mr-sliy 1.0.0

package/src/utils/database.js

@@ -0,0 +1,125 @@
+/**
+ * 数据库连接模块
+ * 使用better-sqlite3管理SQLite数据库
+ */
+
+const Database = require('better-sqlite3');
+const path = require('path');
+const fs = require('fs');
+const { config } = require('../config');
+
+let dbInstance = null;
+
+/**
+ * 获取数据库实例（单例模式）
+ */
+function getDatabase() {
+  if (!dbInstance) {
+    let dbPath = config.database.path;
+    
+    if (!path.isAbsolute(dbPath)) {
+      dbPath = path.resolve(path.join(__dirname, '../../', dbPath));
+    }
+    
+    const dbDir = path.dirname(dbPath);
+    if (!fs.existsSync(dbDir)) {
+      fs.mkdirSync(dbDir, { recursive: true });
+    }
+    
+    dbInstance = new Database(dbPath);
+    
+    dbInstance.pragma('foreign_keys = ON');
+    dbInstance.pragma('journal_mode = WAL');
+  }
+  
+  return dbInstance;
+}
+
+/**
+ * 关闭数据库连接
+ */
+function closeDatabase() {
+  if (dbInstance) {
+    dbInstance.close();
+    dbInstance = null;
+  }
+}
+
+/**
+ * 执行查询（返回所有结果）
+ */
+function query(sql, params = []) {
+  const db = getDatabase();
+  try {
+    const stmt = db.prepare(sql);
+    return stmt.all(...params);
+  } catch (error) {
+    throw error;
+  }
+}
+
+/**
+ * 执行查询（返回单条结果）
+ */
+function queryOne(sql, params = []) {
+  const db = getDatabase();
+  try {
+    const stmt = db.prepare(sql);
+    return stmt.get(...params);
+  } catch (error) {
+    throw error;
+  }
+}
+
+/**
+ * 执行插入/更新/删除操作
+ */
+function execute(sql, params = []) {
+  const db = getDatabase();
+  try {
+    const stmt = db.prepare(sql);
+    const result = stmt.run(...params);
+    return {
+      success: true,
+      changes: result.changes,
+      lastInsertRowid: result.lastInsertRowid
+    };
+  } catch (error) {
+    throw error;
+  }
+}
+
+/**
+ * 执行事务
+ */
+function transaction(callback) {
+  const db = getDatabase();
+  const txn = db.transaction(callback);
+  return txn();
+}
+
+/**
+ * 批量执行
+ */
+function batchExecute(sqlArray, paramsArray) {
+  const db = getDatabase();
+  const stmt = db.prepare(sqlArray);
+  
+  const insertMany = db.transaction((items) => {
+    for (const params of items) {
+      stmt.run(...params);
+    }
+  });
+  
+  return insertMany(paramsArray);
+}
+
+module.exports = {
+  getDatabase,
+  closeDatabase,
+  query,
+  queryOne,
+  execute,
+  transaction,
+  batchExecute
+};

