@waline/vercel 1.35.0 → 1.36.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@waline/vercel",
-  "version": "1.35.0",
+  "version": "1.36.0",
   "description": "vercel server for waline comment system",
   "keywords": [
     "waline",

package/src/controller/oauth.js

@@ -59,8 +59,10 @@ module.exports = class extends think.Controller {
 
     const userBySocial = await this.modelInstance.select({ [type]: user.id });
 
+    // when the social account has been linked, then redirect to this linked account profile page. It may be current account or another.
+    // If it's another account, user should unlink the social type in that account and then link it.
     if (!think.isEmpty(userBySocial)) {
-      const token = jwt.sign(userBySocial[0].email, this.config('jwtKey'));
+      const token = jwt.sign(userBySocial[0].objectId, this.config('jwtKey'));
 
       if (redirect) {
         return this.redirect(think.buildUrl(redirect, { token }));
@@ -69,12 +71,9 @@ module.exports = class extends think.Controller {
       return this.success();
     }
 
-    if (!user.email) {
-      user.email = `${user.id}@mail.${type}`;
-    }
-
     const current = this.ctx.state.userInfo;
 
+    // when login user link social type, then update data
     if (!think.isEmpty(current)) {
       const updateData = { [type]: user.id };
 
@@ -89,38 +88,29 @@ module.exports = class extends think.Controller {
       return this.redirect('/ui/profile');
     }
 
-    const userByEmail = await this.modelInstance.select({ email: user.email });
-
-    if (think.isEmpty(userByEmail)) {
-      const count = await this.modelInstance.count();
-      const data = {
-        display_name: user.name,
-        email: user.email,
-        url: user.url,
-        avatar: user.avatar,
-        [type]: user.id,
-        password: this.hashPassword(Math.random()),
-        type: think.isEmpty(count) ? 'administrator' : 'guest',
-      };
-
-      await this.modelInstance.add(data);
-    } else {
-      const updateData = { [type]: user.id };
-
-      if (!userByEmail.avatar && user.avatar) {
-        updateData.avatar = user.avatar;
-      }
-      await this.modelInstance.update(updateData, { email: user.email });
+    // when user has not login, then we create account by the social type!
+    const count = await this.modelInstance.count();
+    const data = {
+      display_name: user.name,
+      email: user.email,
+      url: user.url,
+      avatar: user.avatar,
+      [type]: user.id,
+      passowrd: this.hashPassword(Math.random()),
+      type: this.isEmpty(count) ? 'administrator' : 'guest',
+    };
+
+    await this.modelInstance.add(data);
+
+    if (!redirect) {
+      return this.success();
     }
 
-    const token = jwt.sign(user.email, this.config('jwtKey'));
-
-    if (redirect) {
-      return this.redirect(
-        redirect + (redirect.includes('?') ? '&' : '?') + 'token=' + token,
-      );
-    }
+    // and then generate token!
+    const token = jwt.sign(user.objectId, this.config('jwtKey'));
 
-    return this.success();
+    return this.redirect(
+      redirect + (redirect.includes('?') ? '&' : '?') + 'token=' + token,
+    );
   }
 };

package/src/controller/token.js

@@ -1,6 +1,5 @@
 const jwt = require('jsonwebtoken');
 const speakeasy = require('speakeasy');
-const helper = require('think-helper');
 
 const BaseRest = require('./rest.js');
 
@@ -60,7 +59,6 @@ module.exports = class extends BaseRest {
     return this.success({
       ...user[0],
       password: null,
-      mailMd5: helper.md5(user[0].email.toLowerCase()),
       token: jwt.sign(user[0].email, this.config('jwtKey')),
     });
   }

package/src/controller/user/password.js

@@ -27,7 +27,7 @@ module.exports = class extends BaseRest {
     }
 
     const notify = this.service('notify', this);
-    const token = jwt.sign(user[0].email, this.config('jwtKey'));
+    const token = jwt.sign(user[0].objectId, this.config('jwtKey'));
     const profileUrl = `${this.ctx.serverURL}/ui/profile?token=${token}`;
 
     await notify.transporter.sendMail({

package/src/controller/user.js

@@ -125,7 +125,8 @@ module.exports = class extends BaseRest {
   }
 
   async putAction() {
-    const { display_name, url, avatar, password, type, label } = this.post();
+    const { display_name, url, avatar, password, type, label, email } =
+      this.post();
     const { objectId } = this.ctx.state.userInfo;
     const twoFactorAuth = this.post('2fa');
 
@@ -139,6 +140,19 @@ module.exports = class extends BaseRest {
       updateData.label = label;
     }
 
