@code2rich/jpage 1.5.0

package/lib/render.js

@@ -0,0 +1,157 @@
+// 文件渲染：listBundleEntries（bundle 目录清单）+ renderFile（Markdown/HTML/bundle → HTML 文档）。
+// Markdown 渲染页下发严格 CSP（内联 mermaid 脚本靠每次生成的 nonce 放行），
+// HTML 渲染页下发宽松 CSP（用户 HTML 常含合法 script，依赖 iframe sandbox 兜底）。
+
+const fs = require('fs');
+const path = require('path');
+const { marked, applyTemplate, templateCache, getTemplateForFile, BUILTIN_TEMPLATE_THEMES } = require('./templates');
+const { getRenderedHtml, setRenderedHtml } = require('./render-cache');
+const { UPLOAD_DIR } = require('./paths');
+const { ZIP_MAX_FILE_COUNT } = require('./zip');
+const { generateNonce, markdownCsp, HTML_CSP } = require('./csp');
+
+// 枚举 bundle 目录组成，供 /content 返回清单。
+// 安全与体量约束：条目数上限与上传校验一致（ZIP_MAX_FILE_COUNT），
+// 另设深度上限避免畸形嵌套；只收录 bundle 目录内的相对路径，防穿越。
+const BUNDLE_LIST_MAX_DEPTH = 8;
+const BUNDLE_LIST_MAX_ENTRIES = ZIP_MAX_FILE_COUNT;
+
+async function listBundleEntries(bundleDir) {
+  const root = path.resolve(bundleDir);
+  const out = [];
+  let truncated = false;
+
+  async function walk(dir, depth) {
+    if (out.length >= BUNDLE_LIST_MAX_ENTRIES || depth > BUNDLE_LIST_MAX_DEPTH) {
+      truncated = true;
+      return;
+    }
+    let names;
+    try { names = await fs.promises.readdir(dir); }
+    catch { return; } // 子目录不可读则跳过，不致整个清单失败
+    for (const name of names) {
+      const full = path.join(dir, name);
+      const resolved = path.resolve(full);
+      const rel = path.relative(root, resolved);
+      // 仅收录 root 内的条目，跳过越界/穿越项
+      if (rel === '' || rel.startsWith('..') || path.isAbsolute(rel)) continue;
+      let st;
+      try { st = await fs.promises.stat(full); }
+      catch { continue; }
+      const relPosix = rel.split(path.sep).join('/');
+      if (st.isDirectory()) {
+        await walk(full, depth + 1);
+      } else {
+        if (out.length >= BUNDLE_LIST_MAX_ENTRIES) { truncated = true; return; }
+        out.push({ path: relPosix, size: st.size });
+      }
+    }
+  }
+
+  await walk(bundleDir, 0);
+  return { entries: out, truncated };
+}
+
+// 发送 Markdown 渲染结果：注入 nonce 到内联 <script>（无 src），下发严格 CSP。
+// 缓存的是「无 nonce 的模板 HTML」，每次发送时动态注入 nonce，保证 nonce 唯一。
+function sendMarkdownHtml(res, html) {
+  const nonce = generateNonce();
+  // 只给内联 <script>（无 src 属性）加 nonce；外链 <script src> 走 'self' 无需 nonce
+  const withNonce = html.replace(/<script(?![^>]*\bsrc=)([^>]*)>/gi, '<script nonce="' + nonce + '"$1>');
+  res.setHeader('Content-Type', 'text/html; charset=utf-8');
+  res.setHeader('Content-Security-Policy', markdownCsp(nonce));
+  res.send(withNonce);
+}
+
+// 发送 HTML 渲染结果：下发宽松 CSP（依赖 iframe sandbox 兜底）
+function sendHtmlDoc(res, html) {
+  res.setHeader('Content-Type', 'text/html; charset=utf-8');
+  res.setHeader('Content-Security-Policy', HTML_CSP);
+  res.send(html);
+}
+
+// 向 HTML 文档注入 charset meta（若缺失）
+function ensureCharset(html) {
+  if (/<meta[^>]+charset=/i.test(html)) return html;
+  const meta = '<meta charset="UTF-8">';
+  if (/<head>/i.test(html)) return html.replace(/<head>/i, '<head>\n' + meta);
+  if (/<html/i.test(html)) return html.replace(/<html[^>]*>/i, '$&\n<head>' + meta + '</head>');
+  return meta + '\n' + html;
+}
+
+async function renderFile(res, file) {
+  // Bundle 渲染