package/src/utils/helpers.js

@@ -0,0 +1,226 @@
+/**
+ * 通用工具函数模块
+ */
+
+const crypto = require('crypto');
+const path = require('path');
+
+/**
+ * 生成UUID
+ */
+function generateUUID() {
+  return crypto.randomUUID();
+}
+
+/**
+ * 延迟函数
+ */
+function sleep(ms) {
+  return new Promise(resolve => setTimeout(resolve, ms));
+}
+
+/**
+ * 深拷贝对象
+ */
+function deepClone(obj) {
+  return JSON.parse(JSON.stringify(obj));
+}
+
+/**
+ * 格式化日期时间
+ */
+function formatDateTime(date = new Date()) {
+  const d = new Date(date);
+  const year = d.getFullYear();
+  const month = String(d.getMonth() + 1).padStart(2, '0');
+  const day = String(d.getDate()).padStart(2, '0');
+  const hours = String(d.getHours()).padStart(2, '0');
+  const minutes = String(d.getMinutes()).padStart(2, '0');
+  const seconds = String(d.getSeconds()).padStart(2, '0');
+  
+  return `${year}-${month}-${day} ${hours}:${minutes}:${seconds}`;
+}
+
+/**
+ * 格式化文件大小
+ */
+function formatFileSize(bytes) {
+  if (bytes === 0) return '0 B';
+  
+  const k = 1024;
+  const sizes = ['B', 'KB', 'MB', 'GB', 'TB'];
+  const i = Math.floor(Math.log(bytes) / Math.log(k));
+  
+  return parseFloat((bytes / Math.pow(k, i)).toFixed(2)) + ' ' + sizes[i];
+}
+
+/**
+ * 格式化持续时间
+ */
+function formatDuration(ms) {
+  if (ms < 1000) return `${ms}ms`;
+  if (ms < 60000) return `${(ms / 1000).toFixed(2)}s`;
+  if (ms < 3600000) return `${(ms / 60000).toFixed(2)}min`;
+  return `${(ms / 3600000).toFixed(2)}h`;
+}
+
+/**
+ * 获取文件扩展名
+ */
+function getFileExtension(filename) {
+  return path.extname(filename).toLowerCase();
+}
+
+/**
+ * 获取文件语言类型
+ */
+function getFileLanguage(filename) {
+  const ext = getFileExtension(filename);
+  const languageMap = {
+    '.js': 'javascript',
+    '.jsx': 'javascript',
+    '.ts': 'typescript',
+    '.tsx': 'typescript',
+    '.py': 'python',
+    '.java': 'java',
+    '.go': 'go',
+    '.rs': 'rust',
+    '.c': 'c',
+    '.cpp': 'cpp',
+    '.h': 'c',
+    '.hpp': 'cpp',
+    '.cs': 'csharp',
+    '.rb': 'ruby',
+    '.php': 'php',
+    '.swift': 'swift',
+    '.kt': 'kotlin',
+    '.scala': 'scala'
+  };
+  
+  return languageMap[ext] || 'unknown';
+}
+
+/**
+ * 检查文件是否为支持的扫描类型
+ */
+function isSupportedFile(filename, extensions) {
+  const ext = getFileExtension(filename);
+  return extensions.includes(ext);
+}
+
+/**
+ * 检查路径是否在排除目录中
+ */
+function isExcludedPath(filePath, excludeDirs, excludeFiles) {
+  const parts = filePath.split(/[/\\]/);
+  
+  // 检查排除目录
+  for (const dir of excludeDirs) {
+    if (parts.includes(dir)) {
+      return true;
+    }
+  }
+  
+  // 检查排除文件
+  const filename = parts[parts.length - 1];
+  for (const file of excludeFiles) {
+    if (filename.includes(file)) {
+      return true;
+    }
+  }
+  
+  return false;
+}
+
+/**
+ * 计算代码行数
+ */
+function countLines(code) {
+  if (!code) return 0;
+  return code.split('\n').length;
+}
+
+/**
+ * 安全解析JSON
+ */
+function safeJsonParse(str, defaultValue = null) {
+  try {
+    return JSON.parse(str);
+  } catch (e) {
+    return defaultValue;
+  }
+}
+
+/**
+ * 安全字符串化JSON
+ */
+function safeJsonStringify(obj, defaultValue = '{}') {
+  try {
+    return JSON.stringify(obj);
+  } catch (e) {
+    return defaultValue;
+  }
+}
+
+/**
+ * 批量处理数组（分块）
+ */
+function chunk(array, size) {
+  const chunks = [];
+  for (let i = 0; i < array.length; i += size) {
+    chunks.push(array.slice(i, i + size));
+  }
+  return chunks;
+}
+
+/**
+ * 重试函数
+ */
+async function retry(fn, maxRetries = 3, delay = 1000) {
+  let lastError;
+  
+  for (let i = 0; i < maxRetries; i++) {
+    try {
+      return await fn();
+    } catch (error) {
+      lastError = error;
+      if (i < maxRetries - 1) {
+        await sleep(delay);
+      }
+    }
+  }
+  
+  throw lastError;
+}
+
+/**
+ * 简单哈希函数
+ */
+function simpleHash(str) {
+  let hash = 0;
+  for (let i = 0; i < str.length; i++) {
+    const char = str.charCodeAt(i);
+    hash = ((hash << 5) - hash) + char;
+    hash = hash & hash; // Convert to 32bit integer
+  }
+  return hash;
+}
+
+module.exports = {
+  generateUUID,
+  sleep,
+  deepClone,
+  formatDateTime,
+  formatFileSize,
+  formatDuration,
+  getFileExtension,
+  getFileLanguage,
+  isSupportedFile,
+  isExcludedPath,
+  countLines,
+  safeJsonParse,
+  safeJsonStringify,
+  chunk,
+  retry,
+  simpleHash
+};

