mirror of
https://github.com/labring/FastGPT.git
synced 2025-10-15 07:31:19 +00:00
heheer
@@ -11,6 +11,35 @@ const nextConfig = {
|
||||
output: 'standalone',
|
||||
reactStrictMode: isDev ? false : true,
|
||||
compress: true,
|
||||
async headers() {
|
||||
return [
|
||||
{
|
||||
source: '/((?!chat/share$).*)',
|
||||
headers: [
|
||||
{
|
||||
key: 'X-Frame-Options',
|
||||
value: 'DENY'
|
||||
},
|
||||
{
|
||||
key: 'X-Content-Type-Options',
|
||||
value: 'nosniff'
|
||||
},
|
||||
{
|
||||
key: 'X-XSS-Protection',
|
||||
value: '1; mode=block'
|
||||
},
|
||||
{
|
||||
key: 'Referrer-Policy',
|
||||
value: 'strict-origin-when-cross-origin'
|
||||
},
|
||||
{
|
||||
key: 'Permissions-Policy',
|
||||
value: 'geolocation=(self), microphone=(self), camera=(self)'
|
||||
}
|
||||
]
|
||||
}
|
||||
];
|
||||
},
|
||||
webpack(config, { isServer, nextRuntime }) {
|
||||
Object.assign(config.resolve.alias, {
|
||||
'@mongodb-js/zstd': false,
|
||||
@@ -85,7 +114,7 @@ const nextConfig = {
|
||||
'pg',
|
||||
'bullmq',
|
||||
'@zilliz/milvus2-sdk-node',
|
||||
"tiktoken",
|
||||
'tiktoken'
|
||||
],
|
||||
outputFileTracingRoot: path.join(__dirname, '../../'),
|
||||
instrumentationHook: true
|
||||
|
||||
@@ -18,9 +18,12 @@ import { MongoTeamMember } from '@fastgpt/service/support/user/team/teamMemberSc
|
||||
import type { ChatSourceEnum } from '@fastgpt/global/core/chat/constants';
|
||||
import { ChatItemValueTypeEnum } from '@fastgpt/global/core/chat/constants';
|
||||
import { type AIChatItemValueItemType } from '@fastgpt/global/core/chat/type';
|
||||
import { sanitizeCsvField } from '@fastgpt/service/common/file/csv';
|
||||
|
||||
const formatJsonString = (data: any) => {
|
||||
return JSON.stringify(data).replace(/"/g, '""').replace(/\n/g, '\\n');
|
||||
if (data == null) return '';
|
||||
const jsonStr = JSON.stringify(data).replace(/"/g, '""').replace(/\n/g, '\\n');
|
||||
return sanitizeCsvField(jsonStr);
|
||||
};
|
||||
|
||||
export type ExportChatLogsBody = GetAppChatLogsProps & {
|
||||
@@ -258,7 +261,14 @@ async function handler(req: ApiRequestProps<ExportChatLogsBody, {}>, res: NextAp
|
||||
const markItemsStr = formatJsonString(markItems);
|
||||
const chatDetailsStr = formatJsonString(chatDetails);
|
||||
|
||||
const res = `\n"${time}","${source}","${tmbName}","${tmbContact}","${title}","${messageCount}","${userGoodFeedbackItemsStr}","${userBadFeedbackItemsStr}","${customFeedbackItemsStr}","${markItemsStr}","${chatDetailsStr}"`;
|
||||
const sanitizedTime = sanitizeCsvField(time);
|
||||
const sanitizedSource = sanitizeCsvField(source);
|
||||
const sanitizedTmbName = sanitizeCsvField(tmbName);
|
||||
const sanitizedTmbContact = sanitizeCsvField(tmbContact);
|
||||
const sanitizedTitle = sanitizeCsvField(title);
|
||||
const sanitizedMessageCount = sanitizeCsvField(messageCount);
|
||||
|
||||
const res = `\n${sanitizedTime},${sanitizedSource},${sanitizedTmbName},${sanitizedTmbContact},${sanitizedTitle},${sanitizedMessageCount},${userGoodFeedbackItemsStr},${userBadFeedbackItemsStr},${customFeedbackItemsStr},${markItemsStr},${chatDetailsStr}`;
|
||||
|
||||
write(res);
|
||||
});
|
||||
|
||||
@@ -12,6 +12,7 @@ import { MongoDatasetData } from '@fastgpt/service/core/dataset/data/schema';
|
||||
import { authDatasetCollection } from '@fastgpt/service/support/permission/dataset/auth';
|
||||
import { type ApiRequestProps } from '@fastgpt/service/type/next';
|
||||
import { type NextApiResponse } from 'next';
|
||||
import { sanitizeCsvField } from '@fastgpt/service/common/file/csv';
|
||||
|
||||
export type ExportCollectionBody = {
|
||||
collectionId: string;
|
||||
@@ -109,10 +110,10 @@ async function handler(req: ApiRequestProps<ExportCollectionBody, {}>, res: Next
|
||||
write(`\uFEFFindex,content`);
|
||||
|
||||
cursor.on('data', (doc) => {
|
||||
const q = doc.q.replace(/"/g, '""') || '';
|
||||
const a = doc.a.replace(/"/g, '""') || '';
|
||||
