'] as string) || (req.headers?.['Authorization'] as string) || '';
const url = new URL(req.url || '', 'http://localhost');
if (!token) {
token = url.searchParams.get('token') || '';
}
if (!token) {
const parsedCookies = parse(req.headers.cookie || '');
token = parsedCookies.token || '';
}
if (token) {
token = token.replace('Bearer ', '');
}
let tokenUser;
try {
tokenUser = await User.verifyToken(token);
return { tokenUser, token };
} catch (e) {
return null;
}
};

1
src/routes-simple/middleware/index.ts
View File

@@ -1 +0,0 @@
export * from './auth.ts'

1
src/routes-simple/page-proxy.ts
View File

@@ -298,6 +298,7 @@ export const handleRequest = async (req: http.IncomingMessage, res: http.ServerR
username: loginUser?.tokenUser?.username || '',
password: password,
});
console.log('checkPermission', checkPermission, 'loginUser:', loginUser, password)
if (!checkPermission.success) {
return createNotFoundPage('no permission');
}

237
src/routes-simple/resources/chunk.ts
View File

@@ -1,237 +0,0 @@
import { useFileStore } from '@kevisual/use-config';
import { checkAuth, error, router, writeEvents, getKey, getTaskId } from '../router.ts';
import Busboy from 'busboy';
import { app, oss } from '@/app.ts';
import { getContentType } from '@/utils/get-content-type.ts';
import { User } from '@/models/user.ts';
import fs from 'fs';
import { ConfigModel } from '@/routes/config/models/model.ts';
import { validateDirectory } from './util.ts';
import path from 'path';
import { createWriteStream } from 'fs';
import { pipeBusboy } from '@/modules/fm-manager/index.ts';
const cacheFilePath = useFileStore('cache-file', { needExists: true });
router.get('/api/s1/resources/upload/chunk', async (req, res) => {
res.writeHead(200, { 'Content-Type': 'text/plain' });
res.end('Upload API is ready');
});
// /api/s1/resources/upload
router.post('/api/s1/resources/upload/chunk', async (req, res) => {
const { tokenUser, token } = await checkAuth(req, res);
if (!tokenUser) return;
const url = new URL(req.url || '', 'http://localhost');
const share = !!url.searchParams.get('public');
const noCheckAppFiles = !!url.searchParams.get('noCheckAppFiles');
const taskId = getTaskId(req);
const finalFilePath = `${cacheFilePath}/${taskId}`;
if (!taskId) {
res.end(error('taskId is required'));
return;
}
// 使用 busboy 解析 multipart/form-data
const busboy = Busboy({ headers: req.headers, preservePath: true, defCharset: 'utf-8' });
const fields: any = {};
let file: any = null;
let tempPath = '';
let filePromise: Promise<void> | null = null;
busboy.on('field', (fieldname, value) => {
fields[fieldname] = value;
});
busboy.on('file', (fieldname, fileStream, info) => {
const { filename, encoding, mimeType } = info;
// 处理 UTF-8 文件名编码
const decodedFilename = typeof filename === 'string' ? Buffer.from(filename, 'latin1').toString('utf8') : filename;
tempPath = path.join(cacheFilePath, `${Date.now()}-${Math.random().toString(36).substring(7)}`);
const writeStream = createWriteStream(tempPath);
filePromise = new Promise<void>((resolve, reject) => {
fileStream.pipe(writeStream);
writeStream.on('finish', () => {
file = {
filepath: tempPath,
originalFilename: decodedFilename,
mimetype: mimeType,
};
resolve();
});
writeStream.on('error', (err) => {
reject(err);
});
});
});
busboy.on('finish', async () => {
// 等待文件写入完成
if (filePromise) {
try {
await filePromise;
} catch (err) {
console.error(`File write error: ${err.message}`);
