topbit 3.0.2 → 3.0.3

package/README.cn.md

@@ -1,4 +1,4 @@
-![](images/topbit.png)
+![](images/topbit.webp)
 
 # Topbit
 

package/README.md

@@ -1,4 +1,4 @@
-![](images/topbit.png)
+![](images/topbit.webp)
 
 # Topbit
 
@@ -1478,4 +1478,4 @@ app.daemon(8008, 2);
 
 **Note: Requires `loadMonitor` option (enabled by default unless set to false).**
 
-Service initialization automatically sets configuration based on available system memory. Unless necessary, stick to default configurations.
+Service initialization automatically sets configuration based on available system memory. Unless necessary, stick to default configurations.

package/demo/sni.js

@@ -55,5 +55,5 @@ app.post('/upload', async c => {
     }
 }, '@upload');
 
-app.daemon(1990, 2);
+app.daemon(1990, 3);
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "topbit",
-  "version": "3.0.2",
+  "version": "3.0.3",
   "description": "A Server-side web framework support http/1.1 and http/2",
   "main": "src/topbit.js",
   "directories": {

package/src/ext.js

@@ -41,7 +41,7 @@ ext.makeName = function(filename = '') {
   let orgname = `${tm.getFullYear()}-${fmtbits(tm.getMonth()+1)}-${fmtbits(tm.getDate())}_`
       + `${fmtbits(tm.getHours())}-${fmtbits(tm.getMinutes())}-${fmtbits(tm.getSeconds())}`
       + `_${tm.getMilliseconds()}`
-      + `${parseInt(Math.random() * 1000) + 1}${parseInt(Math.random() * 100000) + 10000}`
+      + `${((Math.random() * 1000)|0) + 1}${((Math.random() * 100000)|0) + 10000}`
   
   if (filename) return (orgname + ext.extName(filename))
 
@@ -183,14 +183,26 @@ Object.defineProperty(ext, 'algorithm', {
  *key 必须是32位
  * */
 ext.aesEncrypt = function (data, key, encoding = 'base64url') {
-  var h = crypto.createCipheriv(__aag, key, __aesIV)
+  let iv = randstring(16)
+  let h = crypto.createCipheriv(__aag, key, iv)
   let hd = h.update(data, 'utf8', encoding)
   hd += h.final(encoding)
-  return hd
+  return [iv, hd]
 }
 
-ext.aesDecrypt = function (data, key, encoding = 'base64url') {
-  var h = crypto.createDecipheriv(__aag, key, __aesIV)
+ext.aesDecrypt = function (org_data, key, encoding = 'base64url') {
+  if (!org_data) throw new Error('data is wrong');
+  
+  let data, iv
+
+  if (Array.isArray(org_data)) {
+    [iv, data] = org_data
+  } else {
+    iv = org_data.iv
+    data = org_data.data
+  }
+
+  let h = crypto.createDecipheriv(__aag, key, iv)
   let hd = h.update(data, encoding, 'utf8')
   hd += h.final('utf8')
   return hd
@@ -259,7 +271,7 @@ ext.timestr = function (m = 'long') {
 
 ext.nrand = function (f, t) {
   let discount = t - f
-  return parseInt((Math.random() * discount) + f)
+  return Math.floor((Math.random() * discount) + f)
 }
 
 let uuidSerial = makeId.serialId

package/src/extends/Http2Pool.js

@@ -24,7 +24,7 @@ class Http2Pool {
     this.connectTimeout = options.connectTimeout || 15000
 
     this.max = (options.max && !isNaN(options.max) && options.max > 0) ? options.max : 50
-    this.poolMax = parseInt(this.max * 1.5 + 0.5)
+    this.poolMax = Math.floor(this.max * 1.5 + 0.5)
     this.maxConnect = (options.maxConnect && !isNaN(options.maxConnect) && options.maxConnect > 0)
                       ? options.maxConnect
                       : this.poolMax + 500
@@ -129,7 +129,7 @@ class Http2Pool {
             if (this.failedCount < 10) {
               this.innerConnectDelay = this.failedCount
             } if (this.failedCount < 60000) {
-              this.innerConnectDelay = parseInt(this.failedCount / 10)
+              this.innerConnectDelay = Math.floor(this.failedCount / 10)
             } else { this.innerConnectDelay = 6000 }
 
