def login_action(request): """处理登陆请求""" if request.method != "POST": return render(request, 'isadmin/error/error-403.html') nickname = request.POST.get("nickname") password = request.POST.get("password") remain = request.POST.get("remain") user = SysUser.objects.filter(nickname=nickname) if user is None or len(user) == 0: result = json_result("error", "用户不存在") return HttpResponse(result, content_type="application/json;charset=utf-8") salt = user[0].salt real_password = user[0].pw # 创建md5对象 hl = hashlib.md5() hl.update((password + salt).encode(encoding='utf-8')) if real_password == hl.hexdigest(): half_hour = 60 * 30 seven_days = 60 * 60 * 24 * 7 if int(remain) == 0: request.session.set_expiry(half_hour) else: request.session.set_expiry(seven_days) request.session["id"] = user[0].id request.session["nickname"] = nickname result = json_result("success", "登陆成功。") return HttpResponse(result, content_type="application/json;charset=utf-8") else: result = json_result("error", "密码错误,请重试。") return HttpResponse(result, content_type='application/json;charset=utf-8')
def beat_start(request): ip = settings.CELERY_BEAT_IP user = settings.CELERY_BEAT_USER password = settings.CELERY_BEAT_PW if platform.system() != "Linux": result = json_result("error", "WEB服务器操作系统不支持此操作!:-(") return HttpResponse(result, content_type="application/json;charset=utf-8") child = None try: child = get_ssh_connection(ip, user, password) child.expect("root@(.*?)~#", timeout=5) child.sendline("cd /home/internet-snapshot/mysite") child.expect("root@(.*?)/home/internet-snapshot/mysite#", timeout=5) child.sendline("ps -aux | grep django_celery_beat | grep -v grep | awk '{print $2}'") expect_result = child.expect(["\r\n\d+", "root@(.*?)/home/internet-snapshot/mysite#"], timeout=5) if expect_result == 0: pid = int(child.after[2:]) result = json_result("error", "检测到beat正在运行,其进程id为%s。" % (pid,)) else: child.sendline("bash ./celery-beat-start.sh") child.expect("root@(.*?)/home/internet-snapshot/mysite#", timeout=5) child.sendline("ps -aux | grep django_celery_beat | grep -v grep | awk '{print $2}'") child.expect("\r\n\d+", timeout=5) pid = int(child.after[2:]) result = json_result("success", "beat启动成功,其进程号为%s。" % (pid,)) except Exception as e: logging.error("When beat start, error %s occurred." % (e.__class__,)) result = json_result("error", "后台链接失败,请重试:-(") return HttpResponse(result, content_type="application/json;charset=utf-8") finally: if child is not None: child.sendline("exit") child.close() return HttpResponse(result, content_type="application/json;charset=utf-8")
def prisocs(request, id=None): """PRISOC(PrivateSafeOutChains)的CURD操作REST接口""" if request.method == 'POST': mydomain = request.POST.get("mydomain") owner = request.POST.get("owner") remark = request.POST.get("remark") obj = PrivateSafeOutChains.objects.create(mydomain=mydomain, owner=owner, remark=remark) if not obj: result = json_result("error", "添加私有正常外链主域名失败:-(") else: result = json_result("success", "添加私有正常外链主域名成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'DELETE': obj = PrivateSafeOutChains.objects.filter(id=id).delete() if not obj or obj[0] == 0: result = json_result("error", "删除私有正常外链主域名失败:-(") else: result = json_result("success", "删除私有正常外链主域名成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'PUT': put = QueryDict(request.body) id = put.get("id") mydomain = put.get("mydomain") owner = put.get("owner") remark = put.get("remark") obj = PrivateSafeOutChains.objects.filter(id=id).update(mydomain=mydomain, owner=owner, remark=remark) if obj == 0: result = json_result("error", "更新私有正常外链主域名失败:-(") else: result = json_result("success", "更新私有正常外链主域名成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'GET': if