befly 2.3.3 → 3.0.1

package/utils/jwt.js

@@ -1,387 +0,0 @@
-import { createHmac } from 'crypto';
-import { Env } from '../config/env.js';
-
-/**
- * JWT 工具类
- * 提供JWT token的签名、验证和解码功能以及应用层的便捷接口
- */
-export class Jwt {
-    // 原基础工具：算法映射
-    static ALGORITHMS = {
-        HS256: 'sha256',
-        HS384: 'sha384',
-        HS512: 'sha512'
-    };
-
-    // 原基础工具：Base64 URL 编解码
-    static base64UrlEncode(input) {
-        const base64 = Buffer.isBuffer(input) ? input.toString('base64') : Buffer.from(input, 'utf8').toString('base64');
-        return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
-    }
-    static base64UrlDecode(str) {
-        const padding = 4 - (str.length % 4);
-        if (padding !== 4) str += '='.repeat(padding);
-        str = str.replace(/-/g, '+').replace(/_/g, '/');
-        return Buffer.from(str, 'base64').toString('utf8');
-    }
-
-    // 原基础工具：过期时间解析与签名/比较
-    static parseExpiration(expiresIn) {
-        if (typeof expiresIn === 'number') return expiresIn;
-        if (typeof expiresIn !== 'string') throw new Error('过期时间格式无效');
-        const numericValue = parseInt(expiresIn);
-        if (!isNaN(numericValue) && numericValue.toString() === expiresIn) return numericValue;
-        const match = expiresIn.match(/^(\d+)(ms|[smhdwy])$/);
-        if (!match) throw new Error('过期时间格式无效');
-        const value = parseInt(match[1]);
-        const unit = match[2];
-        if (unit === 'ms') return Math.floor(value / 1000);
-        const multipliers = { s: 1, m: 60, h: 3600, d: 86400, w: 604800, y: 31536000 };
-        return value * multipliers[unit];
-    }
-    static createSignature(algorithm, secret, data) {
-        const hashAlgorithm = this.ALGORITHMS[algorithm];
-        if (!hashAlgorithm) throw new Error(`不支持的算法: ${algorithm}`);
-        const hmac = createHmac(hashAlgorithm, secret);
-        hmac.update(data);
-        return this.base64UrlEncode(hmac.digest());
-    }
-    static constantTimeCompare(a, b) {
-        if (a.length !== b.length) return false;
-        let result = 0;
-        for (let i = 0; i < a.length; i++) {
-            result |= a.charCodeAt(i) ^ b.charCodeAt(i);
-        }
-        return result === 0;
-    }
-    /**
-     * 签名JWT token
-     * @param {object} payload - JWT载荷数据
-     * @param {object} options - 签名选项
-     * @returns {string} JWT token字符串
-     */
-    static sign(payload, options = {}) {
-        if (!payload || typeof payload !== 'object') {
-            throw new Error('载荷必须是非空对象');
-        }
-
-        const secret = options.secret || Env.JWT_SECRET;
-        const algorithm = options.algorithm || Env.JWT_ALGORITHM || 'HS256';
-
-        if (!secret) {
-            throw new Error('JWT密钥是必需的');
-        }
-        const now = Math.floor(Date.now() / 1000);
-
-        // 创建header
-        const header = Jwt.base64UrlEncode(
-            JSON.stringify({
-                alg: algorithm,
-                typ: 'JWT'
-            })
-        );
-
-        // 创建payload
-        const jwtPayload = { ...payload, iat: now };
-
-        if (options.expiresIn || Env.JWT_EXPIRES_IN) {
-            const expSeconds = Jwt.parseExpiration(options.expiresIn || Env.JWT_EXPIRES_IN);
-            jwtPayload.exp = now + expSeconds;
-        }
-        if (options.issuer) jwtPayload.iss = options.issuer;
-        if (options.audience) jwtPayload.aud = options.audience;
-        if (options.subject) jwtPayload.sub = options.subject;
-        if (options.notBefore) {
-            jwtPayload.nbf = typeof options.notBefore === 'number' ? options.notBefore : now + Jwt.parseExpiration(options.notBefore);
-        }
-        if (options.jwtId) jwtPayload.jti = options.jwtId;
-
-        const encodedPayload = Jwt.base64UrlEncode(JSON.stringify(jwtPayload));
-
-        // 创建签名
-        const data = `${header}.${encodedPayload}`;
