koishi-plugin-aka-ai-generator 0.4.1 → 0.4.4

package/lib/index.js

@@ -29,6 +29,36 @@ var import_koishi = require("koishi");
 var import_fs = require("fs");
 var import_path = require("path");
 
+// src/providers/types.ts
+function sanitizeError(error) {
+  if (!error) return error;
+  if (typeof error === "string") {
+    return sanitizeString(error);
+  }
+  if (Array.isArray(error)) {
+    return error.map((item) => sanitizeError(item));
+  }
+  if (typeof error === "object") {
+    const sanitized = {};
+    for (const key in error) {
+      const lowerKey = key.toLowerCase();
+      if (lowerKey.includes("apikey") || lowerKey.includes("api_key") || lowerKey.includes("apikey") || lowerKey === "key" || lowerKey === "authorization" || lowerKey === "token" || lowerKey === "secret" || lowerKey === "password") {
+        sanitized[key] = "[REDACTED]";
+        continue;
+      }
+      sanitized[key] = sanitizeError(error[key]);
+    }
+    return sanitized;
+  }
+  return error;
+}
+__name(sanitizeError, "sanitizeError");
+function sanitizeString(str) {
+  if (typeof str !== "string") return str;
+  return str.replace(/key["\s:=]+([a-zA-Z0-9_-]{20,})/gi, 'key="[REDACTED]"').replace(/apikey["\s:=]+([a-zA-Z0-9_-]{20,})/gi, 'apikey="[REDACTED]"').replace(/api_key["\s:=]+([a-zA-Z0-9_-]{20,})/gi, 'api_key="[REDACTED]"').replace(/authorization["\s:=]+(Bearer\s+)?([a-zA-Z0-9_-]{20,})/gi, 'authorization="[REDACTED]"').replace(/Bearer\s+([a-zA-Z0-9_-]{20,})/gi, "Bearer [REDACTED]");
+}
+__name(sanitizeString, "sanitizeString");
+
 // src/providers/yunwu.ts
 async function downloadImageAsBase64(ctx, url, timeout, logger) {
   try {
@@ -148,8 +178,9 @@ var YunwuProvider = class {
         allImages.push(...images);
         logger.success("云雾图像编辑 API 调用成功", { current: i + 1, total: numImages });
       } catch (error) {
+        const safeMessage = typeof error?.message === "string" ? sanitizeString(error.message) : "未知错误";
         logger.error("云雾图像编辑 API 调用失败", {
-          message: error?.message || "未知错误",
+          message: safeMessage,
           code: error?.code,
           status: error?.response?.status,
           current: i + 1,
@@ -516,23 +547,25 @@ var GptGodProvider = class {
             await new Promise((resolve) => setTimeout(resolve, delay));
             continue;
           }
+          const sanitizedError = sanitizeError(error);
+          const safeMessage = typeof error?.message === "string" ? sanitizeString(error.message) : "未知错误";
           logger.error("GPTGod 图像编辑 API 调用失败", {
-            message: error?.message || "未知错误",
+            message: safeMessage,
             name: error?.name,
             code: error?.code,
             status: error?.response?.status,
             statusText: error?.response?.statusText,
-            data: error?.response?.data,
-            stack: error?.stack,
-            cause: error?.cause,
+            data: sanitizeError(error?.response?.data),
+            stack: sanitizeString(error?.stack || ""),
+            cause: sanitizeError(error?.cause),
             attempt,
             maxRetries,
             current: i + 1,
             total: numImages,
-            // 如果是 axios 错误，通常会有 config 和 request 信息
+            // 如果是 axios 错误，通常会有 config 和 request 信息（清理敏感信息）
             url: error?.config?.url,
             method: error?.config?.method,
-            headers: error?.config?.headers
+            headers: sanitizeError(error?.config?.headers)
           });
           if (error?.cause?.code === "UND_ERR_SOCKET" || error?.message?.includes("other side closed")) {
             throw new Error("图像处理失败：服务器连接中断，可能是服务器负载过高或网络不稳定，请稍后重试");
@@ -595,8 +628,11 @@ function parseGeminiResponse(response, logger) {
       return [];
     }
     if (response.error) {
-      logger?.error("Gemini API 返回错误", { error: response.error });
-      throw new Error(`Gemini API 错误: ${response.error.message || JSON.stringify(response.error)}`);
+      const sanitizedError = sanitizeError(response.error);
+      logger?.error("Gemini API 返回错误", { error: sanitizedError });
+      const errorMessage = response.error.message || JSON.stringify(sanitizedError);
+      const safeMessage = sanitizeString(errorMessage);
+      throw new Error(`Gemini API 错误: ${safeMessage}`);
     }
     if (response.promptFeedback) {
       const blockReason = response.promptFeedback.blockReason;
@@ -698,8 +734,12 @@ function parseGeminiResponse(response, logger) {
     }
     return images;
   } catch (error) {
-    logger?.error("解析 Gemini 响应时出错", { error: error.message, stack: error.stack });
-    throw error;
+    const safeMessage = sanitizeString(error?.message || "未知错误");
