goddonebianu/learn-languages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(anki): improve APKG import/export reliability

Browse Source 
- Use crypto.getRandomValues for GUID generation
- Use SHA1 checksum for consistent hashing
- Add proper deep cloning for note type fields/templates
- Improve unique ID generation with timestamp XOR random
- Add file size validation for APKG uploads

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
This commit is contained in:
goddonebianu
2026-03-13 15:10:34 +08:00
parent 49ad953add
commit cbb9326f84
3 changed files with 420 additions and 412 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
src/lib/anki/apkg-exporter.ts
View File

@@ -1,6 +1,7 @@
import JSZip from "jszip";
import initSqlJs from "sql.js";
import type { Database } from "sql.js";
import { createHash } from "crypto";
import type {
AnkiDeck,
AnkiNoteType,
@@ -10,30 +11,21 @@ import type {
AnkiRevlogRow,
} from "./types";
const FIELD_SEPARATOR = "\x1f";
const BASE91_CHARS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!#$%&()*+,-./:;<=>?@[]^_`{|}~";
function generateGuid(): string {
let result = "";
const id = Date.now() ^ (Math.random() * 0xffffffff);
let num = BigInt(id);
let guid = "";
const bytes = new Uint8Array(10);
crypto.getRandomValues(bytes);
for (let i = 0; i < 10; i++) {
result = BASE91_CHARS[Number(num % 91n)] + result;
num = num / 91n;
guid += BASE91_CHARS[bytes[i] % BASE91_CHARS.length];
}
return guid;
}
return result;
}
function checksum(str: string): number {
let hash = 0;
for (let i = 0; i < str.length; i++) {
const char = str.charCodeAt(i);
hash = ((hash << 5) - hash) + char;
hash = hash & hash;
}
return Math.abs(hash) % 100000000;
function checksum(text: string): number {
const hash = createHash("sha1").update(text.normalize("NFC")).digest("hex");
return parseInt(hash.substring(0, 8), 16);
}
function createCollectionSql(): string {
@@ -198,6 +190,7 @@ async function createDatabase(data: ExportDeckData): Promise<Uint8Array> {
const db = new SQL.Database();
try {
db.run(createCollectionSql());
const now = Date.now();
@@ -273,13 +266,15 @@ async function createDatabase(data: ExportDeckData): Promise<Uint8Array> {
ord: t.ord,
qfmt: t.qfmt,
afmt: t.afmt,
bqfmt: "",
bafmt: "",
did: null,
})),
css: data.noteType.css,
latexPre: "\\documentclass[12pt]{article}\n\\special{papersize=3in,5in}\n\\usepackage{amssymb,amsmath}\n\\pagestyle{empty}\n\\setlength{\\parindent}{0in}\n\\begin{document}\n",
latexPost: "\\end{document}",
latexsvg: false,
req: [],
req: [[0, "any", [0]]],
},
};
@@ -393,10 +388,10 @@ async function createDatabase(data: ExportDeckData): Promise<Uint8Array> {
);
}
const dbData = db.export();
return db.export();
} finally {
db.close();
return dbData;
}
}
export async function exportApkg(data: ExportDeckData): Promise<Buffer> {

21
src/lib/anki/apkg-parser.ts
View File

@@ -20,7 +20,7 @@ async function openDatabase(zip: JSZip): Promise<Database | null> {
const anki21 = zip.file("collection.anki21");
const anki2 = zip.file("collection.anki2");
let dbFile = anki21b || anki21 || anki2;
const dbFile = anki21b || anki21 || anki2;
if (!dbFile) return null;
const dbData = await dbFile.async("uint8array");
@@ -36,17 +36,17 @@ function parseJsonField<T>(jsonStr: string): T {
}
function queryAll<T>(db: Database, sql: string, params: SqlValue[] = []): T[] {
const results: T[] = [];
const stmt = db.prepare(sql);
try {
stmt.bind(params);
const results: T[] = [];
while (stmt.step()) {
const row = stmt.getAsObject();
results.push(row as T);
results.push(stmt.getAsObject() as T);
}
stmt.free();
return results;
} finally {
stmt.free();
}
}
function queryOne<T>(db: Database, sql: string, params: SqlValue[] = []): T | null {
@@ -62,6 +62,7 @@ export async function parseApkg(buffer: Buffer): Promise<ParsedApkg> {
throw new Error("No valid Anki database found in APKG file");
}
try {
const col = queryOne<{
crt: number;
mod: number;
@@ -74,7 +75,6 @@ export async function parseApkg(buffer: Buffer): Promise<ParsedApkg> {
}>(db, "SELECT crt, mod, ver, conf, models, decks, dconf, tags FROM col WHERE id = 1");
if (!col) {
db.close();
throw new Error("Invalid APKG: no collection row found");
}
@@ -124,8 +124,6 @@ export async function parseApkg(buffer: Buffer): Promise<ParsedApkg> {
}
}
db.close();
return {
decks: decksMap,
noteTypes: noteTypesMap,
@@ -140,6 +138,9 @@ export async function parseApkg(buffer: Buffer): Promise<ParsedApkg> {
ver: col.ver,
},
};
} finally {
db.close();
}
}
export function getDeckNotesAndCards(

