create-entity-app-server 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +68 -0
- package/.gitignore +8 -0
- package/LICENSE +66 -0
- package/README.md +36 -0
- package/bin/create.js +222 -0
- package/configs/cache.json +7 -0
- package/configs/cors.json +24 -0
- package/configs/database.json +30 -0
- package/configs/security.json +45 -0
- package/configs/server.json +31 -0
- package/docs/README.md +274 -0
- package/docs/architecture.md +295 -0
- package/docs/cache.md +217 -0
- package/docs/configs.md +261 -0
- package/docs/database.md +505 -0
- package/docs/design/board-api-design.md +2342 -0
- package/docs/flows.md +581 -0
- package/docs/getting-started.md +83 -0
- package/docs/hooks.md +600 -0
- package/docs/internals.md +60 -0
- package/docs/plugins/2fa.md +121 -0
- package/docs/plugins/alimtalk.md +212 -0
- package/docs/plugins/friendtalk.md +158 -0
- package/docs/plugins/holidays.md +98 -0
- package/docs/plugins/how-to-create.md +148 -0
- package/docs/plugins/identity.md +223 -0
- package/docs/plugins/llm.md +567 -0
- package/docs/plugins/oauth.md +121 -0
- package/docs/plugins/ocr.md +168 -0
- package/docs/plugins/pg.md +226 -0
- package/docs/plugins/push.md +178 -0
- package/docs/plugins/sms.md +228 -0
- package/docs/plugins/taxinvoice.md +197 -0
- package/docs/routes/README.md +247 -0
- package/docs/routes/account-routes.md +262 -0
- package/docs/routes/alimtalk-routes.md +187 -0
- package/docs/routes/board-routes.md +492 -0
- package/docs/routes/email-verification.md +269 -0
- package/docs/routes/friendtalk-routes.md +45 -0
- package/docs/routes/holidays-routes.md +170 -0
- package/docs/routes/how-to-create.md +150 -0
- package/docs/routes/identity-routes.md +310 -0
- package/docs/routes/llm-routes.md +921 -0
- package/docs/routes/ocr-routes.md +133 -0
- package/docs/routes/password-reset.md +234 -0
- package/docs/routes/pg-routes.md +144 -0
- package/docs/routes/push-routes.md +205 -0
- package/docs/routes/sms-routes.md +243 -0
- package/docs/routes/smtp-routes.md +155 -0
- package/docs/routes/tax-invoice-routes.md +109 -0
- package/docs/schedules/dormancy-and-retention.md +160 -0
- package/docs/schedules/how-to-create.md +255 -0
- package/docs/scripts-guide.md +310 -0
- package/docs/security.md +221 -0
- package/docs/system.md +297 -0
- package/package.json +111 -0
- package/scripts/_gen-table-type.ts +605 -0
- package/scripts/build-minify-plugins.mjs +124 -0
- package/scripts/build-obfuscate-system.mjs +38 -0
- package/scripts/build.sh +140 -0
- package/scripts/dist-tsconfig.json +18 -0
- package/scripts/entity.sh +224 -0
- package/scripts/gen-table-type.sh +169 -0
- package/scripts/push.sh +102 -0
- package/scripts/release.sh +51 -0
- package/scripts/reset-all.sh +208 -0
- package/scripts/run.sh +202 -0
- package/src/app/hooks/README.md +148 -0
- package/src/app/hooks/account.ts +26 -0
- package/src/app/hooks/index.ts +19 -0
- package/src/app/hooks/order.ts +230 -0
- package/src/app/hooks/post.ts +162 -0
- package/src/app/plugins/2fa/config.example.json +15 -0
- package/src/app/plugins/2fa/config.json +17 -0
- package/src/app/plugins/2fa/config.ts +44 -0
- package/src/app/plugins/2fa/docs/README.md +139 -0
- package/src/app/plugins/2fa/entities/account.json +30 -0
- package/src/app/plugins/2fa/handlers/disable.ts +114 -0
- package/src/app/plugins/2fa/handlers/index.ts +11 -0
- package/src/app/plugins/2fa/handlers/recovery.ts +98 -0
- package/src/app/plugins/2fa/handlers/regenerate.ts +99 -0
- package/src/app/plugins/2fa/handlers/setup-verify.ts +121 -0
- package/src/app/plugins/2fa/handlers/setup.ts +92 -0
- package/src/app/plugins/2fa/handlers/status.ts +47 -0
- package/src/app/plugins/2fa/handlers/utils.ts +222 -0
- package/src/app/plugins/2fa/handlers/verify.ts +92 -0
- package/src/app/plugins/2fa/index.ts +50 -0
- package/src/app/plugins/2fa/routes.ts +49 -0
- package/src/app/plugins/2fa/templates/auth/2fa_disabled.html +23 -0
- package/src/app/plugins/2fa/templates/auth/2fa_recovery_regenerated.html +31 -0
- package/src/app/plugins/2fa/templates/auth/2fa_setup_complete.html +43 -0
- package/src/app/plugins/2fa/totp-utils.ts +189 -0
- package/src/app/plugins/2fa/types.ts +95 -0
- package/src/app/plugins/README.md +118 -0
- package/src/app/plugins/ais/config.json +7 -0
- package/src/app/plugins/ais/config.ts +32 -0
- package/src/app/plugins/ais/docs/README.md +142 -0
- package/src/app/plugins/ais/docs/api.md +138 -0
- package/src/app/plugins/ais/entities/ais_vessel.json +64 -0
- package/src/app/plugins/ais/handlers.ts +88 -0
- package/src/app/plugins/ais/index.ts +21 -0
- package/src/app/plugins/ais/routes.ts +13 -0
- package/src/app/plugins/ais/service.ts +242 -0
- package/src/app/plugins/ais/types/index.ts +78 -0
- package/src/app/plugins/alimtalk/config.example.json +52 -0
- package/src/app/plugins/alimtalk/config.json +26 -0
- package/src/app/plugins/alimtalk/config.ts +75 -0
- package/src/app/plugins/alimtalk/docs/README.md +140 -0
- package/src/app/plugins/alimtalk/entities/alimtalk_log.json +65 -0
- package/src/app/plugins/alimtalk/entities/alimtalk_msg.json +53 -0
- package/src/app/plugins/alimtalk/entity-adapter.ts +196 -0
- package/src/app/plugins/alimtalk/handlers.ts +84 -0
- package/src/app/plugins/alimtalk/index.ts +80 -0
- package/src/app/plugins/alimtalk/providers/aligo.ts +151 -0
- package/src/app/plugins/alimtalk/providers/index.ts +29 -0
- package/src/app/plugins/alimtalk/providers/nhn.ts +254 -0
- package/src/app/plugins/alimtalk/providers/ppurio.ts +145 -0
- package/src/app/plugins/alimtalk/providers/solapi.ts +145 -0
- package/src/app/plugins/alimtalk/routes.ts +15 -0
- package/src/app/plugins/alimtalk/service.ts +423 -0
- package/src/app/plugins/alimtalk/template-cache.ts +42 -0
- package/src/app/plugins/alimtalk/templates/alimtalk.json +27 -0
- package/src/app/plugins/alimtalk/types/client.ts +48 -0
- package/src/app/plugins/alimtalk/types/config.ts +53 -0
- package/src/app/plugins/alimtalk/types/friendtalk.ts +90 -0
- package/src/app/plugins/alimtalk/types/index.ts +4 -0
- package/src/app/plugins/alimtalk/types/job.ts +56 -0
- package/src/app/plugins/alimtalk/webhook.ts +211 -0
- package/src/app/plugins/distance-server/config.json +6 -0
- package/src/app/plugins/distance-server/config.ts +50 -0
- package/src/app/plugins/distance-server/docs/README.md +114 -0
- package/src/app/plugins/distance-server/handlers.ts +104 -0
- package/src/app/plugins/distance-server/index.ts +23 -0
- package/src/app/plugins/distance-server/routes.ts +36 -0
- package/src/app/plugins/distance-server/service.ts +187 -0
- package/src/app/plugins/distance-server/types/index.ts +8 -0
- package/src/app/plugins/example/config.json +6 -0
- package/src/app/plugins/example/config.ts +46 -0
- package/src/app/plugins/example/docs/README.md +64 -0
- package/src/app/plugins/example/entity-adapter.ts +96 -0
- package/src/app/plugins/example/handlers.ts +94 -0
- package/src/app/plugins/example/index.ts +63 -0
- package/src/app/plugins/example/routes.ts +30 -0
- package/src/app/plugins/example/service.ts +31 -0
- package/src/app/plugins/example/types/config.ts +11 -0
- package/src/app/plugins/example/types/index.ts +1 -0
- package/src/app/plugins/friendtalk/config.example.json +35 -0
- package/src/app/plugins/friendtalk/config.json +11 -0
- package/src/app/plugins/friendtalk/config.ts +70 -0
- package/src/app/plugins/friendtalk/docs/README.md +110 -0
- package/src/app/plugins/friendtalk/entities/friendtalk_log.json +89 -0
- package/src/app/plugins/friendtalk/entities/friendtalk_msg.json +91 -0
- package/src/app/plugins/friendtalk/entity-adapter.ts +150 -0
- package/src/app/plugins/friendtalk/handlers.ts +56 -0
- package/src/app/plugins/friendtalk/routes.ts +12 -0
- package/src/app/plugins/friendtalk/templates/friendtalk.json +16 -0
- package/src/app/plugins/holidays/config.example.json +6 -0
- package/src/app/plugins/holidays/config.json +10 -0
- package/src/app/plugins/holidays/config.ts +44 -0
- package/src/app/plugins/holidays/docs/README.md +122 -0
- package/src/app/plugins/holidays/entities/holiday.json +22 -0
- package/src/app/plugins/holidays/handlers.ts +135 -0
- package/src/app/plugins/holidays/index.ts +78 -0
- package/src/app/plugins/holidays/routes.ts +18 -0