res.end(error(`File write error: ${err.message}`));
return;
}
}
const clearFiles = () => {
if (tempPath && fs.existsSync(tempPath)) {
fs.unlinkSync(tempPath);
}
if (fs.existsSync(finalFilePath)) {
fs.unlinkSync(finalFilePath);
}
};
if (!file) {
res.end(error('No file uploaded'));
return;
}
// Handle chunked upload logic here
let { chunkIndex, totalChunks, appKey, version, username, directory } = getKey(fields, [
'chunkIndex',
'totalChunks',
'appKey',
'version',
'username',
'directory',
]);
if (!chunkIndex || !totalChunks) {
res.end(error('chunkIndex, totalChunks is required'));
clearFiles();
return;
}
const relativePath = file.originalFilename;
const writeStream = fs.createWriteStream(finalFilePath, { flags: 'a' });
const readStream = fs.createReadStream(tempPath);
readStream.pipe(writeStream);
writeStream.on('finish', async () => {
fs.unlinkSync(tempPath); // 删除临时文件
// Write event for progress tracking
const progress = ((parseInt(chunkIndex) + 1) / parseInt(totalChunks)) * 100;
writeEvents(req, {
progress,
message: `Upload progress: ${progress}%`,
});
if (parseInt(chunkIndex) + 1 === parseInt(totalChunks)) {
let uid = tokenUser.id;
if (username) {
const user = await User.getUserByToken(token);
const has = await user.hasUser(username, true);
if (!has) {
res.end(error('username is not found'));
clearFiles();
return;
}
const _user = await User.findOne({ where: { username } });
uid = _user?.id || '';
}
if (!appKey || !version) {
const config = await ConfigModel.getUploadConfig({ uid });
if (config) {
appKey = config.config?.data?.key || '';
version = config.config?.data?.version || '';
}
}
if (!appKey || !version) {
res.end(error('appKey or version is not found, please check the upload config.'));
clearFiles();
return;
}
const { code, message } = validateDirectory(directory);
if (code !== 200) {
res.end(error(message));
clearFiles();
return;
}
const minioPath = `${username || tokenUser.username}/${appKey}/${version}${directory ? `/${directory}` : ''}/${relativePath}`;
const metadata: any = {};
if (share) {
metadata.share = 'public';
}
// All chunks uploaded, now upload to MinIO
await oss.fPutObject(minioPath, finalFilePath, {
'Content-Type': getContentType(relativePath),
'app-source': 'user-app',
'Cache-Control': relativePath.endsWith('.html') ? 'no-cache' : 'max-age=31536000, immutable',
...metadata,
});
// Clean up the final file
fs.unlinkSync(finalFilePath);
const downloadBase = '/api/s1/share';
const uploadResult = {
name: relativePath,
path: `${downloadBase}/${minioPath}`,
appKey,
version,
username,
};
if (!noCheckAppFiles) {
// Notify the app
const r = await app.call({
path: 'app',
key: 'detectVersionList',
payload: {
token: token,
data: {
appKey,
version,
username,
},
},
});
const data: any = {
code: r.code,
data: {
app: r.body,
upload: [uploadResult],
},
};
if (r.message) {
data.message = r.message;
}
console.log('upload data', data);
res.writeHead(200, { 'Content-Type': 'application/json' });
res.end(JSON.stringify(data));
} else {
res.writeHead(200, { 'Content-Type': 'application/json' });
res.end(
JSON.stringify({
code: 200,
message: 'Chunk uploaded successfully',
data: { chunkIndex, totalChunks, upload: [uploadResult] },
}),
);
}
} else {
res.writeHead(200, { 'Content-Type': 'application/json' });
res.end(
JSON.stringify({
code: 200,
message: 'Chunk uploaded successfully',
data: {
chunkIndex,
totalChunks,
},
}),
);
}
});
});
pipeBusboy(req, res, busboy);
});

