@claudelaw/taichu 0.6.0

package/packages/server/src/webhook.js

@@ -0,0 +1,192 @@
+/**
+ * Webhook System — 内容变更事件推送
+ *
+ * 注册外部 URL，当内容变更时 POST 事件数据。
+ *
+ * 功能：
+ *   - Webhook 注册/列表/删除 API
+ *   - 事件过滤（按内容类型、操作类型）
+ *   - HMAC-SHA256 签名验证
+ *   - 指数退避重试（最多 3 次）
+ *   - 投递日志
+ */
+
+import { createHmac, randomBytes } from 'node:crypto';
+import { createLogger } from './logger.js';
+
+const log = createLogger('webhook');
+
+const MAX_RETRIES = parseInt(process.env.TAICHU_WEBHOOK_RETRIES) || 3;
+const RETRY_BASE_MS = parseInt(process.env.TAICHU_WEBHOOK_RETRY_BASE_MS) || 1000; // 1s, 2s, 4s
+
+class WebhookManager {
+  constructor(store) {
+    this.store = store;
+    this.deliveryLog = [];
+  }
+
+  /**
+   * Register a new webhook.
+   * @param {{ url: string, events?: string[], types?: string[], secret?: string, label?: string }} opts
+   * @returns {Promise<object>}
+   */
+  async register({ url, events = ['*'], types = ['*'], secret, label }) {
+    const id = randomBytes(12).toString('hex');
+    const webhook = {
+      id, url, events, types,
+      secret: secret || randomBytes(16).toString('hex'),
+      label: label || url,
+      active: true,
+      createdAt: new Date().toISOString(),
+      stats: { delivered: 0, failed: 0, lastDelivery: null }
+    };
+
+    const doc = await this.store.create({
+      type: 'webhook',
+      data: webhook,
+      status: 'active'
+    });
+
+    log.info(`Webhook registered: ${label || url} (${id})`);
+    return { id: doc.id, ...webhook };
+  }
+
+  /**
+   * List all registered webhooks.
+   */
+  async list() {
+    const docs = await this.store.list({ type: 'webhook' });
+    return docs.map(d => ({ id: d.id, ...d.data }));
+  }
+
+  /**
+   * Delete a webhook.
+   */
+  async remove(id) {
+    await this.store.delete(id);
+  }
+
+  /**
+   * Fire event to all matching webhooks (called by hook system).
+   * @param {string} event — "create" | "update" | "delete" | "publish"
+   * @param {object} payload — { id, type, data, status, ... }
+   */
+  async fire(event, payload) {
+    const hooks = await this.list();
+    const active = hooks.filter(h => h.active);
+    if (active.length === 0) return;
+
+    for (const wh of active) {
+      if (!this._matches(wh, event, payload)) continue;
+      await this._deliver(wh, event, payload);
+    }
+  }
+
+  /** Check if webhook matches event + payload type */
+  _matches(wh, event, payload) {
+    const eventMatch = wh.events.includes('*') || wh.events.includes(event);
+    const typeMatch = wh.types.includes('*') || wh.types.includes(payload.type);
+    return eventMatch && typeMatch;
+  }
+
+  /** Deliver event with retry */
+  async _deliver(wh, event, payload) {
+    const deliveryId = randomBytes(6).toString('hex');
+    const body = JSON.stringify({
+      id: deliveryId,
+      event,
+      type: payload.type,
+      timestamp: new Date().toISOString(),
+      data: payload
+    });
+
+    const signature = createHmac('sha256', wh.secret)
+      .update(body)
+      .digest('hex');
+
+    for (let attempt = 1; attempt <= MAX_RETRIES; attempt++) {
+      try {
+        const controller = new AbortController();
+        const timeout = setTimeout(() => controller.abort(), 10000);
+
+        const res = await fetch(wh.url, {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+            'X-Taichu-Webhook-Event': event,
+            'X-Taichu-Webhook-Signature': `sha256=${signature}`,
+            'X-Taichu-Webhook-Id': deliveryId
+          },
+          body,
+          signal: controller.signal
+        });
+        clearTimeout(timeout);
+
+        if (res.ok) {
+          this._logDelivery(wh.id, deliveryId, true, attempt);
+          // Update stats
+          const doc = await this.store.get(wh.id);
+          if (doc) {
+            doc.data.stats.delivered++;
+            doc.data.stats.lastDelivery = new Date().toISOString();
+            await this.store.update(wh.id, { data: doc.data });
+          }
+          return;
+        }
+
+        // Non-2xx response — retry if server error
+        if (res.status >= 500) throw new Error(`Server error: ${res.status}`);
+        // 4xx — no retry
+        this._logDelivery(wh.id, deliveryId, false, attempt, `HTTP ${res.status}`);
+        break;
+
+      } catch (err) {
