@sonicjs-cms/core 2.4.0 → 2.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{app-Db0AfT5F.d.cts → app-DV27cjPy.d.cts} +1 -1
- package/dist/{app-Db0AfT5F.d.ts → app-DV27cjPy.d.ts} +1 -1
- package/dist/{chunk-YIXSSJWD.cjs → chunk-63K7XXRX.cjs} +5 -5
- package/dist/{chunk-YIXSSJWD.cjs.map → chunk-63K7XXRX.cjs.map} +1 -1
- package/dist/{chunk-VNCYCH3H.js → chunk-7DL5SPPX.js} +59 -5
- package/dist/chunk-7DL5SPPX.js.map +1 -0
- package/dist/{chunk-AZLU3ROK.cjs → chunk-BZC4FYW7.cjs} +4 -4
- package/dist/chunk-BZC4FYW7.cjs.map +1 -0
- package/dist/chunk-CLIH2T74.js +403 -0
- package/dist/chunk-CLIH2T74.js.map +1 -0
- package/dist/{chunk-D2NLCPO2.js → chunk-EVZOVYLO.js} +53 -2
- package/dist/chunk-EVZOVYLO.js.map +1 -0
- package/dist/{chunk-DXM575E2.js → chunk-EYWR6UA2.js} +6 -6
- package/dist/chunk-EYWR6UA2.js.map +1 -0
- package/dist/{chunk-CPXAVWCU.js → chunk-F332TENF.js} +278 -3
- package/dist/chunk-F332TENF.js.map +1 -0
- package/dist/{chunk-FT6NBHNX.js → chunk-F6GZURXJ.js} +2536 -600
- package/dist/chunk-F6GZURXJ.js.map +1 -0
- package/dist/{chunk-2MI3LZFH.cjs → chunk-IIRVZSP2.cjs} +53 -2
- package/dist/chunk-IIRVZSP2.cjs.map +1 -0
- package/dist/{chunk-V5LBQN3I.js → chunk-KA2PDJNB.js} +4 -4
- package/dist/chunk-KA2PDJNB.js.map +1 -0
- package/dist/{chunk-AVPUX57O.js → chunk-KAOWRIFD.js} +3 -3
- package/dist/{chunk-AVPUX57O.js.map → chunk-KAOWRIFD.js.map} +1 -1
- package/dist/{chunk-ILZ3DP4I.cjs → chunk-MPT5PA6U.cjs} +24 -2
- package/dist/chunk-MPT5PA6U.cjs.map +1 -0
- package/dist/{chunk-A4SVOGG6.cjs → chunk-N7TDLOUE.cjs} +2696 -762
- package/dist/chunk-N7TDLOUE.cjs.map +1 -0
- package/dist/{chunk-7I5INVNR.cjs → chunk-T3YIKW2A.cjs} +9 -9
- package/dist/chunk-T3YIKW2A.cjs.map +1 -0
- package/dist/{chunk-DTLB6UIH.cjs → chunk-Y72M3MVX.cjs} +280 -2
- package/dist/chunk-Y72M3MVX.cjs.map +1 -0
- package/dist/{chunk-SGAG6FD3.js → chunk-YFJJU26H.js} +24 -2
- package/dist/chunk-YFJJU26H.js.map +1 -0
- package/dist/chunk-YHW27CBV.cjs +406 -0
- package/dist/chunk-YHW27CBV.cjs.map +1 -0
- package/dist/{chunk-FYEDK7K7.cjs → chunk-YMTTGHEK.cjs} +61 -4
- package/dist/chunk-YMTTGHEK.cjs.map +1 -0
- package/dist/{collection-config-FLlGtsh9.d.cts → collection-config-BF95LgQb.d.cts} +10 -2
- package/dist/{collection-config-FLlGtsh9.d.ts → collection-config-BF95LgQb.d.ts} +10 -2
- package/dist/index.cjs +2001 -142
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +504 -9
- package/dist/index.d.ts +504 -9
- package/dist/index.js +1893 -41
- package/dist/index.js.map +1 -1
- package/dist/middleware.cjs +24 -24
- package/dist/middleware.d.cts +1 -1
- package/dist/middleware.d.ts +1 -1
- package/dist/middleware.js +3 -3
- package/dist/migrations-QNYAWQLB.cjs +13 -0
- package/dist/{migrations-32QAYLWJ.cjs.map → migrations-QNYAWQLB.cjs.map} +1 -1
- package/dist/migrations-R6NQBKQV.js +4 -0
- package/dist/{migrations-57ZHBQ4X.js.map → migrations-R6NQBKQV.js.map} +1 -1
- package/dist/{plugin-bootstrap-CDh0JHtW.d.ts → plugin-bootstrap-CB-xaBfK.d.ts} +2 -2
- package/dist/{plugin-bootstrap-C0E3jdz-.d.cts → plugin-bootstrap-U-cw9jn3.d.cts} +2 -2
- package/dist/plugin-manager-Baa6xXqB.d.ts +328 -0
- package/dist/plugin-manager-vBal9Zip.d.cts +328 -0
- package/dist/plugins.cjs +20 -7
- package/dist/plugins.d.cts +53 -310
- package/dist/plugins.d.ts +53 -310
- package/dist/plugins.js +2 -1
- package/dist/routes.cjs +27 -26
- package/dist/routes.d.cts +1 -1
- package/dist/routes.d.ts +1 -1
- package/dist/routes.js +7 -6
- package/dist/services.cjs +16 -16
- package/dist/services.d.cts +2 -2
- package/dist/services.d.ts +2 -2
- package/dist/services.js +2 -2
- package/dist/templates.cjs +17 -17
- package/dist/templates.js +2 -2
- package/dist/types.d.cts +1 -1
- package/dist/types.d.ts +1 -1
- package/dist/utils.cjs +23 -11
- package/dist/utils.d.cts +38 -1
- package/dist/utils.d.ts +38 -1
- package/dist/utils.js +1 -1
- package/migrations/027_fix_slug_field_type.sql +18 -0
- package/migrations/028_fix_slug_field_type_in_schemas.sql +30 -0
- package/migrations/029_ai_search_plugin.sql +45 -0
- package/package.json +5 -2
- package/dist/chunk-2MI3LZFH.cjs.map +0 -1
- package/dist/chunk-7I5INVNR.cjs.map +0 -1
- package/dist/chunk-A4SVOGG6.cjs.map +0 -1
- package/dist/chunk-AZLU3ROK.cjs.map +0 -1
- package/dist/chunk-CPXAVWCU.js.map +0 -1
- package/dist/chunk-D2NLCPO2.js.map +0 -1
- package/dist/chunk-DTLB6UIH.cjs.map +0 -1
- package/dist/chunk-DXM575E2.js.map +0 -1
- package/dist/chunk-FT6NBHNX.js.map +0 -1
- package/dist/chunk-FYEDK7K7.cjs.map +0 -1
- package/dist/chunk-ILZ3DP4I.cjs.map +0 -1
- package/dist/chunk-SGAG6FD3.js.map +0 -1
- package/dist/chunk-V5LBQN3I.js.map +0 -1
- package/dist/chunk-VNCYCH3H.js.map +0 -1
- package/dist/migrations-32QAYLWJ.cjs +0 -13
- package/dist/migrations-57ZHBQ4X.js +0 -4
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
var
|
|
4
|
-
var
|
|
3
|
+
var chunkMPT5PA6U_cjs = require('./chunk-MPT5PA6U.cjs');
|
|
4
|
+
