fix: reset traffic stats when copying server nodes

The loginWithMailLink endpoint returns the magic login link in the
HTTP response body, allowing unauthenticated account takeover.

The fix returns true instead of the link. The email delivery is
the authentication factor.

Bug inherited from V2Board commit bdb10bed (2022-06-27).

README.md

@@ -73,6 +73,12 @@ docker compose up -d
 
 This project is for learning and communication purposes only. Users are responsible for any consequences of using this project.
 
+## ❤️ Support The Project
+
+If this project has helped you, donations are appreciated. They help support ongoing maintenance and would make me very happy.
+
+TRC20: `TLypStEWsVrj6Wz9mCxbXffqgt5yz3Y4XB`
+
 ## 🌟 Maintenance Notice
 
 This project is currently under light maintenance. We will:

app/Http/Controllers/V2/Admin/Server/ManageController.php

@@ -211,9 +211,14 @@ class ManageController extends Controller
         if (!$server) {
             return $this->fail([400202, '服务器不存在']);
         }
-        $server->show = 0;
-        $server->code = null;
-        Server::create($server->toArray());
+
+        $copiedServer = $server->replicate();
+        $copiedServer->show = 0;
+        $copiedServer->code = null;
+        $copiedServer->u = 0;
+        $copiedServer->d = 0;
+        $copiedServer->save();
+
         return $this->success(true);
     }
 }

app/Services/Auth/MailLinkService.php

@@ -46,7 +46,7 @@ class MailLinkService
 
         $this->sendMailLinkEmail($user, $link);
 
-        return [true, $link];
+        return [true, true];
     }
 
     /**

app/Services/ServerService.php

@@ -183,7 +183,10 @@ class ServerService
                 ...$baseConfig,
                 'tls' => (int) $protocolSettings['tls'],
                 'flow' => $protocolSettings['flow'],
-                'decryption' => data_get($protocolSettings, 'encryption.decryption'),
+                'decryption' => match (data_get($protocolSettings, 'encryption.enabled')) {
+                    true => data_get($protocolSettings, 'encryption.decryption'),
+                    default => null,
+                },
                 'tls_settings' => match ((int) $protocolSettings['tls']) {
                         2 => $protocolSettings['reality_settings'],
                         default => $protocolSettings['tls_settings'],

update.sh

@@ -10,7 +10,17 @@ if ! command -v git &> /dev/null; then
     exit 1
 fi
 
-git config --global --add safe.directory $(pwd)
+repo_root="$(pwd)"
+
+add_safe_directory() {
+  local dir="$1"
+
+  git config --global --get-all safe.directory | grep -Fx "$dir" > /dev/null ||     git config --global --add safe.directory "$dir"
+}
+
+add_safe_directory "$repo_root"
+add_safe_directory "$repo_root/public/assets/admin"
+
 git fetch --all && git reset --hard origin/master && git pull origin master
 rm -rf composer.lock composer.phar
 wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar