From 5d67f06a603fc7db402b33d3fa63cee3500594bb Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Sun, 17 May 2026 21:35:30 +0800 Subject: [PATCH] fix: bind qdreader cookies to real autman user --- js/qdreader_sign_autman.js | 26 +++++++++++++------- plugins/qdreader/qdreader_sign_autman.js | 26 +++++++++++++------- tests/qdreader_plugin.test.mjs | 30 +++++++++++++++++------- 3 files changed, 58 insertions(+), 24 deletions(-) diff --git a/js/qdreader_sign_autman.js b/js/qdreader_sign_autman.js index 363a98d..d08ba31 100644 --- a/js/qdreader_sign_autman.js +++ b/js/qdreader_sign_autman.js @@ -4,7 +4,7 @@ //[author: Hermes] //[service: BOSS] //[class: 工具类] -//[version: 2.3.9] +//[version: 2.4.0] //[platform: web,qq,wx,tg,tb,fs,we] //[public: false] //[price: 0] @@ -26,7 +26,6 @@ var RETRY_KEY = "qdreader_retry_count" var CRON_SILENT_KEY = "qdreader_cron_silent" var LAST_RESULT_KEY = "qdreader_last_result_json" var LAST_RUN_KEY = "qdreader_last_run_json" -var DEFAULT_OWNER = "__qdreader_default_owner__" var DEFAULT_SIGN_API = "https://api.120399.xyz/qdreader" var QIDIAN_BASE = "https://h5.if.qidian.com" var CHECKIN_PATH = "/argus/api/v3/checkin/checkin" @@ -113,22 +112,32 @@ function callNoArg(obj, name) { } function currentUserId() { var v = "" - var names = ["getUserID", "getUserId", "getUserid", "getUser", "getSenderID", "getSenderId", "getSender", "getFromUserID", "getFromUserId", "getChatID", "getChatId"] - try { if (typeof sender !== "undefined" && sender) for (var i = 0; i < names.length && !v; i++) v = callNoArg(sender, names[i]) || "" } catch (e) {} - var globals = ["userId", "userID", "uid", "senderID", "senderId", "chatId", "chatID", "fromUserId", "fromUserID"] + try { if (typeof GetUserID === "function") v = GetUserID() || "" } catch (e) {} + try { if (!v && typeof Sender !== "undefined" && Sender && typeof Sender.GetUserID === "function") v = Sender.GetUserID() || "" } catch (e) {} + var names = ["getUserID", "getUserId", "getUserid", "getUser", "getSenderID", "getSenderId", "getSender", "getFromUserID", "getFromUserId"] + try { if (!v && typeof sender !== "undefined" && sender) for (var i = 0; i < names.length && !v; i++) v = callNoArg(sender, names[i]) || "" } catch (e) {} + var globals = ["userId", "userID", "senderID", "senderId", "fromUserId", "fromUserID"] for (var j = 0; j < globals.length && !v; j++) { try { if (typeof this[globals[j]] !== "undefined") v = this[globals[j]] || "" } catch (e) {} } for (var k = 0; k < names.length && !v; k++) { try { if (typeof this[names[k]] === "function") v = this[names[k]]() || "" } catch (e) {} } return trim(v) } function currentOwnerId() { - return currentUserId() || DEFAULT_OWNER + return currentUserId() } function currentUserDebug() { var parts = [] + var fns = ["GetUserID", "GetChatID", "GetImType", "ImType", "GetUsername"] + for (var f = 0; f < fns.length; f++) try { if (typeof this[fns[f]] === "function") { var gv = this[fns[f]](); parts.push(fns[f] + "=" + (gv ? maskUid(String(gv)) : "空")) } } catch (e) {} + try { if (typeof Sender !== "undefined" && Sender) { + var snames = ["GetUserID", "GetChatID", "GetImType", "GetUsername"] + for (var s = 0; s < snames.length; s++) if (typeof Sender[snames[s]] === "function") { + var sv = Sender[snames[s]](); parts.push("Sender." + snames[s] + "=" + (sv ? maskUid(String(sv)) : "空")) + } + } } catch (e) {} try { if (typeof sender !== "undefined" && sender) { var names = ["getUserID", "getUserId", "getUserid", "getUser", "getSenderID", "getSenderId", "getSender", "getFromUserID", "getFromUserId", "getChatID", "getChatId", "getImtype"] for (var i = 0; i < names.length; i++) if (typeof sender[names[i]] === "function") { - var v = callNoArg(sender, names[i]); parts.push(names[i] + "=" + (v ? maskUid(String(v)) : "空")) + var v = callNoArg(sender, names[i]); parts.push("sender." + names[i] + "=" + (v ? maskUid(String(v)) : "空")) } } } catch (e) {} return parts.length ? parts.join("; ") : "未发现可用用户方法" @@ -233,7 +242,7 @@ function contentText() { } function usage() { return [ - "启点读书签到插件 v2.3.9", + "启点读书签到插件 v2.4.0", "【一级菜单】", "账号管理:启点账号", "执行查询:启点查询", @@ -633,6 +642,7 @@ function handleSaveCookie(arg, store, bind) { var entries = normalizeCookieInput(arg) if (!entries.length) return { ok: false, text: "未识别到 Cookie。