GithubHelp home page GithubHelp logo

flicker-be's Introduction

Flicker-BE

简介

Flicker闪卡的后端,同时也是华科CS2019的软件工程Project。

Flicker是一个基于 Web 平台的知识分享、学习与记忆平台,且支持更高的可定制化程度、更广的学习内容覆盖面。

项目结构

├─config - 读取并解析配置文件
├─configs - 放置配置文件
├─constant - 定义全局常量
├─controller - controller层,负责处理请求
│  └─param - 定义前后端交互的参数类型
├─docs - 放置文档
├─middleware - 自定义中间件
├─model - model层,负责与数据库交互
├─router - 路由
└─util - 工具
    ├─context - 全局上下文工具
    └─log - logger

部署

依赖:

  • docker
  • docker-compose
git clone https://github.com/woolen-sheep/Flicker-BE.git
cd Flicker-BE
go build -o app
sudo docker-compose up --build

flicker-be's People

Contributors

ueqri avatar woolen-sheep avatar xiong35 avatar

Stargazers

avatar avatar

Watchers

avatar

Forkers

xiong35

flicker-be's Issues

feat: 支持评论API

  • 需要支持以下功能
  • 为考虑可扩展性(比如如果将来需要支持回复),评论需要存在单独一个collectioncomment中,并记录所属的card_id
  • 存储数据时请考虑留出之后可能有的点赞相关的字段,必要时修改API定义,并更新docs/api.md中的对应内容

POST /:id/comment 发表评论

请求参数

  • id:路径参数,必需,卡片id
  • comment:字符串,必需,评论内容

请求示例

{
    "comment":"comment"
}

响应参数

评论id

响应示例

"ok"

GET /:id/comment 获取评论列表

请求参数

  • id:路径参数,必需,卡片id

响应参数

评论数组

响应示例

[
    {
    	"comment":"comment"
	},
    {
    	"comment":"comment"
    }
]

DELETE /:id/comment/:comment_id 删除评论

请求参数

  • id:路径参数,必需,卡片id
  • comment_id:路径参数,必需,评论id

响应参数

无额外参数

响应示例

"ok"

同学,您这个项目引入了97个开源组件,存在1个漏洞,辛苦升级一下

检测到 woolen-sheep/Flicker-BE 一共引入了97个开源组件,存在1个漏洞

漏洞标题:jwt-go 安全漏洞
缺陷组件:github.com/dgrijalva/[email protected]+incompatible
漏洞编号:CVE-2020-26160
漏洞描述:jwt-go是个人开发者的一个Go语言的JWT实现。
jwt-go 4.0.0-preview1之前版本存在安全漏洞。攻击者可利用该漏洞在使用[]string{} for m[\"aud\"](规范允许)的情况下绕过预期的访问限制。
影响范围:(∞, 4.0.0-preview1)
最小修复版本:4.0.0-preview1
缺陷组件引入路径:github.com/woolen-sheep/Flicker-BE@->github.com/dgrijalva/[email protected]+incompatible

另外还有几个漏洞,详细报告:https://mofeisec.com/jr?p=ia4ca4

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.