npm - @spfn/notification - Versions diffs - 0.1.0-beta.22 → 0.1.0-beta.24 - Mend

@spfn/notification 0.1.0-beta.22 → 0.1.0-beta.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/server.js CHANGED Viewed

@@ -206,9 +206,12 @@ var awsSesProvider = {
 };
 // src/tracking/token.ts
-import { createHmac } from "crypto";
-function toBase64Url(buffer) {
-  return buffer.toString("base64url");
+import { createHmac, createHash, timingSafeEqual } from "crypto";
+function hashClickUrl(url) {
+  return createHash("sha256").update(url).digest("hex").slice(0, 16);
+}
+function toBase64Url(buffer2) {
+  return buffer2.toString("base64url");
 }
 function fromBase64Url(str) {
   return Buffer.from(str, "base64url").toString("utf8");
@@ -237,7 +240,9 @@ function verify(token) {
   const payload = fromBase64Url(payloadEncoded);
   const expectedHmac = createHmac("sha256", secret).update(payload).digest();
   const expectedHmacEncoded = toBase64Url(expectedHmac);
-  if (hmacEncoded !== expectedHmacEncoded) {
+  const provided = Buffer.from(hmacEncoded);
+  const expected = Buffer.from(expectedHmacEncoded);
+  if (provided.length !== expected.length || !timingSafeEqual(provided, expected)) {
     return { valid: false };
   }
   return { valid: true, payload };
@@ -245,8 +250,8 @@ function verify(token) {
 function generateOpenToken(notificationId) {
   return sign(`o:${notificationId}`);
 }
-function generateClickToken(notificationId, linkIndex) {
-  return sign(`c:${notificationId}:${linkIndex}`);
+function generateClickToken(notificationId, linkIndex, url) {
+  return sign(`c:${notificationId}:${linkIndex}:${hashClickUrl(url)}`);
 }
 function verifyOpenToken(token) {
   const result = verify(token);
@@ -264,14 +269,15 @@ function verifyClickToken(token) {
   if (!result.valid || !result.payload) {
     return { valid: false };
   }
-  const match = result.payload.match(/^c:(\d+):(\d+)$/);
+  const match = result.payload.match(/^c:(\d+):(\d+)(?::([0-9a-f]{16}))?$/);
   if (!match) {
     return { valid: false };
   }
   return {
     valid: true,
     notificationId: Number(match[1]),
-    linkIndex: Number(match[2])
+    linkIndex: Number(match[2]),
+    urlHash: match[3]
   };
 }
@@ -296,7 +302,7 @@ function processTrackingHtml(html, options) {
         return match;
       }
       const currentIndex = linkIndex++;
-      const clickToken = generateClickToken(notificationId, currentIndex);
+      const clickToken = generateClickToken(notificationId, currentIndex, url);
       const trackingUrl = `${baseUrl}/_noti/t/c/${clickToken}?url=${encodeURIComponent(url)}`;
       trackedLinks.push({ index: currentIndex, url });
       return `<a ${before}href="${trackingUrl}"${after}>`;
@@ -381,10 +387,24 @@ function parseExpression(expr) {
     arg: filterPart.slice(colonIndex + 1)
   };
 }
+var BLOCKED_PATH_SEGMENTS = /* @__PURE__ */ new Set(["__proto__", "prototype", "constructor"]);
+var HTML_ESCAPES = {
+  "&": "&amp;",
+  "<": "&lt;",
+  ">": "&gt;",
+  '"': "&quot;",
+  "'": "&#39;"
+};
+function escapeHtml(value) {
+  return value.replace(/[&<>"']/g, (ch) => HTML_ESCAPES[ch]);
+}
 function getValue(data, path) {
   const parts = path.split(".");
   let value = data;
   for (const part of parts) {
+    if (BLOCKED_PATH_SEGMENTS.has(part)) {
+      return void 0;
+    }
     if (value === null || value === void 0) {
       return void 0;
     }
@@ -392,17 +412,19 @@ function getValue(data, path) {
   }
   return value;
 }
-function render(template, data) {
+function render(template, data, options = {}) {
+  const escape = options.escape ?? false;
   return template.replace(/\{\{([^}]+)\}\}/g, (match, expr) => {
     const { variable, filter, arg } = parseExpression(expr.trim());
-    let value = getValue(data, variable);
+    const value = getValue(data, variable);
     if (value === void 0) {
       return match;
     }
-    if (filter && filters[filter]) {
-      return filters[filter](value, arg);
+    if (filter === "raw") {
+      return String(value);
     }
-    return String(value);
+    const rendered = filter && filters[filter] ? filters[filter](value, arg) : String(value);
+    return escape ? escapeHtml(rendered) : rendered;
   });
 }
 function registerFilter(name, fn) {
@@ -444,7 +466,8 @@ function renderTemplate(name, data, channel) {
 function renderEmailTemplate(template, data) {
   return {
     subject: render(template.subject, data),
-    html: template.html ? render(template.html, data) : void 0,
+    // Escape interpolated values on the HTML path (caller data → markup injection).