             !rejected && (rejected = true) && reject(err)

package/src/extends/cors.js

@@ -170,7 +170,7 @@ class Cors {
             if (lastSlash < host.length - 1) host = host.substring(0, lastSlash+1);
             if (!host.trim()) continue;
 
-            midIndex = parseInt(host.length / 2);
+            midIndex = ((host.length / 2)|0);
             midChar = host[midIndex];
 
             this.allowTable[host] = {

package/src/extends/jwt.js

@@ -22,7 +22,7 @@
  * 
  */
 
-const randstring = require('./__randstring.js')
+const randstring = require('../randstring.js')
 
 const crypto = require('node:crypto')
 

package/src/extends/resource.js

@@ -80,7 +80,7 @@ class Resource {
 
     this.prepath = ''
     
-    this.routeGroup = `__static_${parseInt(Math.random()*10000)}_`
+    this.routeGroup = `__static_${Math.floor(Math.random() * 10000)}_`
 
     this.decodePath = false
 
@@ -366,7 +366,7 @@ class Resource {
 
         if (self.cacheFailed >= self.failedLimit) {
           //以{self.prob}%概率决定是否释放缓存。
-          if (parseInt(Math.random() * 100) < self.prob) {
+          if (((Math.random() * 100) | 0) < self.prob) {
             self.clearCache()
           }
 

package/src/extends/session.js

@@ -32,7 +32,7 @@ class Session {
 
     this.prefix = 'titbit_sess_'
 
-    this.sessionKey = 'TITBIT_SESSID'
+    this.sessionKey = 'TOPBIT_SESSID'
 
     this.error = null
 

package/src/extends/tofile.js

@@ -24,7 +24,7 @@ function makeName(filename = '') {
 
   let orgname = `${tm.getFullYear()}-${fmtbits(tm.getMonth()+1)}-${fmtbits(tm.getDate())}_`
       + `${fmtbits(tm.getHours())}-${fmtbits(tm.getMinutes())}-${fmtbits(tm.getSeconds())}`
-      + `_${tm.getMilliseconds()}${parseInt(Math.random() * 1000) + 1}${parseInt(Math.random() * 100000) + 10000}`
+      + `_${tm.getMilliseconds()}${((Math.random() * 1000)|0) + 1}${((Math.random() * 100000)|0) + 10000}`
 
   if (filename) return (orgname + extName(filename))
 

package/src/makeId.js

@@ -28,7 +28,7 @@ for (let x of loopch) {
 let sloopch = msloopch.slice(0, 100)
 let yloopch = msloopch.slice(36, 500)
 
-msloopch = msloopch.slice(parseInt(Math.random() * 100))
+msloopch = msloopch.slice(Math.floor(Math.random() * 100))
 
 let loopLength = loopch.length
 let sloopLength = sloopch.length
@@ -47,7 +47,7 @@ class Clocks {
 
   rand() {
     for (let k in this.clocks) {
-      this.clocks[k] = parseInt(loopLength * Math.random())
+      this.clocks[k] = (loopLength * Math.random()) | 0
     }
   }
 
@@ -153,7 +153,7 @@ function numId(obj) {
 
 function bigId(obj, a='', b='') {
   let fnum = numId(obj)
-  return (BigInt(fnum) * 1000n + BigInt(parseInt(Math.random() * 1000))).toString()
+  return (BigInt(fnum) * 1000n + BigInt((Math.random() * 1000)|0)).toString()
 }
 
