@waline/vercel 1.26.3 → 1.26.4

package/dist/src/controller/user.js

@@ -0,0 +1,289 @@
+const { PasswordHash } = require('phpass');
+const BaseRest = require('./rest');
+
+module.exports = class extends BaseRest {
+  constructor(...args) {
+    super(...args);
+    this.modelInstance = this.service(
+      `storage/${this.config('storage')}`,
+      'Users'
+    );
+  }
+
+  async getAction() {
+    const { page, pageSize, email } = this.get();
+    const { userInfo } = this.ctx.state;
+
+    if (think.isEmpty(userInfo) || userInfo.type !== 'administrator') {
+      const users = await this.getUsersListByCount();
+
+      return this.success(users);
+    }
+
+    if (email) {
+      const user = await this.modelInstance.select({ email });
+
+      if (think.isEmpty(user)) {
+        return this.success();
+      }
+
+      return this.success(user[0]);
+    }
+
+    const count = await this.modelInstance.count({});
+    const users = await this.modelInstance.select(
+      {},
+      {
+        desc: 'createdAt',
+        limit: pageSize,
+        offset: Math.max((page - 1) * pageSize, 0),
+      }
+    );
+
+    return this.success({
+      page,
+      totalPages: Math.ceil(count / pageSize),
+      pageSize,
+      data: users,
+    });
+  }
+
+  async postAction() {
+    const data = this.post();
+    const resp = await this.modelInstance.select({
+      email: data.email,
+    });
+
+    if (
+      !think.isEmpty(resp) &&
+      ['administrator', 'guest'].includes(resp[0].type)
+    ) {
+      return this.fail(this.locale('USER_EXIST'));
+    }
+
+    const count = await this.modelInstance.count();
+
+    const {
+      SMTP_HOST,
+      SMTP_SERVICE,
+      SENDER_EMAIL,
+      SENDER_NAME,
+      SMTP_USER,
+      SITE_NAME,
+    } = process.env;
+    const hasMailService = SMTP_HOST || SMTP_SERVICE;
+
+    const token = Array.from({ length: 4 }, () =>
+      Math.round(Math.random() * 9)
+    ).join('');
+    const normalType = hasMailService
+      ? `verify:${token}:${Date.now() + 1 * 60 * 60 * 1000}`
+      : 'guest';
+
+    data.password = new PasswordHash().hashPassword(data.password);
+    data.type = think.isEmpty(count) ? 'administrator' : normalType;
+
+    if (think.isEmpty(resp)) {
+      await this.modelInstance.add(data);
+    } else {
+      await this.modelInstance.update(data, { email: data.email });
+    }
+
+    if (!/^verify:/i.test(data.type)) {
+      return this.success();
+    }
+
+    try {
+      const notify = this.service('notify', this);
+      const apiUrl =
+        this.ctx.serverURL +
+        '/verification?' +
+        new URLSearchParams({ token, email: data.email }).toString();
+
+      await notify.transporter.sendMail({
+        from:
+          SENDER_EMAIL && SENDER_NAME
+            ? `"${SENDER_NAME}" <${SENDER_EMAIL}>`
+            : SMTP_USER,
+        to: data.email,
+        subject: this.locale('[{{name | safe}}] Registration Confirm Mail', {
+          name: SITE_NAME || 'Waline',
+        }),
+        html: this.locale(
+          'Please click <a href="{{url}}">{{url}}<a/> to confirm registration, the link is valid for 1 hour. If you are not registering, please ignore this email.',
+          { url: apiUrl }
+        ),
+      });
+    } catch (e) {
+      console.log(e);
+
+      return this.fail(
+        this.locale(
+          'Registration confirm mail send failed, please {%- if isAdmin -%}check your mail configuration{%- else -%}check your email address and contact administrator{%- endif -%}.',
+          { isAdmin: think.isEmpty(count) }
+        )
+      );
+    }
+
+    return this.success({ verify: true });
+  }
+
+  async putAction() {
+    const { display_name, url, avatar, password, type, label } = this.post();