- package/src/app/plugins/holidays/service.ts +241 -0
- package/src/app/plugins/holidays/types/api.ts +49 -0
- package/src/app/plugins/holidays/types/config.ts +8 -0
- package/src/app/plugins/holidays/types/index.ts +2 -0
- package/src/app/plugins/identity/config.example.json +43 -0
- package/src/app/plugins/identity/config.json +30 -0
- package/src/app/plugins/identity/config.ts +138 -0
- package/src/app/plugins/identity/crypto.ts +51 -0
- package/src/app/plugins/identity/docs/README.md +164 -0
- package/src/app/plugins/identity/entities/account.json +27 -0
- package/src/app/plugins/identity/entities/identity_verification.json +113 -0
- package/src/app/plugins/identity/entity-adapter.ts +242 -0
- package/src/app/plugins/identity/handlers.ts +239 -0
- package/src/app/plugins/identity/index.ts +80 -0
- package/src/app/plugins/identity/providers/danal.ts +150 -0
- package/src/app/plugins/identity/providers/index.ts +38 -0
- package/src/app/plugins/identity/providers/kmc.ts +140 -0
- package/src/app/plugins/identity/providers/nice.ts +304 -0
- package/src/app/plugins/identity/routes.ts +22 -0
- package/src/app/plugins/identity/service.ts +361 -0
- package/src/app/plugins/identity/types/config.ts +35 -0
- package/src/app/plugins/identity/types/index.ts +2 -0
- package/src/app/plugins/identity/types/verification.ts +105 -0
- package/src/app/plugins/kobc_freight/config.json +6 -0
- package/src/app/plugins/kobc_freight/config.ts +28 -0
- package/src/app/plugins/kobc_freight/docs/README.md +316 -0
- package/src/app/plugins/kobc_freight/entities/kobc_freight_entry.json +31 -0
- package/src/app/plugins/kobc_freight/entities/kobc_kcci_entry.json +67 -0
- package/src/app/plugins/kobc_freight/entities/kobc_kpli_entry.json +27 -0
- package/src/app/plugins/kobc_freight/entities/kobc_ncfi_entry.json +99 -0
- package/src/app/plugins/kobc_freight/handlers.ts +283 -0
- package/src/app/plugins/kobc_freight/index.ts +21 -0
- package/src/app/plugins/kobc_freight/routes.ts +39 -0
- package/src/app/plugins/kobc_freight/service.ts +604 -0
- package/src/app/plugins/kobc_freight/types/index.ts +99 -0
- package/src/app/plugins/llm/cache.ts +138 -0
- package/src/app/plugins/llm/chatbot-store.ts +270 -0
- package/src/app/plugins/llm/chunker.ts +96 -0
- package/src/app/plugins/llm/config.example.json +260 -0
- package/src/app/plugins/llm/config.json +71 -0
- package/src/app/plugins/llm/config.ts +99 -0
- package/src/app/plugins/llm/conversation-store.ts +140 -0
- package/src/app/plugins/llm/docs/README.md +120 -0
- package/src/app/plugins/llm/docs/api.md +250 -0
- package/src/app/plugins/llm/document-store.ts +318 -0
- package/src/app/plugins/llm/entities/llm_chatbot.json +66 -0
- package/src/app/plugins/llm/entities/llm_conversation.json +61 -0
- package/src/app/plugins/llm/entities/llm_document.json +67 -0
- package/src/app/plugins/llm/entities/llm_usage.json +51 -0
- package/src/app/plugins/llm/entities/llm_user_profile.json +45 -0
- package/src/app/plugins/llm/handlers.ts +1114 -0
- package/src/app/plugins/llm/index.ts +90 -0
- package/src/app/plugins/llm/profile-store.ts +125 -0
- package/src/app/plugins/llm/providers/anthropic.ts +233 -0
- package/src/app/plugins/llm/providers/azure.ts +267 -0
- package/src/app/plugins/llm/providers/gemini.ts +252 -0
- package/src/app/plugins/llm/providers/index.ts +86 -0
- package/src/app/plugins/llm/providers/ollama.ts +237 -0
- package/src/app/plugins/llm/providers/openai.ts +244 -0
- package/src/app/plugins/llm/routes.ts +73 -0
- package/src/app/plugins/llm/service.ts +965 -0
- package/src/app/plugins/llm/template-loader.ts +135 -0
- package/src/app/plugins/llm/templates/prompts/extract_json.json +8 -0
- package/src/app/plugins/llm/templates/prompts/summarize.json +10 -0
- package/src/app/plugins/llm/templates/prompts/translate.json +10 -0
- package/src/app/plugins/llm/types/chat.ts +96 -0
- package/src/app/plugins/llm/types/chatbot.ts +143 -0
- package/src/app/plugins/llm/types/config.ts +47 -0
- package/src/app/plugins/llm/types/conversation.ts +116 -0
- package/src/app/plugins/llm/types/index.ts +7 -0
- package/src/app/plugins/llm/types/profile.ts +48 -0
- package/src/app/plugins/llm/types/store.ts +50 -0
- package/src/app/plugins/llm/types/usage.ts +27 -0
- package/src/app/plugins/llm/usage-store.ts +64 -0
- package/src/app/plugins/oauth/account/handlers/index.ts +4 -0
- package/src/app/plugins/oauth/account/handlers/link.ts +165 -0
- package/src/app/plugins/oauth/account/handlers/providers-list.ts +49 -0
- package/src/app/plugins/oauth/account/handlers/refresh.ts +92 -0
- package/src/app/plugins/oauth/account/handlers/unlink.ts +105 -0
- package/src/app/plugins/oauth/config.example.json +65 -0
- package/src/app/plugins/oauth/config.json +72 -0
- package/src/app/plugins/oauth/config.ts +182 -0
- package/src/app/plugins/oauth/docs/README.md +160 -0
- package/src/app/plugins/oauth/entities/account_oauth.json +74 -0
- package/src/app/plugins/oauth/handlers/callback.ts +314 -0
- package/src/app/plugins/oauth/handlers/index.ts +2 -0
- package/src/app/plugins/oauth/handlers/redirect.ts +47 -0
- package/src/app/plugins/oauth/index.ts +74 -0
- package/src/app/plugins/oauth/providers/index.ts +530 -0
- package/src/app/plugins/oauth/routes.ts +49 -0
- package/src/app/plugins/oauth/service.ts +14 -0
- package/src/app/plugins/oauth/state.ts +105 -0
- package/src/app/plugins/oauth/types/index.ts +52 -0
- package/src/app/plugins/oauth/upsert.ts +162 -0
- package/src/app/plugins/ocr/cache.ts +50 -0
- package/src/app/plugins/ocr/config.example.json +103 -0
- package/src/app/plugins/ocr/config.json +110 -0
- package/src/app/plugins/ocr/config.ts +126 -0
- package/src/app/plugins/ocr/direction.ts +48 -0
- package/src/app/plugins/ocr/dispatch.ts +130 -0
- package/src/app/plugins/ocr/docs/README.md +125 -0
- package/src/app/plugins/ocr/docs/api.md +159 -0
- package/src/app/plugins/ocr/entities/ocr_result.json +98 -0
- package/src/app/plugins/ocr/entities/ocr_usage.json +57 -0
- package/src/app/plugins/ocr/entity-adapter.ts +198 -0
- package/src/app/plugins/ocr/errors.ts +42 -0
- package/src/app/plugins/ocr/handlers.ts +250 -0
- package/src/app/plugins/ocr/index.ts +68 -0
- package/src/app/plugins/ocr/llm-parser.ts +164 -0
- package/src/app/plugins/ocr/parsing-pipeline.ts +87 -0
- package/src/app/plugins/ocr/pdf-converter.ts +136 -0
- package/src/app/plugins/ocr/preprocessor.ts +313 -0
- package/src/app/plugins/ocr/providers/aws.ts +200 -0
- package/src/app/plugins/ocr/providers/azure.ts +183 -0
- package/src/app/plugins/ocr/providers/google.ts +155 -0
- package/src/app/plugins/ocr/providers/index.ts +80 -0
- package/src/app/plugins/ocr/providers/naver.ts +186 -0
- package/src/app/plugins/ocr/providers/tesseract.ts +198 -0
- package/src/app/plugins/ocr/providers/upstage.ts +156 -0
- package/src/app/plugins/ocr/quota.ts +108 -0
- package/src/app/plugins/ocr/refiner.ts +112 -0
- package/src/app/plugins/ocr/routes.ts +19 -0
- package/src/app/plugins/ocr/service.ts +333 -0
- package/src/app/plugins/ocr/template-loader.ts +72 -0
- package/src/app/plugins/ocr/template-matcher.ts +422 -0
- package/src/app/plugins/ocr/templates/business_reg.json +145 -0
- package/src/app/plugins/ocr/templates/career_cert.json +93 -0
- package/src/app/plugins/ocr/templates/driver_license.json +89 -0
- package/src/app/plugins/ocr/templates/facility_card.json +82 -0
- package/src/app/plugins/ocr/templates/id_card.json +55 -0
- package/src/app/plugins/ocr/templates/invoice.json +92 -0
- package/src/app/plugins/ocr/templates/namecard.json +116 -0
- package/src/app/plugins/ocr/templates/prompts/business_reg.json +14 -0
- package/src/app/plugins/ocr/templates/prompts/career_cert.json +16 -0
- package/src/app/plugins/ocr/templates/prompts/driver_license.json +14 -0
- package/src/app/plugins/ocr/templates/prompts/facility_card.json +15 -0
- package/src/app/plugins/ocr/templates/prompts/general.json +13 -0
- package/src/app/plugins/ocr/templates/prompts/id_card.json +11 -0
- package/src/app/plugins/ocr/templates/prompts/invoice.json +17 -0
- package/src/app/plugins/ocr/templates/prompts/namecard.json +15 -0
- package/src/app/plugins/ocr/templates/prompts/receipt.json +14 -0
- package/src/app/plugins/ocr/templates/receipt.json +79 -0