+  if (file.is_bundle) {
+    const bundleDir = path.join(UPLOAD_DIR, file.stored_name);
+    const entryPath = path.join(bundleDir, file.entry_path || 'index.html');
+    const resolved = path.resolve(entryPath);
+    const resolvedDir = path.resolve(bundleDir) + path.sep;
+    if (!resolved.startsWith(resolvedDir)) return res.status(403).json({ error: '非法路径' });
+    try {
+      let content = await fs.promises.readFile(entryPath, 'utf-8');
+      const entryExt = path.extname(file.entry_path || 'index.html').toLowerCase();
+      const baseTag = '<base href="/api/files/' + file.id + '/asset/">';
+
+      if (entryExt === '.md' || entryExt === '.markdown') {
+        // Markdown 入口：marked 渲染 + 模板（命中缓存则跳过昂贵的渲染）
+        const cached = getRenderedHtml(file);
+        if (cached) return sendMarkdownHtml(res, cached);
+        const mdHtml = marked.parse(content, { gfm: true, breaks: false, async: false })
+          .replace(/<pre><code class="hljs language-mermaid">([\s\S]*?)<\/code><\/pre>/g,
+            (_, code) => `<pre class="mermaid">${code}</pre>`);
+        const tplName = await getTemplateForFile(file);
+        const tpl = templateCache[tplName] || templateCache['default'];
+        const hljsTheme = BUILTIN_TEMPLATE_THEMES[tplName] || 'github';
+        let fullHtml = applyTemplate(tpl, file.original_name, mdHtml, hljsTheme);
+        if (/<head>/i.test(fullHtml)) {
+          fullHtml = fullHtml.replace(/<head>/i, '<head>\n' + baseTag);
+        }
+        setRenderedHtml(file, fullHtml);
+        return sendMarkdownHtml(res, fullHtml);
+      }
+
+      // HTML 入口：注入 <base> 和 charset，宽松 CSP
+      if (/<head>/i.test(content)) {
+        content = content.replace(/<head>/i, '<head>\n' + baseTag);
+      } else if (/<html/i.test(content)) {
+        content = content.replace(/<html[^>]*>/i, '$&\n<head>' + baseTag + '</head>');
+      }
+      return sendHtmlDoc(res, ensureCharset(content));
+    } catch (e) {
+      if (e && e.code === 'ENOENT') return res.status(404).json({ error: '入口文件已丢失' });
+      return res.status(500).json({ error: '渲染失败' });
+    }
+  }
+
+  const filePath = path.join(UPLOAD_DIR, file.stored_name);
+  try {
+    const content = await fs.promises.readFile(filePath, 'utf-8');
+
+    if (file.file_type === 'markdown') {
+      // 命中渲染缓存则直接返回（updated_at 失效，覆盖上传会刷新 key）
+      const cached = getRenderedHtml(file);
+      if (cached) return sendMarkdownHtml(res, cached);
+      const html = marked.parse(content, { gfm: true, breaks: false, async: false })
+        .replace(/<pre><code class="hljs language-mermaid">([\s\S]*?)<\/code><\/pre>/g,
+          (_, code) => `<pre class="mermaid">${code}</pre>`);
+      const tplName = await getTemplateForFile(file);
+      const tpl = templateCache[tplName] || templateCache['default'];
+      const hljsTheme = BUILTIN_TEMPLATE_THEMES[tplName] || 'github';
+      const fullHtml = applyTemplate(tpl, file.original_name, html, hljsTheme);
+      setRenderedHtml(file, fullHtml);
+      return sendMarkdownHtml(res, fullHtml);
+    }
+
+    return sendHtmlDoc(res, ensureCharset(content));
+  } catch (e) {
+    if (e && e.code === 'ENOENT') return res.status(404).json({ error: '文件已丢失' });
