npm - mm_os - Versions diffs - 3.3.0 → 4.0.0 - Mend

mm_os 3.3.0 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (380) hide show

package/LICENSE +21 -201
package/README.md +491 -99
package/README_EN.md +498 -0
package/adapter/adapter.js +431 -0
package/adapter/custom_persistence.js +660 -0
package/adapter/mqtt.js +273 -0
package/adapter/socket.js +113 -0
package/adapter/web.js +67 -0
package/adapter/websocket.js +146 -0
package/com/api/com.json +5 -0
package/{core/com → com}/api/config.tpl.json +8 -8
package/com/api/drive.js +708 -0
package/com/api/index.js +198 -0
package/com/api/oauth.js +200 -0
package/com/api/script.tpl.js +32 -0
package/com/cmd/README.md +11 -0
package/com/cmd/com.json +5 -0
package/com/cmd/config.tpl.json +122 -0
package/com/cmd/drive.js +1548 -0
package/com/cmd/index.js +1066 -0
package/com/cmd/msg.json +48 -0
package/com/cmd/nlp.js +525 -0
package/com/cmd/script.tpl.js +32 -0
package/com/db/com.json +5 -0
package/com/db/drive.js +1999 -0
package/com/db/index.js +242 -0
package/com/event/com.json +5 -0
package/{core/com → com}/event/config.tpl.json +8 -8
package/com/event/drive.js +59 -0
package/com/event/index.js +409 -0
package/com/event/script.tpl.js +23 -0
package/com/mqtt/com.json +5 -0
package/{core/com → com}/mqtt/config.tpl.json +3 -5
package/com/mqtt/drive.js +676 -0
package/com/mqtt/index.js +822 -0
package/com/mqtt/mm_mqtt.js +425 -0
package/com/mqtt/script.tpl.js +723 -0
package/com/nav/com.json +5 -0
package/com/nav/config.tpl.json +84 -0
package/com/nav/drive.js +702 -0
package/com/nav/index.js +231 -0
package/{core/com → com}/nav/tpl/admin_pc/page_config.vue +280 -280
package/{core/com → com}/nav/tpl/admin_pc/page_config_form.vue +194 -194
package/com/nav/tpl/admin_pc/page_form.vue +180 -0
package/com/nav/tpl/admin_pc/page_view.vue +124 -0
package/com/nav/tpl/dev_pc/page_default.vue +247 -0
package/com/nav/tpl/dev_pc/page_type.vue +313 -0
package/com/nav/tpl/home_pc/page_default.vue +234 -0
package/com/nav/tpl/home_pc/page_form.vue +137 -0
package/com/nav/tpl/home_pc/page_list.vue +234 -0
package/com/nav/tpl/home_pc/page_nav.vue +221 -0
package/com/nav/tpl/home_pc/page_type.vue +234 -0
package/com/nav/tpl/home_pc/page_view.vue +125 -0
package/com/nav/tpl/home_phone/page_channel.vue +234 -0
package/com/nav/tpl/home_phone/page_default.vue +234 -0
package/com/nav/tpl/home_phone/page_form.vue +137 -0
package/com/nav/tpl/home_phone/page_nav.vue +237 -0
package/com/nav/tpl/home_phone/page_type.vue +234 -0
package/com/nav/tpl/home_phone/page_view.vue +125 -0
package/com/nav/viewmodel.js +446 -0
package/com/param/com.json +5 -0
package/{core/com → com}/param/config.tpl.json +7 -1
package/com/param/drive.js +502 -0
package/com/param/index.js +155 -0
package/com/param/script.tpl.js +12 -0
package/com/pendant/com.json +5 -0
package/{core/com/component → com/pendant}/config.tpl.json +15 -13
package/com/pendant/drive.js +204 -0
package/com/pendant/index.js +441 -0
package/com/pendant/pendant.html +16 -0
package/com/pendant/script.tpl.js +18 -0
package/com/socket/com.json +5 -0
package/com/socket/config.tpl.json +12 -0
package/com/socket/drive.js +651 -0
package/com/socket/index.js +351 -0
package/com/socket/script.tpl.js +41 -0
package/com/sql/com.json +5 -0
package/{core/com → com}/sql/config.tpl.json +13 -9
package/com/sql/drive.js +1259 -0
package/com/sql/index.js +150 -0
package/com/sql/script.tpl.js +47 -0
package/com/static/com.json +5 -0
package/{core/com → com}/static/config.tpl.json +10 -6
package/com/static/drive.js +194 -0
package/com/static/index.js +226 -0
package/com/static/script.tpl.js +28 -0
package/com/task/com.json +5 -0
package/{core/com → com}/task/config.tpl.json +4 -6
package/com/task/drive.js +405 -0
package/com/task/index.js +148 -0
package/com/task/script.tpl.js +37 -0
package/com/template/com.json +5 -0
package/com/template/config.tpl.json +16 -0
