npm - topbit - Versions diffs - 1.0.0 → 3.0.0 - Mend

topbit 1.0.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (89) hide show

package/LICENSE +128 -0
package/README.cn.md +1519 -0
package/README.md +1483 -0
package/bin/app.js +17 -0
package/bin/loadinfo.sh +18 -0
package/bin/new-ctl.js +234 -0
package/bin/newapp.js +22 -0
package/demo/allow.js +98 -0
package/demo/cert/localhost-cert.pem +19 -0
package/demo/cert/localhost-privkey.pem +28 -0
package/demo/controller/api.js +15 -0
package/demo/extends.js +5 -0
package/demo/group-api.js +161 -0
package/demo/group-api2.js +109 -0
package/demo/http2.js +34 -0
package/demo/http2_proxy_backend.js +45 -0
package/demo/http2proxy.js +48 -0
package/demo/http_proxy_backend.js +44 -0
package/demo/httpproxy.js +47 -0
package/demo/loader.js +27 -0
package/demo/log.js +118 -0
package/demo/memlimit.js +31 -0
package/demo/min.js +7 -0
package/demo/serv.js +15 -0
package/images/middleware.jpg +0 -0
package/images/topbit-middleware.png +0 -0
package/images/topbit.png +0 -0
package/package.json +42 -11
package/src/_loadExtends.js +21 -0
package/src/bodyparser.js +420 -0
package/src/connfilter.js +125 -0
package/src/context1.js +166 -0
package/src/context2.js +182 -0
package/src/ctxpool.js +39 -0
package/src/ext.js +318 -0
package/src/extends/Http2Pool.js +365 -0
package/src/extends/__randstring.js +24 -0
package/src/extends/cookie.js +44 -0
package/src/extends/cors.js +334 -0
package/src/extends/errorlog.js +252 -0
package/src/extends/http2limit.js +126 -0
package/src/extends/http2proxy.js +691 -0
package/src/extends/jwt.js +217 -0
package/src/extends/mixlogger.js +63 -0
package/src/extends/paramcheck.js +266 -0
package/src/extends/proxy.js +662 -0
package/src/extends/realip.js +34 -0
package/src/extends/referer.js +68 -0
package/src/extends/resource.js +398 -0
package/src/extends/session.js +174 -0
package/src/extends/setfinal.js +50 -0
package/src/extends/sni.js +48 -0
package/src/extends/sse.js +293 -0
package/src/extends/timing.js +111 -0
package/src/extends/tofile.js +123 -0
package/src/fastParseUrl.js +426 -0
package/src/headerLimit.js +18 -0
package/src/http1.js +336 -0
package/src/http2.js +337 -0
package/src/httpc.js +251 -0
package/src/lib/npargv.js +354 -0
package/src/lib/zipdata.js +45 -0
package/src/loader/loader.js +999 -0
package/src/logger.js +32 -0
package/src/loggermsg.js +349 -0
package/src/makeId.js +200 -0
package/src/midcore.js +213 -0
package/src/middleware1.js +103 -0
package/src/middleware2.js +116 -0
package/src/monitor.js +380 -0
package/src/movefile.js +30 -0
package/src/optionsCheck.js +54 -0
package/src/randstring.js +23 -0
package/src/router.js +682 -0
package/src/sendmsg.js +27 -0
package/src/strong.js +72 -0
package/src/token/token.js +461 -0
package/src/topbit.js +1293 -0
package/src/versionCheck.js +31 -0
package/test/test-bigctx.js +29 -0
package/test/test-daemon-args.js +7 -0
package/test/test-ext.js +81 -0
package/test/test-find.js +69 -0
package/test/test-route-sort.js +71 -0
package/test/test-route.js +49 -0
package/test/test-route2.js +51 -0
package/test/test-run-args.js +7 -0
package/test/test-url.js +52 -0
package/main.js +0 -0

package/src/http1.js ADDED Viewed

@@ -0,0 +1,336 @@
+'use strict';
+const http = require('node:http');
+const https = require('node:https');
+const fs = require('node:fs');
+const process = require('node:process');
+const logger = require('./logger.js');
+const {fpurl} = require('./fastParseUrl.js');
+const Context = require('./context1.js');
+const ctxpool = require('./ctxpool.js');
+const checkHeaderLimit = require('./headerLimit.js');
+const sendmsg = require('./sendmsg.js');
+/**
+ * http1会对消息头进行限制，解析时会检测最大限制。
+ */
+class Http1 {
+  constructor(options = {}) {
+    this.config = options.config;
+    this.router = options.router;
+    this.midware = options.midware;
+    this.events = options.events;
+    this.service = options.service;
+    this.isWorker = options.isWorker;
+    this.logger = logger;
+    ctxpool.max = this.config.maxpool;
+    this.ctxpool = ctxpool;
+    this.Context = Context;
+    this.fpurl = fpurl;
+    this.host = '';
+  }
