@waline/vercel 1.21.0 → 1.22.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/controller/comment.js +6 -4
- package/src/logic/base.js +33 -0
- package/src/logic/comment.js +22 -5
- package/src/logic/token.js +3 -1
- package/src/logic/user.js +3 -1
- package/src/middleware/dashboard.js +1 -0
- package/src/service/storage/mysql.js +4 -5
package/package.json
CHANGED
|
@@ -655,8 +655,10 @@ module.exports = class extends BaseRest {
|
|
|
655
655
|
oldData = oldData[0];
|
|
656
656
|
if (think.isBoolean(data.like)) {
|
|
657
657
|
const likeIncMax = this.config('LIKE_INC_MAX') || 1;
|
|
658
|
-
|
|
659
|
-
|
|
658
|
+
|
|
659
|
+
data.like =
|
|
660
|
+
(Number(oldData.like) || 0) +
|
|
661
|
+
(data.like ? Math.ceil(Math.random() * likeIncMax) : -1);
|
|
660
662
|
}
|
|
661
663
|
|
|
662
664
|
const preUpdateResp = await this.hook('preUpdate', {
|
|
@@ -673,6 +675,7 @@ module.exports = class extends BaseRest {
|
|
|
673
675
|
});
|
|
674
676
|
|
|
675
677
|
let cmtUser;
|
|
678
|
+
|
|
676
679
|
if (!think.isEmpty(newData) && newData[0].user_id) {
|
|
677
680
|
cmtUser = await this.service(
|
|
678
681
|
`storage/${this.config('storage')}`,
|
|
@@ -688,13 +691,12 @@ module.exports = class extends BaseRest {
|
|
|
688
691
|
this.config(),
|
|
689
692
|
userInfo
|
|
690
693
|
);
|
|
691
|
-
|
|
694
|
+
|
|
692
695
|
if (
|
|
693
696
|
oldData.status === 'waiting' &&
|
|
694
697
|
data.status === 'approved' &&
|
|
695
698
|
oldData.pid
|
|
696
699
|
) {
|
|
697
|
-
|
|
698
700
|
let pComment = await this.modelInstance.select({
|
|
699
701
|
objectId: oldData.pid,
|
|
700
702
|
});
|
package/src/logic/base.js
CHANGED
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
const path = require('path');
|
|
2
|
+
const qs = require('querystring');
|
|
3
|
+
const fetch = require('node-fetch');
|
|
2
4
|
const jwt = require('jsonwebtoken');
|
|
3
5
|
const helper = require('think-helper');
|
|
4
6
|
|
|
@@ -122,4 +124,35 @@ module.exports = class extends think.Logic {
|
|
|
122
124
|
|
|
123
125
|
return '';
|
|
124
126
|
}
|
|
127
|
+
|
|
128
|
+
async useCaptchaCheck() {
|
|
129
|
+
const { RECAPTCHA_V3_SECRET } = process.env;
|
|
130
|
+
|
|
131
|
+
if (!RECAPTCHA_V3_SECRET) {
|
|
132
|
+
return;
|
|
133
|
+
}
|
|
134
|
+
const { recaptchaV3 } = this.post();
|
|
135
|
+
|
|
136
|
+
if (!recaptchaV3) {
|
|
137
|
+
return this.ctx.throw(403);
|
|
138
|
+
}
|
|
139
|
+
|
|
140
|
+
const query = qs.stringify({
|
|
141
|
+
secret: RECAPTCHA_V3_SECRET,
|
|
142
|
+
response: recaptchaV3,
|
|
143
|
+
remoteip: this.ctx.ip,
|
|
144
|
+
});
|
|
145
|
+
const recaptchaV3Result = await fetch(
|
|
146
|
+
`https://recaptcha.net/recaptcha/api/siteverify?${query}`
|
|
147
|
+
).then((resp) => resp.json());
|
|
148
|
+
|
|
149
|
+
if (!recaptchaV3Result.success) {
|
|
150
|
+
think.logger.debug(
|
|
151
|
+
'RecaptchaV3 Result:',
|
|
152
|
+
JSON.stringify(recaptchaV3Result, null, '\t')
|
|
153
|
+
);
|
|
154
|
+
|
|
155
|
+
return this.ctx.throw(403);
|
|
156
|
+
}
|
|
157
|
+
}
|
|
125
158
|
};
|
package/src/logic/comment.js
CHANGED
|
@@ -107,6 +107,7 @@ module.exports = class extends Base {
|
|
|
107
107
|
getAction() {
|
|
108
108
|
const { type, path } = this.get();
|
|
109
109
|
const isAllowedGet = type !== 'list' || path;
|
|
110
|
+
|
|
110
111
|
if (!isAllowedGet) {
|
|
111
112
|
this.checkAdmin();
|
|
112
113
|
}
|
|
@@ -199,13 +200,19 @@ module.exports = class extends Base {
|
|
|
199
200
|
* @apiSuccess (200) {String} data.avatar comment user avatar
|
|
200
201
|
* @apiSuccess (200) {String} data.type comment login user type
|
|
201
202
|
*/
|
|
202
|
-
postAction() {
|
|
203
|
+
async postAction() {
|
|
203
204
|
const { LOGIN } = process.env;
|
|
204