+        if (attempt < MAX_RETRIES) {
+          const delay = RETRY_BASE_MS * Math.pow(2, attempt - 1);
+          log.warn(`Webhook retry ${attempt}/${MAX_RETRIES} for ${wh.url}: ${err.message}`);
+          await new Promise(r => setTimeout(r, delay));
+        } else {
+          this._logDelivery(wh.id, deliveryId, false, attempt, err.message);
+          const doc = await this.store.get(wh.id);
+          if (doc) {
+            doc.data.stats.failed++;
+            await this.store.update(wh.id, { data: doc.data });
+          }
+        }
+      }
+    }
+  }
+
+  _logDelivery(webhookId, deliveryId, success, attempt, error) {
+    const entry = {
+      webhookId, deliveryId, success, attempt,
+      timestamp: new Date().toISOString(),
+      error: error || null
+    };
+    this.deliveryLog.push(entry);
+    if (this.deliveryLog.length > 1000) this.deliveryLog.shift();
+
+    if (!success) log.error(`Webhook delivery failed: ${webhookId} — ${error}`);
+  }
+
+  /** Get delivery log */
+  getLog(limit = 50) {
+    return this.deliveryLog.slice(-limit).reverse();
+  }
+
+  /** Get stats */
+  getStats() {
+    const recent = this.deliveryLog.slice(-100);
+    const success = recent.filter(e => e.success).length;
+    return { recent: recent.length, success, failed: recent.length - success };
+  }
+}
+
+// ── Singleton ──────────────────────────────────────────────
+
+let _wm = null;
+
+export function getWebhookManager(store) {
+  if (!_wm && store) _wm = new WebhookManager(store);
+  return _wm;
+}

package/packages/server/src/websocket.js

@@ -0,0 +1,308 @@
+/**
+ * WebSocket Server — 实时内容变更推送
+ *
+ * 零依赖，基于 Node.js 原生 WebSocket (RFC 6455)。
+ *
+ * 功能：
+ *   - 频道订阅（按内容类型：article, page, * 等）
+ *   - 事件广播（create/update/delete/publish）
+ *   - 连接心跳（30s ping）
+ *   - 客户端数量追踪
+ *
+ * 协议：
+ *   Client → Server: { type: "subscribe", channel: "article" }
+ *   Server → Client: { type: "content_change", event: "update", channel: "article", doc: {...} }
+ */
+
+import { createHash, randomBytes } from 'node:crypto';
+import { EventEmitter } from 'node:events';
+
+const WS_GUID = '258EAFA5-E914-47DA-95CA-C5AB0DC85B11';
+const HEARTBEAT_INTERVAL = 30000;
+
+class WebSocketServer extends EventEmitter {
+  constructor() {
+    super();
+    /** @type {Map<string, WebSocket>} */
+    this.clients = new Map();
+    /** @type {Map<string, Set<string>>} channel → clientIds */
+    this.subscriptions = new Map();
+    this.heartbeatTimer = null;
+    this.stats = { connected: 0, messagesReceived: 0, messagesSent: 0 };
+  }
+
+  /**
+   * Attach WebSocket upgrade handler to an existing HTTP server.
+   * @param {import('node:http').Server} httpServer
+   */
+  attach(httpServer) {
+    httpServer.on('upgrade', (req, socket, head) => {
+      if (req.headers['upgrade']?.toLowerCase() !== 'websocket') return;
+
+      const key = req.headers['sec-websocket-key'];
+      if (!key) {
+        socket.destroy();
+        return;
+      }
+
+      // Accept the WebSocket connection
+      const acceptKey = createHash('sha1')
+        .update(key + WS_GUID)
+        .digest('base64');
+
+      socket.write(
+        'HTTP/1.1 101 Switching Protocols\r\n' +
+        'Upgrade: websocket\r\n' +
+        'Connection: Upgrade\r\n' +
+        `Sec-WebSocket-Accept: ${acceptKey}\r\n\r\n`
+      );
+
+      const ws = new WebSocket(socket);
+      const clientId = randomBytes(8).toString('hex');
+      this.clients.set(clientId, ws);
+      this.stats.connected++;
+
+      this.emit('connect', clientId);
+
+      ws.on('message', (data) => {
+        this.stats.messagesReceived++;
+        this._handleMessage(clientId, data);
+      });
+
+      ws.on('close', () => {
+        this.clients.delete(clientId);
+        this.stats.connected = this.clients.size;
+        // Remove from all subscriptions
+        for (const [, subs] of this.subscriptions) {
+          subs.delete(clientId);
+        }
+        this.emit('disconnect', clientId);
+      });
+
+      ws.on('error', () => {
+        ws.close();
+      });
+    });
+
+    // Start heartbeat
+    this.heartbeatTimer = setInterval(() => {
+      for (const [, ws] of this.clients) {
+        ws.ping();
+      }
+    }, HEARTBEAT_INTERVAL);
+  }
+
+  /**
+   * Broadcast a content change event to subscribers of a channel.