const sanitizedQ = sanitizeCsvField(doc.q || '');
|
||||
const sanitizedA = sanitizeCsvField(doc.a || '');
|
||||
|
||||
write(`\n"${q}","${a}"`);
|
||||
write(`\n${sanitizedQ},${sanitizedA}`);
|
||||
});
|
||||
|
||||
cursor.on('end', () => {
|
||||
|
||||
@@ -13,6 +13,7 @@ import { WritePermissionVal } from '@fastgpt/global/support/permission/constant'
|
||||
import { CommonErrEnum } from '@fastgpt/global/common/error/code/common';
|
||||
import { readFromSecondary } from '@fastgpt/service/common/mongo/utils';
|
||||
import type { DatasetDataSchemaType } from '@fastgpt/global/core/dataset/type';
|
||||
import { sanitizeCsvField } from '@fastgpt/service/common/file/csv';
|
||||
|
||||
type DataItemType = {
|
||||
_id: string;
|
||||
@@ -76,11 +77,11 @@ async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
|
||||
write(`\uFEFFq,a,indexes`);
|
||||
|
||||
cursor.on('data', (doc: DataItemType) => {
|
||||
const q = doc.q.replace(/"/g, '""') || '';
|
||||
const a = doc.a.replace(/"/g, '""') || '';
|
||||
const indexes = doc.indexes.map((i) => `"${i.text.replace(/"/g, '""')}"`).join(',');
|
||||
const sanitizedQ = sanitizeCsvField(doc.q || '');
|
||||
const sanitizedA = sanitizeCsvField(doc.a || '');
|
||||
const sanitizedIndexes = doc.indexes.map((i) => sanitizeCsvField(i.text || '')).join(',');
|
||||
|
||||
write(`\n"${q}","${a}",${indexes}`);
|
||||
write(`\n${sanitizedQ},${sanitizedA},${sanitizedIndexes}`);
|
||||
});
|
||||
|
||||
cursor.on('end', () => {
|
||||
|
||||
@@ -4,6 +4,7 @@ import { MongoUser } from '@fastgpt/service/support/user/schema';
|
||||
import { NextAPI } from '@/service/middleware/entry';
|
||||
import { i18nT } from '@fastgpt/web/i18n/utils';
|
||||
import { checkPswExpired } from '@/service/support/user/account/password';
|
||||
import { delUserAllSession } from '@fastgpt/service/support/user/session';
|
||||
|
||||
export type resetExpiredPswQuery = {};
|
||||
|
||||
@@ -18,7 +19,7 @@ async function resetExpiredPswHandler(
|
||||
res: ApiResponseType<resetExpiredPswResponse>
|
||||
): Promise<resetExpiredPswResponse> {
|
||||
const newPsw = req.body.newPsw;
|
||||
const { userId } = await authCert({ req, authToken: true });
|
||||
const { userId, sessionId } = await authCert({ req, authToken: true });
|
||||
const user = await MongoUser.findById(userId, 'passwordUpdateTime').lean();
|
||||
|
||||
if (!user) {
|
||||
@@ -43,6 +44,8 @@ async function resetExpiredPswHandler(
|
||||
}
|
||||
);
|
||||
|
||||
await delUserAllSession(userId, [sessionId]);
|
||||
|
||||
return {};
|
||||
}
|
||||
|
||||
|
||||
@@ -7,6 +7,8 @@ import { i18nT } from '@fastgpt/web/i18n/utils';
|
||||
import { NextAPI } from '@/service/middleware/entry';
|
||||
import { addAuditLog } from '@fastgpt/service/support/user/audit/util';
|
||||
import { AuditEventEnum } from '@fastgpt/global/support/user/audit/constants';
|
||||
import { delUserAllSession } from '@fastgpt/service/support/user/session';
|
||||
import { parseHeaderCert } from '@fastgpt/service/support/permission/controller';
|
||||
async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
|
||||
const { oldPsw, newPsw } = req.body as { oldPsw: string; newPsw: string };
|
||||
|
||||
@@ -14,7 +16,7 @@ async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
|
||||
return Promise.reject('Params is missing');
|
||||
}
|
||||
|
||||
const { tmbId, teamId } = await authCert({ req, authToken: true });
|
||||
const { tmbId, teamId, sessionId } = await authCert({ req, authToken: true });
|
||||
const tmb = await MongoTeamMember.findById(tmbId);
|
||||
if (!tmb) {
|
||||
return Promise.reject('can not find it');
|
||||
@@ -40,6 +42,8 @@ async function handler(req: NextApiRequest, res: NextApiResponse<any>) {
|
||||
passwordUpdateTime: new Date()
|
||||
});
|
||||
|
||||
await delUserAllSession(userId, [sessionId]);
|
||||
|
||||
(async () => {
|
||||
addAuditLog({
|
||||
tmbId,
|
||||
|
||||
Reference in New Issue
Block a user