+  requestError(err, handle, headers) {
+    this.config.errorHandle(err, '--ERR-REQUEST--');
+    if (!handle.destroyed) {
+      handle.destroy();
+    }
+  }
+  /**
+   * request事件的回调函数。
+   * @param {req} http.IncomingMessage
+   * @param {res} http.ServerResponse
+   */
+  onRequest() {
+    let self = this;
+    let protocol = self.config.https ? 'https' : 'http';
+    let callback = (req, res) => {
+      req.on('error', (err) => {
+        self.requestError(err, req, req.headers);
+      });
+      res.on('error', (err) => {
+        self.requestError(err, res, req.headers);
+      });
+      let remote_ip = req.socket.remoteAddress || '';
+      if (req.url.length > self.config.maxUrlLength) {
+        req.url = req.url.substring(0, self.config.maxUrlLength);
+      }
+      if (self.config.globalLog) {
+        let real_ip = '-';
+        //req.headers是getter属性，首次获取会进行消息头解析。再次获取会直接从已存储的变量返回。
+        let reqHeaders = req.headers;
+        if (self.config.realIP) {
+          real_ip = reqHeaders['x-real-ip'] || reqHeaders['x-forwarded-for'] || '-'
+        }
+        res.on('finish', () => {
+          if (!req || !res || res.destroyed) {
+            return;
+          }
+          checkHeaderLimit(reqHeaders, 'host', 300);
+          checkHeaderLimit(reqHeaders, 'user-agent', 111);
+          self.logger({
+            method: req.method,
+            status: res.statusCode,
+            ip: remote_ip,
+            link: `${protocol}://${reqHeaders.host || self.host}${req.url}`,
+            agent: reqHeaders['user-agent'] || '-',
+            real_ip: real_ip
+          });
+        });
+      }
+      let urlobj = fpurl(req.url, self.config.autoDecodeQuery,
+                        self.config.fastParseQuery,
+                        self.config.maxQuery);
+      let rt = self.router.findRealPath(urlobj.path, req.method);
+      if (rt === null) {
+        res.statusCode = 404;
+        res.end(self.config.notFound, () => {
+          !req.destroyed && req.destroy();
+        });
+        return ;
+      }
+      let ctx = ctxpool.getctx () || new Context();
+      ctx.bodyLength = 0;
+      ctx.maxBody = self.config.maxBody;
+      ctx.service = self.service;
+      ctx.method = req.method;
+      ctx.headers = req.headers;
+      ctx.host = ctx.headers.host || self.host;
+      ctx.protocol = protocol;
+      ctx.ip = remote_ip;
+      ctx.port = req.socket.remotePort;
+      ctx.req = req;
+      ctx.res = res;
+      ctx.path = urlobj.path;
+      ctx.query = urlobj.query;
+      ctx.routepath = rt.key;
+      ctx.requestCall = rt.reqcall.reqCall;
+      ctx.name = rt.reqcall.name;
+      ctx.group = rt.reqcall.group;
+      ctx.param = rt.args;
+      rt = null;
+      return self.midware.run(ctx).finally(()=>{
+        ctxpool.free(ctx);
+        ctx = null;
+      });
+    };
+    return callback;
+  }
+  mid() {
+    let self = this;
+    let noBodyMethods = Object.create(null);
+    ['GET','OPTIONS','HEAD','TRACE'].forEach(a => {
+      noBodyMethods[a] = true;
+    });
+    return async (ctx, next) => {
+      let resolved = false;
+      let bodylength = 0;
+      let bodyBuffer;
+      await new Promise((rv, rj) => {
+        //客户端和服务端解析不会允许非法method
+        if ( noBodyMethods[ctx.method] ) {
+          //实际上这个回调函数不会执行，因为会立即触发end事件，此处可以保证非法的请求也可以提交数据。
+          ctx.req.on('data', data => {
+            ctx.res.statusCode = 400;
+            ctx.res.end(self.config.badRequest);
+            ctx.req.destroy();
+          });
+        } else {
+          let bigBodyEnd = false;
+          bodyBuffer = [];
+          ctx.req.on('data', data => {
+            bodylength += data.length;
+            if (bodylength > ctx.maxBody) {
+              if (bigBodyEnd) return;
+              bigBodyEnd = true;
+              bodyBuffer = null;
+              ctx.res.statusCode = 413;
+              ctx.res.end('', () => {
+                ctx.req.destroy();
+              });
+              return ;
+            }
+            bodyBuffer.push(data);
+          });
+        }
+        //若请求体太大，此时会进行destroy处理，触发close事件，但不会触发end。
+        //通过记录resolved状态避免重复调用rv。