- package/src/app/plugins/ocr/types/config.ts +60 -0
- package/src/app/plugins/ocr/types/driver.ts +71 -0
- package/src/app/plugins/ocr/types/index.ts +5 -0
- package/src/app/plugins/ocr/types/parsed.ts +101 -0
- package/src/app/plugins/ocr/types/store.ts +70 -0
- package/src/app/plugins/ocr/types/template.ts +89 -0
- package/src/app/plugins/ocr/utils.ts +18 -0
- package/src/app/plugins/pg/config.example.json +79 -0
- package/src/app/plugins/pg/config.json +35 -0
- package/src/app/plugins/pg/config.ts +58 -0
- package/src/app/plugins/pg/docs/README.md +176 -0
- package/src/app/plugins/pg/entities/pg_cancel.json +60 -0
- package/src/app/plugins/pg/entities/pg_order.json +115 -0
- package/src/app/plugins/pg/entities/pg_webhook_log.json +52 -0
- package/src/app/plugins/pg/entity-adapter.ts +144 -0
- package/src/app/plugins/pg/handlers.ts +240 -0
- package/src/app/plugins/pg/index.ts +98 -0
- package/src/app/plugins/pg/providers/danal.ts +178 -0
- package/src/app/plugins/pg/providers/hecto.ts +340 -0
- package/src/app/plugins/pg/providers/index.ts +53 -0
- package/src/app/plugins/pg/providers/inicis.ts +151 -0
- package/src/app/plugins/pg/providers/kakaopay.ts +242 -0
- package/src/app/plugins/pg/providers/kcp.ts +147 -0
- package/src/app/plugins/pg/providers/naverpay.ts +299 -0
- package/src/app/plugins/pg/providers/payco.ts +290 -0
- package/src/app/plugins/pg/providers/payletter.ts +377 -0
- package/src/app/plugins/pg/providers/paypal.ts +423 -0
- package/src/app/plugins/pg/providers/toss.ts +157 -0
- package/src/app/plugins/pg/providers/wanna.ts +163 -0
- package/src/app/plugins/pg/routes.ts +31 -0
- package/src/app/plugins/pg/service.ts +531 -0
- package/src/app/plugins/pg/types/client.ts +52 -0
- package/src/app/plugins/pg/types/config.ts +42 -0
- package/src/app/plugins/pg/types/error.ts +25 -0
- package/src/app/plugins/pg/types/index.ts +4 -0
- package/src/app/plugins/pg/types/payment.ts +145 -0
- package/src/app/plugins/providers/docs/README.md +32 -0
- package/src/app/plugins/providers/solapi-auth.ts +27 -0
- package/src/app/plugins/push/config.example.json +26 -0
- package/src/app/plugins/push/config.json +18 -0
- package/src/app/plugins/push/config.ts +119 -0
- package/src/app/plugins/push/docs/README.md +147 -0
- package/src/app/plugins/push/entities/push_log.json +86 -0
- package/src/app/plugins/push/entities/push_msg.json +56 -0
- package/src/app/plugins/push/entity-adapter.ts +326 -0
- package/src/app/plugins/push/handlers.ts +193 -0
- package/src/app/plugins/push/index.ts +85 -0
- package/src/app/plugins/push/providers/apns.ts +152 -0
- package/src/app/plugins/push/providers/fcm.ts +181 -0
- package/src/app/plugins/push/providers/index.ts +42 -0
- package/src/app/plugins/push/providers/utils.ts +30 -0
- package/src/app/plugins/push/routes.ts +24 -0
- package/src/app/plugins/push/service.ts +297 -0
- package/src/app/plugins/push/types/config.ts +32 -0
- package/src/app/plugins/push/types/index.ts +14 -0
- package/src/app/plugins/push/types/job.ts +79 -0
- package/src/app/plugins/shared/docs/README.md +11 -0
- package/src/app/plugins/sms/config.example.json +30 -0
- package/src/app/plugins/sms/config.json +33 -0
- package/src/app/plugins/sms/config.ts +158 -0
- package/src/app/plugins/sms/docs/README.md +236 -0
- package/src/app/plugins/sms/entities/sms_log.json +65 -0
- package/src/app/plugins/sms/entities/sms_msg.json +82 -0
- package/src/app/plugins/sms/entities/sms_verification.json +50 -0
- package/src/app/plugins/sms/entity-adapter.ts +213 -0
- package/src/app/plugins/sms/handlers.ts +149 -0
- package/src/app/plugins/sms/index.ts +93 -0
- package/src/app/plugins/sms/providers/aligo.ts +73 -0
- package/src/app/plugins/sms/providers/aws-sns.ts +182 -0
- package/src/app/plugins/sms/providers/index.ts +47 -0
- package/src/app/plugins/sms/providers/nhn.ts +82 -0
- package/src/app/plugins/sms/providers/ppurio.ts +76 -0
- package/src/app/plugins/sms/providers/solapi.ts +83 -0
- package/src/app/plugins/sms/routes.ts +23 -0
- package/src/app/plugins/sms/service.ts +239 -0
- package/src/app/plugins/sms/types/client.ts +41 -0
- package/src/app/plugins/sms/types/config.ts +46 -0
- package/src/app/plugins/sms/types/index.ts +3 -0
- package/src/app/plugins/sms/types/job.ts +51 -0
- package/src/app/plugins/sms/verification.ts +162 -0
- package/src/app/plugins/smtp/config.json +5 -0
- package/src/app/plugins/smtp/config.ts +41 -0
- package/src/app/plugins/smtp/docs/README.md +165 -0
- package/src/app/plugins/smtp/handlers.ts +52 -0
- package/src/app/plugins/smtp/index.ts +33 -0
- package/src/app/plugins/smtp/routes.ts +19 -0
- package/src/app/plugins/smtp/templates/layout.html +50 -0
- package/src/app/plugins/smtp/types/config.ts +8 -0
- package/src/app/plugins/smtp/types/index.ts +1 -0
- package/src/app/plugins/taxinvoice/config.example.json +60 -0
- package/src/app/plugins/taxinvoice/config.json +35 -0
- package/src/app/plugins/taxinvoice/config.ts +117 -0
- package/src/app/plugins/taxinvoice/docs/README.md +322 -0
- package/src/app/plugins/taxinvoice/entities/tax_invoice.json +229 -0
- package/src/app/plugins/taxinvoice/entities/tax_invoice_item.json +56 -0
- package/src/app/plugins/taxinvoice/entities/tax_invoice_log.json +50 -0
- package/src/app/plugins/taxinvoice/entities/tax_invoice_party.json +61 -0
- package/src/app/plugins/taxinvoice/entity-adapter.ts +285 -0
- package/src/app/plugins/taxinvoice/handlers.ts +120 -0
- package/src/app/plugins/taxinvoice/index.ts +74 -0
- package/src/app/plugins/taxinvoice/providers/barobill.ts +273 -0
- package/src/app/plugins/taxinvoice/providers/bolta.ts +193 -0
- package/src/app/plugins/taxinvoice/providers/esero.ts +201 -0
- package/src/app/plugins/taxinvoice/providers/index.ts +41 -0
- package/src/app/plugins/taxinvoice/providers/popbill.ts +258 -0
- package/src/app/plugins/taxinvoice/providers/sendbill.ts +443 -0
- package/src/app/plugins/taxinvoice/providers/smartbill.ts +234 -0
- package/src/app/plugins/taxinvoice/routes.ts +17 -0
- package/src/app/plugins/taxinvoice/service.ts +439 -0
- package/src/app/plugins/taxinvoice/types/client.ts +57 -0
- package/src/app/plugins/taxinvoice/types/config.ts +42 -0
- package/src/app/plugins/taxinvoice/types/index.ts +4 -0
- package/src/app/plugins/taxinvoice/types/invoice.ts +128 -0
- package/src/app/plugins/taxinvoice/types/queue.ts +22 -0
- package/src/app/plugins/vessel_kr/config.json +9 -0
- package/src/app/plugins/vessel_kr/config.ts +32 -0
- package/src/app/plugins/vessel_kr/docs/README.md +167 -0
- package/src/app/plugins/vessel_kr/entities/vessel_kr_entry.json +136 -0
- package/src/app/plugins/vessel_kr/handlers.ts +102 -0
- package/src/app/plugins/vessel_kr/index.ts +21 -0
- package/src/app/plugins/vessel_kr/routes.ts +15 -0
- package/src/app/plugins/vessel_kr/service.ts +264 -0
- package/src/app/plugins/vessel_kr/types/index.ts +100 -0
- package/src/app/routes/README.md +71 -0
- package/src/app/routes/account/change-password/config.json +5 -0
- package/src/app/routes/account/change-password/entities/password_history.json +18 -0
- package/src/app/routes/account/change-password/handlers.ts +204 -0
- package/src/app/routes/account/change-password/routes.ts +28 -0
- package/src/app/routes/account/config.json +5 -0
- package/src/app/routes/account/reactivate/config.json +5 -0
- package/src/app/routes/account/reactivate/handlers.ts +249 -0
- package/src/app/routes/account/reactivate/routes.ts +14 -0
- package/src/app/routes/account/register/config-loader.ts +34 -0
- package/src/app/routes/account/register/config.json +8 -0
- package/src/app/routes/account/register/handlers.ts +207 -0
- package/src/app/routes/account/register/routes.ts +25 -0
- package/src/app/routes/account/register/types/index.ts +50 -0
- package/src/app/routes/account/routes.ts +31 -0
- package/src/app/routes/account/templates/force_reset.html +18 -0
- package/src/app/routes/account/templates/welcome.html +14 -0
- package/src/app/routes/account/withdraw/handlers.ts +111 -0
- package/src/app/routes/account/withdraw/routes.ts +18 -0
- package/src/app/routes/approval/config.json +5 -0
- package/src/app/routes/approval/entities/approval.json +99 -0
- package/src/app/routes/approval/entities/comments.json +17 -0