+    const { objectId } = this.ctx.state.userInfo;
+    const twoFactorAuth = this.post('2fa');
+
+    const updateData = {};
+
+    if (this.id && type) {
+      updateData.type = type;
+    }
+
+    if (think.isString(label)) {
+      updateData.label = label;
+    }
+
+    if (display_name) {
+      updateData.display_name = display_name;
+    }
+
+    if (url) {
+      updateData.url = url;
+    }
+
+    if (avatar) {
+      updateData.avatar = avatar;
+    }
+
+    if (password) {
+      updateData.password = new PasswordHash().hashPassword(password);
+    }
+
+    if (think.isString(twoFactorAuth)) {
+      updateData['2fa'] = twoFactorAuth;
+    }
+
+    const socials = ['github', 'twitter', 'facebook', 'google', 'weibo', 'qq'];
+
+    socials.forEach((social) => {
+      const nextSocial = this.post(social);
+
+      if (think.isString(nextSocial)) {
+        updateData[social] = nextSocial;
+      }
+    });
+
+    if (think.isEmpty(updateData)) {
+      return this.success();
+    }
+
+    await this.modelInstance.update(updateData, {
+      objectId: this.id || objectId,
+    });
+
+    return this.success();
+  }
+
+  async getUsersListByCount() {
+    const { pageSize } = this.get();
+    const commentModel = this.service(
+      `storage/${this.config('storage')}`,
+      'Comment'
+    );
+    const counts = await commentModel.count(
+      {
+        status: ['NOT IN', ['waiting', 'spam']],
+      },
+      {
+        group: ['user_id', 'mail'],
+      }
+    );
+
+    counts.sort((a, b) => b.count - a.count);
+    counts.length = Math.min(pageSize, counts.length);
+
+    const userIds = counts
+      .filter(({ user_id }) => user_id)
+      .map(({ user_id }) => user_id);
+
+    let usersMap = {};
+
+    if (userIds.length) {
+      const users = await this.modelInstance.select({
+        objectId: ['IN', userIds],
+      });
+
+      for (let i = 0; i < users.length; i++) {
+        usersMap[users[i].objectId] = users;
+      }
+    }
+
+    const users = [];
+    const { avatarProxy } = this.config();
+
+    for (let i = 0; i < counts.length; i++) {
+      const count = counts[i];
+      const user = {
+        count: count.count,
+      };
+
+      if (think.isArray(this.config('levels'))) {
+        let level = 0;
+
+        if (user.count) {
+          const _level = think.findLastIndex(
+            this.config('levels'),
+            (l) => l <= user.count
+          );
+
+          if (_level !== -1) {
+            level = _level;
+          }
+        }
+        user.level = level;
+      }
+
+      if (count.user_id && users[count.user_id]) {
+        const {
+          display_name: nick,
+          url: link,
+          avatar: avatarUrl,
+          label,
+        } = users[count.user_id];
+        const avatar =
+          avatarProxy && !avatarUrl.includes(avatarProxy)
+            ? avatarProxy + '?url=' + encodeURIComponent(avatarUrl)
+            : avatarUrl;
+
+        Object.assign(user, { nick, link, avatar, label });
+        users.push(user);
+        continue;
+      }
+
+      const comments = await commentModel.select(
+        { mail: count.mail },
+        { limit: 1 }
+      );
+
+      if (think.isEmpty(comments)) {
+        continue;
+      }
+      const comment = comments[0];
+
+      if (think.isEmpty(comment)) {
+        continue;
+      }
+      const { nick, link } = comment;
+      const avatarUrl = await think.service('avatar').stringify(comment);
+      const avatar =
+        avatarProxy && !avatarUrl.includes(avatarProxy)
+          ? avatarProxy + '?url=' + encodeURIComponent(avatarUrl)
+          : avatarUrl;
+
+      Object.assign(user, { nick, link, avatar });
+      users.push(user);
+    }
+
+    return users;
+  }
+};