290
src/routes-simple/resources/upload.ts
View File

@@ -1,290 +0,0 @@
import { useFileStore } from '@kevisual/use-config';
import { checkAuth, error, router, writeEvents, getKey } from '../router.ts';
import Busboy from 'busboy';
import { app } from '@/app.ts';
import { getContentType } from '@/utils/get-content-type.ts';
import { User } from '@/models/user.ts';
import fs from 'fs';
import path from 'path';
import { createWriteStream } from 'fs';
import { pipeBusboy } from '@/modules/fm-manager/pipe-busboy.ts';
import { ConfigModel } from '@/routes/config/models/model.ts';
import { validateDirectory } from './util.ts';
import { pick } from 'es-toolkit';
import { getFileStat } from '@/routes/file/index.ts';
import { logger } from '@/modules/logger.ts';
import { oss } from '@/modules/s3.ts';
const cacheFilePath = useFileStore('cache-file', { needExists: true });
router.get('/api/s1/resources/upload', async (req, res) => {
res.writeHead(200, { 'Content-Type': 'text/plain' });
res.end('Upload API is ready');
});
export const parseIfJson = (data = '{}') => {
try {
const _data = JSON.parse(data);
if (typeof _data === 'object') return _data;
return {};
} catch (error) {
return {};
}
};
router.post('/api/s1/resources/upload/check', async (req, res) => {
const { tokenUser, token } = await checkAuth(req, res);
if (!tokenUser) {
res.end(error('Token is invalid.'));
return;
}
console.log('data', req.url);
res.writeHead(200, { 'Content-Type': 'application/json' });
const data = await router.getBody(req);
type Data = {
appKey: string;
version: string;
username: string;
directory: string;
files: { path: string; hash: string }[];
};
let { appKey, version, username, directory, files } = pick(data, ['appKey', 'version', 'username', 'directory', 'files']) as Data;
let uid = tokenUser.id;
if (username) {
const user = await User.getUserByToken(token);
const has = await user.hasUser(username, true);
if (!has) {
res.end(error('username is not found'));
return;
}
const _user = await User.findOne({ where: { username } });
uid = _user?.id || '';
}
if (!appKey || !version) {
res.end(error('appKey and version is required'));
}
const { code, message } = validateDirectory(directory);
if (code !== 200) {
res.end(error(message));
return;
}
type CheckResult = {
path: string;
stat: any;
resourcePath: string;
hash: string;
uploadHash: string;
isUpload?: boolean;
};
const checkResult: CheckResult[] = [];
for (let i = 0; i < files.length; i++) {
const file = files[i];
const relativePath = file.path;
const minioPath = `${username || tokenUser.username}/${appKey}/${version}${directory ? `/${directory}` : ''}/${relativePath}`;
let stat = await getFileStat(minioPath, true);
const statHash = stat?.etag || '';
checkResult.push({
path: relativePath,
uploadHash: file.hash,
resourcePath: minioPath,
isUpload: statHash === file.hash,
stat,
hash: statHash,
});
}
res.end(JSON.stringify({ code: 200, data: checkResult }));
});
// /api/s1/resources/upload
router.post('/api/s1/resources/upload', async (req, res) => {
const { tokenUser, token } = await checkAuth(req, res);
if (!tokenUser) {
res.end(error('Token is invalid.'));
return;
}
const url = new URL(req.url || '', 'http://localhost');
const share = !!url.searchParams.get('public');
const meta = parseIfJson(url.searchParams.get('meta'));
const noCheckAppFiles = !!url.searchParams.get('noCheckAppFiles');
// 使用 busboy 解析 multipart/form-data
const busboy = Busboy({ headers: req.headers, preservePath: true, defCharset: 'utf-8' });
const fields: any = {};
const files: any[] = [];
const filePromises: Promise<void>[] = [];
let bytesReceived = 0;
let bytesExpected = parseInt(req.headers['content-length'] || '0');
busboy.on('field', (fieldname, value) => {
fields[fieldname] = value;
});
busboy.on('file', (fieldname, fileStream, info) => {
const { filename, encoding, mimeType } = info;
// 处理 UTF-8 文件名编码busboy 可能返回 Latin-1 编码的缓冲区)