var chunkIIRVZSP2_cjs = require('./chunk-IIRVZSP2.cjs');
|
|
5
5
|
var chunkRCQ2HIQD_cjs = require('./chunk-RCQ2HIQD.cjs');
|
|
6
6
|
var jwt = require('hono/jwt');
|
|
7
7
|
var cookie = require('hono/cookie');
|
|
@@ -20,17 +20,17 @@ function bootstrapMiddleware(config = {}) {
|
|
|
20
20
|
try {
|
|
21
21
|
console.log("[Bootstrap] Starting system initialization...");
|
|
22
22
|
console.log("[Bootstrap] Running database migrations...");
|
|
23
|
-
const migrationService = new
|
|
23
|
+
const migrationService = new chunkIIRVZSP2_cjs.MigrationService(c.env.DB);
|
|
24
24
|
await migrationService.runPendingMigrations();
|
|
25
25
|
console.log("[Bootstrap] Syncing collection configurations...");
|
|
26
26
|
try {
|
|
27
|
-
await
|
|
27
|
+
await chunkMPT5PA6U_cjs.syncCollections(c.env.DB);
|
|
28
28
|
} catch (error) {
|
|
29
29
|
console.error("[Bootstrap] Error syncing collections:", error);
|
|
30
30
|
}
|
|
31
31
|
if (!config.plugins?.disableAll) {
|
|
32
32
|
console.log("[Bootstrap] Bootstrapping core plugins...");
|
|
33
|
-
const bootstrapService = new
|
|
33
|
+
const bootstrapService = new chunkMPT5PA6U_cjs.PluginBootstrapService(c.env.DB);
|
|
34
34
|
const needsBootstrap = await bootstrapService.isBootstrapNeeded();
|
|
35
35
|
if (needsBootstrap) {
|
|
36
36
|
await bootstrapService.bootstrapCorePlugins();
|
|
@@ -57,11 +57,11 @@ var AuthManager = class {
|
|
|
57
57
|
// 24 hours
|
|
58
58
|
iat: Math.floor(Date.now() / 1e3)
|
|
59
59
|
};
|
|
60
|
-
return await jwt.sign(payload, JWT_SECRET);
|
|
60
|
+
return await jwt.sign(payload, JWT_SECRET, "HS256");
|
|
61
61
|
}
|
|
62
62
|
static async verifyToken(token) {
|
|
63
63
|
try {
|
|
64
|
-
const payload = await jwt.verify(token, JWT_SECRET);
|
|
64
|
+
const payload = await jwt.verify(token, JWT_SECRET, "HS256");
|
|
65
65
|
if (payload.exp < Math.floor(Date.now() / 1e3)) {
|
|
66
66
|
return null;
|
|
67
67
|
}
|
|
@@ -239,5 +239,5 @@ exports.requirePermission = requirePermission;
|
|
|
239
239
|
exports.requireRole = requireRole;
|
|
240
240
|
exports.securityHeaders = securityHeaders;
|
|
241
241
|
exports.securityLoggingMiddleware = securityLoggingMiddleware;
|
|
242
|
-
//# sourceMappingURL=chunk-
|
|
243
|
-
//# sourceMappingURL=chunk-
|
|
242
|
+
//# sourceMappingURL=chunk-T3YIKW2A.cjs.map
|
|
243
|
+
//# sourceMappingURL=chunk-T3YIKW2A.cjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/middleware/bootstrap.ts","../src/middleware/auth.ts","../src/middleware/metrics.ts","../src/middleware/index.ts"],"names":["MigrationService","syncCollections","PluginBootstrapService","sign","verify","setCookie","getCookie","metricsTracker"],"mappings":";;;;;;;;;AAYA,IAAI,iBAAA,GAAoB,KAAA;AAMjB,SAAS,mBAAA,CAAoB,MAAA,GAAwB,EAAC,EAAG;AAC9D,EAAA,OAAO,OAAO,GAAoC,IAAA,KAAe;AAE/D,IAAA,IAAI,iBAAA,EAAmB;AACrB,MAAA,OAAO,IAAA,EAAK;AAAA,IACd;AAGA,IAAA,MAAM,IAAA,GAAO,EAAE,GAAA,CAAI,IAAA;AACnB,IAAA,IACE,IAAA,CAAK,UAAA,CAAW,UAAU,CAAA,IAC1B,IAAA,CAAK,UAAA,CAAW,UAAU,CAAA,IAC1B,IAAA,KAAS,SAAA,IACT,IAAA,CAAK,QAAA,CAAS,KAAK,CAAA,IACnB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,IACpB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,IACpB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,IACpB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,EACpB;AACA,MAAA,OAAO,IAAA,EAAK;AAAA,IACd;AAEA,IAAA,IAAI;AACF,MAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAG3D,MAAA,OAAA,CAAQ,IAAI,4CAA4C,CAAA;AACxD,MAAA,MAAM,gBAAA,GAAmB,IAAIA,kCAAA,CAAiB,CAAA,CAAE,IAAI,EAAE,CAAA;AACtD,MAAA,MAAM,iBAAiB,oBAAA,EAAqB;AAG5C,MAAA,OAAA,CAAQ,IAAI,kDAAkD,CAAA;AAC9D,MAAA,IAAI;AACF,QAAA,MAAMC,iCAAA,CAAgB,CAAA,CAAE,GAAA,CAAI,EAAE,CAAA;AAAA,MAChC,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,0CAA0C,KAAK,CAAA;AAAA,MAE/D;AAGA,MAAA,IAAI,CAAC,MAAA,CAAO,OAAA,EAAS,UAAA,EAAY;AAC/B,QAAA,OAAA,CAAQ,IAAI,2CAA2C,CAAA;AACvD,QAAA,MAAM,gBAAA,GAAmB,IAAIC,wCAAA,CAAuB,CAAA,CAAE,IAAI,EAAE,CAAA;AAG5D,QAAA,MAAM,cAAA,GAAiB,MAAM,gBAAA,CAAiB,iBAAA,EAAkB;AAChE,QAAA,IAAI,cAAA,EAAgB;AAClB,UAAA,MAAM,iBAAiB,oBAAA,EAAqB;AAAA,QAC9C;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AAAA,MACzE;AAGA,MAAA,iBAAA,GAAoB,IAAA;AACpB,MAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AAAA,IAC3D,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,mDAAmD,KAAK,CAAA;AAAA,IAExE;AAEA,IAAA,OAAO,IAAA,EAAK;AAAA,EACd,CAAA;AACF;ACpEA,IAAM,UAAA,GAAa,gDAAA;AAEZ,IAAM,cAAN,MAAkB;AAAA,EACvB,aAAa,aAAA,CAAc,MAAA,EAAgB,KAAA,EAAe,IAAA,EAA+B;AACvF,IAAA,MAAM,OAAA,GAAsB;AAAA,MAC1B,MAAA;AAAA,MACA,KAAA;AAAA,MACA,IAAA;AAAA,MACA,GAAA,EAAK,KAAK,KAAA,CAAM,IAAA,CAAK,KAAI,GAAI,GAAI,CAAA,GAAK,EAAA,GAAK,EAAA,GAAK,EAAA;AAAA;AAAA,MAChD,KAAK,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,KACnC;AAEA,IAAA,OAAO,MAAMC,QAAA,CAAK,OAAA,EAAS,UAAA,EAAY,OAAO,CAAA;AAAA,EAChD;AAAA,EAEA,aAAa,YAAY,KAAA,EAA2C;AAClE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,MAAMC,UAAA,CAAO,KAAA,EAAO,YAAY,OAAO,CAAA;AAGvD,MAAA,IAAI,OAAA,CAAQ,MAAM,IAAA,CAAK,KAAA,CAAM,KAAK,GAAA,EAAI,GAAI,GAAI,CAAA,EAAG;AAC/C,