npm - befly - Versions diffs - 3.9.38 → 3.9.40 - Mend

befly 3.9.38 → 3.9.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (155) hide show

package/README.md +37 -38
package/befly.config.ts +62 -40
package/checks/checkApi.ts +16 -16
package/checks/checkApp.ts +19 -25
package/checks/checkTable.ts +42 -42
package/docs/README.md +42 -35
package/docs/{api.md → api/api.md} +223 -231
package/docs/cipher.md +71 -69
package/docs/database.md +143 -141
package/docs/{examples.md → guide/examples.md} +181 -181
package/docs/guide/quickstart.md +331 -0
package/docs/hooks/auth.md +38 -0
package/docs/hooks/cors.md +28 -0
package/docs/{hook.md → hooks/hook.md} +140 -57
package/docs/hooks/parser.md +19 -0
package/docs/hooks/rateLimit.md +47 -0
package/docs/{redis.md → infra/redis.md} +84 -93
package/docs/plugins/cipher.md +61 -0
package/docs/plugins/database.md +128 -0
package/docs/{plugin.md → plugins/plugin.md} +83 -81
package/docs/quickstart.md +26 -26
package/docs/{addon.md → reference/addon.md} +46 -46
package/docs/{config.md → reference/config.md} +32 -80
package/docs/{logger.md → reference/logger.md} +52 -52
package/docs/{sync.md → reference/sync.md} +32 -35
package/docs/{table.md → reference/table.md} +1 -1
package/docs/{validator.md → reference/validator.md} +57 -57
package/hooks/auth.ts +8 -4
package/hooks/cors.ts +13 -13
package/hooks/parser.ts +37 -17
package/hooks/permission.ts +26 -14
package/hooks/rateLimit.ts +276 -0
package/hooks/validator.ts +8 -8
package/lib/asyncContext.ts +43 -0
package/lib/cacheHelper.ts +212 -77
package/lib/cacheKeys.ts +38 -0
package/lib/cipher.ts +30 -30
package/lib/connect.ts +28 -28
package/lib/dbHelper.ts +183 -102
package/lib/jwt.ts +16 -16
package/lib/logger.ts +610 -19
package/lib/redisHelper.ts +185 -44
package/lib/sqlBuilder.ts +90 -91
package/lib/validator.ts +59 -39
package/loader/loadApis.ts +48 -44
package/loader/loadHooks.ts +40 -14
package/loader/loadPlugins.ts +16 -17
package/main.ts +57 -47
package/package.json +47 -45
package/paths.ts +15 -14
package/plugins/cache.ts +5 -4
package/plugins/cipher.ts +3 -3
package/plugins/config.ts +2 -2
package/plugins/db.ts +9 -9
package/plugins/jwt.ts +3 -3
package/plugins/logger.ts +8 -12
package/plugins/redis.ts +8 -8
package/plugins/tool.ts +6 -6
package/router/api.ts +85 -56
package/router/static.ts +12 -12
package/sync/syncAll.ts +12 -12
package/sync/syncApi.ts +55 -52
package/sync/syncDb/apply.ts +20 -19
package/sync/syncDb/constants.ts +25 -23
package/sync/syncDb/ddl.ts +35 -36
package/sync/syncDb/helpers.ts +6 -9
package/sync/syncDb/schema.ts +10 -9
package/sync/syncDb/sqlite.ts +7 -8
package/sync/syncDb/table.ts +37 -35
package/sync/syncDb/tableCreate.ts +21 -20
package/sync/syncDb/types.ts +23 -20
package/sync/syncDb/version.ts +10 -10
package/sync/syncDb.ts +43 -36
package/sync/syncDev.ts +74 -65
package/sync/syncMenu.ts +190 -55
package/tests/api-integration-array-number.test.ts +282 -0
package/tests/befly-config-env.test.ts +78 -0
package/tests/cacheHelper.test.ts +135 -104
package/tests/cacheKeys.test.ts +41 -0
package/tests/cipher.test.ts +90 -89
package/tests/dbHelper-advanced.test.ts +140 -134
package/tests/dbHelper-all-array-types.test.ts +316 -0
package/tests/dbHelper-array-serialization.test.ts +258 -0
package/tests/dbHelper-columns.test.ts +56 -55
package/tests/dbHelper-execute.test.ts +45 -44
package/tests/dbHelper-joins.test.ts +124 -119
package/tests/fields-redis-cache.test.ts +29 -27
package/tests/fields-validate.test.ts +38 -38
package/tests/getClientIp.test.ts +54 -0
package/tests/integration.test.ts +69 -67
package/tests/jwt.test.ts +27 -26
package/tests/logger.test.ts +267 -34
package/tests/rateLimit-hook.test.ts +477 -0
package/tests/redisHelper.test.ts +187 -188
package/tests/redisKeys.test.ts +6 -73
package/tests/scanConfig.test.ts +144 -0
package/tests/sqlBuilder-advanced.test.ts +217 -215
package/tests/sqlBuilder.test.ts +92 -91
package/tests/sync-connection.test.ts +29 -29
