Compare commits
4 Commits
14f5bbfec9
...
4a2014e10d
| Author | SHA1 | Date | |
|---|---|---|---|
|
4a2014e10d | ||
|
|
a01a64116f | ||
|
|
f6f2590532 | ||
|
|
20f5484e90 |
@@ -25,6 +25,7 @@
|
||||
"mdui": "npm:mdui@2.1.4",
|
||||
"split.js": "npm:split.js@1.3.2",
|
||||
"crypto-js": "npm:crypto-js@4.2.0",
|
||||
"socket.io-client": "npm:socket.io-client@4.8.1"
|
||||
"socket.io-client": "npm:socket.io-client@4.8.1",
|
||||
"marked": "npm:marked@16.3.0"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,8 +8,9 @@ import Client from "../../api/Client.ts"
|
||||
import Message from "../../api/client_data/Message.ts"
|
||||
import Chat from "../../api/client_data/Chat.ts"
|
||||
import data from "../../Data.ts"
|
||||
import { checkApiSuccessOrSncakbar, snackbar } from "../snackbar.ts"
|
||||
import { checkApiSuccessOrSncakbar } from "../snackbar.ts"
|
||||
import useAsyncEffect from "../useAsyncEffect.ts"
|
||||
import * as marked from 'marked'
|
||||
|
||||
interface Args extends React.HTMLAttributes<HTMLElement> {
|
||||
target: string
|
||||
|
||||
@@ -15,7 +15,9 @@ export type CallMethod =
|
||||
|
||||
"Chat.getInfo" |
|
||||
"Chat.sendMessage" |
|
||||
"Chat.getMessageHistory"
|
||||
"Chat.getMessageHistory" |
|
||||
|
||||
"Chat.uploadFile"
|
||||
|
||||
export type ClientEvent =
|
||||
"Client.onMessage"
|
||||
|
||||
@@ -66,11 +66,16 @@ export default class ApiManager {
|
||||
})
|
||||
console.log(chalk.yellow('[連]') + ` ${ip} connected`)
|
||||
|
||||
socket.on("The_White_Silk", (name: string, args: { [key: string]: unknown }, callback_: (ret: ApiCallbackMessage) => void) => {
|
||||
socket.on("The_White_Silk", async (name: string, args: { [key: string]: unknown }, callback_: (ret: ApiCallbackMessage) => void) => {
|
||||
function callback(ret: ApiCallbackMessage) {
|
||||
console.log(chalk.blue('[發]') + ` ${ip} <- ${ret.code == 200 ? chalk.green(ret.msg) : chalk.red(ret.msg)} [${ret.code}]${ret.data ? (' <extras: ' + JSON.stringify(ret.data) + '>') : ''}`)
|
||||
return callback_(ret)
|
||||
}
|
||||
async function checkIsPromiseAndAwait(value: Promise<unknown> | unknown) {
|
||||
if (value instanceof Promise)
|
||||
return await value
|
||||
return value
|
||||
}
|
||||
try {
|
||||
if (name == null || args == null) return callback({
|
||||
msg: "Invalid request.",
|
||||
@@ -78,7 +83,7 @@ export default class ApiManager {
|
||||
})
|
||||
console.log(chalk.red('[收]') + ` ${ip} -> ${chalk.yellow(name)} <args: ${JSON.stringify(args)}>`)
|
||||
|
||||
return callback(this.event_listeners[name]?.(args, clientInfo) || {
|
||||
return callback(await checkIsPromiseAndAwait(this.event_listeners[name]?.(args, clientInfo)) || {
|
||||
code: 501,
|
||||
msg: "Not implmented",
|
||||
})
|
||||
|
||||
@@ -1,8 +1,11 @@
|
||||
import { Buffer } from "node:buffer";
|
||||
import Chat from "../data/Chat.ts";
|
||||
import ChatPrivate from "../data/ChatPrivate.ts";
|
||||
import MessagesManager from "../data/MessagesManager.ts";
|
||||
import ChatPrivate from "../data/ChatPrivate.ts"
|
||||
import FileManager from "../data/FileManager.ts"
|
||||
import MessagesManager from "../data/MessagesManager.ts"
|
||||
import User from "../data/User.ts"
|
||||
import ApiManager from "./ApiManager.ts";
|
||||
import UserChatLinker from "../data/UserChatLinker.ts"
|
||||
import ApiManager from "./ApiManager.ts"
|
||||
import BaseApi from "./BaseApi.ts"
|
||||
import TokenManager from "./TokenManager.ts"
|
||||
|
||||
@@ -77,6 +80,10 @@ export default class ChatApi extends BaseApi {
|
||||
code: 404,
|
||||
msg: "對話不存在",
|
||||
}
|
||||
if (!UserChatLinker.checkUserIsLinkedToChat(token.author, chat!.bean.id)) return {
|
||||
code: 400,
|
||||
msg: "用戶無權訪問該對話",
|
||||
}
|
||||
|
||||
const msg = {
|
||||
text: args.text as string,
|
||||
