mktcms 0.3.8 → 0.3.10

package/dist/module.json

@@ -1,7 +1,7 @@
 {
   "name": "mktcms",
   "configKey": "mktcms",
-  "version": "0.3.8",
+  "version": "0.3.10",
   "builder": {
     "@nuxt/module-builder": "1.0.2",
     "unbuild": "3.6.1"

package/dist/module.mjs

@@ -83,6 +83,11 @@ const module$1 = defineNuxtModule({
         name: "useForm",
         as: "useForm",
         from: resolver.resolve("runtime/app/composables/useForm")
+      },
+      {
+        name: "useTrackTraffic",
+        as: "useTrackTraffic",
+        from: resolver.resolve("runtime/app/composables/useTrackTraffic")
       }
     ]);
     addServerImports({
@@ -197,6 +202,11 @@ const module$1 = defineNuxtModule({
       route: "/api/health",
       handler: resolver.resolve("./runtime/server/api/health")
     });
+    addServerHandler({
+      route: "/api/traffic/track",
+      method: "post",
+      handler: resolver.resolve("./runtime/server/api/traffic/track.post")
+    });
     extendPages((pages) => {
       pages.push({
         name: "Admin Dashboard",

package/dist/runtime/app/composables/useTrackTraffic.d.ts

@@ -0,0 +1 @@
+export declare function useTrackTraffic(): void;

package/dist/runtime/app/composables/useTrackTraffic.js

@@ -0,0 +1,12 @@
+import { onMounted } from "vue";
+export function useTrackTraffic() {
+  if (import.meta.server) {
+    return;
+  }
+  onMounted(() => {
+    void $fetch("/api/traffic/track", {
+      method: "POST"
+    }).catch(() => {
+    });
+  });
+}

package/dist/runtime/server/api/health.js

@@ -1,8 +1,10 @@
 import { createError, defineEventHandler, setHeader } from "h3";
 import { getStorageUsageBytes } from "../utils/storageUsage.js";
+import { getTrafficMetrics } from "../utils/trafficMetrics.js";
 export default defineEventHandler(async (event) => {
   try {
     const storageUsageBytes = await getStorageUsageBytes();
+    const { requestsTotal, uniqueIpsTotal } = getTrafficMetrics();
     setHeader(event, "Content-Type", "text/plain; version=0.0.4; charset=utf-8");
     return [
       "# HELP mktcms_up Whether the mktcms API is healthy (1 = healthy).",
@@ -10,7 +12,13 @@ export default defineEventHandler(async (event) => {
       "mktcms_up 1",
       "# HELP mktcms_storage_usage_bytes Current .storage directory size in bytes.",
       "# TYPE mktcms_storage_usage_bytes gauge",
-      `mktcms_storage_usage_bytes ${storageUsageBytes}`
+      `mktcms_storage_usage_bytes ${storageUsageBytes}`,
+      "# HELP mktcms_requests_total Total number of counted page requests.",
+      "# TYPE mktcms_requests_total counter",
+      `mktcms_requests_total ${requestsTotal}`,
+      "# HELP mktcms_unique_ips_total Total number of unique visitor IPs seen in memory.",
+      "# TYPE mktcms_unique_ips_total counter",
+      `mktcms_unique_ips_total ${uniqueIpsTotal}`
     ].join("\n") + "\n";
   } catch (error) {
     throw createError({

package/dist/runtime/server/api/traffic/track.post.d.ts

@@ -0,0 +1,4 @@
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, {
+    tracked: boolean;
+}>;
+export default _default;

package/dist/runtime/server/api/traffic/track.post.js

@@ -0,0 +1,22 @@
+import { defineEventHandler, getRequestIP } from "h3";
+import { incrementTrafficRequests, trackUniqueIp } from "../../utils/trafficMetrics.js";
+function normalizeIp(ip) {
+  if (!ip) {
+    return void 0;
+  }
+  const normalizedIp = ip.trim();
+  if (normalizedIp.startsWith("::ffff:")) {
+    return normalizedIp.slice(7);
+  }
+  return normalizedIp;
+}
+export default defineEventHandler((event) => {
+  const userAgent = event.node.req.headers["user-agent"];
+  if (typeof userAgent === "string" && userAgent.includes("Blackbox")) {
+    return { tracked: false };
+  }
+  incrementTrafficRequests();
+  const requestIp = normalizeIp(getRequestIP(event, { xForwardedFor: true }) || event.node.req.socket.remoteAddress);
+  trackUniqueIp(requestIp);
+  return { tracked: true };
+});

