npm - nodebb-plugin-pdf-secure2 - Versions diffs - 1.2.37 → 1.3.0 - Mend

nodebb-plugin-pdf-secure2 1.2.37 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/.claude/settings.local.json +11 -0
package/lib/controllers.js +105 -0
package/lib/gemini-chat.js +231 -0
package/library.js +257 -246
package/package.json +2 -1
package/plugin.json +4 -1
package/static/lib/admin.js +25 -0
package/static/lib/main.js +468 -468
package/static/lib/pdf.min.mjs +20 -20
package/static/lib/pdf.worker.min.mjs +20 -20
package/static/templates/admin/plugins/pdf-secure.tpl +14 -5
package/static/viewer-app.js +2 -2
package/static/viewer.html +6353 -5883
package/static/lib/viewer.js +0 -161
package/static/viewer-yedek.html +0 -4548

package/.claude/settings.local.json ADDED Viewed

@@ -0,0 +1,11 @@
+{
+  "permissions": {
+    "allow": [
+      "WebFetch(domain:raw.githubusercontent.com)",
+      "WebFetch(domain:github.com)",
+      "Bash(dir:*)",
+      "Bash(npm pack:*)",
+      "Bash(tar:*)"
+    ]
+  }
+}

package/lib/controllers.js CHANGED Viewed

@@ -1,11 +1,29 @@
 'use strict';
 const crypto = require('crypto');
+const path = require('path');
 const nonceStore = require('./nonce-store');
 const pdfHandler = require('./pdf-handler');
+const geminiChat = require('./gemini-chat');
+const groups = require.main.require('./src/groups');
 const Controllers = module.exports;
+// Rate limiting: per-user message counter
+const rateLimits = new Map(); // uid -> { count, windowStart }
+const RATE_LIMIT_WINDOW = 60 * 1000; // 1 minute
+const RATE_LIMIT_MAX = 30; // messages per window
+// Periodic cleanup of expired rate limit entries
+setInterval(() => {
+	const now = Date.now();
+	for (const [uid, entry] of rateLimits.entries()) {
+		if (now - entry.windowStart > RATE_LIMIT_WINDOW * 2) {
+			rateLimits.delete(uid);
+		}
+	}
+}, 5 * 60 * 1000).unref();
 // AES-256-GCM encryption - replaces weak XOR obfuscation
 function aesGcmEncrypt(buffer, key, iv) {
 	const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);
@@ -63,3 +81,90 @@ Controllers.servePdfBinary = async function (req, res) {
 		return res.status(500).json({ error: 'Internal error' });
 	}
 };
+Controllers.handleChat = async function (req, res) {
+	// Authentication gate
+	if (!req.uid) {
+		return res.status(401).json({ error: 'Authentication required' });
+	}
+	// Check AI availability
+	if (!geminiChat.isAvailable()) {
+		return res.status(503).json({ error: 'AI chat is not configured' });
+	}
+	// Premium/VIP group check
+	const [isAdmin, isGlobalMod, isPremiumMember, isVipMember] = await Promise.all([
+		groups.isMember(req.uid, 'administrators'),
+		groups.isMember(req.uid, 'Global Moderators'),
+		groups.isMember(req.uid, 'Premium'),
+		groups.isMember(req.uid, 'VIP'),
+	]);
+	const isPremium = isAdmin || isGlobalMod || isPremiumMember || isVipMember;
+	if (!isPremium) {
+		return res.status(403).json({ error: 'Premium membership required for AI chat' });
+	}
+	// Rate limiting
+	const now = Date.now();
+	let userRate = rateLimits.get(req.uid);
+	if (!userRate || now - userRate.windowStart > RATE_LIMIT_WINDOW) {
+		userRate = { count: 0, windowStart: now };
+		rateLimits.set(req.uid, userRate);
+	}
+	userRate.count += 1;
+	if (userRate.count > RATE_LIMIT_MAX) {
+		return res.status(429).json({ error: 'Rate limit exceeded. Please wait a moment.' });
+	}
+	// Body validation
+	const { filename, question, history } = req.body;
+	if (!filename || typeof filename !== 'string') {
+		return res.status(400).json({ error: 'Missing or invalid filename' });
+	}
+	const safeName = path.basename(filename);
+	if (!safeName || safeName !== filename || !safeName.toLowerCase().endsWith('.pdf')) {
+		return res.status(400).json({ error: 'Invalid filename' });
+	}
+	const trimmedQuestion = typeof question === 'string' ? question.trim() : '';
+	if (!trimmedQuestion || trimmedQuestion.length > 2000) {
+		return res.status(400).json({ error: 'Question is required (max 2000 characters)' });
+	}
+	if (history && (!Array.isArray(history) || history.length > 50)) {
+		return res.status(400).json({ error: 'Invalid history (max 50 entries)' });
+	}
+	if (history) {
+		for (const entry of history) {
+			if (!entry || typeof entry !== 'object') {
+				return res.status(400).json({ error: 'Invalid history entry' });
+			}
+			if (entry.role !== 'user' && entry.role !== 'model') {
+				return res.status(400).json({ error: 'Invalid history role' });
+			}
+			if (typeof entry.text !== 'string' || entry.text.length > 4000) {
+				return res.status(400).json({ error: 'Invalid history text' });
+			}
+		}
+	}
+	try {
+		const answer = await geminiChat.chat(safeName, trimmedQuestion, history || []);
+		return res.json({ answer });
+	} catch (err) {
+		console.error('[PDF-Secure] Chat error:', err.message);
+		if (err.message === 'File not found') {
+			return res.status(404).json({ error: 'PDF not found' });
+		}
+		if (err.status === 429 || err.message.includes('rate limit') || err.message.includes('quota')) {
+			return res.status(429).json({ error: 'AI service rate limit exceeded. Please try again later.' });
+		}
+		if (err.status === 401 || err.status === 403 || err.message.includes('API key')) {
+			return res.status(503).json({ error: 'AI service configuration error' });
+		}
+		return res.status(500).json({ error: 'Failed to get AI response. Please try again.' });
+	}
+};