@@ -133,6 +140,49 @@ export default class ChatApi extends BaseApi {
|
||||
code: 404,
|
||||
msg: "對話不存在",
|
||||
}
|
||||
if (!UserChatLinker.checkUserIsLinkedToChat(token.author, chat!.bean.id)) return {
|
||||
code: 400,
|
||||
msg: "用戶無權訪問該對話",
|
||||
}
|
||||
|
||||
return {
|
||||
code: 200,
|
||||
msg: "成功",
|
||||
data: {
|
||||
messages: MessagesManager.getInstanceForChat(chat).getMessagesWithPage(15, args.page as number),
|
||||
},
|
||||
}
|
||||
})
|
||||
/**
|
||||
* 上傳文件
|
||||
* @param token 令牌
|
||||
* @param target 目標對話
|
||||
* @param file_name 文件名稱
|
||||
* @param data 文件二進制數據
|
||||
*/
|
||||
this.registerEvent("Chat.uploadFile", async (args, { deviceId }) => {
|
||||
if (this.checkArgsMissing(args, ['token', 'target', 'data', 'file_name'])) return {
|
||||
msg: "參數缺失",
|
||||
code: 400,
|
||||
}
|
||||
|
||||
const token = TokenManager.decode(args.token as string)
|
||||
if (!this.checkToken(token, deviceId)) return {
|
||||
code: 401,
|
||||
msg: "令牌無效",
|
||||
}
|
||||
|
||||
const chat = Chat.findById(args.target as string)
|
||||
if (chat == null) return {
|
||||
code: 404,
|
||||
msg: "對話不存在",
|
||||
}
|
||||
if (!UserChatLinker.checkUserIsLinkedToChat(token.author, chat!.bean.id)) return {
|
||||
code: 400,
|
||||
msg: "用戶無權訪問該對話",
|
||||
}
|
||||
|
||||
const file = await FileManager.uploadFile(args.file_name as string, args.data as Buffer<ArrayBufferLike>)
|
||||
|
||||
return {
|
||||
code: 200,
|
||||
|
||||
55
server/api/FileTokenManager.ts
Normal file
55
server/api/FileTokenManager.ts
Normal file
@@ -0,0 +1,55 @@
|
||||
import { Buffer } from "node:buffer"
|
||||
import config from "../config.ts"
|
||||
import User from "../data/User.ts"
|
||||
import crypto from 'node:crypto'
|
||||
import Token from "./Token.ts"
|
||||
|
||||
function normalizeKey(key: string, keyLength = 32) {
|
||||
const hash = crypto.createHash('sha256')
|
||||
hash.update(key)
|
||||
const keyBuffer = hash.digest()
|
||||
return keyLength ? keyBuffer.slice(0, keyLength) : keyBuffer
|
||||
}
|
||||
|
||||
export default class FileTokenManager {
|
||||
static makeAuth(user: User) {
|
||||
return crypto.createHash("sha256").update(user.bean.id + user.getPassword() + config.salt + '_file').digest().toString('hex')
|
||||
}
|
||||
static encode(token: Token) {
|
||||
return crypto.createCipheriv("aes-256-gcm", normalizeKey(config.aes_key + '_file'), '01234567890123456').update(
|
||||
JSON.stringify(token)
|
||||
).toString('hex')
|
||||
}
|
||||
static decode(token: string) {
|
||||
if (token == null) throw new Error('令牌為空!')
|
||||
return JSON.parse(crypto.createDecipheriv("aes-256-gcm", normalizeKey(config.aes_key + '_file'), '01234567890123456').update(
|
||||
Buffer.from(token, 'hex')
|
||||
).toString()) as Token
|
||||
}
|
||||
|
||||
/**
|
||||
* 簽發文件令牌
|
||||
*/
|
||||
static make(user: User, device_id: string) {
|
||||
const time = Date.now()
|
||||
return this.encode({
|
||||
author: user.bean.id,
|
||||
auth: this.makeAuth(user),
|
||||
made_time: time,
|
||||
// 過期時間: 2分鐘
|
||||
expired_time: time + (1 * 1000 * 60 * 2),
|
||||
device_id: device_id
|
||||
})
|
||||
}
|
||||
/**
|
||||
* 校驗文件令牌
|
||||
*/
|
||||
static check(user: User, token: string) {
|
||||
const tk = this.decode(token)
|
||||
|
||||
return (
|
||||
this.makeAuth(user) == tk.auth
|
||||
&& tk.expired_time < Date.now()
|
||||
)
|
||||
}
|
||||
}
|
||||
@@ -6,6 +6,6 @@ type EventCallbackFunction = (args: { [key: string]: unknown }, clientInfo: {
|
||||
deviceId: string
|
||||
ip: string
|
||||
socket: SocketIo.Socket<SocketIo.DefaultEventsMap, SocketIo.DefaultEventsMap, SocketIo.DefaultEventsMap, any>
|
||||
}) => ApiCallbackMessage
|
||||
}) => ApiCallbackMessage | Promise<ApiCallbackMessage>
|
||||
|
||||
export default EventCallbackFunction
|
||||
|
||||
Reference in New Issue
Block a user