From 123f7489bfe99df93560ef3a15b5bb79e4f0b3a2 Mon Sep 17 00:00:00 2001 From: sunlin92 Date: Mon, 1 Feb 2021 17:02:30 +0800 Subject: [PATCH 1/8] =?UTF-8?q?fix:=E6=A0=87=E6=B3=A8=E6=90=9C=E7=B4=A2?= =?UTF-8?q?=E6=97=A5=E5=BF=97=E6=9D=83=E9=99=90=EF=BC=8C=E8=BF=BD=E5=8A=A0?= =?UTF-8?q?time=20log=E5=AD=97=E6=AE=B5(resolve=20#144)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/api/cms/log.py | 49 ++++++++++++++++++++++++++++++++++++++--- app/validator/schema.py | 2 ++ 2 files changed, 48 insertions(+), 3 deletions(-) diff --git a/app/api/cms/log.py b/app/api/cms/log.py index eed2527..8220660 100644 --- a/app/api/cms/log.py +++ b/app/api/cms/log.py @@ -20,9 +20,8 @@ @log_api.route("") -@log_api.route("/search") @permission_meta(name="查询日志", module="日志") -# @group_required +@group_required @api.validate( headers=AuthorizationSchema, query=LogQuerySearchSchema, @@ -34,6 +33,36 @@ def get_logs(): """ 日志浏览查询(人员,时间, 关键字),分页展示 """ + logs = Log.query.filter() + total = logs.count() + items = ( + logs.order_by(text("create_time desc")).offset(g.offset).limit(g.count).all() + ) + total_page = math.ceil(total / g.count) + + return LogPageSchema( + page=g.page, + count=g.count, + total=total, + items=get_items_with_time_field(items), + total_page=total_page, + ) + + +@log_api.route("/search") +@permission_meta(name="搜索日志", module="日志") +@group_required +@api.validate( + headers=AuthorizationSchema, + query=LogQuerySearchSchema, + resp=DocResponse(r=LogPageSchema), + before=LogQuerySearchSchema.offset_handler, + tags=["日志"], +) +def search_logs(): + """ + 日志搜索(人员,时间, 关键字),分页展示 + """ if g.keyword: logs = Log.query.filter(Log.message.like(f"%{g.keyword}%")) else: @@ -50,7 +79,11 @@ def get_logs(): total_page = math.ceil(total / g.count) return LogPageSchema( - page=g.page, count=g.count, total=total, items=items, total_page=total_page + page=g.page, + count=g.count, + total=total, + items=get_items_with_time_field(items), + total_page=total_page, ) @@ -74,3 +107,13 @@ def get_users_for_log(): .all() ) return UsernameListSchema(items=[u.username for u in usernames]) + + +# TODO:临时time字段, 等待lin 核心库中调整后移除 +def get_items_with_time_field(items): + new_items = list() + for item in items: + item = dict(item) + item["time"] = item["create_time"] + new_items.append(item) + return new_items diff --git a/app/validator/schema.py b/app/validator/schema.py index 301cade..605ff19 100644 --- a/app/validator/schema.py +++ b/app/validator/schema.py @@ -1,4 +1,5 @@ import re +from datetime import datetime from enum import Enum from typing import Any, List, Optional @@ -49,6 +50,7 @@ class LogSchema(BaseModel): method: str path: str permission: str + time: datetime class BasePageSchema(BaseModel): From 431d00ec70c22510a1b5f5604008a35602bb95ab Mon Sep 17 00:00:00 2001 From: kalotehea <1069811595@qq.com> Date: Tue, 18 May 2021 10:45:07 +0800 Subject: [PATCH 2/8] =?UTF-8?q?'update:=E6=9B=B4=E6=96=B0=E6=A0=B8?= =?UTF-8?q?=E5=BF=83=E5=BA=93'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 6 +++--- requirements-dev.txt | 2 +- requirements-prod.txt | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index a3840ef..1f60586 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@

flask version - lin--cms version + lin--cms version LISENCE

@@ -35,9 +35,9 @@ Lin-CMS 是林间有风团队经过大量项目实践所提炼出的一套**内 ### 当前最新版本 -lin-cms-flask(当前示例工程):0.3.0a10 +lin-cms-flask(当前示例工程):0.3.1 -lin-cms(核心库) :0.3.0a10 +lin-cms(核心库) :0.3.1 ### 文档地址 diff --git a/requirements-dev.txt b/requirements-dev.txt index 12bb066..2566dc8 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,4 +1,4 @@ -Lin-CMS==0.3.0a10 +Lin-CMS==0.3.1 Flask-Cors==3.0.9 python-dotenv==0.15.0 pytest-ordering==0.6 diff --git a/requirements-prod.txt b/requirements-prod.txt index ddf9d2c..4a00cfa 100644 --- a/requirements-prod.txt +++ b/requirements-prod.txt @@ -1,4 +1,4 @@ -Lin-CMS==0.3.0a10 +Lin-CMS==0.3.1 Flask-Cors==3.0.9 python-dotenv==0.15.0 gevent==20.9.0 From 23ae9a886f2eea62320221afbfee7ee46e0553f4 Mon Sep 17 00:00:00 2001 From: sunlin92 Date: Tue, 16 Nov 2021 21:09:00 +0800 Subject: [PATCH 3/8] feat:login captcha --- app/api/cms/user.py | 30 ++++++++++++++++++--- app/config/base.py | 2 ++ app/util/captcha.py | 62 +++++++++++++++++++++++++++++++++++++++++++ app/validator/form.py | 1 + 4 files changed, 91 insertions(+), 4 deletions(-) create mode 100644 app/util/captcha.py diff --git a/app/api/cms/user.py b/app/api/cms/user.py index b78190b..c8e2491 100644 --- a/app/api/cms/user.py +++ b/app/api/cms/user.py @@ -4,8 +4,7 @@ :copyright: © 2020 by the Lin team. :license: MIT, see LICENSE for more details. """ -from operator import and_ - +from flask import current_app, request from flask_jwt_extended import ( create_access_token, create_refresh_token, @@ -13,6 +12,7 @@ get_jwt_identity, verify_jwt_refresh_token_in_request, ) +from itsdangerous import JSONWebSignatureSerializer as JWSSerializer from lin import manager, permission_meta from lin.db import db from lin.exception import Duplicated, Failed, NotFound, ParameterError, Success @@ -21,6 +21,7 @@ from lin.redprint import Redprint from app.exception.api import RefreshFailed +from app.util.captcha import CaptchaTool from app.util.common import split_group from app.validator.form import ( ChangePasswordForm, @@ -48,13 +49,20 @@ def register(): @user_api.route("/login", methods=["POST"]) -@permission_meta(name="登录", module="用户", mount=False) def login(): form = LoginForm().validate_for_api() + # 校对验证码 + if current_app.config.get("LOGIN_CAPTCHA"): + tag = request.headers.get("tag") + secret_key = current_app.config.get("SECRET_KEY") + serializer = JWSSerializer(secret_key) + if form.captcha.data != serializer.loads(tag): + raise Failed("验证码校验失败") + user = manager.user_model.verify(form.username.data, form.password.data) # 用户未登录,此处不能用装饰器记录日志 Log.create_log( - message=f"{user.username}登陆成功获取了令牌", + message=f"{user.username}登录成功获取了令牌", user_id=user.id, username=user.username, status_code=200, @@ -169,3 +177,17 @@ def _register_user(form: RegisterForm): user_group.user_id = user.id user_group.group_id = group_id db.session.add(user_group) + + +@user_api.route("/captcha", methods=["GET", "POST"]) +def get_captcha(): + """ + 获取图形验证码 + """ + if not current_app.config.get("LOGIN_CAPTCHA"): + return {"tag": "", "image": ""} + image, code = CaptchaTool().get_verify_code() + secret_key = current_app.config.get("SECRET_KEY") + serializer = JWSSerializer(secret_key) + tag = serializer.dumps(code) + return {"tag": tag, "image": image} diff --git a/app/config/base.py b/app/config/base.py index 15811d6..f980a06 100644 --- a/app/config/base.py +++ b/app/config/base.py @@ -32,6 +32,8 @@ class BaseConfig(object): # 令牌配置 JWT_ACCESS_TOKEN_EXPIRES = timedelta(hours=1) + # 启用验证码登录 + LOGIN_CAPTCHA = True # 默认文件上传配置 FILE = { "STORE_DIR": "assets", diff --git a/app/util/captcha.py b/app/util/captcha.py new file mode 100644 index 0000000..ab452d3 --- /dev/null +++ b/app/util/captcha.py @@ -0,0 +1,62 @@ +import base64 +import io +import random +import string + +from PIL import Image, ImageDraw, ImageFont + + +class CaptchaTool: + """ + 生成图片验证码 + """ + + def __init__(self, width=50, height=12): + + self.width = width + self.height = height + # 新图片对象 + self.im = Image.new("RGB", (width, height), "white") + # 字体 + self.font = ImageFont.load_default() + # draw对象 + self.draw = ImageDraw.Draw(self.im) + + def draw_lines(self, num=3): + """ + 划线 + """ + for num in range(num): + x1 = random.randint(0, self.width / 2) + y1 = random.randint(0, self.height / 2) + x2 = random.randint(0, self.width) + y2 = random.randint(self.height / 2, self.height) + self.draw.line(((x1, y1), (x2, y2)), fill="black", width=1) + + def get_verify_code(self): + """ + 生成验证码图形 + """ + # 设置随机4位数字验证码 + code = "".join(random.sample(string.digits, 4)) + # 绘制字符串 + for item in range(4): + self.draw.text( + (6 + random.randint(-3, 3) + 10 * item, 2 + random.randint(-2, 2)), + text=code[item], + fill=( + random.randint(32, 127), + random.randint(32, 127), + random.randint(32, 127), + ), + font=self.font, + ) + # 划线 + # self.draw_lines() + # 重新设置图片大小 + self.im = self.im.resize((100, 24)) + # 图片转为base64字符串 + buffered = io.BytesIO() + self.im.save(buffered, format="JPEG") + img_str = b"data:image/png;base64," + base64.b64encode(buffered.getvalue()) + return img_str, code diff --git a/app/validator/form.py b/app/validator/form.py index d9cfbc7..937715e 100644 --- a/app/validator/form.py +++ b/app/validator/form.py @@ -66,6 +66,7 @@ def validate_group_ids(self, value): class LoginForm(Form): username = StringField(validators=[DataRequired()]) password = PasswordField("密码", validators=[DataRequired(message="密码不可为空")]) + captcha = StringField() # 重置密码校验 From 9ba0b15896f8575a431b7202f317fed4966c5485 Mon Sep 17 00:00:00 2001 From: sunlin92 Date: Tue, 16 Nov 2021 21:16:07 +0800 Subject: [PATCH 4/8] chore: Readme version --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 1f60586..a639680 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ Lin-CMS 是林间有风团队经过大量项目实践所提炼出的一套**内 ### 当前最新版本 -lin-cms-flask(当前示例工程):0.3.1 +lin-cms-flask(当前示例工程):0.3.2 lin-cms(核心库) :0.3.1 @@ -120,7 +120,7 @@ Lin 的服务端框架是基于 Python Flask 的,所以如果您比较熟悉 F git clone https://github.com/TaleLin/lin-cms-flask.git starter ``` -> **Tips:** +> **Tips:** > > 我们以 `starter` 作为工程名,当然您也可以以任意您喜爱的名字作为工程名。 > From 689911a20ad8899c5e18218bdbde2b4e63da887b Mon Sep 17 00:00:00 2001 From: sunlin92 Date: Mon, 22 Nov 2021 02:30:24 +0000 Subject: [PATCH 5/8] fix: issue #178 --- app/api/cms/user.py | 3 ++- app/model/lin/user.py | 2 +- requirements-dev.txt | 1 + requirements-prod.txt | 1 + 4 files changed, 5 insertions(+), 2 deletions(-) diff --git a/app/api/cms/user.py b/app/api/cms/user.py index c8e2491..5c92760 100644 --- a/app/api/cms/user.py +++ b/app/api/cms/user.py @@ -189,5 +189,6 @@ def get_captcha(): image, code = CaptchaTool().get_verify_code() secret_key = current_app.config.get("SECRET_KEY") serializer = JWSSerializer(secret_key) - tag = serializer.dumps(code) + tag = str(serializer.dumps(code), encoding="utf-8") + image = str(image, encoding="utf-8") return {"tag": tag, "image": image} diff --git a/app/model/lin/user.py b/app/model/lin/user.py index 11cbb1b..b401247 100644 --- a/app/model/lin/user.py +++ b/app/model/lin/user.py @@ -24,7 +24,7 @@ def count_by_email(cls, email) -> int: @classmethod def select_page_by_group_id(cls, group_id, root_group_id) -> list: - """ 通过分组id分页获取用户数据 """ + """通过分组id分页获取用户数据""" query = db.session.query(manager.user_group_model.user_id).filter( manager.user_group_model.group_id == group_id, manager.user_group_model.group_id != root_group_id, diff --git a/requirements-dev.txt b/requirements-dev.txt index 2566dc8..b4bcfee 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -2,3 +2,4 @@ Lin-CMS==0.3.1 Flask-Cors==3.0.9 python-dotenv==0.15.0 pytest-ordering==0.6 +Pillow==8.4.0 diff --git a/requirements-prod.txt b/requirements-prod.txt index 4a00cfa..5dd8d5c 100644 --- a/requirements-prod.txt +++ b/requirements-prod.txt @@ -3,3 +3,4 @@ Flask-Cors==3.0.9 python-dotenv==0.15.0 gevent==20.9.0 gunicorn==20.0.4 +Pillow==8.4.0 From ba93fd294b37fa037d327bc3e7e3f6586198ac25 Mon Sep 17 00:00:00 2001 From: sunlin92 Date: Thu, 6 Jan 2022 23:01:27 +0800 Subject: [PATCH 6/8] update: 0.4.0 --- .dockerignore | 1 + .editorconfig | 13 ++ .flake8 | 15 ++ .github/ISSUE_TEMPLATE/bug_report.md | 27 ---- .github/ISSUE_TEMPLATE/feature_request.md | 20 --- .github/ISSUE_TEMPLATE/question.md | 6 - .gitignore | 44 +++--- .pre-commit-config.yaml | 17 +++ Dockerfile | 8 ++ LICENSE | 19 ++- README.md | 131 ++---------------- app/__init__.py | 24 +++- app/api/__init__.py | 31 ++++- app/api/cms/__init__.py | 16 +-- app/api/cms/admin.py | 35 +++-- app/api/cms/exception/__init__.py | 7 + app/api/cms/file.py | 7 +- app/api/cms/log.py | 45 ++---- app/{model/v1 => api/cms/model}/__init__.py | 0 app/{model/lin => api/cms/model}/group.py | 52 +++---- .../lin => api/cms/model}/group_permission.py | 28 ++-- .../lin => api/cms/model}/permission.py | 84 +++++------ app/{model/lin => api/cms/model}/user.py | 88 ++++++------ .../lin => api/cms/model}/user_group.py | 28 ++-- app/api/cms/model/user_identity.py | 5 + .../schema.py => api/cms/schema/__init__.py} | 53 ++----- app/api/cms/user.py | 59 +++++--- .../form.py => api/cms/validator/__init__.py} | 5 +- app/api/v1/__init__.py | 9 +- app/api/v1/book.py | 47 +++---- .../api.py => api/v1/exception/__init__.py} | 8 +- app/api/v1/model/__init__.py | 0 app/{model/v1 => api/v1/model}/book.py | 3 +- app/api/v1/schema/__init__.py | 26 ++++ app/api/v1/validator/__init__.py | 0 app/cli/db/fake.py | 5 +- app/cli/db/init.py | 4 +- app/cli/plugin/generator.py | 2 +- app/cli/plugin/init.py | 2 +- app/config/base.py | 5 +- app/config/http_status_desc.py | 64 --------- app/extension/file/file.py | 92 ++++++------ app/extension/file/local_uploader.py | 3 +- app/extension/notify/socketio.py | 3 + app/model/__init__.py | 4 - app/model/lin/__init__.py | 6 - app/model/lin/user_identity.py | 5 - app/plugin/oss/README.md | 2 +- app/plugin/oss/app/controller.py | 15 +- app/plugin/oss/app/model.py | 3 +- app/plugin/oss/requirements.txt | 2 +- app/plugin/poem/app/__init__.py | 3 +- app/plugin/poem/app/controller.py | 2 +- app/plugin/poem/app/form.py | 5 +- app/plugin/poem/app/model.py | 9 +- app/plugin/qiniu/README.md | 2 +- app/plugin/qiniu/app/controller.py | 5 +- app/plugin/qiniu/app/model.py | 3 +- app/plugin/qiniu/requirements.txt | 2 +- app/schema/__init__.py | 13 ++ app/util/common.py | 4 + app/util/page.py | 2 +- docker-compose.yml | 16 +++ docker-deploy.sh | 6 + gunicorn.conf.py | 6 +- pyproject.toml | 32 +++++ requirements-dev.txt | 22 ++- requirements-prod.txt | 15 +- starter.py | 28 ++-- tests/__init__.py | 14 +- tests/test_book.py | 6 +- tests/test_user.py | 4 +- 72 files changed, 667 insertions(+), 710 deletions(-) create mode 100644 .dockerignore create mode 100644 .editorconfig create mode 100644 .flake8 delete mode 100644 .github/ISSUE_TEMPLATE/bug_report.md delete mode 100644 .github/ISSUE_TEMPLATE/feature_request.md delete mode 100644 .github/ISSUE_TEMPLATE/question.md create mode 100644 .pre-commit-config.yaml create mode 100644 Dockerfile create mode 100644 app/api/cms/exception/__init__.py rename app/{model/v1 => api/cms/model}/__init__.py (100%) rename app/{model/lin => api/cms/model}/group.py (88%) rename app/{model/lin => api/cms/model}/group_permission.py (77%) rename app/{model/lin => api/cms/model}/permission.py (92%) rename app/{model/lin => api/cms/model}/user.py (79%) rename app/{model/lin => api/cms/model}/user_group.py (78%) create mode 100644 app/api/cms/model/user_identity.py rename app/{validator/schema.py => api/cms/schema/__init__.py} (54%) rename app/{validator/form.py => api/cms/validator/__init__.py} (98%) rename app/{exception/api.py => api/v1/exception/__init__.py} (52%) create mode 100644 app/api/v1/model/__init__.py rename app/{model/v1 => api/v1/model}/book.py (82%) create mode 100644 app/api/v1/schema/__init__.py create mode 100644 app/api/v1/validator/__init__.py delete mode 100644 app/config/http_status_desc.py create mode 100644 app/extension/notify/socketio.py delete mode 100644 app/model/lin/__init__.py delete mode 100644 app/model/lin/user_identity.py create mode 100644 app/schema/__init__.py create mode 100644 docker-compose.yml create mode 100644 docker-deploy.sh create mode 100644 pyproject.toml diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..1d17dae --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +.venv diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..5c61a62 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,13 @@ +root = true + +[*] +indent_style = space +indent_size = 4 +insert_final_newline = true +trim_trailing_whitespace = true +end_of_line = lf +charset = utf-8 +max_line_length = 100 + +[*.{yml,yaml,json,js,css,html}] +indent_size = 2 diff --git a/.flake8 b/.flake8 new file mode 100644 index 0000000..7a245db --- /dev/null +++ b/.flake8 @@ -0,0 +1,15 @@ +[flake8] +max-line-length = 120 +select = C,E,F,W,B,B9 +ignore = E203, E501, W503, E712, E711 +per-file-ignores = + __init__.py: F401 + app/core/exception.py: F811 + app/cli/plugin/init.py: W605 +exclude = + .git, + __pycache__, + build, + dist, + tests, + .venv diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md deleted file mode 100644 index 9806f8c..0000000 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -name: 提出一个bug -about: 提出bug帮助我们完善项目 ---- - -**描述 bug** - -- 你是如何操作的? -- 发生了什么? -- 你觉得应该出现什么? - -**你使用哪个版本出现该问题?** - -如果使用`master`,请表明是 master 分支,否则给出具体的版本号 - -**如何再现** - -If your bug is deterministic, can you give a minimal reproducing code? -Some bugs are not deterministic. Can you describe with precision in which context it happened? -If this is possible, can you share your code? - -如果你确定存在这个 bug,你能提供我们一个最小的实现代码吗? -一些 bug 是不确定,只会在某些条件下触发,你能详细描述一下具体的情况和提供复现的步骤吗? -当然如果你提供在线的 repo,那就再好不过了。 - -如果你发现了 bug,并修复了它,请用`git rebase`合并成一条标准的`fix: description`提交,然后向我们的 -项目提 PR,我们会在第一时间审核,并感谢您的参与。 diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md deleted file mode 100644 index 4f8cfa0..0000000 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: 提出新特性 -about: 对项目的发展提出建议 ---- - -CMS 是一个颇为复杂的应用,它需要的东西太多。我们无法涉及到方方面面,因此关于新特性,我们会以讨论的形式来确定这个特性是否去实现,以什么形式实现。 -我们鼓励所有对这个特性感兴趣的人来参与讨论,当然如果你想参与特性的开发那就更好了。 - -如果你实现了一个 feature,并通过了单元测试,请用`git rebase`合并成一条标准的`feat: description`提交,然后向我们的 -项目提 PR,我们会在第一时间审核,并感谢您的参与。 - -**请问这个特性跟什么问题相关? 有哪些应用场景?请详细描述。** -请清晰准确的描述问题的内容,以及真实的场景。 - -**请描述一下你想怎么实现这个特性** -怎么样去实现这个特性?加入核心库?加入工程项目?还是其他方式。 -当然你也可以描述它的具体实现. - -**讨论** -如果这个特性应用场景非常多,或者非常重要,我们会第一时间去处理。但更多的我们希望更多的人参与讨论,来斟酌它的可行性。 diff --git a/.github/ISSUE_TEMPLATE/question.md b/.github/ISSUE_TEMPLATE/question.md deleted file mode 100644 index b247778..0000000 --- a/.github/ISSUE_TEMPLATE/question.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -name: 提出问题 -about: 关于项目的疑问 ---- - -请详细描述您对本项目的任何问题,我们会在第一时间查阅和解决。 diff --git a/.gitignore b/.gitignore index 8b4c712..618d387 100644 --- a/.gitignore +++ b/.gitignore @@ -1,21 +1,8 @@ -# .env 中记录了私密配置 -# *.env - +# OS .DS_Store -.idea -.vscode -*.pytest_cache/ -*.pyc -assets -logs - -# Created by https://www.toptal.com/developers/gitignore/api/python -# Edit at https://www.toptal.com/developers/gitignore?templates=python -### Python ### # Byte-compiled / optimized / DLL files __pycache__/ -*/__pycache__/ *.py[cod] *$py.class @@ -30,6 +17,7 @@ dist/ downloads/ eggs/ .eggs/ +lib/ lib64/ parts/ sdist/ @@ -54,7 +42,9 @@ pip-delete-this-directory.txt # Unit test / coverage reports htmlcov/ -test.json +.tox/ +.nox/ +.coverage .coverage.* .cache nosetests.xml @@ -63,7 +53,6 @@ coverage.xml *.py,cover .hypothesis/ .pytest_cache/ -pytestdebug.log # Translations *.mo @@ -74,7 +63,6 @@ pytestdebug.log local_settings.py db.sqlite3 db.sqlite3-journal -*.db # Flask stuff: instance/ @@ -85,7 +73,6 @@ instance/ # Sphinx documentation docs/_build/ -doc/_build/ # PyBuilder target/ @@ -118,6 +105,7 @@ celerybeat.pid *.sage.py # Environments +.env .venv env/ venv/ @@ -143,8 +131,22 @@ dmypy.json # Pyre type checker .pyre/ -# pytype static type analyzer -.pytype/ +# IDE +.vscode/ +.idea/ +.vim/ -# End of https://www.toptal.com/developers/gitignore/api/python +# custom +assets +logs + +*.pyc +# poetry lock +poetry.lock +# db +lincmsdev.db +lincmsprod.db +lincms.db +# .env 中记录了私密配置 +# *.env diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..5a390e1 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,17 @@ +repos: +- repo: https://github.com/PyCQA/flake8 + rev: 4.0.1 + hooks: + - id: flake8 + exclude: tests +- repo: https://github.com/psf/black + rev: 21.10b0 + hooks: + - id: black +- repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.0.1 + hooks: + - id: fix-byte-order-marker + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-added-large-files diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..c1bc75e --- /dev/null +++ b/Dockerfile @@ -0,0 +1,8 @@ +FROM python:3.9 +# 拷贝依赖 +COPY requirements-prod.txt . +# 安装依赖 +# RUN pip install -r requirements-prod.txt -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host=mirrors.aliyun.com >/dev/null 2>&1 +RUN pip install -r requirements-prod.txt >/dev/null 2>&1 +# 拷贝项目 +COPY . /app diff --git a/LICENSE b/LICENSE index 1a07553..68b0003 100644 --- a/LICENSE +++ b/LICENSE @@ -1,3 +1,20 @@ +ISC License + +Copyright (c) 2016, Kenneth Reitz + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +=== https://github.com/kennethreitz/records(v0.5.3) === + MIT License Copyright (c) 2019 TaleLin @@ -18,4 +35,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file +SOFTWARE. diff --git a/README.md b/README.md index a639680..6f4654b 100644 --- a/README.md +++ b/README.md @@ -10,10 +10,9 @@