package/dist/runtime/server/utils/loginRateLimit.js

@@ -1,14 +1,58 @@
 import { createError, getRequestIP } from "h3";
 import { useRuntimeConfig } from "nitropack/runtime";
 const attempts = /* @__PURE__ */ new Map();
-function getState(clientId) {
+const SWEEP_EVERY_ACCESSES = 64;
+const INACTIVE_GRACE_MS = 60 * 60 * 1e3;
+const MAX_TRACKED_CLIENTS = 1e4;
+let accessCount = 0;
+function isInactiveState(state, now) {
+  return state.blockedUntil <= now && now - state.lastSeenAt > INACTIVE_GRACE_MS;
+}
+function evictInactiveClients(now) {
+  const toDelete = [];
+  attempts.forEach((state, clientId) => {
+    if (isInactiveState(state, now)) {
+      toDelete.push(clientId);
+    }
+  });
+  for (const clientId of toDelete) {
+    attempts.delete(clientId);
+  }
+}
+function enforceTrackedClientsCap() {
+  while (attempts.size > MAX_TRACKED_CLIENTS) {
+    let oldestClientId;
+    attempts.forEach((_state, clientId) => {
+      if (!oldestClientId) {
+        oldestClientId = clientId;
+      }
+    });
+    if (!oldestClientId) {
+      return;
+    }
+    attempts.delete(oldestClientId);
+  }
+}
+function maybeSweep(now) {
+  accessCount += 1;
+  if (accessCount % SWEEP_EVERY_ACCESSES !== 0) {
+    return;
+  }
+  evictInactiveClients(now);
+  enforceTrackedClientsCap();
+}
+function getState(clientId, now) {
   const state = attempts.get(clientId);
   if (state) {
+    state.lastSeenAt = now;
+    attempts.delete(clientId);
+    attempts.set(clientId, state);
     return state;
   }
   const next = {
     failedAt: [],
-    blockedUntil: 0
+    blockedUntil: 0,
+    lastSeenAt: now
   };
   attempts.set(clientId, next);
   return next;
@@ -41,7 +85,8 @@ export function assertLoginNotRateLimited(event) {
   const { windowMs } = getRateLimitSettings(event);
   const clientId = getClientId(event);
   const now = Date.now();
-  const state = getState(clientId);
+  maybeSweep(now);
+  const state = getState(clientId, now);
   clearStaleAttempts(state, now, windowMs);
   if (state.blockedUntil > now) {
     const retryAfterSeconds = Math.ceil((state.blockedUntil - now) / 1e3);
@@ -58,7 +103,8 @@ export function recordFailedLoginAttempt(event) {
   const { maxAttempts, windowMs, blockMs } = getRateLimitSettings(event);
   const clientId = getClientId(event);
   const now = Date.now();
-  const state = getState(clientId);
+  maybeSweep(now);
+  const state = getState(clientId, now);
   clearStaleAttempts(state, now, windowMs);
   state.failedAt.push(now);
   if (state.failedAt.length >= maxAttempts) {
@@ -67,6 +113,8 @@ export function recordFailedLoginAttempt(event) {
   }
 }
 export function clearFailedLoginAttempts(event) {
+  const now = Date.now();
+  maybeSweep(now);
   const clientId = getClientId(event);
   attempts.delete(clientId);
 }

package/dist/runtime/server/utils/trafficMetrics.d.ts

@@ -0,0 +1,6 @@
+export declare function incrementTrafficRequests(): void;
+export declare function trackUniqueIp(ip?: string): void;
+export declare function getTrafficMetrics(): {
+    requestsTotal: number;
+    uniqueIpsTotal: number;
+};

package/dist/runtime/server/utils/trafficMetrics.js

@@ -0,0 +1,23 @@
+const MAX_STORED_IPS = 1e4;
+let requestsTotal = 0;
+let uniqueIpsTotal = 0;
+const seenIps = /* @__PURE__ */ new Set();
+export function incrementTrafficRequests() {
+  requestsTotal += 1;
+}
+export function trackUniqueIp(ip) {
+  if (!ip || seenIps.has(ip)) {
+    return;
+  }
+  if (seenIps.size >= MAX_STORED_IPS) {
+    return;
+  }
+  seenIps.add(ip);
+  uniqueIpsTotal += 1;
+}
+export function getTrafficMetrics() {
+  return {
+    requestsTotal,
+    uniqueIpsTotal
+  };
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mktcms",
-  "version": "0.3.8",
+  "version": "0.3.10",
   "description": "Simple CMS module for Nuxt",
   "repository": "mktcode/mktcms",
   "license": "MIT",