package/com/template/drive.js +80 -0
package/com/template/index.js +141 -0
package/com.js +156 -0
package/common/README.md +2 -0
package/common/handler/msg/handler.json +22 -0
package/common/handler/msg/index.js +23 -0
package/common/handler/player/handler.json +22 -0
package/common/handler/player/index.js +287 -0
package/common/handler/user/handler.json +22 -0
package/common/handler/user/index.js +23 -0
package/common/middleware/web_after/index.js +29 -0
package/common/middleware/web_after/middleware.json +9 -0
package/common/middleware/web_base/index.js +113 -0
package/common/middleware/web_base/middleware.json +19 -0
package/common/middleware/web_before/index.js +33 -0
package/common/middleware/web_before/middleware.json +9 -0
package/common/middleware/web_cors/index.js +87 -0
package/common/middleware/web_cors/middleware.json +24 -0
package/common/middleware/web_error/index.js +119 -0
package/common/middleware/web_error/middleware.json +18 -0
package/common/middleware/web_ip/index.js +15 -0
package/common/middleware/web_ip/middleware.json +14 -0
package/common/middleware/web_logger/index.js +156 -0
package/common/middleware/web_logger/middleware.json +14 -0
package/common/middleware/web_main/index.js +24 -0
package/common/middleware/web_main/middleware.json +9 -0
package/common/middleware/web_static/index.js +73 -0
package/common/middleware/web_static/middleware.json +54 -0
package/common/middleware/web_waf/index.js +385 -0
package/common/middleware/web_waf/middleware.json +13 -0
package/common/model/msg/index.js +88 -0
package/common/model/msg/model.json +401 -0
package/common/model/player/index.js +63 -0
package/common/model/player/model.json +185 -0
package/common/model/user/index.js +11 -0
package/common/model/user/model.json +219 -0
package/core/app/config.tpl.json +67 -0
package/core/app/index.js +632 -0
package/core/app/script.tpl.js +52 -0
package/core/channel/index.js +899 -0
package/core/channel/matcher.js +585 -0
package/core/com/config.tpl.json +16 -0
package/core/com/index.js +74 -0
package/core/com/script.tpl.js +5 -0
package/core/component/component.js +42 -0
package/core/component/config.tpl.json +63 -0
package/core/component/index.js +273 -0
package/core/component/script.tpl.js +19 -0
package/core/controller/config.tpl.json +14 -0
package/core/controller/index.js +373 -0
package/core/controller/script.tpl.js +27 -0
package/core/factory/config.tpl.json +14 -0
package/core/factory/entity.js +275 -0
package/core/factory/index.js +241 -0
package/core/factory/script.tpl.js +16 -0
package/core/game/bat/index.js +137 -0
package/core/game/bat/world.js +622 -0
package/core/game/config.tpl.json +16 -0
package/core/game/entity_admin.js +230 -0
package/core/game/index.js +186 -0
package/core/handler/config.tpl.json +22 -0
package/core/handler/index.js +181 -0
package/core/handler/script.tpl.js +23 -0
package/core/logic/config.tpl.json +14 -0
package/core/logic/index.js +59 -0
package/core/logic/script.tpl.js +19 -0
package/core/middleware/config.tpl.json +16 -0
package/core/middleware/index.js +125 -0
package/core/middleware/script.tpl.js +37 -0
package/core/mod/config.tpl.json +22 -0
package/core/mod/index.js +130 -0
package/core/mod/script.tpl.js +34 -0
package/core/model/config.tpl.json +219 -0
package/core/model/index.js +272 -0
package/core/model/model.js +27 -0
package/core/model/script.tpl.js +20 -0
package/core/notifier/config.tpl.json +14 -0
package/core/notifier/index.js +77 -0
package/core/notifier/script.tpl.js +20 -0
package/core/plugin/config.tpl.json +24 -0
package/core/plugin/index.js +232 -0
package/core/plugin/script.tpl.js +51 -0
package/core/pusher/config.tpl.json +14 -0
package/core/pusher/index.js +161 -0
package/core/pusher/script.tpl.js +20 -0
package/core/room/bat/index.js +170 -0
package/core/room/bat/room.js +524 -0
package/core/room/config.tpl.json +20 -0
