koishi-plugin-aka-ai-generator 0.4.2 → 0.5.0

package/lib/index.d.ts

@@ -25,6 +25,8 @@ export interface UserData {
     donationAmount: number;
     lastUsed: string;
     createdAt: string;
+    safetyBlockCount: number;
+    safetyBlockHistory: string[];
 }
 export interface UsersData {
     [userId: string]: UserData;

package/lib/index.js

@@ -29,6 +29,36 @@ var import_koishi = require("koishi");
 var import_fs = require("fs");
 var import_path = require("path");
 
+// src/providers/types.ts
+function sanitizeError(error) {
+  if (!error) return error;
+  if (typeof error === "string") {
+    return sanitizeString(error);
+  }
+  if (Array.isArray(error)) {
+    return error.map((item) => sanitizeError(item));
+  }
+  if (typeof error === "object") {
+    const sanitized = {};
+    for (const key in error) {
+      const lowerKey = key.toLowerCase();
+      if (lowerKey.includes("apikey") || lowerKey.includes("api_key") || lowerKey.includes("apikey") || lowerKey === "key" || lowerKey === "authorization" || lowerKey === "token" || lowerKey === "secret" || lowerKey === "password") {
+        sanitized[key] = "[REDACTED]";
+        continue;
+      }
+      sanitized[key] = sanitizeError(error[key]);
+    }
+    return sanitized;
+  }
+  return error;
+}
+__name(sanitizeError, "sanitizeError");
+function sanitizeString(str) {
+  if (typeof str !== "string") return str;
+  return str.replace(/key["\s:=]+([a-zA-Z0-9_-]{20,})/gi, 'key="[REDACTED]"').replace(/apikey["\s:=]+([a-zA-Z0-9_-]{20,})/gi, 'apikey="[REDACTED]"').replace(/api_key["\s:=]+([a-zA-Z0-9_-]{20,})/gi, 'api_key="[REDACTED]"').replace(/authorization["\s:=]+(Bearer\s+)?([a-zA-Z0-9_-]{20,})/gi, 'authorization="[REDACTED]"').replace(/Bearer\s+([a-zA-Z0-9_-]{20,})/gi, "Bearer [REDACTED]");
+}
+__name(sanitizeString, "sanitizeString");
+
 // src/providers/yunwu.ts
 async function downloadImageAsBase64(ctx, url, timeout, logger) {
   try {
@@ -148,8 +178,9 @@ var YunwuProvider = class {
         allImages.push(...images);
         logger.success("云雾图像编辑 API 调用成功", { current: i + 1, total: numImages });
       } catch (error) {
+        const safeMessage = typeof error?.message === "string" ? sanitizeString(error.message) : "未知错误";
         logger.error("云雾图像编辑 API 调用失败", {
-          message: error?.message || "未知错误",
+          message: safeMessage,
           code: error?.code,
           status: error?.response?.status,
           current: i + 1,
@@ -516,23 +547,25 @@ var GptGodProvider = class {
             await new Promise((resolve) => setTimeout(resolve, delay));
             continue;
           }
+          const sanitizedError = sanitizeError(error);
+          const safeMessage = typeof error?.message === "string" ? sanitizeString(error.message) : "未知错误";
           logger.error("GPTGod 图像编辑 API 调用失败", {
-            message: error?.message || "未知错误",
+            message: safeMessage,
             name: error?.name,
             code: error?.code,
             status: error?.response?.status,
             statusText: error?.response?.statusText,
-            data: error?.response?.data,
-            stack: error?.stack,
-            cause: error?.cause,
+            data: sanitizeError(error?.response?.data),
+            stack: sanitizeString(error?.stack || ""),
+            cause: sanitizeError(error?.cause),
             attempt,
             maxRetries,
             current: i + 1,
             total: numImages,
-            // 如果是 axios 错误，通常会有 config 和 request 信息
+            // 如果是 axios 错误，通常会有 config 和 request 信息（清理敏感信息）
             url: error?.config?.url,
             method: error?.config?.method,