package/tests/syncDb-apply.test.ts +97 -96
package/tests/syncDb-array-number.test.ts +160 -0
package/tests/syncDb-constants.test.ts +48 -47
package/tests/syncDb-ddl.test.ts +99 -98
package/tests/syncDb-helpers.test.ts +29 -28
package/tests/syncDb-schema.test.ts +61 -60
package/tests/syncDb-types.test.ts +60 -59
package/tests/syncMenu-paths.test.ts +68 -0
package/tests/util.test.ts +42 -41
package/tests/validator-array-number.test.ts +310 -0
package/tests/validator-default.test.ts +373 -0
package/tests/validator.test.ts +271 -266
package/tsconfig.json +4 -5
package/types/api.d.ts +7 -12
package/types/befly.d.ts +60 -13
package/types/cache.d.ts +8 -4
package/types/common.d.ts +17 -9
package/types/context.d.ts +2 -2
package/types/crypto.d.ts +23 -0
package/types/database.d.ts +19 -19
package/types/hook.d.ts +2 -2
package/types/jwt.d.ts +118 -0
package/types/logger.d.ts +30 -0
package/types/plugin.d.ts +4 -4
package/types/redis.d.ts +7 -3
package/types/roleApisCache.ts +23 -0
package/types/sync.d.ts +10 -10
package/types/table.d.ts +50 -9
package/types/validate.d.ts +69 -0
package/utils/addonHelper.ts +90 -0
package/utils/arrayKeysToCamel.ts +18 -0
package/utils/calcPerfTime.ts +13 -0
package/utils/configTypes.ts +3 -0
package/utils/cors.ts +19 -0
package/utils/fieldClear.ts +75 -0
package/utils/genShortId.ts +12 -0
package/utils/getClientIp.ts +45 -0
package/utils/keysToCamel.ts +22 -0
package/utils/keysToSnake.ts +22 -0
package/utils/modules.ts +98 -0
package/utils/pickFields.ts +19 -0
package/utils/process.ts +56 -0
package/utils/regex.ts +225 -0
package/utils/response.ts +115 -0
package/utils/route.ts +23 -0
package/utils/scanConfig.ts +142 -0
package/utils/scanFiles.ts +48 -0
package/.prettierignore +0 -2
package/.prettierrc +0 -12
package/docs/1-/345/237/272/346/234/254/344/273/213/347/273/215.md +0 -35
package/docs/2-/345/210/235/346/255/245/344/275/223/351/252/214.md +0 -64
package/docs/3-/347/254/254/344/270/200/344/270/252/346/216/245/345/217/243.md +0 -46
package/docs/4-/346/223/215/344/275/234/346/225/260/346/215/256/345/272/223.md +0 -172
package/hooks/requestLogger.ts +0 -84
package/types/index.ts +0 -24
package/util.ts +0 -283

package/tests/rateLimit-hook.test.ts ADDED Viewed

@@ -0,0 +1,477 @@
+import { describe, expect, test, afterEach } from "bun:test";
+import { beflyConfig } from "../befly.config.js";
+import rateLimitHook from "../hooks/rateLimit.js";
+type MockBefly = {
+    redis?: {
+        incrWithExpire: (key: string, seconds: number) => Promise<number>;
+    };
+};
+type MockCtx = {
+    api: { name: string };
+    req: Request;
+    route: string;
+    ip: string;
+    user: Record<string, any>;
+    requestId: string;
+    corsHeaders: Record<string, string>;
+    response?: Response;
+};
+const originalRateLimitConfigJson = JSON.stringify(beflyConfig.rateLimit);
+afterEach(() => {
+    beflyConfig.rateLimit = JSON.parse(originalRateLimitConfigJson);
+});
+describe("hook - rateLimit", () => {
+    test("命中规则：未超限不拦截，超限后拦截", async () => {
+        beflyConfig.rateLimit = {
+            enable: 1,
+            defaultLimit: 0,
+            defaultWindow: 0,
+            key: "ip",
+            rules: [
+                {
+                    route: "/api/auth/*",
+                    limit: 2,
+                    window: 60,
+                    key: "ip"
+                }
+            ]
+        };
+        let counter = 0;
+        const befly: MockBefly = {
+            redis: {
+                incrWithExpire: async () => {
+                    counter += 1;
+                    return counter;
+                }
+            }
+        };
+        const ctx: MockCtx = {
+            api: { name: "login" },
+            req: new Request("http://localhost/api/auth/login", { method: "POST" }),
+            route: "POST/api/auth/login",
+            ip: "1.1.1.1",
+            user: { id: 123 },
+            requestId: "rid_rate_1",
