mm_session 1.5.5 → 1.5.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/lib/session.js +42 -16
  2. package/package.json +3 -3
package/lib/session.js CHANGED
@@ -37,7 +37,6 @@ class Session {
37
37
  constructor(config = {}) {
38
38
  this.config = { ...Session.config };
39
39
  this.setConfig(config);
40
- this._init();
41
40
  }
42
41
  }
43
42
 
@@ -47,12 +46,13 @@ class Session {
47
46
  */
48
47
  Session.prototype.setConfig = function (config) {
49
48
  $.push(this.config, config);
49
+ this._preset();
50
50
  };
51
51
 
52
52
  /**
53
53
  * 初始化session存储和助手
54
54
  */
55
- Session.prototype._init = function () {
55
+ Session.prototype._preset = function () {
56
56
  this._store = new Store(this.config.key_prefix);
57
57
  this._helper = new Helper();
58
58
  };
@@ -123,13 +123,39 @@ Session.prototype._handle = async function (ctx, next) {
123
123
  await this._save(ctx, session_id);
124
124
  };
125
125
 
126
+ /**
127
+ * 获取客户端IP地址
128
+ * @param {object} ctx HTTP上下文
129
+ * @returns {string} 客户端IP地址
130
+ */
131
+ Session.prototype._getClientIP = function (ctx) {
132
+ // 优先从ctx.ip获取
133
+ if (ctx.ip) {
134
+ return ctx.ip;
135
+ }
136
+
137
+ // 从X-Forwarded-For头部获取(代理服务器场景)
138
+ if (ctx.headers['x-forwarded-for']) {
139
+ const ips = ctx.headers['x-forwarded-for'].split(',');
140
+ return ips[0].trim();
141
+ }
142
+
143
+ // 从X-Real-IP头部获取
144
+ if (ctx.headers['x-real-ip']) {
145
+ return ctx.headers['x-real-ip'];
146
+ }
147
+
148
+ // 默认返回本地IP
149
+ return '127.0.0.1';
150
+ };
151
+
126
152
  /**
127
153
  * 获取协议头信息
128
154
  * @param {object} ctx HTTP上下文
129
155
  * @returns {object} session信息
130
156
  */
131
157
  Session.prototype._getHeaderInfo = function (ctx) {
132
- let ip = ctx.ip || '127.0.0.1';
158
+ let ip = this._getClientIP(ctx);
133
159
  let user_agent = ctx.headers['user-agent'] || 'mm';
134
160
  return {
135
161
  ip,
@@ -267,22 +293,22 @@ Session.prototype._cleanup = function (ctx) {
267
293
  */
268
294
  Session.prototype._extractSessionData = function (ctx) {
269
295
  const session_to_save = {};
270
-
296
+
271
297
  // 使用Reflect.ownKeys确保正确枚举Proxy对象的所有属性
272
298
  const keys = Reflect.ownKeys(ctx.session);
273
-
299
+
274
300
  for (const key of keys) {
275
301
  // 跳过Symbol类型的属性
276
302
  if (typeof key === 'symbol') {
277
303
  continue;
278
304
  }
279
-
305
+
280
306
  // 跳过函数属性和内部属性
281
307
  if (typeof ctx.session[key] !== 'function' && !key.startsWith('_')) {
282
308
  session_to_save[key] = ctx.session[key];
283
309
  }
284
310
  }
285
-
311
+
286
312
  return session_to_save;
287
313
  };
288
314
 
@@ -315,14 +341,14 @@ Session.prototype._save = async function (ctx, session_id) {
315
341
  await this._delSession(ctx, session_id);
316
342
  return;
317
343
  }
318
-
344
+
319
345
  // 如果session被修改过,需要保存
320
346
  if (ctx.session._modified) {
321
347
  await this._handleCookie(ctx, session_id);
322
-
348
+
323
349
  // 提取session数据
324
350
  const session_to_save = this._extractSessionData(ctx);
325
-
351
+
326
352
  // 保存内部属性(_is_new和_modified)
327
353
  if (ctx.session._is_new !== undefined) {
328
354
  session_to_save._is_new = ctx.session._is_new;
@@ -330,10 +356,10 @@ Session.prototype._save = async function (ctx, session_id) {
330
356
  if (ctx.session._modified !== undefined) {
331
357
  session_to_save._modified = ctx.session._modified;
332
358
  }
333
-
359
+
334
360
  // 清理session
335
361
  this._cleanup(ctx);
336
-
362
+
337
363
  // 保存session到存储
338
364
  return await this._store.set(ctx.session.uuid, session_to_save, this.config.max_age || 7200);
339
365
  }
@@ -347,7 +373,7 @@ Session.prototype._save = async function (ctx, session_id) {
347
373
  */
348
374
  Session.prototype.save = async function (ctx, session_id_or_obj) {
349
375
  let session_id;
350
-
376
+
351
377
  if (typeof session_id_or_obj === 'string') {
352
378
  // 如果传入的是session ID字符串
353
379
  session_id = session_id_or_obj;
@@ -362,7 +388,7 @@ Session.prototype.save = async function (ctx, session_id_or_obj) {
362
388
  throw new TypeError('无效的session参数');
363
389
  }
364
390
  }
365
-
391
+
366
392
  return await this._save(ctx, session_id);
367
393
  };
368
394
 
@@ -420,7 +446,7 @@ Session.prototype._verifyExpiration = async function (end_time) {
420
446
  Session.prototype._checkSessionId = async function (session_id, client_ip, client_ua) {
421
447
  try {
422
448
  // 解码session_id
423
- var data = this._helper.aesDecode(session_id,
449
+ var data = this._helper.aesDecode(session_id,
424
450
  this.config.encrypt_key, this._helper._getSecret(client_ua));
425
451
  if (!data) return false;
426
452
  let { ip, end_time } = data;
@@ -434,7 +460,7 @@ Session.prototype._checkSessionId = async function (session_id, client_ip, clien
434
460
  return false;
435
461
  }
436
462
  }
437
-
463
+
438
464
  // 所有验证通过
439
465
  return true;
440
466
  } catch (err) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "mm_session",
3
- "version": "1.5.5",
3
+ "version": "1.5.6",
4
4
  "description": "这是超级美眉session函数模块,用于web服务端session缓存",
5
5
  "main": "index.js",
6
6
  "scripts": {
@@ -33,7 +33,7 @@
33
33
  "mm_cache": "^1.4.8"
34
34
  },
35
35
  "devDependencies": {
36
- "eslint-plugin-jsdoc": "^61.5.0",
37
- "mm_eslint": "^1.3.7"
36
+ "eslint-plugin-jsdoc": "^62.9.0",
37
+ "mm_eslint": "^1.7.1"
38
38
  }
39
39
  }