+    html: template.html ? render(template.html, data, { escape: true }) : void 0,
     text: template.text ? render(template.text, data) : void 0
   };
 }
@@ -597,8 +620,8 @@ function registerBuiltinTemplates() {
 }
 // src/services/notification.service.ts
-import { create, createMany, findOne, findMany, updateOne, count } from "@spfn/core/db";
-import { desc, eq, and, gte, lte } from "drizzle-orm";
+import { create, createMany, findOne, findMany, updateOne, count, getDatabase } from "@spfn/core/db";
+import { desc, eq, and, gte, lte, count as drizzleCount } from "drizzle-orm";
 // src/entities/schema.ts
 import { createSchema } from "@spfn/core/db";
@@ -840,15 +863,33 @@ async function countNotifications(options = {}) {
   return await count(notifications);
 }
 async function getNotificationStats(options = {}) {
-  const [total, scheduled, pending, sent, failed, cancelled] = await Promise.all([
-    countNotifications(options),
-    countNotifications({ ...options, status: "scheduled" }),
-    countNotifications({ ...options, status: "pending" }),
-    countNotifications({ ...options, status: "sent" }),
-    countNotifications({ ...options, status: "failed" }),
-    countNotifications({ ...options, status: "cancelled" })
-  ]);
-  return { total, scheduled, pending, sent, failed, cancelled };
+  const conditions = [];
+  if (options.channel) {
+    conditions.push(eq(notifications.channel, options.channel));
+  }
+  if (options.from) {
+    conditions.push(gte(notifications.createdAt, options.from));
+  }
+  if (options.to) {
+    conditions.push(lte(notifications.createdAt, options.to));
+  }
+  const rows = await getDatabase("read").select({ status: notifications.status, count: drizzleCount() }).from(notifications).where(conditions.length > 0 ? and(...conditions) : void 0).groupBy(notifications.status);
+  const stats = {
+    total: 0,
+    scheduled: 0,
+    pending: 0,
+    sent: 0,
+    failed: 0,
+    cancelled: 0
+  };
+  for (const row of rows) {
+    const n = Number(row.count);
+    stats.total += n;
+    if (row.status && row.status in stats) {
+      stats[row.status] = n;
+    }
+  }
+  return stats;
 }
 async function findScheduledNotifications(options = {}) {
   const conditions = [eq(notifications.status, "scheduled")];
@@ -1786,11 +1827,11 @@ function IsTemplateLiteralFinite(schema) {
 // ../../node_modules/.pnpm/@sinclair+typebox@0.34.41/node_modules/@sinclair/typebox/build/esm/type/template-literal/generate.mjs
 var TemplateLiteralGenerateError = class extends TypeBoxError {
 };
-function* GenerateReduce(buffer) {
-  if (buffer.length === 1)
-    return yield* buffer[0];
-  for (const left of buffer[0]) {
-    for (const right of GenerateReduce(buffer.slice(1))) {
+function* GenerateReduce(buffer2) {
+  if (buffer2.length === 1)
+    return yield* buffer2[0];
+  for (const left of buffer2[0]) {
+    for (const right of GenerateReduce(buffer2.slice(1))) {
       yield `${left}${right}`;
     }
   }
@@ -3623,15 +3664,8 @@ async function sendEmail(params) {
     log2.error("Email send failed", { to: recipients, subject, error: result.error });
   }
   if (historyId && isHistoryEnabled()) {
-    try {
-      if (result.success) {
-        await markNotificationSent(historyId, result.messageId);
-      } else {
-        await markNotificationFailed(historyId, result.error || "Unknown error");
-      }
-    } catch (error) {
-      log2.warn("Failed to update notification history record", error);
-    }
+    const update = result.success ? markNotificationSent(historyId, result.messageId) : markNotificationFailed(historyId, result.error || "Unknown error");
+    update.catch((error) => log2.warn("Failed to update notification history record", error));
   }
   return result;
 }
@@ -3928,8 +3962,7 @@ async function sendSMS(params) {
     };
   }