- package/src/app/routes/approval/entities/reference.json +16 -0
- package/src/app/routes/approval/routes.ts +30 -0
- package/src/app/routes/auth/config.json +5 -0
- package/src/app/routes/auth/handlers.ts +245 -0
- package/src/app/routes/auth/routes.ts +16 -0
- package/src/app/routes/board/config.json +5 -0
- package/src/app/routes/board/entities/board_category.json +90 -0
- package/src/app/routes/board/entities/board_comment.json +83 -0
- package/src/app/routes/board/entities/board_like.json +51 -0
- package/src/app/routes/board/entities/board_mention.json +50 -0
- package/src/app/routes/board/entities/board_post.json +148 -0
- package/src/app/routes/board/entities/board_post_tag.json +41 -0
- package/src/app/routes/board/entities/board_rating.json +127 -0
- package/src/app/routes/board/entities/board_read_log.json +29 -0
- package/src/app/routes/board/entities/board_report.json +53 -0
- package/src/app/routes/board/entities/board_tag.json +21 -0
- package/src/app/routes/board/handlers/categories.ts +134 -0
- package/src/app/routes/board/handlers/comments.ts +207 -0
- package/src/app/routes/board/handlers/files.ts +104 -0
- package/src/app/routes/board/handlers/likes.ts +31 -0
- package/src/app/routes/board/handlers/mentions.ts +54 -0
- package/src/app/routes/board/handlers/posts.ts +577 -0
- package/src/app/routes/board/handlers/ratings.ts +60 -0
- package/src/app/routes/board/handlers/reports.ts +131 -0
- package/src/app/routes/board/handlers/tags.ts +81 -0
- package/src/app/routes/board/routes.ts +137 -0
- package/src/app/routes/calendar/config.json +5 -0
- package/src/app/routes/calendar/entities/calendar_attendees.json +23 -0
- package/src/app/routes/calendar/entities/calendar_comments.json +17 -0
- package/src/app/routes/calendar/entities/calendar_events.json +48 -0
- package/src/app/routes/calendar/entities/calendar_kind.json +11 -0
- package/src/app/routes/calendar/entities/calendar_method.json +11 -0
- package/src/app/routes/calendar/routes.ts +32 -0
- package/src/app/routes/email-verify/config-loader.ts +47 -0
- package/src/app/routes/email-verify/config.example.json +13 -0
- package/src/app/routes/email-verify/config.json +16 -0
- package/src/app/routes/email-verify/entities/account.json +23 -0
- package/src/app/routes/email-verify/handlers/activate.ts +103 -0
- package/src/app/routes/email-verify/handlers/change.ts +106 -0
- package/src/app/routes/email-verify/handlers/confirm.ts +87 -0
- package/src/app/routes/email-verify/handlers/index.ts +20 -0
- package/src/app/routes/email-verify/handlers/send.ts +157 -0
- package/src/app/routes/email-verify/handlers/status.ts +53 -0
- package/src/app/routes/email-verify/handlers/utils.ts +85 -0
- package/src/app/routes/email-verify/routes.ts +54 -0
- package/src/app/routes/email-verify/templates/verification.html +15 -0
- package/src/app/routes/email-verify/templates/verification_link.html +19 -0
- package/src/app/routes/email-verify/types/index.ts +77 -0
- package/src/app/routes/email-verify/verification-utils.ts +57 -0
- package/src/app/routes/example-db/config.json +5 -0
- package/src/app/routes/example-db/handlers.ts +220 -0
- package/src/app/routes/example-db/models/account-ext.ts +33 -0
- package/src/app/routes/example-db/models/users.ts +30 -0
- package/src/app/routes/example-db/routes.ts +23 -0
- package/src/app/routes/example-db/types/defaults.ts +21 -0
- package/src/app/routes/example-db/types/index.ts +4 -0
- package/src/app/routes/example-db/types/params.ts +3 -0
- package/src/app/routes/example-db/types/query.ts +6 -0
- package/src/app/routes/example-db/types/user.ts +11 -0
- package/src/app/routes/example-es/config.json +5 -0
- package/src/app/routes/example-es/handlers.ts +216 -0
- package/src/app/routes/example-es/routes.ts +24 -0
- package/src/app/routes/example-es/types/defaults.ts +30 -0
- package/src/app/routes/example-es/types/index.ts +4 -0
- package/src/app/routes/example-es/types/params.ts +3 -0
- package/src/app/routes/example-es/types/post.ts +12 -0
- package/src/app/routes/example-es/types/query.ts +14 -0
- package/src/app/routes/funeral/config.json +5 -0
- package/src/app/routes/funeral/entities/funeral.json +77 -0
- package/src/app/routes/funeral/entities/funeral_docs.json +36 -0
- package/src/app/routes/funeral/entities/funeral_mourner.json +31 -0
- package/src/app/routes/funeral/entities/funeral_order.json +48 -0
- package/src/app/routes/funeral/entities/funeral_room.json +61 -0
- package/src/app/routes/funeral/entities/funeral_schedule.json +39 -0
- package/src/app/routes/funeral/routes.ts +32 -0
- package/src/app/routes/health/config.json +5 -0
- package/src/app/routes/health/handlers.ts +69 -0
- package/src/app/routes/health/routes.ts +14 -0
- package/src/app/routes/hr/career/config.json +5 -0
- package/src/app/routes/hr/career/entities/employee_career.json +15 -0
- package/src/app/routes/hr/career/routes.ts +25 -0
- package/src/app/routes/hr/config.json +5 -0
- package/src/app/routes/hr/education/config.json +5 -0
- package/src/app/routes/hr/education/entities/employee_education.json +29 -0
- package/src/app/routes/hr/education/entities/employee_education_mans.json +25 -0
- package/src/app/routes/hr/education/entities/employee_school.json +19 -0
- package/src/app/routes/hr/education/routes.ts +28 -0
- package/src/app/routes/hr/employee/config.json +5 -0
- package/src/app/routes/hr/employee/entities/employee.json +59 -0
- package/src/app/routes/hr/employee/entities/employee_cert.json +19 -0
- package/src/app/routes/hr/employee/entities/employee_reward.json +21 -0
- package/src/app/routes/hr/employee/routes.ts +27 -0
- package/src/app/routes/hr/entities/hr_group.json +47 -0
- package/src/app/routes/hr/entities/hr_group_pv.json +20 -0
- package/src/app/routes/hr/entities/hr_role.json +43 -0
- package/src/app/routes/hr/entities/hr_role_pv.json +20 -0
- package/src/app/routes/hr/routes.ts +29 -0
- package/src/app/routes/messages/chat/config.json +5 -0
- package/src/app/routes/messages/chat/entities/user_chat.json +47 -0
- package/src/app/routes/messages/chat/entities/user_chat_room.json +38 -0
- package/src/app/routes/messages/chat/entities/user_chat_room_member.json +49 -0
- package/src/app/routes/messages/chat/routes.ts +28 -0
- package/src/app/routes/messages/msgbox/config.json +5 -0
- package/src/app/routes/messages/msgbox/entities/user_msgbox.json +73 -0
- package/src/app/routes/messages/msgbox/routes.ts +28 -0
- package/src/app/routes/password-reset/config.example.json +13 -0
- package/src/app/routes/password-reset/config.json +15 -0
- package/src/app/routes/password-reset/entities/account.json +13 -0
- package/src/app/routes/password-reset/handlers.ts +335 -0
- package/src/app/routes/password-reset/password-utils.ts +96 -0
- package/src/app/routes/password-reset/routes.ts +84 -0
- package/src/app/routes/password-reset/templates/password_reset.html +21 -0
- package/src/app/routes/password-reset/templates/password_reset_link.html +19 -0
- package/src/app/routes/password-reset/types/index.ts +95 -0
- package/src/app/routes/privilege/config.json +5 -0
- package/src/app/routes/privilege/entities/pv_group.json +29 -0
- package/src/app/routes/privilege/entities/pv_group_item.json +31 -0
- package/src/app/routes/privilege/entities/pv_item.json +176 -0
- package/src/app/routes/privilege/entities/user_pv_group.json +20 -0
- package/src/app/routes/privilege/entities/user_pv_item.json +20 -0
- package/src/app/routes/privilege/routes.ts +33 -0
- package/src/app/routes/user/config.json +5 -0
- package/src/app/routes/user/entities/user.json +64 -0
- package/src/app/routes/user/entities/user_biometric.json +28 -0
- package/src/app/routes/user/routes.ts +27 -0
- package/src/app/routes/vessel-tracking/config.json +3 -0
- package/src/app/routes/vessel-tracking/entities/tracked_vessel.json +261 -0
- package/src/app/routes/vessel-tracking/handlers.ts +134 -0
- package/src/app/routes/vessel-tracking/routes.ts +25 -0
- package/src/app/routes/vessel-tracking/types/index.ts +5 -0
- package/src/app/routes/vessel-tracking/types/vessel.ts +59 -0
- package/src/app/schedules/README.md +105 -0
- package/src/app/schedules/ais_sync/config.json +4 -0
- package/src/app/schedules/ais_sync/index.ts +69 -0