+   * @param {string} channel — content type name or "*" for all
+   * @param {string} event — "create" | "update" | "delete" | "publish" | "archive"
+   * @param {object} payload
+   */
+  broadcast(channel, event, payload) {
+    const channels = [channel, '*'];
+    const sentTo = new Set();
+
+    for (const ch of channels) {
+      const subs = this.subscriptions.get(ch);
+      if (!subs) continue;
+      for (const clientId of subs) {
+        if (sentTo.has(clientId)) continue;
+        const ws = this.clients.get(clientId);
+        if (!ws) continue;
+        ws.send(JSON.stringify({
+          type: 'content_change',
+          channel,
+          event,
+          doc: payload,
+          ts: new Date().toISOString()
+        }));
+        sentTo.add(clientId);
+        this.stats.messagesSent++;
+      }
+    }
+  }
+
+  /**
+   * Get current server stats.
+   */
+  getStats() {
+    const channels = {};
+    for (const [ch, subs] of this.subscriptions) {
+      channels[ch] = subs.size;
+    }
+    return { ...this.stats, channels };
+  }
+
+  /** Close all connections */
+  close() {
+    if (this.heartbeatTimer) clearInterval(this.heartbeatTimer);
+    for (const [, ws] of this.clients) {
+      ws.close(1001, 'Server shutting down');
+    }
+  }
+
+  _handleMessage(clientId, raw) {
+    try {
+      if (typeof raw !== 'string') return;
+      const msg = JSON.parse(raw);
+
+      switch (msg.type) {
+        case 'subscribe': {
+          const channel = msg.channel || '*';
+          if (!this.subscriptions.has(channel)) {
+            this.subscriptions.set(channel, new Set());
+          }
+          this.subscriptions.get(channel).add(clientId);
+          const ws = this.clients.get(clientId);
+          if (ws) ws.send(JSON.stringify({ type: 'subscribed', channel }));
+          break;
+        }
+        case 'unsubscribe': {
+          const channel = msg.channel || '*';
+          const subs = this.subscriptions.get(channel);
+          if (subs) subs.delete(clientId);
+          break;
+        }
+      }
+    } catch { /* ignore malformed */ }
+  }
+}
+
+// ── WebSocket Frame Protocol ───────────────────────────────
+
+class WebSocket {
+  constructor(socket) {
+    this.socket = socket;
+    this._buffer = Buffer.alloc(0);
+    this._closed = false;
+
+    socket.on('data', (chunk) => {
+      this._buffer = Buffer.concat([this._buffer, chunk]);
+      this._parseFrames();
+    });
+
+    socket.on('close', () => {
+      this._closed = true;
+      this.emit('close');
+    });
+
+    socket.on('error', () => {
+      this._closed = true;
+      this.emit('error');
+    });
+  }
+
+  _listeners = {};
+
+  on(ev, fn) { (this._listeners[ev] ||= []).push(fn); }
+  emit(ev, ...args) { (this._listeners[ev] || []).forEach(f => f(...args)); }
+
+  send(data) {
+    if (this._closed) return;
+    try {
+      const payload = Buffer.from(data);
+      const frame = this._encodeFrame(payload, 0x1); // text frame
+      this.socket.write(frame);
+    } catch {}
+  }
+
+  ping() {
+    if (this._closed) return;
+    try {
+      this.socket.write(this._encodeFrame(Buffer.alloc(0), 0x9));
+    } catch {}
+  }
+
+  close(code = 1000, reason = '') {
+    if (this._closed) return;
+    try {
+      const payload = Buffer.alloc(2 + reason.length);
+      payload.writeUInt16BE(code, 0);
+      payload.write(reason, 2);
+      this.socket.write(this._encodeFrame(payload, 0x8));
+      this.socket.end();
+    } catch {}
+    this._closed = true;
+  }
+
+  _parseFrames() {
+    while (this._buffer.length >= 2) {
+      const opcode = this._buffer[0] & 0x0f;
+      const masked = (this._buffer[1] & 0x80) !== 0;
+      let payloadLen = this._buffer[1] & 0x7f;
+      let offset = 2;
+
+      if (payloadLen === 126) {
+        if (this._buffer.length < 4) return;
+        payloadLen = this._buffer.readUInt16BE(2);
+        offset = 4;
+      } else if (payloadLen === 127) {
+        if (this._buffer.length < 10) return;
+        payloadLen = Number(this._buffer.readBigUInt64BE(2));
+        offset = 10;
+      }
+
+      const maskLen = masked ? 4 : 0;
+      if (this._buffer.length < offset + maskLen + payloadLen) return;