+            corsHeaders: {}
+        };
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(ctx.response).toBeUndefined();
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(ctx.response).toBeUndefined();
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(ctx.response).toBeInstanceOf(Response);
+        const payload = await (ctx.response as Response).json();
+        expect(payload).toEqual({
+            code: 1,
+            msg: "请求过于频繁，请稍后再试",
+            data: null,
+            detail: {
+                limit: 2,
+                window: 60
+            }
+        });
+    });
+    test("key 维度为 user：counterKey 包含用户 id", async () => {
+        beflyConfig.rateLimit = {
+            enable: 1,
+            defaultLimit: 0,
+            defaultWindow: 0,
+            key: "ip",
+            rules: [
+                {
+                    route: "*",
+                    limit: 10,
+                    window: 60,
+                    key: "user"
+                }
+            ]
+        };
+        let lastKey = "";
+        const befly: MockBefly = {
+            redis: {
+                incrWithExpire: async (key) => {
+                    lastKey = key;
+                    return 1;
+                }
+            }
+        };
+        const ctx: MockCtx = {
+            api: { name: "x" },
+            req: new Request("http://localhost/api/user/profile", { method: "POST" }),
+            route: "POST/api/user/profile",
+            ip: "2.2.2.2",
+            user: { id: 9 },
+            requestId: "rid_rate_2",
+            corsHeaders: {}
+        };
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(lastKey.includes(":user:9")).toBe(true);
+        expect(lastKey.startsWith("rate_limit:POST/api/user/profile:")).toBe(true);
+    });
+    test("key 维度为 ip_user：counterKey 同时包含 ip 与用户 id", async () => {
+        beflyConfig.rateLimit = {
+            enable: 1,
+            defaultLimit: 0,
+            defaultWindow: 0,
+            key: "ip",
+            rules: [
+                {
+                    route: "*",
+                    limit: 10,
+                    window: 60,
+                    key: "ip_user"
+                }
+            ]
+        };
+        let lastKey = "";
+        const befly: MockBefly = {
+            redis: {
+                incrWithExpire: async (key) => {
+                    lastKey = key;
+                    return 1;
+                }
+            }
+        };
+        const ctx: MockCtx = {
+            api: { name: "x" },
+            req: new Request("http://localhost/api/user/profile", { method: "POST" }),
+            route: "POST/api/user/profile",
+            ip: "2.2.2.2",
+            user: { id: 9 },
+            requestId: "rid_rate_2_ip_user",
+            corsHeaders: {}
+        };
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(lastKey.includes("ip:2.2.2.2:user:9")).toBe(true);
+        expect(lastKey.startsWith("rate_limit:POST/api/user/profile:")).toBe(true);
+    });
+    test("规则优先级：精确规则优先于通配与前缀", async () => {
+        // 特意把更宽泛的规则放在前面，验证实现会优先选择更具体的规则
+        beflyConfig.rateLimit = {
+            enable: 1,
+            defaultLimit: 0,
+            defaultWindow: 0,
+            key: "ip",
+            rules: [
+                {
+                    route: "*",
+                    limit: 1,
+                    window: 60,
+                    key: "ip"
+                },
+                {
+                    route: "/api/auth/*",
+                    limit: 1,
+                    window: 60,
+                    key: "ip"
+                },
+                {
+                    route: "POST/api/auth/login",
+                    limit: 100,
+                    window: 60,
+                    key: "ip"
+                }
+            ]
+        };
+        let counter = 0;
+        const befly: MockBefly = {
+            redis: {
+                incrWithExpire: async () => {