-            headers: error?.config?.headers
+            headers: sanitizeError(error?.config?.headers)
           });
           if (error?.cause?.code === "UND_ERR_SOCKET" || error?.message?.includes("other side closed")) {
             throw new Error("图像处理失败：服务器连接中断，可能是服务器负载过高或网络不稳定，请稍后重试");
@@ -595,8 +628,11 @@ function parseGeminiResponse(response, logger) {
       return [];
     }
     if (response.error) {
-      logger?.error("Gemini API 返回错误", { error: response.error });
-      throw new Error(`Gemini API 错误: ${response.error.message || JSON.stringify(response.error)}`);
+      const sanitizedError = sanitizeError(response.error);
+      logger?.error("Gemini API 返回错误", { error: sanitizedError });
+      const errorMessage = response.error.message || JSON.stringify(sanitizedError);
+      const safeMessage = sanitizeString(errorMessage);
+      throw new Error(`Gemini API 错误: ${safeMessage}`);
     }
     if (response.promptFeedback) {
       const blockReason = response.promptFeedback.blockReason;
@@ -698,8 +734,12 @@ function parseGeminiResponse(response, logger) {
     }
     return images;
   } catch (error) {
-    logger?.error("解析 Gemini 响应时出错", { error: error.message, stack: error.stack });
-    throw error;
+    const safeMessage = sanitizeString(error?.message || "未知错误");
+    const safeStack = sanitizeString(error?.stack || "");
+    logger?.error("解析 Gemini 响应时出错", { error: safeMessage, stack: safeStack });
+    const sanitizedError = new Error(safeMessage);
+    sanitizedError.name = error?.name || "Error";
+    throw sanitizedError;
   }
 }
 __name(parseGeminiResponse, "parseGeminiResponse");
@@ -783,11 +823,13 @@ var GeminiProvider = class {
         }
         allImages.push(...images);
       } catch (error) {
+        const sanitizedError = sanitizeError(error);
+        const safeMessage = typeof error?.message === "string" ? sanitizeString(error.message) : "未知错误";
         logger.error("Gemini API 调用失败", {
-          message: error?.message || "未知错误",
+          message: safeMessage,
           code: error?.code,
           status: error?.response?.status,
-          responseData: error?.response?.data ? JSON.stringify(error.response.data).substring(0, 500) : void 0,
+          responseData: error?.response?.data ? sanitizeString(JSON.stringify(error.response.data).substring(0, 500)) : void 0,
           current: i + 1,
           total: numImages
         });
@@ -795,7 +837,7 @@ var GeminiProvider = class {
           logger.warn("部分图片生成失败，返回已生成的图片", { generated: allImages.length, requested: numImages });
           break;
         }
-        throw new Error(`图像处理API调用失败: ${error?.message || "未知错误"}`);
+        throw new Error(`图像处理API调用失败: ${safeMessage}`);
       }
     }
     if (allImages.length === 0) {
@@ -1122,7 +1164,7 @@ function apply(ctx, config) {
     rateLimitMap.set(userId, userTimestamps);
   }
   __name(updateRateLimit, "updateRateLimit");
-  async function checkDailyLimit(userId, numImages = 1) {
+  async function checkDailyLimit(userId, numImages = 1, updateRateLimitImmediately = true) {
     if (isAdmin(userId)) {
       return { allowed: true, isAdmin: true };
     }
@@ -1130,6 +1172,9 @@ function apply(ctx, config) {
     if (!rateLimitCheck.allowed) {
       return { ...rateLimitCheck, isAdmin: false };
     }
+    if (updateRateLimitImmediately) {
+      updateRateLimit(userId);
+    }
     const usersData = await loadUsersData();
     const userData = usersData[userId];
     if (!userData) {
@@ -1162,6 +1207,46 @@ function apply(ctx, config) {
     return { allowed: true, isAdmin: false };
   }
   __name(checkDailyLimit, "checkDailyLimit");
+  function isSafetyBlockError(error) {