package/dist/src/controller/verification.js

@@ -0,0 +1,35 @@
+const BaseRest = require('./rest');
+
+module.exports = class extends BaseRest {
+  constructor(...args) {
+    super(...args);
+    this.modelInstance = this.service(
+      `storage/${this.config('storage')}`,
+      'Users'
+    );
+  }
+
+  async getAction() {
+    const { token, email } = this.get();
+    const users = await this.modelInstance.select({ email });
+
+    if (think.isEmpty(users)) {
+      return this.fail(this.locale('USER_NOT_EXIST'));
+    }
+
+    const user = users[0];
+    const match = user.type.match(/^verify:(\d{4}):(\d+)$/i);
+
+    if (!match) {
+      return this.fail(this.locale('USER_REGISTERED'));
+    }
+
+    if (token === match[1] && Date.now() < parseInt(match[2])) {
+      await this.modelInstance.update({ type: 'guest' }, { email });
+
+      return this.redirect('/ui/login');
+    }
+
+    return this.fail(this.locale('TOKEN_EXPIRED'));
+  }
+};

package/dist/src/extend/controller.js

@@ -0,0 +1,25 @@
+const nunjucks = require('nunjucks');
+const locales = require('../locales');
+
+module.exports = {
+  success(...args) {
+    this.ctx.success(...args);
+
+    return think.prevent();
+  },
+  fail(...args) {
+    this.ctx.fail(...args);
+
+    return think.prevent();
+  },
+  locale(message, variables) {
+    const { lang } = this.get();
+    const locale = locales[(lang || 'zh-cn').toLowerCase()] || locales['zh-cn'];
+
+    if (locale && locale[message]) {
+      message = locale[message];
+    }
+
+    return nunjucks.renderString(message, variables);
+  },
+};

package/dist/src/extend/think.js

@@ -0,0 +1,84 @@
+const ip2region = require('dy-node-ip2region');
+const helper = require('think-helper');
+const preventMessage = 'PREVENT_NEXT_PROCESS';
+
+const regionSearch = ip2region.create(process.env.IP2REGION_DB);
+
+module.exports = {
+  prevent() {
+    throw new Error(preventMessage);
+  },
+  isPrevent(err) {
+    return think.isError(err) && err.message === preventMessage;
+  },
+  findLastIndex(arr, fn) {
+    for (let i = arr.length - 1; i >= 0; i--) {
+      const ret = fn(arr[i], i, arr);
+
+      if (!ret) {
+        continue;
+      }
+
+      return i;
+    }
+
+    return -1;
+  },
+  promiseAllQueue(promises, taskNum) {
+    return new Promise((resolve, reject) => {
+      if (!promises.length) {
+        return resolve();
+      }
+
+      const ret = [];
+      let index = 0;
+      let count = 0;
+
+      function runTask() {
+        const idx = index;
+
+        index += 1;
+        if (index > promises.length) {
+          return Promise.resolve();
+        }
+
+        return promises[idx].then((data) => {
+          ret[idx] = data;
+          count += 1;
+          if (count === promises.length) {
+            resolve(ret);
+          }
+
+          return runTask();
+        }, reject);
+      }
+
+      for (let i = 0; i < taskNum; i++) {
+        runTask();
+      }
+    });
+  },
+  async ip2region(ip, { depth = 1 }) {
+    if (!ip || ip.includes(':')) return '';
+
+    try {
+      const search = helper.promisify(regionSearch.btreeSearch, regionSearch);
+      const result = await search(ip);
+
+      if (!result) {
+        return '';
+      }
+      const { region } = result;
+      const [, , province, city, isp] = region.split('|');
+      const address = Array.from(
+        new Set([province, city, isp].filter((v) => v))
+      );
+
+      return address.slice(0, depth).join(' ');
+    } catch (e) {
+      console.log(e);
+
+      return '';
+    }
+  },
+};