   const provider = getProvider2();
-  const results = [];
-  for (const recipient of recipients) {
+  const sendOne = async (recipient) => {
     const normalizedPhone = normalizePhoneNumber(recipient);
     const internalParams = {
       to: normalizedPhone,
@@ -3958,18 +3991,12 @@ async function sendSMS(params) {
       log4.error("SMS send failed", { to: normalizedPhone, error: result.error });
     }
     if (historyId && isHistoryEnabled()) {
-      try {
-        if (result.success) {
-          await markNotificationSent(historyId, result.messageId);
-        } else {
-          await markNotificationFailed(historyId, result.error || "Unknown error");
-        }
-      } catch (error) {
-        log4.warn("Failed to update notification history record", error);
-      }
+      const update = result.success ? markNotificationSent(historyId, result.messageId) : markNotificationFailed(historyId, result.error || "Unknown error");
+      update.catch((error) => log4.warn("Failed to update notification history record", error));
     }
-    results.push(result);
-  }
+    return result;
+  };
+  const results = await runWithConcurrency(recipients, sendOne);
   const allSuccess = results.every((r) => r.success);
   const messageIds = results.filter((r) => r.messageId).map((r) => r.messageId).join(",");
   const errors = results.filter((r) => r.error).map((r) => r.error).join("; ");
@@ -4248,15 +4275,8 @@ async function sendSlack(params) {
     log6.error("Slack send failed", { error: result.error });
   }
   if (historyId && isHistoryEnabled()) {
-    try {
-      if (result.success) {
-        await markNotificationSent(historyId, result.messageId);
-      } else {
-        await markNotificationFailed(historyId, result.error || "Unknown error");
-      }
-    } catch (error) {
-      log6.warn("Failed to update notification history record", error);
-    }
+    const update = result.success ? markNotificationSent(historyId, result.messageId) : markNotificationFailed(historyId, result.error || "Unknown error");
+    update.catch((error) => log6.warn("Failed to update notification history record", error));
   }
   return result;
 }
@@ -4768,37 +4788,66 @@ import { route } from "@spfn/core/route";
 import { defineRouter } from "@spfn/core/route";
 // src/tracking/tracking.service.ts
-import { create as create2, getDatabase } from "@spfn/core/db";
-import { eq as eq2, and as and2, gte as gte2, lte as lte2, count as drizzleCount, countDistinct } from "drizzle-orm";
+import { getDatabase as getDatabase2 } from "@spfn/core/db";
+import { eq as eq2, and as and2, gte as gte2, lte as lte2, count as drizzleCount2, countDistinct } from "drizzle-orm";
 import { logger as logger7 } from "@spfn/core/logger";
 var log7 = logger7.child("@spfn/notification:tracking");
+var FLUSH_SIZE = 200;
+var FLUSH_INTERVAL_MS = 2e3;
+var MAX_BUFFER = 1e4;
+var buffer = [];
+var flushTimer = null;
+async function flushTrackingEvents() {
+  if (flushTimer) {
+    clearTimeout(flushTimer);
+    flushTimer = null;
+  }
+  if (buffer.length === 0) {
+    return;
+  }
+  const batch = buffer.splice(0, buffer.length);
+  try {
+    await getDatabase2("write").insert(trackingEvents).values(batch);
+  } catch (error) {
+    log7.warn(`Failed to flush ${batch.length} tracking events`, error);
+  }
+}
+function enqueueTrackingEvent(event) {
+  if (buffer.length >= MAX_BUFFER) {
+    log7.warn("Tracking buffer full \u2014 dropping event");
+    return;
+  }
+  buffer.push(event);
+  if (buffer.length >= FLUSH_SIZE) {
+    void flushTrackingEvents();
+  } else if (!flushTimer) {
+    flushTimer = setTimeout(() => void flushTrackingEvents(), FLUSH_INTERVAL_MS);
+    flushTimer.unref?.();
+  }
+}
 function recordOpenEvent(notificationId, meta) {
-  create2(trackingEvents, {
+  enqueueTrackingEvent({
     notificationId,