请发送:启点ck {\"uid\":\"cookie\"} 或 启点ck ", uids: [] } var me = currentOwnerId() + if (!me) return { ok: false, text: "无法识别当前用户,已拒绝保存CK,避免错误绑定。请确认插件在聊天会话中触发;诊断: " + currentUserDebug(), uids: [] } var lines = [] var savedUids = [] for (var i = 0; i < entries.length; i++) { diff --git a/plugins/qdreader/qdreader_sign_autman.js b/plugins/qdreader/qdreader_sign_autman.js index 363a98d..d08ba31 100644 --- a/plugins/qdreader/qdreader_sign_autman.js +++ b/plugins/qdreader/qdreader_sign_autman.js @@ -4,7 +4,7 @@ //[author: Hermes] //[service: BOSS] //[class: 工具类] -//[version: 2.3.9] +//[version: 2.4.0] //[platform: web,qq,wx,tg,tb,fs,we] //[public: false] //[price: 0] @@ -26,7 +26,6 @@ var RETRY_KEY = "qdreader_retry_count" var CRON_SILENT_KEY = "qdreader_cron_silent" var LAST_RESULT_KEY = "qdreader_last_result_json" var LAST_RUN_KEY = "qdreader_last_run_json" -var DEFAULT_OWNER = "__qdreader_default_owner__" var DEFAULT_SIGN_API = "https://api.120399.xyz/qdreader" var QIDIAN_BASE = "https://h5.if.qidian.com" var CHECKIN_PATH = "/argus/api/v3/checkin/checkin" @@ -113,22 +112,32 @@ function callNoArg(obj, name) { } function currentUserId() { var v = "" - var names = ["getUserID", "getUserId", "getUserid", "getUser", "getSenderID", "getSenderId", "getSender", "getFromUserID", "getFromUserId", "getChatID", "getChatId"] - try { if (typeof sender !== "undefined" && sender) for (var i = 0; i < names.length && !v; i++) v = callNoArg(sender, names[i]) || "" } catch (e) {} - var globals = ["userId", "userID", "uid", "senderID", "senderId", "chatId", "chatID", "fromUserId", "fromUserID"] + try { if (typeof GetUserID === "function") v = GetUserID() || "" } catch (e) {} + try { if (!v && typeof Sender !== "undefined" && Sender && typeof Sender.GetUserID === "function") v = Sender.GetUserID() || "" } catch (e) {} + var names = ["getUserID", "getUserId", "getUserid", "getUser", "getSenderID", "getSenderId", "getSender", "getFromUserID", "getFromUserId"] + try { if (!v && typeof sender !== "undefined" && sender) for (var i = 0; i < names.length && !v; i++) v = callNoArg(sender, names[i]) || "" } catch (e) {} + var globals = ["userId", "userID", "senderID", "senderId", "fromUserId", "fromUserID"] for (var j = 0; j < globals.length && !v; j++) { try { if (typeof this[globals[j]] !== "undefined") v = this[globals[j]] || "" } catch (e) {} } for (var k = 0; k < names.length && !v; k++) { try { if (typeof this[names[k]] === "function") v = this[names[k]]() || "" } catch (e) {} } return trim(v) } function currentOwnerId() { - return currentUserId() || DEFAULT_OWNER + return currentUserId() } function currentUserDebug() { var parts = [] + var fns = ["GetUserID", "GetChatID", "GetImType", "ImType", "GetUsername"] + for (var f = 0; f < fns.length; f++) try { if (typeof this[fns[f]] === "function") { var gv = this[fns[f]](); parts.push(fns[f] + "=" + (gv ? maskUid(String(gv)) : "空")) } } catch (e) {} + try { if (typeof Sender !== "undefined" && Sender) { + var snames = ["GetUserID", "GetChatID", "GetImType", "GetUsername"] + for (var s = 0; s < snames.length; s++) if (typeof Sender[snames[s]] === "function") { + var sv = Sender[snames[s]](); parts.push("Sender." + snames[s] + "=" + (sv ? maskUid(String(sv)) : "空")) + } + } } catch (e) {} try { if (typeof sender !== "undefined" && sender) { var names = ["getUserID", "getUserId", "getUserid", "getUser", "getSenderID", "getSenderId", "getSender", "getFromUserID", "getFromUserId", "getChatID", "getChatId", "getImtype"] for (var i = 0; i < names.length; i++) if (typeof sender[names[i]] === "function") { - var v = callNoArg(sender, names[i]); parts.push(names[i] + "=" + (v ? maskUid(String(v)) : "空")) + var v = callNoArg(sender, names[i]); parts.push("sender." + names[i] + "=" + (v ? maskUid(String(v)) : "空")) } } } catch (e) {} return parts.length ? parts.join("; ") : "未发现可用用户方法" @@ -233,7 +242,7 @@ function contentText() { } function usage() { return [ - "启点读书签到插件 v2.3.9", + "启点读书签到插件 v2.4.0", "【一级菜单】", "账号管理:启点账号", "执行查询:启点查询", @@ -633,6 +642,7 @@ function handleSaveCookie(arg, store, bind) { var entries = normalizeCookieInput(arg) if (!entries.length) return { ok: false, text: "未识别到 Cookie。