skill-base 2.0.1

package/README.md

@@ -0,0 +1,141 @@
+# Skill Base
+
+轻量级 AI Agent Skill 管理平台，支持 Web 端和命令行工具。
+
+## 功能特性
+
+- **Skill 管理** - 搜索、安装、更新、发布 AI Agent Skills
+- **版本控制** - 每个 Skill 支持多版本管理
+- **协作者管理** - 支持多人协作维护 Skill
+- **双端支持** - Web 界面 + CLI 命令行工具
+
+## 快速开始
+
+### 使用 npx 一键启动
+
+```bash
+# 直接运行（默认端口 8000）
+npx skill-base
+
+# 指定端口
+npx skill-base -p 3000
+
+# 仅本地访问
+npx skill-base --host 127.0.0.1
+```
+
+### Web 端使用
+
+1. 访问平台首页，注册/登录账号
+2. 浏览或搜索需要的 Skill
+3. 点击 Skill 查看详情和历史版本
+4. 点击下载按钮获取 Skill 文件
+
+**发布 Skill：**
+1. 登录后点击「发布」
+2. 选择包含 `SKILL.md` 的文件夹
+3. 填写版本说明后提交
+
+### CLI 使用
+
+安装 CLI 工具：
+
+```bash
+npm install -g skill-base-cli
+```
+
+配置服务器地址（默认 localhost:8000）：
+
+```bash
+export SKB_BASE_URL=https://your-server.com
+```
+
+常用命令：
+
+```bash
+# 登录
+skb login
+
+# 搜索 Skill
+skb search vue
+
+# 安装 Skill
+skb install vue-best-practices
+skb install vue-best-practices@v20260115.120000  # 指定版本
+skb install vue-best-practices -d ./my-skills    # 指定目录
+
+# 更新 Skill
+skb update vue-best-practices
+
+# 发布 Skill
+skb publish ./my-skill --changelog "初始版本"
+
+# 登出
+skb logout
+```
+
+## 部署服务端
+
+### 环境要求
+
+- Node.js >= 18.0.0
+
+### 本地运行
+
+```bash
+# 安装依赖
+npm install
+
+# 开发模式
+npm run dev
+
+# 生产模式
+npm start
+```
+
+### 初始化管理员账号
+
+首次启动时，如果系统中还没有管理员账号，访问任何页面会自动跳转到初始化设置页面，请按提示设置管理员用户名和密码。
+
+> **安全提示**：请妥善保管管理员凭据，建议使用强密码。
+
+### Docker 部署
+
+```bash
+docker build -t skill-base .
+docker run -p 8000:8000 -v ./data:/app/data skill-base
+```
+
+## 项目结构
+
+```
+skill-base/
+├── cli/          # CLI 命令行工具
+├── src/          # 服务端源码
+├── static/       # Web 前端
+├── data/         # 数据存储
+└── docs/         # 文档
+```
+
+## SKILL.md 规范
+
+每个 Skill 必须包含 `SKILL.md` 文件，平台会自动解析：
+
+- **name**: 第一个 `#` 标题
+- **description**: 标题后的第一段文本
+
+示例：
+
+```markdown
+# Vue Best Practices
+
+Vue.js 开发最佳实践指南，包含组件设计、状态管理等内容。
+
+## 使用方法
+
+...
+```
+
+## License
+
+MIT

package/bin/skill-base.js

@@ -0,0 +1,53 @@
+#!/usr/bin/env node
+
+/**
+ * Skill Base CLI Entry
+ * 启动 Skill Base Web 服务
+ */
+
+const path = require('path');
+
+// 解析命令行参数
+const args = process.argv.slice(2);
+let port = 8000;
+let host = '0.0.0.0';
+
+for (let i = 0; i < args.length; i++) {
+  if ((args[i] === '-p' || args[i] === '--port') && args[i + 1]) {
+    port = parseInt(args[i + 1], 10);
+    i++;
+  } else if ((args[i] === '-h' || args[i] === '--host') && args[i + 1]) {
+    host = args[i + 1];
+    i++;
+  } else if (args[i] === '--help') {
+    console.log(`
+Skill Base - 内网轻量版 Skill 管理平台
+
+Usage:
+  npx skill-base [options]
+
+Options:
+  -p, --port <port>   指定端口号 (默认: 8000)
+  -h, --host <host>   指定监听地址 (默认: 0.0.0.0)
+  --help              显示帮助信息
+  --version           显示版本号
+
+Examples:
+  npx skill-base                    # 启动服务 (端口 8000)
+  npx skill-base -p 3000            # 使用端口 3000
+  npx skill-base --host 127.0.0.1   # 仅本地访问
+`);
+    process.exit(0);
+  } else if (args[i] === '--version') {
+    const pkg = require('../package.json');
+    console.log(pkg.version);
+    process.exit(0);
+  }
+}
+
+// 设置环境变量
+process.env.PORT = port;
+process.env.HOST = host;
+
+// 启动服务
+require('../src/index.js');