package/core/room/index.js +249 -0
package/core/room/room.js +61 -0
package/core/scene/config.tpl.json +14 -0
package/core/scene/index.js +466 -0
package/core/scene/loop.js +1255 -0
package/core/scene/map.js +28 -0
package/core/scene/script.tpl.js +22 -0
package/core/sender/config.tpl.json +14 -0
package/core/sender/index.js +79 -0
package/core/sender/script.tpl.js +20 -0
package/core/service/config.tpl.json +14 -0
package/core/service/index.js +100 -0
package/core/service/script.tpl.js +25 -0
package/core/store/config.tpl.json +26 -0
package/core/store/index.js +1755 -0
package/core/store/script.tpl.js +22 -0
package/core/store/sql.js +1464 -0
package/core/system/config.tpl.json +18 -0
package/core/system/index.js +312 -0
package/core/system/script.tpl.js +77 -0
package/core/view/config.tpl.json +14 -0
package/core/view/index.js +91 -0
package/core/view/script.tpl.js +20 -0
package/core/zone/bat/index.js +725 -0
package/core/zone/config.tpl.json +54 -0
package/core/zone/index.js +614 -0
package/core/zone/script.tpl.js +10 -0
package/core/zone/zone_bat.js +136 -0
package/core//345/237/272/347/261/273/346/250/241/345/235/227/346/270/205/345/215/225.md +24 -0
package/index.js +17 -314
package/os.js +57 -0
package/package.json +60 -58
package/server.js +598 -0
package/README.en.md +0 -36
package/conf.json +0 -3
package/core/base/mqtt/index.js +0 -1107
package/core/base/mqtt/lib.js +0 -40
package/core/base/web/index.js +0 -243
package/core/com/api/com.json +0 -4
package/core/com/api/drive.js +0 -668
package/core/com/api/index.js +0 -108
package/core/com/api/oauth.js +0 -158
package/core/com/api/script.js +0 -32
package/core/com/app/README.md +0 -3
package/core/com/app/com.json +0 -4
package/core/com/app/config.tpl.json +0 -16
package/core/com/app/drive.js +0 -309
package/core/com/app/index.js +0 -211
package/core/com/app/script.js +0 -155
package/core/com/cmd/com.json +0 -4
package/core/com/cmd/config.tpl.json +0 -66
package/core/com/cmd/drive.js +0 -513
package/core/com/cmd/index.js +0 -354
package/core/com/cmd/old/5w2h.js +0 -54
package/core/com/cmd/old/drive.js +0 -423
package/core/com/cmd/script.js +0 -11
package/core/com/component/README.md +0 -3
package/core/com/component/com.json +0 -4
package/core/com/component/component.html +0 -16
package/core/com/component/drive.js +0 -197
package/core/com/component/index.js +0 -312
package/core/com/component/script.js +0 -18
package/core/com/db/com.json +0 -4
package/core/com/db/drive.js +0 -1160
package/core/com/db/index.js +0 -176
package/core/com/event/com.json +0 -4
package/core/com/event/drive.js +0 -133
package/core/com/event/index.js +0 -345
package/core/com/event/script.js +0 -26
package/core/com/eventer/com.js +0 -477
package/core/com/eventer/com.json +0 -4
package/core/com/middleware/com.js +0 -153
package/core/com/middleware/com.json +0 -4
package/core/com/middleware/config.tpl.json +0 -8
package/core/com/middleware/script.js +0 -9
package/core/com/mqtt/com.json +0 -4
package/core/com/mqtt/drive.js +0 -600
package/core/com/mqtt/index.js +0 -572
package/core/com/mqtt/mm_mqtt.js +0 -330
package/core/com/mqtt/script.js +0 -604
package/core/com/msg/com.js +0 -296
package/core/com/msg/com.json +0 -4
package/core/com/nav/com.json +0 -4
package/core/com/nav/config.tpl.json +0 -75
package/core/com/nav/drive.js +0 -549
package/core/com/nav/index.js +0 -182
package/core/com/nav/tpl/admin_pc/page_form.vue +0 -180
package/core/com/nav/tpl/admin_pc/page_view.vue +0 -124
package/core/com/nav/tpl/dev_pc/page_default.vue +0 -247
package/core/com/nav/tpl/dev_pc/page_type.vue +0 -313
package/core/com/nav/tpl/home_pc/page_default.vue +0 -234
package/core/com/nav/tpl/home_pc/page_form.vue +0 -137
package/core/com/nav/tpl/home_pc/page_list.vue +0 -234
package/core/com/nav/tpl/home_pc/page_nav.vue +0 -221
package/core/com/nav/tpl/home_pc/page_type.vue +0 -234