+    res.status(500).json({ error: '渲染失败' });
+  }
+}
+
+module.exports = {
+  BUNDLE_LIST_MAX_DEPTH,
+  BUNDLE_LIST_MAX_ENTRIES,
+  listBundleEntries,
+  renderFile,
+};

package/lib/templates.js

@@ -0,0 +1,149 @@
+// 模板系统 + Markdown 渲染管线（marked + highlight.js + KaTeX）。
+// 从 server.js 提取，行为保持不变。
+
+const fs = require('fs');
+const path = require('path');
+const { marked } = require('marked');
+const { markedHighlight } = require('marked-highlight');
+const hljs = require('highlight.js');
+const katex = require('katex');
+const logger = require('../logger');
+const { dbAll, dbGet } = require('./db');
+
+const TEMPLATES_DIR = path.join(__dirname, '..', 'templates');
+const templateCache = {};
+
+const TEMPLATE_PLACEHOLDERS = {
+  katex_css_url: '/vendor/katex/katex.min.css',
+  hljs_css_url: '/vendor/highlight.js/styles',
+  mermaid_js_url: '/vendor/mermaid/mermaid.min.js',
+  hljs_js_url: '/vendor/highlight.js/highlight.min.js',
+  katex_js_url: '/vendor/katex/katex.min.js',
+  marked_js_url: '/vendor/marked/marked.min.js',
+};
+
+function loadTemplates() {
+  if (!fs.existsSync(TEMPLATES_DIR)) return;
+  const files = fs.readdirSync(TEMPLATES_DIR).filter(f => f.endsWith('.html'));
+  for (const f of files) {
+    const name = path.basename(f, '.html');
+    const raw = fs.readFileSync(path.join(TEMPLATES_DIR, f), 'utf-8');
+    templateCache[name] = compileTemplate(raw);
+  }
+  logger.info({ type: 'app', msg: 'templates loaded', count: Object.keys(templateCache).length });
+}
+
+// 预编译模板：静态占位符（vendor URL）在加载时一次替换；运行时只剩 title/content/hljs_theme 三个动态替换，
+// 避免每次渲染都跑 ~8 次正则（含 new RegExp 构造）。返回函数 (title, content, hljsTheme) => html。
+function compileTemplate(raw) {
+  let src = raw;
+  for (const [key, value] of Object.entries(TEMPLATE_PLACEHOLDERS)) {
+    src = src.split('{{' + key + '}}').join(value);
+  }
+  return function applyCompiled(title, content, hljsTheme) {
+    return src
+      .split('{{title}}').join(title)
+      .split('{{content}}').join(content)
+      .split('{{hljs_theme}}').join(hljsTheme || 'github');
+  };
+}
+
+function applyTemplate(tplFn, title, content, hljsTheme) {
+  return tplFn(title, content, hljsTheme);
+}
+
+const BUILTIN_TEMPLATE_THEMES = {
+  default: 'github',
+  github: 'github',
+  academic: 'github',
+  'dark-pro': 'github-dark-dimmed',
+};
+
+let templateNameToId = {};
+
+async function loadTemplateNameMap() {
+  const rows = await dbAll('SELECT id, name FROM templates');
+  templateNameToId = {};
+  for (const r of rows) templateNameToId[r.name] = r.id;
+}
+
+async function getTemplateForFile(file) {
+  const tplId = file.template_id;
+  if (tplId) {
+    const row = await dbGet('SELECT name FROM templates WHERE id = ?', [tplId]);
+    if (row && templateCache[row.name]) return row.name;
+  }
+  return 'default';
+}
+
+function renderKatex(tex, displayMode) {
+  try {
+    return katex.renderToString(tex, {
+      displayMode,
+      throwOnError: false,
+      output: 'html',
+      strict: false
+    });
+  } catch (e) {
+    return `<code class="katex-error">${tex}</code>`;
+  }
+}
+
+// --- marked 渲染管线配置（highlight.js + KaTeX 扩展）---
+marked.use(markedHighlight({
+  langPrefix: 'hljs language-',
+  highlight(code, lang) {