- package/src/app/schedules/data-retention/config.json +9 -0
- package/src/app/schedules/data-retention/index.ts +238 -0
- package/src/app/schedules/dormancy/config.json +15 -0
- package/src/app/schedules/dormancy/entities/account.json +14 -0
- package/src/app/schedules/dormancy/entities/privacy_cron_lock.json +23 -0
- package/src/app/schedules/dormancy/index.ts +289 -0
- package/src/app/schedules/dormancy/templates/dormancy_completed.html +21 -0
- package/src/app/schedules/dormancy/templates/dormancy_warning.html +20 -0
- package/src/app/schedules/kobc_freight_sync/config.json +4 -0
- package/src/app/schedules/kobc_freight_sync/index.ts +94 -0
- package/src/app/schedules/vessel_kr_sync/config.json +4 -0
- package/src/app/schedules/vessel_kr_sync/index.ts +72 -0
- package/src/system/app.ts +129 -0
- package/src/system/cache/_store-ref.ts +15 -0
- package/src/system/cache/config.ts +61 -0
- package/src/system/cache/drivers/memcached.ts +135 -0
- package/src/system/cache/drivers/memory.ts +92 -0
- package/src/system/cache/drivers/redis.ts +109 -0
- package/src/system/cache/index.ts +43 -0
- package/src/system/cache/namespaced.ts +79 -0
- package/src/system/cache/plugin.ts +59 -0
- package/src/system/cache/types.ts +81 -0
- package/src/system/config/config-path.ts +20 -0
- package/src/system/config/cors.ts +49 -0
- package/src/system/config/database.ts +190 -0
- package/src/system/config/entity-server.ts +8 -0
- package/src/system/config/env-substitution.ts +4 -0
- package/src/system/config/env.ts +30 -0
- package/src/system/config/json-config.ts +13 -0
- package/src/system/config/module-path.ts +16 -0
- package/src/system/config/packet-encrypt.ts +80 -0
- package/src/system/config/rate-limit.ts +4 -0
- package/src/system/config/security-loader.ts +25 -0
- package/src/system/config/security.ts +16 -0
- package/src/system/config/server.ts +81 -0
- package/src/system/crypto/cipher.ts +117 -0
- package/src/system/crypto/data-encrypt.ts +174 -0
- package/src/system/crypto/hash.ts +24 -0
- package/src/system/crypto/packet.test.ts +23 -0
- package/src/system/crypto/packet.ts +97 -0
- package/src/system/crypto/random.ts +19 -0
- package/src/system/email/sender.ts +85 -0
- package/src/system/email/template-engine.ts +147 -0
- package/src/system/entity-server/bootstrap.ts +270 -0
- package/src/system/entity-server/client.ts +64 -0
- package/src/system/hooks/loader.ts +32 -0
- package/src/system/hooks/runner.ts +159 -0
- package/src/system/hooks/types.ts +75 -0
- package/src/system/hooks/withdraw-hooks.ts +42 -0
- package/src/system/http/cookie.ts +62 -0
- package/src/system/http/response.ts +16 -0
- package/src/system/index.ts +48 -0
- package/src/system/logging/log-format.ts +50 -0
- package/src/system/logging/logger.ts +104 -0
- package/src/system/middleware/_db-ref.ts +26 -0
- package/src/system/middleware/_push-ref.ts +28 -0
- package/src/system/middleware/access-log.ts +34 -0
- package/src/system/middleware/auth.ts +67 -0
- package/src/system/middleware/csrf.ts +172 -0
- package/src/system/middleware/database.ts +44 -0
- package/src/system/middleware/error-handler.ts +51 -0
- package/src/system/middleware/extension-loader.ts +111 -0
- package/src/system/middleware/packet-encrypt.ts +281 -0
- package/src/system/middleware/request-id.ts +18 -0
- package/src/system/plugins/access-log.ts +34 -0
- package/src/system/plugins/packet-encrypt.ts +281 -0
- package/src/system/proxy/register.ts +37 -0
- package/src/system/public-api.ts +140 -0
- package/src/system/push/sender.ts +131 -0
- package/src/system/routes/entity-interceptor.ts +327 -0
- package/src/system/routes/loader.ts +215 -0
- package/src/system/scheduler/cron-utils.ts +150 -0
- package/src/system/scheduler/distributed-lock.ts +141 -0
- package/src/system/scheduler/schedule-loader.ts +105 -0
- package/src/system/security/anonymous-device-id.ts +41 -0
- package/src/system/security/anonymous-device.ts +98 -0
- package/src/system/security/anonymous-packet-token.ts +23 -0
- package/src/system/security/packet-bootstrap.ts +16 -0
- package/src/system/security/password-policy.ts +191 -0
- package/src/system/startup-banner.ts +191 -0
- package/src/system/types/fastify.d.ts +53 -0
- package/src/system/utils/app-path.ts +31 -0
- package/src/system/utils/coerce.ts +28 -0
- package/src/system/utils/date-prefixed-log-stream.ts +176 -0
- package/src/system/utils/errors.ts +66 -0
- package/src/system/utils/format.ts +45 -0
- package/src/system/utils/http-client.ts +79 -0
- package/src/system/utils/user-agent.ts +82 -0
- package/tsconfig.app.json +17 -0
- package/tsconfig.json +39 -0
|
@@ -0,0 +1,281 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* 패킷 암호화 미들웨어 플러그인
|
|
3
|
+
*
|
|
4
|
+
* Go Entity Server의 internal/middleware/packet_encrypt.go를 Fastify로 포팅.
|
|
5
|
+
*
|
|
6
|
+
* 동작:
|
|
7
|
+
* [요청 복호화]
|
|
8
|
+
* - 인증된 사용자의 POST/PUT/DELETE 요청이 Content-Type: application/octet-stream이면 복호화
|
|
9
|
+
* - require_encryption=true 시 인증된 요청의 평문 JSON을 거부 (400)
|
|
10
|
+
* - GET/HEAD/OPTIONS는 건너뜀
|
|
11
|
+
*
|
|
12
|
+
* [응답 암호화]
|
|
13
|
+
* - 2xx 성공 응답만 암호화
|
|
14
|
+
* - 4xx/5xx 에러는 평문 JSON 유지
|
|
15
|
+
*
|
|
16
|
+
* 키 파생:
|
|
17
|
+
* - JWT 인증: HKDF-SHA256(jwt_token, "entity-server:packet-encryption")
|
|
18
|
+
* - HMAC 인증: HKDF-SHA256(hmac_secret, "entity-server:packet-encryption")
|
|
19
|
+
*/
|
|
20
|
+
|
|
21
|
+
import fp from "fastify-plugin";
|
|
22
|
+
import type { FastifyInstance, FastifyRequest, FastifyReply } from "fastify";
|
|
23
|
+
import { env, logger } from "../config/env.ts";
|
|
24
|
+
import { cache } from "../cache/index.ts";
|
|
25
|
+
import {
|
|
26
|
+
derivePacketKey,
|
|
27
|
+
deriveKey32HKDF,
|
|
28
|
+
packetMagicLenFromKey,
|
|
29
|
+
encryptPacket,
|
|
30
|
+
decryptPacket,
|
|
31
|
+
} from "../crypto/packet.ts";
|
|
32
|
+
import {
|
|
33
|
+
loadPacketEncryptConfig,
|
|
34
|
+
type PacketEncryptConfig,
|
|
35
|
+
} from "../config/packet-encrypt.ts";
|
|
36
|
+
import { readAnonymousDeviceId } from "../security/anonymous-device-id.ts";
|
|
37
|
+
import { deriveAnonymousPacketToken } from "../security/anonymous-packet-token.ts";
|
|
38
|
+
|
|
39
|
+
const SAFE_METHODS = new Set(["GET", "HEAD", "OPTIONS"]);
|
|
40
|
+
|
|
41
|
+
/**
|
|
42
|
+
* 요청에서 패킷 키를 유도합니다.
|
|
43
|
+
* JWT 토큰이 있으면 JWT 기반, 없으면 HMAC secret 기반.
|
|
44
|
+
*/
|
|
45
|
+
async function deriveKeyForRequest(
|
|
46
|
+
req: FastifyRequest,
|
|
47
|
+
infoLabel: string,
|
|
48
|
+
anonymousDeviceId?: string | null,
|
|
49
|
+
): Promise<Buffer | null> {
|
|
50
|
+
const authHeader = req.headers.authorization;
|
|
51
|
+
if (authHeader?.startsWith("Bearer ")) {
|
|
52
|
+
const token = authHeader.substring(7);
|
|
53
|
+
// infoLabel을 cfg에서 받아 사용 (hardcoded "entity-server:packet-encryption" 제거)
|
|
54
|
+
return derivePacketKey(token, infoLabel);
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
// HMAC 인증 (API key)
|
|
58
|
+
if (req.headers["x-api-key"]) {
|
|
59
|
+
return deriveKey32HKDF(env.ENTITY_HMAC_SECRET, infoLabel);
|
|
60
|
+
}
|
|
61
|
+
|
|
62
|
+
const packetTokenHeader = req.headers["x-packet-token"];
|
|
63
|
+
const packetToken = Array.isArray(packetTokenHeader)
|
|
64
|
+
? packetTokenHeader[0]
|
|
65
|
+
: packetTokenHeader;
|
|
66
|
+
if (packetToken) {
|
|
67
|
+
return derivePacketKey(packetToken, infoLabel);
|
|
68
|
+
}
|
|
69
|
+
|
|
70
|
+
if (anonymousDeviceId) {
|
|
71
|
+
const packetToken = deriveAnonymousPacketToken(
|
|
72
|
+
anonymousDeviceId,
|
|
73
|
+
infoLabel,
|
|
74
|
+
);
|
|
75
|
+
return derivePacketKey(packetToken, infoLabel);
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
return null;
|
|
79
|
+
}
|
|
80
|
+
|
|
81
|
+
async function resolvePacketKey(
|
|
82
|
+
req: FastifyRequest,
|
|
83
|
+
cfg: PacketEncryptConfig,
|
|
84
|
+
): Promise<Buffer | null> {
|
|
85
|
+
const authHeader = req.headers.authorization;
|
|
86
|
+
const apiKey = req.headers["x-api-key"] as string | undefined;
|
|
87
|
+
const packetTokenHeader = req.headers["x-packet-token"];
|
|
88
|
+
const packetToken = Array.isArray(packetTokenHeader)
|
|
89
|
+
? packetTokenHeader[0]
|
|
90
|
+
: packetTokenHeader;
|
|
91
|
+
const anonymousDeviceId = readAnonymousDeviceId(req, cfg);
|
|
92
|
+
const keyCacheId =
|
|
93
|
+
authHeader ??
