탐색 도움말
가입하기 로그인
kylx365
/
miaoguo_system_server
Watch 2
Star 0
포크 0
파일 이슈 0 풀 리퀘스트 0 위키
트리: 0de76122d9
브랜치 태그
miaoguo_syst...
/
src
/
api
/
common
/
commonController.js

commonController.js 7.5 KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247 
  1. import moment from 'moment';
    2. 

  2. import fs from 'fs';
    3. 

  3. import { promises as fsPromises } from 'fs';
    4. 

  4. import config from '../../config/index.js';
    5. 

  5. import _ from 'lodash';
    6. 

  6. import path from 'path';
    7. 

  7. import gm from 'gm';
    8. 

  8. import axios from 'axios';
    9. 

  9. import COS from 'cos-nodejs-sdk-v5';
    10. 

  10. import { uploadSingle } from '../../middleware/upload.js';
    11. 

  11. import { globalState } from '../../util/globalState.js';
    12. 

  12. 

  13. const imageMagick = gm.subClass({ imageMagick: true });
    14. 

  14. 

  15. // 允许的文件类型
    16. 

  16. const ALLOWED_IMAGE_TYPES = new Set([
    17. 

  17.     'jpg', 'jpeg', 'png', 'bmp', 'heic', 'heif', 'webp', 'gif'
    18. 

  18. ]);
    19. 

  19. 

  20. const ALLOWED_AUDIO_TYPES = new Set([
    21. 

  21.     'aac', 'mp3', 'mp4', 'm4a', 'flac', 'ogg', 'ape', 'amr', 
    22. 

  22.     'wma', 'wav', 'aiff', 'caf'
    23. 

  23. ]);
    24. 

  24. 

  25. const BLOCKED_TYPES = new Set(['php', 'js', 'txt']);
    26. 

  26. 

  27. // 文件上传配置
    28. 

  28. const fileFilter = (req, file, cb) => {
    29. 

  29.     const extension = path.extname(file.originalname).toLowerCase().slice(1);
    30. 

  30.     
    31. 

  31.     if (BLOCKED_TYPES.has(extension)) {
    32. 

  32.         cb(new Error('不允许上传该类型的文件!'), false);
    33. 

  33.     } else if (ALLOWED_IMAGE_TYPES.has(extension) || ALLOWED_AUDIO_TYPES.has(extension)) {
    34. 

  34.         cb(null, true);
    35. 

  35.     } else {
    36. 

  36.         cb(new Error('文件格式不支持!'), false);
    37. 

  37.     }
    38. 

  38. };
    39. 

  39. 

  40. // 配置上传中间件
    41. 

  41. export const uploadMiddleware = uploadSingle('file', {
    42. 

  42.     dest: './public/uploads/',
    43. 

  43.     fileFilter,
    44. 

  44.     limits: {
    45. 

  45.         fileSize: 10 * 1024 * 1024 // 10MB
    46. 

  46.     }
    47. 

  47. });
    48. 

  48. 

  49. // 小程序文件上传控制器
    50. 

  50. export const UploadFile = async (ctx) => {
    51. 

  51.     try {
    52. 

  52.         const file = ctx.request.file;
    53. 

  53.         if (!file) {
    54. 

  54.             ctx.body = { errcode: 1002, errMsg: "文件上传错误!" };
    55. 

  55.             return;
    56. 

  56.         }
    57. 

  57. 

  58.         const extension = path.extname(file.originalname).toLowerCase().slice(1);
    59. 

  59.         const filename = file.filename;
    60. 

  60.         const filepath = file.path;
    61. 

  61. 

  62.         if (ALLOWED_IMAGE_TYPES.has(extension)) {
    63. 

  63.             await checkImage(filename, filepath);
    64. 

  64.         } else if (ALLOWED_AUDIO_TYPES.has(extension)) {
    65. 

  65.             await uploadFile(filename, filepath);
    66. 

  66.         }
    67. 

  67. 

  68.         ctx.body = {
    69. 

  69.             errcode: 10000,
    70. 

  70.             result: {
    71. 

  71.                 Source: file.originalname,
    72. 

  72.                 Target: filename
    73. 

  73.             }
    74. 