package/package.json

@@ -0,0 +1,36 @@
+{
+  "name": "skill-base",
+  "version": "2.0.1",
+  "description": "Skill Base - 内网轻量版 Skill 管理平台",
+  "main": "src/index.js",
+  "bin": {
+    "skill-base": "./bin/skill-base.js"
+  },
+  "files": [
+    "bin",
+    "src",
+    "static",
+    "data/.gitkeep"
+  ],
+  "scripts": {
+    "start": "node src/index.js",
+    "dev": "nodemon src/index.js",
+    "test": "node --test tests/**/*.test.js"
+  },
+  "dependencies": {
+    "fastify": "^4.26.0",
+    "@fastify/static": "^6.12.0",
+    "@fastify/multipart": "^8.0.0",
+    "@fastify/cookie": "^9.3.0",
+    "@fastify/cors": "^9.0.0",
+    "better-sqlite3": "^9.4.0",
+    "bcryptjs": "^2.4.3",
+    "uuid": "^9.0.0"
+  },
+  "devDependencies": {
+    "nodemon": "^3.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}

package/src/database.js

@@ -0,0 +1,119 @@
+const Database = require('better-sqlite3');
+const bcrypt = require('bcryptjs');
+const path = require('path');
+
+// 数据库文件路径，支持环境变量配置
+const dbPath = process.env.DATABASE_PATH || path.join(__dirname, '../data/skills.db');
+
+// 创建数据库连接
+const db = new Database(dbPath);
+
+// 开启 WAL 模式提升并发性能
+db.pragma('journal_mode = WAL');
+
+// 开启外键约束
+db.pragma('foreign_keys = ON');
+
+// 建表 SQL
+const createTablesSql = `
+-- 用户表
+CREATE TABLE IF NOT EXISTS users (
+    id            INTEGER PRIMARY KEY AUTOINCREMENT,
+    username      TEXT UNIQUE NOT NULL,
+    password_hash TEXT,
+    role          TEXT DEFAULT 'developer',
+    name          TEXT,
+    created_at    DATETIME DEFAULT CURRENT_TIMESTAMP
+);
+
+-- CLI 临时验证码表
+CREATE TABLE IF NOT EXISTS cli_auth_codes (
+    code          TEXT PRIMARY KEY,
+    user_id       INTEGER NOT NULL,
+    expires_at    DATETIME NOT NULL,
+    used          BOOLEAN DEFAULT FALSE,
+    FOREIGN KEY (user_id) REFERENCES users(id)
+);
+
+-- 长效访问令牌表 (PAT)
+CREATE TABLE IF NOT EXISTS personal_access_tokens (
+    token         TEXT PRIMARY KEY,
+    user_id       INTEGER NOT NULL,
+    description   TEXT,
+    last_used_at  DATETIME,
+    created_at    DATETIME DEFAULT CURRENT_TIMESTAMP,
+    FOREIGN KEY (user_id) REFERENCES users(id)
+);
+
+-- Skill 主表
+CREATE TABLE IF NOT EXISTS skills (
+    id            TEXT PRIMARY KEY,
+    name          TEXT NOT NULL,
+    description   TEXT,
+    latest_version TEXT,
+    owner_id      INTEGER NOT NULL,
+    created_at    DATETIME DEFAULT CURRENT_TIMESTAMP,
+    updated_at    DATETIME DEFAULT CURRENT_TIMESTAMP,
+    FOREIGN KEY (owner_id) REFERENCES users(id)
+);
+
+-- 版本表
+CREATE TABLE IF NOT EXISTS skill_versions (
+    id           INTEGER PRIMARY KEY AUTOINCREMENT,
+    skill_id     TEXT NOT NULL,
+    version      TEXT NOT NULL,
+    changelog    TEXT,
+    zip_path     TEXT NOT NULL,
+    uploader_id  INTEGER NOT NULL,
+    created_at   DATETIME DEFAULT CURRENT_TIMESTAMP,
+    FOREIGN KEY (skill_id) REFERENCES skills(id) ON DELETE CASCADE,
+    FOREIGN KEY (uploader_id) REFERENCES users(id),
+    UNIQUE(skill_id, version)
+);
+
+-- Skill 协作者表
+CREATE TABLE IF NOT EXISTS skill_collaborators (
+    id            INTEGER PRIMARY KEY AUTOINCREMENT,
+    skill_id      TEXT NOT NULL,
+    user_id       INTEGER NOT NULL,
+    role          TEXT NOT NULL DEFAULT 'collaborator',
+    created_at    DATETIME DEFAULT CURRENT_TIMESTAMP,
+    created_by    INTEGER NOT NULL,
+    FOREIGN KEY (skill_id) REFERENCES skills(id) ON DELETE CASCADE,
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+    FOREIGN KEY (created_by) REFERENCES users(id),
+    UNIQUE(skill_id, user_id)
+);
+
+-- 索引
+CREATE INDEX IF NOT EXISTS idx_versions_skill_id ON skill_versions(skill_id);
+CREATE INDEX IF NOT EXISTS idx_cli_codes_user ON cli_auth_codes(user_id);
+CREATE INDEX IF NOT EXISTS idx_pat_tokens_user ON personal_access_tokens(user_id);
+CREATE INDEX IF NOT EXISTS idx_collaborators_skill ON skill_collaborators(skill_id);
+CREATE INDEX IF NOT EXISTS idx_collaborators_user ON skill_collaborators(user_id);
+`;
+
+// 执行建表语句
+db.exec(createTablesSql);
+
+// 安全地添加新字段（如果不存在）
+try { db.exec("ALTER TABLE users ADD COLUMN status TEXT DEFAULT 'active'"); } catch(e) {}
+// SQLite 不支持带 CURRENT_TIMESTAMP 默认值的 ALTER TABLE，需要分两步
+try { 
+  db.exec("ALTER TABLE users ADD COLUMN updated_at DATETIME"); 
+  db.exec("UPDATE users SET updated_at = datetime('now') WHERE updated_at IS NULL");
+} catch(e) {}
+try { db.exec("ALTER TABLE users ADD COLUMN created_by INTEGER REFERENCES users(id)"); } catch(e) {}
+try { db.exec("ALTER TABLE users ADD COLUMN name TEXT"); } catch(e) {}
+
+// 数据迁移：为已有 Skills 的 owner 插入 skill_collaborators 记录
+const existingSkills = db.prepare('SELECT id, owner_id FROM skills').all();
+const insertCollaborator = db.prepare(`
+  INSERT OR IGNORE INTO skill_collaborators (skill_id, user_id, role, created_by)
+  VALUES (?, ?, 'owner', ?)
+`);
+for (const skill of existingSkills) {
+  insertCollaborator.run(skill.id, skill.owner_id, skill.owner_id);
+}
+
+module.exports = db;