package/lib/gemini-chat.js ADDED Viewed

@@ -0,0 +1,231 @@
+'use strict';
+const fs = require('fs');
+const pdfHandler = require('./pdf-handler');
+const GeminiChat = module.exports;
+let ai = null;
+// Cache maps
+const fileCache = new Map(); // filename -> {fileUri, uploadedAt}
+const contextCache = new Map(); // filename -> {cacheName, expiresAt}
+const uploadPromises = new Map(); // filename -> Promise (deduplication)
+const FILE_TTL = 48 * 60 * 60 * 1000; // 48 hours (Gemini Files API limit)
+const CONTEXT_TTL = 30 * 60 * 1000; // 30 minutes
+const CLEANUP_INTERVAL = 10 * 60 * 1000; // 10 minutes
+const SMALL_PDF_THRESHOLD = 8; // pages - skip caching for small PDFs
+const SYSTEM_INSTRUCTION = `You are a helpful assistant that answers questions about the provided PDF document.
+Respond in the same language the user writes their question in.
+Be concise and accurate. When referencing specific information, mention the relevant page or section when possible.`;
+const MODEL_NAME = 'gemini-2.5-flash';
+// Periodic cleanup of expired entries
+const cleanupTimer = setInterval(() => {
+	const now = Date.now();
+	for (const [key, entry] of fileCache.entries()) {
+		if (now - entry.uploadedAt > FILE_TTL) {
+			fileCache.delete(key);
+		}
+	}
+	for (const [key, entry] of contextCache.entries()) {
+		if (now > entry.expiresAt) {
+			contextCache.delete(key);
+		}
+	}
+}, CLEANUP_INTERVAL);
+cleanupTimer.unref();
+GeminiChat.init = function (apiKey) {
+	if (!apiKey) {
+		ai = null;
+		return;
+	}
+	try {
+		const { GoogleGenAI } = require('@google/genai');
+		ai = new GoogleGenAI({ apiKey });
+		console.log('[PDF-Secure] Gemini AI client initialized');
+	} catch (err) {
+		console.error('[PDF-Secure] Failed to initialize Gemini client:', err.message);
+		ai = null;
+	}
+};
+GeminiChat.isAvailable = function () {
+	return !!ai;
+};
+async function uploadFile(filename) {
+	const filePath = pdfHandler.resolveFilePath(filename);
+	if (!filePath || !fs.existsSync(filePath)) {
+		throw new Error('File not found');
+	}
+	const fileBuffer = await fs.promises.readFile(filePath);
+	const uploadResult = await ai.files.upload({
+		file: new Blob([fileBuffer], { type: 'application/pdf' }),
+		config: { displayName: filename },
+	});
+	// Wait for file processing
+	let file = uploadResult;
+	while (file.state === 'PROCESSING') {
+		await new Promise(r => setTimeout(r, 2000));
+		file = await ai.files.get({ name: file.name });
+	}
+	if (file.state === 'FAILED') {
+		throw new Error('File processing failed');
+	}
+	return file;
+}
+async function getPageCount(filename) {
+	try {
+		return await pdfHandler.getTotalPages(filename);
+	} catch {
+		return 0;
+	}
+}
+GeminiChat.ensureCache = async function (filename) {
+	// Check existing context cache
+	const cached = contextCache.get(filename);
+	if (cached && Date.now() < cached.expiresAt) {
+		return { cacheName: cached.cacheName, useCache: true };
+	}
+	// Check if PDF is small enough to skip caching
+	const pageCount = await getPageCount(filename);
+	if (pageCount > 0 && pageCount < SMALL_PDF_THRESHOLD) {
+		// Small PDF: use inline approach
+		return { filename, useCache: false };
+	}
