@waline/vercel 1.2.6 → 1.4.0

package/package.json

@@ -1,11 +1,12 @@
 {
   "name": "@waline/vercel",
-  "version": "1.2.6",
+  "version": "1.4.0",
   "description": "vercel server for waline comment system",
   "repository": "https://github.com/walinejs/waline",
   "license": "MIT",
   "author": "lizheming <i@imnerd.org>",
   "dependencies": {
+    "@byteinspire/api": "^1.0.12",
     "@cloudbase/node-sdk": "^2.7.1",
     "@koa/cors": "^3.1.0",
     "akismet": "^2.0.6",

package/src/config/config.js

@@ -17,6 +17,8 @@ const {
   AVATAR_PROXY,
   GITHUB_TOKEN,
   DETA_PROJECT_KEY,
+  INSPIRECLOUD_SERVICE_SECRET,
+  OAUTH_URL,
 
   MARKDOWN_CONFIG = '{}',
   MARKDOWN_HIGHLIGHT,
@@ -36,7 +38,7 @@ const {
   TG_TEMPLATE,
 } = process.env;
 
-let storage = 'leancloud';
+let storage = process'inspirecloud';
 let jwtKey = JWT_TOKEN || LEAN_KEY;
 
 if (LEAN_KEY) {
@@ -61,6 +63,9 @@ if (LEAN_KEY) {
 } else if (DETA_PROJECT_KEY) {
   storage = 'deta';
   jwtKey = jwtKey || DETA_PROJECT_KEY;
+} else if (INSPIRECLOUD_SERVICE_SECRET) {
+  storage = 'inspirecloud';
+  jwtKey = jwtKey || INSPIRECLOUD_SERVICE_SECRET;
 }
 
 if (think.env === 'cloudbase' && storage === 'sqlite') {
@@ -91,6 +96,8 @@ if (AVATAR_PROXY) {
   avatarProxy = !isFalse(AVATAR_PROXY) ? AVATAR_PROXY : '';
 }
 
+const oauthUrl = OAUTH_URL || 'https://user.75.team';
+
 module.exports = {
   workers: 1,
   storage,
@@ -100,6 +107,7 @@ module.exports = {
   secureDomains: SECURE_DOMAINS ? SECURE_DOMAINS.split(/\s*,\s*/) : undefined,
   disableUserAgent: !isFalse(DISABLE_USERAGENT),
   avatarProxy,
+  oauthUrl,
   markdown,
   mailSubject: MAIL_SUBJECT,
   mailTemplate: MAIL_TEMPLATE,

package/src/controller/oauth.js

@@ -1,5 +1,7 @@
+const qs = require('querystring');
 const jwt = require('jsonwebtoken');
 const { PasswordHash } = require('phpass');
+const request = require('request-promise-native');
 module.exports = class extends think.Controller {
   constructor(ctx) {
     super(ctx);
@@ -9,16 +11,58 @@ module.exports = class extends think.Controller {
     );
   }
 
-  async githubAction() {
-    const instance = this.service('auth/github', this);
-    const userInfo = await instance.getUserInfo();
-    const { github, avatar } = userInfo;
+  async indexAction() {
+    const { code, oauth_verifier, oauth_token, type, redirect } = this.get();
+    const { oauthUrl } = this.config();
+
+    const hasCode =
+      type === 'twitter' ? oauth_token && oauth_verifier : Boolean(code);
+    if (!hasCode) {
+      const { protocol, host } = this.ctx;
+      const redirectUrl = `${protocol}://${host}/oauth?${qs.stringify({
+        redirect,
+        type,
+      })}`;
+      return this.redirect(
+        `${oauthUrl}/${type}?${qs.stringify({
+          redirect: redirectUrl,
+          state: this.ctx.state.token,
+        })}`
+      );
+    }
+
+    /**
+     * user = { id, name, email, avatar,url };
+     */
+    const params = { code, oauth_verifier, oauth_token };
+    if (type === 'facebook') {
+      const { protocol, host } = this.ctx;
+      const redirectUrl = `${protocol}://${host}/oauth?${qs.stringify({
+        redirect,
+        type,
+      })}`;
+      params.state = qs.stringify({
+        redirect: redirectUrl,
+        state: this.ctx.state.token || '',
+      });
+    }
+
+    const user = await request({
+      url: `${oauthUrl}/${type}?${qs.stringify(params)}`,
+      method: 'GET',
+      json: true,
+      headers: {
+        'User-Agent': '@waline',
+      },
+    });
+    if (!user || !user.id) {
+      return this.fail();
+    }
 