116
src/modules/import/import-action.ts
View File

@@ -2,21 +2,24 @@
import { auth } from "@/auth";
import { headers } from "next/headers";
import { validate } from "@/utils/validate";
import { z } from "zod";
import { parseApkg, getDeckNames, getDeckNotesAndCards } from "@/lib/anki/apkg-parser";
import { prisma } from "@/lib/db";
import { CardType, CardQueue, NoteKind } from "../../../generated/prisma/enums";
import { createLogger } from "@/lib/logger";
import { repoGenerateGuid, repoCalculateCsum } from "@/modules/note/note-repository";
import type { ParsedApkg } from "@/lib/anki/types";
import { randomBytes } from "crypto";
const log = createLogger("import-action");
const schemaImportApkg = z.object({
deckName: z.string().min(1).optional(),
});
const MAX_APKG_SIZE = 100 * 1024 * 1024;
export type ActionInputImportApkg = z.infer<typeof schemaImportApkg>;
export interface ActionOutputPreviewApkg {
success: boolean;
message: string;
decks?: { id: number; name: string; cardCount: number }[];
}
export interface ActionOutputImportApkg {
success: boolean;
@@ -26,12 +29,6 @@ export interface ActionOutputImportApkg {
cardCount?: number;
}
export interface ActionOutputPreviewApkg {
success: boolean;
message: string;
decks?: { id: number; name: string; cardCount: number }[];
}
async function importNoteType(
parsed: ParsedApkg,
ankiNoteTypeId: number,
@@ -75,8 +72,8 @@ async function importNoteType(
name: ankiNoteType.name,
kind: ankiNoteType.type === 1 ? NoteKind.CLOZE : NoteKind.STANDARD,
css: ankiNoteType.css,
fields: fields as unknown as object,
templates: templates as unknown as object,
fields: JSON.parse(JSON.stringify(fields)),
templates: JSON.parse(JSON.stringify(templates)),
userId,
},
});
@@ -108,41 +105,42 @@ function mapAnkiCardQueue(queue: number): CardQueue {
}
}
async function importDeck(
parsed: ParsedApkg,
deckId: number,
userId: string,
deckNameOverride?: string
): Promise<{ deckId: number; noteCount: number; cardCount: number }> {
const ankiDeck = parsed.decks.get(deckId);
if (!ankiDeck) {
throw new Error(`Deck ${deckId} not found in APKG`);
function generateUniqueId(): bigint {
const bytes = randomBytes(8);
const timestamp = BigInt(Date.now());
const random = BigInt(`0x${bytes.toString("hex")}`);
return timestamp ^ random;
}
const deck = await prisma.deck.create({
async function importDeck(
parsed: ParsedApkg,
ankiDeckId: number,
userId: string,
deckName?: string
): Promise<{ deckId: number; noteCount: number; cardCount: number }> {
const ankiDeck = parsed.decks.get(ankiDeckId);
if (!ankiDeck) {
throw new Error(`Deck ${ankiDeckId} not found in APKG`);
}
const { notes: ankiNotes, cards: ankiCards } = getDeckNotesAndCards(parsed, ankiDeckId);
const result = await prisma.$transaction(async (tx) => {
const deck = await tx.deck.create({
data: {
name: deckNameOverride || ankiDeck.name,
desc: ankiDeck.desc || "",
visibility: "PRIVATE",
collapsed: ankiDeck.collapsed,
conf: JSON.parse(JSON.stringify(ankiDeck)),
name: deckName || ankiDeck.name,
desc: ankiDeck.desc,
userId,
collapsed: ankiDeck.collapsed,
conf: {},
},
});
const { notes: ankiNotes, cards: ankiCards } = getDeckNotesAndCards(parsed, deckId);
if (ankiNotes.length === 0) {
return { deckId: deck.id, noteCount: 0, cardCount: 0 };
}
const noteTypeIdMap = new Map<number, number>();
const firstNote = ankiNotes[0];
if (firstNote) {
const importedNoteTypeId = await importNoteType(parsed, firstNote.mid, userId);