     type: "open",
     ipAddress: meta?.ipAddress,
     userAgent: meta?.userAgent
-  }).catch((error) => {
-    log7.warn("Failed to record open event", error);
   });
 }
 function recordClickEvent(notificationId, linkIndex, linkUrl, meta) {
-  create2(trackingEvents, {
+  enqueueTrackingEvent({
     notificationId,
     type: "click",
     linkUrl,
     linkIndex,
     ipAddress: meta?.ipAddress,
     userAgent: meta?.userAgent
-  }).catch((error) => {
-    log7.warn("Failed to record click event", error);
   });
 }
 async function getTrackingStats(notificationId) {
-  const db = getDatabase("read");
+  const db = getDatabase2("read");
   const rows = await db.select({
     type: trackingEvents.type,
-    total: drizzleCount(),
+    total: drizzleCount2(),
     unique: countDistinct(trackingEvents.ipAddress)
   }).from(trackingEvents).where(eq2(trackingEvents.notificationId, notificationId)).groupBy(trackingEvents.type);
   const openRow = rows.find((r) => r.type === "open");
@@ -4811,7 +4860,7 @@ async function getTrackingStats(notificationId) {
   };
 }
 async function getEngagementStats(options = {}) {
-  const db = getDatabase("read");
+  const db = getDatabase2("read");
   const sentConditions = [eq2(notifications.status, "sent")];
   if (options.channel) {
     sentConditions.push(eq2(notifications.channel, options.channel));
@@ -4822,7 +4871,7 @@ async function getEngagementStats(options = {}) {
   if (options.to) {
     sentConditions.push(lte2(notifications.createdAt, options.to));
   }
-  const [sentResult] = await db.select({ count: drizzleCount() }).from(notifications).where(and2(...sentConditions));
+  const [sentResult] = await db.select({ count: drizzleCount2() }).from(notifications).where(and2(...sentConditions));
   const sent = Number(sentResult?.count ?? 0);
   if (sent === 0) {
     return { sent: 0, opened: 0, clicked: 0, openRate: 0, clickRate: 0 };
@@ -4857,11 +4906,11 @@ async function getEngagementStats(options = {}) {
   };
 }
 async function getClickDetails(notificationId) {
-  const db = getDatabase("read");
+  const db = getDatabase2("read");
   const rows = await db.select({
     linkUrl: trackingEvents.linkUrl,
     linkIndex: trackingEvents.linkIndex,
-    totalClicks: drizzleCount(),
+    totalClicks: drizzleCount2(),
     uniqueClicks: countDistinct(trackingEvents.ipAddress)
   }).from(trackingEvents).where(
     and2(
@@ -4919,14 +4968,27 @@ var trackClick = route.get("/_noti/t/c/:token").input({
   const { params, query } = await c.data();
   const targetUrl = query.url;
   const result = verifyClickToken(params.token);
-  if (result.valid && result.notificationId != null && result.linkIndex != null) {
-    recordClickEvent(result.notificationId, result.linkIndex, targetUrl, {
-      ipAddress: c.raw.req.header("x-forwarded-for") ?? c.raw.req.header("x-real-ip"),
-      userAgent: c.raw.req.header("user-agent")
-    });
-  } else {
+  if (!result.valid || result.notificationId == null || result.linkIndex == null) {
     log8.warn("Invalid click tracking token");
+    return new Response("Not found", { status: 404 });
   }
+  let parsed;
+  try {
+    parsed = new URL(targetUrl);
+  } catch {
+    return new Response("Not found", { status: 404 });
+  }
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    return new Response("Not found", { status: 404 });
+  }
+  if (result.urlHash && hashClickUrl(targetUrl) !== result.urlHash) {
+    log8.warn("Click URL does not match signed token");
+    return new Response("Not found", { status: 404 });
+  }
+  recordClickEvent(result.notificationId, result.linkIndex, targetUrl, {
+    ipAddress: c.raw.req.header("x-forwarded-for") ?? c.raw.req.header("x-real-ip"),
+    userAgent: c.raw.req.header("user-agent")
+  });
   return new Response(null, {
     status: 302,
     headers: {