-    const userByGithub = await this.modelInstance.select({ github });
+    const userBySocial = await this.modelInstance.select({ [type]: user.id });
 
-    if (!think.isEmpty(userByGithub)) {
-      const { redirect } = this.get();
-      const token = jwt.sign(userByGithub[0].email, this.config('jwtKey'));
+    if (!think.isEmpty(userBySocial)) {
+      const token = jwt.sign(userBySocial[0].email, this.config('jwtKey'));
 
       if (redirect) {
         return this.redirect(
@@ -29,49 +73,49 @@ module.exports = class extends think.Controller {
       return this.success();
     }
 
-    if (!userInfo.email) {
-      //generator a fake email if github user have no email
-      userInfo.email = `${userInfo.github}@mail.github`;
+    if (!user.email) {
+      user.email = `${user.id}@mail.${type}`;
     }
 
-    const { email } = userInfo;
     const current = this.ctx.state.userInfo;
-
     if (!think.isEmpty(current)) {
-      const updateData = { github };
+      const updateData = { [type]: user.id };
 
-      if (!current.avatar) {
-        updateData.avatar = github.avatar;
+      if (!current.avatar && user.avatar) {
+        updateData.avatar = user.avatar;
       }
 
       await this.modelInstance.update(updateData, {
         objectId: current.objectId,
       });
 
-      return this.success();
+      return this.redirect('/ui/profile');
     }
 
-    const userByEmail = await this.modelInstance.select({ email });
+    const userByEmail = await this.modelInstance.select({ email: user.email });
     if (think.isEmpty(userByEmail)) {
       const count = await this.modelInstance.count();
       const data = {
-        ...userInfo,
+        display_name: user.name,
+        email: user.email,
+        url: user.url,
+        avatar: user.avatar,
+        [type]: user.id,
         password: new PasswordHash().hashPassword(Math.random()),
         type: think.isEmpty(count) ? 'administrator' : 'guest',
       };
 
       await this.modelInstance.add(data);
     } else {
-      const updateData = { github };
+      const updateData = { [type]: user.id };
 
-      if (!userByEmail.avatar) {
-        updateData.avatar = avatar;
+      if (!userByEmail.avatar && user.avatar) {
+        updateData.avatar = user.avatar;
       }
-      await this.modelInstance.update(updateData, { email });
+      await this.modelInstance.update(updateData, { email: user.email });
     }
 
-    const { redirect } = this.get();
-    const token = jwt.sign(email, this.config('jwtKey'));
+    const token = jwt.sign(user.email, this.config('jwtKey'));
 
     if (redirect) {
       return this.redirect(

package/src/controller/user.js

@@ -78,7 +78,7 @@ module.exports = class extends BaseRest {
   }
 
   async putAction() {
-    const { display_name, url, password, github } = this.post();
+    const { display_name, url, password } = this.post();
     const { objectId } = this.ctx.state.userInfo;
 
     const updateData = {};
@@ -95,9 +95,13 @@ module.exports = class extends BaseRest {
       updateData.password = new PasswordHash().hashPassword(password);
     }
 
-    if (think.isString(github)) {
-      updateData.github = github;
-    }
+    const socials = ['github', 'twitter', 'facebook', 'google', 'weibo', 'qq'];
+    socials.forEach((social) => {
+      const nextSocial = this.post(social);
+      if (think.isString(nextSocial)) {
+        updateData[social] = nextSocial;
+      }
+    });
 
     if (think.isEmpty(updateData)) {
       return this.success();

package/src/logic/base.js

@@ -43,7 +43,21 @@ module.exports = class extends think.Logic {
 
     const user = await this.modelInstance.select(
       { email: userMail },
-      { field: ['email', 'url', 'display_name', 'type', 'github', 'avatar'] }
+      {
+        field: [
+          'email',
+          'url',
+          'display_name',
+          'type',
+          'github',
+          'twitter',
+          'facebook',
+          'google',
+          'weibo',
+          'qq',
+          'avatar',
+        ],
+      }
     );
     if (think.isEmpty(user)) {
       return;
@@ -65,5 +79,6 @@ module.exports = class extends think.Logic {
     userInfo.avatar = avatarUrl;
     userInfo.mailMd5 = helper.md5(userInfo.email);
     this.ctx.state.userInfo = userInfo;
+    this.ctx.state.token = token;
   }
 };