id: obj = PrivateSafeOutChains.objects.filter(id=id) if not isinstance(obj, QuerySet): result = json_result("error", "查询私有正常外链主域名失败:-(") else: data = list() data.append(to_json_dict(obj)) result = json_result("success", "查询私有正常外链主域名成功:-)", data=data) else: rows = int(request.GET.get("rows")) if request.GET.get("rows") else 10 page = int(request.GET.get("page")) if request.GET.get("page") else 1 start = (page-1) * rows end = start + rows objs = PrivateSafeOutChains.objects.all()[start: end] if not isinstance(objs, QuerySet): result = json_result("error", "查询私有正常外链主域名失败:-(") else: data = list() for obj in objs: data.append(to_json_dict(obj)) recoards = PrivateSafeOutChains.objects.count() total_pages = math.floor(recoards / rows) + 1 result = json_result("success", "查询私有正常外链主域名成功:-)", data=data, page=page, total=total_pages, records=recoards) return HttpResponse(result, content_type="application/json;charset=utf-8") else: return render(request, 'isadmin/error/error-404.html')
def get_log_files(request): ip = request.POST.get("ip") vps = Vps.objects.filter(ip=ip) if vps is None or len(vps) == 0: result = json_result("error", "该服务器ip不存在。") return HttpResponse(result, content_type="application/json;charset=utf-8") log_files = LogFiles.objects.filter(vps_id=vps[0].id) data = [log_file.path + log_file.filename for log_file in log_files] result = json_result("success", "查询成功", data=data) return HttpResponse(result, content_type="application/json;charset=utf-8")
def invite_code_action(request): inviter_id = request.POST.get("inviter_id", None) left_time = request.POST.get("left_time", 1) invite_code = random_string() try: Invite.objects.create(inviter_id=inviter_id, invite_code=invite_code, left_time=left_time) except Exception as e: logging.error("When create invite entity, %s occurred." % (e.__class__, )) result = json_result("error", "数据库错误") return HttpResponse(result, content_type="application/json;charset=utf-8") result = json_result("success", "生成邀请码成功", invite_code=invite_code) return HttpResponse(result, content_type="application/json;charset=utf-8")
def disks_chart(request): """磁盘剩余量走势""" vps_id = request.GET.get("vps_id") try: vps = Vps.objects.filter(id=vps_id) vps_status_count = VpsStatus.objects.filter(vps_id=vps_id).count() start_index = vps_status_count - 288 if vps_status_count > 288 else 0 vps_statuses = VpsStatus.objects.filter(vps_id=vps_id)[start_index:] except: return render(request, "isadmin/error/error-500.html") disks = json.loads(vps[0].disks) disks_total = 0 for disk in disks.keys(): disks_total += disks[disk]["total"] result = { "times": [], "lefts": [], } for vps_status in vps_statuses: unformat_time = vps_status.field_time format_time = time.strftime("%Y-%m-%d %H:%M", unformat_time.timetuple()) disks = json.loads(vps_status.disks_status) disks_used = 0 for disk in disks.keys(): disks_used += disks[disk] result["times"].append(format_time) result["lefts"].append(byte_to_gb(disks_total - disks_used)) return HttpResponse(json_result("success", "查询成功:-)", data=result), content_type="application/json;charset=utf-8")
def _check_session_json(request, *args, **kwargs): if request.session.get("nickname", None): response = func(request, *args, **kwargs) else: result = json_result("error", "未检查到登陆态:-(") response = HttpResponse( result, content_type="application/json;charset=utf-8") return response
