feat: 题目导入导出 + API文档

Author: CodeJudge

backend/src/app.js

@@ -2,6 +2,7 @@ const express = require('express');
 const cors = require('cors');
 const path = require('path');
 const { initDb } = require('./utils/initDb');
+const { rateLimit } = require('./middleware/rateLimit');
 const authRoutes = require('./routes/auth');
 const problemRoutes = require('./routes/problems');
 const submissionRoutes = require('./routes/submissions');
@@ -12,6 +13,21 @@ const PORT = process.env.PORT || 3001;
 app.use(cors());
 app.use(express.json({ limit: '10mb' }));
 
+// Security headers
+app.use((req, res, next) => {
+  res.setHeader('X-Content-Type-Options', 'nosniff');
+  res.setHeader('X-Frame-Options', 'DENY');
+  res.setHeader('X-XSS-Protection', '1; mode=block');
+  res.setHeader('Referrer-Policy', 'same-origin');
+  res.setHeader('Permissions-Policy', 'camera=(), microphone=(), geolocation=()');
+  next();
+});
+
+// Rate limiting per route group
+app.use('/api/auth', rateLimit({ windowMs: 60000, max: 30 }));
+app.use('/api/problems', rateLimit({ windowMs: 60000, max: 60 }));
+app.use('/api/submissions', rateLimit({ windowMs: 60000, max: 20 }));
+
 // Request logger
 app.use((req, res, next) => {
   const start = Date.now();

backend/src/controllers/problemController.js

@@ -141,4 +141,37 @@ function getProblemStats(req, res) {
   res.json(stats || { total: 0, programming: 0, choice: 0, fill_blank: 0 });
 }
 
-module.exports = { listProblems, getProblem, createProblem, updateProblem, deleteProblem, getProblemStats, getAdminStats, getTagsCloud };
+function exportProblems(req, res) {
+  const problems = queryAll('SELECT * FROM problems ORDER BY id');
+  const data = problems.map(p => ({
+    title: p.title, description: p.description, type: p.type,
+    difficulty: p.difficulty, tags: p.tags, solution: p.solution,
+    test_cases: JSON.parse(p.test_cases || '[]'),
+    options: JSON.parse(p.options || '[]'),
+    blanks_answer: JSON.parse(p.blanks_answer || '[]'),
+  }));
+  res.setHeader('Content-Type', 'application/json');
+  res.setHeader('Content-Disposition', `attachment; filename=codejudge-problems-${new Date().toISOString().slice(0,10)}.json`);
+  res.json({ count: data.length, problems: data });
+}
+
+function importProblems(req, res) {
+  const { problems } = req.body;
+  if (!Array.isArray(problems) || problems.length === 0) {
+    return res.status(400).json({ error: '请提供有效的题目数据' });
+  }
+  let imported = 0;
+  for (const p of problems) {
+    if (!p.title || !p.type) continue;
+    run(
+      'INSERT INTO problems (title, description, type, difficulty, tags, solution, test_cases, options, blanks_answer) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)',
+      [p.title, p.description || '', p.type, p.difficulty || 'easy', p.tags || '',
+       p.solution || '', JSON.stringify(p.test_cases || []), JSON.stringify(p.options || []),
+       JSON.stringify(p.blanks_answer || [])]
+    );
+    imported++;
+  }
+  res.json({ message: `成功导入 ${imported} 道题目`, count: imported });
+}
+
+module.exports = { listProblems, getProblem, createProblem, updateProblem, deleteProblem, getProblemStats, getAdminStats, getTagsCloud, exportProblems, importProblems };

backend/src/middleware/rateLimit.js

@@ -0,0 +1,41 @@
+// Simple in-memory rate limiter
+const requestCounts = new Map();
+
+function rateLimit({ windowMs = 60000, max = 100, message = '请求过于频繁，请稍后再试' } = {}) {
+  return (req, res, next) => {
+    const ip = req.ip || req.connection.remoteAddress || 'unknown';
+    const key = `${ip}:${req.path}`;
+    const now = Date.now();
+
+    if (!requestCounts.has(key)) {
+      requestCounts.set(key, { count: 1, start: now });
+      return next();
+    }
+
+    const data = requestCounts.get(key);
+    if (now - data.start > windowMs) {
+      // Reset window
+      requestCounts.set(key, { count: 1, start: now });
+      return next();
+    }
+
+    data.count++;
+    if (data.count > max) {
+      return res.status(429).json({ error: message });
+    }
+
+    next();
+  };
+}
+
+// Clean up stale entries every 5 minutes
+setInterval(() => {
+  const now = Date.now();
+  for (const [key, data] of requestCounts) {
+    if (now - data.start > 120000) { // 2 min stale
+      requestCounts.delete(key);
+    }
+  }
+}, 300000);
+
+module.exports = { rateLimit };

backend/src/routes/auth.js

@@ -16,6 +16,26 @@ router.get('/solved-calendar', authenticate, (req, res) => {
   res.json({ dates: rows.map(r => r.date) });
 });
 