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO,OAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,8BAA8B,KAAK,CAAA;AACjD,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,aAAa,aAAa,QAAA,EAAmC;AAE3D,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,IAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,CAAO,QAAA,GAAW,2BAA2B,CAAA;AAClE,IAAA,MAAM,aAAa,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,IAAI,CAAA;AAC7D,IAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,IAAI,UAAA,CAAW,UAAU,CAAC,CAAA;AACvD,IAAA,OAAO,SAAA,CAAU,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AAAA,EACpE;AAAA,EAEA,aAAa,cAAA,CAAe,QAAA,EAAkB,IAAA,EAAgC;AAC5E,IAAA,MAAM,YAAA,GAAe,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,CAAA;AACrD,IAAA,OAAO,YAAA,KAAiB,IAAA;AAAA,EAC1B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAO,aAAA,CAAc,CAAA,EAAY,KAAA,EAAe,OAAA,EAKvC;AACP,IAAAC,gBAAA,CAAU,CAAA,EAAG,cAAc,KAAA,EAAO;AAAA,MAChC,QAAA,EAAU,SAAS,QAAA,IAAY,IAAA;AAAA,MAC/B,MAAA,EAAQ,SAAS,MAAA,IAAU,IAAA;AAAA,MAC3B,QAAA,EAAU,SAAS,QAAA,IAAY,QAAA;AAAA,MAC/B,MAAA,EAAQ,OAAA,EAAS,MAAA,IAAW,EAAA,GAAK,EAAA,GAAK;AAAA;AAAA,KACvC,CAAA;AAAA,EACH;AACF;AAGO,IAAM,cAAc,MAAM;AAC/B,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,IAAI;AAEF,MAAA,IAAI,KAAA,GAAQ,EAAE,GAAA,CAAI,MAAA,CAAO,eAAe,CAAA,EAAG,OAAA,CAAQ,WAAW,EAAE,CAAA;AAGhE,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,KAAA,GAAQC,gBAAA,CAAU,GAAG,YAAY,CAAA;AAAA,MACnC;AAEA,MAAA,IAAI,CAAC,KAAA,EAAO;AAEV,QAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,QAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,UAAA,OAAO,CAAA,CAAE,SAAS,yDAAyD,CAAA;AAAA,QAC7E;AACA,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,yBAAA,IAA6B,GAAG,CAAA;AAAA,MACzD;AAGA,MAAA,MAAM,EAAA,GAAK,EAAE,GAAA,EAAK,EAAA;AAClB,MAAA,IAAI,OAAA,GAA6B,IAAA;AAEjC,MAAA,IAAI,EAAA,EAAI;AACN,QAAA,MAAM,WAAW,CAAA,KAAA,EAAQ,KAAA,CAAM,SAAA,CAAU,CAAA,EAAG,EAAE,CAAC,CAAA,CAAA;AAC/C,QAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,GAAA,CAAI,UAAU,MAAM,CAAA;AAC5C,QAAA,IAAI,MAAA,EAAQ;AACV,UAAA,OAAA,GAAU,MAAA;AAAA,QACZ;AAAA,MACF;AAGA,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,OAAA,GAAU,MAAM,WAAA,CAAY,WAAA,CAAY,KAAK,CAAA;AAG7C,QAAA,IAAI,WAAW,EAAA,EAAI;AACjB,UAAA,MAAM,WAAW,CAAA,KAAA,EAAQ,KAAA,CAAM,SAAA,CAAU,CAAA,EAAG,EAAE,CAAC,CAAA,CAAA;AAC/C,UAAA,MAAM,EAAA,CAAG,GAAA,CAAI,QAAA,EAAU,IAAA,CAAK,SAAA,CAAU,OAAO,CAAA,EAAG,EAAE,aAAA,EAAe,GAAA,EAAK,CAAA;AAAA,QACxE;AAAA,MACF;AAEA,MAAA,IAAI,CAAC,OAAA,EAAS;AAEZ,QAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,QAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,UAAA,OAAO,CAAA,CAAE,SAAS,gEAAgE,CAAA;AAAA,QACpF;AACA,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,0BAAA,IAA8B,GAAG,CAAA;AAAA,MAC1D;AAGA,MAAA,CAAA,CAAE,GAAA,CAAI,QAAQ,OAAO,CAAA;AAErB,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,0BAA0B,KAAK,CAAA;AAE7C,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,6DAA6D,CAAA;AAAA,MACjF;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,uBAAA,IAA2B,GAAG,CAAA;AAAA,IACvD;AAAA,EACF,CAAA;AACF;AAGO,IAAM,WAAA,GAAc,CAAC,YAAA,KAAoC;AAC9D,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,MAAM,IAAA,GAAO,CAAA,CAAE,GAAA,CAAI,MAAM,CAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,EAAM;AAET,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,yDAAyD,CAAA;AAAA,MAC7E;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,yBAAA,IAA6B,GAAG,CAAA;AAAA,IACzD;AAEA,IAAA,MAAM,QAAQ,KAAA,CAAM,OAAA,CAAQ,YAAY,CAAA,GAAI,YAAA,GAAe,CAAC,YAAY,CAAA;AAExE,IAAA,IAAI,CAAC,KAAA,CAAM,QAAA,CAAS,IAAA,CAAK,IAAI,CAAA,EAAG;AAE9B,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,kEAAkE,CAAA;AAAA,MACtF;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,0BAAA,IAA8B,GAAG,CAAA;AAAA,IAC1D;AAEA,IAAA,OAAO,MAAM,IAAA,EAAK;AAAA,EACpB,CAAA;AACF;AAGO,IAAM,eAAe,MAAM;AAChC,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,IAAI;AACF,MAAA,IAAI,KAAA,GAAQ,EAAE,GAAA,CAAI,MAAA,CAAO,eAAe,CAAA,EAAG,OAAA,CAAQ,WAAW,EAAE,CAAA;AAEhE,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,KAAA,GAAQA,gBAAA,CAAU,GAAG,YAAY,CAAA;AAAA,MACnC;AAEA,MAAA,IAAI,KAAA,EAAO;AACT,QAAA,MAAM,OAAA,GAAU,MAAM,WAAA,CAAY,WAAA,CAAY,KAAK,CAAA;AACnD,QAAA,IAAI,OAAA,EAAS;AACX,UAAA,CAAA,CAAE,GAAA,CAAI,QAAQ,OAAO,CAAA;AAAA,QACvB;AAAA,MACF;AAEA,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB,SAAS,KAAA,EAAO;AAEd,MAAA,OAAA,CAAQ,KAAA,CAAM,wBAAwB,KAAK,CAAA;AAC3C,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB;AAAA,EACF,CAAA;AACF;;;AClMO,IAAM,oBAAoB,MAAyB;AACxD,EAAA,OAAO,OAAO,GAAG,IAAA,KAAS;AACxB,IAAA,MAAM,OAAO,IAAI,GAAA,CAAI,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA;AAGhC,IAAA,IAAI,SAAS,8BAAA,EAAgC;AAC3C,MAAAC,gCAAA,CAAe,aAAA,EAAc;AAAA,IAC/B;AAGA,IAAA,MAAM,IAAA,EAAK;AAAA,EACb,CAAA;AACF;;;ACQO,IAAM,oBAAyB,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACzE,IAAM,4BAAiC,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACjF,IAAM,4BAAiC,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACjF,IAAM,+BAAoC,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACpF,IAAM,eAAoB,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACpE,IAAM,qBAAA,GAA6B,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACvE,IAAM,kBAAuB,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AAGvE,IAAM,oBAAyB;AAC/B,IAAM,oBAAyB,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACzE,IAAM,uBAA4B,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AAC5E,IAAM,cAAmB,MAAM;AAAC;AAChC,IAAM,sBAA2B,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AAC3E,IAAM,uBAA4B,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AAC5E,IAAM,gBAAA,GAAwB,MAAM;AACpC,IAAM,iBAAsB,MAAM","file":"chunk-T3YIKW2A.cjs","sourcesContent":["import { Context, Next } from \"hono\";\nimport { syncCollections } from \"../services/collection-sync\";\nimport { MigrationService } from \"../services/migrations\";\nimport { PluginBootstrapService } from \"../services/plugin-bootstrap\";\nimport type { SonicJSConfig } from \"../app\";\n\ntype Bindings = {\n DB: D1Database;\n KV: KVNamespace;\n};\n\n// Track if bootstrap has been run in this worker instance\nlet bootstrapComplete = false;\n\n/**\n * Bootstrap middleware that ensures system initialization\n * Runs once per worker instance\n */\nexport function bootstrapMiddleware(config: SonicJSConfig = {}) {\n return async (c: Context<{ Bindings: Bindings }>, next: Next) => {\n // Skip if already bootstrapped in this worker instance\n if (bootstrapComplete) {\n return next();\n }\n\n // Skip bootstrap for static assets and health checks\n const path = c.req.path;\n if (\n path.startsWith(\"/images/\") ||\n path.startsWith(\"/assets/\") ||\n path === \"/health\" ||\n path.endsWith(\".js\") ||\n path.endsWith(\".css\") ||\n path.endsWith(\".png\") ||\n path.endsWith(\".jpg\") ||\n path.endsWith(\".ico\")\n ) {\n return next();\n }\n\n try {\n console.log(\"[Bootstrap] Starting system initialization...\");\n\n // 1. Run database migrations first\n console.log(\"[Bootstrap] Running database migrations...\");\n const migrationService = new MigrationService(c.env.DB);\n await migrationService.runPendingMigrations();\n\n // 2. Sync collection configurations\n console.log(\"[Bootstrap] Syncing collection configurations...\");\n try {\n await syncCollections(c.env.DB);\n } catch (error) {\n console.error(\"[Bootstrap] Error syncing collections:\", error);\n // Continue bootstrap even if collection sync fails\n }\n\n // 3. Bootstrap core plugins (unless disableAll is set)\n if (!config.plugins?.disableAll) {\n console.log(\"[Bootstrap] Bootstrapping core plugins...\");\n const bootstrapService = new PluginBootstrapService(c.env.DB);\n\n // Check if bootstrap is needed\n const needsBootstrap = await bootstrapService.isBootstrapNeeded();\n if (needsBootstrap) {\n await bootstrapService.bootstrapCorePlugins();\n }\n } else {\n console.log(\"[Bootstrap] Plugin bootstrap skipped (disableAll is true)\");\n }\n\n // Mark bootstrap as complete for this worker instance\n bootstrapComplete = true;\n console.log(\"[Bootstrap] System initialization completed\");\n } catch (error) {\n console.error(\"[Bootstrap] Error during system initialization:\", error);\n // Don't prevent the app from starting, but log the error\n }\n\n return next();\n };\n}\n\n/**\n * Reset bootstrap flag (useful for testing)\n */\nexport function resetBootstrap() {\n bootstrapComplete = false;\n}\n","import { sign, verify } from 'hono/jwt'\nimport { Context, Next } from 'hono'\nimport { getCookie, setCookie } from 'hono/cookie'\n\ntype JWTPayload = {\n userId: string\n email: string\n role: string\n exp: number\n iat: number\n}\n\n// JWT secret - in production this should come from environment variables\nconst JWT_SECRET = 'your-super-secret-jwt-key-change-in-production'\n\nexport class AuthManager {\n static async generateToken(userId: string, email: string, role: string): Promise<string> {\n const payload: JWTPayload = {\n userId,\n email,\n role,\n exp: Math.floor(Date.now() / 1000) + (60 * 60 * 24), // 24 hours\n iat: Math.floor(Date.now() / 1000)\n }\n \n return await sign(payload, JWT_SECRET, 'HS256')\n }\n\n static async verifyToken(token: string): Promise<JWTPayload | null> {\n try {\n const payload = await verify(token, JWT_SECRET, 'HS256') as JWTPayload\n \n // Check if token is expired\n if (payload.exp < Math.floor(Date.now() / 1000)) {\n return null\n }\n \n return payload\n } catch (error) {\n console.error('Token verification failed:', error)\n return null\n }\n }\n\n static async hashPassword(password: string): Promise<string> {\n // In Cloudflare Workers, we'll use Web Crypto API\n const encoder = new TextEncoder()\n const data = encoder.encode(password + 'salt-change-in-production')\n const hashBuffer = await crypto.subtle.digest('SHA-256', data)\n const hashArray = Array.from(new Uint8Array(hashBuffer))\n return hashArray.map(b => b.toString(16).padStart(2, '0')).join('')\n }\n\n static async verifyPassword(password: string, hash: string): Promise<boolean> {\n const passwordHash = await this.hashPassword(password)\n return passwordHash === hash\n }\n\n /**\n * Set authentication cookie - useful for plugins implementing alternative auth methods\n * @param c - Hono context\n * @param token - JWT token to set in cookie\n * @param options - Optional cookie configuration\n */\n static setAuthCookie(c: Context, token: string, options?: {\n maxAge?: number\n secure?: boolean\n httpOnly?: boolean\n sameSite?: 'Strict' | 'Lax' | 'None'\n }): void {\n setCookie(c, 'auth_token', token, {\n httpOnly: options?.httpOnly ?? true,\n secure: options?.secure ?? true,\n sameSite: options?.sameSite ?? 