+    if (email) {
+      const user = await this.modelInstance.select({
+        email,
+        objectId: ['!=', objectId],
+      });
+
+      if (!think.isEmpty(user)) {
+        return this.fail();
+      }
+
+      updateData.email = email;
+    }
+
     if (display_name) {
       updateData.display_name = display_name;
     }

package/src/logic/base.js

@@ -2,7 +2,6 @@ const path = require('node:path');
 const qs = require('node:querystring');
 
 const jwt = require('jsonwebtoken');
-const helper = require('think-helper');
 
 module.exports = class extends think.Logic {
   constructor(...args) {
@@ -93,20 +92,20 @@ module.exports = class extends think.Logic {
       return;
     }
     const token = state || authorization.replace(/^Bearer /, '');
-    let userMail = '';
+    let userId = '';
 
     try {
-      userMail = jwt.verify(token, think.config('jwtKey'));
+      userId = jwt.verify(token, think.config('jwtKey'));
     } catch (e) {
       think.logger.debug(e);
     }
 
-    if (think.isEmpty(userMail) || !think.isString(userMail)) {
+    if (think.isEmpty(userId) || !think.isString(userId)) {
       return;
     }
 
     const user = await this.modelInstance.select(
-      { email: userMail },
+      { objectId: userId },
       {
         field: [
           'id',
@@ -141,7 +140,6 @@ module.exports = class extends think.Logic {
       avatarUrl = avatarProxy + '?url=' + encodeURIComponent(avatarUrl);
     }
     userInfo.avatar = avatarUrl;
-    userInfo.mailMd5 = helper.md5(userInfo.email);
     this.ctx.state.userInfo = userInfo;
     this.ctx.state.token = token;
   }

package/src/logic/token.js

@@ -16,7 +16,6 @@ module.exports = class extends Base {
    * @apiSuccess  (200) {String}  data.display_name user nick name
    * @apiSuccess  (200) {String}  data.email user email address
    * @apiSuccess  (200) {String}  data.github user github account name
-   * @apiSuccess  (200) {String}  data.mailMd5 user mail md5
    * @apiSuccess  (200) {String}  data.objectId user id
    * @apiSuccess  (200) {String}  data.type user type, administrator or guest
    * @apiSuccess  (200) {String}  data.url user link

package/src/logic/user.js

@@ -93,6 +93,7 @@ module.exports = class extends Base {
    * @apiVersion  0.0.1
    *
    * @apiParam  {String}  [display_name]  user new nick name
+   * @apiParam  {String}  [email] user email
    * @apiParam  {String}  [url] user new link
    * @apiParam  {String}  [password] user new password
    * @apiParam  {String}  [github] user github account name
@@ -113,5 +114,12 @@ module.exports = class extends Base {
     if (this.id && userInfo.type !== 'administrator') {
       return this.fail();
     }
+
+    this.rules = {
+      email: {
+        require: false,
+        email: true,
+      },
+    };
   }
 };

package/src/service/notify.js

@@ -244,7 +244,7 @@ module.exports = class extends think.Service {
 
     return fetch(`${qmsgHost}/send/${QMSG_KEY}`, {
       method: 'POST',
-      header: form.getHeaders(),
+      headers: form.getHeaders(),
       body: form,
     }).then((resp) => resp.json());
   }
@@ -288,7 +288,7 @@ module.exports = class extends think.Service {
 \`\`\`
 {{-self.commentLink}}
 *邮箱：*\`{{self.mail}}\`
-*审核：*{{self.status}} 
+*审核：*{{self.status}}
 
 仅供评论预览，点击[查看完整內容]({{site.postUrl}})`;
 
@@ -306,18 +306,18 @@ module.exports = class extends think.Service {
       },
     };
 
-    const form = new FormData();
-
-    form.append('text', this.controller.locale(contentTG, data));
-    form.append('chat_id', TG_CHAT_ID);
-    form.append('parse_mode', 'MarkdownV2');
-
     const resp = await fetch(
       `https://api.telegram.org/bot${TG_BOT_TOKEN}/sendMessage`,
       {
         method: 'POST',
-        header: form.getHeaders(),
-        body: form,
+        headers: {
+          'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({
+          chat_id: TG_CHAT_ID,
+          text: this.controller.locale(contentTG, data),
+          parse_mode: 'MarkdownV2',
+        }),
       },
     ).then((resp) => resp.json());
 
@@ -367,7 +367,7 @@ module.exports = class extends think.Service {
 
     return fetch(`http://www.pushplus.plus/send/${PUSH_PLUS_KEY}`, {
       method: 'POST',
-      header: form.getHeaders(),
+      headers: form.getHeaders(),
       body: form,
     }).then((resp) => resp.json());
   }
@@ -406,7 +406,7 @@ module.exports = class extends think.Service {
 
     return fetch(DISCORD_WEBHOOK, {
       method: 'POST',
-      header: form.getHeaders(),
+      headers: form.getHeaders(),
       body: form,
     }).then((resp) => resp.statusText);
     // Expected return value: No Content