package/src/index.js

@@ -0,0 +1,88 @@
+const path = require('path');
+const fastify = require('fastify')({
+  logger: true,
+  // 设置 body 大小限制为 100MB（支持大 zip 上传）
+  bodyLimit: 100 * 1024 * 1024
+});
+
+// 主启动函数
+async function start() {
+  try {
+    // 1. 注册插件
+    // @fastify/cors — 允许跨域
+    await fastify.register(require('@fastify/cors'), {
+      origin: true,
+      credentials: true
+    });
+
+    // @fastify/cookie — Cookie 支持
+    await fastify.register(require('@fastify/cookie'));
+
+    // @fastify/multipart — 文件上传支持
+    await fastify.register(require('@fastify/multipart'), {
+      limits: {
+        fileSize: 100 * 1024 * 1024  // 100MB
+      }
+    });
+
+    // @fastify/static — 静态文件服务（指向 static/ 目录）
+    await fastify.register(require('@fastify/static'), {
+      root: path.join(__dirname, '../static'),
+      prefix: '/'
+    });
+
+    // 2. 注册自定义中间件
+    // 错误处理
+    await fastify.register(require('./middleware/error'));
+    // 认证（注册 authenticate、createSession 等装饰器）
+    await fastify.register(require('./middleware/auth'));
+    // 管理员权限（注册 requireAdmin 装饰器）
+    await fastify.register(require('./middleware/admin'));
+
+    // 3. 注册 API 路由（前缀 /api/v1）
+    await fastify.register(require('./routes/init'), { prefix: '/api/v1/init' });
+    await fastify.register(require('./routes/auth'), { prefix: '/api/v1/auth' });
+    await fastify.register(require('./routes/skills'), { prefix: '/api/v1/skills' });
+    await fastify.register(require('./routes/publish'), { prefix: '/api/v1/skills' });
+    await fastify.register(require('./routes/collaborators'), { prefix: '/api/v1/skills' });
+    await fastify.register(require('./routes/users'), { prefix: '/api/v1/users' });
+
+    // 4. 页面路由 fallback（SPA 风格路由支持）
+    fastify.setNotFoundHandler(async (request, reply) => {
+      // API 路由返回 JSON 404
+      if (request.url.startsWith('/api/')) {
+        return reply.code(404).send({ detail: 'Not found' });
+      }
+
+      // 页面路由映射到对应 HTML 文件
+      const url = request.url.split('?')[0]; // 去掉 query string
+
+      if (url === '/setup') return reply.sendFile('setup.html');
+      if (url === '/login') return reply.sendFile('login.html');
+      if (url === '/publish') return reply.sendFile('publish.html');
+      if (url === '/cli-code') return reply.sendFile('cli-code.html');
+      if (url === '/admin/users') return reply.sendFile('admin/users.html');
+      if (url.match(/^\/skill\/[^/]+\/file\//)) return reply.sendFile('file.html');
+      if (url.match(/^\/skill\/[^/]+\/diff/)) return reply.sendFile('diff.html');
+      if (url.match(/^\/skill\/[^/]+$/)) return reply.sendFile('skill.html');
+
+      // 其他未匹配路由返回首页
+      return reply.sendFile('index.html');
+    });
+
+    // 5. 确保数据库已初始化
+    require('./database');
+
+    // 6. 启动服务
+    const PORT = process.env.PORT || 8000;
+    const HOST = process.env.HOST || '0.0.0.0';
+
+    await fastify.listen({ port: PORT, host: HOST });
+    console.log(`Skill Base server running at http://${HOST}:${PORT}`);
+  } catch (err) {
+    fastify.log.error(err);
+    process.exit(1);
+  }
+}
+
+start();