+    if (!error) return false;
+    const errorMessage = typeof error === "string" ? error : error?.message || "";
+    if (!errorMessage) return false;
+    const lowerMessage = errorMessage.toLowerCase();
+    const safetyKeywords = [
+      "安全策略",
+      "被阻止",
+      "被拦截",
+      "blocked",
+      "safety",
+      "prohibited",
+      "recitation",
+      "内容被阻止",
+      "内容被拦截",
+      "安全策略阻止",
+      "安全策略拦截"
+    ];
+    return safetyKeywords.some((keyword) => lowerMessage.includes(keyword.toLowerCase()));
+  }
+  __name(isSafetyBlockError, "isSafetyBlockError");
+  async function checkSafetyBlockLimit(userId) {
+    const usersData = await loadUsersData();
+    const userData = usersData[userId];
+    if (!userData || !userData.safetyBlockHistory || userData.safetyBlockHistory.length === 0) {
+      return { allowed: true };
+    }
+    const windowSize = 10;
+    const recentBlocks = userData.safetyBlockHistory.slice(-windowSize);
+    const blockRate = recentBlocks.length / windowSize;
+    const threshold = 0.5;
+    if (blockRate > threshold) {
+      return {
+        allowed: false,
+        message: `检测到您最近多次发送被安全策略拦截的内容（拦截率：${(blockRate * 100).toFixed(0)}%），请检查您的内容是否符合使用规范。如继续发送违规内容，可能会被进一步限制。`
+      };
+    }
+    return { allowed: true };
+  }
+  __name(checkSafetyBlockLimit, "checkSafetyBlockLimit");
   async function getPromptInput(session, message) {
     await session.send(message);
     const input = await session.prompt(3e4);
@@ -1241,15 +1326,24 @@ function apply(ctx, config) {
         donationCount: 0,
         donationAmount: 0,
         lastUsed: (/* @__PURE__ */ new Date()).toISOString(),
-        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+        createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+        safetyBlockCount: 0,
+        safetyBlockHistory: []
       };
       await saveUsersData(usersData);
       logger.info("创建新用户数据", { userId, userName });
+    } else {
+      if (usersData[userId].safetyBlockCount === void 0) {
+        usersData[userId].safetyBlockCount = 0;
+      }
+      if (usersData[userId].safetyBlockHistory === void 0) {
+        usersData[userId].safetyBlockHistory = [];
+      }
     }
     return usersData[userId];
   }
   __name(getUserData, "getUserData");
-  async function updateUserData(userId, userName, commandName, numImages = 1) {
+  async function updateUserData(userId, userName, commandName, numImages = 1, isSafetyBlock = false) {
     const usersData = await loadUsersData();
     const now = (/* @__PURE__ */ new Date()).toISOString();
     const today = (/* @__PURE__ */ new Date()).toDateString();
@@ -1265,11 +1359,19 @@ function apply(ctx, config) {
         donationCount: 0,
         donationAmount: 0,
         lastUsed: now,
-        createdAt: now
+        createdAt: now,
+        safetyBlockCount: isSafetyBlock ? numImages : 0,
+        safetyBlockHistory: isSafetyBlock ? [now] : []
       };
       await saveUsersData(usersData);
       return { userData: usersData[userId], consumptionType: "free", freeUsed: numImages, purchasedUsed: 0 };
     }
+    if (usersData[userId].safetyBlockCount === void 0) {
+      usersData[userId].safetyBlockCount = 0;
+    }
+    if (usersData[userId].safetyBlockHistory === void 0) {
+      usersData[userId].safetyBlockHistory = [];
+    }
     usersData[userId].totalUsageCount += numImages;
     usersData[userId].lastUsed = now;
     const lastReset = new Date(usersData[userId].lastDailyReset || usersData[userId].createdAt).toDateString();
@@ -1293,6 +1395,13 @@ function apply(ctx, config) {
       purchasedUsed = purchasedToUse;
       remainingToConsume -= purchasedToUse;