+        ctx.req.on('close', () => {
+          (!resolved) && rv();
+        });
+        ctx.req.on('end',() => {
+          resolved = true;
+          rv();
+        });
+      });
+      if (!ctx.res.writable || ctx.res.writableEnded) {
+        return;
+      }
+      if (bodyBuffer && bodyBuffer.length > 0) {
+        ctx.bodyLength = bodylength;
+        ctx.rawBody = Buffer.concat(bodyBuffer, bodylength);
+        bodyBuffer = null;
+      }
+      await next(ctx);
+    };
+  }
+  /**
+   * 运行HTTP/1.1服务
+   * @param {number} port 端口号
+   * @param {string} host IP地址，可以是IPv4或IPv6
+   * 0.0.0.0 对应使用IPv6则是::
+  */
+  run(port, host) {
+    let self = this;
+    let serv = null;
+    if (this.config.https) {
+      try {
+        if (this.config.key && this.config.cert) {
+          this.config.server.key  = fs.readFileSync(this.config.key);
+          this.config.server.cert = fs.readFileSync(this.config.cert);
+        }
+        serv = https.createServer(this.config.server, this.onRequest());
+        serv.on('tlsClientError', (err, tls) => {
+          self.config.errorHandle(err, '--ERR-TLS-CLIENT--');
+          if (!tls.destroyed) {
+            tls.destroy();
+          }
+        });
+        serv.on('secureConnection', (sock) => {
+          sock.on('error', err => {
+            self.config.errorHandle(err, '--ERR-CONNECTION--');
+          });
+        });
+      } catch (err) {
+        !this.isWorker && console.error(err);
+        sendmsg('_server-error', err.message, {autoExit: true, exitCode: 1});
+      }
+    } else {
+      serv = http.createServer(self.config.server, this.onRequest());
+    }
+    serv.on('clientError', (err, sock) => {
+      if (sock.destroyed) return;
+      self.config.errorHandle(err, '--ERR-CLIENT--');
+      if (err.code === 'ECONNRESET' || !sock.writable) return;
+      if (!sock.destroyed) {
+        if (!sock.writableEnded) {
+          sock.end('HTTP/1.1 400 Bad request\r\n', () => {
+            sock.destroy();
+          });
+        } else {
+          sock.destroy();
+        }
+      }
+    });
+    serv.on('error', (e) => {
+      if (e.code === 'EADDRINUSE') {
+        if (process.send !== undefined && typeof process.send === 'function') {
+          process.send({type: '_eaddr'}, (err) => {});
+        } else {
+          console.error('Error: 该端口已被使用，请先停止相关进程');
+          process.exit(1);
+        }
+      } else {
+        self.config.errorHandle(e, '--ERR--');
+      }
+    });
+    serv.setTimeout(this.config.timeout, (sock) => {
+      if (!sock.destroyed) {
+        if (!sock.pending) {
+          sock.end('HTTP/1.1 408 Request timeout\r\n', () => {
+            sock.destroy();
+          });
+        } else {
+          sock.destroy();
+        }
+      }
+    });
+    serv.maxHeadersCount = 80;
+    serv.headersTimeout = 6000;
+    serv.requestTimeout = self.config.requestTimeout;
+    for (let k in this.events) {
+      for (let ecall of this.events[k]) {
+        if (typeof ecall !== 'function') {
+          continue;
+        }
+        serv.on(k, ecall);
+      }
+    }
+    this.events = {};
+    //说明是使用unix socket模式监听服务
+    if (typeof port === 'string' && port.indexOf('.sock') > 0) {
+      this.host = port;
+      serv.listen(port);
+    } else {
+      this.host = host;
+      if (port !== 80 && port !== 443) {
+        this.host += `:${port}`;
+      }
+      serv.listen(port, host);
+    }
+    return serv;
+  }
+}
+module.exports = Http1;

package/src/http2.js ADDED Viewed

@@ -0,0 +1,337 @@
+'use strict';
+const http2 = require('node:http2');
+const fs = require('node:fs');
+const process = require('node:process');
+const logger = require('./logger.js');
+const {fpurl} = require('./fastParseUrl.js');
+const ctxpool = require('./ctxpool.js');
+const Context = require('./context2.js');
+const checkHeaderLimit = require('./headerLimit.js');
+const sendmsg = require('./sendmsg.js');
+/**
+ * 因http2设计缺陷以及Node.js在实现上的细节不健全导致不得不对一些可能的情况做处理。
+ */
+class Httpt {
+  constructor(options) {
+    this.config = options.config;
+    this.router = options.router;