 Object.defineProperty(makeId, 'numId', {
@@ -161,7 +161,7 @@ Object.defineProperty(makeId, 'numId', {
   configurable: false,
   get: function () {
     let oo = {
-      endnum: parseInt(Math.random() * 2000)
+      endnum: (Math.random() * 2000) | 0
     }
 
     return numId.bind(null, oo)
@@ -173,7 +173,7 @@ Object.defineProperty(makeId, 'bigId', {
   configurable: false,
   get: function () {
     let oo = {
-      endnum: parseInt(Math.random() * 2000)
+      endnum: (Math.random() * 2000) | 0
     }
 
     return bigId.bind(null, oo)

package/src/midcore.js

@@ -18,7 +18,7 @@ class MidCore {
 
     this.globalKey = `_GLOBAL_0129_${Math.random().toString(16).substring(2)}_`;
 
-    this.midGroup = {};
+    this.midGroup = Object.create(null);
 
     this.midGroup[ this.globalKey ] = [
       async (ctx) => {

package/src/monitor.js

@@ -98,7 +98,7 @@ class Monitor {
       } else {
         //此时升温，表示负载高，不要kill多余的进程。
         if (this.cooling < this.maxCooling) {
-          this.cooling += 20 + parseInt( Math.random() * 60 )
+          this.cooling += 20 + ((Math.random() * 60) | 0)
         }
       }
 

package/src/randstring.js

@@ -1,4 +1,5 @@
 'use strict'
+const crypto = require('crypto')
 
 let saltArr = [
   'a','b','c','d','e','f','g',
@@ -6,18 +7,41 @@ let saltArr = [
   'o','p','q','r','s','t','u',
   'v','w','x','y','z','1','2',
   '3','4','5','6','7','8','9'
-];
+]
+
+function secureShuffle(arr) {
+  const newArr = [...arr]
+
+  // Fisher-Yates 洗牌算法
+  for (let i = newArr.length - 1; i > 0; i--) {
+    // 这里只在启动时运行一次，所以用性能较慢但绝对安全的 crypto
+    const j = crypto.randomInt(0, i + 1)
+    ;[newArr[i], newArr[j]] = [newArr[j], newArr[i]]
+  }
+
+  return newArr
+}
+
+const fastSecretChars = secureShuffle(saltArr)
+const charsLen = fastSecretChars.length
 
 module.exports = (length = 8, sarr = null) => {
-  let saltstr = '';
-  let ind = 0;
+  let saltstr = ''
+  
+  // 如果用户传了自定义数组，为了兼容性不得不降级处理 (性能稍慢，逻辑不变)
+  if (sarr) {
+    const customLen = sarr.length
 
-  let arr = sarr || saltArr;
+    for (let i = 0; i < length; i++) {
+      saltstr += sarr[(Math.random() * customLen) | 0]
+    }
+    
+    return saltstr
+  }
 
-  for(let i = 0; i < length; i++) {
-    ind = parseInt(Math.random() * arr.length);
-    saltstr += arr[ind];
+  for (let i = 0; i < length; i++) {
+    saltstr += fastSecretChars[(Math.random() * charsLen) | 0]
   }
 
-  return saltstr;
-}
+  return saltstr
+}

package/src/token/token.js

@@ -2,26 +2,7 @@
 
 const crypto = require('node:crypto')
 const {Buffer} = require('node:buffer')
-
-let _randstrList = [
-  'a', 'b', 'c', 'd', 'e', 'f', 'g',
-  'h', 'i', 'j', 'k', 'l', 'm', 'n',
-  'o', 'p', 'q', 'r', 's', 't', 'u',
-  'v', 'w', 'x', 'y', 'z',
-
-  '1', '2', '3', '4', '5', '6', '7', '8', '9'
-]
-
-function randstring(length = 8) {
-  let rstr = ''
-  let ind = 0
-
-  for (let i = 0; i < length; i++) {
-    ind = parseInt(Math.random() * _randstrList.length)
-    rstr += _randstrList[ind]
-  }
-  return rstr
-}
+const randstring = require('../randstring.js')
 
 class TopbitToken {
 
@@ -116,7 +97,7 @@ class TopbitToken {
 
   }
 
-  _aesEncrypt(data, key, iv, options = {}) {
+  aesEncrypt(data, key, iv, options = {}) {
     let h = crypto.createCipheriv(this.algorithm, key, iv, options)
     let hd = h.update(data, 'utf8')
     let final_data = h.final()
@@ -127,7 +108,7 @@ class TopbitToken {
     return Buffer.concat([hd, final_data, authtag])
   }
 