package/core/com/nav/tpl/home_pc/page_view.vue +0 -125
package/core/com/nav/tpl/home_phone/page_channel.vue +0 -234
package/core/com/nav/tpl/home_phone/page_default.vue +0 -234
package/core/com/nav/tpl/home_phone/page_form.vue +0 -137
package/core/com/nav/tpl/home_phone/page_nav.vue +0 -237
package/core/com/nav/tpl/home_phone/page_type.vue +0 -234
package/core/com/nav/tpl/home_phone/page_view.vue +0 -125
package/core/com/nav/viewmodel.js +0 -296
package/core/com/param/drive.js +0 -366
package/core/com/param/index.js +0 -80
package/core/com/param/script.js +0 -12
package/core/com/param/test.js +0 -98
package/core/com/plugin/README.md +0 -3
package/core/com/plugin/com.json +0 -4
package/core/com/plugin/config.tpl.json +0 -26
package/core/com/plugin/drive.js +0 -536
package/core/com/plugin/index.js +0 -259
package/core/com/plugin/script.js +0 -213
package/core/com/rpc/com.json +0 -4
package/core/com/rpc/drive.js +0 -160
package/core/com/rpc/index.js +0 -87
package/core/com/rpc/rpc.js +0 -118
package/core/com/socket/com.json +0 -4
package/core/com/socket/config.tpl.json +0 -14
package/core/com/socket/drive.js +0 -403
package/core/com/socket/index.js +0 -62
package/core/com/socket/script.js +0 -42
package/core/com/sql/drive.js +0 -1087
package/core/com/sql/index.js +0 -83
package/core/com/sql/script.js +0 -48
package/core/com/static/com.json +0 -4
package/core/com/static/drive.js +0 -220
package/core/com/static/index.js +0 -149
package/core/com/static/script.js +0 -28
package/core/com/task/com.json +0 -4
package/core/com/task/drive.js +0 -403
package/core/com/task/index.js +0 -110
package/core/com/task/script.js +0 -37
package/core/com/timer/com.js +0 -217
package/core/com/timer/com.json +0 -4
package/core/com/tpl/com.js +0 -19
package/core/com/tpl/com.json +0 -4
package/lib/actions.js +0 -50
package/lib/base.js +0 -361
package/lib/com.js +0 -29
package/lib/ref.js +0 -121
package/middleware/mqtt_base/index.js +0 -10
package/middleware/mqtt_base/middleware.json +0 -10
package/middleware/performance/index.js +0 -151
package/middleware/performance/middleware.json +0 -16
package/middleware/security_audit/index.js +0 -549
package/middleware/security_audit/middleware.json +0 -48
package/middleware/security_headers/index.js +0 -487
package/middleware/security_headers/middleware.json +0 -45
package/middleware/waf/index.js +0 -348
package/middleware/waf/middleware.json +0 -10
package/middleware/waf_ddos/index.js +0 -520
package/middleware/waf_ddos/middleware.json +0 -38
package/middleware/waf_ip/index.js +0 -379
package/middleware/waf_ip/middleware.json +0 -49
package/middleware/waf_xss/index.js +0 -269
package/middleware/waf_xss/middleware.json +0 -18
package/middleware/web_after/index.js +0 -33
package/middleware/web_after/middleware.json +0 -9
package/middleware/web_base/index.js +0 -90
package/middleware/web_base/middleware.json +0 -9
package/middleware/web_before/index.js +0 -27
package/middleware/web_before/middleware.json +0 -9
package/middleware/web_check/index.js +0 -28
package/middleware/web_check/middleware.json +0 -9
package/middleware/web_main/index.js +0 -28
package/middleware/web_main/middleware.json +0 -9
package/middleware/web_proxy/index.js +0 -37
package/middleware/web_proxy/middleware.json +0 -9
package/middleware/web_render/index.js +0 -87
package/middleware/web_render/middleware.json +0 -9
package/middleware/web_socket/index.js +0 -34
package/middleware/web_socket/middleware.json +0 -9
package/middleware/web_static/index.js +0 -115
package/middleware/web_static/middleware.json +0 -9
/package/{core/com → com}/api/README.md +0 -0
/package/{core/com → com}/db/README.md +0 -0
/package/{core/com → com}/event/README.md +0 -0
/package/{core/com → com}/mqtt/README.md +0 -0
/package/{core/com → com}/nav/README.md +0 -0
/package/{core/com → com}/nav/tpl/admin_pc/page_channel.vue +0 -0