'Strict',\n maxAge: options?.maxAge ?? (60 * 60 * 24) // 24 hours default\n })\n }\n}\n\n// Middleware to require authentication\nexport const requireAuth = () => {\n return async (c: Context, next: Next) => {\n try {\n // Try to get token from Authorization header\n let token = c.req.header('Authorization')?.replace('Bearer ', '')\n\n // If no header token, try cookie\n if (!token) {\n token = getCookie(c, 'auth_token')\n }\n\n if (!token) {\n // Check if this is a browser request (HTML accept header)\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Please login to access the admin area')\n }\n return c.json({ error: 'Authentication required' }, 401)\n }\n\n // Try to get cached token verification from KV\n const kv = c.env?.KV\n let payload: JWTPayload | null = null\n\n if (kv) {\n const cacheKey = `auth:${token.substring(0, 20)}` // Use token prefix as key\n const cached = await kv.get(cacheKey, 'json')\n if (cached) {\n payload = cached as JWTPayload\n }\n }\n\n // If not cached, verify token\n if (!payload) {\n payload = await AuthManager.verifyToken(token)\n\n // Cache the verified payload for 5 minutes\n if (payload && kv) {\n const cacheKey = `auth:${token.substring(0, 20)}`\n await kv.put(cacheKey, JSON.stringify(payload), { expirationTtl: 300 })\n }\n }\n\n if (!payload) {\n // Check if this is a browser request (HTML accept header)\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Your session has expired, please login again')\n }\n return c.json({ error: 'Invalid or expired token' }, 401)\n }\n\n // Add user info to context\n c.set('user', payload)\n\n return await next()\n } catch (error) {\n console.error('Auth middleware error:', error)\n // Check if this is a browser request (HTML accept header)\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Authentication failed, please login again')\n }\n return c.json({ error: 'Authentication failed' }, 401)\n }\n }\n}\n\n// Middleware to require specific role\nexport const requireRole = (requiredRole: string | string[]) => {\n return async (c: Context, next: Next) => {\n const user = c.get('user') as JWTPayload\n \n if (!user) {\n // Check if this is a browser request (HTML accept header)\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Please login to access the admin area')\n }\n return c.json({ error: 'Authentication required' }, 401)\n }\n \n const roles = Array.isArray(requiredRole) ? requiredRole : [requiredRole]\n \n if (!roles.includes(user.role)) {\n // Check if this is a browser request (HTML accept header)\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=You do not have permission to access this area')\n }\n return c.json({ error: 'Insufficient permissions' }, 403)\n }\n \n return await next()\n }\n}\n\n// Optional auth middleware (doesn't block if no token)\nexport const optionalAuth = () => {\n return async (c: Context, next: Next) => {\n try {\n let token = c.req.header('Authorization')?.replace('Bearer ', '')\n \n if (!token) {\n token = getCookie(c, 'auth_token')\n }\n \n if (token) {\n const payload = await AuthManager.verifyToken(token)\n if (payload) {\n c.set('user', payload)\n }\n }\n \n return await next()\n } catch (error) {\n // Don't block on auth errors in optional auth\n console.error('Optional auth error:', error)\n return await next()\n }\n }\n}\n","import { MiddlewareHandler } from 'hono'\nimport { metricsTracker } from '../utils/metrics'\n\n/**\n * Middleware to track all HTTP requests for real-time analytics\n * Excludes the metrics endpoint itself to avoid inflating the count\n */\nexport const metricsMiddleware = (): MiddlewareHandler => {\n return async (c, next) => {\n const path = new URL(c.req.url).pathname\n\n // Don't track the metrics endpoint itself to avoid self-inflating counts\n if (path !== '/admin/dashboard/api/metrics') {\n metricsTracker.recordRequest()\n }\n\n // Continue with the request\n await next()\n }\n}\n","/**\n * Middleware Module Exports\n *\n * Request processing middleware for SonicJS\n *\n * Note: Most middleware is currently in the monolith and will be migrated later.\n * For now, we only export the bootstrap middleware which is used for system initialization.