205
|
const { userInfo } = this.ctx.state;
|
|
205
206
|
|
|
206
|
-
if (
|
|
207
|
+
if (!think.isEmpty(userInfo)) {
|
|
208
|
+
return;
|
|
209
|
+
}
|
|
210
|
+
|
|
211
|
+
if (LOGIN === 'force') {
|
|
207
212
|
return this.ctx.throw(401);
|
|
208
213
|
}
|
|
214
|
+
|
|
215
|
+
return this.useCaptchaCheck();
|
|
209
216
|
}
|
|
210
217
|
|
|
211
218
|
/**
|
|
@@ -235,6 +242,7 @@ module.exports = class extends Base {
|
|
|
235
242
|
boolean: true,
|
|
236
243
|
},
|
|
237
244
|
};
|
|
245
|
+
|
|
238
246
|
return;
|
|
239
247
|
}
|
|
240
248
|
|
|
@@ -252,11 +260,15 @@ module.exports = class extends Base {
|
|
|
252
260
|
`storage/${this.config('storage')}`,
|
|
253
261
|
'Comment'
|
|
254
262
|
);
|
|
255
|
-
const commentData = await modelInstance.select({
|
|
263
|
+
const commentData = await modelInstance.select({
|
|
264
|
+
user_id: userInfo.objectId,
|
|
265
|
+
objectId: this.id,
|
|
266
|
+
});
|
|
267
|
+
|
|
256
268
|
if (!think.isEmpty(commentData)) {
|
|
257
269
|
return;
|
|
258
270
|
}
|
|
259
|
-
|
|
271
|
+
|
|
260
272
|
return this.ctx.throw(403);
|
|
261
273
|
}
|
|
262
274
|
|
|
@@ -283,10 +295,15 @@ module.exports = class extends Base {
|
|
|
283
295
|
`storage/${this.config('storage')}`,
|
|
284
296
|
'Comment'
|
|
285
297
|
);
|
|
286
|
-
const commentData = await modelInstance.select({
|
|
298
|
+
const commentData = await modelInstance.select({
|
|
299
|
+
user_id: userInfo.objectId,
|
|
300
|
+
objectId: this.id,
|
|
301
|
+
});
|
|
302
|
+
|
|
287
303
|
if (!think.isEmpty(commentData)) {
|
|
288
304
|
return;
|
|
289
305
|
}
|
|
306
|
+
|
|
290
307
|
return this.ctx.throw(403);
|
|
291
308
|
}
|
|
292
309
|
};
|
package/src/logic/token.js
CHANGED
|
@@ -32,7 +32,9 @@ module.exports = class extends Base {
|
|
|
32
32
|
* @apiSuccess (200) {Number} errno 0
|
|
33
33
|
* @apiSuccess (200) {String} errmsg return error message if error
|
|
34
34
|
*/
|
|
35
|
-
postAction() {
|
|
35
|
+
postAction() {
|
|
36
|
+
return this.useCaptchaCheck();
|
|
37
|
+
}
|
|
36
38
|
|
|
37
39
|
/**
|
|
38
40
|
* @api {DELETE} /token user logout
|
package/src/logic/user.js
CHANGED
|
@@ -33,7 +33,9 @@ module.exports = class extends Base {
|
|
|
33
33
|
* @apiSuccess (200) {Number} errno 0
|
|
34
34
|
* @apiSuccess (200) {String} errmsg return error message if error
|
|
35
35
|
*/
|
|
36
|
-
postAction() {
|
|
36
|
+
postAction() {
|
|
37
|
+
return this.useCaptchaCheck();
|
|
38
|
+
}
|
|
37
39
|
|
|
38
40
|
/**
|
|
39
41
|
* @api {PUT} /user update user profile
|
|
@@ -12,6 +12,7 @@ module.exports = function () {
|
|
|
12
12
|
<script>
|
|
13
13
|
window.SITE_URL = ${JSON.stringify(process.env.SITE_URL)};
|
|
14
14
|
window.SITE_NAME = ${JSON.stringify(process.env.SITE_NAME)};
|
|
15
|
+
window.recaptchaV3Key = ${JSON.stringify(process.env.RECAPTCHA_V3_KEY)};
|
|
15
16
|
</script>
|
|
16
17
|
<script src="${
|
|
17
18
|
process.env.WALINE_ADMIN_MODULE_ASSET_URL || '//unpkg.com/@waline/admin'
|
|
@@ -69,7 +69,7 @@ module.exports = class extends Base {
|
|
|
69
69
|
|
|
70
70
|
instance.field([...group, 'COUNT(*) as count'].join(','));
|
|
71
71
|
instance.group(group);
|
|
72
|
-
|
|
72
|
+
|
|
73
73
|
return instance.select();
|
|
74
74
|
}
|
|
75
75
|
|
|
@@ -79,10 +79,9 @@ module.exports = class extends Base {
|
|
|
79
79
|
delete data.objectId;
|
|
80
80
|
}
|
|
81
81
|
const date = new Date();
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
if (!data.updatedAt)
|
|
85
|
-
data.updatedAt = date;
|
|
82
|
+
|
|
83
|
+
if (!data.createdAt) data.createdAt = date;
|
|
84
|
+
if (!data.updatedAt) data.updatedAt = date;
|
|
86
85
|
|
|
87
86
|
const instance = this.model(this.tableName);
|
|
88
87
|
const id = await instance.add(data);
|