     }
+    if (isSafetyBlock) {
+      usersData[userId].safetyBlockCount += numImages;
+      usersData[userId].safetyBlockHistory.push(now);
+      if (usersData[userId].safetyBlockHistory.length > 20) {
+        usersData[userId].safetyBlockHistory = usersData[userId].safetyBlockHistory.slice(-20);
+      }
+    }
     await saveUsersData(usersData);
     let consumptionType;
     if (freeUsed > 0 && purchasedUsed > 0) {
@@ -1305,17 +1414,17 @@ function apply(ctx, config) {
     return { userData: usersData[userId], consumptionType, freeUsed, purchasedUsed };
   }
   __name(updateUserData, "updateUserData");
-  async function recordUserUsage(session, commandName, numImages = 1) {
+  async function recordUserUsage(session, commandName, numImages = 1, isSafetyBlock = false) {
     const userId = session.userId;
     const userName = session.username || session.userId || "未知用户";
     if (!userId) return;
-    updateRateLimit(userId);
-    const { userData, consumptionType, freeUsed, purchasedUsed } = await updateUserData(userId, userName, commandName, numImages);
+    const { userData, consumptionType, freeUsed, purchasedUsed } = await updateUserData(userId, userName, commandName, numImages, isSafetyBlock);
     if (isAdmin(userId)) {
+      const blockInfo = isSafetyBlock ? "\n⚠️ 本次请求被安全策略拦截，已扣除使用次数" : "";
       await session.send(`📊 使用统计 [管理员]
 用户：${userData.userName}
 总调用次数：${userData.totalUsageCount}次
-状态：无限制使用`);
+状态：无限制使用${blockInfo}`);
     } else {
       const remainingToday = Math.max(0, config.dailyFreeLimit - userData.dailyUsageCount);
       let consumptionText = "";
@@ -1326,13 +1435,14 @@ function apply(ctx, config) {
       } else {
         consumptionText = `充值次数 -${purchasedUsed}`;
       }
+      const blockInfo = isSafetyBlock ? "\n⚠️ 本次请求被安全策略拦截，已扣除使用次数。请检查内容是否符合使用规范。" : "";
       await session.send(`📊 使用统计
 用户：${userData.userName}
 本次生成：${numImages}张图片
 本次消费：${consumptionText}
 总调用次数：${userData.totalUsageCount}次
 今日剩余免费：${remainingToday}次
-充值剩余：${userData.remainingPurchasedCount}次`);
+充值剩余：${userData.remainingPurchasedCount}次${blockInfo}`);
     }
     logger.info("用户调用记录", {
       userId,
@@ -1345,6 +1455,8 @@ function apply(ctx, config) {
       totalUsageCount: userData.totalUsageCount,
       dailyUsageCount: userData.dailyUsageCount,
       remainingPurchasedCount: userData.remainingPurchasedCount,
+      isSafetyBlock,
+      safetyBlockCount: userData.safetyBlockCount,
       isAdmin: isAdmin(userId)
     });
   }
@@ -1455,8 +1567,10 @@ function apply(ctx, config) {
     ]).catch((error) => {
       const userId = session.userId;
       if (userId) activeTasks.delete(userId);
-      logger.error("图像处理超时或失败", { userId, error });
-      return error.message === "命令执行超时" ? "图像处理超时，请重试" : `图像处理失败：${error.message}`;
+      const sanitizedError = sanitizeError(error);
+      logger.error("图像处理超时或失败", { userId, error: sanitizedError });
+      const safeMessage = typeof error?.message === "string" ? sanitizeString(error.message) : "未知错误";
+      return error.message === "命令执行超时" ? "图像处理超时，请重试" : `图像处理失败：${safeMessage}`;
     });
   }
   __name(processImageWithTimeout, "processImageWithTimeout");
@@ -1541,9 +1655,23 @@ ${infoParts.join("\n")}`;
       activeTasks.delete(userId);
     } catch (error) {
       activeTasks.delete(userId);
-      logger.error("图像处理失败", { userId, error });
+      const sanitizedError = sanitizeError(error);
+      logger.error("图像处理失败", { userId, error: sanitizedError });
+      const isSafetyBlock = isSafetyBlockError(error);
+      if (isSafetyBlock) {
+        try {
+          await recordUserUsage(session, styleName, imageCount, true);