package/dist/src/locales/en.json

@@ -0,0 +1,19 @@
+{
+  "import data format not support!": "import data format not support!",
+  "USER_EXIST": "USER_EXIST",
+  "USER_NOT_EXIST": "USER_NOT_EXIST",
+  "USER_REGISTERED": "USER_REGISTERED",
+  "TOKEN_EXPIRED": "TOKEN_EXPIRED",
+  "TWO_FACTOR_AUTH_ERROR_DETAIL": "TWO_FACTOR_AUTH_ERROR_DETAIL",
+  "[{{name | safe}}] Registration Confirm Mail": "[{{name | safe}}] Registration Confirm Mail",
+  "Please click <a href=\"{{url}}\">{{url}}<a/> to confirm registration, the link is valid for 1 hour. If you are not registering, please ignore this email.": "Please click <a href=\"{{url}}\">{{url}}<a/> to confirm registration, the link is valid for 1 hour. If you are not registering, please ignore this email.",
+  "[{{name | safe}}] Reset Password": "[{{name | safe}}] Reset Password",
+  "Please click <a href=\"{{url}}\">{{url}}</a> to login and change your password as soon as possible!": "Please click <a href=\"{{url}}\">{{url}}</a> to login and change your password as soon as possible!",
+  "Duplicate Content": "Duplicate Content",
+  "Comment too fast": "Comment too fast",
+  "Registration confirm mail send failed, please {%- if isAdmin -%}check your mail configuration{%- else -%}check your email address and contact administrator{%- endif -%}.": "Registration confirm mail send failed, please {%- if isAdmin -%}check your mail configuration{%- else -%}check your email address and contact administrator{%- endif -%}.",
+  "MAIL_SUBJECT": "Your comment on {{site.name | safe}} received a reply",
+  "MAIL_TEMPLATE": "<div style='border-top:2px solid #12ADDB;box-shadow:0 1px 3px #AAAAAA;line-height:180%;padding:0 15px 12px;margin:50px auto;font-size:12px;'> <h2 style='border-bottom:1px solid #DDD;font-size:14px;font-weight:normal;padding:13px 0 10px 8px;'> Your comment on <a style='text-decoration:none;color: #12ADDB;' href='{{site.url}}' target='_blank'>{{site.name}}</a> received a reply </h2>{{parent.nick}}, you wrote: <div style='padding:0 12px 0 12px;margin-top:18px'> <div style='background-color: #f5f5f5;padding: 10px 15px;margin:18px 0;word-wrap:break-word;'>{{parent.comment | safe}}</div><p><strong>{{self.nick}}</strong> replied:</p><div style='background-color: #f5f5f5;padding: 10px 15px;margin:18px 0;word-wrap:break-word;'>{{self.comment | safe}}</div><p><a style='text-decoration:none; color:#12addb' href='{{site.postUrl}}' target='_blank'>View full reply</a> or visit <a style='text-decoration:none; color:#12addb' href='{{site.url}}' target='_blank'>{{site.name}}</a>.</p><br/> </div></div>",
+  "MAIL_SUBJECT_ADMIN": "New comment on {{site.name | safe}}",
+  "MAIL_TEMPLATE_ADMIN": "<div style='border-top:2px solid #12ADDB;box-shadow:0 1px 3px #AAAAAA;line-height:180%;padding:0 15px 12px;margin:50px auto;font-size:12px;'> <h2 style='border-bottom:1px solid #DDD;font-size:14px;font-weight:normal;padding:13px 0 10px 8px;'> New comment on <a style='text-decoration:none;color: #12ADDB;' href='{{site.url}}' target='_blank'>{{site.name}}</a> </h2> <p><strong>{{self.nick}}</strong> wrote:</p><div style='background-color: #f5f5f5;padding: 10px 15px;margin:18px 0;word-wrap:break-word;'>{{self.comment | safe}}</div><p><a style='text-decoration:none; color:#12addb' href='{{site.postUrl}}' target='_blank'>View page</a></p><br/></div>"
+}

package/dist/src/locales/index.js

@@ -0,0 +1,12 @@
+const en = require('./en.json');
+const zhCN = require('./zh-CN.json');
+const zhTW = require('./zh-TW.json');
+
+module.exports = {
+  'zh-cn': zhCN,
+  'zh-tw': zhTW,
+  en: en,
+  'en-us': en,
+  jp: en,
+  'jp-jp': en,
+};