  74.         };
    75. 

  75. 

  76.     } catch (error) {
    77. 

  77.         console.error('Upload error:', error);
    78. 

  78.         ctx.body = { errcode: 1001, errMsg: error.message || "上传失败!" };
    79. 

  79.         
    80. 

  80.         // 清理临时文件
    81. 

  81.         if (ctx.request.file && ctx.request.file.path) {
    82. 

  82.             try {
    83. 

  83.                 await fsPromises.unlink(ctx.request.file.path);
    84. 

  84.             } catch (e) {
    85. 

  85.                 console.error('Failed to clean up temp file:', e);
    86. 

  86.             }
    87. 

  87.         }
    88. 

  88.     }
    89. 

  89. 

  90.     // 安全清理定时器
    91. 

  91.     setTimeout(async () => {
    92. 

  92.         try {
    93. 

  93.             const filepath = './public/uploads/';
    94. 

  94.             const files = await fsPromises.readdir(filepath);
    95. 

  95.             
    96. 

  96.             for (const file of files) {
    97. 

  97.                 const extension = path.extname(file).toLowerCase();
    98. 

  98.                 if (BLOCKED_TYPES.has(extension.slice(1))) {
    99. 

  99.                     await fsPromises.unlink(path.join(filepath, file));
    100. 

  100.                 }
    101. 

  101.             }
    102. 

  102.         } catch (error) {
    103. 

  103.             console.error('Security cleanup error:', error);
    104. 

  104.         }
    105. 

  105.     }, 5000);
    106. 

  106. };
    107. 

  107. 

  108. // 检查并处理图片
    109. 

  109. async function checkImage(filename, filepath) {
    110. 

  110.     if (!await fsPromises.stat(filepath)) {
    111. 

  111.         throw new Error('文件不存在');
    112. 

  112.     }
    113. 

  113. 

  114.     const stats = await fsPromises.stat(filepath);
    115. 

  115.     if (stats.size >= 126976) {
    116. 

  116.         const maxSize = 750;
    117. 

  117.         
    118. 

  118.         return new Promise((resolve, reject) => {
    119. 

  119.             imageMagick(filepath).size((err, size) => {
    120. 

  120.                 if (err) {
    121. 

  121.                     reject(err);
    122. 

  122.                     return;
    123. 

  123.                 }
    124. 

  124. 

  125.                 if (size.width > maxSize || size.height > maxSize) {
    126. 

  126.                     imageMagick(filepath)
    127. 

  127.                         .resize(maxSize, maxSize)
    128. 

  128.                         .write(filepath, async () => {
    129. 

  129.                             try {
    130. 

  130.                                 await uploadImage(filename, filepath);
    131. 

  131.                                 resolve();
    132. 

  132.                             } catch (error) {
    133. 

  133.                                 reject(error);
    134. 

  134.                             }
    135. 

  135.                         });
    136. 

  136.                 } else {
    137. 

  137.                     uploadImage(filename, filepath).then(resolve).catch(reject);
    138. 

  138.                 }
    139. 

  139.             });
    140. 

  140.         });
    141. 

  141.     } else {
    142. 

  142.         await uploadImage(filename, filepath);
    143. 

  143.     }
    144. 

  144. }
    145. 

  145. 

  146. // 上传图片到腾讯云
    147. 

  147. async function uploadImage(filename, filepath) {
    148. 

  148.     const cos = new COS(config.QCloud);
    149. 

  149.     
    150. 

  150.     const params = {
    151. 

  151.         Bucket: 'miaguo-1253256735',
    152. 

  152.         Region: 'ap-guangzhou',
    153. 

  153.         Key: filename,
    154. 

  154.         Body: fs.createReadStream(filepath),
    155. 

  155.         ContentLength: fs.statSync(filepath).size
    156. 

  156.     };
    157. 

  157. 

  158.     return new Promise((resolve, reject) => {
    159. 

  159.         cos.putObject(params, (err, data) => {
    160. 

  160.             if (err) {
    161. 

  161.                 reject(err);
    162. 

  162.             } else {
    163. 

  163.                 fsPromises.unlink(filepath)
    164. 

