add hanatan username check

acc735d3 · nanahira · 1ada4653 · acc735d3 · acc735d3 · acc735d3
Commit acc735d3 authored Mar 31, 2023 by nanahira
9 changed files
--- a/Dockerfile
+++ b/Dockerfile
-FROM node:16-bullseye-slim
+FROM node:lts-bullseye-slim

 RUN apt update && \
 	apt -y install build-essential python3 libpq-dev && \

--- a/config.ts
+++ b/config.ts
-let config = process.env['NODE_ENV'] == 'development' ? require('./conf-dev').default : {
+const envConfig = {
    DATABASE: process.env['DATABASE'],
    synchronize: !process.env['DB_NO_SYNC'],
    Mail: {
@@ -17,7 +17,15 @@ let config = process.env['NODE_ENV'] == 'development' ? require('./conf-dev').de
    Token: {
        Secret: process.env['TOKEN_SECRET'],
        ExpiresIn: process.env['TOKEN_EXPIRESIN']
+    },
+    Hanatan: {
+        enable: !!process.env['HANATAN_URL'],
+        url: process.env['HANATAN_URL'],
+        token: process.env['HANATAN_TOKEN'],
+        prompt: process.env['HANATAN_PROMPT']
    }
 };

+let config: typeof envConfig = process.env['NODE_ENV'] == 'development' ? require('./conf-dev').default : envConfig;
+
 export default config;
--- a/package-lock.json
+++ b/package-lock.json
@@ -11,6 +11,7 @@
        "aliyun-oss-upload-stream": "^1.3.0",
        "aliyun-sdk": "^1.9.22",
        "async-busboy": "^1.1.0",
+        "axios": "^1.3.4",
        "bad-words-chinese": "^1.0.2",
        "bluebird": "^3.5.0",
        "handlebars": "^4.0.6",
@@ -1678,8 +1679,7 @@
    "node_modules/asynckit": {
      "version": "0.4.0",
      "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
-      "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=",
-      "peer": true
+      "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k="
    },
    "node_modules/aws-crt": {
      "version": "1.9.8",
@@ -1697,6 +1697,15 @@
        "websocket-stream": "^5.5.2"
      }
    },
+    "node_modules/aws-crt/node_modules/axios": {
+      "version": "0.21.4",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz",
+      "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==",
+      "peer": true,
+      "dependencies": {
+        "follow-redirects": "^1.14.0"
+      }
+    },
    "node_modules/aws-sign2": {
      "version": "0.7.0",
      "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz",
@@ -1713,12 +1722,26 @@
      "peer": true
    },
    "node_modules/axios": {
-      "version": "0.21.4",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz",
-      "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==",
-      "peer": true,
+      "version": "1.3.4",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.3.4.tgz",
+      "integrity": "sha512-toYm+Bsyl6VC5wSkfkbbNB6ROv7KY93PEBBL6xyDczaIHasAiv4wPqQ/c4RjoQzipxRD2W5g21cOqQulZ7rHwQ==",
      "dependencies": {
-        "follow-redirects": "^1.14.0"
+        "follow-redirects": "^1.15.0",
+        "form-data": "^4.0.0",
+        "proxy-from-env": "^1.1.0"
+      }
+    },
+    "node_modules/axios/node_modules/form-data": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
+      "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
+      "dependencies": {
+        "asynckit": "^0.4.0",
+        "combined-stream": "^1.0.8",
+        "mime-types": "^2.1.12"
+      },
+      "engines": {
+        "node": ">= 6"
      }
    },
    "node_modules/bad-words-chinese": {
@@ -2519,7 +2542,6 @@
      "version": "1.0.8",
      "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
      "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==",
-      "peer": true,
      "dependencies": {
        "delayed-stream": "~1.0.0"
      },
@@ -2768,7 +2790,6 @@
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
      "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=",
-      "peer": true,
      "engines": {
        "node": ">=0.4.0"
      }
@@ -3186,16 +3207,15 @@
      }
    },
    "node_modules/follow-redirects": {
-      "version": "1.14.4",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.4.tgz",
-      "integrity": "sha512-zwGkiSXC1MUJG/qmeIFH2HBJx9u0V46QGUe3YR1fXG8bXQxq7fLj0RjLZQ5nubr9qNJUZrH+xUcwXEoXNpfS+g==",
+      "version": "1.15.2",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz",
+      "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==",
      "funding": [
        {
          "type": "individual",
          "url": "https://github.com/sponsors/RubenVerborgh"
        }
      ],
-      "peer": true,
      "engines": {
        "node": ">=4.0"
      },
@@ -6644,6 +6664,11 @@
        "node": ">=0.8"
      }
    },
+    "node_modules/proxy-from-env": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
+      "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="
+    },
    "node_modules/ps-tree": {
      "version": "1.1.0",
      "resolved": "http://registry.npm.taobao.org/ps-tree/download/ps-tree-1.1.0.tgz",
@@ -9911,8 +9936,7 @@
    "asynckit": {
      "version": "0.4.0",
      "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
-      "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=",
-      "peer": true
+      "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k="
    },
    "aws-crt": {
      "version": "1.9.8",
@@ -9927,6 +9951,17 @@
        "mqtt": "^4.2.8",
        "tar": "^6.1.11",
        "websocket-stream": "^5.5.2"
+      },
+      "dependencies": {
+        "axios": {
+          "version": "0.21.4",
+          "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz",
+          "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==",
+          "peer": true,
+          "requires": {
+            "follow-redirects": "^1.14.0"
+          }
+        }
      }
    },
    "aws-sign2": {
@@ -9942,12 +9977,25 @@
      "peer": true
    },
    "axios": {
-      "version": "0.21.4",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz",
-      "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==",
-      "peer": true,
+      "version": "1.3.4",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.3.4.tgz",
+      "integrity": "sha512-toYm+Bsyl6VC5wSkfkbbNB6ROv7KY93PEBBL6xyDczaIHasAiv4wPqQ/c4RjoQzipxRD2W5g21cOqQulZ7rHwQ==",
      "requires": {
-        "follow-redirects": "^1.14.0"
+        "follow-redirects": "^1.15.0",
+        "form-data": "^4.0.0",
+        "proxy-from-env": "^1.1.0"
+      },
+      "dependencies": {
+        "form-data": {
+          "version": "4.0.0",
+          "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
+          "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
+          "requires": {
+            "asynckit": "^0.4.0",
+            "combined-stream": "^1.0.8",
+            "mime-types": "^2.1.12"
+          }
+        }
      }
    },
    "bad-words-chinese": {
@@ -10566,7 +10614,6 @@
      "version": "1.0.8",
      "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
      "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==",
-      "peer": true,
      "requires": {
        "delayed-stream": "~1.0.0"
      }
@@ -10764,8 +10811,7 @@
    "delayed-stream": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
-      "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=",
-      "peer": true
+      "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk="
    },
    "delegates": {
      "version": "1.0.0",
@@ -11111,10 +11157,9 @@
      }
    },
    "follow-redirects": {
-      "version": "1.14.4",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.4.tgz",
-      "integrity": "sha512-zwGkiSXC1MUJG/qmeIFH2HBJx9u0V46QGUe3YR1fXG8bXQxq7fLj0RjLZQ5nubr9qNJUZrH+xUcwXEoXNpfS+g==",
-      "peer": true
+      "version": "1.15.2",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz",
+      "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA=="
    },
    "for-in": {
      "version": "1.0.2",
@@ -13945,6 +13990,11 @@
        "yargs": "^3.10.0"
      }
    },
+    "proxy-from-env": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
+      "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="
+    },
    "ps-tree": {
      "version": "1.1.0",
      "resolved": "http://registry.npm.taobao.org/ps-tree/download/ps-tree-1.1.0.tgz",