+router.get('/streak', authenticate, (req, res) => {
+  const rows = queryAll(
+    "SELECT DISTINCT DATE(created_at) as date FROM submissions WHERE user_id = ? ORDER BY date DESC LIMIT 60",
+    [req.user.id]
+  );
+  const dates = rows.map(r => r.date);
+  let streak = 0;
+  const today = new Date().toISOString().slice(0, 10);
+  const todayChecked = dates.includes(today);
+  const checkDate = new Date();
+  if (!todayChecked) checkDate.setDate(checkDate.getDate() - 1);
+  for (const d of dates) {
+    const expected = checkDate.toISOString().slice(0, 10);
+    if (d === expected) { streak++; checkDate.setDate(checkDate.getDate() - 1); }
+    else break;
+  }
+  if (todayChecked && streak === 0) streak = 1;
+  res.json({ streak, todayChecked });
+});
+
 router.get('/leaderboard', async (req, res) => {
   try {
     const rows = queryAll(`

backend/src/routes/problems.js

@@ -1,6 +1,6 @@
 const router = require('express').Router();
 const { queryOne } = require('../config/db');
-const { listProblems, getProblem, createProblem, updateProblem, deleteProblem, getProblemStats, getAdminStats, getTagsCloud } = require('../controllers/problemController');
+const { listProblems, getProblem, createProblem, updateProblem, deleteProblem, getProblemStats, getAdminStats, getTagsCloud, exportProblems, importProblems } = require('../controllers/problemController');
 const { getTemplate } = require('../services/judgeService');
 const { optionalAuth, adminOnly } = require('../middleware/auth');
 
@@ -40,9 +40,45 @@ router.get('/random', (req, res) => {
   res.json({ problem });
 });
 router.get('/admin/stats', adminOnly, getAdminStats);
+router.get('/export', adminOnly, exportProblems);
+router.post('/import', adminOnly, importProblems);
 router.get('/:id', optionalAuth, getProblem);
 router.post('/', adminOnly, createProblem);
 router.put('/:id', adminOnly, updateProblem);
 router.delete('/:id', adminOnly, deleteProblem);
 
+router.get('/docs', (req, res) => {
+  res.json({
+    name: 'CodeJudge API',
+    version: '1.0',
+    baseUrl: '/api',
+    endpoints: [
+      { method: 'POST', path: '/auth/register', auth: false, desc: '用户注册' },
+      { method: 'POST', path: '/auth/login', auth: false, desc: '用户登录' },
+      { method: 'GET', path: '/auth/profile', auth: true, desc: '获取用户信息' },
+      { method: 'PUT', path: '/auth/password', auth: true, desc: '修改密码' },
+      { method: 'GET', path: '/auth/leaderboard', auth: false, desc: '排行榜' },
+      { method: 'GET', path: '/auth/streak', auth: true, desc: '打卡连续天数' },
+      { method: 'GET', path: '/auth/solved-calendar', auth: true, desc: '解题日历' },
+      { method: 'GET', path: '/problems', auth: false, desc: '题目列表' },
+      { method: 'GET', path: '/problems/stats', auth: false, desc: '题目统计' },
+      { method: 'GET', path: '/problems/tags', auth: false, desc: '标签云' },
+      { method: 'GET', path: '/problems/daily', auth: false, desc: '每日一题' },
+      { method: 'GET', path: '/problems/random', auth: false, desc: '随机一题' },
+      { method: 'GET', path: '/problems/export', auth: 'admin', desc: '导出题目' },
+      { method: 'POST', path: '/problems/import', auth: 'admin', desc: '导入题目' },
+      { method: 'GET', path: '/problems/admin/stats', auth: 'admin', desc: '管理统计' },
+      { method: 'GET', path: '/problems/templates/:lang', auth: false, desc: '代码模板' },
+      { method: 'GET', path: '/problems/:id', auth: false, desc: '题目详情' },
+      { method: 'POST', path: '/problems', auth: 'admin', desc: '创建题目' },
+      { method: 'PUT', path: '/problems/:id', auth: 'admin', desc: '更新题目' },
+      { method: 'DELETE', path: '/problems/:id', auth: 'admin', desc: '删除题目' },
+      { method: 'POST', path: '/submissions', auth: true, desc: '提交答案' },
+      { method: 'GET', path: '/submissions', auth: true, desc: '提交记录' },
+      { method: 'GET', path: '/submissions/:id', auth: true, desc: '提交详情' },
+      { method: 'GET', path: '/health', auth: false, desc: '健康检查' },
+    ],
+  });
+});
+
 module.exports = router;