  164.                     .then(() => resolve(data))
    165. 

  165.                     .catch(reject);
    166. 

  166.             }
    167. 

  167.         });
    168. 

  168.     });
    169. 

  169. }
    170. 

  170. 

  171. // 上传文件到腾讯云
    172. 

  172. async function uploadFile(filename, filepath) {
    173. 

  173.     const cos = new COS(config.QCloud);
    174. 

  174.     
    175. 

  175.     const params = {
    176. 

  176.         Bucket: 'miaguo-1253256735',
    177. 

  177.         Region: 'ap-guangzhou',
    178. 

  178.         Key: filename,
    179. 

  179.         Body: fs.createReadStream(filepath),
    180. 

  180.         ContentLength: fs.statSync(filepath).size
    181. 

  181.     };
    182. 

  182. 

  183.     return new Promise((resolve, reject) => {
    184. 

  184.         cos.putObject(params, (err, data) => {
    185. 

  185.             if (err) {
    186. 

  186.                 reject(err);
    187. 

  187.             } else {
    188. 

  188.                 fsPromises.unlink(filepath)
    189. 

  189.                     .then(() => resolve(data))
    190. 

  190.                     .catch(reject);
    191. 

  191.             }
    192. 

  192.         });
    193. 

  193.     });
    194. 

  194. }
    195. 

  195. 

  196. export async function GetBaiduToken (ctx) {
    197. 

  197.     const { Code, ProgramID } = ctx.query;
    198. 

  198.     
    199. 

  199.     let appid = '', secret = '';
    200. 

  200.     
    201. 

  201.     switch (ProgramID) {
    202. 

  202.         case '99':
    203. 

  203.             appid = config.wx.phonics_appid;
    204. 

  204.             secret = config.wx.phonics_appsecret;
    205. 

  205.             break;
    206. 

  206.         case '166':
    207. 

  207.             appid = config.wx.miaoguo_appid;
    208. 

  208.             secret = config.wx.miaoguo_appsecret;
    209. 

  209.             break;
    210. 

  210.         case '105':
    211. 

  211.             appid = config.wx.math_appid;
    212. 

  212.             secret = config.wx.math_appsecret;
    213. 

  213.             break;
    214. 

  214.         case '164':
    215. 

  215.             appid = config.wx.mathStar_appid;
    216. 

  216.             secret = config.wx.mathStar_appsecret;
    217. 

  217.             break;
    218. 

  218.     }
    219. 

  219. 

  220.     const url = `https://api.weixin.qq.com/sns/jscode2session?appid=${appid}&secret=${secret}&js_code=${Code}&grant_type=authorization_code`;
    221. 

  221. 

  222.     const resultLogin = await axios.get(url)
    223. 

  223.         .then(response => {
    224. 

  224.             const json = response.data;
    225. 

  225.             return json.openid ? { errcode: 10000 } : { errcode: 102 };
    226. 

  226.         })
    227. 

  227.         .catch(err => ({ errcode: 101, errStr: err }));
    228. 

  228. 

  229.     let result = 0;
    230. 

  230.     if (resultLogin.errcode === 10000) {
    231. 

  231.         result = globalState.getBufferMemory('BaiduToken');
    232. 

  232.         if (result === 0) {
    233. 

  233.             const baiduUrl = 'https://openapi.baidu.com/oauth/2.0/token?grant_type=client_credentials&client_id=9r1Idx1mgMONvElxU3KGE5Gi&client_secret=f4f606f1a5c0b4eaf800e1e046802d81';
    234. 

  234.             result = await axios.get(baiduUrl)
    235. 

  235.                 .then(response => {
    236. 

  236.                     const json = response.data;
    237. 

  237.                     if (json.access_token) {
    238. 

  238.                         globalState.SetBufferMemory('BaiduToken', json.access_token, config.BufferMemoryTimeHigh);
    239. 

  239.                         return json.access_token;
    240. 

  240.                     }
    241. 

  241.                     return 0;
    242. 

  242.                 });
    243. 

  243.         }
    244. 

  244.     }
    245. 

  245. 

  246.     ctx.body = { errcode: 10000, result };
    247. 

  247. }
    248.