/package/{core/com → com}/nav/tpl/admin_pc/page_default.vue +0 -0
/package/{core/com → com}/nav/tpl/admin_pc/page_lang.vue +0 -0
/package/{core/com → com}/nav/tpl/admin_pc/page_nav.vue +0 -0
/package/{core/com → com}/nav/tpl/admin_pc/page_table.vue +0 -0
/package/{core/com → com}/nav/tpl/admin_pc/page_type.vue +0 -0
/package/{core/com → com}/nav/tpl/dev_pc/page_channel.vue +0 -0
/package/{core/com → com}/nav/tpl/dev_pc/page_config.vue +0 -0
/package/{core/com → com}/nav/tpl/dev_pc/page_form.vue +0 -0
/package/{core/com → com}/nav/tpl/dev_pc/page_nav.vue +0 -0
/package/{core/com → com}/nav/tpl/dev_pc/page_table.vue +0 -0
/package/{core/com → com}/nav/tpl/home_pc/page_channel.vue +0 -0
/package/{core/com → com}/nav/tpl/home_phone/page_list.vue +0 -0
/package/{core/com → com}/param/README.md +0 -0
/package/{core/com/cmd → com/pendant}/README.md +0 -0
/package/{core/com → com}/socket/README.md +0 -0
/package/{core/com → com}/sql/README.md +0 -0
/package/{core/com → com}/static/README.md +0 -0
/package/{core/com → com}/task/README.md +0 -0

package/common/middleware/web_main/middleware.json ADDED Viewed

@@ -0,0 +1,9 @@
+{
+  "name": "web_main",
+  "title": "请求主中间件",
+  "description": "用于处理请求主逻辑",
+  "main": "index.js",
+  "type": "web",
+  "state": 1,
+  "sort": 80
+}

package/common/middleware/web_static/index.js ADDED Viewed

@@ -0,0 +1,73 @@
+/**
+ * 增强的静态资源处理中间件
+ * 提供缓存控制、压缩、预加载等性能优化功能
+ */
+const { statics } = require('mm_statics');
+/**
+ * 静态资源请求
+ * @param {object} server 服务
+ * @param {object} config 配置参数
+ */
+module.exports = {
+  /**
+   * 初始化
+   * @param {object} adapter 适配器集合
+   * @param {object} eventer 事件管理器
+   * @param {object} logger 日志管理器
+   */
+  init(adapter, eventer, logger) {
+    // 获取web服务
+    var web = adapter.web;
+    let config = web.config.static || {};
+    let cg = { ...this.config, ...config };
+    if (cg) {
+      this._setupMainStatic(web, cg);
+      this._setupMultiStatic(web, cg);
+      this._setupGlobalStatic(web);
+    } else {
+      console.log('未找到静态文件配置');
+    }
+  },
+  /**
+   * 设置主静态路径
+   * @private
+   * @param {object} web web服务
+   * @param {object} cg 配置
+   */
+  _setupMainStatic(web, cg) {
+    web.use(statics(cg));
+  },
+  /**
+   * 设置多静态路径
+   * @private
+   * @param {object} web web服务
+   * @param {object} cg 配置
+   */
+  _setupMultiStatic(web, cg) {
+    if (Array.isArray(cg.paths) && cg.paths.length > 0) {
+      for (let i = 0; i < cg.paths.length; i++) {
+        let path = cg.paths[i];
+        let config = { ...cg, root: path.fullname() };
+        web.use(statics(config));
+      }
+    }
+  },
+  /**
+   * 设置全局静态资源
+   * @private
+   * @param {object} web web服务
+   */
+  _setupGlobalStatic(web) {
+    if ($.admin.static) {
+      $.static = new $.admin.static();
+      $.static.call('update');
+      web.use(async (ctx, next) => {
+        await $.static.run(ctx, next);
+      });
+    }
+  }
+};

package/common/middleware/web_static/middleware.json ADDED Viewed

@@ -0,0 +1,54 @@
+{
+	"name": "web_static",
+	"title": "web静态文件处理",
+	"description": "用于处理静态文件",
+	"version": "1.0",
+	"main": "./index.js",
+	"type": "web",
+	"state": 1,
+	"sort": 90,
+	// 是否启用静态文件处理
+	"static": true,
+	// 默认首页文件
+	"index": "index.html",
+	// 缓存键前缀
+	"key_prefix": "static:",
+	// 前端缓存时间，单位秒
+	"max_age": 7200,
+	// 是否开启缓存
+	"cache": true,
+	// 后端缓存时间，单位秒
+	"cache_age": 31536000,
+	// 是否开启immutable缓存
+	"immutable": true,
+	// 是否开启隐藏文件处理
+	"hidden": false,
+	// 是否格式化文件
+	"format": true,
+	// 是否指定文件扩展名
+	"extensions": false,
+	// 是否开启brotli压缩
+	"brotli": false,
+	// 是否开启gzip压缩
+	"gzip": false,
+	// 静态文件根目录
+	"root": "./static",
+	// 编译vue文件，启动后会将vue转为js，可让前端通过 import xxx from './xxx.vue' 引入
+	"compile_vue": true,
+	// 编译markdown文件，启动后会将markdown转为html
+	"compile_md": true,
+	// 是否将files中的文件的js转换为amd格式
+	"convert_amd": false,
+	// 指定路径文件需要转换
