skill-base 2.0.16 → 2.0.18

package/src/index.js

@@ -13,13 +13,36 @@ const fastify = require('fastify')({
   bodyLimit: 100 * 1024 * 1024
 });
 const CappyMascot = require('./cappy');
+const appLanguage = CappyMascot.detectSystemLanguage();
+
+function pickMessage(message) {
+  if (typeof message === 'string') return message;
+  if (!message || typeof message !== 'object') return '';
+  return message[appLanguage] || message.en || message.zh || '';
+}
+
+function infoLog(message, ...args) {
+  console.log(pickMessage(message), ...args);
+}
+
+function debugLog(message, ...args) {
+  if (!isDebug) return;
+  console.log(`DEBUG: ${pickMessage(message)}`, ...args);
+}
+
+function errorLog(message, ...args) {
+  console.error(pickMessage(message), ...args);
+}
 
 if (isDebug) {
-  console.log('DEBUG: Debug mode is enabled.');
-  console.log('DEBUG: PORT:', process.env.PORT);
-  console.log('DEBUG: HOST:', process.env.HOST);
-  console.log('DEBUG: APP_BASE_PATH:', process.env.APP_BASE_PATH);
-  console.log('DEBUG: CACHE_MAX_MB:', process.env.CACHE_MAX_MB);
+  debugLog({
+    zh: '调试模式已启用。',
+    en: 'Debug mode is enabled.'
+  });
+  debugLog({ zh: '端口:', en: 'PORT:' }, process.env.PORT);
+  debugLog({ zh: '主机:', en: 'HOST:' }, process.env.HOST);
+  debugLog({ zh: '应用基础路径:', en: 'APP_BASE_PATH:' }, process.env.APP_BASE_PATH);
+  debugLog({ zh: '缓存上限（MB）:', en: 'CACHE_MAX_MB:' }, process.env.CACHE_MAX_MB);
 }
 
 // 1. Normalize deploy prefix (APP_BASE_PATH)
@@ -47,18 +70,21 @@ function renderSpaHtml() {
 // Main bootstrap
 async function start() {
   try {
-    if (isDebug) console.log('DEBUG: Registering core plugins...');
+    debugLog({
+      zh: '正在注册核心插件...',
+      en: 'Registering core plugins...'
+    });
     // 1. Plugins
     // @fastify/cors — CORS
     await fastify.register(require('@fastify/cors'), {
       origin: true,
       credentials: true
     });
-    if (isDebug) console.log('DEBUG: Registered @fastify/cors');
+    debugLog({ zh: '已注册 @fastify/cors', en: 'Registered @fastify/cors' });
 
     // @fastify/cookie
     await fastify.register(require('@fastify/cookie'));
-    if (isDebug) console.log('DEBUG: Registered @fastify/cookie');
+    debugLog({ zh: '已注册 @fastify/cookie', en: 'Registered @fastify/cookie' });
 
     // @fastify/multipart — uploads
     await fastify.register(require('@fastify/multipart'), {
@@ -66,7 +92,7 @@ async function start() {
         fileSize: 100 * 1024 * 1024  // 100MB
       }
     });
-    if (isDebug) console.log('DEBUG: Registered @fastify/multipart');
+    debugLog({ zh: '已注册 @fastify/multipart', en: 'Registered @fastify/multipart' });
 
     // Before static: with index:false, directory + trailing slash can 403 in send and skip notFoundHandler
     fastify.route({
@@ -88,21 +114,33 @@ async function start() {
       wildcard: true,
       index: false
     });
-    if (isDebug) console.log('DEBUG: Registered @fastify/static at', STATIC_ROOT);
+    debugLog(
+      { zh: '已注册 @fastify/static，目录为', en: 'Registered @fastify/static at' },
+      STATIC_ROOT
+    );
 
     // 2. Custom middleware
-    if (isDebug) console.log('DEBUG: Registering custom middlewares...');
+    debugLog({
+      zh: '正在注册自定义中间件...',
+      en: 'Registering custom middlewares...'
+    });
     // Errors
     await fastify.register(require('./middleware/error'));
     // Auth (authenticate, createSession, …)
     await fastify.register(require('./middleware/auth'));
     // Admin (requireAdmin)
     await fastify.register(require('./middleware/admin'));
-    if (isDebug) console.log('DEBUG: Custom middlewares registered.');
+    debugLog({
+      zh: '自定义中间件已注册。',
+      en: 'Custom middlewares registered.'
+    });
 