-  _aesDecrypt(data, key, iv, options = {}) {
+  aesDecrypt(data, key, iv, options = {}) {
     let h = crypto.createDecipheriv(this.algorithm, key, iv, options)
     if (this.isGCM) {
       let bdata = Buffer.from(data, this.tokenEncoding)
@@ -255,7 +236,7 @@ class TopbitToken {
       return ''
     }
 
-    let ind = parseInt( Math.random() * this.tokenIds.length)
+    let ind = (Math.random() * this.tokenIds.length) | 0
 
     return this.tokenIds[ind]
   }
@@ -292,7 +273,7 @@ class TopbitToken {
 
   setRefresh(flag = true) {
     if (flag) {
-      this.refresh = parseInt(this.expires / 5)
+      this.refresh = Math.floor(this.expires / 5)
     } else {
       this.refresh = 0
     }
@@ -325,9 +306,9 @@ class TopbitToken {
     let ikv = tokenId ? this.idKeyIV.get(tokenId) : null
 
     if (tokenId && ikv) {
-      tk = this._aesEncrypt(JSON.stringify(userinfo), ikv.key, ikv.iv)
+      tk = this.aesEncrypt(JSON.stringify(userinfo), ikv.key, ikv.iv)
     } else {
-      tk = this._aesEncrypt(JSON.stringify(userinfo), this.key, this.iv)
+      tk = this.aesEncrypt(JSON.stringify(userinfo), this.key, this.iv)
     }
 
     return tk.toString(this.tokenEncoding)
@@ -375,7 +356,7 @@ class TopbitToken {
     userinfo.timestamp = Date.now()
     userinfo.__tokenId__ = ikv.id
 
-    let tk = this._aesEncrypt(JSON.stringify(userinfo), ikv.key, ikv.iv)
+    let tk = this.aesEncrypt(JSON.stringify(userinfo), ikv.key, ikv.iv)
 
     return tk.toString(this.tokenEncoding)
   }
@@ -394,7 +375,7 @@ class TopbitToken {
 
   verify(edata, ikv={}) {
     try {
-      let u = this._aesDecrypt(edata, ikv.key || this.key, ikv.iv || this.iv)
+      let u = this.aesDecrypt(edata, ikv.key || this.key, ikv.iv || this.iv)
       let uj = JSON.parse(u)
       let tm = Date.now()
 

package/src/topbit.js

@@ -34,6 +34,7 @@ const TopbitToken = require('./token/token.js')
 const TopbitExtends = require('./_loadExtends.js')
 const npargv = require('./lib/npargv.js')
 const zipdata = require('./lib/zipdata.js')
+const ErrorLog = require('./lib/errorlog.js')
 
 let __instance__ = 0;
 
@@ -457,18 +458,14 @@ class Topbit {
     this.topmem = 4345036800;
   
     if (this.topmem >= this.totalmem) {
-      this.topmem = parseInt(this.totalmem * 0.9);
+      this.topmem = Math.floor(this.totalmem * 0.9);
     }
 
     this.secure = {
       //而超过diemem则直接kill 这限制的是对heap的使用
-      //parseInt(this.topmem * (0.5 + this.config.memFactor) )
       diemem : this.topmem,
-  
-      //parseInt(this.topmem * (0.5 + this.config.memFactor) )
-      maxmem : parseInt(this.topmem * (0.5 + this.config.memFactor)),
-  
-      maxrss : parseInt(this.totalmem * (0.52 + this.config.memFactor) )
+      maxmem : Math.floor(this.topmem * (0.5 + this.config.memFactor)),
+      maxrss : Math.floor(this.totalmem * (0.52 + this.config.memFactor) )
     };
     