+	"src_path": "/src",
+	// 监听路由路径
+	"path": "/",
+	// 需要转换的文件扩展名
+	"files": [
+		".js",
+		".vue",
+		".html"
+	],
+	// 是否启用文件修改监听（实时检测文件修改）
+	"watch": true
+}

package/common/middleware/web_waf/index.js ADDED Viewed

@@ -0,0 +1,385 @@
+const { Ip } = require('mm_ip');
+/**
+ * web防火墙
+ */
+module.exports = {
+  /**
+   * 初始化
+   * @param {object} adapter 适配器集合
+   */
+  init(adapter) {
+    // 获取web服务
+    var web = adapter.web;
+    // 获取配置
+    let cg = { ...this.config, ...adapter.web.config };
+    // 初始化全局IP管理器
+    this._initIpManager(cg);
+    // 设置WAF中间件
+    let self = this;
+    web.use(async (ctx, next) => {
+      let waf_check_ret = await self._handleWafCheck(ctx, cg);
+      if (waf_check_ret) {
+        await next();
+      }
+    });
+  },
+  /**
+   * 初始化IP管理器
+   * @private
+   * @param {object} config 配置对象
+   */
+  _initIpManager(config) {
+    // 确保全局IP管理器存在
+    if (!$.ip || ($.ip && !$.is_plugin)) {
+      $.ip = new Ip();
+      $.is_plugin = true;
+    }
+    // 配置IP管理器
+    if (config && config.web) {
+      let ipConfig = {
+        auto_black_enable: config.web.auto_black_enable !== false,
+        max_req_per_min: config.web.max_req_per_min || 100,
+        auto_black_limit: config.web.auto_black_threshold || 50
+      };
+      $.ip.setConfig(ipConfig);
+    }
+  },
+  /**
+   * 处理WAF检查
+   * @private
+   * @param {object} ctx 上下文
+   * @param {object} cg 配置
+   * @returns {boolean} 是否通过检查
+   */
+  async _handleWafCheck(ctx, cg) {
+    // 获取客户端IP
+    var ip = this._getClientIp(ctx.req);
+    // 获取请求路径
+    let path = ctx.path;
+    // 检查路径是否在白名单中
+    if (this.isPathWhiteListed(path, cg)) {
+      return true;
+    }
+    // 使用mm_ip进行IP检查和频率限制
+    if (!this._checkIpAccess(ip)) {
+      this._sendWafResponse(ctx, 403, '访问被WAF阻止，IP访问受限');
+      return false;
+    }
+    // 检查基本攻击特征
+    let danger = this.wafCheck(ctx.url);
+    if (danger) {
+      this._sendWafResponse(ctx, 403, '访问被WAF阻止，请求包含潜在的攻击特征', danger.toString());
+      return false;
+    }
+    // 检查路径遍历攻击
+    let path_trav_ret = this._checkPathTrav(ctx);
+    if (path_trav_ret) {
+      this._sendWafResponse(ctx, 403, '访问被WAF阻止，检测到路径遍历攻击尝试');
+      return false;
+    }
+    return true;
+  },
+  /**
+   * 检查IP访问权限
+   * @private
+   * @param {string} ip IP地址
+   * @returns {boolean} 是否允许访问
+   */
+  _checkIpAccess(ip) {
+    return true;
+    try {
+      // 使用mm_ip的record方法进行综合检查（包含白名单、黑名单、频率限制）
+      return $.ip.record(ip);
+    } catch {
+      // 如果mm_ip不可用，使用备用方案
+      this.log('warn', 'mm_ip不可用，使用备用IP检查');
+      // 备用方案：检查本地白名单
+      const LOCAL_WHITE_LIST = ['127.0.0.1', '::1', 'localhost'];
+      return LOCAL_WHITE_LIST.includes(ip);
+    }
+  },
+  /**
+   * 获取客户端IP
+   * @private
+   * @param {object} req 请求对象
+   * @returns {string} 客户端IP
+   */
+  _getClientIp(req) {
+    // 标准IP获取逻辑
+    return req.headers['x-forwarded-for'] || req.headers['X-Forwarded-For'] ||
+      req.connection.remoteAddress ||
+      req.socket.remoteAddress ||
+      req.connection.socket.remoteAddress;
+  },
+  /**
+   * 检查路径遍历攻击
+   * @private
+   * @param {object} ctx 上下文
+   * @returns {string|boolean} 检测到的攻击类型或false
+   */
+  _checkPathTrav(ctx) {
+    var path = ctx.path;
+    // 检查路径本身
+    if (this.checkPathTrav(path)) {
+      return '路径本身包含攻击特征: ' + path;
+    }
+    if (!this.isSafePath(path)) {
+      return '路径不安全: ' + path;
+    }
+    // 检查请求参数
+    var query_params = ctx.query;
+    for (var k in query_params) {
+      var val = query_params[k];
+      if (typeof val === 'string' && this.checkPathTrav(val)) {
+        return '查询参数包含攻击特征: ' + k + '=' + val;
+      }
+    }
+    // 检查POST请求体
+    if (ctx.method === 'POST' && ctx.request.body) {
+      var body_content = JSON.stringify(ctx.request.body);
+      if (this.checkPathTrav(body_content)) {
+        return '请求体包含攻击特征';
+      }