|
|
94
|
+
(apiKey
|
|
95
|
+
? `hmac:${apiKey}`
|
|
96
|
+
: packetToken
|
|
97
|
+
? `anon-token:${packetToken}`
|
|
98
|
+
: anonymousDeviceId
|
|
99
|
+
? `anon:${anonymousDeviceId}`
|
|
100
|
+
: null);
|
|
101
|
+
|
|
102
|
+
if (!keyCacheId) {
|
|
103
|
+
return null;
|
|
104
|
+
}
|
|
105
|
+
|
|
106
|
+
const store = cache();
|
|
107
|
+
const cacheKey = `pkt_key:${keyCacheId}`;
|
|
108
|
+
const cachedB64 = await store.get<string>(cacheKey);
|
|
109
|
+
if (cachedB64) {
|
|
110
|
+
return Buffer.from(cachedB64, "base64");
|
|
111
|
+
}
|
|
112
|
+
|
|
113
|
+
const key = await deriveKeyForRequest(
|
|
114
|
+
req,
|
|
115
|
+
cfg.infoLabel,
|
|
116
|
+
anonymousDeviceId,
|
|
117
|
+
);
|
|
118
|
+
if (key) {
|
|
119
|
+
await store.set(cacheKey, key.toString("base64"), 5 * 60 * 1000);
|
|
120
|
+
}
|
|
121
|
+
|
|
122
|
+
return key;
|
|
123
|
+
}
|
|
124
|
+
|
|
125
|
+
export default fp(async (app: FastifyInstance) => {
|
|
126
|
+
const cfg = loadPacketEncryptConfig();
|
|
127
|
+
|
|
128
|
+
if (!cfg.enabled) {
|
|
129
|
+
return;
|
|
130
|
+
}
|
|
131
|
+
|
|
132
|
+
app.addContentTypeParser(
|
|
133
|
+
"application/octet-stream",
|
|
134
|
+
{ parseAs: "buffer" },
|
|
135
|
+
(req, body, done) => {
|
|
136
|
+
const rawBody = Buffer.isBuffer(body) ? body : Buffer.from(body);
|
|
137
|
+
req.rawBody = rawBody;
|
|
138
|
+
done(null, rawBody);
|
|
139
|
+
},
|
|
140
|
+
);
|
|
141
|
+
|
|
142
|
+
// ─── 요청 복호화 (preValidation) ───
|
|
143
|
+
app.addHook(
|
|
144
|
+
"preValidation",
|
|
145
|
+
async (req: FastifyRequest, reply: FastifyReply) => {
|
|
146
|
+
// skip paths 스킵
|
|
147
|
+
const urlPath = req.url.split("?")[0];
|
|
148
|
+
for (const skip of cfg.skipPaths) {
|
|
149
|
+
if (urlPath.startsWith(skip)) return;
|
|
150
|
+
}
|
|
151
|
+
|
|
152
|
+
const key = await resolvePacketKey(req, cfg);
|
|
153
|
+
if (!key) return;
|
|
154
|
+
|
|
155
|
+
req._packetKey = key;
|
|
156
|
+
|
|
157
|
+
// safe methods는 요청 본문 복호화만 생략하고 응답 암호화는 유지
|
|
158
|
+
if (SAFE_METHODS.has(req.method)) return;
|
|
159
|
+
|
|
160
|
+
const contentType = (
|
|
161
|
+
req.headers["content-type"] ?? ""
|
|
162
|
+
).toLowerCase();
|
|
163
|
+
const rawBody =
|
|
164
|
+
req.rawBody ??
|
|
165
|
+
(Buffer.isBuffer(req.body)
|
|
166
|
+
? req.body
|
|
167
|
+
: req.body instanceof Uint8Array
|
|
168
|
+
? Buffer.from(req.body)
|
|
169
|
+
: undefined);
|
|
170
|
+
|
|
171
|
+
if (!rawBody || rawBody.length === 0) return;
|
|
172
|
+
|
|
173
|
+
if (contentType.includes("application/octet-stream")) {
|
|
174
|
+
// 암호화된 요청 → 복호화
|
|
175
|
+
const magicLen = packetMagicLenFromKey(
|
|
176
|
+
key,
|
|
177
|
+
cfg.magicMin,
|
|
178
|
+
cfg.magicRange,
|
|
179
|
+
);
|
|
180
|
+
try {
|
|
181
|
+
const plaintext = await decryptPacket(
|
|
182
|
+
rawBody,
|
|
183
|
+
key,
|
|
184
|
+
magicLen,
|
|
185
|
+
);
|
|
186
|
+
// 복호화된 body를 요청에 주입
|
|
187
|
+
req.rawBody = plaintext;
|
|
188
|
+
(req as any).body = JSON.parse(plaintext.toString());
|
|
189
|
+
req.headers["content-type"] = "application/json";
|
|
190
|
+
} catch (err) {
|
|
191
|
+
logger.warn(
|
|
192
|
+
{ error: (err as Error).message, url: req.url },
|
|
193
|
+
"Request decryption failed",
|
|
194
|
+
);
|
|
195
|
+
return reply.code(400).send({
|
|
196
|
+
success: false,
|
|
197
|
+
error: "Request decryption failed",
|
|
198
|
+
});
|
|
199
|
+
}
|
|
200
|
+
} else if (
|
|
201
|
+
cfg.requireEncryption &&
|
|
202
|
+
contentType.includes("application/json")
|
|
203
|
+
) {
|
|
204
|
+
// 평문 JSON → 암호화 필수 위반
|
|
205
|
+
return reply.code(400).send({
|
|
206
|
+
success: false,
|
|
207
|
+
error: "Encrypted request required",
|
|
208
|
+
});
|
|
209
|
+
}
|
|
210
|
+
},
|
|
211
|
+
);
|
|
212
|
+
|
|
213
|
+
// ─── 응답 암호화 (onSend) ───
|
|
214
|
+
app.addHook(
|
|
215
|
+
"onSend",
|
|
216
|
+
async (req: FastifyRequest, reply: FastifyReply, payload: unknown) => {
|
|
217
|
+
if ((req as any)._packetResponseHandled) return payload;
|
|
218
|
+
|
|
219
|
+
// 패킷 키가 없으면 (복호화하지 않은 요청) 건너뜀
|
|
220
|
+
const key = req._packetKey;
|
|
221
|
+
if (!key) return payload;
|
|
222
|
+
|
|
223
|
+
// 2xx만 암호화
|
|
224
|
+
const status = reply.statusCode;
|
|
225
|
+
if (status < 200 || status >= 300) return payload;
|
|
226
|
+
if (payload == null) return payload;
|
|
227
|
+
|
|
228
|
+
try {
|
|
229
|
+
// payload를 Buffer로 변환
|
|
230
|
+
let plaintext: Buffer;
|
|
231
|
+
if (typeof payload === "string") {
|
|
232
|
+
plaintext = Buffer.from(payload);
|
|
233
|
+
} else if (Buffer.isBuffer(payload)) {
|
|
234
|
+
plaintext = payload;
|
|
235
|
+
} else if (payload instanceof Uint8Array) {
|
|
236
|
+
plaintext = Buffer.from(payload);
|
|
237
|
+
} else {
|
|
238
|
+
const serialized = JSON.stringify(payload);
|
|
239
|
+
if (serialized == null) {
|
|
240
|
+
return payload;
|
|
241
|
+
}
|
|
242
|
+
plaintext = Buffer.from(serialized);
|
|
243
|
+
}
|
|
244
|
+
|
|
245
|
+
if (plaintext.length === 0) return payload;
|
|
246
|
+
|
|
247
|
+
const magicLen = packetMagicLenFromKey(
|
|
248
|
+
key,
|
|
249
|
+
cfg.magicMin,
|
|
250
|
+
cfg.magicRange,
|
|
251
|
+
);
|
|
252
|
+
const encrypted = await encryptPacket(plaintext, key, magicLen);
|
|
253
|
+
|
|
254
|
+
reply.header("content-type", "application/octet-stream");
|
|
255
|
+
return encrypted;
|
|
256
|
+
} catch (err) {
|
|
257
|
+
logger.error(
|
|
258
|
+
{
|
|
259
|
+
error: (err as Error).message,
|
|
260
|
+
stack: (err as Error).stack,
|
|
261
|
+
payloadType:
|
|
262
|
+
payload == null
|
|
263
|
+
? String(payload)
|
|
264
|
+
: Buffer.isBuffer(payload)
|
|
265
|
+
? "buffer"
|
|
266
|
+
: typeof payload,
|
|
267
|
+
responseContentType: reply.getHeader("content-type"),
|
|
268
|
+
},
|
|
269
|
+
"Response encryption failed",
|
|
270
|
+
);
|
|
271
|
+
// 암호화 실패 → 평문 노출 방지를 위해 에러 반환
|
|
272
|
+
reply.code(500);
|
|
273
|
+
reply.header("content-type", "application/json; charset=utf-8");
|
|
274
|
+
return JSON.stringify({
|
|
275
|
+
success: false,
|
|
276
|
+
error: "Response encryption failed",
|
|
277
|
+
});
|
|
278
|
+
}
|
|
279
|
+
},
|
|
280
|
+
);
|
|
281
|
+
});
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import fp from "fastify-plugin";
|
|
2
|
+
import type { FastifyInstance, FastifyRequest, FastifyReply } from "fastify";
|
|
3
|
+
import { v4 as uuidv4 } from "uuid";
|
|
4
|
+
|
|
5
|
+
/** 요청 ID 플러그인 — X-Request-ID 헤더 관리 */
|
|
6
|
+
export default fp(async (app: FastifyInstance) => {
|
|
7
|
+
app.addHook(
|
|
8
|
+
"onRequest",
|
|
9
|
+
async (req: FastifyRequest, reply: FastifyReply) => {
|
|
10
|
+
// Nginx가 전달한 X-Request-ID가 없으면 직접 생성
|
|
11
|
+
const requestId =
|
|
12
|
+
(req.headers["x-request-id"] as string) ?? uuidv4();
|
|
13
|
+
req.headers["x-request-id"] = requestId;
|
|
14
|
+
reply.header("X-Request-ID", requestId);
|
|
15
|
+
},
|
|
16
|
+
);
|
|
17
|
+
// 응답 로깅은 access-log 플러그인에서 전담 (D6: 중복 로깅 제거)
|
|
18
|
+
});
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Access Log 플러그인 — HTTP 요청/응답을 access.log 파일에 기록
|
|
3
|
+
*
|
|
4
|
+
* server.json의 logging.access.enabled 가 true 일 때만 활성화됩니다.