+    this.events = options.events;
+    this.midware = options.midware;
+    this.service = options.service;
+    this.isWorker = options.isWorker;
+    this.logger = logger;
+    ctxpool.max = this.config.maxpool;
+    this.ctxpool = ctxpool;
+    this.Context = Context;
+    this.fpurl = fpurl;
+    this.host = '';
+    this.onRequest = this.onStream;
+  }
+  requestError(err, handle, headers) {
+    this.config.errorHandle(err, '--ERR-REQUEST--');
+    if (!handle.destroyed) {
+      handle.destroy();
+    }
+  }
+  onStream() {
+    let self = this;
+    let callback = (stream, headers) => {
+      stream.on('error', (err) => {
+        self.requestError(err, stream, headers);
+      });
+      stream.on('frameError', (err) => {
+        self.requestError(err, stream, headers);
+      });
+      stream.on('aborted', err => {
+        err && self.requestError(err, stream, headers);
+        !err && stream.destroy();
+      });
+      let remote_ip = stream.session.socket.remoteAddress || '';
+      if (headers[':path'].length > self.config.maxUrlLength) {
+        headers[':path'] = headers[':path'].substring(0, self.config.maxUrlLength);
+      }
+      if (self.config.globalLog) {
+        let real_ip = '-';
+        if (self.config.realIP) {
+          real_ip = headers['x-real-ip'] || headers['x-forwarded-for'] || '-';
+        }
+        stream.on('close', () => {
+          if (stream && stream.sentHeaders && stream.rstCode === http2.constants.NGHTTP2_NO_ERROR) {
+            //http2请求可以提交超大消息头，而相关设置项没有效果。
+            checkHeaderLimit(headers, 'user-agent', 111);
+            checkHeaderLimit(headers, ':authority', 300);
+            // typeof stream.sentHeaders[':status'] === 'number'
+            self.logger({
+              method: headers[':method'],
+              status: stream.sentHeaders[':status'] || 0,
+              ip: remote_ip,
+              link: `${headers[':scheme']}://${headers[':authority'] || self.host}${headers[':path']}`,
+              agent: headers['user-agent'] || '-',
+              real_ip: real_ip
+            });
+          }
+        });
+      }
+      let urlobj = fpurl(headers[':path'], self.config.autoDecodeQuery,
+                        self.config.fastParseQuery,
+                        self.config.maxQuery);
+      let rt = self.router.findRealPath(urlobj.path, headers[':method']);
+      if (rt === null) {
+        stream.respond({':status': '404'});
+        stream.end(self.config.notFound);
+        return ;
+      }
+      stream.setTimeout(self.config.streamTimeout, () => {
+        stream.close();
+      });
+      let ctx = ctxpool.getctx() || new Context();
+      ctx.bodyLength = 0;
+      ctx.maxBody = self.config.maxBody;
+      ctx.service = self.service;
+      ctx.method = headers[':method'];
+      ctx.host = headers[':authority'] || headers.host || self.host;
+      ctx.protocol = headers[':scheme'];
+      ctx.ip = remote_ip;
+      ctx.port = stream.session.socket.remotePort;
+      ctx.stream = stream;
+      ctx.res = ctx.stream;
+      ctx.req = ctx.stream;
+      ctx.dataHeaders = {};
+      ctx.headers = headers;
+      ctx.path = urlobj.path;
+      ctx.query = urlobj.query;
+      ctx.routepath = rt.key;
+      ctx.requestCall = rt.reqcall.reqCall;
+      ctx.name = rt.reqcall.name;
+      ctx.group = rt.reqcall.group;
+      ctx.param = rt.args;
+      rt = null;
+      return self.midware.run(ctx).finally(() => {
+        ctxpool.free(ctx);
+        ctx = null;
+      });
+    };
+    return callback;
+  }
+  mid() {
+    let self = this;
+    let noBodyMethods = Object.create(null);
+    ['GET','OPTIONS','HEAD','TRACE'].forEach(a => {
+      noBodyMethods[a] = true;
+    });
+    return async (ctx, next) => {
+      let resolved = false;
+      let bodylength = 0;
+      let bodyBuffer;
+      await new Promise((rv, rj) => {
+        if (noBodyMethods[ctx.method]) {
+          ctx.stream.on('data', data => {
+            ctx.stream.respond({':status' : '400'});
+            ctx.stream.end(self.config.badRequest);
+            ctx.stream.close();
+          });
+        } else {