package/dist/src/locales/zh-CN.json

@@ -0,0 +1,19 @@
+{
+  "import data format not support!": "文件格式不支持",
+  "USER_EXIST": "用户已存在",
+  "USER_NOT_EXIST": "用户不存在",
+  "USER_REGISTERED": "用户已注册",
+  "TOKEN_EXPIRED": "密钥已过期",
+  "TWO_FACTOR_AUTH_ERROR_DETAIL": "二步验证失败",
+  "[{{name | safe}}] Registration Confirm Mail": "【{{name | safe}}】注册确认邮件",
+  "Please click <a href=\"{{url}}\">{{url}}<a/> to confirm registration, the link is valid for 1 hour. If you are not registering, please ignore this email.": "请点击 <a href=\"{{url}}\">{{url}}</a> 确认注册，链接有效时间为 1 个小时。如果不是你在注册，请忽略这封邮件。",
+  "[{{name | safe}}] Reset Password": "【{{name | safe}}】重置密码",
+  "Please click <a href=\"{{url}}\">{{url}}</a> to login and change your password as soon as possible!": "请尽快点击链接 <a href=\"{{url}}\">{{url}}</a> 登录并修改你的密码！",
+  "Duplicate Content": "发送的内容之前已经发过",
+  "Comment too fast": "评论太快啦，请慢点！",
+  "Registration confirm mail send failed, please {%- if isAdmin -%}check your mail configuration{%- else -%}check your email address and contact administrator{%- endif -%}.": "注册确认邮件发送失败，请{%- if isAdmin -%}检查一下网站的邮件相关配置{% else %}确认你的邮箱输入无误并联系管理员{%- endif -%}。",
+  "MAIL_SUBJECT": "{{parent.nick | safe}}，『{{site.name | safe}}』上的评论收到了回复",
+  "MAIL_TEMPLATE": "<div style='border-top:2px solid #12ADDB;box-shadow:0 1px 3px #AAAAAA;line-height:180%;padding:0 15px 12px;margin:50px auto;font-size:12px;'> <h2 style='border-bottom:1px solid #DDD;font-size:14px;font-weight:normal;padding:13px 0 10px 8px;'> 您在<a style='text-decoration:none;color: #12ADDB;' href='{{site.url}}' target='_blank'>{{site.name}}</a>上的评论有了新的回复 </h2>{{parent.nick}}同学，您曾发表评论： <div style='padding:0 12px 0 12px;margin-top:18px'> <div style='background-color: #f5f5f5;padding: 10px 15px;margin:18px 0;word-wrap:break-word;'>{{parent.comment | safe}}</div><p><strong>{{self.nick}}</strong>回复说：</p><div style='background-color: #f5f5f5;padding: 10px 15px;margin:18px 0;word-wrap:break-word;'>{{self.comment | safe}}</div><p>您可以点击<a style='text-decoration:none; color:#12addb' href='{{site.postUrl}}' target='_blank'>查看回复的完整內容</a>，欢迎再次光临<a style='text-decoration:none; color:#12addb' href='{{site.url}}' target='_blank'>{{site.name}}</a>。</p><br/> </div></div>",
+  "MAIL_SUBJECT_ADMIN": "{{site.name | safe}} 上有新评论了",
+  "MAIL_TEMPLATE_ADMIN": "<div style='border-top:2px solid #12ADDB;box-shadow:0 1px 3px #AAAAAA;line-height:180%;padding:0 15px 12px;margin:50px auto;font-size:12px;'> <h2 style='border-bottom:1px solid #DDD;font-size:14px;font-weight:normal;padding:13px 0 10px 8px;'> 您在<a style='text-decoration:none;color: #12ADDB;' href='{{site.url}}' target='_blank'>{{site.name}}</a>上的文章有了新的评论 </h2> <p><strong>{{self.nick}}</strong>回复说：</p><div style='background-color: #f5f5f5;padding: 10px 15px;margin:18px 0;word-wrap:break-word;'>{{self.comment | safe}}</div><p>您可以点击<a style='text-decoration:none; color:#12addb' href='{{site.postUrl}}' target='_blank'>查看回复的完整內容</a></p><br/> </div>"
+}