-        const signature = Jwt.createSignature(algorithm, secret, data);
-
-        return `${data}.${signature}`;
-    }
-
-    /**
-     * 验证JWT token
-     * @param {string} token - JWT token字符串
-     * @param {object} options - 验证选项
-     * @returns {object} 解码后的载荷数据
-     */
-    static verify(token, options = {}) {
-        if (!token || typeof token !== 'string') {
-            throw new Error('Token必须是非空字符串');
-        }
-
-        const secret = options.secret || Env.JWT_SECRET;
-        if (!secret) {
-            throw new Error('JWT密钥是必需的');
-        }
-
-        const parts = token.split('.');
-        if (parts.length !== 3) {
-            throw new Error('JWT格式无效');
-        }
-
-        try {
-            // 解析header和payload
-            const header = JSON.parse(Jwt.base64UrlDecode(parts[0]));
-            const payload = JSON.parse(Jwt.base64UrlDecode(parts[1]));
-            const signature = parts[2];
-
-            // 验证算法
-            if (!Jwt.ALGORITHMS[header.alg]) {
-                throw new Error(`不支持的算法: ${header.alg}`);
-            }
-
-            // 验证签名
-            const data = `${parts[0]}.${parts[1]}`;
-            const expectedSignature = Jwt.createSignature(header.alg, secret, data);
-
-            if (!Jwt.constantTimeCompare(signature, expectedSignature)) {
-                throw new Error('Token签名无效');
-            }
-
-            // 验证时间
-            const now = Math.floor(Date.now() / 1000);
-
-            if (!options.ignoreExpiration && payload.exp && payload.exp < now) {
-                throw new Error('Token已过期');
-            }
-            if (!options.ignoreNotBefore && payload.nbf && payload.nbf > now) {
-                throw new Error('Token尚未生效');
-            }
-
-            // 验证issuer、audience、subject
-            if (options.issuer && payload.iss !== options.issuer) {
-                throw new Error('Token发行者无效');
-            }
-            if (options.audience) {
-                const audiences = Array.isArray(payload.aud) ? payload.aud : [payload.aud];
-                if (!audiences.includes(options.audience)) {
-                    throw new Error('Token受众无效');
-                }
-            }
-            if (options.subject && payload.sub !== options.subject) {
-                throw new Error('Token主题无效');
-            }
-
-            return payload;
-        } catch (error) {
-            if (error.message.includes('JWT') || error.message.includes('Token') || error.message.includes('无效') || error.message.includes('过期') || error.message.includes('不支持')) {
-                throw error;
-            }
-            throw new Error('Token验证失败: ' + error.message);
-        }
-    }
-
-    /**
-     * 解码JWT token (不验证签名)
-     * @param {string} token - JWT token字符串
-     * @param {boolean} complete - 是否返回完整信息(包含header)
-     * @returns {object} 解码后的内容
-     */
-    static decode(token, complete = false) {
-        if (!token || typeof token !== 'string') {
-            throw new Error('Token必须是非空字符串');
-        }
-
-        const parts = token.split('.');
-        if (parts.length !== 3) {
-            throw new Error('JWT格式无效');
-        }
-
-        try {
-            const header = JSON.parse(Jwt.base64UrlDecode(parts[0]));
-            const payload = JSON.parse(Jwt.base64UrlDecode(parts[1]));
-
-            return complete ? { header, payload, signature: parts[2] } : payload;
-        } catch (error) {
-            throw new Error('JWT解码失败: ' + error.message);
-        }
-    }
-
-    /**
-     * 获取token剩余有效时间
-     * @param {string} token - JWT token字符串
-     * @returns {number} 剩余秒数，-1表示已过期或无过期时间
-     */
-    static getTimeToExpiry(token) {
-        try {
-            const payload = this.decode(token);
-            if (!payload.exp) return -1;
-            const remaining = payload.exp - Math.floor(Date.now() / 1000);
-            return remaining > 0 ? remaining : -1;
-        } catch {