+    const language = hljs.getLanguage(lang) ? lang : 'plaintext';
+    return hljs.highlight(code, { language, ignoreIllegals: true }).value;
+  }
+}));
+
+marked.use({
+  extensions: [
+    {
+      name: 'katexInline',
+      level: 'inline',
+      start(src) { return src.indexOf('$'); },
+      tokenizer(src) {
+        const match = /^\$([^\$\n]+?)\$/.exec(src);
+        if (!match) return;
+        return {
+          type: 'katexInline',
+          raw: match[0],
+          text: match[1]
+        };
+      },
+      renderer(token) {
+        return renderKatex(token.text, false);
+      }
+    },
+    {
+      name: 'katexBlock',
+      level: 'block',
+      start(src) { return src.indexOf('$$'); },
+      tokenizer(src) {
+        const match = /^\$\$([\s\S]+?)\$\$(?:\n|$)/.exec(src);
+        if (!match) return;
+        return {
+          type: 'katexBlock',
+          raw: match[0],
+          text: match[1]
+        };
+      },
+      renderer(token) {
+        return `<div class="katex-display">${renderKatex(token.text, true)}</div>\n`;
+      }
+    }
+  ]
+});
+
+module.exports = {
+  templateCache,
+  BUILTIN_TEMPLATE_THEMES,
+  loadTemplates,
+  applyTemplate,
+  loadTemplateNameMap,
+  getTemplateForFile,
+  renderKatex,
+  marked,
+};

package/lib/util.js

@@ -0,0 +1,66 @@
+// 通用工具函数：纯逻辑或仅依赖标准库/Express 请求对象，无 DB/全局状态耦合。
+// 从 server.js 提取，行为保持不变。
+
+const crypto = require('crypto');
+const fs = require('fs');
+
+// --- UTC 时间工具 ---
+// 统一存 UTC：与 SQLite 的 CURRENT_TIMESTAMP / datetime('now') 一致，
+// 避免跨时区部署时的时间偏差。展示层（前端）负责转本地时区。
+// 比原 toLocaleString(Asia/Shanghai) 快约一个数量级。
+function now() {
+  return new Date().toISOString().slice(0, 19).replace('T', ' ');
+}
+
+// --- 异步文件清理 ---
+function unlinkQuiet(p) { return fs.promises.unlink(p).catch(() => {}); }
+
+// 8 位短链 key（base64url，去 padding）
+function generateShareKey() {
+  return crypto.randomBytes(6).toString('base64url').slice(0, 8);
+}
+
+// 取客户端 IP（优先信任反代的 X-Forwarded-For，配合 app.set('trust proxy', 1)）
+function clientIp(req) {
+  return req.headers['x-forwarded-for']?.split(',')[0]?.trim() ||
+         req.socket?.remoteAddress || '-';
+}
+
+// 当前用户 id：优先中间件写入的 req.userId，回退到 session
+function currentUserId(req) {
+  return req.userId || (req.session && req.session.userId) || null;
+}
+
+// multer 上传的中文文件名解码：部分客户端用 latin1 传输 UTF-8 文件名，
+// 这里还原成原始 UTF-8。已包含非 latin1 字符则视为已正确解码。
+function decodeFilename(name) {
+  if (!name) return name;
+  for (let i = 0; i < name.length; i++) {
+    if (name.charCodeAt(i) > 255) return name;
+  }
+  const buf = Buffer.from(name, 'latin1');
+  const decoded = buf.toString('utf8');
+  if (Buffer.from(decoded).equals(buf)) return decoded;
+  return name;
+}
+
+// 生成可读随机密码（去掉易混字符 0/O/1/l/I）
+function generateReadablePassword(length) {
+  const chars = 'abcdefghjkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ23456789';
+  const bytes = crypto.randomBytes(length);
+  let pwd = '';
+  for (let i = 0; i < length; i++) {
+    pwd += chars[bytes[i] % chars.length];
+  }
+  return pwd;
+}
+
+module.exports = {
+  now,
+  unlinkQuiet,
+  generateShareKey,
+  clientIp,
+  currentUserId,
+  decodeFilename,
+  generateReadablePassword,
+};

package/lib/view-counts.js

@@ -0,0 +1,59 @@