package/src/middleware/admin.js

@@ -0,0 +1,23 @@
+const fp = require('fastify-plugin');
+
+async function adminPlugin(fastify, options) {
+  fastify.decorate('requireAdmin', async function(request, reply) {
+    // 1. 先调用 authenticate 确保已登录
+    await fastify.authenticate(request, reply);
+    if (reply.sent) return;
+    
+    // 2. 检查管理员角色
+    if (request.user.role !== 'admin') {
+      return reply.code(403).send({
+        ok: false,
+        error: 'forbidden',
+        detail: '需要管理员权限'
+      });
+    }
+  });
+}
+
+module.exports = fp(adminPlugin, {
+  name: 'admin-plugin',
+  dependencies: ['auth-plugin']
+});

package/src/middleware/auth.js

@@ -0,0 +1,96 @@
+const fp = require('fastify-plugin');
+const db = require('../database');
+
+// 内存 Session 存储（简单实现，生产可换 Redis）
+const sessions = new Map();
+
+// 创建 Session
+function createSession(userId) {
+  const { generateSessionId } = require('../utils/crypto');
+  const sessionId = generateSessionId();
+  sessions.set(sessionId, { userId, createdAt: Date.now() });
+  return sessionId;
+}
+
+// 销毁 Session
+function destroySession(sessionId) {
+  sessions.delete(sessionId);
+}
+
+// 认证中间件装饰器 —— 注册为 Fastify 的 decorate + preHandler
+// 用法：在路由中通过 { preHandler: [fastify.authenticate] } 使用
+async function authPlugin(fastify, options) {
+  // 将 sessions 暴露出去供路由使用
+  fastify.decorate('sessions', sessions);
+  fastify.decorate('createSession', createSession);
+  fastify.decorate('destroySession', destroySession);
+
+  // 认证装饰器
+  fastify.decorate('authenticate', async function(request, reply) {
+    // 1. 先尝试 Cookie Session
+    const sessionId = request.cookies?.session_id;
+    if (sessionId && sessions.has(sessionId)) {
+      const session = sessions.get(sessionId);
+      const user = db.prepare('SELECT id, username, name, role, status FROM users WHERE id = ?').get(session.userId);
+      if (!user || user.status === 'disabled') {
+        return reply.code(401).send({
+          ok: false,
+          error: 'account_disabled',
+          detail: '账号已被禁用'
+        });
+      }
+      request.user = user;
+      return;
+    }
+
+    // 2. 再尝试 Bearer Token（PAT）
+    const authHeader = request.headers.authorization;
+    if (authHeader?.startsWith('Bearer ')) {
+      const token = authHeader.slice(7);
+      const pat = db.prepare('SELECT user_id FROM personal_access_tokens WHERE token = ?').get(token);
+      if (pat) {
+        const user = db.prepare('SELECT id, username, name, role, status FROM users WHERE id = ?').get(pat.user_id);
+        if (!user || user.status === 'disabled') {
+          return reply.code(401).send({
+            ok: false,
+            error: 'account_disabled',
+            detail: '账号已被禁用'
+          });
+        }
+        // 更新 last_used_at
+        db.prepare('UPDATE personal_access_tokens SET last_used_at = CURRENT_TIMESTAMP WHERE token = ?').run(token);
+        request.user = user;
+        return;
+      }
+    }
+
+    // 3. 未认证
+    reply.code(401).send({ detail: 'Authentication required' });
+  });
+
+  // 可选认证（不强制，有则解析）
+  fastify.decorate('optionalAuth', async function(request, reply) {
+    try {
+      // 复用 authenticate 逻辑，但不抛错
+      const sessionId = request.cookies?.session_id;
+      if (sessionId && sessions.has(sessionId)) {
+        const session = sessions.get(sessionId);
+        const user = db.prepare('SELECT id, username, name, role, status FROM users WHERE id = ?').get(session.userId);
+        if (user && user.status !== 'disabled') { request.user = user; return; }
+      }
+      const authHeader = request.headers.authorization;
+      if (authHeader?.startsWith('Bearer ')) {
+        const token = authHeader.slice(7);
+        const pat = db.prepare('SELECT user_id FROM personal_access_tokens WHERE token = ?').get(token);
+        if (pat) {
+          const user = db.prepare('SELECT id, username, name, role, status FROM users WHERE id = ?').get(pat.user_id);
+          if (user && user.status !== 'disabled') { request.user = user; return; }
+        }
+      }
+    } catch (e) { /* ignore */ }
+  });
+}
+
+module.exports = fp(authPlugin, {
+  name: 'auth-plugin'
+});