+          const blockLimitCheck = await checkSafetyBlockLimit(userId);
+          if (!blockLimitCheck.allowed) {
+            return `图像处理失败：内容被安全策略拦截。${blockLimitCheck.message}`;
+          }
+        } catch (recordError) {
+          logger.error("记录安全拦截使用次数失败", { userId, error: recordError });
+        }
+      }
       if (error?.message) {
-        return `图像处理失败：${error.message}`;
+        const safeMessage = sanitizeString(error.message);
+        return `图像处理失败：${safeMessage}`;
       }
       return "图像处理失败，请稍后重试";
     }
@@ -1705,9 +1833,23 @@ Prompt: ${prompt}`);
           activeTasks.delete(userId);
         } catch (error) {
           activeTasks.delete(userId);
-          logger.error("图片合成失败", { userId, error });
+          const sanitizedError = sanitizeError(error);
+          logger.error("图片合成失败", { userId, error: sanitizedError });
+          const isSafetyBlock = isSafetyBlockError(error);
+          if (isSafetyBlock) {
+            try {
+              await recordUserUsage(session, COMMANDS.COMPOSE_IMAGE, imageCount, true);
+              const blockLimitCheck = await checkSafetyBlockLimit(userId);
+              if (!blockLimitCheck.allowed) {
+                return `图片合成失败：内容被安全策略拦截。${blockLimitCheck.message}`;
+              }
+            } catch (recordError) {
+              logger.error("记录安全拦截使用次数失败", { userId, error: recordError });
+            }
+          }
           if (error?.message) {
-            return `图片合成失败：${error.message}`;
+            const safeMessage = sanitizeString(error.message);
+            return `图片合成失败：${safeMessage}`;
           }
           return "图片合成失败，请稍后重试";
         }
@@ -1718,8 +1860,10 @@ Prompt: ${prompt}`);
     ]).catch((error) => {
       const userId = session.userId;
       if (userId) activeTasks.delete(userId);
-      logger.error("图片合成超时或失败", { userId, error });
-      return error.message === "命令执行超时" ? "图片合成超时，请重试" : `图片合成失败：${error.message}`;
+      const sanitizedError = sanitizeError(error);
+      logger.error("图片合成超时或失败", { userId, error: sanitizedError });
+      const safeMessage = typeof error?.message === "string" ? sanitizeString(error.message) : "未知错误";
+      return error.message === "命令执行超时" ? "图片合成超时，请重试" : `图片合成失败：${safeMessage}`;
     });
   });
   ctx.command(`${COMMANDS.RECHARGE} [content:text]`, "为用户充值次数（仅管理员）").action(async ({ session }, content) => {
@@ -1773,7 +1917,9 @@ Prompt: ${prompt}`);
             donationCount: 0,
             donationAmount: 0,
             lastUsed: now,
-            createdAt: now
+            createdAt: now,
+            safetyBlockCount: 0,
+            safetyBlockHistory: []
           };
         }
         const beforeBalance = usersData[userId].remainingPurchasedCount;

package/lib/providers/types.d.ts

@@ -14,3 +14,11 @@ export interface ProviderConfig {
     logger: any;
     ctx: any;
 }
+/**
+ * 清理对象中的敏感信息（API KEY、密钥等）
+ */
+export declare function sanitizeError(error: any): any;
+/**
+ * 清理字符串中的 API KEY 模式
+ */
+export declare function sanitizeString(str: string): string;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "koishi-plugin-aka-ai-generator",
   "description": "自用AI生成插件(GPTGod & Yunwu)",
-  "version": "0.4.2",
+  "version": "0.5.0",
   "main": "lib/index.js",
   "typings": "lib/index.d.ts",
   "files": [
@@ -9,11 +9,19 @@
     "dist"
   ],
   "license": "MIT",
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch"
+  },
   "keywords": [
     "chatbot",
     "koishi",
     "plugin"
   ],
+  "devDependencies": {
+    "@types/node": "^20.0.0",
+    "typescript": "^5.0.0"
+  },
   "peerDependencies": {
     "koishi": "^4.18.9"
   }