请发送:启点ck {\"uid\":\"cookie\"} 或 启点ck ", uids: [] } var me = currentOwnerId() + if (!me) return { ok: false, text: "无法识别当前用户,已拒绝保存CK,避免错误绑定。请确认插件在聊天会话中触发;诊断: " + currentUserDebug(), uids: [] } var lines = [] var savedUids = [] for (var i = 0; i < entries.length; i++) { diff --git a/tests/qdreader_plugin.test.mjs b/tests/qdreader_plugin.test.mjs index a76b2a3..fa22712 100644 --- a/tests/qdreader_plugin.test.mjs +++ b/tests/qdreader_plugin.test.mjs @@ -22,6 +22,7 @@ function runPlugin({ content = '', store = {}, bucketStore = {}, requests = [], console, Buffer, sender: { ...baseSender, ...senderOverrides }, + GetUserID: () => userId, GetContent: () => content, getContent: () => content, get: (key) => store[key] || '', @@ -142,6 +143,18 @@ test('mis-keyed ywguid remark is migrated to saved uid on account list', () => { assert.equal(JSON.parse(r.store.qdreader_remark_json)['120098575768'], undefined); }); +test('quick submit can bind user from official global GetUserID', () => { + const r = runPlugin({ + content: '启点ck ' + cookie, + userId: '', + senderOverrides: { getUserID: undefined }, + globals: { GetUserID: () => 'official-100' }, + listens: ['n'], + }); + assert.match(r.replies.join('\n'), /CK新增成功/); + assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], 'official-100'); +}); + test('quick submit can bind user from alternate Autman sender fields', () => { const r = runPlugin({ content: '启点ck ' + cookie, @@ -153,16 +166,17 @@ test('quick submit can bind user from alternate Autman sender fields', () => { assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], 'sender-42'); }); -test('quick submit uses default local owner when Autman JS has no user identity', () => { +test('quick submit rejects save when Autman JS has no user identity', () => { const r = runPlugin({ content: '启点ck ' + cookie, userId: '', senderOverrides: { getUserID: undefined }, + globals: { GetUserID: undefined }, listens: ['n'], }); - assert.match(r.replies.join('\n'), /CK新增成功/); - assert.doesNotMatch(r.replies.join('\n'), /无法识别当前用户/); - assert.equal(JSON.parse(r.store.qdreader_user_bind_json)['12345'], '__qdreader_default_owner__'); + assert.match(r.replies.join('\n'), /无法识别当前用户/); + assert.doesNotMatch(r.replies.join('\n'), /CK新增成功/); + assert.equal(r.store.qdreader_user_bind_json, undefined); }); test('manual sign and cron sign both call sign gateway then qidian checkin', () => { @@ -189,7 +203,7 @@ test('manual sign and cron sign both call sign gateway then qidian checkin', () assert.equal(JSON.parse(cron.store.qdreader_last_run_json).source, 'cron'); }); -test('bucketGet/bucketSet fallback saves with default owner when user identity is absent', () => { +test('bucketGet/bucketSet fallback rejects when user identity is absent', () => { const replies = []; const bucketStore = {}; const ctx = { @@ -202,9 +216,9 @@ test('bucketGet/bucketSet fallback saves with default owner when user identity i }; vm.createContext(ctx); vm.runInContext(code, ctx, { filename: pluginPath }); - assert.match(replies.join('\n'), /CK新增成功/); - assert.equal(JSON.parse(bucketStore['hermes_qidian.qdreader_cookie_json'])['12345'], cookie); - assert.equal(JSON.parse(bucketStore['hermes_qidian.qdreader_user_bind_json'])['12345'], '__qdreader_default_owner__'); + assert.match(replies.join('\n'), /无法识别当前用户/); + assert.equal(bucketStore['hermes_qidian.qdreader_cookie_json'], undefined); + assert.equal(bucketStore['hermes_qidian.qdreader_user_bind_json'], undefined); }); test('hermes_qidian bucket values are read and written without legacy bucket fallback', () => {