package/dist/src/locales/zh-TW.json

@@ -0,0 +1,19 @@
+{
+  "import data format not support!": "文件格式不支持",
+  "USER_EXIST": "用戶已存在",
+  "USER_NOT_EXIST": "用戶不存在",
+  "USER_REGISTERED": "用戶已註冊",
+  "TOKEN_EXPIRED": "密鑰已過期",
+  "TWO_FACTOR_AUTH_ERROR_DETAIL": "二步驗證失敗",
+  "[{{name | safe}}] Registration Confirm Mail": "『{{name | safe}}』註冊確認郵件",
+  "Please click <a href=\"{{url}}\">{{url}}<a/> to confirm registration, the link is valid for 1 hour. If you are not registering, please ignore this email.": "請點擊 <a href=\"{{url}}\">{{url}}</a> 確認註冊，鏈接有效時間為 1 個小時。如果不是你在註冊，請忽略這封郵件。",
+  "[{{name | safe}}] Reset Password": "『{{name | safe}}』重置密碼",
+  "Please click <a href=\"{{url}}\">{{url}}</a> to login and change your password as soon as possible!": "請盡快點擊鏈接 <a href=\"{{url}}\">{{url}}</a> 登錄並修改你的密碼！",
+  "Duplicate Content": "發送的內容之前已經發過",
+  "Comment too fast": "評論太快啦，請慢點！",
+  "Registration confirm mail send failed, please {%- if isAdmin -%}check your mail configuration{%- else -%}check your email address and contact administrator{%- endif -%}.": "註冊確認郵件發送失敗，{%- if isAdmin -%}檢查一下網站的郵件相關配置{% else %}確認你的郵箱輸入無誤後聯繫管理員{%- endif -%}。",
+  "MAIL_SUBJECT": "{{parent.nick | safe}}，『{{site.name | safe}}』上的評論收到回復",
+  "MAIL_TEMPLATE": "<div style='border-top:2px solid #12ADDB;box-shadow:0 1px 3px #AAAAAA;line-height:180%;padding:0 15px 12px;margin:50px auto;font-size:12px;'> <h2 style='border-bottom:1px solid #DDD;font-size:14px;font-weight:normal;padding:13px 0 10px 8px;'> 您在<a style='text-decoration:none;color: #12ADDB;' href='{{site.url}}' target='_blank'>{{site.name}}</a>上的品論有新的回復 </h2>{{parent.nick}}同學，您層發表評論： <div style='padding:0 12px 0 12px;margin-top:18px'> <div style='background-color: #f5f5f5;padding: 10px 15px;margin:18px 0;word-wrap:break-word;'>{{parent.comment | safe}}</div><p><strong>{{self.nick}}</strong>回復說：</p><div style='background-color: #f5f5f5;padding: 10px 15px;margin:18px 0;word-wrap:break-word;'>{{self.comment | safe}}</div><p>您可以點擊<a style='text-decoration:none; color:#12addb' href='{{site.postUrl}}' target='_blank'>查看回復的完整內容</a>，歡迎再次光臨<a style='text-decoration:none; color:#12addb' href='{{site.url}}' target='_blank'>{{site.name}}</a>。</p><br/> </div></div>",
+  "MAIL_SUBJECT_ADMIN": "{{site.name | safe}} 上有新評論了",
+  "MAIL_TEMPLATE_ADMIN": "<div style='border-top:2px solid #12ADDB;box-shadow:0 1px 3px #AAAAAA;line-height:180%;padding:0 15px 12px;margin:50px auto;font-size:12px;'> <h2 style='border-bottom:1px solid #DDD;font-size:14px;font-weight:normal;padding:13px 0 10px 8px;'> 您在<a style='text-decoration:none;color: #12ADDB;' href='{{site.url}}' target='_blank'>{{site.name}}</a>上的文章有新評論了 </h2> <p><strong>{{self.nick}}</strong>回復說：</p><div style='background-color: #f5f5f5;padding: 10px 15px;margin:18px 0;word-wrap:break-word;'>{{self.comment | safe}}</div><p>您可以點擊<a style='text-decoration:none; color:#12addb' href='{{site.postUrl}}' target='_blank'>查看回復的完整內容</a></p><br/> </div>"
+}

package/dist/src/logic/article.js

@@ -0,0 +1,27 @@
+const Base = require('./base');
+
+module.exports = class extends Base {
+  getAction() {
+    this.rules = {
+      path: { array: true },
+      type: { array: true, default: ['time'] },
+    };
+  }
+
+  postAction() {
+    this.rules = {
+      path: {
+        string: true,
+      },
+      type: {
+        string: true,
+        default: 'time',
+      },
+      action: {
+        string: true,
+        in: ['inc', 'desc'],
+        default: 'inc',
+      },
+    };
+  }
+};