|
|
5
|
+
* 기록 항목: method, url, statusCode, 응답시간(ms), IP, requestId, User-Agent
|
|
6
|
+
*/
|
|
7
|
+
|
|
8
|
+
import fp from "fastify-plugin";
|
|
9
|
+
import type { FastifyInstance } from "fastify";
|
|
10
|
+
import { accessLogger } from "../logging/logger.ts";
|
|
11
|
+
import { parseUserAgent } from "../utils/user-agent.ts";
|
|
12
|
+
|
|
13
|
+
export default fp(async (app: FastifyInstance) => {
|
|
14
|
+
if (!accessLogger) return;
|
|
15
|
+
|
|
16
|
+
const logger = accessLogger;
|
|
17
|
+
app.addHook("onResponse", (request, reply, done) => {
|
|
18
|
+
const userAgent = parseUserAgent(request.headers["user-agent"]);
|
|
19
|
+
logger.info({
|
|
20
|
+
requestId: request.id,
|
|
21
|
+
method: request.method,
|
|
22
|
+
url: request.url,
|
|
23
|
+
statusCode: reply.statusCode,
|
|
24
|
+
responseTime: Math.round(reply.elapsedTime),
|
|
25
|
+
ip: request.ip,
|
|
26
|
+
userAgent: userAgent.raw || null,
|
|
27
|
+
platform: userAgent.platform ?? null,
|
|
28
|
+
deviceType: userAgent.deviceType ?? null,
|
|
29
|
+
browser: userAgent.browser ?? null,
|
|
30
|
+
browserVersion: userAgent.browserVersion ?? null,
|
|
31
|
+
});
|
|
32
|
+
done();
|
|
33
|
+
});
|
|
34
|
+
});
|
|
@@ -0,0 +1,281 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* 패킷 암호화 미들웨어 플러그인
|
|
3
|
+
*
|
|
4
|
+
* Go Entity Server의 internal/middleware/packet_encrypt.go를 Fastify로 포팅.
|
|
5
|
+
*
|
|
6
|
+
* 동작:
|
|
7
|
+
* [요청 복호화]
|
|
8
|
+
* - 인증된 사용자의 POST/PUT/DELETE 요청이 Content-Type: application/octet-stream이면 복호화
|
|
9
|
+
* - require_encryption=true 시 인증된 요청의 평문 JSON을 거부 (400)
|
|
10
|
+
* - GET/HEAD/OPTIONS는 건너뜀
|
|
11
|
+
*
|
|
12
|
+
* [응답 암호화]
|
|
13
|
+
* - 2xx 성공 응답만 암호화
|
|
14
|
+
* - 4xx/5xx 에러는 평문 JSON 유지
|
|
15
|
+
*
|
|
16
|
+
* 키 파생:
|
|
17
|
+
* - JWT 인증: HKDF-SHA256(jwt_token, "entity-server:packet-encryption")
|
|
18
|
+
* - HMAC 인증: HKDF-SHA256(hmac_secret, "entity-server:packet-encryption")
|
|
19
|
+
*/
|
|
20
|
+
|
|
21
|
+
import fp from "fastify-plugin";
|
|
22
|
+
import type { FastifyInstance, FastifyRequest, FastifyReply } from "fastify";
|
|
23
|
+
import { env, logger } from "../config/env.ts";
|
|
24
|
+
import { cache } from "../cache/index.ts";
|
|
25
|
+
import {
|
|
26
|
+
derivePacketKey,
|
|
27
|
+
deriveKey32HKDF,
|
|
28
|
+
packetMagicLenFromKey,
|
|
29
|
+
encryptPacket,
|
|
30
|
+
decryptPacket,
|
|
31
|
+
} from "../crypto/packet.ts";
|
|
32
|
+
import {
|
|
33
|
+
loadPacketEncryptConfig,
|
|
34
|
+
type PacketEncryptConfig,
|
|
35
|
+
} from "../config/packet-encrypt.ts";
|
|
36
|
+
import { readAnonymousDeviceId } from "../security/anonymous-device-id.ts";
|
|
37
|
+
import { deriveAnonymousPacketToken } from "../security/anonymous-packet-token.ts";
|
|
38
|
+
|
|
39
|
+
const SAFE_METHODS = new Set(["GET", "HEAD", "OPTIONS"]);
|
|
40
|
+
|
|
41
|
+
/**
|
|
42
|
+
* 요청에서 패킷 키를 유도합니다.
|
|
43
|
+
* JWT 토큰이 있으면 JWT 기반, 없으면 HMAC secret 기반.
|
|
44
|
+
*/
|
|
45
|
+
async function deriveKeyForRequest(
|
|
46
|
+
req: FastifyRequest,
|
|
47
|
+
infoLabel: string,
|
|
48
|
+
anonymousDeviceId?: string | null,
|
|
49
|
+
): Promise<Buffer | null> {
|
|
50
|
+
const authHeader = req.headers.authorization;
|
|
51
|
+
if (authHeader?.startsWith("Bearer ")) {
|
|
52
|
+
const token = authHeader.substring(7);
|
|
53
|
+
// infoLabel을 cfg에서 받아 사용 (hardcoded "entity-server:packet-encryption" 제거)
|
|
54
|
+
return derivePacketKey(token, infoLabel);
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
// HMAC 인증 (API key)
|
|
58
|
+
if (req.headers["x-api-key"]) {
|
|
59
|
+
return deriveKey32HKDF(env.ENTITY_HMAC_SECRET, infoLabel);
|
|
60
|
+
}
|
|
61
|
+
|
|
62
|
+
const packetTokenHeader = req.headers["x-packet-token"];
|
|
63
|
+
const packetToken = Array.isArray(packetTokenHeader)
|
|
64
|
+
? packetTokenHeader[0]
|
|
65
|
+
: packetTokenHeader;
|
|
66
|
+
if (packetToken) {
|
|
67
|
+
return derivePacketKey(packetToken, infoLabel);
|
|
68
|
+
}
|
|
69
|
+
|
|
70
|
+
if (anonymousDeviceId) {
|
|
71
|
+
const packetToken = deriveAnonymousPacketToken(
|
|
72
|
+
anonymousDeviceId,
|
|
73
|
+
infoLabel,
|
|
74
|
+
);
|
|
75
|
+
return derivePacketKey(packetToken, infoLabel);
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
return null;
|
|
79
|
+
}
|
|
80
|
+
|
|
81
|
+
async function resolvePacketKey(
|
|
82
|
+
req: FastifyRequest,
|
|
83
|
+
cfg: PacketEncryptConfig,
|
|
84
|
+
): Promise<Buffer | null> {
|
|
85
|
+
const authHeader = req.headers.authorization;
|
|
86
|
+
const apiKey = req.headers["x-api-key"] as string | undefined;
|
|
87
|
+
const packetTokenHeader = req.headers["x-packet-token"];
|
|
88
|
+
const packetToken = Array.isArray(packetTokenHeader)
|
|
89
|
+
? packetTokenHeader[0]
|
|
90
|
+
: packetTokenHeader;
|
|
91
|
+
const anonymousDeviceId = readAnonymousDeviceId(req, cfg);
|
|
92
|
+
const keyCacheId =
|
|
93
|
+
authHeader ??
|
|
94
|
+
(apiKey
|
|
95
|
+
? `hmac:${apiKey}`
|
|
96
|
+
: packetToken
|
|
97
|
+
? `anon-token:${packetToken}`
|
|
98
|
+
: anonymousDeviceId
|
|
99
|
+
? `anon:${anonymousDeviceId}`
|
|
100
|
+
: null);
|
|
101
|
+
|
|
102
|
+
if (!keyCacheId) {
|
|
103
|
+
return null;
|
|
104
|
+
}
|
|
105
|
+
|
|
106
|
+
const store = cache();
|
|
107
|
+
const cacheKey = `pkt_key:${keyCacheId}`;
|
|
108
|
+
const cachedB64 = await store.get<string>(cacheKey);
|
|
109
|
+
if (cachedB64) {
|
|
110
|
+
return Buffer.from(cachedB64, "base64");
|
|
111
|
+
}
|
|
112
|
+
|
|
113
|
+
const key = await deriveKeyForRequest(
|
|
114
|
+
req,
|
|
115
|
+
cfg.infoLabel,
|
|
116
|
+
anonymousDeviceId,
|
|
117
|
+
);
|
|
118
|
+
if (key) {
|
|
119
|
+
await store.set(cacheKey, key.toString("base64"), 5 * 60 * 1000);
|
|
120
|
+
}
|
|
121
|
+
|
|
122
|
+
return key;
|
|
123
|
+
}
|
|
124
|
+
|
|
125
|
+
export default fp(async (app: FastifyInstance) => {
|
|
126
|
+
const cfg = loadPacketEncryptConfig();
|
|
127
|
+
|
|
128
|
+
if (!cfg.enabled) {
|
|
129
|
+
return;
|
|
130
|
+
}
|
|
131
|
+
|
|
132
|
+
app.addContentTypeParser(
|
|
133
|
+
"application/octet-stream",
|
|
134
|
+
{ parseAs: "buffer" },
|
|
135
|
+
(req, body, done) => {
|
|
136
|
+
const rawBody = Buffer.isBuffer(body) ? body : Buffer.from(body);
|
|
137
|
+
req.rawBody = rawBody;
|
|
138
|
+
done(null, rawBody);
|
|
139
|
+
},
|
|
140
|
+
);
|
|
141
|
+
|
|
142
|
+
// ─── 요청 복호화 (preValidation) ───
|
|
143
|
+
app.addHook(
|
|
144
|
+
"preValidation",
|
|
145
|
+
async (req: FastifyRequest, reply: FastifyReply) => {
|
|
146
|
+
// skip paths 스킵
|
|
147
|
+
const urlPath = req.url.split("?")[0];
|
|
148
|
+
for (const skip of cfg.skipPaths) {
|
|
149
|
+
if (urlPath.startsWith(skip)) return;
|
|
150
|
+
}
|
|
151
|
+
|
|
152
|
+
const key = await resolvePacketKey(req, cfg);
|
|
153
|
+
if (!key) return;
|
|
154
|
+
|
|
155
|
+
req._packetKey = key;
|
|
156
|
+
|
|
157
|
+
// safe methods는 요청 본문 복호화만 생략하고 응답 암호화는 유지
|
|
158
|
+
if (SAFE_METHODS.has(req.method)) return;
|
|
159
|
+
|
|
160
|
+
const contentType = (
|
|
161
|
+
req.headers["content-type"] ?? ""
|
|
162
|
+
).toLowerCase();
|
|
163
|
+
const rawBody =
|
|
164
|
+
req.rawBody ??