package/src/middleware/error.js

@@ -0,0 +1,23 @@
+// Fastify 错误处理插件
+async function errorHandler(fastify, options) {
+  fastify.setErrorHandler(function (error, request, reply) {
+    const statusCode = error.statusCode || 500;
+    
+    // 记录错误日志
+    if (statusCode >= 500) {
+      request.log.error(error);
+    } else {
+      request.log.warn(error.message);
+    }
+
+    reply.code(statusCode).send({
+      detail: error.message || 'Internal Server Error',
+      ...(process.env.NODE_ENV === 'development' ? { stack: error.stack } : {})
+    });
+  });
+
+  // 注意: 404 处理统一在 index.js 中的 setNotFoundHandler 设置
+  // 包含 API 路由返回 JSON 404 和页面路由返回对应 HTML 的逻辑
+}
+
+module.exports = errorHandler;

package/src/models/skill.js

@@ -0,0 +1,57 @@
+const db = require('../database');
+
+const SkillModel = {
+  // 根据 ID 查询 Skill（附带 owner 信息）
+  findById(id) {
+    return db.prepare(`
+      SELECT s.*, u.username as owner_username, u.name as owner_name
+      FROM skills s
+      LEFT JOIN users u ON s.owner_id = u.id
+      WHERE s.id = ?
+    `).get(id);
+  },
+
+  // 搜索/列出 Skills（支持关键词搜索 name 或 description）
+  search(query) {
+    if (query) {
+      const pattern = `%${query}%`;
+      return db.prepare(`
+        SELECT s.*, u.username as owner_username, u.name as owner_name
+        FROM skills s
+        LEFT JOIN users u ON s.owner_id = u.id
+        WHERE s.name LIKE ? OR s.description LIKE ?
+        ORDER BY s.updated_at DESC
+      `).all(pattern, pattern);
+    }
+    return db.prepare(`
+      SELECT s.*, u.username as owner_username, u.name as owner_name
+      FROM skills s
+      LEFT JOIN users u ON s.owner_id = u.id
+      ORDER BY s.updated_at DESC
+    `).all();
+  },
+
+  // 创建新 Skill
+  create(id, name, description, ownerId) {
+    db.prepare(`
+      INSERT INTO skills (id, name, description, owner_id)
+      VALUES (?, ?, ?, ?)
+    `).run(id, name, description || '', ownerId);
+    return this.findById(id);
+  },
+
+  // 更新 latest_version 和 updated_at
+  updateLatestVersion(id, version) {
+    db.prepare(`
+      UPDATE skills SET latest_version = ?, updated_at = CURRENT_TIMESTAMP WHERE id = ?
+    `).run(version, id);
+  },
+
+  // 检查 Skill 是否存在
+  exists(id) {
+    const row = db.prepare('SELECT 1 FROM skills WHERE id = ?').get(id);
+    return !!row;
+  }
+};
+
+module.exports = SkillModel;