+// view_count 内存累加 + 批量 flush。
+// 短链 /s/:key 是热点写路径。把 UPDATE files SET view_count 累积到内存，
+// 定时（30s）或进程退出时批量回写，减少每访问一次就一次写。
+// 从 server.js 提取，行为保持不变。
+
+const crypto = require('crypto');
+const { dbRun, dbGet } = require('./db');
+const { clientIp } = require('./util');
+
+const VIEW_COUNT_BUFFER = new Map(); // fileId -> pending increments
+const VIEW_COUNT_FLUSH_MS = 30000;
+let viewCountFlushTimer = null;
+
+async function flushViewCounts() {
+  if (!VIEW_COUNT_BUFFER.size) return;
+  const entries = [...VIEW_COUNT_BUFFER.entries()];
+  VIEW_COUNT_BUFFER.clear();
+  for (const [fileId, n] of entries) {
+    await dbRun('UPDATE files SET view_count = view_count + ? WHERE id = ?', [n, fileId]).catch(() => {});
+  }
+}
+
+function getPendingViewCount(fileId) {
+  return VIEW_COUNT_BUFFER.get(fileId) || 0;
+}
+
+function bufferViewCount(fileId) {
+  VIEW_COUNT_BUFFER.set(fileId, (VIEW_COUNT_BUFFER.get(fileId) || 0) + 1);
+}
+
+function scheduleViewCountFlush() {
+  if (viewCountFlushTimer) return;
+  viewCountFlushTimer = setInterval(flushViewCounts, VIEW_COUNT_FLUSH_MS);
+  if (typeof viewCountFlushTimer.unref === 'function') viewCountFlushTimer.unref();
+}
+
+async function recordVisit(file, req) {
+  const ip = clientIp(req);
+  const ipHash = crypto.createHash('sha256').update(ip + process.env.SESSION_SECRET).digest('hex').slice(0, 16);
+  const ua = (req.headers['user-agent'] || '').slice(0, 200);
+  const recent = await dbGet(
+    "SELECT id FROM link_visits WHERE file_id = ? AND ip_hash = ? AND visited_at > datetime('now','-5 minutes') LIMIT 1",
+    [file.id, ipHash]
+  );
+  if (recent) return;
+  await dbRun(
+    'INSERT INTO link_visits (file_id, share_key, ip_hash, user_agent) VALUES (?, ?, ?, ?)',
+    [file.id, file.share_key, ipHash, ua]
+  );
+  bufferViewCount(file.id);
+}
+
+module.exports = {
+  flushViewCounts,
+  getPendingViewCount,
+  bufferViewCount,
+  scheduleViewCountFlush,
+  recordVisit,
+};

package/lib/zip.js

@@ -0,0 +1,192 @@
+// ZIP 上传处理：安全校验、解压、bundle/batch 分类与入库。
+// 从 server.js 提取，行为保持不变。
+
+const fs = require('fs');
+const path = require('path');
+const JSZip = require('jszip');
+const logger = require('../logger');
+const { dbRun, dbGet } = require('./db');
+const { UPLOAD_DIR } = require('./paths');
+const { now, generateShareKey, currentUserId, clientIp } = require('./util');
+const { isFtsIndexable, indexFileContent } = require('./fts');
+
+// --- ZIP 安全常量 ---
+const ZIP_MAX_FILE_COUNT = 1000;
+const ZIP_MAX_EXTRACTED_SIZE = 200 * 1024 * 1024;
+const ZIP_MAX_SINGLE_FILE_SIZE = 50 * 1024 * 1024;
+
+// --- ZIP 工具函数 ---
+
+async function validateZipEntries(zip) {
+  const entries = [];
+  let fileCount = 0;
+  return new Promise((resolve, reject) => {
+    zip.forEach((normalizedPath, zipEntry) => {
+      if (normalizedPath.includes('..')) {
+        return reject(new Error('ZIP 条目路径包含目录穿越: ' + (zipEntry.unsafeOriginalName || normalizedPath)));
+      }
+      if (zipEntry.unixPermissions != null &&
+          (zipEntry.unixPermissions & 0o170000) === 0o120000) {
+        return reject(new Error('ZIP 包含符号链接: ' + (zipEntry.unsafeOriginalName || normalizedPath)));
+      }
+      if (!normalizedPath.trim() || zipEntry.dir) return;
+      fileCount++;