const decodedFilename = typeof filename === 'string' ? Buffer.from(filename, 'latin1').toString('utf8') : filename;
const tempPath = path.join(cacheFilePath, `${Date.now()}-${Math.random().toString(36).substring(7)}`);
const writeStream = createWriteStream(tempPath);
const filePromise = new Promise<void>((resolve, reject) => {
fileStream.on('data', (chunk) => {
bytesReceived += chunk.length;
if (bytesExpected > 0) {
const progress = (bytesReceived / bytesExpected) * 100;
const data = {
progress: progress.toFixed(2),
message: `Upload progress: ${progress.toFixed(2)}%`,
};
console.log('progress-upload', data);
writeEvents(req, data);
}
});
fileStream.pipe(writeStream);
writeStream.on('finish', () => {
files.push({
filepath: tempPath,
originalFilename: decodedFilename,
mimetype: mimeType,
});
resolve();
});
writeStream.on('error', (err) => {
reject(err);
});
});
filePromises.push(filePromise);
});
busboy.on('finish', async () => {
// 等待所有文件写入完成
try {
await Promise.all(filePromises);
} catch (err) {
logger.error(`File write error: ${err.message}`);
res.end(error(`File write error: ${err.message}`));
return;
}
const clearFiles = () => {
files.forEach((file) => {
if (file?.filepath && fs.existsSync(file.filepath)) {
fs.unlinkSync(file.filepath);
}
});
};
// 检查是否有文件上传
if (files.length === 0) {
res.end(error('files is required'));
return;
}
let { appKey, version, username, directory, description } = getKey(fields, ['appKey', 'version', 'username', 'directory', 'description']);
let uid = tokenUser.id;
if (username) {
const user = await User.getUserByToken(token);
const has = await user.hasUser(username, true);
if (!has) {
res.end(error('username is not found'));
clearFiles();
return;
}
const _user = await User.findOne({ where: { username } });
uid = _user?.id || '';
}
if (!appKey || !version) {
const config = await ConfigModel.getUploadConfig({ uid });
if (config) {
appKey = config.config?.data?.key || '';
version = config.config?.data?.version || '';
}
}
if (!appKey || !version) {
res.end(error('appKey or version is not found, please check the upload config.'));
clearFiles();
return;
}
const { code, message } = validateDirectory(directory);
if (code !== 200) {
res.end(error(message));
clearFiles();
return;
}
// 逐个处理每个上传的文件
const uploadedFiles = files;
logger.info(
'upload files',
uploadedFiles.map((item) => {
return pick(item, ['filepath', 'originalFilename']);
}),
);
const uploadResults = [];
for (let i = 0; i < uploadedFiles.length; i++) {
const file = uploadedFiles[i];
// @ts-ignore
const tempPath = file.filepath; // 文件上传时的临时路径
const relativePath = file.originalFilename; // 保留表单中上传的文件名 (包含文件夹结构)
// 比如 child2/b.txt
const minioPath = `${username || tokenUser.username}/${appKey}/${version}${directory ? `/${directory}` : ''}/${relativePath}`;
// 上传到 MinIO 并保留文件夹结构
const isHTML = relativePath.endsWith('.html');
const metadata: any = {};
if (share) {
metadata.share = 'public';
}
Object.assign(metadata, meta);
await oss.fPutObject(minioPath, tempPath, {
'Content-Type': getContentType(relativePath),
'app-source': 'user-app',
'Cache-Control': isHTML ? 'no-cache' : 'max-age=31536000, immutable', // 缓存一年
...metadata,
});
uploadResults.push({
name: relativePath,
path: minioPath,
});
fs.unlinkSync(tempPath); // 删除临时文件
}
if (!noCheckAppFiles) {
const _data = { appKey, version, username, files: uploadResults, description, }
if (_data.description) {
delete _data.description;
}
// 受控
const r = await app.call({
path: 'app',
key: 'uploadFiles',
payload: {
token: token,
data: _data,
},
});
const data: any = {
code: r.code,
data: {
app: r.body,
upload: uploadResults,
},
};
if (r.message) {
data.message = r.message;
}
console.log('upload data', data);
res.writeHead(200, { 'Content-Type': 'application/json' });
res.end(JSON.stringify(data));
} else {
res.writeHead(200, { 'Content-Type': 'application/json' });
res.end(
JSON.stringify({
code: 200,
data: {
detect: [],
upload: uploadResults,
},
}),
);
}
});
pipeBusboy(req, res, busboy);
});