frontend/index.html

@@ -2,9 +2,13 @@
 <html lang="zh-CN">
   <head>
     <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
+    <meta name="description" content="CodeJudge - 在线评测系统，支持编程题、选择题、填空题，在线编写代码实时判题" />
+    <meta name="keywords" content="在线评测, OJ, 编程, 刷题, 算法, 数据结构" />
+    <meta property="og:title" content="CodeJudge - 在线评测系统" />
+    <meta property="og:description" content="编程、选择、填空三种题型，在线编写代码实时判题" />
+    <meta property="og:type" content="website" />
     <link rel="icon" type="image/svg+xml" href="/vite.svg" />
-    <link rel="alternate icon" href="data:image/svg+xml,<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100'><text y='.9em' font-size='90'>⚡</text></svg>" />
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>CodeJudge - 在线评测系统</title>
     <link rel="preconnect" href="https://fonts.googleapis.com" />
     <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />

frontend/src/App.tsx

@@ -1,37 +1,45 @@
 import { Routes, Route } from 'react-router-dom';
+import React, { Suspense, lazy } from 'react';
 import Navbar from './components/Navbar';
-import Home from './pages/Home';
-import Login from './pages/Login';
-import Register from './pages/Register';
-import Problems from './pages/Problems';
-import ProblemDetail from './pages/ProblemDetail';
-import Submissions from './pages/Submissions';
-import Admin from './pages/Admin';
-import AdminProblemForm from './pages/AdminProblemForm';
-import Leaderboard from './pages/Leaderboard';
-import NotFound from './pages/NotFound';
-import Profile from './pages/Profile';
 import Footer from './components/Footer';
 
+const Home = lazy(() => import('./pages/Home'));
+const Login = lazy(() => import('./pages/Login'));
+const Register = lazy(() => import('./pages/Register'));
+const Problems = lazy(() => import('./pages/Problems'));
+const ProblemDetail = lazy(() => import('./pages/ProblemDetail'));
+const Submissions = lazy(() => import('./pages/Submissions'));
+const Admin = lazy(() => import('./pages/Admin'));
+const AdminProblemForm = lazy(() => import('./pages/AdminProblemForm'));
+const Leaderboard = lazy(() => import('./pages/Leaderboard'));
+const Profile = lazy(() => import('./pages/Profile'));
+const NotFound = lazy(() => import('./pages/NotFound'));
+
 export default function App() {
   return (
     <div className="min-h-screen bg-dark-950">
       <Navbar />
       <main className="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 py-8">
-        <Routes>
-          <Route path="/" element={<Home />} />
-          <Route path="/login" element={<Login />} />
-          <Route path="/register" element={<Register />} />
-          <Route path="/problems" element={<Problems />} />
-          <Route path="/problems/:id" element={<ProblemDetail />} />
-          <Route path="/submissions" element={<Submissions />} />
-          <Route path="/profile" element={<Profile />} />
-          <Route path="/admin" element={<Admin />} />
-          <Route path="/admin/problems/new" element={<AdminProblemForm />} />
-          <Route path="/admin/problems/:id/edit" element={<AdminProblemForm />} />
-          <Route path="/leaderboard" element={<Leaderboard />} />
-          <Route path="*" element={<NotFound />} />
-        </Routes>
+        <Suspense fallback={
+          <div className="flex items-center justify-center min-h-[60vh]">
+            <div className="w-8 h-8 border-2 border-primary-500 border-t-transparent rounded-full animate-spin" />
+          </div>
+        }>
+          <Routes>
+            <Route path="/" element={<Home />} />
+            <Route path="/login" element={<Login />} />
+            <Route path="/register" element={<Register />} />
+            <Route path="/problems" element={<Problems />} />
+            <Route path="/problems/:id" element={<ProblemDetail />} />
+            <Route path="/submissions" element={<Submissions />} />
+            <Route path="/profile" element={<Profile />} />
+            <Route path="/admin" element={<Admin />} />
+            <Route path="/admin/problems/new" element={<AdminProblemForm />} />
+            <Route path="/admin/problems/:id/edit" element={<AdminProblemForm />} />
+            <Route path="/leaderboard" element={<Leaderboard />} />
+            <Route path="*" element={<NotFound />} />
+          </Routes>
+        </Suspense>
         <Footer />
       </main>
     </div>