+    }
+    return false;
+  },
+  /**
+   * 发送WAF响应
+   * @private
+   * @param {object} ctx 上下文
+   * @param {number} status 状态码
+   * @param {string} msg 消息
+   * @param {string} [rule] 规则
+   */
+  _sendWafResponse(ctx, status, msg, rule) {
+    ctx.status = status;
+    ctx.body = {
+      code: status,
+      msg: msg,
+      rule: rule
+    };
+  },
+  /**
+   * 获取SQL注入检测规则
+   * @private
+   * @returns {RegExp[]} SQL注入规则列表
+   */
+  _getSqlRules() {
+    return [
+      /select.+(from|limit)/i,
+      /(?:(union(.*?)select))/i,
+      /sleep\((\s*)(\d*)(\s*)\)/i,
+      /group\s+by.+\(/i,
+      /(?:from\W+information_schema\W)/i,
+      /(?:(?:current_)user|database|schema|connection_id)\s*\(/i,
+      /\s*or\s+.*=.*/i,
+      /order\s+by\s+.*--$/i,
+      /benchmark\((.*)\,(.*)\)/i,
+      /base64_decode\(/i,
+      /(?:(?:current_)user|database|version|schema|connection_id)\s*\(/i,
+      /(?:etc\/\W*passwd)/i,
+      /into(\s+)+(?:dump|out)file\s*/i
+    ];
+  },
+  /**
+   * 获取代码注入和XSS检测规则
+   * @private
+   * @returns {RegExp[]} 代码注入和XSS规则列表
+   */
+  _getCodeInjectRules() {
+    return [
+      /xwork.MethodAccessor/i,
+      /(?:define|eval|file_get_contents|include|require|require_once)\(/i,
+      /(?:shell_exec|phpinfo|system|passthru|preg_\w+|execute)\(/i,
+      /(?:echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\(/i,
+      /\<(iframe|script|body|img|layer|div|meta|style|base|object|input)/i,
+      /(onmouseover|onmousemove|onerror|onload)\=/i,
+      /javascript:/i
+    ];
+  },
+  /**
+   * 获取路径遍历检测规则
+   * @private
+   * @returns {RegExp[]} 路径遍历规则列表
+   */
+  _getPathTravRules() {
+    return [
+      // 增强的路径遍历检测规则
+      /\.\.\//i, // 基础 ../
+      /\.\.\\/i, // Windows格式 ..\
+      /\%2e\%2e\//i, // URL编码 ../
+      /\%2e%2e\//i, // URL编码 ../
+      /\%252e%252e%2f/i, // 双重URL编码 ../
+      /\%252e\%252e\%2f/i, // 双重URL编码 ../
+      /\.\%2e\//i, // 混合编码
+      /\%2e\./i, // 变体形式
+      /\%5c/i, // 反斜杠URL编码
+      /\%255c/i, // 反斜杠双重URL编码
+      // 系统文件路径检测 - 改进以避免误判
+      new RegExp('(?:\\/etc\\/|\\/proc\\/|C:\\\\Windows\\|' +
+        'C:\\\\winnt\\|C:\\\\Program Files\\|\\/sys\\/)', 'i')
+    ];
+  },
+  /**
+   * 获取命令注入检测规则
+   * @private
+   * @returns {RegExp[]} 命令注入规则列表
+   */
+  _getCmdInjectRules() {
+    return [
+      // 命令注入检测
+      new RegExp('\\|\\|.*(?:ls|pwd|whoami|ll|ifconfog|' +
+        'ipconfig|&&|chmod|cd|mkdir|rmdir|cp|mv)', 'i'),
+      new RegExp('(?:ls|pwd|whoami|ll|ifconfog|ipconfig|' +
+        '&&|chmod|cd|mkdir|rmdir|cp|mv).*\\|\\|', 'i'),
+      new RegExp('(gopher|doc|php|glob|file|phar|zlib|ftp|' +
+        'ldap|dict|ogg|data)\\:\/', 'i')
+    ];
+  },
+  /**
+   * 获取WAF规则列表
+   * @private
+   * @returns {RegExp[]} WAF规则列表
+   */
+  _getWafRules() {
+    return [
+      ...this._getSqlRules(),
+      ...this._getCodeInjectRules(),
+      ...this._getPathTravRules(),
+      ...this._getCmdInjectRules()
+    ];
+  },
+  /**
+   * 使用正则表达式，检测字符串是否含有攻击特征，检测到攻击特征返回true，没检测到返回false
+   * @param {string} url 网址
+   * @returns {RegExp|null} 检测到的攻击规则或null
+   */
+  wafCheck(url) {
+    var rules = this._getWafRules();
+    for (var i = 0; i < rules.length; i++) {
+      if (rules[i].test(url)) {
+        return rules[i];
+      }
+    }
+    return null;
+  },
+  /**
+   * 检查路径是否包含路径遍历攻击
+   * @param {string} path 路径
+   * @returns {boolean} 是否包含路径遍历
+   */
+  checkPathTrav(path) {
+    // 处理URL编码变体
+    let url_decoded = decodeURIComponent(path);
+    let double_url_decoded = decodeURIComponent(url_decoded);
+    // 检查路径是否包含危险模式
+    let danger_patterns = [
+      '../', '../../', '../../../', // Unix/Linux格式
+      '..\\', '..\\\\', '..\\\\\\\\', // Windows格式
+      '/%2e%2e/', '/%2e%2e%2f', // URL编码变体
+      '\\%2e%2e\\', '\\%2e%2e\\\\' // Windows URL编码变体
+    ];
+    // 检查系统关键文件路径（绝对路径攻击）
+    let sys_paths = [