+                    counter += 1;
+                    return counter;
+                }
+            }
+        };
+        const ctx: MockCtx = {
+            api: { name: "login" },
+            req: new Request("http://localhost/api/auth/login", { method: "POST" }),
+            route: "POST/api/auth/login",
+            ip: "8.8.8.8",
+            user: {},
+            requestId: "rid_rate_priority_1",
+            corsHeaders: {}
+        };
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(ctx.response).toBeUndefined();
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(ctx.response).toBeUndefined();
+    });
+    test("key=user 且缺失 userId 时回退为按 IP 计数", async () => {
+        beflyConfig.rateLimit = {
+            enable: 1,
+            defaultLimit: 0,
+            defaultWindow: 0,
+            key: "ip",
+            rules: [
+                {
+                    route: "*",
+                    limit: 10,
+                    window: 60,
+                    key: "user"
+                }
+            ]
+        };
+        let lastKey = "";
+        const befly: MockBefly = {
+            redis: {
+                incrWithExpire: async (key) => {
+                    lastKey = key;
+                    return 1;
+                }
+            }
+        };
+        const ctx: MockCtx = {
+            api: { name: "x" },
+            req: new Request("http://localhost/api/user/profile", { method: "POST" }),
+            route: "POST/api/user/profile",
+            ip: "6.6.6.6",
+            user: {},
+            requestId: "rid_rate_user_fallback_ip",
+            corsHeaders: {}
+        };
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(lastKey.includes("ip:6.6.6.6")).toBe(true);
+        expect(lastKey.includes("anonymous")).toBe(false);
+    });
+    test("key=user：userId=0 不应被当作缺失", async () => {
+        beflyConfig.rateLimit = {
+            enable: 1,
+            defaultLimit: 0,
+            defaultWindow: 0,
+            key: "ip",
+            rules: [
+                {
+                    route: "*",
+                    limit: 10,
+                    window: 60,
+                    key: "user"
+                }
+            ]
+        };
+        let lastKey = "";
+        const befly: MockBefly = {
+            redis: {
+                incrWithExpire: async (key) => {
+                    lastKey = key;
+                    return 1;
+                }
+            }
+        };
+        const ctx: MockCtx = {
+            api: { name: "x" },
+            req: new Request("http://localhost/api/user/profile", { method: "POST" }),
+            route: "POST/api/user/profile",
+            ip: "7.7.7.7",
+            user: { id: 0 },
+            requestId: "rid_rate_user_id_zero",
+            corsHeaders: {}
+        };
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(lastKey.includes(":user:0")).toBe(true);
+    });
+    test("skipRoutes：命中后不计数也不拦截", async () => {
+        beflyConfig.rateLimit = {
+            enable: 1,
+            defaultLimit: 1,
+            defaultWindow: 60,
+            key: "ip",
+            skipRoutes: ["/api/health"],
+            rules: []
+        };
+        let called = 0;
+        const befly: MockBefly = {
+            redis: {
+                incrWithExpire: async () => {
+                    called += 1;
+                    return 999;
+                }
+            }
+        };
+        const ctx: MockCtx = {
+            api: { name: "health" },
+            req: new Request("http://localhost/api/health", { method: "POST" }),
+            route: "POST/api/health",
+            ip: "9.9.9.9",
+            user: {},
+            requestId: "rid_rate_skip_1",
+            corsHeaders: {}
+        };
+        await rateLimitHook.handler(befly as any, ctx as any);
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(called).toBe(0);
+        expect(ctx.response).toBeUndefined();