+	// Deduplicate concurrent upload requests for the same file
+	if (uploadPromises.has(filename)) {
+		return uploadPromises.get(filename);
+	}
+	const promise = (async () => {
+		try {
+			// Ensure file is uploaded
+			let fileEntry = fileCache.get(filename);
+			if (!fileEntry || Date.now() - fileEntry.uploadedAt > FILE_TTL) {
+				const uploaded = await uploadFile(filename);
+				fileEntry = { fileUri: uploaded.uri, uploadedAt: Date.now() };
+				fileCache.set(filename, fileEntry);
+				console.log('[PDF-Secure] File uploaded to Gemini:', filename);
+			}
+			// Create context cache
+			const cache = await ai.caches.create({
+				model: MODEL_NAME,
+				config: {
+					contents: [{
+						role: 'user',
+						parts: [{ fileData: { fileUri: fileEntry.fileUri, mimeType: 'application/pdf' } }],
+					}],
+					systemInstruction: SYSTEM_INSTRUCTION,
+					ttl: `${CONTEXT_TTL / 1000}s`,
+				},
+			});
+			const cacheEntry = {
+				cacheName: cache.name,
+				expiresAt: Date.now() + CONTEXT_TTL,
+			};
+			contextCache.set(filename, cacheEntry);
+			console.log('[PDF-Secure] Context cache created for:', filename);
+			return { cacheName: cache.name, useCache: true };
+		} finally {
+			uploadPromises.delete(filename);
+		}
+	})();
+	uploadPromises.set(filename, promise);
+	return promise;
+};
+GeminiChat.chat = async function (filename, question, history) {
+	if (!ai) {
+		throw new Error('AI chat is not configured');
+	}
+	const cacheInfo = await GeminiChat.ensureCache(filename);
+	// Build conversation contents from history
+	const contents = [];
+	if (Array.isArray(history)) {
+		for (const entry of history) {
+			if (entry.role && entry.text) {
+				contents.push({
+					role: entry.role === 'user' ? 'user' : 'model',
+					parts: [{ text: entry.text }],
+				});
+			}
+		}
+	}
+	// Add current question
+	contents.push({
+		role: 'user',
+		parts: [{ text: question }],
+	});
+	let response;
+	if (cacheInfo.useCache) {
+		// Use cached context
+		response = await ai.models.generateContent({
+			model: MODEL_NAME,
+			contents,
+			config: {
+				cachedContent: cacheInfo.cacheName,
+			},
+		});
+	} else {
+		// Inline PDF for small files
+		const filePath = pdfHandler.resolveFilePath(filename);
+		if (!filePath || !fs.existsSync(filePath)) {
+			throw new Error('File not found');
+		}
+		const fileBuffer = await fs.promises.readFile(filePath);
+		const base64Data = fileBuffer.toString('base64');
+		// Prepend PDF as first message
+		const inlineContents = [
+			{
+				role: 'user',
+				parts: [
+					{ inlineData: { mimeType: 'application/pdf', data: base64Data } },
+					{ text: 'I am sharing a PDF document with you. Please use it to answer my questions.' },
+				],
+			},
+			{
+				role: 'model',
+				parts: [{ text: 'I have received the PDF document. I am ready to answer your questions about it.' }],
+			},
+			...contents,
+		];
+		response = await ai.models.generateContent({
+			model: MODEL_NAME,
+			contents: inlineContents,
+			config: {
+				systemInstruction: SYSTEM_INSTRUCTION,
+			},
+		});
+	}
+	const text = response?.candidates?.[0]?.content?.parts?.[0]?.text;
+	if (!text) {
+		throw new Error('Empty response from AI');
+	}
+	return text;
+};