Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@notadd/addon-sms
Advanced tools
notadd 短信验证码插件
功能
- 短信插件管理
- 短信模板管理
- 短信发送记录管理
- 使用腾讯云短信服务发送短信验证码
- 校验验证码合法性
安装
# install
yarn add @notadd/addon-sms
使用说明
第一步,导入短信插件
import { SmsAddon } from "@notadd/addon-sms";
@Module({
imports: [SmsAddon]
})
export class AppModule { }
第二步,创建短信插件
import { SmsService } from "@notadd/addon-sms";
@Injectable()
export class ExampleService {
constructor(
@Inject(SmsService) private readonly smsService: SmsService
) { }
// 创建/配置短信插件
async test() {
await this.smsService.createSms({
appId: '123456789',
appKey: 'zbcdefg123',
signName: '签名',
templates: [
{
templateId: 122334,
name: '短信测试',
remark: '您的验证码是{1},请于{2}分钟内填写。如非本人操作,请忽略本短信。'
}
]
});
}
}
第三步,调用发送/验证短信方法
import { SmsService } from "@notadd/addon-sms";
@Injectable()
export class ExampleService {
constructor(
@Inject(SmsService) private readonly smsService: SmsService
) { }
// SmsRequest example:(2 , { appId: "1234567890", templateId: 123456, templateParam: ["xxxxx", "xxxxx"], "mobile": ["13512345678"] })
async sendSms(type: number, smsRequest: SmsRequest) {
// 短信类型 0为通知短信,1为验证码短信,2为自定义参数短信
// 成功时返回 { code: 200, message: "发送短信成功" };
//
// 失败时会抛出以下几种异常:
// HttpException (`指定短信插件'appId=xxxxx'不存在`, 404);
// HttpException (`指定短信模板'templateId=xxxxx'不存在`, 404);
// HttpException (`发送失败,原因:xxxxx`, xxxxx);
await this.smsService.sendMessageByQCloud(type, smsRequest);
}
async smsValidator(mobile: string, validationCode: number) {
// 校验验证码合法性,成功时没有返回值,失败时抛出 HttpException { code: number, message: string }
//
// 校验顺序:
// step 1,判断手机号是否和接收短信手机号一致,失败时: HttpException ("输入的手机号码与接收短信的手机号码不一致", 404);
// step 2,判断验证码是否正确,失败时: HttpException ("验证码错误", 406);
// step 3,判断验证码是否超时,失败时: HttpException ("验证超时,请重新获取验证码", 408);
await this.smsService.smsValidator(mobile, validationCode);
}
}
FAQs
The sms addon for notadd application.
We found that @notadd/addon-sms demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 24 Dec 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025