+          let bigBodyEnd = false;
+          bodyBuffer = [];
+          ctx.stream.on('data', data => {
+            bodylength += data.length;
+            if (bodylength > ctx.maxBody) {
+              if (bigBodyEnd) return;
+              bigBodyEnd = true;
+              bodyBuffer = null;
+              ctx.stream.respond({':status' : '413'});
+              ctx.stream.end();
+              ctx.stream.close();
+              return ;
+            }
+            bodyBuffer.push(data);
+          });
+        }
+        let handle_error = err => {
+          if (!resolved) {
+            resolved = true;
+            rv();
+          }
+        };
+        ctx.stream.on('aborted', handle_error);
+        ctx.stream.on('error', handle_error);
+        ctx.stream.on('frameError', handle_error);
+        ctx.stream.on('timeout', handle_error);
+        ctx.stream.on('close', () => {
+          (!resolved) && rv();
+        });
+        //在内部实现上，http2模块总是会触发end事件，这应该是在finalCloseStream中调用this.push(null)实现的。
+        ctx.stream.on('end',() => {
+          resolved = true;
+          rv();
+        });
+      });
+      if (ctx.stream.closed || ctx.stream.destroyed) {
+        return;
+      }
+      if (bodyBuffer && bodyBuffer.length > 0) {
+        ctx.bodyLength = bodylength;
+        ctx.rawBody = Buffer.concat(bodyBuffer, bodylength);
+        bodyBuffer = null;
+      }
+      await next(ctx);
+    }
+    //end func
+  }
+  /**
+   * 运行HTTP/2服务
+   * @param {number} port 端口号
+   * @param {string} host IP地址，可以是IPv4或IPv6
+   * 0.0.0.0 对应使用IPv6则是::
+  */
+  run(port, host) {
+    let self = this;
+    let serv = null;
+    try {
+      if (this.config.https) {
+        if (this.config.key && this.config.cert) {
+          this.config.server.key  = fs.readFileSync(this.config.key);
+          this.config.server.cert = fs.readFileSync(this.config.cert);
+        }
+        serv = http2.createSecureServer(this.config.server);
+      } else {
+        serv = http2.createServer(this.config.server);
+      }
+    } catch(err) {
+      !this.isWorker && console.error(err);
+      sendmsg('_server-error', err.message, {autoExit: true, exitCode: 1});
+    }
+    serv.on('stream', this.onStream());
+    serv.on('sessionError', (err, sess) => {
+      self.config.errorHandle(err, '--ERR-SESSION--');
+      if (!sess.destroyed) {
+        sess.destroy();
+      }
+    });
+    serv.on('tlsClientError', (err, tls) => {
+      self.config.errorHandle(err, '--ERR-TLS-CLIENT--');
+      if (!tls.destroyed) {
+        tls.destroy();
+      }
+    });
+    //只监听tlsClientError是不行的，在进行并发压力测试时，会异常退出。
+    serv.on('secureConnection', (sock) => {
+      //在http2中，要触发超时必须要在此事件内，在connection事件中，会导致segment fault。
+      //但是socket超时并非空闲超时，而是只要超过时间就触发，所以在此处不再处理超时。
+      sock.on('error', err => {
+        self.config.errorHandle(err, '--ERR-CONNECTION--');
+      });
+    });
+    serv.on('unknownProtocol', tls_sock => {
+      if (!tls_sock.destroyed) {
+        tls_sock.destroy();
+      }
+    });
+    serv.on('error', (e) => {
+      if (e.code === 'EADDRINUSE') {
+        if (process.send !== undefined && typeof process.send === 'function') {
+          process.send({type: '_eaddr'});
+        } else {
+          console.error('Error: 该端口已被使用，请先停止相关进程');
+          process.exit(1);
+        }
+      } else {
+        self.config.errorHandle(e, '--ERR--');
+      }
+    });
+    serv.setTimeout(self.config.timeout, session => {
+      session.close(() => {
+        !session.destroyed && session.destroy();
+      });
+    });
+    for (let k in this.events) {
+      for (let ecall of this.events[k]) {
+        if (typeof ecall !== 'function') {
+          continue;
+        }
+        serv.on(k, ecall);
+      }
+    }
+    this.events = {};
+    //说明是使用unix socket模式监听服务
+    if (typeof port === 'string' && port.indexOf('.sock') > 0) {
+      this.host = port;
+      serv.listen(port);
+    } else {
+      this.host = host;
+      if (port !== 80 && port !== 443) {
+        this.host += `:${port}`;
+      }
+      serv.listen(port, host);
+    }
+    return serv;
+  }
+}
+module.exports = Httpt;