\n */\n\n// Bootstrap middleware\nexport { bootstrapMiddleware } from './bootstrap'\n\n// Auth middleware\nexport { AuthManager, requireAuth, requireRole, optionalAuth } from './auth'\n\n// Metrics middleware\nexport { metricsMiddleware } from './metrics'\n\n// Re-export types and functions that are referenced but implemented in monolith\n// These are placeholder exports to maintain API compatibility\nexport type Permission = string\nexport type UserPermissions = {\n userId: string\n permissions: Permission[]\n}\n\n// Middleware stubs - these return pass-through middleware that call next()\nexport const loggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const detailedLoggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const securityLoggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const performanceLoggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const cacheHeaders: any = () => async (_c: any, next: any) => await next()\nexport const compressionMiddleware: any = async (_c: any, next: any) => await next()\nexport const securityHeaders: any = () => async (_c: any, next: any) => await next()\n\n// Other stubs\nexport const PermissionManager: any = {}\nexport const requirePermission: any = () => async (_c: any, next: any) => await next()\nexport const requireAnyPermission: any = () => async (_c: any, next: any) => await next()\nexport const logActivity: any = () => {}\nexport const requireActivePlugin: any = () => async (_c: any, next: any) => await next()\nexport const requireActivePlugins: any = () => async (_c: any, next: any) => await next()\nexport const getActivePlugins: any = () => []\nexport const isPluginActive: any = () => false\n"]}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
+
var chunkYHW27CBV_cjs = require('./chunk-YHW27CBV.cjs');
|
|
3
4
|
var chunkKYGRJCZM_cjs = require('./chunk-KYGRJCZM.cjs');
|
|
4
5
|
var chunkIGJUBJBW_cjs = require('./chunk-IGJUBJBW.cjs');
|
|
5
6
|
var zod = require('zod');
|
|
@@ -3083,11 +3084,288 @@ var PluginManager = class {
|
|
|
3083
3084
|
}
|
|
3084
3085
|
};
|
|
3085
3086
|
|
|
3087
|
+
// src/plugins/core-plugins/turnstile-plugin/manifest.json
|
|
3088
|
+
var manifest_default = {
|
|
3089
|
+
id: "turnstile",
|
|
3090
|
+
name: "Cloudflare Turnstile",
|
|
3091
|
+
description: "CAPTCHA-free bot protection using Cloudflare Turnstile. Provides reusable verification for any form.",
|
|
3092
|
+
version: "1.0.0",
|
|
3093
|
+
author: "SonicJS",
|
|
3094
|
+
category: "security",
|
|
3095
|
+
icon: "shield-check",
|
|
3096
|
+
homepage: "https://developers.cloudflare.com/turnstile/",
|
|
3097
|
+
repository: "https://github.com/sonicjs/sonicjs",
|
|
3098
|
+
license: "MIT",
|
|
3099
|
+
permissions: ["settings:write", "admin:access"],
|
|
3100
|
+
dependencies: [],
|
|
3101
|
+
configSchema: {
|
|
3102
|
+
siteKey: {
|
|
3103
|
+
type: "string",
|
|
3104
|
+
label: "Site Key",
|
|
3105
|
+
description: "Your Cloudflare Turnstile site key (public)",
|
|
3106
|
+
required: true
|
|
3107
|
+
},
|
|
3108
|
+
secretKey: {
|
|
3109
|
+
type: "string",
|
|
3110
|
+
label: "Secret Key",
|
|
3111
|
+
description: "Your Cloudflare Turnstile secret key (private)",
|
|
3112
|
+
required: true,
|
|
3113
|
+
sensitive: true
|
|
3114
|
+
},
|
|
3115
|
+
theme: {
|
|
3116
|
+
type: "select",
|
|
3117
|
+
label: "Widget Theme",
|
|
3118
|
+
description: "Visual theme for the Turnstile widget",
|
|
3119
|
+
default: "auto",
|
|
3120
|
+
options: [
|
|
3121
|
+
{ value: "light", label: "Light" },
|
|
3122
|
+
{ value: "dark", label: "Dark" },
|
|
3123
|
+
{ value: "auto", label: "Auto" }
|
|
3124
|
+
]
|
|
3125
|
+
},
|
|
3126
|
+
size: {
|
|
3127
|
+
type: "select",
|
|
3128
|
+
label: "Widget Size",
|
|
3129
|
+
description: "Size of the Turnstile widget",
|
|
3130
|
+
default: "normal",
|
|
3131
|
+
options: [
|
|
3132
|
+
{ value: "normal", label: "Normal" },
|
|
3133
|
+
{ value: "compact", label: "Compact" }
|
|
3134
|
+
]
|
|
3135
|
+
},
|
|
3136
|
+
mode: {
|
|
3137
|
+
type: "select",
|
|
3138
|
+
label: "Widget Mode",
|
|
3139
|
+
description: "Managed: Adaptive challenge. Non-Interactive: Always visible, minimal friction. Invisible: No visible widget",
|
|
3140
|
+
default: "managed",
|
|
3141
|
+
options: [
|
|
3142
|
+
{ value: "managed", label: "Managed (Recommended)" },
|
|
3143
|
+
{ value: "non-interactive", label: "Non-Interactive" },
|
|
3144
|
+
{ value: "invisible", label: "Invisible" }
|
|
3145
|
+
]
|
|
3146
|
+
},
|
|
3147
|
+
appearance: {
|
|
3148
|
+
type: "select",
|
|
3149
|
+
label: "Appearance",
|
|
3150
|
+
description: "When the Turnstile challenge is executed. Always: Verifies immediately. Execute: Challenge on form submit. Interaction Only: Only after user interaction",
|
|
3151
|
+
default: "always",
|
|
3152
|
+
options: [
|
|
3153
|
+
{ value: "always", label: "Always" },
|
|
3154
|
+
{ value: "execute", label: "Execute" },
|
|
3155
|
+
{ value: "interaction-only", label: "Interaction Only" }
|
|
3156
|
+
]
|
|
3157
|
+
},
|
|
3158
|
+