+      entries.push({ name: normalizedPath, originalName: zipEntry.unsafeOriginalName || normalizedPath });
+    });
+    if (fileCount === 0) return reject(new Error('ZIP 包中无文件'));
+    if (fileCount > ZIP_MAX_FILE_COUNT) return reject(new Error('ZIP 包含 ' + fileCount + ' 个文件，超过上限 ' + ZIP_MAX_FILE_COUNT));
+    resolve(entries);
+  });
+}
+
+async function extractEntries(zip, entries, targetDir) {
+  let totalSize = 0;
+  const results = [];
+  const resolvedTarget = path.resolve(targetDir) + path.sep;
+  for (const entry of entries) {
+    const zipFile = zip.file(entry.name);
+    if (!zipFile) continue;
+    const buf = await zipFile.async('nodebuffer');
+    if (buf.length > ZIP_MAX_SINGLE_FILE_SIZE) throw new Error('文件 ' + entry.name + ' 解压后超过单文件限制');
+    totalSize += buf.length;
+    if (totalSize > ZIP_MAX_EXTRACTED_SIZE) throw new Error('解压总大小超过 ' + Math.round(ZIP_MAX_EXTRACTED_SIZE / 1024 / 1024) + 'MB 限制');
+    const filePath = path.join(targetDir, entry.name);
+    if (!path.resolve(filePath).startsWith(resolvedTarget)) throw new Error('路径穿越: ' + entry.name);
+    await fs.promises.mkdir(path.dirname(filePath), { recursive: true });
+    await fs.promises.writeFile(filePath, buf);
+    results.push({ name: entry.name, size: buf.length });
+  }
+  return { entries: results, totalSize };
+}
+
+function findEntryHtml(entries) {
+  const htmlExts = ['.html', '.htm'];
+  for (const name of ['index.html', 'index.htm']) {
+    const found = entries.find(e => e.name.toLowerCase() === name);
+    if (found) return found.name;
+  }
+  const rootHtmls = entries.filter(e =>
+    htmlExts.some(ext => e.name.toLowerCase().endsWith(ext)) && !e.name.includes('/')
+  ).sort((a, b) => a.name.localeCompare(b.name));
+  if (rootHtmls.length > 0) return rootHtmls[0].name;
+  for (const name of ['index.html', 'index.htm']) {
+    const found = entries.find(e => e.name.split('/').pop().toLowerCase() === name);
+    if (found) return found.name;
+  }
+  const anyHtml = entries.find(e => htmlExts.some(ext => e.name.toLowerCase().endsWith(ext)));
+  return anyHtml ? anyHtml.name : null;
+}
+
+function classifyZip(entries) {
+  const htmlExts = ['.html', '.htm'];
+  const assetExts = ['.css', '.js', '.json', '.png', '.jpg', '.jpeg', '.gif',
+    '.svg', '.webp', '.ico', '.woff', '.woff2', '.ttf', '.eot',
+    '.mp3', '.mp4', '.webm', '.ogg', '.wav', '.pdf',
+    '.map', '.webmanifest', '.xml', '.txt'];
+  const htmlFiles = entries.filter(e => htmlExts.some(ext => e.name.toLowerCase().endsWith(ext)));
+  const mdFiles = entries.filter(e => e.name.toLowerCase().endsWith('.md') || e.name.toLowerCase().endsWith('.markdown'));
+  const assetFiles = entries.filter(e => assetExts.some(ext => e.name.toLowerCase().endsWith(ext)));
+  const hasSubDirs = entries.some(e => e.name.includes('/'));
+  if (htmlFiles.length === 0 && mdFiles.length === 0) return { type: 'reject', reason: 'ZIP 中无 HTML 或 Markdown 文件' };
+  // 纯 Markdown + 资源文件：作为 bundle 处理，第一个 MD 文件作为入口
+  if (htmlFiles.length === 0 && mdFiles.length >= 1 && assetFiles.length > 0) {
+    return { type: 'bundle', entryFile: mdFiles[0].name };
+  }
+  const hasRootIndex = entries.some(e => e.name.toLowerCase() === 'index.html' || e.name.toLowerCase() === 'index.htm');