一个简单易用的CMS后端项目 | Lin-CMS-Flask

- - flask version - lin--cms version - LISENCE + + Flask version + LISENCE

@@ -22,7 +21,7 @@

- 简介 | 快速开始 | 下个版本开发计划 + 简介 | 快速起步 

## 简介 @@ -33,16 +32,6 @@ Lin-CMS 是林间有风团队经过大量项目实践所提炼出的一套**内 本项目是 Lin CMS 后端的 Flask 实现,需要前端?请访问[前端仓库](https://github.com/TaleLin/lin-cms-vue)。 -### 当前最新版本 - -lin-cms-flask(当前示例工程):0.3.2 - -lin-cms(核心库) :0.3.1 - -### 文档地址 - -[https://doc.cms.talelin.com/start/flask/](https://doc.cms.talelin.com/start/flask/) - ### 线上 demo [http://face.cms.talelin.com/](http://face.cms.talelin.com/) @@ -61,11 +50,11 @@ QQ 群号:643205479 ### Lin CMS 的特点 -Lin CMS 的构筑思想是有其自身特点的。下面我们阐述一些 Lin 的主要特点。 +Lin CMS 的构筑思想是有其自身特点的。 #### Lin CMS 是一个前后端分离的 CMS 解决方案 -这意味着,Lin 既提供后台的支撑,也有一套对应的前端系统,当然双端分离的好处不仅仅在于此,我们会在后续提供`Java`版本的 Lin。如果您心仪 Lin,却又因为技术栈的原因无法即可使用,没关系,我们会在后续提供更多的语言版本。为什么 Lin 要选择前后端分离的单页面架构呢? +这意味着,Lin CMS 既提供后台的支撑,也有一套对应的前端系统,当然双端分离的好处不仅仅在于此。如果您心仪 Lin,却又因为技术栈的原因无法即可使用,没关系,我们也提供了更多的语言版本和框架的后端实现。为什么 Lin 要选择前后端分离的单页面架构呢? 首先,传统的网站开发更多的是采用服务端渲染的方式,需用使用一种模板语言在服务端完成页面渲染:比如 JinJa2、Jade 等。 服务端渲染的好处在于可以比较好的支持 SEO,但作为内部使用的 CMS 管理系统,SEO 并不重要。 @@ -92,111 +81,9 @@ Lin CMS 除了内置常见的功能外,还提供了一套开发规范与工具 #### 前端组件库支持 -Lin 还将提供一套类似于 Vue Element 的前端组件库,以方便前端开发者快速开发。相比于 Vue Element 或 iView 等成熟的组件库,Lin 所提供的组件库将针对 Lin CMS 的整体设计风格、交互体验等作出大量的优化,使用 Lin 的组件库将更容易开发出体验更好的 CMS 系统。当然,Lin 本身不限制开发者选用任何的组件库,您完全可以根据自己的喜好/习惯/熟悉度,去选择任意的一个基于 Vue 的组件库,比如前面提到的 Vue Element 和 iView 等。您甚至可以混搭使用。当然,前提是这些组件库是基于 Vue 的。 +Lin CMS 还将提供一套类似于 Vue Element 的前端组件库,以方便前端开发者快速开发。相比于 Vue Element 或 iView 等成熟的组件库,Lin 所提供的组件库将针对 Lin CMS 的整体设计风格、交互体验等作出大量的优化,使用 Lin CMS 的组件库将更容易开发出体验更好的 CMS 系统。当然,Lin CMS 本身不限制开发者选用任何的组件库,您完全可以根据自己的喜好/习惯/熟悉度,去选择任意的一个基于 Vue 的组件库,比如前面提到的 Vue Element 和 iView 等。您甚至可以混搭使用。当然,前提是这些组件库是基于 Vue 的。 #### 完善的文档 -我们将提供详尽的文档来帮助开发者使用 Lin - -### 所需基础 - -由于 Lin 采用的是前后端分离的架构,所以您至少需要熟悉 Python 和 Vue。 - -Lin 的服务端框架是基于 Python Flask 的,所以如果您比较熟悉 Flask 的开发模式,那将可以更好的使用 Lin。但如果您并不熟悉 Flask,我们认为也没有太大的关系,因为 Lin 本身已经提供了一套完整的开发机制,您只需要在 Lin 的框架下用 Python 来编写自己的业务代码即可。照葫芦画瓢应该就是这种感觉。 - -但前端不同,前端还是需要开发者比较熟悉 Vue 的。但我想以 Vue 在国内的普及程度,绝大多数的开发者是没有问题的。这也正是我们选择 Vue 作为前端框架的原因。如果您喜欢 React Or Angular,那么加入我们,为 Lin 开发一个对应的版本吧。 - -## 快速开始 - -### Server 端必备环境 - -- 安装`Python`环境(version: 3.6+) - -### 获取工程项目 - -打开您的命令行工具(terminal),在其中键入: - -```bash -git clone https://github.com/TaleLin/lin-cms-flask.git starter -``` - -> **Tips:** -> -> 我们以 `starter` 作为工程名,当然您也可以以任意您喜爱的名字作为工程名。 -> -> 如果您想以某个版本,如`0.0.1`版,作为起始项目,那么请在 github 上的版本页下载相应的版本即可。 - -### 安装依赖包 - -进入项目目录,调用环境中的 pip 来安装依赖包: - -```bash -pip install -r requirements-${env}.txt -``` - -### 数据库配置 - -#### 默认使用 Sqlite3 - -Lin 默认启用 Sqlite3 数据库,打开项目根目录下的.env 文件(我们提供了开发环境的`.development.env`和生产环境的`.production.env`),配置其`SQLALCHEMY_DATABASE_URI` - -> Tips: 下面我们用{env}指代配置对应的环境 - -```conf -# 数据库配置示例 - SQLALCHEMY_DATABASE_URI='sqlite:///relative/path/to/file.db' - - or - - SQLALCHEMY_DATABASE_URI='sqlite:////absolute/path/to/file.db' -``` - -这将在项目的最外层目录生成名为`lincms${env}.db`的 Sqlite3 数据库文件。 - -#### 使用 MySQL - -**Tips:** 默认的依赖中不包含 Python 的 Mysql 库,如有需要,请自行在您的运行环境中安装它(如`pymysql`或`cymysql`等)。 - -Lin 需要您自己在 MySQL 中新建一个数据库,名字由您自己决定(例如`lincms`)。 - -创建数据库后,打开项目根目录下的`.${env}.env`文件,配置对应的`SQLALCHEMY_DATABASE_URI`。 - -如下所示: - -```conf -# 数据库配置示例: '数据库+驱动库://用户名:密码@主机:端口/数据库名' -SQLALCHEMY_DATABASE_URI = 'mysql+pymysql://root:123456@localhost:3306/lincms' -``` - -> 您所使用的数据库账号必须具有创建数据表的权限,否则 Lin 将无法为您自动创建数据表 - -### 初始化 - -如果您是第一次使用 **`Lin-CMS`**,需要初始化数据库。 - -请先进入项目根目录,然后执行`flask db init`,用来添加超级管理员 root(默认密码 123456), 以及新建其他必要的分组 - -> **Tips:** -> 如果您需要一些业务样例数据,可以执行脚本`flask db fake`添加它 - -### 运行 - -一切就绪后,再次从命令行中执行 - -```bash -flask run -``` - -如果一切顺利,您将在命令行中看到项目成功运行的信息。如果您没有修改代码,Lin 将默认在本地启动一个端口号为 5000 的端口用来监听请求。此时,我们访问`http://localhost:5000`,将看到一组字符: - -“心上无垢,林间有风" - -点击“心上无垢”,将跳转到`Redoc`页面;点击“林间有风”,跳转到`Swagger`页面。 - -这证明您已经成功的将服务运行起来了,Congratulations! - -## 后续开发计划 - -- [x] 重构插件机制 -- [x] 新增七牛上传插件 -- [ ] 扩展行为日志 +我们将提供尽可能完善的[文档](https://doc.cms.talelin.com) +来帮助开发者使用 Lin CMS diff --git a/app/__init__.py b/app/__init__.py index 77f93a6..ce60bae 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -3,9 +3,13 @@ :license: MIT, see LICENSE for more details. """ +import os + from dotenv import load_dotenv from flask import Flask +from app.util.common import basedir + def register_blueprints(app): from app.api.cms import create_cms @@ -23,7 +27,7 @@ def register_cli(app): def register_api(app): - from lin.apidoc import api + from app.api import api api.register(app) @@ -34,6 +38,12 @@ def apply_cors(app): CORS(app) +def init_socketio(app): + from app.extension.notify.socketio import socketio + + socketio.init_app(app, cors_allowed_origins="*") + + def load_app_config(app): """ 根据指定配置环境自动加载对应环境变量和配置类到app config @@ -41,7 +51,7 @@ def load_app_config(app): # 根据传入环境加载对应配置 env = app.config.get("ENV") # 读取 .env - load_dotenv(".{env}.env".format(env=env)) + load_dotenv(os.path.join(basedir, ".{env}.env").format(env=env)) # 读取配置类 app.config.from_object( "app.config.{env}.{Env}Config".format(env=env, Env=env.capitalize()) @@ -49,7 +59,7 @@ def load_app_config(app): def set_global_config(**kwargs): - from lin.config import global_config + from lin import global_config # 获取config_*参数对象并挂载到脱离上下文的global config for k, v in kwargs.items(): @@ -58,17 +68,19 @@ def set_global_config(**kwargs): def create_app(register_all=True, **kwargs): + # 全局配置优先生效 + set_global_config(**kwargs) # http wsgi server托管启动需指定读取环境配置 - load_dotenv(".flaskenv") - app = Flask(__name__, static_folder="../assets") + load_dotenv(os.path.join(basedir, ".flaskenv")) + app = Flask(__name__, static_folder=os.path.join(basedir, "assets")) load_app_config(app) if register_all: from lin import Lin - set_global_config(**kwargs) register_blueprints(app) register_api(app) apply_cors(app) + init_socketio(app) Lin(app, **kwargs) register_cli(app) return app diff --git a/app/api/__init__.py b/app/api/__init__.py index 53b4b45..85526d6 100644 --- a/app/api/__init__.py +++ b/app/api/__init__.py @@ -1,4 +1,33 @@ """ - :copyright: © 2020 by the Lin team. + :copyright: © 2021 by the Lin team. :license: MIT, see LICENSE for more details. """ + +from spectree import SecurityScheme + +from lin import SpecTree + +api = SpecTree( + backend_name="flask", + title="Lin-CMS-Flask", + mode="strict", + version="0.4.0", + # OpenAPI对所有接口描述默认返回一个参数错误, http_status_code为400。 + validation_error_status=400, + annotations=True, + security_schemes=[ + SecurityScheme( + name="AuthorizationBearer", + data={ + "type": "http", + "scheme": "bearer", + }, + ), + ], + # swaggerUI中所有接口默认允许传递Headers的AuthorizationToken字段 + # 不需要在每个api.validate(security=...)中指定它 + # 但所有接口都会显示一把小锁 + # SECURITY={"AuthorizationBearer": []}, +) + +AuthorizationBearerSecurity = {"AuthorizationBearer": []} diff --git a/app/api/cms/__init__.py b/app/api/cms/__init__.py index 02eef9e..b36ae49 100644 --- a/app/api/cms/__init__.py +++ b/app/api/cms/__init__.py @@ -10,13 +10,13 @@ def create_cms(): cms = Blueprint("cms", __name__) - from .admin import admin_api - from .file import file_api - from .log import log_api - from .user import user_api + from app.api.cms.admin import admin_api + from app.api.cms.file import file_api + from app.api.cms.log import log_api + from app.api.cms.user import user_api - admin_api.register(cms) - user_api.register(cms) - log_api.register(cms) - file_api.register(cms) + cms.register_blueprint(admin_api, url_prefix="/admin") + cms.register_blueprint(user_api, url_prefix="/user") + cms.register_blueprint(log_api, url_prefix="/log") + cms.register_blueprint(file_api, url_prefix="/file") return cms diff --git a/app/api/cms/admin.py b/app/api/cms/admin.py index d2cd225..e3845ff 100644 --- a/app/api/cms/admin.py +++ b/app/api/cms/admin.py @@ -6,18 +6,10 @@ """ import math -from flask import request -from lin import find_user, get_ep_infos, manager, permission_meta -from lin.db import db -from lin.enums import GroupLevelEnum -from lin.exception import Forbidden, NotFound, ParameterError, Success -from lin.jwt import admin_required -from lin.logger import Logger -from lin.redprint import Redprint +from flask import Blueprint, request from sqlalchemy import func -from app.util.page import get_page_from_query, paginate -from app.validator.form import ( +from app.api.cms.validator import ( DispatchAuth, DispatchAuths, NewGroup, @@ -26,15 +18,28 @@ UpdateGroup, UpdateUserInfoForm, ) +from lin import ( + Forbidden, + GroupLevelEnum, + Logger, + NotFound, + ParameterError, + Success, + admin_required, + db, + manager, + permission_meta, +) +from app.util.page import get_page_from_query, paginate -admin_api = Redprint("admin") +admin_api = Blueprint("admin", __name__) @admin_api.route("/permission") @permission_meta(name="查询所有可分配的权限", module="管理员", mount=False) @admin_required def permissions(): - return get_ep_infos() + return manager.get_ep_infos() @admin_api.route("/users") @@ -121,7 +126,7 @@ def get_admin_users(): def change_user_password(uid): form = ResetPasswordForm().validate_for_api() - user = find_user(id=uid) + user = manager.find_user(id=uid) if user is None: raise NotFound("用户不存在") @@ -211,7 +216,7 @@ def get_admin_groups(): db.session.query(func.count(manager.group_model.id)) .filter( manager.group_model.level != GroupLevelEnum.ROOT.value, - manager.group_model.delete_time == None, + manager.group_model.is_deleted == False, ) .scalar() ) @@ -232,7 +237,7 @@ def get_admin_groups(): @admin_required def get_all_group(): groups = manager.group_model.query.filter( - manager.group_model.delete_time == None, + manager.group_model.is_deleted == False, manager.group_model.level != GroupLevelEnum.ROOT.value, ).all() if groups is None: diff --git a/app/api/cms/exception/__init__.py b/app/api/cms/exception/__init__.py new file mode 100644 index 0000000..8a16dae --- /dev/null +++ b/app/api/cms/exception/__init__.py @@ -0,0 +1,7 @@ +from lin import Failed + + +class RefreshFailed(Failed): + message = "令牌刷新失败" + message_code = 10052 + _config = False diff --git a/app/api/cms/file.py b/app/api/cms/file.py index 97b4adf..a0f732e 100644 --- a/app/api/cms/file.py +++ b/app/api/cms/file.py @@ -2,13 +2,12 @@ :copyright: © 2020 by the Lin team. :license: MIT, see LICENSE for more details. """ -from flask import request -from lin.jwt import login_required -from lin.redprint import Redprint +from flask import Blueprint, request +from lin import login_required from app.extension.file.local_uploader import LocalUploader -file_api = Redprint("file") +file_api = Blueprint("file", __name__) @file_api.route("", methods=["POST"]) diff --git a/app/api/cms/log.py b/app/api/cms/log.py index 8220660..8967717 100644 --- a/app/api/cms/log.py +++ b/app/api/cms/log.py @@ -1,35 +1,25 @@ import math -from flask import g -from lin import permission_meta -from lin.apidoc import DocResponse, api -from lin.db import db -from lin.jwt import group_required -from lin.logger import Log -from lin.redprint import Redprint +from flask import Blueprint, g from sqlalchemy import text -from app.validator.schema import ( - AuthorizationSchema, - LogPageSchema, - LogQuerySearchSchema, - UsernameListSchema, -) +from app.api import AuthorizationBearerSecurity, api +from app.api.cms.schema import LogPageSchema, LogQuerySearchSchema, UsernameListSchema +from lin import DocResponse, Log, db, group_required, permission_meta -log_api = Redprint("log") +log_api = Blueprint("log", __name__) @log_api.route("") @permission_meta(name="查询日志", module="日志") @group_required @api.validate( - headers=AuthorizationSchema, - query=LogQuerySearchSchema, resp=DocResponse(r=LogPageSchema), before=LogQuerySearchSchema.offset_handler, + security=[AuthorizationBearerSecurity], tags=["日志"], ) -def get_logs(): +def get_logs(query: LogQuerySearchSchema): """ 日志浏览查询(人员,时间, 关键字),分页展示 """ @@ -44,7 +34,7 @@ def get_logs(): page=g.page, count=g.count, total=total, - items=get_items_with_time_field(items), + items=items, total_page=total_page, ) @@ -53,13 +43,12 @@ def get_logs(): @permission_meta(name="搜索日志", module="日志") @group_required @api.validate( - headers=AuthorizationSchema, - query=LogQuerySearchSchema, resp=DocResponse(r=LogPageSchema), + security=[AuthorizationBearerSecurity], before=LogQuerySearchSchema.offset_handler, tags=["日志"], ) -def search_logs(): +def search_logs(query: LogQuerySearchSchema): """ 日志搜索(人员,时间, 关键字),分页展示 """ @@ -82,7 +71,7 @@ def search_logs(): page=g.page, count=g.count, total=total, - items=get_items_with_time_field(items), + items=items, total_page=total_page, ) @@ -91,8 +80,8 @@ def search_logs(): @permission_meta(name="查询日志记录的用户", module="日志") @group_required @api.validate( - headers=AuthorizationSchema, resp=DocResponse(r=UsernameListSchema), + security=[AuthorizationBearerSecurity], tags=["日志"], ) def get_users_for_log(): @@ -107,13 +96,3 @@ def get_users_for_log(): .all() ) return UsernameListSchema(items=[u.username for u in usernames]) - - -# TODO:临时time字段, 等待lin 核心库中调整后移除 -def get_items_with_time_field(items): - new_items = list() - for item in items: - item = dict(item) - item["time"] = item["create_time"] - new_items.append(item) - return new_items diff --git a/app/model/v1/__init__.py b/app/api/cms/model/__init__.py similarity index 100% rename from app/model/v1/__init__.py rename to app/api/cms/model/__init__.py diff --git a/app/model/lin/group.py b/app/api/cms/model/group.py similarity index 88% rename from app/model/lin/group.py rename to app/api/cms/model/group.py index 402d81a..54df89a 100644 --- a/app/model/lin/group.py +++ b/app/api/cms/model/group.py @@ -1,26 +1,26 @@ -from lin.model import Group as LinGroup -from lin.model import db, manager - - -class Group(LinGroup): - def _set_fields(self): - self._exclude = ["delete_time", "create_time", "update_time"] - - @classmethod - def select_by_user_id(cls, user_id) -> list: - """ - 根据用户Id,通过User-Group关联表,获取所属用户组对象列表 - """ - query = ( - db.session.query(manager.user_group_model.group_id) - .join( - manager.user_model, - manager.user_model.id == manager.user_group_model.user_id, - ) - .filter( - manager.user_model.delete_time == None, manager.user_model.id == user_id - ) - ) - result = cls.query.filter_by(soft=True).filter(cls.id.in_(query)) - groups = result.all() - return groups +from lin import Group as LinGroup +from lin import db, manager + + +class Group(LinGroup): + def _set_fields(self): + self._exclude = ["delete_time", "create_time", "update_time", "is_deleted"] + + @classmethod + def select_by_user_id(cls, user_id) -> list: + """ + 根据用户Id,通过User-Group关联表,获取所属用户组对象列表 + """ + query = ( + db.session.query(manager.user_group_model.group_id) + .join( + manager.user_model, + manager.user_model.id == manager.user_group_model.user_id, + ) + .filter( + manager.user_model.delete_time == None, manager.user_model.id == user_id + ) + ) + result = cls.query.filter_by(soft=True).filter(cls.id.in_(query)) + groups = result.all() + return groups diff --git a/app/model/lin/group_permission.py b/app/api/cms/model/group_permission.py similarity index 77% rename from app/model/lin/group_permission.py rename to app/api/cms/model/group_permission.py index 58126ec..4e16df6 100644 --- a/app/model/lin/group_permission.py +++ b/app/api/cms/model/group_permission.py @@ -1,14 +1,14 @@ -from lin.model import GroupPermission as LinGroupPermission -from lin.model import db, manager - - -class GroupPermission(LinGroupPermission): - @classmethod - def delete_batch_by_group_id_and_permission_ids( - cls, group_id, permission_ids: list, commit=False - ): - cls.query.filter_by(group_id=group_id).filter( - cls.permission_id.in_(permission_ids) - ).delete(synchronize_session=False) - if commit: - db.session.commit() +from lin import GroupPermission as LinGroupPermission +from lin import db + + +class GroupPermission(LinGroupPermission): + @classmethod + def delete_batch_by_group_id_and_permission_ids( + cls, group_id, permission_ids: list, commit=False + ): + cls.query.filter_by(group_id=group_id).filter( + cls.permission_id.in_(permission_ids) + ).delete(synchronize_session=False) + if commit: + db.session.commit() diff --git a/app/model/lin/permission.py b/app/api/cms/model/permission.py similarity index 92% rename from app/model/lin/permission.py rename to app/api/cms/model/permission.py index 92dd75b..38b2a3c 100644 --- a/app/model/lin/permission.py +++ b/app/api/cms/model/permission.py @@ -1,42 +1,42 @@ -from lin.model import Permission as LinPermission -from lin.model import db, manager - - -class Permission(LinPermission): - @classmethod - def select_by_group_id(cls, group_id) -> list: - """ - 传入用户组Id ,根据 Group-Permission关联表 获取 权限列表 - """ - query = db.session.query(manager.group_permission_model.permission_id).filter( - manager.group_permission_model.group_id == group_id - ) - result = cls.query.filter_by(soft=True, mount=True).filter(cls.id.in_(query)) - permissions = result.all() - return permissions - - @classmethod - def select_by_group_ids(cls, group_ids: list) -> list: - """ - 传入用户组Id列表 ,根据 Group-Permission关联表 获取 权限列表 - """ - query = db.session.query(manager.group_permission_model.permission_id).filter( - manager.group_permission_model.group_id.in_(group_ids) - ) - result = cls.query.filter_by(soft=True, mount=True).filter(cls.id.in_(query)) - permissions = result.all() - return permissions - - @classmethod - def select_by_group_ids_and_module(cls, group_ids: list, module) -> list: - """ - 传入用户组的 id 列表 和 权限模块名称,根据 Group-Permission关联表 获取 权限列表 - """ - query = db.session.query(manager.group_permission_model.permission_id).filter( - manager.group_permission_model.group_id.in_(group_ids) - ) - result = cls.query.filter_by(soft=True, module=module, mount=True).filter( - cls.id.in_(query) - ) - permissions = result.all() - return permissions +from lin import Permission as LinPermission +from lin import db, manager + + +class Permission(LinPermission): + @classmethod + def select_by_group_id(cls, group_id) -> list: + """ + 传入用户组Id ,根据 Group-Permission关联表 获取 权限列表 + """ + query = db.session.query(manager.group_permission_model.permission_id).filter( + manager.group_permission_model.group_id == group_id + ) + result = cls.query.filter_by(soft=True, mount=True).filter(cls.id.in_(query)) + permissions = result.all() + return permissions + + @classmethod + def select_by_group_ids(cls, group_ids: list) -> list: + """ + 传入用户组Id列表 ,根据 Group-Permission关联表 获取 权限列表 + """ + query = db.session.query(manager.group_permission_model.permission_id).filter( + manager.group_permission_model.group_id.in_(group_ids) + ) + result = cls.query.filter_by(soft=True, mount=True).filter(cls.id.in_(query)) + permissions = result.all() + return permissions + + @classmethod + def select_by_group_ids_and_module(cls, group_ids: list, module) -> list: + """ + 传入用户组的 id 列表 和 权限模块名称,根据 Group-Permission关联表 获取 权限列表 + """ + query = db.session.query(manager.group_permission_model.permission_id).filter( + manager.group_permission_model.group_id.in_(group_ids) + ) + result = cls.query.filter_by(soft=True, module=module, mount=True).filter( + cls.id.in_(query) + ) + permissions = result.all() + return permissions diff --git a/app/model/lin/user.py b/app/api/cms/model/user.py similarity index 79% rename from app/model/lin/user.py rename to app/api/cms/model/user.py index b401247..b423f47 100644 --- a/app/model/lin/user.py +++ b/app/api/cms/model/user.py @@ -1,43 +1,45 @@ -from lin.model import User as LinUser -from lin.model import db, func, manager - - -class User(LinUser): - def _set_fields(self): - self._exclude = ["delete_time", "create_time", "update_time"] - - @classmethod - def count_by_username(cls, username) -> int: - result = db.session.query(func.count(cls.id)).filter( - cls.username == username, cls.delete_time == None - ) - count = result.scalar() - return count - - @classmethod - def count_by_email(cls, email) -> int: - result = db.session.query(func.count(cls.id)).filter( - cls.email == email, cls.delete_time == None - ) - count = result.scalar() - return count - - @classmethod - def select_page_by_group_id(cls, group_id, root_group_id) -> list: - """通过分组id分页获取用户数据""" - query = db.session.query(manager.user_group_model.user_id).filter( - manager.user_group_model.group_id == group_id, - manager.user_group_model.group_id != root_group_id, - ) - result = cls.query.filter_by(soft=True).filter(cls.id.in_(query)) - users = result.all() - return users - - def reset_password(self, new_password): - self.password = new_password - - def change_password(self, old_password, new_password): - if self.check_password(old_password): - self.password = new_password - return True - return False +from sqlalchemy import func + +from lin import User as LinUser +from lin import db, manager + + +class User(LinUser): + def _set_fields(self): + self._exclude = ["delete_time", "create_time", "is_deleted", "update_time"] + + @classmethod + def count_by_username(cls, username) -> int: + result = db.session.query(func.count(cls.id)).filter( + cls.username == username, cls.is_deleted == False + ) + count = result.scalar() + return count + + @classmethod + def count_by_email(cls, email) -> int: + result = db.session.query(func.count(cls.id)).filter( + cls.email == email, cls.is_deleted == False + ) + count = result.scalar() + return count + + @classmethod + def select_page_by_group_id(cls, group_id, root_group_id) -> list: + """通过分组id分页获取用户数据""" + query = db.session.query(manager.user_group_model.user_id).filter( + manager.user_group_model.group_id == group_id, + manager.user_group_model.group_id != root_group_id, + ) + result = cls.query.filter_by(soft=True).filter(cls.id.in_(query)) + users = result.all() + return users + + def reset_password(self, new_password): + self.password = new_password + + def change_password(self, old_password, new_password): + if self.check_password(old_password): + self.password = new_password + return True + return False diff --git a/app/model/lin/user_group.py b/app/api/cms/model/user_group.py similarity index 78% rename from app/model/lin/user_group.py rename to app/api/cms/model/user_group.py index 8d28c9d..1710fdb 100644 --- a/app/model/lin/user_group.py +++ b/app/api/cms/model/user_group.py @@ -1,14 +1,14 @@ -from lin.model import UserGroup as LinUserGroup -from lin.model import db, manager - - -class UserGroup(LinUserGroup): - @classmethod - def delete_batch_by_user_id_and_group_ids( - cls, user_id, group_ids: list, commit=False - ): - cls.query.filter_by(user_id=user_id).filter(cls.group_id.in_(group_ids)).delete( - synchronize_session=False - ) - if commit: - db.session.commit() +from lin import UserGroup as LinUserGroup +from lin import db + + +class UserGroup(LinUserGroup): + @classmethod + def delete_batch_by_user_id_and_group_ids( + cls, user_id, group_ids: list, commit=False + ): + cls.query.filter_by(user_id=user_id).filter(cls.group_id.in_(group_ids)).delete( + synchronize_session=False + ) + if commit: + db.session.commit() diff --git a/app/api/cms/model/user_identity.py b/app/api/cms/model/user_identity.py new file mode 100644 index 0000000..7f3fa29 --- /dev/null +++ b/app/api/cms/model/user_identity.py @@ -0,0 +1,5 @@ +from lin import UserIdentity as LinUserIdentity + + +class UserIdentity(LinUserIdentity): + pass diff --git a/app/validator/schema.py b/app/api/cms/schema/__init__.py similarity index 54% rename from app/validator/schema.py rename to app/api/cms/schema/__init__.py index 605ff19..ba681c2 100644 --- a/app/validator/schema.py +++ b/app/api/cms/schema/__init__.py @@ -1,21 +1,12 @@ import re from datetime import datetime -from enum import Enum -from typing import Any, List, Optional +from typing import List, Optional from flask import g -from lin.apidoc import BaseModel from pydantic import Field, validator -datetime_regex = "^((([1-9][0-9][0-9][0-9]-(0[13578]|1[02])-(0[1-9]|[12][0-9]|3[01]))|(20[0-3][0-9]-(0[2469]|11)-(0[1-9]|[12][0-9]|30))) (20|21|22|23|[0-1][0-9]):[0-5][0-9]:[0-5][0-9])$" - - -class AuthorizationSchema(BaseModel): - Authorization: str - - -class BookQuerySearchSchema(BaseModel): - q: Optional[str] = str() +from lin import BaseModel +from app.schema import BasePageSchema, datetime_regex class UsernameListSchema(BaseModel): @@ -42,7 +33,6 @@ def offset_handler(req, resp, req_validation_error, instance): class LogSchema(BaseModel): - id: int message: str user_id: int username: str @@ -50,40 +40,27 @@ class LogSchema(BaseModel): method: str path: str permission: str - time: datetime - - -class BasePageSchema(BaseModel): - page: int - count: int - total: int - total_page: int - items: List[Any] + time: datetime = Field(alias="create_time") class LogPageSchema(BasePageSchema): items: List[LogSchema] -class BookInSchema(BaseModel): - title: str - author: str - image: str - summary: str +class LoginSchema(BaseModel): + username: str = Field(description="用户名") + password: str = Field(description="密码") + captcha: Optional[str] = Field(description="验证码") -class BookOutSchema(BaseModel): - id: int - title: str - author: str - image: str - summary: str +class AccessTokenSchema(BaseModel): + __root__: str = Field(description="access_token") -class BookSchemaList(BaseModel): - __root__: List[BookOutSchema] +class RefreshTokenSchema(BaseModel): + __root__: str = Field(description="refresh_token") -class Language(str, Enum): - en = "en-US" - zh = "zh-CN" +class LoginTokenSchema(BaseModel): + access_token: AccessTokenSchema + refresh_token: RefreshTokenSchema diff --git a/app/api/cms/user.py b/app/api/cms/user.py index 5c92760..fe16ca5 100644 --- a/app/api/cms/user.py +++ b/app/api/cms/user.py @@ -4,33 +4,45 @@ :copyright: © 2020 by the Lin team. :license: MIT, see LICENSE for more details. """ -from flask import current_app, request +from flask import Blueprint, current_app, request from flask_jwt_extended import ( create_access_token, create_refresh_token, get_current_user, get_jwt_identity, - verify_jwt_refresh_token_in_request, + verify_jwt_in_request, ) from itsdangerous import JSONWebSignatureSerializer as JWSSerializer -from lin import manager, permission_meta -from lin.db import db -from lin.exception import Duplicated, Failed, NotFound, ParameterError, Success -from lin.jwt import admin_required, get_tokens, login_required -from lin.logger import Log, Logger -from lin.redprint import Redprint - -from app.exception.api import RefreshFailed -from app.util.captcha import CaptchaTool -from app.util.common import split_group -from app.validator.form import ( + +from app.api import api +from app.api.cms.exception import RefreshFailed +from app.api.cms.schema import LoginSchema, LoginTokenSchema +from app.api.cms.validator import ( ChangePasswordForm, LoginForm, RegisterForm, UpdateInfoForm, ) +from lin import ( + DocResponse, + Duplicated, + Failed, + Log, + Logger, + NotFound, + ParameterError, + Success, + admin_required, + db, + get_tokens, + login_required, + manager, + permission_meta, +) +from app.util.captcha import CaptchaTool +from app.util.common import split_group -user_api = Redprint("user") +user_api = Blueprint("user", __name__) @user_api.route("/register", methods=["POST"]) @@ -40,16 +52,20 @@ def register(): form = RegisterForm().validate_for_api() if manager.user_model.count_by_username(form.username.data) > 0: - raise Duplicated("用户名重复,请重新输入") + raise Duplicated("用户名重复,请重新输入") # type: ignore if form.email.data and form.email.data.strip() != "": if manager.user_model.count_by_email(form.email.data) > 0: - raise Duplicated("注册邮箱重复,请重新输入") + raise Duplicated("注册邮箱重复,请重新输入") # type: ignore _register_user(form) - return Success("用户创建成功") + return Success("用户创建成功") # type: ignore @user_api.route("/login", methods=["POST"]) -def login(): +@api.validate(resp=DocResponse(Failed("验证码校验失败"), r=LoginTokenSchema), tags=["用户"]) +def login(json: LoginSchema): + """ + 用户登录, 返回 access_token 和 refresh_token + """ form = LoginForm().validate_for_api() # 校对验证码 if current_app.config.get("LOGIN_CAPTCHA"): @@ -57,7 +73,7 @@ def login(): secret_key = current_app.config.get("SECRET_KEY") serializer = JWSSerializer(secret_key) if form.captcha.data != serializer.loads(tag): - raise Failed("验证码校验失败") + raise Failed("验证码校验失败") # type: ignore user = manager.user_model.verify(form.username.data, form.password.data) # 用户未登录,此处不能用装饰器记录日志 @@ -126,7 +142,7 @@ def get_information(): @permission_meta(name="刷新令牌", module="用户", mount=False) def refresh(): try: - verify_jwt_refresh_token_in_request() + verify_jwt_in_request(refresh=True) except Exception: return RefreshFailed() @@ -189,6 +205,5 @@ def get_captcha(): image, code = CaptchaTool().get_verify_code() secret_key = current_app.config.get("SECRET_KEY") serializer = JWSSerializer(secret_key) - tag = str(serializer.dumps(code), encoding="utf-8") - image = str(image, encoding="utf-8") + tag = serializer.dumps(code) return {"tag": tag, "image": image} diff --git a/app/validator/form.py b/app/api/cms/validator/__init__.py similarity index 98% rename from app/validator/form.py rename to app/api/cms/validator/__init__.py index 937715e..69d7091 100644 --- a/app/validator/form.py +++ b/app/api/cms/validator/__init__.py @@ -5,12 +5,11 @@ import re import time -from lin import manager -from lin.exception import ParameterError -from lin.form import Form from wtforms import DateTimeField, FieldList, IntegerField, PasswordField, StringField from wtforms.validators import DataRequired, EqualTo, NumberRange, Regexp, length +from lin import Form, ParameterError, manager + # 注册校验 diff --git a/app/api/v1/__init__.py b/app/api/v1/__init__.py index 3630fed..a4ba257 100644 --- a/app/api/v1/__init__.py +++ b/app/api/v1/__init__.py @@ -1,14 +1,9 @@ -""" - :copyright: © 2020 by the Lin team. - :license: MIT, see LICENSE for more details. -""" - from flask import Blueprint -from app.api.v1 import book +from app.api.v1.book import book_api def create_v1(): bp_v1 = Blueprint("v1", __name__) - book.book_api.register(bp_v1) + bp_v1.register_blueprint(book_api, url_prefix="/book") return bp_v1 diff --git a/app/api/v1/book.py b/app/api/v1/book.py index 601e462..7938b0c 100644 --- a/app/api/v1/book.py +++ b/app/api/v1/book.py @@ -5,24 +5,26 @@ :license: MIT, see LICENSE for more details. """ -from flask import g, request -from lin import permission_meta -from lin.apidoc import DocResponse, api -from lin.exception import Success -from lin.jwt import group_required, login_required -from lin.redprint import Redprint +from flask import Blueprint, g -from app.exception.api import BookNotFound -from app.model.v1.book import Book -from app.validator.schema import ( - AuthorizationSchema, +from app.api import AuthorizationBearerSecurity, api +from app.api.v1.exception import BookNotFound +from app.api.v1.model.book import Book +from app.api.v1.schema import ( BookInSchema, BookOutSchema, BookQuerySearchSchema, BookSchemaList, ) +from lin import ( + DocResponse, + Success, + group_required, + login_required, + permission_meta, +) -book_api = Redprint("book") +book_api = Blueprint("book", __name__) @book_api.route("/") @@ -54,54 +56,49 @@ def get_books(): @book_api.route("/search") @api.validate( - query=BookQuerySearchSchema, resp=DocResponse(r=BookSchemaList), tags=["图书"], ) -def search(): +def search(query: BookQuerySearchSchema): """ 关键字搜索图书 """ return Book.query.filter( - Book.title.like("%" + g.q + "%"), Book.delete_time == None + Book.title.like("%" + g.q + "%"), Book.is_deleted == False ).all() @book_api.route("", methods=["POST"]) @login_required @api.validate( - headers=AuthorizationSchema, - json=BookInSchema, resp=DocResponse(Success(12)), + security=[AuthorizationBearerSecurity], tags=["图书"], ) -def create_book(): +def create_book(json: BookInSchema): """ 创建图书 """ - book_schema = request.context.json - Book.create(**book_schema.dict(), commit=True) + Book.create(**json.dict(), commit=True) return Success(12) @book_api.route("/", methods=["PUT"]) @login_required @api.validate( - headers=AuthorizationSchema, - json=BookInSchema, resp=DocResponse(Success(13)), + security=[AuthorizationBearerSecurity], tags=["图书"], ) -def update_book(id): +def update_book(id, json: BookInSchema): """ 更新图书信息 """ - book_schema = request.context.json book = Book.get(id=id) if book: book.update( id=id, - **book_schema.dict(), + **json.dict(), commit=True, ) return Success(13) @@ -112,8 +109,8 @@ def update_book(id): @permission_meta(name="删除图书", module="图书") @group_required @api.validate( - headers=AuthorizationSchema, resp=DocResponse(BookNotFound, Success(14)), + security=[AuthorizationBearerSecurity], tags=["图书"], ) def delete_book(id): diff --git a/app/exception/api.py b/app/api/v1/exception/__init__.py similarity index 52% rename from app/exception/api.py rename to app/api/v1/exception/__init__.py index 846fe18..dd769b0 100644 --- a/app/exception/api.py +++ b/app/api/v1/exception/__init__.py @@ -1,4 +1,4 @@ -from lin.exception import Duplicated, Failed, NotFound +from lin import Duplicated, NotFound class BookNotFound(NotFound): @@ -10,9 +10,3 @@ class BookDuplicated(Duplicated): code = 419 message = "图书已存在" _config = False - - -class RefreshFailed(Failed): - message = "令牌刷新失败" - message_code = 10052 - _config = False diff --git a/app/api/v1/model/__init__.py b/app/api/v1/model/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/app/model/v1/book.py b/app/api/v1/model/book.py similarity index 82% rename from app/model/v1/book.py rename to app/api/v1/model/book.py index a1953a5..ef1f2fb 100644 --- a/app/model/v1/book.py +++ b/app/api/v1/model/book.py @@ -3,10 +3,9 @@ :license: MIT, see LICENSE for more details. """ -from lin.interface import InfoCrud as Base from sqlalchemy import Column, Integer, String -from app.exception.api import BookNotFound +from lin import InfoCrud as Base class Book(Base): diff --git a/app/api/v1/schema/__init__.py b/app/api/v1/schema/__init__.py new file mode 100644 index 0000000..71bb147 --- /dev/null +++ b/app/api/v1/schema/__init__.py @@ -0,0 +1,26 @@ +from typing import List, Optional + +from lin import BaseModel + + +class BookQuerySearchSchema(BaseModel): + q: Optional[str] = str() + + +class BookInSchema(BaseModel): + title: str + author: str + image: str + summary: str + + +class BookOutSchema(BaseModel): + id: int + title: str + author: str + image: str + summary: str + + +class BookSchemaList(BaseModel): + __root__: List[BookOutSchema] diff --git a/app/api/v1/validator/__init__.py b/app/api/v1/validator/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/app/cli/db/fake.py b/app/cli/db/fake.py index 0d78372..8b29b9d 100644 --- a/app/cli/db/fake.py +++ b/app/cli/db/fake.py @@ -3,9 +3,8 @@ :license: MIT, see LICENSE for more details. """ -from lin.db import db - -from app.model.v1.book import Book +from app.api.v1.model.book import Book +from lin import db def fake(): diff --git a/app/cli/db/init.py b/app/cli/db/init.py index 96bbf63..01adc78 100644 --- a/app/cli/db/init.py +++ b/app/cli/db/init.py @@ -2,9 +2,7 @@ :copyright: © 2020 by the Lin team. :license: MIT, see LICENSE for more details. """ -from lin import manager -from lin.db import db -from lin.enums import GroupLevelEnum +from lin import GroupLevelEnum, db, manager def init(force=False): diff --git a/app/cli/plugin/generator.py b/app/cli/plugin/generator.py index 61d3d01..0769a32 100644 --- a/app/cli/plugin/generator.py +++ b/app/cli/plugin/generator.py @@ -12,7 +12,7 @@ """ controller = """ -from lin.redprint import Redprint +from lin import Redprint {0}_api = Redprint("{0}") diff --git a/app/cli/plugin/init.py b/app/cli/plugin/init.py index 49f56f9..27b728e 100644 --- a/app/cli/plugin/init.py +++ b/app/cli/plugin/init.py @@ -130,7 +130,7 @@ def __update_setting(self, new_setting): setting_path = self.app.config.root_path + "/config/base.py" with open(setting_path, "r", encoding="UTF-8") as f: content = f.read() - pattern = "PLUGIN_PATH = \{([\s\S]*)\}+.*?" + pattern = "PLUGIN_PATH = \{([\s\S]*)\}+.*?" # type: ignore if len(re.findall(pattern, content)) == 0: content += """ PLUGIN_PATH = {} diff --git a/app/config/base.py b/app/config/base.py index f980a06..7049db3 100644 --- a/app/config/base.py +++ b/app/config/base.py @@ -32,8 +32,9 @@ class BaseConfig(object): # 令牌配置 JWT_ACCESS_TOKEN_EXPIRES = timedelta(hours=1) - # 启用验证码登录 - LOGIN_CAPTCHA = True + # 登录验证码 + LOGIN_CAPTCHA = False + # 默认文件上传配置 FILE = { "STORE_DIR": "assets", diff --git a/app/config/http_status_desc.py b/app/config/http_status_desc.py deleted file mode 100644 index 5fb6cf3..0000000 --- a/app/config/http_status_desc.py +++ /dev/null @@ -1,64 +0,0 @@ -DESC = { - # Information 1xx - 100: "Continue", - 101: "Switching Protocols", - # Successful 2xx - 200: "OK", - 201: "Created", - 202: "Accepted", - 203: "Non-Authoritative Information", - 204: "No Content", - 205: "Reset Content", - 206: "Partial Content", - # Redirection 3xx - 300: "Multiple Choices", - 301: "Moved Permanently", - 302: "Found", - 303: "See Other", - 304: "Not Modified", - 305: "Use Proxy", - 306: "(Unused)", - 307: "Temporary Redirect", - 308: "Permanent Redirect", - # Client Error 4xx - 400: "Bad Request", - 401: "Unauthorized", - 402: "Payment Required", - 403: "Forbidden", - 404: "Not Found", - 405: "Method Not Allowed", - 406: "Not Acceptable", - 407: "Proxy Authentication Required", - 408: "Request Timeout", - 409: "Conflict", - 410: "Gone", - 411: "Length Required", - 412: "Precondition Failed", - 413: "Request Entity Too Large", - 414: "Request-URI Too Long", - 415: "Unsupported Media Type", - 416: "Requested Range Not Satisfiable", - 417: "Expectation Failed", - 418: "I'm a teapot", - 421: "Misdirected Request", - 422: "Unprocessable Entity", - 423: "Locked", - 424: "Failed