+    });
+    test("route 匹配：支持 METHOD/api 前缀与精确匹配", async () => {
+        beflyConfig.rateLimit = {
+            enable: 1,
+            defaultLimit: 0,
+            defaultWindow: 0,
+            key: "ip",
+            rules: [
+                {
+                    route: "POST/api/auth/*",
+                    limit: 1,
+                    window: 60,
+                    key: "ip"
+                },
+                {
+                    route: "POST/api/user/profile",
+                    limit: 1,
+                    window: 60,
+                    key: "ip"
+                }
+            ]
+        };
+        const keys: string[] = [];
+        const befly: MockBefly = {
+            redis: {
+                incrWithExpire: async (key) => {
+                    keys.push(key);
+                    return 1;
+                }
+            }
+        };
+        const ctx1: MockCtx = {
+            api: { name: "login" },
+            req: new Request("http://localhost/api/auth/login", { method: "POST" }),
+            route: "POST/api/auth/login",
+            ip: "4.4.4.4",
+            user: {},
+            requestId: "rid_rate_match_1",
+            corsHeaders: {}
+        };
+        const ctx2: MockCtx = {
+            api: { name: "profile" },
+            req: new Request("http://localhost/api/user/profile", { method: "POST" }),
+            route: "POST/api/user/profile",
+            ip: "4.4.4.4",
+            user: {},
+            requestId: "rid_rate_match_2",
+            corsHeaders: {}
+        };
+        await rateLimitHook.handler(befly as any, ctx1 as any);
+        await rateLimitHook.handler(befly as any, ctx2 as any);
+        expect(keys.length).toBe(2);
+        expect(keys[0].startsWith("rate_limit:POST/api/auth/login:")).toBe(true);
+        expect(keys[1].startsWith("rate_limit:POST/api/user/profile:")).toBe(true);
+    });
+    test("OPTIONS 请求不计数也不拦截", async () => {
+        beflyConfig.rateLimit = {
+            enable: 1,
+            defaultLimit: 1,
+            defaultWindow: 60,
+            key: "ip",
+            rules: []
+        };
+        let called = 0;
+        const befly: MockBefly = {
+            redis: {
+                incrWithExpire: async () => {
+                    called += 1;
+                    return 999;
+                }
+            }
+        };
+        const ctx: MockCtx = {
+            api: { name: "opt" },
+            req: new Request("http://localhost/api/user/profile", { method: "OPTIONS" }),
+            route: "OPTIONS/api/user/profile",
+            ip: "5.5.5.5",
+            user: {},
+            requestId: "rid_rate_options",
+            corsHeaders: {}
+        };
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(called).toBe(0);
+        expect(ctx.response).toBeUndefined();
+    });
+    test("无 redis 时降级为内存计数", async () => {
+        beflyConfig.rateLimit = {
+            enable: 1,
+            defaultLimit: 0,
+            defaultWindow: 0,
+            key: "ip",
+            rules: [
+                {
+                    route: "POST/api/test/memory",
+                    limit: 2,
+                    window: 60,
+                    key: "ip"
+                }
+            ]
+        };
+        const befly: MockBefly = {};
+        const ctx: MockCtx = {
+            api: { name: "mem" },
+            req: new Request("http://localhost/api/test/memory", { method: "POST" }),
+            route: "POST/api/test/memory",
+            ip: "3.3.3.3",
+            user: {},
+            requestId: "rid_rate_3",
+            corsHeaders: {}
+        };
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(ctx.response).toBeUndefined();
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(ctx.response).toBeUndefined();
+        await rateLimitHook.handler(befly as any, ctx as any);
+        expect(ctx.response).toBeInstanceOf(Response);
+    });
+});