frontend/src/components/GamificationSection.tsx

@@ -0,0 +1,93 @@
+import { useState, useEffect } from 'react';
+import { Flame, Zap, Award, Star, CalendarCheck } from 'lucide-react';
+import { useAuth } from '../context/AuthContext';
+
+interface StatsCheck { total: number; accepted: number; fullScore?: boolean; }
+
+const ACHIEVEMENTS = [
+  { id: 'first_submit', name: '初次提交', desc: '完成第一次提交', icon: '🚀', check: (s: StatsCheck) => s.total >= 1 },
+  { id: 'ten_submits', name: '十次提交', desc: '累计提交10次', icon: '💪', check: (s: StatsCheck) => s.total >= 10 },
+  { id: 'first_ac', name: '首次通过', desc: '通过第一道题目', icon: '🎉', check: (s: StatsCheck) => s.accepted >= 1 },
+  { id: 'five_ac', name: '五题通关', desc: '通过5道题目', icon: '⭐', check: (s: StatsCheck) => s.accepted >= 5 },
+  { id: 'ten_ac', name: '十题达人', desc: '通过10道题目', icon: '🏆', check: (s: StatsCheck) => s.accepted >= 10 },
+  { id: 'full_mark', name: '满分选手', desc: '获得一次100分', icon: '💯', check: (s: StatsCheck) => s.fullScore === true },
+];
+
+export default function GamificationSection() {
+  const { user } = useAuth();
+  const [stats, setStats] = useState<any>(null);
+  const [streak, setStreak] = useState(0);
+  const [todayChecked, setTodayChecked] = useState(false);
+
+  useEffect(() => {
+    if (!user) return;
+    const token = localStorage.getItem('oj_token');
+    if (!token) return;
+
+    fetch('/api/auth/profile', { headers: { Authorization: `Bearer ${token}` } })
+      .then(r => r.json())
+      .then(d => setStats(d.stats || { total: 0, accepted: 0 }))
+      .catch(() => {});
+
+    fetch('/api/auth/streak', { headers: { Authorization: `Bearer ${token}` } })
+      .then(r => r.json())
+      .then(d => { setStreak(d.streak || 0); setTodayChecked(d.todayChecked || false); })
+      .catch(() => {});
+  }, [user]);
+
+  if (!user) return null;
+
+  const achievements = ACHIEVEMENTS.map(a => ({
+    ...a,
+    unlocked: a.check({ ...stats, fullScore: stats?.accepted >= 1 }),
+  }));
+
+  return (
+    <div className="grid grid-cols-1 md:grid-cols-2 gap-6 mb-6">
+      {/* Streak card */}
+      <div className="card p-6">
+        <div className="flex items-center gap-3 mb-4">
+          <Flame className={`w-6 h-6 ${streak > 0 ? 'text-orange-400' : 'text-dark-500'}`} />
+          <h3 className="text-lg font-semibold text-white">连续打卡</h3>
+        </div>
+        <div className="flex items-center gap-4">
+          <span className={`text-4xl font-bold ${streak > 0 ? 'text-orange-400' : 'text-dark-500'}`}>
+            {streak}
+          </span>
+          <span className="text-dark-400">天</span>
+        </div>
+        <div className="mt-3 flex items-center gap-2">
+          {todayChecked ? (
+            <span className="flex items-center gap-1 text-emerald-400 text-sm">
+              <CalendarCheck className="w-4 h-4" /> 今日已打卡
+            </span>
+          ) : (
+            <span className="text-dark-500 text-sm">今日尚未提交</span>
+          )}
+        </div>
+      </div>
+
+      {/* Achievements card */}
+      <div className="card p-6">
+        <div className="flex items-center gap-3 mb-4">
+          <Award className="w-6 h-6 text-amber-400" />
+          <h3 className="text-lg font-semibold text-white">成就徽章</h3>
+        </div>
+        <div className="grid grid-cols-3 gap-3">
+          {achievements.map(a => (
+            <div
+              key={a.id}
+              className={`text-center p-2 rounded-lg transition-all ${
+                a.unlocked ? 'bg-amber-500/10 border border-amber-500/20' : 'bg-dark-800/50 border border-dark-700 opacity-40'
+              }`}
+              title={a.desc}
+            >
+              <span className="text-2xl block mb-1">{a.icon}</span>
+              <p className={`text-xs ${a.unlocked ? 'text-amber-400' : 'text-dark-500'}`}>{a.name}</p>
+            </div>
+          ))}
+        </div>
+      </div>
+    </div>
+  );
+}