def retrieve_action(request): """处理重置密码请求""" if request.method != "POST": return render(request, 'isadmin/error/error-403.html') token = request.POST.get("token") password = request.POST.get("password") repeat_password = request.POST.get("repeat_password") token = urllib.parse.unquote(token) encrypt = base64.b64decode(token) # base64解密 triple_des = pyDes.triple_des(settings.DES_KEY, padmode=pyDes.PAD_PKCS5) decrypt = triple_des.decrypt(encrypt).decode("utf-8") # 3DES解密 try: email = decrypt.split('+')[0] token_time = int(decrypt.split('+')[1]) user = SysUser.objects.filter(email=email) if user is None: raise Exception() except: result = json_result("error", "重置密码链接有误,请勿更改邮件内链接。") return HttpResponse(result, content_type="application/json;charset=utf-8") if int(time.time()) - token_time > 3600: # 邮件已发出一小时,token失效 result = json_result("error", "token已超时,请重新申请重置密码邮件。") return HttpResponse(result, content_type="application/json;charset=utf-8") if password != repeat_password: result = json_result("error", "两次输入的密码不一致。") return HttpResponse(result, content_type="application/json;charset=utf-8") salt = random_string() # 创建md5对象 hl = hashlib.md5() hl.update((password + salt).encode(encoding='utf-8')) real_password = hl.hexdigest() try: row = user.update(pw=real_password, salt=salt) if row == 0: raise Exception() except: result = json_result("error", "重置密码失败。") return HttpResponse(result, content_type="application/json;charset=utf-8") result = json_result("success", "重置密码成功。") return HttpResponse(result, content_type="application/json;charset=utf-8")
def vps_monitor_reload(request): if request.method != "GET": return render(request, 'isadmin/error/error-404.html') vpss = Vps.objects.all() vps_statuss = [] for vps in vpss: sql = "SELECT * FROM vps_status WHERE vps_id=%s AND _time=(SELECT max(_time) " \ "FROM vps_status WHERE vps_id=%s);" with connection.cursor() as cursor: cursor.execute(sql, (vps.id, vps.id)) vps_status_obj = cursor.fetchone() disks_total = 0 disks = json.loads(vps.disks) for disk in disks.keys(): disks_total += int(disks[disk]["total"]) cpus = json.loads(vps_status_obj[2]) disks_used = 0 disks = json.loads(vps_status_obj[5]) for disk in disks.keys(): disks_used += int(disks[disk]) vps_status = { "id": vps.id, "ip": vps.ip, "nickname": vps.nickname, "cpu_count": vps.cpu_count, "cpu_logical_count": vps.cpu_logical_count, "cpu_percent": cpus[0], "memory_total": byte_to_gb(vps.memory), "memory_used": byte_to_gb(vps.memory - vps_status_obj[3]), "memory_percent": float_to_percent(vps_status_obj[3] / vps.memory), "swap_total": byte_to_gb(vps.swap), "swap_used": byte_to_gb(vps.swap - vps_status_obj[4]), "swap_percent": float_to_percent(0 if vps.swap == 0 else vps_status_obj[4] / vps.swap), "disks_total": byte_to_gb(disks_total), "disks_used": byte_to_gb(disks_total - disks_used), "disks_percent": float_to_percent(disks_used / disks_total), } vps_statuss.append(vps_status) result = json_result("success", "查询成功:-)", data=vps_statuss) return HttpResponse(result, content_type="application/json;charset=utf-8")
def snapshots(request, id=None): """网页快照(Snapshot)的CURD操作REST接口""" if request.method == 'POST': return render(request, 'isadmin/error/error-404.html') elif request.method == 'DELETE': obj = Snapshot.objects.filter(id=id).delete() if not obj or obj[0] == 0: result = json_result("error", "删除网页快照失败:-(") else: result = json_result("success", "删除网页快照成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'PUT': put = QueryDict(request.body) id = put.get("id") screen_shot_path = put.get("screen_shot_path") obj = Snapshot.objects.filter(id=id).update(screen_shot_path=screen_shot_path) if obj == 0: result = json_result("error", "更新网页快照失败:-(") else: result = json_result("success", "更新网页快照成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'GET': if id: obj = Snapshot.objects.filter(id=id) if not isinstance(obj, QuerySet): result = json_result("error", "查询网页快照失败:-(") else: data = list() if obj.get_time: obj.get_time = obj.get_time.strftime("%Y-%m-%d %H:%M:%S") data.append(to_json_dict(obj)) result = json_result("success", "查询网页快照成功:-)", data=data) else: rows = int(request.GET.get("rows")) if request.GET.get("rows") else 10 page = int(request.GET.get("page")) if request.GET.get("page") else 1 start = (page - 1) * rows end = start + rows objs = Snapshot.objects.all()[start: end] if not isinstance(objs, QuerySet): result = json_result("error", "查询网页快照失败:-(") else: data = list() for obj in objs: if obj.get_time: obj.get_time = obj.get_time.strftime("%Y-%m-%d %H:%M:%S") data.append(to_json_dict(obj)) recoards = Snapshot.objects.count() total_pages = math.floor(recoards / rows) + 1 result = json_result("success", "查询网页快照成功:-)", data=data, page=page, total=total_pages, records=recoards) return HttpResponse(result, content_type="application/json;charset=utf-8") else: return render(request, 'isadmin/error/error-404.html')
def compare_unique_datas(request): draw = request.GET.get("draw") start = request.GET.get("start") length = request.GET.get("length") filter = request.GET.get("search[value]") sql = "SELECT snapshot.id, snapshot.request_url, private_out_chain_records.out_chain, " \ "private_out_chain_records.checked, private_out_chain_records.result, " \ "snapshot.send_ip, snapshot.server_ip, snapshot.get_time, private_out_chain_records.id " \ "FROM snapshot INNER JOIN private_out_chain_records " \ "ON snapshot.id = private_out_chain_records.ss_id " if filter == "未检查": sql += "WHERE private_out_chain_records.checked=0 " elif "恶意" in filter: sql += "WHERE private_out_chain_records.checked=1 AND private_out_chain_records.result=1 " sql += "LIMIT %s,%s;" with connection.cursor() as cursor: cursor.execute(sql, (int(start), int(length))) rows = cursor.fetchall() data = [] for row in rows: item = {} item["ss_id"] = row[0] item["request_url"] = row[1] item["out_chain"] = row[2] item["checked"] = row[3] item["result"] = row[4] item["send_ip"] = row[5] item["server_ip"] = row[6] get_time = row[7].strftime("%Y-%m-%d %H:%M:%S") item["get_time"] = get_time item["id"] = row[8] data.append(item) sql = "SELECT COUNT(*) FROM snapshot INNER JOIN private_out_chain_records " \ "ON snapshot.id = private_out_chain_records.ss_id " if filter == "未检查": sql += "WHERE private_out_chain_records.checked=0 " elif "恶意" in filter: sql += "WHERE private_out_chain_records.checked=1 AND private_out_chain_records.result=1 " sql += ";" with connection.cursor() as cursor: cursor.execute(sql) re = cursor.fetchone() records_total = re[0] # records_filtered = len(data) result = json_result("success", "查询成功:-)", draw=draw, data=data, recordsTotal=records_total, recordsFiltered=records_total) return HttpResponse(result, content_type="application/json;charset=utf-8")
def check_suspicious(request): """判定过滤出的可疑主域名是否异常""" # todo 事务控制、日志 result = request.GET.get("result") id = request.GET.get("id") request_url = request.GET.get("request_url") unknown_domain = UrlUtil.get_domain(request.GET.get("unknown_domain")) request_top_domain = UrlUtil.get_top_domain(request_url) if result == "0": # 判定为恶意链接 row = SuspiciousRecords.objects.filter(id=id).\ update(checked=1, result=1, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) row2 = MaliciousDomains.objects.create(mydomain=unknown_domain) if row == 0 or row2 == 0: result = json_result("error", "添加恶意链接失败:-(") else: result = json_result("success", "添加恶意链接成功:-)") # 联动处理 SuspiciousRecords.objects.filter(checked=0, unknown_domain=unknown_domain).\ update(checked=1, result=1, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) elif result == "1": # 加入公共白名单 re = SuspiciousRecords.objects.filter(id=id).