+  if (htmlFiles.length >= 1 && hasRootIndex && (hasSubDirs || assetFiles.length > 0)) return { type: 'bundle', entryFile: findEntryHtml(entries) };
+  if (htmlFiles.length >= 1 && (hasSubDirs || assetFiles.length > 0) && mdFiles.length === 0) {
+    const entry = findEntryHtml(entries);
+    if (entry) return { type: 'bundle', entryFile: entry };
+  }
+  if (!hasSubDirs && assetFiles.length === 0) return { type: 'batch', files: [...htmlFiles, ...mdFiles] };
+  if (htmlFiles.length === 1) return { type: 'bundle', entryFile: findEntryHtml(entries) };
+  return { type: 'batch', files: [...htmlFiles, ...mdFiles] };
+}
+
+async function handleZipUpload(req, res, zipBuffer) {
+  try {
+    const zip = await JSZip.loadAsync(zipBuffer);
+    const entries = await validateZipEntries(zip);
+    const classification = classifyZip(entries);
+
+    if (classification.type === 'reject') {
+      return res.status(400).json({ error: classification.reason });
+    }
+
+    const isPublic = req.body.isPublic === 'true' || req.body.isPublic === true;
+    const userId = currentUserId(req);
+
+    if (classification.type === 'bundle') {
+      const dirName = Date.now() + '-' + Math.round(Math.random() * 1e9);
+      const bundleDir = path.join(UPLOAD_DIR, dirName);
+      await extractEntries(zip, entries, bundleDir);
+
+      const totalSize = await fs.promises.readdir(bundleDir).then(files =>
+        Promise.all(files.map(f => fs.promises.stat(path.join(bundleDir, f)).then(s => s.size)))
+      ).then(sizes => sizes.reduce((a, b) => a + b, 0));
+
+      const originalName = req.file ? req.file.originalname : (req.body && req.body.name) || 'upload.zip';
+      const entryExt = path.extname(classification.entryFile).toLowerCase();
+      const fileType = (entryExt === '.md' || entryExt === '.markdown') ? 'markdown' : 'html';
+
+      const result = await dbRun(
+        'INSERT INTO files (original_name, stored_name, file_type, size, is_public, uploaded_by, share_key, updated_at, is_bundle, entry_path) VALUES (?, ?, ?, ?, ?, ?, ?, ?, 1, ?)',
+        [originalName, dirName, fileType, totalSize, isPublic ? 1 : 0, userId, generateShareKey(), now(), classification.entryFile]
+      );
+
+      const shareKey = await dbGet('SELECT share_key FROM files WHERE id = ?', [result.lastID]).then(r => r?.share_key);
+      logger.audit('file.upload', { fileId: result.lastID, fileName: originalName, fileType: 'bundle', size: totalSize, ip: clientIp(req) });
+      return res.json({
+        id: result.lastID,
+        original_name: originalName,
+        file_type: fileType,
+        size: totalSize,
+        is_public: isPublic ? 1 : 0,
+        is_bundle: 1,
+        entry_path: classification.entryFile,
+        share_key: shareKey
+      });
+    }
+
+    // batch 模式
+    const results = [];
+    for (const entry of classification.files) {
+      const zipFile = zip.file(entry.name);
+      if (!zipFile) continue;
+      const buf = await zipFile.async('nodebuffer');
+      const ext = path.extname(entry.name).toLowerCase();
+      const fileType = (ext === '.md' || ext === '.markdown') ? 'markdown' : 'html';
+      const unique = Date.now() + '-' + Math.round(Math.random() * 1e9);