noteTypeIdMap.set(firstNote.mid, importedNoteTypeId);
}
const noteIdMap = new Map<number, bigint>();
for (const ankiNote of ankiNotes) {
@@ -152,20 +150,23 @@ async function importDeck(
noteTypeIdMap.set(ankiNote.mid, noteTypeId);
}
const noteId = BigInt(Date.now() + Math.floor(Math.random() * 1000));
const noteId = generateUniqueId();
noteIdMap.set(ankiNote.id, noteId);
await prisma.note.create({
const guid = ankiNote.guid || repoGenerateGuid();
const csum = ankiNote.csum || repoCalculateCsum(ankiNote.sfld);
await tx.note.create({
data: {
id: noteId,
guid: ankiNote.guid,
guid,
noteTypeId,
mod: ankiNote.mod,
usn: ankiNote.usn,
tags: ankiNote.tags,
flds: ankiNote.flds,
sfld: ankiNote.sfld,
csum: ankiNote.csum,
csum,
flags: ankiNote.flags,
data: ankiNote.data,
userId,
@@ -180,9 +181,9 @@ async function importDeck(
continue;
}
await prisma.card.create({
await tx.card.create({
data: {
id: BigInt(ankiCard.id),
id: generateUniqueId(),
noteId,
deckId: deck.id,
ord: ankiCard.ord,
@@ -205,6 +206,9 @@ async function importDeck(
}
return { deckId: deck.id, noteCount: ankiNotes.length, cardCount: ankiCards.length };
});
return result;
}
export async function actionPreviewApkg(formData: FormData): Promise<ActionOutputPreviewApkg> {
@@ -222,6 +226,10 @@ export async function actionPreviewApkg(formData: FormData): Promise<ActionOutpu
return { success: false, message: "Invalid file type. Please upload an .apkg file" };
}
if (file.size > MAX_APKG_SIZE) {
return { success: false, message: `File size exceeds ${MAX_APKG_SIZE / (1024 * 1024)}MB limit` };
}
try {
const buffer = Buffer.from(await file.arrayBuffer());
const parsed = await parseApkg(buffer);
@@ -229,14 +237,14 @@ export async function actionPreviewApkg(formData: FormData): Promise<ActionOutpu
return {
success: true,
message: "APKG parsed successfully",
decks: decks.filter(d => d.cardCount > 0)
message: `Found ${decks.length} deck(s)`,
decks: decks.filter(d => d.cardCount > 0),
};
} catch (error) {
log.error("Failed to parse APKG", { error });
log.error("Failed to preview APKG", { error });
return {
success: false,
message: error instanceof Error ? error.message : "Failed to parse APKG file"
message: error instanceof Error ? error.message : "Failed to parse APKG file",
};
}
}
@@ -261,22 +269,26 @@ export async function actionImportApkg(
return { success: false, message: "No deck selected" };
}
const deckId = parseInt(deckIdStr, 10);
if (isNaN(deckId)) {
const ankiDeckId = parseInt(deckIdStr, 10);
if (isNaN(ankiDeckId)) {
return { success: false, message: "Invalid deck ID" };
}
if (file.size > MAX_APKG_SIZE) {
return { success: false, message: `File size exceeds ${MAX_APKG_SIZE / (1024 * 1024)}MB limit` };
}
try {
const buffer = Buffer.from(await file.arrayBuffer());
const parsed = await parseApkg(buffer);
const result = await importDeck(parsed, deckId, session.user.id, deckName || undefined);
const result = await importDeck(parsed, ankiDeckId, session.user.id, deckName || undefined);
log.info("APKG imported successfully", {
userId: session.user.id,
deckId: result.deckId,
noteCount: result.noteCount,
cardCount: result.cardCount
cardCount: result.cardCount,
});
return {
@@ -290,7 +302,7 @@ export async function actionImportApkg(
log.error("Failed to import APKG", { error });
return {
success: false,
message: error instanceof Error ? error.message : "Failed to import APKG file"
message: error instanceof Error ? error.message : "Failed to import APKG file",
};
}
}