30
src/routes-simple/resources/util.ts
View File

@@ -1,30 +0,0 @@
/**
* 校验directory是否合法, 合法返回200, 不合法返回500
*
* directory 不能以/开头,不能以/结尾。不能以.开头,不能以.结尾。
* 把directory的/替换掉后,只能包含数字、字母、下划线、中划线
* @param directory 目录
* @returns
*/
export const validateDirectory = (directory?: string) => {
// 对directory进行校验不能以/开头,不能以/结尾。不能以.开头,不能以.结尾。
if (directory && (directory.startsWith('/') || directory.endsWith('/') || directory.startsWith('..') || directory.endsWith('..'))) {
return {
code: 500,
message: 'directory is invalid',
};
}
// 把directory的/替换掉后,只能包含数字、字母、下划线、中划线
// 可以包含.
let _directory = directory?.replace(/\//g, '');
if (_directory && !/^[a-zA-Z0-9_.-]+$/.test(_directory)) {
return {
code: 500,
message: 'directory is invalid, only number, letter, underline and hyphen are allowed',
};
}
return {
code: 200,
message: 'directory is valid',
};
};

5
src/routes-simple/router.ts
View File

@@ -1,14 +1,13 @@
import { router } from '@/app.ts';
import http from 'http';
import { useContextKey } from '@kevisual/context';
import { checkAuth, error } from './middleware/auth.ts';
export { router, checkAuth, error };
export { router, };
/**
* 事件客户端
*/
const eventClientsInit = () => {
const clients = new Map<string, { client?: http.ServerResponse; createTime?: number; [key: string]: any }>();
const clients = new Map<string, { client?: http.ServerResponse; createTime?: number;[key: string]: any }>();
return clients;
};
export const clients = useContextKey('event-clients', () => eventClientsInit());

47
src/routes/app-manager/list.ts
View File

@@ -6,6 +6,7 @@ import { getUidByUsername, prefixFix } from './util.ts';
import { deleteFiles, getMinioListAndSetToAppList } from '../file/index.ts';
import { setExpire } from './revoke.ts';
import { User } from '@/models/user.ts';
import { callDetectAppVersion } from './export.ts';
app
.route({
path: 'app',
@@ -43,7 +44,7 @@ app
console.log('get app manager called');
const tokenUser = ctx.state.tokenUser;
const id = ctx.query.id;
const { key, version } = ctx.query?.data || {};
const { key, version, create = false } = ctx.query?.data || {};
if (!id && (!key || !version)) {
throw new CustomError('id is required');
}
@@ -59,8 +60,27 @@ app
},
});
}
if (!am && create) {
am = await AppListModel.create({
key,
version,
uid: tokenUser.id,
data: {},
});
const res = await app.run({ path: 'app', key: "detectVersionList", payload: { data: { appKey: key, version, username: tokenUser.username }, token: ctx.query.token } });
if (res.code !== 200) {
ctx.throw(res.message || 'detect version list error');
}
am = await AppListModel.findOne({
where: {
key,
version,
uid: tokenUser.id,
},
});
}
if (!am) {
throw new CustomError('app not found');
ctx.throw('app not found');
}
console.log('get app', am.id, am.key, am.version);
ctx.body = prefixFix(am, tokenUser.username);
@@ -239,7 +259,7 @@ app
})
.define(async (ctx) => {
const tokenUser = ctx.state.tokenUser;
const { id, username, appKey, version } = ctx.query.data;
const { id, username, appKey, version, detect } = ctx.query.data;
if (!id && !appKey) {
throw new CustomError('id or appKey is required');
}
@@ -249,22 +269,33 @@ app
if (id) {
appList = await AppListModel.findByPk(id);
if (appList?.uid !== uid) {
throw new CustomError('no permission');
ctx.throw('no permission');
}
}
if (!appList && appKey) {
if (!version) {
throw new CustomError('version is required');
ctx.throw('version is required');
}
appList = await AppListModel.findOne({ where: { key: appKey, version, uid } });
}
if (!appList) {
throw new CustomError('app not found');
ctx.throw('app 未发现');
}
if (detect) {
const appKey = appList.key;
const version = appList.version;
// 自动检测最新版本
const res = await callDetectAppVersion({ appKey, version, username: username || tokenUser.username }, ctx.query.token);
if (res.code !== 200) {
ctx.throw(res.message || '检测版本列表失败');
}
appList = await AppListModel.findByPk(appList.id);
}
const files = appList.data.files || [];
const am = await AppModel.findOne({ where: { key: appList.key, uid: uid } });
if (!am) {
throw new CustomError('app not found');
ctx.throw('app 未发现');
}
await am.update({ data: { ...am.data, files }, version: appList.version });
setExpire(appList.key, am.user);
@@ -366,7 +397,7 @@ app
am = await AppModel.create({
title: appKey,
key: appKey,
version: version || '0.0.0',
version: version || '0.0.1',
user: checkUsername,
uid,
data: { files: needAddFiles },