Dependency", - 425: "Too Early", - 426: "Upgrade Required", - 428: "Precondition Required", - 429: "Too Many Requests", - 431: "Request Header Fields Too Large", - 451: "Unavailable For Legal Reasons", - # Server Error 5xx - 500: "Internal Server Error", - 501: "Not Implemented", - 502: "Bad Gateway", - 503: "Service Unavailable", - 504: "Gateway Timeout", - 505: "HTTP Version Not Supported", - 506: "Variant Also negotiates", - 507: "Insufficient Sotrage", - 508: "Loop Detected", - 511: "Network Authentication Required", -} diff --git a/app/extension/file/file.py b/app/extension/file/file.py index 009f7c6..1765260 100644 --- a/app/extension/file/file.py +++ b/app/extension/file/file.py @@ -1,46 +1,46 @@ -from lin.db import db -from lin.interface import InfoCrud -from sqlalchemy import Column, Index, Integer, String, func, text - - -class File(InfoCrud): - __tablename__ = "lin_file" - __table_args__ = (Index("md5_del", "md5", "delete_time", unique=True),) - - id = Column(Integer(), primary_key=True) - path = Column(String(500), nullable=False) - type = Column( - String(10), - nullable=False, - server_default=text("'LOCAL'"), - comment="LOCAL 本地,REMOTE 远程", - ) - name = Column(String(100), nullable=False) - extension = Column(String(50)) - size = Column(Integer()) - md5 = Column(String(40), comment="md5值,防止上传重复文件") - - @classmethod - def select_by_md5(cls, md5): - result = cls.query.filter_by(soft=True, md5=md5) - file = result.first() - return file - - @classmethod - def count_by_md5(cls, md5): - result = db.session.query(func.count(cls.id)).filter( - cls.delete_time == None, cls.md5 == md5 - ) - count = result.scalar() - return count - - @staticmethod - def create_file(**kwargs): - file = File() - for key in kwargs.keys(): - if hasattr(file, key): - setattr(file, key, kwargs[key]) - db.session.add(file) - if kwargs.get("commit") is True: - db.session.commit() - return file +from sqlalchemy import Column, Index, Integer, String, func, text + +from lin import InfoCrud, db + + +class File(InfoCrud): + __tablename__ = "lin_file" + __table_args__ = (Index("md5_del", "md5", "delete_time", unique=True),) + + id = Column(Integer(), primary_key=True) + path = Column(String(500), nullable=False) + type = Column( + String(10), + nullable=False, + server_default=text("'LOCAL'"), + comment="LOCAL 本地,REMOTE 远程", + ) + name = Column(String(100), nullable=False) + extension = Column(String(50)) + size = Column(Integer()) + md5 = Column(String(40), comment="md5值,防止上传重复文件") + + @classmethod + def select_by_md5(cls, md5): + result = cls.query.filter_by(soft=True, md5=md5) + file = result.first() + return file + + @classmethod + def count_by_md5(cls, md5): + result = db.session.query(func.count(cls.id)).filter( + cls.is_deleted == False, cls.md5 == md5 + ) + count = result.scalar() + return count + + @staticmethod + def create_file(**kwargs): + file = File() + for key in kwargs.keys(): + if hasattr(file, key): + setattr(file, key, kwargs[key]) + db.session.add(file) + if kwargs.get("commit") is True: + db.session.commit() + return file diff --git a/app/extension/file/local_uploader.py b/app/extension/file/local_uploader.py index 6f7cdd3..3fd15dc 100644 --- a/app/extension/file/local_uploader.py +++ b/app/extension/file/local_uploader.py @@ -1,9 +1,10 @@ import os from flask import current_app -from lin.file import Uploader from werkzeug.utils import secure_filename +from lin import Uploader + from .file import File diff --git a/app/extension/notify/socketio.py b/app/extension/notify/socketio.py new file mode 100644 index 0000000..61813d5 --- /dev/null +++ b/app/extension/notify/socketio.py @@ -0,0 +1,3 @@ +from flask_socketio import SocketIO + +socketio = SocketIO() diff --git a/app/model/__init__.py b/app/model/__init__.py index 53b4b45..e69de29 100644 --- a/app/model/__init__.py +++ b/app/model/__init__.py @@ -1,4 +0,0 @@ -""" - :copyright: © 2020 by the Lin team. - :license: MIT, see LICENSE for more details. -""" diff --git a/app/model/lin/__init__.py b/app/model/lin/__init__.py deleted file mode 100644 index 8691bda..0000000 --- a/app/model/lin/__init__.py +++ /dev/null @@ -1,6 +0,0 @@ -from .group import Group -from .group_permission import GroupPermission -from .permission import Permission -from .user import User -from .user_group import UserGroup -from .user_identity import UserIdentity diff --git a/app/model/lin/user_identity.py b/app/model/lin/user_identity.py deleted file mode 100644 index 647e96e..0000000 --- a/app/model/lin/user_identity.py +++ /dev/null @@ -1,5 +0,0 @@ -from lin.model import UserIdentity as LinUserIdentity - - -class UserIdentity(LinUserIdentity): - pass diff --git a/app/plugin/oss/README.md b/app/plugin/oss/README.md index d3fb79a..5bc1e86 100644 --- a/app/plugin/oss/README.md +++ b/app/plugin/oss/README.md @@ -1 +1 @@ -# oss 插件 \ No newline at end of file +# oss 插件 diff --git a/app/plugin/oss/app/controller.py b/app/plugin/oss/app/controller.py index 7b66260..0f47a6f 100644 --- a/app/plugin/oss/app/controller.py +++ b/app/plugin/oss/app/controller.py @@ -2,11 +2,16 @@ import oss2 from flask import jsonify, request -from lin.config import lin_config -from lin.db import db -from lin.exception import Failed, ParameterError, Success -from lin.redprint import Redprint -from lin.utils import get_random_str + +from lin import ( + Failed, + ParameterError, + Redprint, + Success, + db, + get_random_str, + lin_config, +) from .model import OSS diff --git a/app/plugin/oss/app/model.py b/app/plugin/oss/app/model.py index bd47dd9..c97371b 100644 --- a/app/plugin/oss/app/model.py +++ b/app/plugin/oss/app/model.py @@ -1,6 +1,7 @@ -from lin.interface import BaseCrud from sqlalchemy import Column, Integer, String +from lin import BaseCrud + class OSS(BaseCrud): __tablename__ = "oss" diff --git a/app/plugin/oss/requirements.txt b/app/plugin/oss/requirements.txt index 279cc13..1c424d6 100644 --- a/app/plugin/oss/requirements.txt +++ b/app/plugin/oss/requirements.txt @@ -1 +1 @@ -oss2==2.6.1 \ No newline at end of file +oss2==2.6.1 diff --git a/app/plugin/poem/app/__init__.py b/app/plugin/poem/app/__init__.py index e92813d..a09d7d5 100644 --- a/app/plugin/poem/app/__init__.py +++ b/app/plugin/poem/app/__init__.py @@ -7,9 +7,8 @@ def initial_data(): - from lin.db import db - from app import create_app + from lin import db app = create_app() with app.app_context(): diff --git a/app/plugin/poem/app/controller.py b/app/plugin/poem/app/controller.py index f47782a..e9825cd 100644 --- a/app/plugin/poem/app/controller.py +++ b/app/plugin/poem/app/controller.py @@ -1,6 +1,6 @@ from flask import jsonify -from lin.redprint import Redprint +from lin import Redprint from app.plugin.poem.app.form import PoemListForm, PoemSearchForm from .model import Poem diff --git a/app/plugin/poem/app/form.py b/app/plugin/poem/app/form.py index ec3d697..ea85bbf 100644 --- a/app/plugin/poem/app/form.py +++ b/app/plugin/poem/app/form.py @@ -1,6 +1,7 @@ -from lin.form import Form from wtforms import IntegerField, StringField -from wtforms.validators import DataRequired, NumberRange, Optional +from wtforms.validators import DataRequired, Optional + +from lin import Form class PoemListForm(Form): diff --git a/app/plugin/poem/app/model.py b/app/plugin/poem/app/model.py index 7c90ae2..80e5065 100644 --- a/app/plugin/poem/app/model.py +++ b/app/plugin/poem/app/model.py @@ -1,9 +1,8 @@ -from lin.config import lin_config -from lin.db import db -from lin.exception import NotFound -from lin.interface import InfoCrud as Base from sqlalchemy import Column, Integer, String, Text, text +from lin import InfoCrud as Base +from lin import NotFound, db, lin_config + class Poem(Base): __tablename__ = "lin_poem" @@ -25,7 +24,7 @@ def content(self): return ret def get_all(self, form): - query = self.query.filter_by(delete_time=None) + query = self.query.filter_by(is_deleted=False) if form.author.data: query = query.filter_by(author=form.author.data) diff --git a/app/plugin/qiniu/README.md b/app/plugin/qiniu/README.md index f6bc916..100994e 100644 --- a/app/plugin/qiniu/README.md +++ b/app/plugin/qiniu/README.md @@ -1 +1 @@ -# qiniu \ No newline at end of file +# qiniu diff --git a/app/plugin/qiniu/app/controller.py b/app/plugin/qiniu/app/controller.py index 32ec8a6..47a492b 100644 --- a/app/plugin/qiniu/app/controller.py +++ b/app/plugin/qiniu/app/controller.py @@ -4,11 +4,10 @@ """ from flask import request -from lin.config import lin_config -from lin.exception import FileExtensionError -from lin.redprint import Redprint from qiniu import Auth +from lin import FileExtensionError, Redprint, lin_config + from .model import Qiniu qiniu_api = Redprint("qiniu") diff --git a/app/plugin/qiniu/app/model.py b/app/plugin/qiniu/app/model.py index 4e4bcac..817f8a3 100644 --- a/app/plugin/qiniu/app/model.py +++ b/app/plugin/qiniu/app/model.py @@ -1,6 +1,7 @@ -from lin.interface import BaseCrud from sqlalchemy import Column, Integer, String +from lin import BaseCrud + class Qiniu(BaseCrud): __tablename__ = "qiniu" diff --git a/app/plugin/qiniu/requirements.txt b/app/plugin/qiniu/requirements.txt index 36a9aac..9a5fb0b 100644 --- a/app/plugin/qiniu/requirements.txt +++ b/app/plugin/qiniu/requirements.txt @@ -1 +1 @@ -qiniu==7.3.0 \ No newline at end of file +qiniu==7.3.0 diff --git a/app/schema/__init__.py b/app/schema/__init__.py new file mode 100644 index 0000000..80a9381 --- /dev/null +++ b/app/schema/__init__.py @@ -0,0 +1,13 @@ +from typing import Any, List + +from lin import BaseModel + +datetime_regex = "^((([1-9][0-9][0-9][0-9]-(0[13578]|1[02])-(0[1-9]|[12][0-9]|3[01]))|(20[0-3][0-9]-(0[2469]|11)-(0[1-9]|[12][0-9]|30))) (20|21|22|23|[0-1][0-9]):[0-5][0-9]:[0-5][0-9])$" + + +class