     //运行时服务，需要在全局添加一些服务插件可以放在此处。
@@ -1226,7 +1223,7 @@ class Topbit {
       //根据num设定secure的内存限制。
       if (num > 1) {
         for (let k in this.secure) {
-          this.secure[k] = parseInt(this.secure[k] * (0.45 + 1 / num));
+          this.secure[k] = Math.floor(this.secure[k] * (0.56 + 1 / num));
         }
       }
 
@@ -1288,6 +1285,7 @@ Topbit.Loader = TopbitLoader;
 Topbit.Token = TopbitToken;
 Topbit.npargv = npargv;
 Topbit.zipdata = zipdata;
+Topbit.ErrorLog = ErrorLog;
 Topbit.extensions = TopbitExtends;
 
 module.exports = Topbit;

package/test/test-longId.js

@@ -0,0 +1,35 @@
+'use strict'
+
+const longId = require('../src/makeId').serialId
+const longId2 = require('../src/makeId').numId
+const longId3 = require('../src/makeId').bigId
+const longId4 = require('../src/makeId').serialId
+
+let tid = {}
+let id
+let id2
+let count = 0
+
+function check(id) {
+  if (tid[id]) {
+    console.log(id, ++count)
+    return true
+  }
+  //console.log(id, typeof id)
+
+  tid[id] = true
+  return false
+}
+
+console.time('longid')
+
+for (let i = 0; i < 1000000; i++) {
+  id = longId()
+  id2 = longId2(14)
+  check(id)
+  check(id2)
+  check(longId3())
+  check(longId4())
+}
+
+console.timeEnd('longid')

package/test/test-randstr.js

@@ -0,0 +1,44 @@
+// benchmark.js
+const generateSalt = require('../src/randstring.js');
+const { performance } = require('perf_hooks');
+
+const ITERATIONS = 1000000; // 100万次
+const SALT_LENGTH = 16;      // 生成 8 位
+
+console.log('========================================');
+console.log(`性能测试开始`);
+console.log(`目标: 生成 ${ITERATIONS.toLocaleString()} 次, 长度 ${SALT_LENGTH}`);
+console.log('========================================');
+
+// 1. 预热 (Warm-up)
+// 让 V8 引擎的 JIT (Just-In-Time) 编译器介入，把热点代码编译成机器码
+// 这样测出来的才是服务器稳定运行时的真实性能
+for(let i = 0; i < 10000; i++) {
+  generateSalt(SALT_LENGTH);
+}
+console.log('预热完成，开始计时...');
+
+// 2. 正式测试
+const startTime = performance.now();
+
+for (let i = 0; i < ITERATIONS; i++) {
+  generateSalt(SALT_LENGTH);
+}
+
+const endTime = performance.now();
+
+// 3. 计算结果
+const totalTimeMs = endTime - startTime;
+const qps = Math.floor(ITERATIONS / (totalTimeMs / 1000));
+
+// 4. 验证一次输出 (确保功能正常)
+const sample = generateSalt(SALT_LENGTH);
+
+console.log('\n测试结果:');
+console.log(`----------------------------------------`);
+console.log(`总耗时   : ${totalTimeMs.toFixed(2)} ms`);
+console.log(`平均耗时 : ${(totalTimeMs / ITERATIONS).toFixed(6)} ms/次`);
+console.log(`QPS      : ${qps.toLocaleString()} 次/秒`);
+console.log(`----------------------------------------`);
+console.log(`生成的样例: ${sample}`);
+console.log('========================================');