     // 3. API routes
     const API_PREFIX = (APP_BASE_PATH + 'api/v1').replace(/\/+/g, '/');
-    if (isDebug) console.log('DEBUG: Registering API routes with prefix:', API_PREFIX);
+    debugLog(
+      { zh: '正在注册 API 路由，前缀为:', en: 'Registering API routes with prefix:' },
+      API_PREFIX
+    );
 
     // Health
     fastify.get(`${API_PREFIX}/health`, async () => {
@@ -123,7 +161,7 @@ async function start() {
     await fastify.register(require('./routes/publish'), { prefix: `${API_PREFIX}/skills` });
     await fastify.register(require('./routes/collaborators'), { prefix: `${API_PREFIX}/skills` });
     await fastify.register(require('./routes/users'), { prefix: `${API_PREFIX}/users` });
-    if (isDebug) console.log('DEBUG: API routes registered.');
+    debugLog({ zh: 'API 路由已注册。', en: 'API routes registered.' });
 
     // 4. SPA fallback for non-API routes
     fastify.setNotFoundHandler(async (request, reply) => {
@@ -158,9 +196,9 @@ async function start() {
     let cappy = null;
 
     if (enableCappy) {
-      if (isDebug) console.log('DEBUG: CappyMascot is enabled.');
+      debugLog({ zh: 'CappyMascot 已启用。', en: 'CappyMascot is enabled.' });
       // Cappy (decorate before listen)
-      cappy = new CappyMascot(PORT, APP_BASE_PATH);
+      cappy = new CappyMascot(PORT, APP_BASE_PATH, appLanguage);
       fastify.decorate('cappy', cappy);
 
       // Drive Cappy from onResponse; no route changes
@@ -171,29 +209,44 @@ async function start() {
           const url = request.url.split('?')[0];
 
           if (method === 'POST' && url === `${API_PREFIX}/users`) {
-            cappy.action('New user added. Another worker on the roster; the system stays steady.');
+            cappy.action({
+              zh: '新用户已添加。又多一个人干活，系统依旧稳定。',
+              en: 'New user added. Another worker on the roster; the system stays steady.'
+            });
           } else if (method === 'POST' && url === `${API_PREFIX}/skills/publish`) {
-            cappy.action('New skill or version published. Hope the code stays simple.');
+            cappy.action({
+              zh: '新的 Skill 或版本已发布。希望代码继续保持简单。',
+              en: 'New skill or version published. Hope the code stays simple.'
+            });
           } else if (method === 'GET' && url.match(new RegExp(`^${API_PREFIX}/skills/[^/]+/versions/[^/]+/download/?$`))) {
-            cappy.action('Someone downloaded a skill. Code is moving—Cappy approves.');
+            cappy.action({
+              zh: '有人下载了一个 Skill。代码开始流动了，Cappy 认可。',
+              en: 'Someone downloaded a skill. Code is moving—Cappy approves.'
+            });
           }
         }
         done();
       });
     } else {
-      if (isDebug) console.log('DEBUG: CappyMascot is disabled.');
+      debugLog({ zh: 'CappyMascot 已禁用。', en: 'CappyMascot is disabled.' });
       fastify.decorate('cappy', { action: () => {} });
     }
 
     await fastify.listen({ port: PORT, host: HOST });
-    console.log(`\n📦 Skill Base Engine Initialized at http://${HOST === '0.0.0.0' ? 'localhost' : HOST}:${PORT}${APP_BASE_PATH}\n`);
+    infoLog({
+      zh: `\n📦 Skill Base 引擎已启动： http://${HOST === '0.0.0.0' ? 'localhost' : HOST}:${PORT}${APP_BASE_PATH}\n`,
+      en: `\n📦 Skill Base Engine Initialized at http://${HOST === '0.0.0.0' ? 'localhost' : HOST}:${PORT}${APP_BASE_PATH}\n`
+    });
     
     if (enableCappy && cappy) {
       // Start Cappy loop
       cappy.start();
     }
   } catch (err) {
-    console.error(err);
+    errorLog(
+      { zh: 'Skill Base 启动失败。', en: 'Skill Base failed to start.' },
+      err
+    );
     process.exit(1);
   }
 }

package/src/middleware/admin.js

@@ -2,16 +2,16 @@ const fp = require('fastify-plugin');
 
 async function adminPlugin(fastify, options) {
   fastify.decorate('requireAdmin', async function(request, reply) {
-    // 1. 先调用 authenticate 确保已登录
+    // 1. First call authenticate to ensure logged in
     await fastify.authenticate(request, reply);
     if (reply.sent) return;
     