-            return -1;
-        }
-    }
-
-    /**
-     * 检查token是否已过期
-     * @param {string} token - JWT token字符串
-     * @returns {boolean} 是否已过期
-     */
-    static isExpired(token) {
-        return this.getTimeToExpiry(token) <= 0;
-    }
-
-    // 以下是应用层的便捷方法
-
-    /**
-     * 签名用户认证token
-     * @param {object} userInfo - 用户信息对象
-     * @param {object} options - 签名选项
-     * @returns {string} JWT token字符串
-     */
-    static signUserToken(userInfo, options = {}) {
-        return this.sign(userInfo, options);
-    }
-
-    /**
-     * 签名API访问token
-     * @param {object} payload - 载荷数据
-     * @param {object} options - 签名选项
-     * @returns {string} API token字符串
-     */
-    static signAPIToken(payload, options = {}) {
-        return this.sign(payload, { audience: 'api', expiresIn: '1h', ...options });
-    }
-
-    /**
-     * 签名刷新token
-     * @param {object} payload - 载荷数据
-     * @param {object} options - 签名选项
-     * @returns {string} 刷新token字符串
-     */
-    static signRefreshToken(payload, options = {}) {
-        return this.sign(payload, { audience: 'refresh', expiresIn: '30d', ...options });
-    }
-
-    /**
-     * 签名临时token (用于重置密码等)
-     * @param {object} payload - 载荷数据
-     * @param {object} options - 签名选项
-     * @returns {string} 临时token字符串
-     */
-    static signTempToken(payload, options = {}) {
-        return this.sign(payload, { audience: 'temporary', expiresIn: '15m', ...options });
-    }
-
-    /**
-     * 验证用户认证token
-     * @param {string} token - JWT token字符串
-     * @param {object} options - 验证选项
-     * @returns {object} 用户信息对象
-     */
-    static verifyUserToken(token, options = {}) {
-        return this.verify(token, options);
-    }
-
-    /**
-     * 验证API访问token
-     * @param {string} token - API token字符串
-     * @param {object} options - 验证选项
-     * @returns {object} 解码后的载荷数据
-     */
-    static verifyAPIToken(token, options = {}) {
-        return this.verify(token, { audience: 'api', ...options });
-    }
-
-    /**
-     * 验证刷新token
-     * @param {string} token - 刷新token字符串
-     * @param {object} options - 验证选项
-     * @returns {object} 解码后的载荷数据
-     */
-    static verifyRefreshToken(token, options = {}) {
-        return this.verify(token, { audience: 'refresh', ...options });
-    }
-
-    /**
-     * 验证临时token
-     * @param {string} token - 临时token字符串
-     * @param {object} options - 验证选项
-     * @returns {object} 解码后的载荷数据
-     */
-    static verifyTempToken(token, options = {}) {
-        return this.verify(token, { audience: 'temporary', ...options });
-    }
-
-    /**
-     * 验证token并检查权限
-     * @param {string} token - JWT token字符串
-     * @param {string|Array<string>} requiredPermissions - 需要的权限列表
-     * @param {object} options - 验证选项
-     * @returns {object} 解码后的载荷数据
-     */
-    static verifyWithPermissions(token, requiredPermissions, options = {}) {
-        const payload = this.verify(token, options);
-
-        if (!payload.permissions) {
-            throw new Error('Token中不包含权限信息');
-        }
-
-        const permissions = Array.isArray(requiredPermissions) ? requiredPermissions : [requiredPermissions];
-
-        const hasPermission = permissions.every((permission) => payload.permissions.includes(permission));
-
-        if (!hasPermission) {
-            throw new Error('权限不足');
-        }
-
-        return payload;
-    }
-
-    /**
-     * 验证token并检查角色
-     * @param {string} token - JWT token字符串
-     * @param {string|Array<string>} requiredRoles - 需要的角色列表
-     * @param {object} options - 验证选项
-     * @returns {object} 解码后的载荷数据
-     */
-    static verifyWithRoles(token, requiredRoles, options = {}) {
-        const payload = this.verify(token, options);
-
-        if (!payload.role && !payload.roles) {
-            throw new Error('Token中不包含角色信息');
-        }
-
-        const userRoles = payload.roles || [payload.role];