9
src/routes/config/list.ts
View File

@@ -59,10 +59,7 @@ app
}
}
await config.update({
data: {
...config.data,
...data,
},
data: data,
...rest,
});
if (config.data?.permission?.share === 'public') {
@@ -80,7 +77,7 @@ app
});
if (config) {
await config.update({
data: { ...config.data, ...data },
data: data,
...rest,
});
ctx.body = config;
@@ -177,7 +174,7 @@ app
const search: any = id ? { id } : { key };
const config = await ConfigModel.findOne({
where: {
...search
...search
},
});
if (config && config.uid === tuid) {

26
src/routes/light-code/list.ts
View File

@@ -1,7 +1,8 @@
import { eq, desc, and, like, or } from 'drizzle-orm';
import { CustomError } from '@kevisual/router';
import { app, db, schema } from '../../app.ts';
import { filter } from '@kevisual/js-filter'
import { z } from 'zod';
app
.route({
path: 'light-code',
@@ -9,10 +10,22 @@ app
description: `获取轻代码列表,参数
type: 代码类型light-code, ts`,
middleware: ['auth'],
metadata: {
args: {
type: z.string().optional().describe('代码类型light-code, ts'),
search: z.string().optional().describe('搜索关键词,匹配标题和描述'),
filter: z
.string()
.optional()
.describe(
'过滤条件SQL like格式字符串例如WHERE tags LIKE \'%tag1%\' AND tags LIKE \'%tag2%\'',
),
}
}
})
.define(async (ctx) => {
const tokenUser = ctx.state.tokenUser;
const { type, search } = ctx.query || {};
const { type, search, filter: filterQuery } = ctx.query || {};
const conditions = [eq(schema.kvContainer.uid, tokenUser.id)];
if (type) {
conditions.push(eq(schema.kvContainer.type, type as string));
@@ -43,7 +56,12 @@ app
.from(schema.kvContainer)
.where(and(...conditions))
.orderBy(desc(schema.kvContainer.updatedAt));
ctx.body = { list };
if (filterQuery) {
const filteredList = filter(list, filterQuery);
ctx.body = { list: filteredList }
} else {
ctx.body = { list };
}
return ctx;
})
.addTo(app);
@@ -140,7 +158,7 @@ app
app
.route({
path: 'container',
path: 'light-code',
key: 'delete',
middleware: ['auth'],
})

25
src/routes/user/me.ts
View File

@@ -153,7 +153,9 @@ app
browser: someInfo['user-agent'],
host: someInfo.host,
});
createCookie(token, ctx);
createCookie({
token: token.accessToken
}, ctx);
ctx.body = token;
})
.addTo(app);
@@ -259,7 +261,10 @@ app
const refreshToken = accessUser.oauthExpand?.refreshToken;
if (refreshToken) {
const result = await User.oauth.refreshToken(refreshToken);
createCookie(result, ctx);
createCookie({
token: result.accessToken
}, ctx);
ctx.body = result;
return;
} else if (accessUser) {
@@ -268,7 +273,9 @@ app
...accessUser.oauthExpand,
hasRefreshToken: true,
});
createCookie(result, ctx);
createCookie({
token: result.accessToken
}, ctx);
ctx.body = result;
return;
}
@@ -323,13 +330,17 @@ app
if (orgsList.includes(username)) {
if (tokenUsername === username) {
const result = await User.oauth.resetToken(token);
createCookie(result, ctx);
createCookie({
token: result.accessToken,
}, ctx);
await User.oauth.delToken(token);
ctx.body = result;
} else {
const user = await User.findOne({ where: { username } });
const result = await user.createToken(userId, 'default');
createCookie(result, ctx);
createCookie({
token: result.accessToken,
}, ctx);
ctx.body = result;
}
} else {
@@ -352,7 +363,9 @@ app
const result = await User.oauth.refreshToken(refreshToken);
if (result) {
console.log('refreshToken result', result);
createCookie(result, ctx);
createCookie({
token: result.accessToken,
}, ctx);
ctx.body = result;
} else {
ctx.throw(500, 'Refresh Token Failed, please login again');

4
src/routes/user/web-login.ts
View File

@@ -109,7 +109,9 @@ app
const token = JSON.parse(data);
if (token.accessToken) {
ctx.body = token;
createCookie(token, ctx);
createCookie({
token: token.accessToken,
}, ctx);
} else {
ctx.throw(500, 'Checked error Failed, login failed, please login again');
}