+
+      const payload = this._buffer.subarray(offset + maskLen, offset + maskLen + payloadLen);
+      if (masked) {
+        const mask = this._buffer.subarray(offset, offset + 4);
+        for (let i = 0; i < payload.length; i++) {
+          payload[i] ^= mask[i % 4];
+        }
+      }
+
+      this._buffer = this._buffer.subarray(offset + maskLen + payloadLen);
+
+      switch (opcode) {
+        case 0x1: // text
+          this.emit('message', payload.toString('utf-8'));
+          break;
+        case 0x8: // close
+          this.close();
+          break;
+        case 0x9: // ping → pong
+          if (!this._closed) this.socket.write(this._encodeFrame(payload, 0xA));
+          break;
+      }
+    }
+  }
+
+  _encodeFrame(payload, opcode) {
+    const len = payload.length;
+    let header;
+
+    if (len < 126) {
+      header = Buffer.alloc(2);
+      header[0] = 0x80 | opcode;
+      header[1] = len;
+    } else if (len < 65536) {
+      header = Buffer.alloc(4);
+      header[0] = 0x80 | opcode;
+      header[1] = 126;
+      header.writeUInt16BE(len, 2);
+    } else {
+      header = Buffer.alloc(10);
+      header[0] = 0x80 | opcode;
+      header[1] = 127;
+      header.writeBigUInt64BE(BigInt(len), 2);
+    }
+
+    return Buffer.concat([header, payload]);
+  }
+}
+
+// ── Singleton ──────────────────────────────────────────────
+
+let _wss = null;
+
+export function getWSS() {
+  if (!_wss) _wss = new WebSocketServer();
+  return _wss;
+}
+
+export function createWSS() {
+  _wss = new WebSocketServer();
+  return _wss;
+}

package/scripts/cli.js

@@ -0,0 +1,90 @@
+#!/usr/bin/env node
+/**
+ * Taichu CLI — Quick Start
+ *
+ * npx taichu init          → Create a new Taichu project
+ * npx taichu dev            → Start development server
+ * npx taichu migrate --from=wordpress --file=dump.xml
+ */
+
+import { spawn } from 'node:child_process';
+import { existsSync, mkdirSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+
+const cmd = process.argv[2];
+
+switch (cmd) {
+  case 'init': {
+    const dir = process.argv[3] || 'taichu-project';
+    if (existsSync(dir)) {
+      console.log(`Directory "${dir}" already exists.`);
+      process.exit(1);
+    }
+    mkdirSync(dir, { recursive: true });
+    mkdirSync(join(dir, '.taichu', 'data'), { recursive: true });
+    mkdirSync(join(dir, 'plugins'), { recursive: true });
+
+    writeFileSync(join(dir, '.env'), `# Taichu Configuration
+TAICHU_PORT=3120
+TAICHU_STORAGE=sqlite
+TAICHU_DATA_DIR=./.taichu/data
+TAICHU_JWT_SECRET=change-me-to-a-random-string
+TAICHU_LOG_LEVEL=info
+`);
+
+    writeFileSync(join(dir, 'taichu.config.json'), JSON.stringify({
+      siteName: 'My Taichu Site',
+      language: 'zh-CN',
+      timezone: 'Asia/Shanghai'
+    }, null, 2));
+
+    console.log(`
+  ⚡ Taichu CMS initialized in ${dir}/
+
+    To start:
+      cd ${dir}
+      npx taichu dev
+
+    Or with Docker:
+      docker run -p 3120:3120 -v $(pwd)/.taichu:/app/.taichu caludelaw/taichu
+`);
+    process.exit(0);
+    break;
+  }
+
+  case 'dev': {
+    // Find taichu server module
+    const serverPath = join(import.meta.dirname || process.cwd(), '..', '..', 'packages', 'server', 'src', 'index.js');
+    if (!existsSync(serverPath)) {
+      console.error('Taichu server not found. Run from a Taichu project root.');
+      process.exit(1);
+    }
+    const child = spawn('node', [serverPath], { stdio: 'inherit', env: { ...process.env, TAICHU_PORT: process.env.TAICHU_PORT || '3120' } });
+    child.on('exit', (code) => process.exit(code));
+    break;
+  }
+
+  case 'migrate':
+    await import('./migrate.js');
+    break;
+
+  case 'plugin':
+    await import('./plugin-cli.js');
+    break;
+
+  default:
+    console.log(`
+  ⚡ Taichu CMS CLI
+
+  Commands:
+    npx taichu init [dir]     Create a new Taichu project
+    npx taichu dev            Start development server
+    npx taichu migrate        Import content (WP/Markdown)
+    npx taichu plugin         Browse & install plugins
+
+  Environment:
+    TAICHU_PORT=3120          Server port
+    TAICHU_STORAGE=sqlite     Storage engine (memory/sqlite)
+    TAICHU_AGENT_KEY          API key for MCP Agent
+`);
+}