-    // 2. 检查管理员角色
+    // 2. Check admin role
     if (request.user.role !== 'admin') {
       return reply.code(403).send({
         ok: false,
         error: 'forbidden',
-        detail: '需要管理员权限'
+        detail: 'Admin permission required'
       });
     }
   });

package/src/middleware/auth.js

@@ -2,12 +2,12 @@ const fp = require('fastify-plugin');
 const db = require('../database');
 const { generateSessionId } = require('../utils/crypto');
 
-// Session 存储模式：'memory' | 'sqlite'，通过环境变量配置
+// Session storage mode: 'memory' | 'sqlite', configured via environment variable
 const SESSION_STORE = process.env.SESSION_STORE || 'memory';
-// Session 过期时间（默认 7 天）
+// Session expiration time (default 7 days)
 const SESSION_EXPIRES_DAYS = parseInt(process.env.SESSION_EXPIRES_DAYS || '7', 10);
 
-// ============ 内存存储实现 ============
+// ============ Memory storage implementation ============
 const memorySessions = new Map();
 
 const memoryStore = {
@@ -20,7 +20,7 @@ const memoryStore = {
   get(sessionId) {
     const session = memorySessions.get(sessionId);
     if (!session) return null;
-    // 检查过期
+    // Check expiration
     if (Date.now() > session.expiresAt) {
       memorySessions.delete(sessionId);
       return null;
@@ -30,7 +30,7 @@ const memoryStore = {
   destroy(sessionId) {
     memorySessions.delete(sessionId);
   },
-  // 清理过期 Session
+  // Clean up expired sessions
   cleanup() {
     const now = Date.now();
     for (const [id, session] of memorySessions) {
@@ -41,7 +41,7 @@ const memoryStore = {
   }
 };
 
-// ============ SQLite 存储实现 ============
+// ============ SQLite storage implementation ============
 const sqliteStore = {
   create(userId) {
     const sessionId = generateSessionId();
@@ -62,32 +62,32 @@ const sqliteStore = {
   destroy(sessionId) {
     db.prepare('DELETE FROM sessions WHERE session_id = ?').run(sessionId);
   },
-  // 清理过期 Session
+  // Clean up expired sessions
   cleanup() {
     db.prepare("DELETE FROM sessions WHERE expires_at <= datetime('now')").run();
   }
 };
 
-// 根据配置选择存储实现
+// Select storage implementation based on configuration
 const sessionStore = SESSION_STORE === 'sqlite' ? sqliteStore : memoryStore;
 
-// 启动时清理一次过期 Session
+// Clean up expired sessions on startup
 sessionStore.cleanup();
 
-// 定期清理过期 Session（每小时）
+// Periodically clean up expired sessions (every hour)
 setInterval(() => sessionStore.cleanup(), 60 * 60 * 1000);
 
-// 认证中间件装饰器 —— 注册为 Fastify 的 decorate + preHandler
-// 用法：在路由中通过 { preHandler: [fastify.authenticate] } 使用
+// Authentication middleware decorator - registered as Fastify's decorate + preHandler
+// Usage: use via { preHandler: [fastify.authenticate] } in routes
 async function authPlugin(fastify, options) {
-  // 将 sessionStore 暴露出去供路由使用
+  // Expose sessionStore for routes to use
   fastify.decorate('sessionStore', sessionStore);
   fastify.decorate('createSession', (userId) => sessionStore.create(userId));
   fastify.decorate('destroySession', (sessionId) => sessionStore.destroy(sessionId));
 
-  // 认证装饰器
+  // Authentication decorator
   fastify.decorate('authenticate', async function(request, reply) {
-    // 1. 先尝试 Cookie Session
+    // 1. Try Cookie Session first
     const sessionId = request.cookies?.session_id;
     if (sessionId) {
       const session = sessionStore.get(sessionId);
@@ -97,7 +97,7 @@ async function authPlugin(fastify, options) {
           return reply.code(401).send({
             ok: false,
             error: 'account_disabled',
-            detail: '账号已被禁用'
+            detail: 'Account has been disabled'
           });
         }
         request.user = user;
@@ -105,7 +105,7 @@ async function authPlugin(fastify, options) {
       }
     }
 