\ update(checked=1, result=0, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) re2 = PublicSafeOutChains.objects.create(mydomain=unknown_domain) if re == 0 or re2 == 0: result = json_result("error", "加入公共白名单失败:-(") else: result = json_result("success", "加入公共白名单成功:-)") # 联动处理 SuspiciousRecords.objects.filter(checked=0, unknown_domain=unknown_domain).\ update(checked=1, result=0, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) elif result == "2": # 加入私有白名单 re = SuspiciousRecords.objects.filter(id=id).\ update(checked=1, result=0, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) re2 = PrivateSafeOutChains.objects.create(mydomain=unknown_domain, owner=request_top_domain) if re == 0 or re2 == 0: result = json_result("error", "加入私有白名单失败:-(") else: result = json_result("success", "加入私有白名单成功:-)") # 联动处理 SuspiciousRecords.objects.filter(checked=0, unknown_domain=unknown_domain).\ update(checked=1, result=0, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) else: result = json_result("error", "参数错误:-(") return HttpResponse(result, content_type="application/json;charset=utf-8")
def redirect_records_datas(request): draw = request.GET.get("draw") start = int(request.GET.get("start")) length = int(request.GET.get("length")) objs = Snapshot.objects.exclude(request_url=F("final_url")).\ values("id", "request_url", "final_url", "task_id", "send_ip", "server_ip") redirect_objs = list() for obj in objs: if UrlUtil.get_top_domain(obj["request_url"]) != UrlUtil.get_top_domain(obj["final_url"]) \ and obj["final_url"] != "Something error occurred, please check the error log.": redirect_objs.append(obj) data = redirect_objs[start:start + length] records_total = len(redirect_objs) # records_filtered = len(data) result = json_result("success", "查询成功:-)", draw=draw, data=data, recordsTotal=records_total, recordsFiltered=records_total) return HttpResponse(result, content_type="application/json;charset=utf-8")
def register_action(request): """处理注册请求""" if request.method != "POST": return render(request, 'isadmin/error/error-403.html') nickname = request.POST.get("nickname") email = request.POST.get("email") invite_code = request.POST.get("invite_code") password = request.POST.get("password") repeat_password = request.POST.get("repeat_password") if password != repeat_password: result = json_result("error", "两次输入密码不一致") return HttpResponse(result, content_type="application/json;charset=utf-8") user = SysUser.objects.filter(nickname=nickname) if user is not None and len(user) > 0: result = json_result("error", "用户名已存在") return HttpResponse(result, content_type="application/json;charset=utf-8") user = SysUser.objects.filter(email=email) if user is not None and len(user) > 0: result = json_result("error", "Email已与其它账户关联") return HttpResponse(result, content_type="application/json;charset=utf-8") invite = Invite.objects.filter(invite_code=invite_code)[0] if invite is None or invite.left_time < 1: result = json_result("error", "邀请码已失效") return HttpResponse(result, content_type="application/json;charset=utf-8") Invite.objects.filter(invite_code=invite_code).update( left_time=F("left_time") - 1) salt = random_string() # 创建md5对象 hl = hashlib.md5() hl.update((password + salt).encode(encoding='utf-8')) real_password = hl.hexdigest() item = SysUser.objects.create(nickname=nickname, pw=real_password, salt=salt, icon="/default.png", email=email) if item is None: result = json_result("error", "服务器错误,请重试") return HttpResponse(result, content_type="application/json;charset=utf-8") result = json_result("success", "注册成功") return HttpResponse(result, content_type="application/json;charset=utf-8")