-        const roles = Array.isArray(requiredRoles) ? requiredRoles : [requiredRoles];
-
-        const hasRole = roles.some((role) => userRoles.includes(role));
-
-        if (!hasRole) {
-            throw new Error('角色权限不足');
-        }
-
-        return payload;
-    }
-
-    /**
-     * 软验证token (忽略过期时间)
-     * @param {string} token - JWT token字符串
-     * @param {object} options - 验证选项
-     * @returns {object} 解码后的载荷数据
-     */
-    static verifySoft(token, options = {}) {
-        return this.verify(token, { ignoreExpiration: true, ...options });
-    }
-
-    /**
-     * 检查token是否即将过期
-     * @param {string} token - JWT token字符串
-     * @param {number} thresholdSeconds - 过期阈值(秒)，默认300秒(5分钟)
-     * @returns {boolean} 是否即将过期
-     */
-    static isNearExpiry(token, thresholdSeconds = 300) {
-        const timeToExpiry = this.getTimeToExpiry(token);
-        return timeToExpiry > 0 && timeToExpiry <= thresholdSeconds;
-    }
-}
-
-// 已使用 `export class Jwt` 具名导出

package/utils/logger.js

@@ -1,143 +0,0 @@
-import path from 'path';
-import { appendFile, stat } from 'node:fs/promises';
-import { formatDate } from './index.js';
-import { Env } from '../config/env.js';
-
-export class Logger {
-    // 静态属性
-    static level = Env.LOG_LEVEL || 'info';
-    static levels = {
-        error: 0,
-        warn: 1,
-        info: 2,
-        debug: 3
-    };
-    static logDir = Env.LOG_DIR || 'logs';
-    static maxFileSize = Env.LOG_MAX_SIZE || 50 * 1024 * 1024; // 50MB
-    static currentFiles = new Map(); // key: prefix, value: filepath
-
-    static formatMessage(level, message) {
-        const timestamp = formatDate();
-        const levelStr = level.toUpperCase().padStart(5);
-
-        let msg = `[${timestamp}] ${levelStr} - `;
-
-        if (Object.keys(message).length > 0) {
-            msg += `${JSON.stringify(message).replace(/\s+/g, ' ').replace(/\\"/g, '"').replace(/\\n/g, ' ')}`;
-        }
-
-        return msg;
-    }
-
-    static async log(level, message) {
-        // 内联 shouldLog 逻辑，检查日志级别
-        if (this.levels[level] > this.levels[this.level]) return;
-
-        const formattedMessage = this.formatMessage(level, message);
-
-        // 控制台输出
-        if (Env.LOG_TO_CONSOLE === 1) {
-            console.log(formattedMessage);
-        }
-
-        await this.writeToFile(formattedMessage, level);
-    }
-
-    static async writeToFile(message, level = 'info') {
-        try {
-            let prefix;
-
-            // debug 日志使用单独的文件名
-            if (level === 'debug') {
-                prefix = 'debug';
-            } else {
-                prefix = new Date().toISOString().split('T')[0];
-            }
-
-            // 检查缓存的当前文件是否仍然可用
-            let currentLogFile = this.currentFiles.get(prefix);
-
-            if (currentLogFile) {
-                try {
-                    const stats = await stat(currentLogFile);
-                    // 如果文件超过最大大小，清除缓存
-                    if (stats.size >= this.maxFileSize) {
-                        this.currentFiles.delete(prefix);
-                        currentLogFile = null;
-                    }
-                } catch (error) {
-                    // 文件不存在或无法访问，清除缓存
-                    this.currentFiles.delete(prefix);
-                    currentLogFile = null;
-                }
-            }
-
-            // 如果没有缓存的文件或文件已满，查找合适的文件
-            if (!currentLogFile) {
-                currentLogFile = await this.findAvailableLogFile(prefix);
-                this.currentFiles.set(prefix, currentLogFile);
-            }
-
-            // 使用 Node.js 的 appendFile 进行文件追加
-            await appendFile(currentLogFile, message + '\n', 'utf8');
-        } catch (error) {
-            console.error('写入日志文件失败:', error.message);
-        }
-    }
-
-    static async findAvailableLogFile(prefix) {
-        const glob = new Bun.Glob(`${prefix}.*.log`);