preClearance: {
|
|
3159
|
+
type: "boolean",
|
|
3160
|
+
label: "Enable Pre-clearance",
|
|
3161
|
+
description: "Issue a clearance cookie that bypasses Cloudflare Firewall Rules (as if the user passed a challenge on your proxied site)",
|
|
3162
|
+
default: false
|
|
3163
|
+
},
|
|
3164
|
+
preClearanceLevel: {
|
|
3165
|
+
type: "select",
|
|
3166
|
+
label: "Pre-clearance Level",
|
|
3167
|
+
description: "Controls which Cloudflare Firewall Rules the clearance cookie bypasses. Only applies if Pre-clearance is enabled",
|
|
3168
|
+
default: "managed",
|
|
3169
|
+
options: [
|
|
3170
|
+
{ value: "interactive", label: "Interactive - Bypasses Interactive, Managed & JS Challenge Rules" },
|
|
3171
|
+
{ value: "managed", label: "Managed - Bypasses Managed & JS Challenge Rules" },
|
|
3172
|
+
{ value: "non-interactive", label: "Non-interactive - Bypasses JS Challenge Rules only" }
|
|
3173
|
+
]
|
|
3174
|
+
},
|
|
3175
|
+
enabled: {
|
|
3176
|
+
type: "boolean",
|
|
3177
|
+
label: "Enable Turnstile",
|
|
3178
|
+
description: "Enable or disable Turnstile verification globally",
|
|
3179
|
+
default: true
|
|
3180
|
+
}
|
|
3181
|
+
},
|
|
3182
|
+
adminMenu: {
|
|
3183
|
+
label: "Turnstile",
|
|
3184
|
+
icon: "shield-check",
|
|
3185
|
+
href: "/admin/plugins/turnstile/settings",
|
|
3186
|
+
parentId: "plugins",
|
|
3187
|
+
order: 100
|
|
3188
|
+
}
|
|
3189
|
+
};
|
|
3190
|
+
|
|
3191
|
+
// src/plugins/core-plugins/turnstile-plugin/services/turnstile.ts
|
|
3192
|
+
var TurnstileService = class {
|
|
3193
|
+
db;
|
|
3194
|
+
VERIFY_URL = "https://challenges.cloudflare.com/turnstile/v0/siteverify";
|
|
3195
|
+
constructor(db) {
|
|
3196
|
+
this.db = db;
|
|
3197
|
+
}
|
|
3198
|
+
/**
|
|
3199
|
+
* Get Turnstile settings from database
|
|
3200
|
+
*/
|
|
3201
|
+
async getSettings() {
|
|
3202
|
+
try {
|
|
3203
|
+
const plugin = await this.db.prepare(`SELECT settings FROM plugins WHERE id = ? LIMIT 1`).bind(manifest_default.id).first();
|
|
3204
|
+
if (!plugin || !plugin.settings) {
|
|
3205
|
+
return null;
|
|
3206
|
+
}
|
|
3207
|
+
return JSON.parse(plugin.settings);
|
|
3208
|
+
} catch (error) {
|
|
3209
|
+
console.error("Error getting Turnstile settings:", error);
|
|
3210
|
+
return null;
|
|
3211
|
+
}
|
|
3212
|
+
}
|
|
3213
|
+
/**
|
|
3214
|
+
* Verify a Turnstile token with Cloudflare
|
|
3215
|
+
*/
|
|
3216
|
+
async verifyToken(token, remoteIp) {
|
|
3217
|
+
try {
|
|
3218
|
+
const settings = await this.getSettings();
|
|
3219
|
+
if (!settings) {
|
|
3220
|
+
return { success: false, error: "Turnstile not configured" };
|
|
3221
|
+
}
|
|
3222
|
+
if (!settings.enabled) {
|
|
3223
|
+
return { success: true };
|
|
3224
|
+
}
|
|
3225
|
+
if (!settings.secretKey) {
|
|
3226
|
+
return { success: false, error: "Turnstile secret key not configured" };
|
|
3227
|
+
}
|
|
3228
|
+
const formData = new FormData();
|
|
3229
|
+
formData.append("secret", settings.secretKey);
|
|
3230
|
+
formData.append("response", token);
|
|
3231
|
+
if (remoteIp) {
|
|
3232
|
+
formData.append("remoteip", remoteIp);
|
|
3233
|
+
}
|
|
3234
|
+
const response = await fetch(this.VERIFY_URL, {
|
|
3235
|
+
method: "POST",
|
|
3236
|
+
body: formData
|
|
3237
|
+
});
|
|
3238
|
+
if (!response.ok) {
|
|
3239
|
+
return { success: false, error: "Turnstile verification request failed" };
|
|
3240
|
+
}
|
|
3241
|
+
const result = await response.json();
|
|
3242
|
+
if (!result.success) {
|
|
3243
|
+
const errorCode = result["error-codes"]?.[0] || "unknown-error";
|
|
3244
|
+
return { success: false, error: `Turnstile verification failed: ${errorCode}` };
|
|
3245
|
+
}
|
|
3246
|
+
return { success: true };
|
|
3247
|
+
} catch (error) {
|
|
3248
|
+
console.error("Error verifying Turnstile token:", error);
|
|
3249
|
+
return { success: false, error: "Turnstile verification error" };
|
|
3250
|
+
}
|
|
3251
|
+
}
|
|
3252
|
+
/**
|
|
3253
|
+
* Save Turnstile settings to database
|
|
3254
|
+
*/
|
|
3255
|
+
async saveSettings(settings) {
|
|
3256
|
+
try {
|
|
3257
|
+
await this.db.prepare(`UPDATE plugins SET settings = ?, updated_at = ? WHERE id = ?`).bind(JSON.stringify(settings), Date.now(), manifest_default.id).run();
|
|
3258
|
+
console.log("Turnstile settings saved successfully");
|
|
3259
|
+
} catch (error) {
|
|
3260
|
+
console.error("Error saving Turnstile settings:", error);
|
|
3261
|
+
throw new Error("Failed to save Turnstile settings");
|
|
3262
|
+
}
|
|
3263
|
+
}
|
|
3264
|
+
/**
|
|
3265
|
+
* Check if Turnstile is enabled
|
|
3266
|
+
*/
|
|
3267
|
+
async isEnabled() {
|
|
3268
|
+
const settings = await this.getSettings();
|
|
3269
|
+
return settings?.enabled === true && !!settings.siteKey && !!settings.secretKey;
|
|
3270
|
+
}
|
|
3271
|
+
};
|
|
3272
|
+
|
|
3273
|
+
// src/plugins/core-plugins/turnstile-plugin/middleware/verify.ts
|
|
3274
|
+
async function verifyTurnstile(c, next) {
|
|
3275
|
+