+    const safeStack = sanitizeString(error?.stack || "");
+    logger?.error("解析 Gemini 响应时出错", { error: safeMessage, stack: safeStack });
+    const sanitizedError = new Error(safeMessage);
+    sanitizedError.name = error?.name || "Error";
+    throw sanitizedError;
   }
 }
 __name(parseGeminiResponse, "parseGeminiResponse");
@@ -783,11 +823,13 @@ var GeminiProvider = class {
         }
         allImages.push(...images);
       } catch (error) {
+        const sanitizedError = sanitizeError(error);
+        const safeMessage = typeof error?.message === "string" ? sanitizeString(error.message) : "未知错误";
         logger.error("Gemini API 调用失败", {
-          message: error?.message || "未知错误",
+          message: safeMessage,
           code: error?.code,
           status: error?.response?.status,
-          responseData: error?.response?.data ? JSON.stringify(error.response.data).substring(0, 500) : void 0,
+          responseData: error?.response?.data ? sanitizeString(JSON.stringify(error.response.data).substring(0, 500)) : void 0,
           current: i + 1,
           total: numImages
         });
@@ -795,7 +837,7 @@ var GeminiProvider = class {
           logger.warn("部分图片生成失败，返回已生成的图片", { generated: allImages.length, requested: numImages });
           break;
         }
-        throw new Error(`图像处理API调用失败: ${error?.message || "未知错误"}`);
+        throw new Error(`图像处理API调用失败: ${safeMessage}`);
       }
     }
     if (allImages.length === 0) {
@@ -1122,7 +1164,7 @@ function apply(ctx, config) {
     rateLimitMap.set(userId, userTimestamps);
   }
   __name(updateRateLimit, "updateRateLimit");
-  async function checkDailyLimit(userId, numImages = 1) {
+  async function checkDailyLimit(userId, numImages = 1, updateRateLimitImmediately = true) {
     if (isAdmin(userId)) {
       return { allowed: true, isAdmin: true };
     }
@@ -1130,6 +1172,9 @@ function apply(ctx, config) {
     if (!rateLimitCheck.allowed) {
       return { ...rateLimitCheck, isAdmin: false };
     }
+    if (updateRateLimitImmediately) {
+      updateRateLimit(userId);
+    }
     const usersData = await loadUsersData();
     const userData = usersData[userId];
     if (!userData) {
@@ -1309,7 +1354,6 @@ function apply(ctx, config) {
     const userId = session.userId;
     const userName = session.username || session.userId || "未知用户";
     if (!userId) return;
-    updateRateLimit(userId);
     const { userData, consumptionType, freeUsed, purchasedUsed } = await updateUserData(userId, userName, commandName, numImages);
     if (isAdmin(userId)) {
       await session.send(`📊 使用统计 [管理员]
@@ -1357,22 +1401,18 @@ function apply(ctx, config) {
         return { images: [], text: imgParam.trim() };
       }
       await session.send("请输入画面描述");
-      while (true) {
-        const msg = await session.prompt(3e4);
-        if (!msg) return { error: "等待超时" };
-        const elements = import_koishi.h.parse(msg);
-        const images = import_koishi.h.select(elements, "img");
-        if (images.length > 0) {
-          await session.send("检测到图片，请发送文字描述");
-          continue;
-        }
-        const text = import_koishi.h.select(elements, "text").map((e) => e.attrs.content).join(" ").trim();
-        if (!text) {
-          await session.send("未检测到描述，请重新发送");
-          continue;
-        }
-        return { images: [], text };
+      const msg = await session.prompt(3e4);
+      if (!msg) return { error: "等待超时" };
+      const elements = import_koishi.h.parse(msg);
+      const images = import_koishi.h.select(elements, "img");
+      if (images.length > 0) {
+        return { error: "检测到图片，本功能仅支持文字输入" };
       }
+      const text = import_koishi.h.select(elements, "text").map((e) => e.attrs.content).join(" ").trim();
+      if (!text) {
+        return { error: "未检测到描述，操作已取消" };
+      }
+      return { images: [], text };
     }
     if (imgParam) {
       if (typeof imgParam === "object" && imgParam.attrs?.src) {
@@ -1427,8 +1467,7 @@ function apply(ctx, config) {
       }
       if (text) {
         if (collectedImages.length === 0) {
-          await session.send("未检测到图片，请先发送图片");
-          continue;
+          return { error: "未检测到图片，请重新发起指令并发送图片" };
         }
         collectedText = text;
         break;
@@ -1460,8 +1499,10 @@ function apply(ctx, config) {
     ]).catch((error) => {
       const userId = session.userId;
       if (userId) activeTasks.delete(userId);
-      logger.error("图像处理超时或失败", { userId, error });
-      return error.message === "命令执行超时" ? "图像处理超时，请重试" : `图像处理失败：${error.message}`;
+      const sanitizedError = sanitizeError(error);
+      logger.error("图像处理超时或失败", { userId, error: sanitizedError });