-    // 2. 再尝试 Bearer Token（PAT）
+    // 2. Then try Bearer Token (PAT)
     const authHeader = request.headers.authorization;
     if (authHeader?.startsWith('Bearer ')) {
       const token = authHeader.slice(7);
@@ -116,24 +116,24 @@ async function authPlugin(fastify, options) {
           return reply.code(401).send({
             ok: false,
             error: 'account_disabled',
-            detail: '账号已被禁用'
+            detail: 'Account has been disabled'
           });
         }
-        // 更新 last_used_at
+        // Update last_used_at
         db.prepare('UPDATE personal_access_tokens SET last_used_at = CURRENT_TIMESTAMP WHERE token = ?').run(token);
         request.user = user;
         return;
       }
     }
 
-    // 3. 未认证
+    // 3. Not authenticated
     reply.code(401).send({ detail: 'Authentication required' });
   });
 
-  // 可选认证（不强制，有则解析）
+  // Optional authentication (not enforced, parse if present)
   fastify.decorate('optionalAuth', async function(request, reply) {
     try {
-      // 复用 authenticate 逻辑，但不抛错
+      // Reuse authenticate logic but don't throw error
       const sessionId = request.cookies?.session_id;
       if (sessionId) {
         const session = sessionStore.get(sessionId);

package/src/middleware/error.js

@@ -1,9 +1,9 @@
-// Fastify 错误处理插件
+// Fastify error handler plugin
 async function errorHandler(fastify, options) {
   fastify.setErrorHandler(function (error, request, reply) {
     const statusCode = error.statusCode || 500;
     
-    // 记录错误日志
+    // Log error
     if (statusCode >= 500) {
       request.log.error(error);
     } else {
@@ -16,8 +16,8 @@ async function errorHandler(fastify, options) {
     });
   });
 
-  // 注意: 404 处理统一在 index.js 中的 setNotFoundHandler 设置
-  // 包含 API 路由返回 JSON 404 和页面路由返回对应 HTML 的逻辑
+  // Note: 404 handling is unified in setNotFoundHandler in index.js
+  // Includes logic for returning JSON 404 for API routes and corresponding HTML for page routes
 }
 
 module.exports = errorHandler;

package/src/models/skill.js

@@ -11,7 +11,7 @@ function queryById(id) {
 }
 
 const SkillModel = {
-  // 根据 ID 查询 Skill（附带 owner 信息）
+  // Find Skill by ID (includes owner info)
   findById(id) {
     return modelCache.remember(
       modelCache.keys.skill(id),
@@ -20,7 +20,7 @@ const SkillModel = {
     );
   },
 
-  // 搜索/列出 Skills（支持关键词搜索 name 或 description）
+  // Search/List Skills (supports keyword search on name or description)
   search(query) {
     const normalizedQuery = query ? String(query) : '';
     return modelCache.remember(
@@ -48,7 +48,7 @@ const SkillModel = {
     );
   },
 
-  // 创建新 Skill
+  // Create new Skill
   create(id, name, description, ownerId) {
     db.prepare(`
       INSERT INTO skills (id, name, description, owner_id)
@@ -58,7 +58,7 @@ const SkillModel = {
     return queryById(id);
   },
 
-  // 更新 Skill
+  // Update Skill
   update(id, name, description) {
     const fields = [];
     const values = [];
@@ -83,7 +83,7 @@ const SkillModel = {
     return queryById(id);
   },
 
-  // 更新 latest_version 和 updated_at
+  // Update latest_version and updated_at
   updateLatestVersion(id, version) {
     db.prepare(`
       UPDATE skills SET latest_version = ?, updated_at = CURRENT_TIMESTAMP WHERE id = ?
@@ -91,7 +91,7 @@ const SkillModel = {
     modelCache.invalidateSkill(id);
   },
 
-  // 检查 Skill 是否存在
+  // Check if Skill exists
   exists(id) {
     return modelCache.remember(
       modelCache.keys.skillExists(id),

package/src/models/user.js

@@ -6,7 +6,7 @@ function queryById(id) {
 }
 
 const UserModel = {
-  // 根据 ID 查询用户
+  // Find user by ID
   findById(id) {
     return modelCache.remember(
       modelCache.keys.userBasic(id),
@@ -15,19 +15,19 @@ const UserModel = {
     );
   },
 
-  // 根据用户名查询（含 password_hash，用于登录验证）
+  // Find user by username (includes password_hash for login verification)
   findByUsername(username) {
     return db.prepare('SELECT * FROM users WHERE username = ?').get(username);
   },
 