def cpu_chart(request): """cpu利用率走势""" vps_id = request.GET.get("vps_id") try: vps_status_count = VpsStatus.objects.filter(vps_id=vps_id).count() start_index = vps_status_count - 288 if vps_status_count > 288 else 0 vps_statuses = VpsStatus.objects.filter(vps_id=vps_id)[start_index:] except: return render(request, "isadmin/error/error-500.html") result = { "times": [], "rates": [], } for vps_status in vps_statuses: unformat_time = vps_status.field_time format_time = time.strftime("%Y-%m-%d %H:%M", unformat_time.timetuple()) result["times"].append(format_time) result["rates"].append(json.loads(vps_status.cpu_status)[0]) return HttpResponse(json_result("success", "查询成功:-)", data=result), content_type="application/json;charset=utf-8")
def pocr_records(request, id=None): """比对结果(PrivateOutChainRecords)的CURD操作REST接口""" if request.method == 'POST': ss_id = request.POST.get("ss_id") out_chain = request.POST.get("out_chain") checked = request.POST.get("checked") result = request.POST.get("result") check_time = request.POST.get("check_time") obj = PrivateOutChainRecords.objects.create(ss_id=ss_id, out_chain=out_chain, checked=checked, result=result, check_time=check_time) if not obj: result = json_result("error", "添加比对结果记录失败:-(") else: result = json_result("success", "添加比对结果记录成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'DELETE': if isinstance(id, str) and id.find(',') != -1: ids = id.split(',') result_msg = "" for item in ids: obj = PrivateOutChainRecords.objects.filter(id=item).delete() if not obj or obj[0] == 0: result_msg += "删除比对结果记录id" + item + "失败:-(" else: result_msg += "删除比对结果记录id" + item + "成功:-)" result = json_result("success", result_msg) else: obj = PrivateOutChainRecords.objects.filter(id=id).delete() if not obj or obj[0] == 0: result = json_result("error", "删除比对结果记录失败:-(") else: result = json_result("success", "删除比对结果记录成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'PUT': put = QueryDict(request.body) id = put.get("id") ss_id = put.get("ss_id") out_chain = put.get("out_chain") checked = put.get("checked") result = put.get("result") check_time = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time())) obj = PrivateOutChainRecords.objects.filter(id=id). \ update(ss_id=ss_id, out_chain=out_chain, checked=checked, result=result, check_time=check_time) if obj == 0: result = json_result("error", "更新比对结果记录失败:-(") else: result = json_result("success", "删除比对结果记录成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'GET': if id: obj = PrivateOutChainRecords.objects.filter(id=id) if not isinstance(obj, QuerySet): result = json_result("error", "查询比对结果记录失败:-(") else: data = list() if obj.check_time: obj.check_time = obj.check_time.strftime("%Y-%m-%d %H:%M:%S") data.append(to_json_dict(obj)) result = json_result("success", "查询比对结果记录成功:-)", data=data) else: rows = int(request.GET.get("rows")) if request.GET.get("rows") else 10 page = int(request.GET.get("page")) if request.GET.get("page") else 1 start = (page - 1) * rows end = start + rows filters = request.GET.get("filters") if filters: objs = PrivateOutChainRecords.objects filters = eval(filters) group_op = filters["groupOp"] rules = filters["rules"] if group_op == "OR": pass elif group_op == "AND": for rule in rules: if rule["op"] == "eq": if rule["field"] == "checked": objs = objs.filter(checked=rule["data"]) elif rule["field"] == "result": objs = objs.filter(result=rule["data"]) records = objs.count() objs = objs[start: end] else: return render(request, 'isadmin/error/error-404.html') else: objs = PrivateOutChainRecords.objects.all()[start: end] records = PrivateOutChainRecords.objects.count() if not isinstance(objs, QuerySet): result = json_result("error", "查询比对结果记录失败:-(") else: data = list() for obj in objs: if obj.check_time: obj.check_time = obj.check_time.strftime("%Y-%m-%d %H:%M:%S") data.append(to_json_dict(obj)) total_pages = math.floor(records / rows) + 1 result = json_result("success", "查询比对结果记录成功:-)", data=data, page=page, total=total_pages, records=records) return HttpResponse(result, content_type="application/json;charset=utf-8") else: return render(request, 'isadmin/error/error-404.html')