package/test/test-token.js

@@ -0,0 +1,101 @@
+'use strict'
+
+const token = require('../src/token/token.js')
+
+const tok = new token({
+  urlencoded : true,
+  alg: 'aes-256-gcm'
+})
+
+console.log(tok.iv, tok.key)
+
+//tok.setExpires(1)
+
+tok.setEncoding('base64url')
+
+let tidlist = ['t1','t2','t3','t4']
+
+tok.addTokenId(tidlist)
+
+tok.setMapId('tit')
+
+let info = {
+  id : 1001,
+  name : 'brave'
+}
+console.log('加密处理···')
+let edata = tok.make(info)
+
+console.log('解密处理···')
+let realData = tok.verify(edata)
+
+console.log(edata)
+console.log(realData)
+
+let edataList = []
+
+console.log('测试随机tokenId加密')
+for (let i = 0 ; i < 10; i++) {
+  edata = tok.make(info)
+  edataList.push(edata)
+}
+
+if ( parseInt(Math.random() * 10) > 5 ) {
+  tok.removeTokenId('t2')
+  tok.removeTokenId('t3')
+}
+
+console.log('测试随机tokenId解密')
+for (let i = 0; i < 10; i++) {
+  realData = tok.verify(edataList[i])
+  console.log(realData)
+}
+
+edata = tok.makeAccessToken(info, 'tit')
+console.log(edata)
+
+console.log(tok.verifyAccessToken(edata))
+
+let total = 100000
+
+tok.setIdKeyIv('xyz','qazxswedcfvrgthynujmkiolp0987654', 'qawsedrftgyhujik')
+tok.setIdKeyIv('io', 'qazxswedcfvrgthynujmkiolp0e24565', 'qawsedrftgyhujik')
+tok.setIdKeyIv('cd', 'qazxswedcfvrgthynujmkiolpr5tf765', 'qawsedrftgyhujie')
+tok.setIdKeyIv('mk', 'qazxswedcfvrgthynujmkiolpw347f65', 'qawsedrftgyhujir')
+
+let ikv = {
+  id : 'io',
+  key : tok.fixKey('qazxswedcfvrgthynujmkiolp0e24565'),
+  iv : 'qawsedrftgyhujik'
+}
+edata = tok.makeikv(info, ikv)
+
+realData = tok.verifyikv(edata, ikv)
+
+console.log('rand iv key token', tok.randIvToken(info))
+
+console.log('--IKV-TEST--:', edata, realData)
+
+console.log('测试指定key和iv', total, '次加解密性能')
+
+let st = Date.now()
+
+for (let i = 0; i < total; i++) {
+  //edata = tok.make(info, 'xyz')
+  //realData = tok.verify(edata, 'qazxswedcfvrgthynujmkiolp0987654', 'qawsedrftgyhujik', 'xyz')
+  //realData = tok.verifyId(edata, 'xyz')
+  
+  //edata = tok.make(info, 'io')
+  //realData = tok.verifyid(edata, 'io')
+  //console.log(edata, realData)
+  info.expires = i % 7 ? i : '122133sdaf'
+  edata = tok.randIvToken(info)
+  realData = tok.verifyikv(edata.token, edata)
+  //console.log(edata, realData)
+}
+
+let et = Date.now()
+
+console.log(et - st, 'ms')
+
+console.log(tok.randIvToken(info))

package/src/extends/__randstring.js

@@ -1,24 +0,0 @@
-'use strict'
-
-let saltArr = [
-  'a','b','c','d','e','f','g',
-  'h','i','j','k','l','m','n',
-  'o','p','q','r','s','t','u',
-  'v','w','x','y','z','1','2',
-  '3','4','5','6','7','8','9'
-]
-
-function randstring (length = 8) {
-
-  let saltstr = ''
-  let ind = 0
-
-  for(let i = 0; i < length; i++) {
-    ind = parseInt( Math.random() * saltArr.length)
-    saltstr += saltArr[ ind ]
-  }
-
-  return saltstr
-}
-
-module.exports = randstring