-        const files = await Array.fromAsync(glob.scan(this.logDir));
-
-        // 按文件名排序
-        files.sort((a, b) => {
-            const aNum = parseInt(a.match(/\.(\d+)\.log$/)?.[1] || '0');
-            const bNum = parseInt(b.match(/\.(\d+)\.log$/)?.[1] || '0');
-            return aNum - bNum;
-        });
-
-        // 从最后一个文件开始检查
-        for (let i = files.length - 1; i >= 0; i--) {
-            const filePath = path.join(this.logDir, files[i]);
-            try {
-                const stats = await stat(filePath);
-                if (stats.size < this.maxFileSize) {
-                    return filePath;
-                }
-            } catch (error) {
-                // 文件不存在或无法访问，跳过
-                continue;
-            }
-        }
-
-        // 所有文件都已满或没有文件，创建新文件
-        const nextIndex = files.length > 0 ? Math.max(...files.map((f) => parseInt(f.match(/\.(\d+)\.log$/)?.[1] || '0'))) + 1 : 0;
-
-        return path.join(this.logDir, `${prefix}.${nextIndex}.log`);
-    }
-
-    // 静态便捷方法
-    static async error(message) {
-        await this.log('error', message);
-    }
-
-    static async warn(message) {
-        await this.log('warn', message);
-    }
-
-    static async info(message) {
-        await this.log('info', message);
-    }
-
-    static async debug(message) {
-        // debug 级别必须记录，忽略级别检查
-        const formattedMessage = this.formatMessage('debug', message);
-
-        // 控制台输出
-        if (Env.LOG_TO_CONSOLE === 1) {
-            console.log(formattedMessage);
-        }
-
-        await this.writeToFile(formattedMessage, 'debug');
-    }
-}

package/utils/redisHelper.js

@@ -1,74 +0,0 @@
-import { redis as bunRedis } from 'bun';
-import { Env } from '../config/env.js';
-import { Logger } from './logger.js';
-
-const prefix = Env.REDIS_KEY_PREFIX ? `${Env.REDIS_KEY_PREFIX}:` : '';
-
-let redisClient = bunRedis;
-export const setRedisClient = (client) => {
-    redisClient = client || bunRedis;
-};
-export const getRedisClient = () => redisClient;
-
-export const RedisHelper = {
-    async setObject(key, obj, ttl = null) {
-        try {
-            const data = JSON.stringify(obj);
-            const pkey = `${prefix}${key}`;
-            if (ttl) {
-                return await redisClient.setEx(pkey, ttl, data);
-            }
-            return await redisClient.set(pkey, data);
-        } catch (error) {
-            Logger.error({
-                msg: 'Redis setObject 错误',
-                message: error.message,
-                stack: error.stack
-            });
-        }
-    },
-
-    async getObject(key) {
-        try {
-            const pkey = `${prefix}${key}`;
-            const data = await redisClient.get(pkey);
-            return data ? JSON.parse(data) : null;
-        } catch (error) {
-            Logger.error({
-                msg: 'Redis getObject 错误',
-                message: error.message,
-                stack: error.stack
-            });
-            return null;
-        }
-    },
-
-    async delObject(key) {
-        try {
-            const pkey = `${prefix}${key}`;
-            await redisClient.del(pkey);
-        } catch (error) {
-            Logger.error({
-                msg: 'Redis delObject 错误',
-                message: error.message,
-                stack: error.stack
-            });
-        }
-    },
-
-    async genTimeID() {
-        const timestamp = Math.floor(Date.now() / 1000);
-        const key = `${prefix}time_id_counter:${timestamp}`;
-
-        const counter = await redisClient.incr(key);
-        await redisClient.expire(key, 2);
-
-        const counterPrefix = (counter % 1000).toString().padStart(3, '0');
-        const randomSuffix = Math.floor(Math.random() * 1000)
-            .toString()
-            .padStart(3, '0');
-        const suffix = `${counterPrefix}${randomSuffix}`;
-
-        return Number(`${timestamp}${suffix}`);
-    }
-};