def check_compare_unique(request): """判定比对出的独有外链是否异常""" # todo 事务控制 result = request.GET.get("result") id = request.GET.get("id") request_url = request.GET.get("request_url") out_chain = request.GET.get("out_chain") out_chain_top_domain = UrlUtil.get_top_domain(out_chain) if result == "0": # 判定为恶意链接 row = PrivateOutChainRecords.objects.filter(id=id).update( checked=1, result=1, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) row2 = MaliciousDomains.objects.create(mydomain=out_chain_top_domain) if row == 0 or row2 == 0: result = json_result("error", "添加恶意链接失败:-(") else: result = json_result("success", "添加恶意链接成功:-)") # 联动处理 uncheked_records = PrivateOutChainRecords.objects.filter(checked=0) for uncheked_record in uncheked_records: if UrlUtil.get_top_domain( uncheked_record.out_chain) == UrlUtil.get_top_domain( out_chain): PrivateOutChainRecords.objects.filter( id=uncheked_record.id).update( checked=1, result=1, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) elif result == "1": # 加入公共白名单 re = PrivateOutChainRecords.objects.filter(id=id).update( checked=1, result=0, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) re2 = PublicSafeOutChains.objects.create(mydomain=out_chain_top_domain) if re == 0 or re2 == 0: result = json_result("error", "加入公共白名单失败:-(") else: result = json_result("success", "加入公共白名单成功:-)") # 联动处理 uncheked_records = PrivateOutChainRecords.objects.filter(checked=0) for uncheked_record in uncheked_records: if UrlUtil.get_top_domain( uncheked_record.out_chain) == UrlUtil.get_top_domain( out_chain): PrivateOutChainRecords.objects.filter( id=uncheked_record.id).update( checked=1, result=0, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) elif result == "2": # 加入私有白名单 re = PrivateOutChainRecords.objects.filter(id=id).update( checked=1, result=0, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) request_top_domain = UrlUtil.get_top_domain(request_url) re2 = PrivateSafeOutChains.objects.create( mydomain=out_chain_top_domain, owner=request_top_domain) if re == 0 or re2 == 0: result = json_result("error", "加入私有白名单失败:-(") else: result = json_result("success", "加入私有白名单成功:-)") # 联动处理 uncheked_records = PrivateOutChainRecords.objects.filter(checked=0) for uncheked_record in uncheked_records: if UrlUtil.get_top_domain( uncheked_record.out_chain) == UrlUtil.get_top_domain( out_chain): PrivateOutChainRecords.objects.filter( id=uncheked_record.id).update( checked=1, result=0, check_time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))) else: result = json_result("error", "参数错误:-(") return HttpResponse(result, content_type="application/json;charset=utf-8")
def retrieve_email_action(request): """处理发送重置密码邮件请求""" if request.method != "POST": return render(request, 'isadmin/error/error-403.html') email = request.POST.get("email") user = SysUser.objects.filter(email=email) if user is None or len(user) == 0: result = json_result("error", "该邮箱没有注册过本系统。") return HttpResponse(result, content_type="application/json;charset=utf-8") now = str(int(time.time())) triple_des = pyDes.triple_des(settings.DES_KEY, padmode=pyDes.PAD_PKCS5) encrypt = triple_des.encrypt(email + '+' + now) # 3DES加密 token = base64.b64encode(encrypt).decode() # base64加密解码成字符串 token = urllib.parse.quote(token) # 避免特殊字符如+丢失 msg = ''' <table cellpadding="0" cellspacing="0" width="100%" style="max-width:744px; border: 1px solid #dedede;border-radius: 3px"> <tbody><tr> <td style="padding: 10px 20px 10px 20px;"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> <tbody><tr> <td align="left" style="font-size: 17px; padding:20px 0 10px 0;"> <b>亲爱的''' + user[0].nickname + ''':</b> </td> </tr> <tr> <td align="left" style="font-size:15px; padding: 10px 0px 10px 0px;"> 你的密码重设要求已经得到验证。