+      '/etc/passwd', '/etc/shadow', '/etc/group', '/etc/hosts',
+      '/proc/', '/bin/', '/usr/bin/',
+      'C:\\Windows\\', 'C:\\winnt\\', 'C:\\Program Files\\'
+    ];
+    // 检查原始路径、单次解码和双重解码后的路径
+    // 1. 检查相对路径遍历模式
+    let has_trav_pattern = danger_patterns.some(pattern =>
+      path.includes(pattern) ||
+      url_decoded.includes(pattern) ||
+      double_url_decoded.includes(pattern)
+    );
+    // 2. 检查绝对路径攻击（包含系统关键文件路径）
+    let has_abs_attack = sys_paths.some(sys_path =>
+      path.toLowerCase().includes(sys_path.toLowerCase()) ||
+      url_decoded.toLowerCase().includes(sys_path.toLowerCase()) ||
+      double_url_decoded.toLowerCase().includes(sys_path.toLowerCase())
+    );
+    return has_trav_pattern || has_abs_attack; // 移除starts_with_slash检查
+  },
+  /**
+   * 检查请求路径是否规范化，防止路径遍历攻击
+   * @param {string} path 请求路径
+   * @returns {boolean} 是否为安全路径
+   */
+  isSafePath(path) {
+    // 特殊处理根路径，直接返回安全
+    if (path === '/') {
+      return true;
+    }
+    // 获取规范化的路径
+    let norm_path = path.split('/')
+      .filter(segment => segment !== '')
+      .reduce((acc, segment) => {
+        // 防止路径回溯
+        if (segment === '..') {
+          acc.pop();
+        } else if (segment !== '.') {
+          acc.push(segment);
+        }
+        return acc;
+      }, [])
+      .join('/');
+    // 重新构建规范化的完整路径
+    let safe_path = '/' + norm_path;
+    // 检查规范化后的路径长度是否小于原始路径（表示存在路径回溯）
+    return safe_path.length >= path.length - 2; // 允许末尾的 '/' 差异
+  },
+  /**
+   * 检查路径是否在白名单中
+   * @param {string} path 请求路径
+   * @param {object} config WAF配置
+   * @returns {boolean} 是否在白名单中
+   */
+  isPathWhiteListed(path, config) {
+    // 获取配置中的路径白名单
+    let path_white_list = (config && config.web && config.web.path_whitelist)
+      || (config && config.path_whitelist)
+      || ['/static', '/favicon.ico', '/api', '/public', '/assets'];
+    // 检查路径是否以白名单中的任何路径开头
+    return Array.isArray(path_white_list) &&
+      path_white_list.some(white_path => path.startsWith(white_path));
+  }
+};

package/common/middleware/web_waf/middleware.json ADDED Viewed

@@ -0,0 +1,13 @@
+{
+	"name": "web_waf",
+	"title": "web防火墙",
+	"description": "用于防止sql注入、脚本注入等",
+	"version": "1.0",
+	"main": "index.js",
+	"type": "web",
+	"state": 1,
+	"sort": 50,
+	"log": true,
+	"ip_whitelist": ["127.0.0.1", "::1", "localhost"],
+	"path_whitelist": ["/favicon.ico", "/static", "/api", "/public", "/assets"]
+}

package/common/model/msg/index.js ADDED Viewed

@@ -0,0 +1,88 @@
+if (!$.const) {
+  $.const = {};
+}
+if ($.const) {
+  /**
+   * 消息类型枚举
+   */
+  const MESSAGE_TYPES = {
+    // 内容消息类
+    TEXT: 'text',
+    IMAGE: 'image',
+    VOICE: 'voice',
+    VIDEO: 'video',
+    FILE: 'file',
+    // 交互消息类
+    EVENT: 'event',
+    NOTICE: 'notice',
+    CARD: 'card',
+    LIST: 'list',
+    // 业务消息类
+    CHAT: 'chat',
+    MAIL: 'mail',
+    TRADE: 'trade'
+  };
+  $.const.MESSAGE_TYPES = MESSAGE_TYPES;
+  /**
+   * 事件类型枚举
+   */
+  const EVENT_TYPES = {
+    // 游戏事件
+    COMBAT: 'combat',
+    QUEST: 'quest',
+    LEVEL: 'level',
+    ACHIEVEMENT: 'achievement',
+    // 社交事件
+    FRIEND: 'friend',
+    GUILD: 'guild',
+    TEAM: 'team',
+    INVITE: 'invite',
+    // 系统事件
+    LOGIN: 'login',
+    LOGOUT: 'logout',
+    REWARD: 'reward',
+    ACTIVITY: 'activity'
+  };
+  $.const.EVENT_TYPES = EVENT_TYPES;
+  /**
+   * 消息分组枚举
+   */
+  const MESSAGE_GROUPS = {
+    PRIVATE: 'private',
+    CHANNEL: 'channel',
+    WORLD: 'world',
+    GUILD: 'guild',
+    SYSTEM: 'system'
+  };
+  $.const.MESSAGE_GROUPS = MESSAGE_GROUPS;
+  /**
+   * 消息优先级枚举
+   */
+  const PRIORITIES = {
+    LOW: 'low',
+    NORMAL: 'normal',
+    HIGH: 'high',
+    URGENT: 'urgent'
+  };
+  $.const.PRIORITIES = PRIORITIES;
+}
+/**
+ * 消息模型
+ */
+module.exports = {
+  /**
+   * 添加消息模型方法
+   * @param {object} model 消息模型实例
+   */
+  addMethods(model) {
+  }
+};