package/src/logic/comment.js

@@ -205,4 +205,30 @@ module.exports = class extends Base {
       return this.ctx.throw(401);
     }
   }
+
+  /**
+   * @api {POST} /comment/:id update comment data
+   * @apiGroup Comment
+   * @apiVersion  0.0.1
+   *
+   * @apiParam  {String}  [nick] post comment user nick name
+   * @apiParam  {String}  [mail]  post comment user mail address
+   * @apiParam  {String}  [link]  post comment user link
+   * @apiParam  {String}  [comment]  post comment text
+   * @apiParam  {String}  [url]  the artcile url path of comment
+   *
+   * @apiSuccess  (200) {Number}  errno 0
+   * @apiSuccess  (200) {String}  errmsg  return error message if error
+   */
+  putAction() {}
+
+  /**
+   * @api {DELETE} /comment/:id delete comment
+   * @apiGroup Comment
+   * @apiVersion  0.0.1
+   *
+   * @apiSuccess  (200) {Number}  errno 0
+   * @apiSuccess  (200) {String}  errmsg  return error message if error
+   */
+  deleteAction() {}
 };

package/src/logic/oauth.js

@@ -2,9 +2,9 @@ const Base = require('./base');
 
 module.exports = class extends Base {
   /**
-   * @api {GET} /oauth/github  github oauth api
+   * @api {GET} /oauth oauth api
    * @apiGroup  OAuth
    * @apiVersion  0.0.1
    */
-  githubAction() {}
+  indexAction() {}
 };

package/src/logic/token.js

@@ -12,7 +12,7 @@ module.exports = class extends Base {
    * @apiSuccess  (200) {String}  data.avatar user avatar
    * @apiSuccess  (200) {String}  data.createdAt user register time
    * @apiSuccess  (200) {String}  data.display_name user nick name
-   * @apiSuccess  (200) {String}  data.emal user email address
+   * @apiSuccess  (200) {String}  data.email user email address
    * @apiSuccess  (200) {String}  data.github user github account name
    * @apiSuccess  (200) {String}  data.mailMd5 user mail md5
    * @apiSuccess  (200) {String}  data.objectId user id

package/src/logic/user.js

@@ -21,10 +21,10 @@ module.exports = class extends Base {
    * @apiGroup User
    * @apiVersion  0.0.1
    *
-   * @apiParam  {String}  display_name  user new nick name
-   * @apiParam  {String}  url user new link
-   * @apiParam  {String}  password user new password
-   * @apiParam  {String}  github user github account name
+   * @apiParam  {String}  [display_name]  user new nick name
+   * @apiParam  {String}  [url] user new link
+   * @apiParam  {String}  [password] user new password
+   * @apiParam  {String}  [github] user github account name
    *
    * @apiSuccess  (200) {Number}  errno 0
    * @apiSuccess  (200) {String}  errmsg  return error message if error

package/src/middleware/dashboard.js

@@ -1,10 +1,4 @@
-const { GITHUB_ID, GITHUB_SECRET } = process.env;
-
 module.exports = function () {
-  const socials = [['github', GITHUB_ID && GITHUB_SECRET]]
-    .filter(([, condition]) => condition)
-    .map(([name]) => name);
-
   return (ctx) => {
     ctx.type = 'html';
     ctx.body = `<!doctype html>
@@ -18,7 +12,6 @@ module.exports = function () {
     <script>
     window.SITE_URL = ${JSON.stringify(process.env.SITE_URL)};
     window.SITE_NAME = ${JSON.stringify(process.env.SITE_NAME)};
-    window.ALLOW_SOCIALS = ${JSON.stringify(socials)};
     </script>
     <script src="https://cdn.jsdelivr.net/npm/@waline/admin"></script>
   </body>

package/src/service/notify.js

@@ -242,7 +242,9 @@ module.exports = class extends think.Service {
       }
     }
 