+      const safeMessage = typeof error?.message === "string" ? sanitizeString(error.message) : "未知错误";
+      return error.message === "命令执行超时" ? "图像处理超时，请重试" : `图像处理失败：${safeMessage}`;
     });
   }
   __name(processImageWithTimeout, "processImageWithTimeout");
@@ -1486,23 +1527,20 @@ function apply(ctx, config) {
     finalPrompt = finalPrompt.trim();
     if (!finalPrompt) {
       await session.send("请发送画面描述");
-      while (true) {
-        const promptMsg = await session.prompt(3e4);
-        if (!promptMsg) {
-          return "未检测到描述，请重新发送";
-        }
-        const elements = import_koishi.h.parse(promptMsg);
-        const images = import_koishi.h.select(elements, "img");
-        if (images.length > 0) {
-          await session.send("检测到图片，请发送文字描述");
-          continue;
-        }
-        const text = import_koishi.h.select(elements, "text").map((e) => e.attrs.content).join(" ").trim();
-        if (text) {
-          finalPrompt = text;
-          break;
-        }
-        await session.send("未检测到有效文字描述，请重新发送");
+      const promptMsg = await session.prompt(3e4);
+      if (!promptMsg) {
+        return "未检测到描述，操作已取消";
+      }
+      const elements = import_koishi.h.parse(promptMsg);
+      const images = import_koishi.h.select(elements, "img");
+      if (images.length > 0) {
+        return "检测到图片，本功能仅支持文字输入";
+      }
+      const text = import_koishi.h.select(elements, "text").map((e) => e.attrs.content).join(" ").trim();
+      if (text) {
+        finalPrompt = text;
+      } else {
+        return "未检测到有效文字描述，操作已取消";
       }
     }
     const providerType = requestContext?.provider || config.provider;
@@ -1549,9 +1587,11 @@ ${infoParts.join("\n")}`;
       activeTasks.delete(userId);
     } catch (error) {
       activeTasks.delete(userId);
-      logger.error("图像处理失败", { userId, error });
+      const sanitizedError = sanitizeError(error);
+      logger.error("图像处理失败", { userId, error: sanitizedError });
       if (error?.message) {
-        return `图像处理失败：${error.message}`;
+        const safeMessage = sanitizeString(error.message);
+        return `图像处理失败：${safeMessage}`;
       }
       return "图像处理失败，请稍后重试";
     }
@@ -1670,7 +1710,7 @@ ${infoParts.join("\n")}`;
             prompt = text;
             break;
           }
-          return "未检测到有效内容，请重新发送";
+          return "未检测到有效内容，操作已取消";
         }
         if (collectedImages.length < 2) {
           return "需要至少两张图片进行合成，请重新发送";
@@ -1713,9 +1753,11 @@ Prompt: ${prompt}`);
           activeTasks.delete(userId);
         } catch (error) {
           activeTasks.delete(userId);
-          logger.error("图片合成失败", { userId, error });
+          const sanitizedError = sanitizeError(error);
+          logger.error("图片合成失败", { userId, error: sanitizedError });
           if (error?.message) {
-            return `图片合成失败：${error.message}`;
+            const safeMessage = sanitizeString(error.message);
+            return `图片合成失败：${safeMessage}`;
           }
           return "图片合成失败，请稍后重试";
         }
@@ -1726,8 +1768,10 @@ Prompt: ${prompt}`);
     ]).catch((error) => {
       const userId = session.userId;
       if (userId) activeTasks.delete(userId);
-      logger.error("图片合成超时或失败", { userId, error });
-      return error.message === "命令执行超时" ? "图片合成超时，请重试" : `图片合成失败：${error.message}`;
+      const sanitizedError = sanitizeError(error);
+      logger.error("图片合成超时或失败", { userId, error: sanitizedError });
+      const safeMessage = typeof error?.message === "string" ? sanitizeString(error.message) : "未知错误";
+      return error.message === "命令执行超时" ? "图片合成超时，请重试" : `图片合成失败：${safeMessage}`;
     });
   });
   ctx.command(`${COMMANDS.RECHARGE} [content:text]`, "为用户充值次数（仅管理员）").action(async ({ session }, content) => {

package/lib/providers/types.d.ts

@@ -14,3 +14,11 @@ export interface ProviderConfig {
     logger: any;
     ctx: any;
 }
+/**
+ * 清理对象中的敏感信息（API KEY、密钥等）
+ */
+export declare function sanitizeError(error: any): any;
+/**
+ * 清理字符串中的 API KEY 模式
+ */
+export declare function sanitizeString(str: string): string;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "koishi-plugin-aka-ai-generator",
   "description": "自用AI生成插件(GPTGod & Yunwu)",
-  "version": "0.4.1",
+  "version": "0.4.4",
   "main": "lib/index.js",
   "typings": "lib/index.d.ts",
   "files": [
@@ -9,11 +9,19 @@
     "dist"
   ],
   "license": "MIT",
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch"
+  },
   "keywords": [
     "chatbot",
     "koishi",
     "plugin"
   ],
+  "devDependencies": {
+    "@types/node": "^20.0.0",
+    "typescript": "^5.0.0"
+  },
   "peerDependencies": {
     "koishi": "^4.18.9"
   }