BasePageSchema(BaseModel): + page: int + count: int + total: int + total_page: int + items: List[Any] diff --git a/app/util/common.py b/app/util/common.py index 97eb714..f24e78f 100644 --- a/app/util/common.py +++ b/app/util/common.py @@ -1,3 +1,4 @@ +import os from itertools import groupby from operator import itemgetter @@ -9,3 +10,6 @@ def split_group(dict_list, key): for key, group in tmps: result.append({key: list(group)}) return result + + +basedir = os.getcwd() diff --git a/app/util/page.py b/app/util/page.py index 157a4ab..30d4fc0 100644 --- a/app/util/page.py +++ b/app/util/page.py @@ -14,7 +14,7 @@ def get_page_from_query(): def paginate(): - from lin.exception import ParameterError + from lin import ParameterError count = int( request.args.get( diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..4e89e01 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,16 @@ +version: "3" +services: + lin-cms-flask: + build: + context: . + dockerfile: ./Dockerfile + container_name: lin_cms_flask + restart: always + hostname: avatar + environment: + - TZ=Asia/Shanghai + ports: + - "5000:5000" + working_dir: /app + tty: true + command: ["sh", "docker-deploy.sh"] diff --git a/docker-deploy.sh b/docker-deploy.sh new file mode 100644 index 0000000..855b0e1 --- /dev/null +++ b/docker-deploy.sh @@ -0,0 +1,6 @@ +# use production environment settings +echo "FLASK_ENV=production" >> .flaskenv +# initialize database +flask db init +# gunicorn server +gunicorn -c gunicorn.conf.py starter:app diff --git a/gunicorn.conf.py b/gunicorn.conf.py index 28ecda0..0bc1201 100644 --- a/gunicorn.conf.py +++ b/gunicorn.conf.py @@ -1,12 +1,12 @@ -import os +import multiprocessing from gevent import monkey monkey.patch_all() -import multiprocessing + bind = "0.0.0.0:5000" -worker_class = "gevent" +worker_class = "geventwebsocket.gunicorn.workers.GeventWebSocketWorker" daemon = False workers = multiprocessing.cpu_count() * 2 + 1 debug = False diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 0000000..50ac890 --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,32 @@ +[tool.poetry] +name = "lin-cms-flask" +version = "0.4.0" +description = "🎀A simple and practical CMS implememted by flask" +authors = ["sunlin92 "] + +[tool.poetry.dependencies] +python = "^3.8" +Lin-CMS = "^0.4.0" +pillow = "^8.3.2" +flask-cors = "^3.0.10" +gunicorn = "^20.1.0" +gevent = "^21.8.0" +flask-socketio = "^5.1.1" +blinker = "^1.4" +python-dotenv = "^0.19.2" +gevent-websocket = "^0.10.1" + +[tool.poetry.dev-dependencies] +flask-sqlacodegen = "^1.1.8" +black = "^21.10b0" +isort = "^5.10.1" +watchdog = "^2.1.6" +coverage = "^6.1.2" +pytest = "^6.2.5" +pre-commit = "^2.16.0" +pytest-ordering = "^0.6" +flake8 = "^4.0.1" + +[build-system] +requires = ["poetry-core>=1.0.0"] +build-backend = "poetry.core.masonry.api" diff --git a/requirements-dev.txt b/requirements-dev.txt index b4bcfee..6102a10 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,5 +1,19 @@ -Lin-CMS==0.3.1 -Flask-Cors==3.0.9 -python-dotenv==0.15.0 +python==3.8 +Lin-CMS==0.4.0 +pillow==8.3.2 +flask-cors==3.0.10 +gunicorn==20.1.0 +gevent==21.8.0 +flask-socketio==5.1.1 +blinker==1.4 +python-dotenv==0.19.2 +gevent-websocket==0.10.1 +flask-sqlacodegen==1.1.8 +black==21.10b0 +isort==5.10.1 +watchdog==2.1.6 +coverage==6.1.2 +pytest==6.2.5 +pre-commit==2.16.0 pytest-ordering==0.6 -Pillow==8.4.0 +flake8==4.0.1 diff --git a/requirements-prod.txt b/requirements-prod.txt index 5dd8d5c..4ccfe95 100644 --- a/requirements-prod.txt +++ b/requirements-prod.txt @@ -1,6 +1,9 @@ -Lin-CMS==0.3.1 -Flask-Cors==3.0.9 -python-dotenv==0.15.0 -gevent==20.9.0 -gunicorn==20.0.4 -Pillow==8.4.0 +Lin-CMS==0.4.0 +pillow==8.3.2 +flask-cors==3.0.10 +gunicorn==20.1.0 +gevent==21.8.0 +flask-socketio==5.1.1 +blinker==1.4 +python-dotenv==0.19.2 +gevent-websocket==0.10.1 diff --git a/starter.py b/starter.py index 97bfaa4..51caf89 100644 --- a/starter.py +++ b/starter.py @@ -4,16 +4,13 @@ """ from app import create_app +from app.api.cms.model.group import Group +from app.api.cms.model.group_permission import GroupPermission +from app.api.cms.model.permission import Permission +from app.api.cms.model.user import User +from app.api.cms.model.user_group import UserGroup +from app.api.cms.model.user_identity import UserIdentity from app.config.code_message import MESSAGE -from app.config.http_status_desc import DESC -from app.model.lin import ( - Group, - GroupPermission, - Permission, - User, - UserGroup, - UserIdentity, -) app = create_app( group_model=Group, @@ -23,7 +20,6 @@ identity_model=UserIdentity, user_group_model=UserGroup, config_MESSAGE=MESSAGE, - config_DESC=DESC, ) @@ -37,21 +33,21 @@ def slogan(): padding: 0; margin: 0; } - + div { padding: 4px 48px; } - + a { color: black; cursor: pointer; text-decoration: none } - + a:hover { text-decoration: None; } - + body { background: #fff; font-family: @@ -59,13 +55,13 @@ def slogan(): color: #333; font-size: 18px; } - + h1 { font-size: 100px; font-weight: normal; margin-bottom: 12px; } - + p { line-height: 1.6em; font-size: 42px diff --git a/tests/__init__.py b/tests/__init__.py index b5ef925..9416c21 100644 --- a/tests/__init__.py +++ b/tests/__init__.py @@ -4,14 +4,12 @@ import pytest from app import create_app -from app.model.lin import ( - Group, - GroupPermission, - Permission, - User, - UserGroup, - UserIdentity, -) +from app.api.cms.model.group import Group +from app.api.cms.model.group_permission import GroupPermission +from app.api.cms.model.permission import Permission +from app.api.cms.model.user import User +from app.api.cms.model.user_group import UserGroup +from app.api.cms.model.user_identity import UserIdentity from .config import password, username diff --git a/tests/test_book.py b/tests/test_book.py index aafc022..3d4b14d 100644 --- a/tests/test_book.py +++ b/tests/test_book.py @@ -20,7 +20,7 @@ def test_create(fixtureFunc): "image": "https://img3.doubanio.com/lpic/s1470003.jpg", }, ) - assert rv.status_code == 201 or rv.get_json().get("code") == 10030 + assert rv.status_code == 200 or rv.get_json().get("code") == 10030 @pytest.mark.run(order=2) @@ -48,7 +48,7 @@ def test_update(fixtureFunc): "image": "https://img3.doubanio.com/lpic/s1470003.jpg", }, ) - assert rv.status_code == 201 + assert rv.status_code == 200 @pytest.mark.run(order=4) @@ -62,4 +62,4 @@ def test_delete(): rv = c.delete( "/v1/book/{}".format(id), headers={"Authorization": "Bearer " + get_token()} ) - assert rv.status_code == 201 + assert rv.status_code == 200 diff --git a/tests/test_user.py b/tests/test_user.py index 0691681..7e35f91 100644 --- a/tests/test_user.py +++ b/tests/test_user.py @@ -4,7 +4,7 @@ """ -from . import app, fixtureFunc, get_token +from . import app, fixtureFunc, get_token # type: ignore def test_change_nickname(fixtureFunc): @@ -14,4 +14,4 @@ def test_change_nickname(fixtureFunc): headers={"Authorization": "Bearer " + get_token()}, json={"nickname": "tester"}, ) - assert rv.status_code == 201 + assert rv.status_code == 200 From ccc75a43ba28b330e5d7bd3bf435f725b1535b65 Mon Sep 17 00:00:00 2001 From: sunlin92 Date: Sat, 15 Jan 2022 09:46:42 +0800 Subject: [PATCH 7/8] =?UTF-8?q?chore:=E8=B0=83=E6=95=B4=E5=9B=BE=E7=89=87?= =?UTF-8?q?=E6=AF=94=E4=BE=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/util/captcha.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/app/util/captcha.py b/app/util/captcha.py index ab452d3..9d6b6ea 100644 --- a/app/util/captcha.py +++ b/app/util/captcha.py @@ -2,6 +2,7 @@ import io import random import string +from typing import Tuple from PIL import Image, ImageDraw, ImageFont @@ -33,7 +34,7 @@ def draw_lines(self, num=3): y2 = random.randint(self.height / 2, self.height) self.draw.line(((x1, y1), (x2, y2)), fill="black", width=1) - def get_verify_code(self): + def get_verify_code(self) -> Tuple[bytes, str]: """ 生成验证码图形 """ @@ -54,9 +55,9 @@ def get_verify_code(self): # 划线 # self.draw_lines() # 重新设置图片大小 - self.im = self.im.resize((100, 24)) + self.im = self.im.resize((80, 30)) # 图片转为base64字符串 buffered = io.BytesIO() - self.im.save(buffered, format="JPEG") - img_str = b"data:image/png;base64," + base64.b64encode(buffered.getvalue()) - return img_str, code + self.im.save(buffered, format="webp") + img = b"data:image/png;base64," + base64.b64encode(buffered.getvalue()) + return img, code From 4760f4fba37affaf801e2af99433b88910cdcc02 Mon Sep 17 00:00:00 2001 From: sunlin92 Date: Sat, 15 Jan 2022 09:49:02 +0800 Subject: [PATCH 8/8] =?UTF-8?q?update:=E6=9B=B4=E6=96=B0=E4=BE=9D=E8=B5=96?= =?UTF-8?q?=E5=BA=93=E7=89=88=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pyproject.toml | 6 +++--- requirements-dev.txt | 4 ++-- requirements-prod.txt | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 50ac890..5c7a5fd 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,13 +1,13 @@ [tool.poetry] name = "lin-cms-flask" -version = "0.4.0" +version = "0.4" description = "🎀A simple and practical CMS implememted by flask" authors = ["sunlin92 "] [tool.poetry.dependencies] python = "^3.8" -Lin-CMS = "^0.4.0" -pillow = "^8.3.2" +Lin-CMS = "^0.4.2" +pillow = "^9.0.0" flask-cors = "^3.0.10" gunicorn = "^20.1.0" gevent = "^21.8.0" diff --git a/requirements-dev.txt b/requirements-dev.txt index 6102a10..f344637 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,6 +1,6 @@ python==3.8 -Lin-CMS==0.4.0 -pillow==8.3.2 +Lin-CMS==0.4.2 +pillow==9.0.0 flask-cors==3.0.10 gunicorn==20.1.0 gevent==21.8.0 diff --git a/requirements-prod.txt b/requirements-prod.txt index 4ccfe95..3f3d32d 100644 --- a/requirements-prod.txt +++ b/requirements-prod.txt @@ -1,5 +1,5 @@ -Lin-CMS==0.4.0 -pillow==8.3.2 +Lin-CMS==0.4.2 +pillow==9.0.0 flask-cors==3.0.10 gunicorn==20.1.0 gevent==21.8.0