-    const disallowList = ['github'].map((social) => 'mail.' + social);
+    const disallowList = ['github', 'twitter', 'facebook'].map(
+      (social) => 'mail.' + social
+    );
     const fakeMail = new RegExp(`@(${disallowList.join('|')})$`, 'i');
     if (parent && !fakeMail.test(parent.mail) && comment.status !== 'waiting') {
       mailList.push({

package/src/service/storage/github.js

@@ -31,6 +31,11 @@ const CSV_HEADERS = {
     'url',
     'avatar',
     'github',
+    'twitter',
+    'facebook',
+    'google',
+    'weibo',
+    'qq',
     'createdAt',
     'updatedAt',
   ],

package/src/service/storage/inspirecloud.js

@@ -0,0 +1,151 @@
+const inspirecloud = require('@byteinspire/api');
+const Base = require('./base');
+
+module.exports = class extends Base {
+  constructor(tableName) {
+    super(tableName);
+    this.db = inspirecloud.db;
+  }
+
+  where(where) {
+    if (think.isEmpty(where)) {
+      return;
+    }
+
+    const _where = {};
+    const parseKey = (k) => (k === 'objectId' ? '_id' : k);
+    for (const k in where) {
+      if (think.isString(where[k])) {
+        _where[parseKey(k)] = k === 'objectId' ? this.db.ObjectId(where[k]) : where[k];
+        continue;
+      }
+      if (where[k] === undefined) {
+        _where[parseKey(k)] = undefined;
+      }
+      if (Array.isArray(where[k])) {
+        if (where[k][0]) {
+          const handler = where[k][0].toUpperCase();
+          switch (handler) {
+            case 'IN':
+              _where[parseKey(k)] = this.db.in(
+                k === 'objectId'
+                  ? where[k][1].map(this.db.ObjectId)
+                  : where[k][1]
+              );
+              break;
+            case 'NOT IN':
+              _where[parseKey(k)] = this.db.nin(
+                k === 'objectId'
+                  ? where[k][1].map(this.db.ObjectId)
+                  : where[k][1]
+              );
+              break;
+            case 'LIKE': {
+              const first = where[k][1][0];
+              const last = where[k][1].slice(-1);
+              let reg;
+              if (first === '%' && last === '%') {
+                reg = new RegExp(where[k][1].slice(1, -1));
+              } else if (first === '%') {
+                reg = new RegExp(where[k][1].slice(1) + '$');
+              } else if (last === '%') {
+                reg = new RegExp('^' + where[k][1].slice(0, -1));
+              }
+              _where[parseKey(k)] = this.db.regex(reg);
+              break;
+            }
+            case '!=':
+              _where[parseKey(k)] = this.db.ne(where[k]);
+              break;
+            case '>':
+              _where[parseKey(k)] = this.db.gt(where[k]);
+              break;
+          }
+        }
+      }
+    }
+
+    return _where;
+  }
+
+  async _select(where, { desc, limit, offset, field } = {}) {
+    const instance = this.db.table(this.tableName);
+    const query = instance.where(this.where(where));
+
+    if (desc) {
+      query.sort({ [desc]: -1 });
+    }
+    if (limit) {
+      query.limit(limit);
+    }
+    if (offset) {
+      query.skip(offset);
+    }
+    if (field) {
+      const _field = {};
+      field.forEach((f) => {
+        _field[f] = 1;
+      });
+      query.projection(_field);
+    }
+
+    const data = await query.find();
+    data.forEach((item) => {
+      item.objectId = item._id.toString();
+      delete item._id;
+    });
+    return data;
+  }
+
+  async select(where, options = {}) {
+    let data = [];
+    let ret = [];
+    do {
+      options.offset = (options.offset || 0) + data.length;
+      ret = await this._select(where, options);
+      data = data.concat(ret);
+    } while (ret.length === 1000);
+
+    return data;
+  }
+
+  async count(where = {}) {
+    const instance = this.db.table(this.tableName);
+    const query = instance.where(this.where(where));
+
+    return query.count();
+  }
+
+  async add(data) {
+    const instance = this.db.table(this.tableName);
+    const tableData = instance.create(data);
+    await instance.save(tableData);
+
+    tableData.objectId = tableData._id.toString();
+    delete tableData._id;
+    return tableData;
+  }
+
+  async update(data, where) {
+    const instance = this.db.table(this.tableName);
+    const query = instance.where(this.where(where));
+    const items = await query.find();
+
+    return Promise.all(
+      items.map(async (item) => {
+        const updateData = typeof data === 'function' ? data(item) : data;
+        for (const k in updateData) {
+          item[k] = updateData[k];
+        }
+        await instance.save(item);
+        return item;
+      })
+    );
+  }
+
+  async delete(where) {
+    const instance = this.db.table(this.tableName);
+    const query = instance.where(this.where(where));
+    return query.delete();
+  }
+};