--- a/package.json
+++ b/package.json
@@ -11,6 +11,7 @@
    "aliyun-oss-upload-stream": "^1.3.0",
    "aliyun-sdk": "^1.9.22",
    "async-busboy": "^1.1.0",
+    "axios": "^1.3.4",
    "bad-words-chinese": "^1.0.2",
    "bluebird": "^3.5.0",
    "handlebars": "^4.0.6",

--- a/src/controllers/auth.ts
+++ b/src/controllers/auth.ts
@@ -9,6 +9,7 @@ import config from '../../config';
 import { createToken } from '../utils';
 import views from '../../views';
 import { URL } from 'url';
+import { checkUsernameByHanatan } from '../hanatan';

 export const signin = async (ctx: Context) => {

@@ -79,6 +80,10 @@ export const signup = async (ctx: Context) => {
        return;
    }

+    if (await checkUsernameByHanatan(u.username)) { 
+        ctx.throw('i_username_illegal', 400);
+    }
+
    let salt = crypto.randomBytes(8).toString('hex');

    let password_hash = (await Bluebird.promisify(crypto.pbkdf2)(u.password, salt, 64000, 32, 'sha256')).toString('hex');

--- a/src/controllers/user.ts
+++ b/src/controllers/user.ts
@@ -8,6 +8,7 @@ import config from '../../config';
 import * as uuid from 'uuid';
 import views from '../../views';
 import { URL } from 'url';
+import { checkUsernameByHanatan } from '../hanatan';

 var Filter = require('bad-words-chinese');
 var dirtyWords = require('../dirtyWordsChinese.json');
@@ -140,10 +141,14 @@ export const UpdateAccount = async (ctx: Context) => {
            ctx.throw('i_username_exists', 400);
        }

+        if (await checkUsernameByHanatan(u.username)) { 
+            ctx.throw('i_username_illegal', 400);
+        }
+
        if (u.username != user.username) {
            const historyRep = getEntityManager().getRepository(UserNameChangeHistory);
            let changeHistory = new UserNameChangeHistory(user.username, u.username, u.user_id);
-            historyRep.save(changeHistory);
+            await historyRep.save(changeHistory);
        }

        user.username = u.username;

--- a/src/mail.ts
+++ b/src/mail.ts
@@ -9,7 +9,7 @@ let tp = nodemailer.createTransport({
        pass: config.Mail.SMTP_PASSWORD
    },
    secure: config.Mail.SMTP_SECURE
-});
+} as any);


 export default tp;
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -5,7 +5,6 @@
    "target": "es2017",
    "emitDecoratorMetadata": true,
    "experimentalDecorators": true,
-    "strictNullChecks": true,
    "skipLibCheck": true
  },
  "exclude": [

--- a/yarn.lock
+++ b/yarn.lock