-  // 创建用户
+  // Create user
   create(username, passwordHash, role = 'developer') {
     const result = db.prepare('INSERT INTO users (username, password_hash, role) VALUES (?, ?, ?)').run(username, passwordHash, role);
     modelCache.invalidateUser(result.lastInsertRowid);
     return queryById(result.lastInsertRowid);
   },
 
-  // 列出用户（支持分页和搜索）
+  // List users (supports pagination and search)
   list({ q, status, page = 1, limit = 20 } = {}) {
     let sql = 'SELECT id, username, name, role, status, created_at, updated_at FROM users WHERE 1=1';
     let countSql = 'SELECT COUNT(*) as total FROM users WHERE 1=1';
@@ -56,7 +56,7 @@ const UserModel = {
     return { users, total, page, limit };
   },
 
-  // 更新用户名
+  // Update username
   updateUsername(id, username) {
     const result = db.prepare(
       "UPDATE users SET username = ?, updated_at = datetime('now') WHERE id = ?"
@@ -67,7 +67,7 @@ const UserModel = {
     return result.changes > 0;
   },
 
-  // 更新密码
+  // Update password
   updatePassword(id, passwordHash) {
     const result = db.prepare(
       "UPDATE users SET password_hash = ?, updated_at = datetime('now') WHERE id = ?"
@@ -78,7 +78,7 @@ const UserModel = {
     return result.changes > 0;
   },
 
-  // 更新用户（管理员用）
+  // Update user (for admin use)
   update(id, fields) {
     const allowed = ['role', 'status', 'username', 'name'];
     const sets = [];
@@ -103,7 +103,7 @@ const UserModel = {
     return result.changes > 0;
   },
 
-  // 重置密码（管理员用）
+  // Reset password (for admin use)
   resetPassword(id, passwordHash) {
     const result = db.prepare(
       "UPDATE users SET password_hash = ?, updated_at = datetime('now') WHERE id = ?"
@@ -114,7 +114,7 @@ const UserModel = {
     return result.changes > 0;
   },
 
-  // 查询用户详情（含创建者信息）
+  // Find user details (includes creator info)
   findByIdWithCreator(id) {
     return db.prepare(`
       SELECT u.id, u.username, u.name, u.role, u.status, u.created_at, u.updated_at,
@@ -125,7 +125,7 @@ const UserModel = {
     `).get(id);
   },
 
-  // 更新用户名和姓名
+  // Update username and name
   updateProfile(id, { username, name }) {
     const sets = [];
     const params = [];

package/src/models/version.js

@@ -2,7 +2,7 @@ const db = require('../database');
 const modelCache = require('../utils/model-cache');
 
 const VersionModel = {
-  // 创建新版本
+  // Create new version
   create(skillId, version, changelog, zipPath, uploaderId, description) {
     const result = db.prepare(`
       INSERT INTO skill_versions (skill_id, version, changelog, zip_path, uploader_id, description)
@@ -12,7 +12,7 @@ const VersionModel = {
     return this.findById(result.lastInsertRowid);
   },
 
-  // 根据 ID 查询版本
+  // Find version by ID
   findById(id) {
     return db.prepare(`
       SELECT sv.*, u.username as uploader_username, u.name as uploader_name
@@ -22,7 +22,7 @@ const VersionModel = {
     `).get(id);
   },
 
-  // 根据 skill_id 和 version 查询
+  // Find by skill_id and version
   findByVersion(skillId, version) {
     return modelCache.remember(
       modelCache.keys.skillVersion(skillId, version),
@@ -36,7 +36,7 @@ const VersionModel = {
     );
   },
 
-  // 列出某 Skill 的所有版本（按创建时间倒序）
+  // List all versions of a Skill (sorted by created_at descending)
   listBySkillId(skillId) {
     return modelCache.remember(
       modelCache.keys.skillVersions(skillId),
@@ -51,7 +51,7 @@ const VersionModel = {
     );
   },
 
-  // 获取某 Skill 的最新版本
+  // Get the latest version of a Skill
   getLatest(skillId) {
     return modelCache.remember(
       modelCache.keys.skillLatest(skillId),
@@ -67,7 +67,7 @@ const VersionModel = {
     );
   },
 
-  // 更新版本描述和更新日志
+  // Update version description and changelog
   update(id, description, changelog) {
     const existing = this.findById(id);
     db.prepare(`