diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..c6ee501 --- /dev/null +++ b/.env.example @@ -0,0 +1 @@ +SESSION_SECRET=随机字符串 \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index bc68660..97103e9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,6 +10,7 @@ RUN apk add --no-cache python3 make g++ gcc dos2unix COPY --chown=bun:bun ./package.json ./package.json COPY --chown=bun:bun ./bun.lockb ./bun.lockb COPY --chown=bun:bun ./knexfile.mjs ./knexfile.mjs +COPY --chown=bun:bun ./.env.production ./.env.production COPY --chown=bun:bun ./jsconfig.json ./jsconfig.json COPY --chown=bun:bun ./src ./src COPY --chown=bun:bun ./public ./public diff --git a/database/development.sqlite3-shm b/database/development.sqlite3-shm index c28f600..305ac6f 100644 Binary files a/database/development.sqlite3-shm and b/database/development.sqlite3-shm differ diff --git a/src/global.js b/src/global.js new file mode 100644 index 0000000..08d4e0f --- /dev/null +++ b/src/global.js @@ -0,0 +1,17 @@ +import Koa from "koa" + +const app = new Koa() + +app.keys = [] + +if (!process.env.SESSION_SECRET) { + logger.warn("警告:环境变量SESSION_SECRET 未设置。请设置 SESSION_SECRET 以确保会话安全。") + process.exit(1) +} else { + process.env.SESSION_SECRET.split(",").forEach(secret => { + app.keys.push(secret) + }) +} + +export { app } +export default app \ No newline at end of file diff --git a/src/main.js b/src/main.js index 560618d..7f27c89 100644 --- a/src/main.js +++ b/src/main.js @@ -1,16 +1,14 @@ +import { app } from "./global" // 日志、全局插件、定时任务等基础设施 import { logger } from "./logger.js" import "./jobs/index.js" // 第三方依赖 -import Koa from "koa" import os from "os" // 应用插件与自动路由 import LoadMiddlewares from "./middlewares/install.js" -const app = new Koa() - // 注册插件 LoadMiddlewares(app) @@ -31,10 +29,13 @@ const server = app.listen(PORT, () => { return "localhost" } const localIP = getLocalIP() - logger.trace(`===================【服务器地址】====================`) - logger.trace(` http://localhost:${port} (本地地址) `) - logger.trace(` http://${localIP}:${port} (本地地址) `) - logger.trace(`===================【服务器地址】====================`) + logger.trace(`──────────────────── 服务器已启动 ────────────────────`) + logger.trace(` `) + logger.trace(` 本地访问: http://localhost:${port} `) + logger.trace(` 局域网: http://${localIP}:${port} `) + logger.trace(` `) + logger.trace(` 服务启动时间: ${new Date().toLocaleString()} `) + logger.trace(`──────────────────────────────────────────────────────\n`) }) export default app diff --git a/src/middlewares/Session/index.js b/src/middlewares/Session/index.js index 0f88903..9a3f254 100644 --- a/src/middlewares/Session/index.js +++ b/src/middlewares/Session/index.js @@ -5,10 +5,9 @@ export default (app) => { key: 'koa:sess', // cookie key maxAge: 86400000, // 1天 httpOnly: true, - signed: true, + signed: true, // 将 cookie 的内容通过密钥进行加密。需配置app.keys rolling: false, renew: false, }; - app.keys = app.keys || ['koa3-demo-session-secret']; return session(CONFIG, app); }; diff --git a/src/views/layouts/empty.pug b/src/views/layouts/empty.pug index 5011437..bc820f8 100644 --- a/src/views/layouts/empty.pug +++ b/src/views/layouts/empty.pug @@ -15,7 +15,10 @@ block $$content #{$site.site_title} // 桌面端菜单 .left.menu.desktop-only - a.menu-item(href="/articles") 所有文章 + a.menu-item( + href="/articles" + class=(currentPath === '/articles' || currentPath === '/articles/' ? 'text-blue-600 font-semibold underline' : '') + ) 所有文章 if !isLogin .right.menu.desktop-only a.menu-item(href="/login") 登录