@waline/vercel 1.33.0 → 1.34.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +4 -4
- package/src/config/middleware.js +3 -0
- package/src/controller/user.js +1 -1
- package/src/logic/base.js +10 -11
- package/src/middleware/dashboard.js +1 -0
- package/src/middleware/fetch-oauth-service.js +16 -0
- package/src/service/notify.js +2 -2
- package/src/service/storage/github.js +1 -0
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@waline/vercel",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.34.0",
|
|
4
4
|
"description": "vercel server for waline comment system",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"waline",
|
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
"dev": "node development.js 9090"
|
|
19
19
|
},
|
|
20
20
|
"dependencies": {
|
|
21
|
-
"@cloudbase/node-sdk": "^3.14.
|
|
21
|
+
"@cloudbase/node-sdk": "^3.14.2",
|
|
22
22
|
"@koa/cors": "^5.0.0",
|
|
23
23
|
"@mdit/plugin-katex": "0.23.4-cjs.0",
|
|
24
24
|
"@mdit/plugin-mathjax": "0.23.4-cjs.0",
|
|
@@ -29,7 +29,7 @@
|
|
|
29
29
|
"dompurify": "^3.3.0",
|
|
30
30
|
"dy-node-ip2region": "^1.0.1",
|
|
31
31
|
"fast-csv": "^5.0.5",
|
|
32
|
-
"form-data": "^4.0.
|
|
32
|
+
"form-data": "^4.0.5",
|
|
33
33
|
"jsdom": "^19.0.0",
|
|
34
34
|
"jsonwebtoken": "^9.0.2",
|
|
35
35
|
"koa-compose": "^4.1.0",
|
|
@@ -37,7 +37,7 @@
|
|
|
37
37
|
"markdown-it": "^14.1.0",
|
|
38
38
|
"markdown-it-emoji": "^3.0.0",
|
|
39
39
|
"mathjax-full": "^3.2.2",
|
|
40
|
-
"nodemailer": "^7.0.
|
|
40
|
+
"nodemailer": "^7.0.11",
|
|
41
41
|
"nunjucks": "^3.2.4",
|
|
42
42
|
"phpass": "^0.1.1",
|
|
43
43
|
"prismjs": "^1.30.0",
|
package/src/config/middleware.js
CHANGED
|
@@ -10,6 +10,9 @@ const isAliyunFC =
|
|
|
10
10
|
think.env === 'aliyun-fc' || Boolean(process.env.FC_RUNTIME_VERSION);
|
|
11
11
|
|
|
12
12
|
module.exports = [
|
|
13
|
+
{
|
|
14
|
+
handle: 'fetch-oauth-service',
|
|
15
|
+
},
|
|
13
16
|
{
|
|
14
17
|
handle: 'dashboard',
|
|
15
18
|
match: isNetlify ? new RegExp(`${netlifyFunctionPrefix}/ui`, 'i') : /^\/ui/,
|
package/src/controller/user.js
CHANGED
|
@@ -159,7 +159,7 @@ module.exports = class extends BaseRest {
|
|
|
159
159
|
updateData['2fa'] = twoFactorAuth;
|
|
160
160
|
}
|
|
161
161
|
|
|
162
|
-
const socials =
|
|
162
|
+
const socials = this.ctx.state.oauthServices.map(({ name }) => name);
|
|
163
163
|
|
|
164
164
|
socials.forEach((social) => {
|
|
165
165
|
const nextSocial = this.post(social);
|
package/src/logic/base.js
CHANGED
|
@@ -32,14 +32,18 @@ module.exports = class extends think.Logic {
|
|
|
32
32
|
secureDomains = think.isArray(secureDomains)
|
|
33
33
|
? secureDomains
|
|
34
34
|
: [secureDomains];
|
|
35
|
+
|
|
35
36
|
secureDomains.push(
|
|
36
37
|
'localhost',
|
|
37
38
|
'127.0.0.1',
|
|
38
|
-
'github.com',
|
|
39
|
-
'api.twitter.com',
|
|
40
|
-
'www.facebook.com',
|
|
41
|
-
'api.weibo.com',
|
|
42
|
-
'graph.qq.com',
|
|
39
|
+
// 'github.com',
|
|
40
|
+
// 'api.twitter.com',
|
|
41
|
+
// 'www.facebook.com',
|
|
42
|
+
// 'api.weibo.com',
|
|
43
|
+
// 'graph.qq.com',
|
|
44
|
+
);
|
|
45
|
+
secureDomains = secureDomains.concat(
|
|
46
|
+
this.ctx.state.oauthServices.map(({ origin }) => origin),
|
|
43
47
|
);
|
|
44
48
|
|
|
45
49
|
// 转换可能的正则表达式字符串为正则表达式对象
|
|
@@ -110,15 +114,10 @@ module.exports = class extends think.Logic {
|
|
|
110
114
|
'url',
|
|
111
115
|
'display_name',
|
|
112
116
|
'type',
|
|
113
|
-
'github',
|
|
114
|
-
'twitter',
|
|
115
|
-
'facebook',
|
|
116
|
-
'google',
|
|
117
|
-
'weibo',
|
|
118
|
-
'qq',
|
|
119
117
|
'avatar',
|
|
120
118
|
'2fa',
|
|
121
119
|
'label',
|
|
120
|
+
...this.ctx.state.oauthServices.map(({ name }) => name),
|
|
122
121
|
],
|
|
123
122
|
},
|
|
124
123
|
);
|
|
@@ -14,6 +14,7 @@ module.exports = function () {
|
|
|
14
14
|
window.SITE_NAME = ${JSON.stringify(process.env.SITE_NAME)};
|
|
15
15
|
window.recaptchaV3Key = ${JSON.stringify(process.env.RECAPTCHA_V3_KEY)};
|
|
16
16
|
window.turnstileKey = ${JSON.stringify(process.env.TURNSTILE_KEY)};
|
|
17
|
+
window.oauthServices = ${JSON.stringify(ctx.state.oauthServices || [])};
|
|
17
18
|
window.serverURL = '${ctx.serverURL}/api/';
|
|
18
19
|
</script>
|
|
19
20
|
<script src="${
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
module.exports = () => async (ctx, next) => {
|
|
2
|
+
const { oauthUrl } = think.config();
|
|
3
|
+
const oauthResp = await fetch(oauthUrl, {
|
|
4
|
+
method: 'GET',
|
|
5
|
+
headers: {
|
|
6
|
+
'user-agent': '@waline',
|
|
7
|
+
},
|
|
8
|
+
}).then((resp) => resp.json());
|
|
9
|
+
|
|
10
|
+
if (!oauthResp || !Array.isArray(oauthResp.services)) {
|
|
11
|
+
ctx.throw(502);
|
|
12
|
+
}
|
|
13
|
+
ctx.state.oauthServices = oauthResp.services || [];
|
|
14
|
+
|
|
15
|
+
next();
|
|
16
|
+
};
|
package/src/service/notify.js
CHANGED
|
@@ -532,8 +532,8 @@ module.exports = class extends think.Service {
|
|
|
532
532
|
}
|
|
533
533
|
}
|
|
534
534
|
|
|
535
|
-
const disallowList =
|
|
536
|
-
(
|
|
535
|
+
const disallowList = this.ctx.state.oauthServices.map(
|
|
536
|
+
({ name }) => 'mail.' + name,
|
|
537
537
|
);
|
|
538
538
|
const fakeMail = new RegExp(`@(${disallowList.join('|')})$`, 'i');
|
|
539
539
|
|