const db = c.get("db") || c.env?.DB;
|
|
3276
|
+
if (!db) {
|
|
3277
|
+
console.error("Turnstile middleware: Database not available");
|
|
3278
|
+
return c.json({ error: "Database not available" }, 500);
|
|
3279
|
+
}
|
|
3280
|
+
const turnstileService = new TurnstileService(db);
|
|
3281
|
+
const isEnabled = await turnstileService.isEnabled();
|
|
3282
|
+
if (!isEnabled) {
|
|
3283
|
+
return next();
|
|
3284
|
+
}
|
|
3285
|
+
let token;
|
|
3286
|
+
let body;
|
|
3287
|
+
if (c.req.method === "POST") {
|
|
3288
|
+
const contentType = c.req.header("content-type") || "";
|
|
3289
|
+
if (contentType.includes("application/json")) {
|
|
3290
|
+
body = await c.req.json();
|
|
3291
|
+
token = body["cf-turnstile-response"] || body["turnstile-token"];
|
|
3292
|
+
c.set("requestBody", body);
|
|
3293
|
+
} else if (contentType.includes("application/x-www-form-urlencoded") || contentType.includes("multipart/form-data")) {
|
|
3294
|
+
const formData = await c.req.formData();
|
|
3295
|
+
token = formData.get("cf-turnstile-response")?.toString() || formData.get("turnstile-token")?.toString();
|
|
3296
|
+
}
|
|
3297
|
+
}
|
|
3298
|
+
if (!token) {
|
|
3299
|
+
return c.json({
|
|
3300
|
+
error: "Turnstile token missing",
|
|
3301
|
+
message: "Please complete the verification challenge"
|
|
3302
|
+
}, 400);
|
|
3303
|
+
}
|
|
3304
|
+
const remoteIp = c.req.header("cf-connecting-ip") || c.req.header("x-forwarded-for");
|
|
3305
|
+
const result = await turnstileService.verifyToken(token, remoteIp);
|
|
3306
|
+
if (!result.success) {
|
|
3307
|
+
return c.json({
|
|
3308
|
+
error: "Turnstile verification failed",
|
|
3309
|
+
message: result.error || "Verification failed. Please try again."
|
|
3310
|
+
}, 403);
|
|
3311
|
+
}
|
|
3312
|
+
return next();
|
|
3313
|
+
}
|
|
3314
|
+
function createTurnstileMiddleware(options) {
|
|
3315
|
+
return async (c, next) => {
|
|
3316
|
+
const db = c.get("db") || c.env?.DB;
|
|
3317
|
+
if (!db) {
|
|
3318
|
+
return options?.onError?.(c, "Database not available") || c.json({ error: "Database not available" }, 500);
|
|
3319
|
+
}
|
|
3320
|
+
const turnstileService = new TurnstileService(db);
|
|
3321
|
+
const isEnabled = await turnstileService.isEnabled();
|
|
3322
|
+
if (!isEnabled) {
|
|
3323
|
+
return next();
|
|
3324
|
+
}
|
|
3325
|
+
let token;
|
|
3326
|
+
const contentType = c.req.header("content-type") || "";
|
|
3327
|
+
if (contentType.includes("application/json")) {
|
|
3328
|
+
const body = await c.req.json();
|
|
3329
|
+
token = body["cf-turnstile-response"] || body["turnstile-token"];
|
|
3330
|
+
c.set("requestBody", body);
|
|
3331
|
+
} else if (contentType.includes("application/x-www-form-urlencoded") || contentType.includes("multipart/form-data")) {
|
|
3332
|
+
const formData = await c.req.formData();
|
|
3333
|
+
token = formData.get("cf-turnstile-response")?.toString() || formData.get("turnstile-token")?.toString();
|
|
3334
|
+
}
|
|
3335
|
+
if (!token) {
|
|
3336
|
+
return options?.onMissing?.(c) || c.json({ error: "Turnstile token missing" }, 400);
|
|
3337
|
+
}
|
|
3338
|
+
const remoteIp = c.req.header("cf-connecting-ip") || c.req.header("x-forwarded-for");
|
|
3339
|
+
const result = await turnstileService.verifyToken(token, remoteIp);
|
|
3340
|
+
if (!result.success) {
|
|
3341
|
+
return options?.onError?.(c, result.error || "Verification failed") || c.json({ error: "Turnstile verification failed", message: result.error }, 403);
|
|
3342
|
+
}
|
|
3343
|
+
return next();
|
|
3344
|
+
};
|
|
3345
|
+
}
|
|
3346
|
+
|
|
3347
|
+
// src/plugins/core-plugins/turnstile-plugin/index.ts
|
|
3348
|
+
new chunkYHW27CBV_cjs.PluginBuilder({
|
|
3349
|
+
name: manifest_default.name,
|
|
3350
|
+
version: manifest_default.version,
|
|
3351
|
+
description: manifest_default.description,
|
|
3352
|
+
author: { name: manifest_default.author }
|
|
3353
|
+
}).metadata({
|
|
3354
|
+
description: manifest_default.description,
|
|
3355
|
+
author: { name: manifest_default.author }
|
|
3356
|
+
}).addService("turnstile", TurnstileService).addSingleMiddleware("verifyTurnstile", verifyTurnstile, {
|
|
3357
|
+
description: "Verify Cloudflare Turnstile token",
|
|
3358
|
+
global: false
|
|
3359
|
+
}).build();
|
|
3360
|
+
|
|
3086
3361
|
exports.HookSystemImpl = HookSystemImpl;
|
|
3087
3362
|
exports.HookUtils = HookUtils;
|
|
3088
3363
|
exports.PluginManager = PluginManager;
|
|
3089
3364
|
exports.PluginRegistryImpl = PluginRegistryImpl;
|
|
3090
3365
|
exports.PluginValidator = PluginValidator;
|
|
3091
3366
|
exports.ScopedHookSystem = ScopedHookSystem;
|
|
3092
|
-
|
|
3093
|
-
|
|
3367
|
+
exports.TurnstileService = TurnstileService;
|
|
3368
|
+
exports.createTurnstileMiddleware = createTurnstileMiddleware;
|
|
3369
|
+
exports.verifyTurnstile = verifyTurnstile;
|
|
3370
|
+
//# sourceMappingURL=chunk-Y72M3MVX.cjs.map
|
|
3371
|
+
//# sourceMappingURL=chunk-Y72M3MVX.cjs.map
|