package/src/utils/logger.js

@@ -0,0 +1,202 @@
+/**
+ * 日志工具模块
+ * 使用winston实现多级别日志记录
+ * 包含敏感数据自动脱敏功能
+ */
+
+const winston = require('winston');
+const path = require('path');
+const fs = require('fs');
+const { config } = require('../config');
+
+// 确保日志目录存在
+const logDir = path.dirname(config.logging.file);
+if (!fs.existsSync(logDir)) {
+  fs.mkdirSync(logDir, { recursive: true });
+}
+
+// 敏感字段列表（日志输出时自动脱敏）
+const SENSITIVE_FIELDS = [
+  'password', 'passwd', 'pwd',
+  'apiKey', 'api_key', 'apikey',
+  'secret', 'secretKey', 'secret_key',
+  'token', 'accessToken', 'access_token',
+  'refreshToken', 'refresh_token',
+  'authorization', 'auth',
+  'privateKey', 'private_key',
+  'credential', 'credentials'
+];
+
+/**
+ * 递归脱敏对象中的敏感字段
+ */
+function maskSensitiveData(obj, depth = 0) {
+  if (depth > 5 || obj === null || obj === undefined) {
+    return obj;
+  }
+  
+  if (typeof obj === 'string') {
+    // 检查字符串是否可能是API key或token
+    if (obj.length > 20 && /^(sk-|pk-|eyJ|xox[baprs]-)/i.test(obj)) {
+      return maskString(obj);
+    }
+    return obj;
+  }
+  
+  if (typeof obj !== 'object') {
+    return obj;
+  }
+  
+  if (Array.isArray(obj)) {
+    return obj.map(item => maskSensitiveData(item, depth + 1));
+  }
+  
+  const result = {};
+  for (const [key, value] of Object.entries(obj)) {
+    const lowerKey = key.toLowerCase();
+    if (SENSITIVE_FIELDS.some(field => lowerKey.includes(field.toLowerCase()))) {
+      result[key] = typeof value === 'string' ? maskString(value) : '[REDACTED]';
+    } else {
+      result[key] = maskSensitiveData(value, depth + 1);
+    }
+  }
+  return result;
+}
+
+/**
+ * 脱敏字符串（显示前4后4，中间用*代替）
+ */
+function maskString(str) {
+  if (!str || str.length <= 8) {
+    return '****';
+  }
+  return str.substring(0, 4) + '*'.repeat(str.length - 8) + str.substring(str.length - 4);
+}
+
+// 定义日志格式
+const logFormat = winston.format.combine(
+  winston.format.timestamp({ format: 'YYYY-MM-DD HH:mm:ss' }),
+  winston.format.errors({ stack: true }),
+  winston.format((info) => {
+    // 脱敏所有日志消息中的敏感数据
+    if (info.message && typeof info.message === 'object') {
+      info.message = maskSensitiveData(info.message);
+    }
+    // 脱敏meta数据
+    const metaKeys = Object.keys(info).filter(k => 
+      !['level', 'message', 'timestamp', 'stack', 'label', 'durationMs'].includes(k)
+    );
+    for (const key of metaKeys) {
+      info[key] = maskSensitiveData(info[key]);
+    }
+    return info;
+  })(),
+  winston.format.printf(({ level, message, timestamp, stack }) => {
+    if (stack) {
+      return `${timestamp} [${level.toUpperCase()}]: ${typeof message === 'object' ? JSON.stringify(message) : message}\n${stack}`;
+    }
+    return `${timestamp} [${level.toUpperCase()}]: ${typeof message === 'object' ? JSON.stringify(message) : message}`;
+  })
+);
+
+// 控制台日志格式（带颜色）
+const consoleFormat = winston.format.combine(
+  winston.format.colorize(),
+  winston.format.timestamp({ format: 'YYYY-MM-DD HH:mm:ss' }),
+  winston.format.printf(({ level, message, timestamp }) => {
+    return `${timestamp} [${level}]: ${message}`;
+  })
+);
+
+// 创建logger实例
+const logger = winston.createLogger({
+  level: config.logging.level,
+  format: logFormat,
+  transports: [
+    // 文件日志
+    new winston.transports.File({
+      filename: config.logging.file,
+      maxsize: config.logging.maxSize,
+      maxFiles: config.logging.maxFiles,
+      tailable: true
+    }),
+    // 错误日志单独文件
+    new winston.transports.File({
+      filename: path.join(logDir, 'error.log'),
+      level: 'error',
+      maxsize: config.logging.maxSize,
+      maxFiles: config.logging.maxFiles
+    })
+  ]
+});
+
+// 开发环境添加控制台输出（仅显示警告及以上级别）
+if (config.server.nodeEnv !== 'production') {
+  logger.add(new winston.transports.Console({
+    format: consoleFormat,
+    level: 'warn'
+  }));
+}
+
+/**
+ * 请求日志中间件
+ */
+function requestLogger(req, res, next) {
+  const startTime = Date.now();
+  
+  // 记录请求
+  logger.info(`请求开始: ${req.method} ${req.url}`, {
+    method: req.method,
+    url: req.url,
+    ip: req.ip,
+    userAgent: req.get('user-agent')
+  });
+  
+  // 记录响应
+  res.on('finish', () => {
+    const duration = Date.now() - startTime;
+    logger.info(`请求完成: ${req.method} ${req.url} - ${res.statusCode} (${duration}ms)`);
+  });
+  
+  next();
+}
+
+/**
+ * 操作日志记录
+ */
+async function logOperation(data) {
+  const db = require('./database').getDatabase();
+  
+  try {
+    const stmt = db.prepare(`
+      INSERT INTO sys_oper_log 
+      (user_id, username, operation_type, operation_desc, request_method, 
+       request_url, request_params, response_status, ip_address, user_agent, duration_ms)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `);
+    
+    stmt.run(
+      data.userId || null,
+      data.username || 'system',
+      data.operationType,
+      data.operationDesc,
+      data.requestMethod || null,
+      data.requestUrl || null,
+      data.requestParams ? JSON.stringify(data.requestParams) : null,
+      data.responseStatus || null,
+      data.ipAddress || null,
+      data.userAgent || null,
+      data.durationMs || null
+    );
+  } catch (error) {
+    logger.error('记录操作日志失败:', error);
+  }
+}
+
+module.exports = {
+  logger,
+  requestLogger,
+  logOperation,
+  maskSensitiveData,
+  maskString
+};