+      const storedName = unique + ext;
+      const filePath = path.join(UPLOAD_DIR, storedName);
+      await fs.promises.writeFile(filePath, buf);
+
+      const baseName = path.basename(entry.name);
+      const dbResult = await dbRun(
+        'INSERT INTO files (original_name, stored_name, file_type, size, is_public, uploaded_by, share_key, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?)',
+        [baseName, storedName, fileType, buf.length, isPublic ? 1 : 0, userId, generateShareKey(), now()]
+      );
+      if (isFtsIndexable(fileType, storedName)) {
+        indexFileContent(dbResult.lastID, storedName);
+      }
+      results.push({ id: dbResult.lastID, original_name: baseName, file_type: fileType, size: buf.length });
+    }
+
+    logger.audit('file.upload', { fileType: 'batch', count: results.length, ip: clientIp(req) });
+    return res.json({ type: 'batch', count: results.length, files: results });
+  } catch (e) {
+    logger.error({ type: 'app', action: 'zip.upload', error: e.message });
+    return res.status(500).json({ error: 'ZIP 处理失败: ' + e.message });
+  }
+}
+
+module.exports = {
+  ZIP_MAX_FILE_COUNT,
+  ZIP_MAX_EXTRACTED_SIZE,
+  ZIP_MAX_SINGLE_FILE_SIZE,
+  validateZipEntries,
+  extractEntries,
+  findEntryHtml,
+  classifyZip,
+  handleZipUpload,
+};

package/logger.js

@@ -0,0 +1,16 @@
+const JSONLogger = {
+  _output(level, obj) {
+    const entry = { level, timestamp: new Date().toISOString(), ...obj };
+    const line = JSON.stringify(entry);
+    if (level === 'error') process.stderr.write(line + '\n');
+    else process.stdout.write(line + '\n');
+  },
+  info(obj) { this._output('info', obj); },
+  warn(obj) { this._output('warn', obj); },
+  error(obj) { this._output('error', obj); },
+  audit(action, details = {}) {
+    this._output('info', { type: 'audit', action, ...details });
+  },
+};
+
+module.exports = JSONLogger;

package/mailer.js

@@ -0,0 +1,34 @@
+const nodemailer = require('nodemailer');
+const logger = require('./logger');
+
+let transporter = null;
+let fromAddress = '';
+let appUrl = '';
+
+function initMailer() {
+  const { SMTP_HOST, SMTP_PORT, SMTP_SECURE, SMTP_USER, SMTP_PASS, SMTP_FROM, APP_URL } = process.env;
+  if (!SMTP_HOST) return false;
+
+  transporter = nodemailer.createTransport({
+    host: SMTP_HOST,
+    port: parseInt(SMTP_PORT) || 465,
+    secure: SMTP_SECURE !== 'false',
+    auth: SMTP_USER ? { user: SMTP_USER, pass: SMTP_PASS } : undefined,
+  });
+  fromAddress = SMTP_FROM || SMTP_USER || 'noreply@jpage.local';
+  appUrl = APP_URL || 'http://localhost:8858';
+  logger.info({ type: 'app', message: 'SMTP 已配置', host: SMTP_HOST, port: SMTP_PORT || 465 });
+  return true;
+}
+
+async function sendMail(to, subject, html) {
+  if (!transporter) throw new Error('SMTP 未配置');
+  const info = await transporter.sendMail({ from: fromAddress, to, subject, html });
+  logger.info({ type: 'app', message: '邮件已发送', to, subject, messageId: info.messageId });
+  return info;
+}
+
+function getAppUrl() { return appUrl || process.env.APP_URL || 'http://localhost:8858'; }
+function isMailerConfigured() { return !!transporter; }
+
+module.exports = { initMailer, sendMail, getAppUrl, isMailerConfigured };