package/src/service/auth/base.js

@@ -1,31 +0,0 @@
-const { parse } = require('url');
-
-module.exports = class extends think.Service {
-  constructor(app) {
-    super(app);
-    this.app = app;
-  }
-
-  getCompleteUrl(url = '') {
-    if (url.slice(0, 4) === 'http') {
-      try {
-        const { host } = parse(url);
-
-        if (this.app.host.toLowerCase() !== host.toLowerCase()) {
-          throw new Error(403);
-        }
-
-        return url;
-      } catch (err) {
-        // ignore error
-      }
-    }
-    const protocol = this.app.header('x-forwarded-proto') || 'http';
-
-    if (!/^\//.test(url)) {
-      url = `/${url}`;
-    }
-
-    return `${protocol}://${this.app.ctx.host}${url}`;
-  }
-};

package/src/service/auth/github.js

@@ -1,97 +0,0 @@
-const qs = require('querystring');
-const request = require('request-promise-native');
-const Base = require('./base');
-
-const OAUTH_URL = 'https://github.com/login/oauth/authorize';
-const ACCESS_TOKEN_URL = 'https://github.com/login/oauth/access_token';
-const USER_INFO_URL = 'https://api.github.com/user';
-const USER_EMAILS = 'https://api.github.com/user/emails';
-const { GITHUB_ID, GITHUB_SECRET } = process.env;
-module.exports = class extends Base {
-  getAuthUrl(opts) {
-    const params = {
-      client_id: GITHUB_ID,
-      redirect_uri: opts.rdUrl,
-      scope: 'read:user,user:email',
-    };
-    return OAUTH_URL + '?' + qs.stringify(params);
-  }
-
-  async getAccessToken(opts) {
-    const params = {
-      client_id: GITHUB_ID,
-      client_secret: GITHUB_SECRET,
-      code: opts.code,
-    };
-
-    const body = await request.post({
-      url: ACCESS_TOKEN_URL,
-      headers: { Accept: 'application/json' },
-      form: params,
-      json: true,
-    });
-
-    return body;
-  }
-
-  async getUserInfoByToken(opts) {
-    const userInfo = await request.get({
-      url: USER_INFO_URL,
-      headers: {
-        'User-Agent': '@waline',
-        Authorization: 'token ' + opts.access_token,
-      },
-      json: true,
-    });
-
-    if (!userInfo.email) {
-      const emails = await request.get({
-        url: USER_EMAILS,
-        headers: {
-          'User-Agent': '@waline',
-          Authorization: 'token ' + opts.access_token,
-        },
-        json: true,
-      });
-
-      if (emails.length) {
-        userInfo.email = emails[0].email;
-      }
-    }
-
-    return {
-      github: userInfo.login,
-      display_name: userInfo.name,
-      email: userInfo.email,
-      url: userInfo.blog,
-      avatar: userInfo.avatar_url,
-    };
-  }
-
-  async redirect() {
-    const { app } = this;
-    const { redirect, state } = app.get();
-    const rdUrlAfterLogin = this.getCompleteUrl(redirect);
-
-    const params = { redirect: rdUrlAfterLogin, state };
-    const signinUrl =
-      this.getCompleteUrl('/oauth/github') + '?' + qs.stringify(params);
-    const AUTH_URL = this.getAuthUrl({ rdUrl: signinUrl });
-
-    app.redirect(AUTH_URL);
-
-    return app.success();
-  }
-
-  async getUserInfo() {
-    const { code } = this.app.get();
-
-    if (!code) {
-      return this.redirect();
-    }
-
-    const accessTokenInfo = await this.getAccessToken({ code });
-
-    return this.getUserInfoByToken(accessTokenInfo);
-  }
-};