|
|
165
|
+
(Buffer.isBuffer(req.body)
|
|
166
|
+
? req.body
|
|
167
|
+
: req.body instanceof Uint8Array
|
|
168
|
+
? Buffer.from(req.body)
|
|
169
|
+
: undefined);
|
|
170
|
+
|
|
171
|
+
if (!rawBody || rawBody.length === 0) return;
|
|
172
|
+
|
|
173
|
+
if (contentType.includes("application/octet-stream")) {
|
|
174
|
+
// 암호화된 요청 → 복호화
|
|
175
|
+
const magicLen = packetMagicLenFromKey(
|
|
176
|
+
key,
|
|
177
|
+
cfg.magicMin,
|
|
178
|
+
cfg.magicRange,
|
|
179
|
+
);
|
|
180
|
+
try {
|
|
181
|
+
const plaintext = await decryptPacket(
|
|
182
|
+
rawBody,
|
|
183
|
+
key,
|
|
184
|
+
magicLen,
|
|
185
|
+
);
|
|
186
|
+
// 복호화된 body를 요청에 주입
|
|
187
|
+
req.rawBody = plaintext;
|
|
188
|
+
(req as any).body = JSON.parse(plaintext.toString());
|
|
189
|
+
req.headers["content-type"] = "application/json";
|
|
190
|
+
} catch (err) {
|
|
191
|
+
logger.warn(
|
|
192
|
+
{ error: (err as Error).message, url: req.url },
|
|
193
|
+
"Request decryption failed",
|
|
194
|
+
);
|
|
195
|
+
return reply.code(400).send({
|
|
196
|
+
success: false,
|
|
197
|
+
error: "Request decryption failed",
|
|
198
|
+
});
|
|
199
|
+
}
|
|
200
|
+
} else if (
|
|
201
|
+
cfg.requireEncryption &&
|
|
202
|
+
contentType.includes("application/json")
|
|
203
|
+
) {
|
|
204
|
+
// 평문 JSON → 암호화 필수 위반
|
|
205
|
+
return reply.code(400).send({
|
|
206
|
+
success: false,
|
|
207
|
+
error: "Encrypted request required",
|
|
208
|
+
});
|
|
209
|
+
}
|
|
210
|
+
},
|
|
211
|
+
);
|
|
212
|
+
|
|
213
|
+
// ─── 응답 암호화 (onSend) ───
|
|
214
|
+
app.addHook(
|
|
215
|
+
"onSend",
|
|
216
|
+
async (req: FastifyRequest, reply: FastifyReply, payload: unknown) => {
|
|
217
|
+
if ((req as any)._packetResponseHandled) return payload;
|
|
218
|
+
|
|
219
|
+
// 패킷 키가 없으면 (복호화하지 않은 요청) 건너뜀
|
|
220
|
+
const key = req._packetKey;
|
|
221
|
+
if (!key) return payload;
|
|
222
|
+
|
|
223
|
+
// 2xx만 암호화
|
|
224
|
+
const status = reply.statusCode;
|
|
225
|
+
if (status < 200 || status >= 300) return payload;
|
|
226
|
+
if (payload == null) return payload;
|
|
227
|
+
|
|
228
|
+
try {
|
|
229
|
+
// payload를 Buffer로 변환
|
|
230
|
+
let plaintext: Buffer;
|
|
231
|
+
if (typeof payload === "string") {
|
|
232
|
+
plaintext = Buffer.from(payload);
|
|
233
|
+
} else if (Buffer.isBuffer(payload)) {
|
|
234
|
+
plaintext = payload;
|
|
235
|
+
} else if (payload instanceof Uint8Array) {
|
|
236
|
+
plaintext = Buffer.from(payload);
|
|
237
|
+
} else {
|
|
238
|
+
const serialized = JSON.stringify(payload);
|
|
239
|
+
if (serialized == null) {
|
|
240
|
+
return payload;
|
|
241
|
+
}
|
|
242
|
+
plaintext = Buffer.from(serialized);
|
|
243
|
+
}
|
|
244
|
+
|
|
245
|
+
if (plaintext.length === 0) return payload;
|
|
246
|
+
|
|
247
|
+
const magicLen = packetMagicLenFromKey(
|
|
248
|
+
key,
|
|
249
|
+
cfg.magicMin,
|
|
250
|
+
cfg.magicRange,
|
|
251
|
+
);
|
|
252
|
+
const encrypted = await encryptPacket(plaintext, key, magicLen);
|
|
253
|
+
|
|
254
|
+
reply.header("content-type", "application/octet-stream");
|
|
255
|
+
return encrypted;
|
|
256
|
+
} catch (err) {
|
|
257
|
+
logger.error(
|
|
258
|
+
{
|
|
259
|
+
error: (err as Error).message,
|
|
260
|
+
stack: (err as Error).stack,
|
|
261
|
+
payloadType:
|
|
262
|
+
payload == null
|
|
263
|
+
? String(payload)
|
|
264
|
+
: Buffer.isBuffer(payload)
|
|
265
|
+
? "buffer"
|
|
266
|
+
: typeof payload,
|
|
267
|
+
responseContentType: reply.getHeader("content-type"),
|
|
268
|
+
},
|
|
269
|
+
"Response encryption failed",
|
|
270
|
+
);
|
|
271
|
+
// 암호화 실패 → 평문 노출 방지를 위해 에러 반환
|
|
272
|
+
reply.code(500);
|
|
273
|
+
reply.header("content-type", "application/json; charset=utf-8");
|
|
274
|
+
return JSON.stringify({
|
|
275
|
+
success: false,
|
|
276
|
+
error: "Response encryption failed",
|
|
277
|
+
});
|
|
278
|
+
}
|
|
279
|
+
},
|
|
280
|
+
);
|
|
281
|
+
});
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import type { FastifyInstance } from "fastify";
|
|
2
|
+
import { env } from "../config/env.ts";
|
|
3
|
+
|
|
4
|
+
/** 경로별 타임아웃 정책 (ms) — rewritePrefix 생략 시 /v1/{prefix} 로 자동 변환 */
|
|
5
|
+
const PROXY_ROUTES: Array<{
|
|
6
|
+
prefix: string;
|
|
7
|
+
timeout: number;
|
|
8
|
+
rewritePrefix?: string;
|
|
9
|
+
methods?: string[];
|
|
10
|
+
}> = [
|
|
11
|
+
{ prefix: "auth", timeout: 10_000 },
|
|
12
|
+
// oauth redirect/callback → 게이트웨이(/api/v1/oauth/*)로 이관됨
|
|
13
|
+
{ prefix: "entity", timeout: 30_000 }, // 무거운 쿼리 고려
|
|
14
|
+
{ prefix: "files", timeout: 60_000 }, // 파일 업/다운로드
|
|
15
|
+
{ prefix: "push", timeout: 10_000 },
|
|
16
|
+
{ prefix: "smtp", timeout: 15_000 },
|
|
17
|
+
{ prefix: "utils", timeout: 10_000 },
|
|
18
|
+
];
|
|
19
|
+
|
|
20
|
+
/** Entity Server 프록시 라우트를 일괄 등록한다 */
|
|
21
|
+
export async function registerProxyRoutes(app: FastifyInstance) {
|
|
22
|
+
for (const { prefix, timeout, rewritePrefix, methods } of PROXY_ROUTES) {
|
|
23
|
+
await app.register(import("@fastify/http-proxy"), {
|
|
24
|
+
upstream: env.ENTITY_SERVER_URL,
|
|
25
|
+
prefix: `/api/v1/${prefix}`,
|
|
26
|
+
rewritePrefix: rewritePrefix ?? `/v1/${prefix}`,
|
|
27
|
+
http2: false,
|
|
28
|
+
httpMethods: methods ?? ["GET", "POST", "PUT", "PATCH", "DELETE"],
|
|
29
|
+
replyOptions: {
|
|
30
|
+
timeout,
|
|
31
|
+
onError: (_reply, error) => {
|
|
32
|
+
throw error; // error-handler.ts 가 처리
|
|
33
|
+
},
|
|
34
|
+
},
|
|
35
|
+
});
|
|
36
|
+
}
|
|
37
|
+
}
|