请点击以下按钮设置新的密码: </td> </tr> <tr> <td align="center" style="padding: 10px 0px 10px 0px;"> <table border="0" cellpadding="0" cellspacing="0"> <tbody><tr> <td> <div style="font-size:20px;font-weight:700;padding:5px 10px 5px 10px;text-align:center;background-color:#3aa252;border-radius: 3px;"> <a href="''' + settings.RETRIEVE_ADDRESS + '''?token=''' + token + ''''" class="button" style="text-decoration: none;color:white;" target="_blank">重设密码</a> </div> </td> </tr> </tbody></table> </td> </tr> <tr> <td align="left" style="font-size:15px; padding: 10px 0px 10px 0px;"> 感谢你对互联网站点劫持检测系统的支持,希望你在互联网站点劫持检测系统的体验有益且愉快。 </td> </tr> <tr> <td align="left" style="font-size:15px; padding: 10px 0px 10px 0px;"> 互联网站点劫持检测系统 <a href="http://''' + settings.SITE_DOMAIN + '''/isadmin" target="_blank">https://''' + settings.SITE_DOMAIN + '''/isadmin</a> </td> </tr> <tr> <td align="left" style="font-size:15px; padding: 10px 0px 10px 0px;"> (这是一封自动产生的email,请勿回复。) </td> </tr> </tbody></table> </td> </tr> </tbody></table> ''' try: send_mail('密码重置链接', '', settings.EMAIL_FROM, [ email, ], html_message=msg) except Exception as e: result = json_result("error", "邮件发送失败") logging.error("When sent retrieve email, error %s occurred." % (e.__class__, )) return HttpResponse(result, content_type="application/json;charset=utf-8") result = json_result("success", "邮件发送成功") return HttpResponse(result, content_type="application/json;charset=utf-8")
def dcbps(request, id=None): """DCBP(DjangoCeleryBeatPeriodicTask)的CURD操作REST接口""" if request.method == 'POST': name = request.POST.get("name") args = request.POST.get("args") kwargs = request.POST.get("kwargs") queue = request.POST.get("queue") exchange = request.POST.get("exchange") routing_key = request.POST.get("routing_key") expires = request.POST.get("expires") enabled = request.POST.get("enabled") last_run_at = request.POST.get("last_run_at") total_run_count = request.POST.get("total_run_count") date_changed = request.POST.get("dete_changed") description = request.POST.get("description") crontab_id = request.POST.get("crontab_id") obj = PeriodicTask.objects.create(name=name, args=args, kwargs=kwargs, queue=queue, exchange=exchange, routing_key=routing_key, expires=expires, enabled=enabled, last_run_at=last_run_at, total_run_count=total_run_count, date_changed=date_changed, description=description, crontab_id=crontab_id) if not obj: result = json_result("error", "添加定时任务失败:-(") else: result = json_result("success", "添加定时任务成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'DELETE': obj = PeriodicTask.objects.filter(id=id).delete() if not obj or obj[0] == 0: result = json_result("error", "删除定时任务失败:-(") else: result = json_result("success", "删除定时任务成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'PUT': put = QueryDict(request.body) id = put.get("id") name = put.get("name") args = put.get("args") kwargs = put.get("kwargs") queue = put.get("queue") exchange = put.get("exchange") routing_key = put.get("routing_key") expires = put.get("expires") enabled = put.get("enabled") last_run_at = put.get("last_run_at") total_run_count = put.get("total_run_count") date_changed = put.get("dete_changed") description = put.get("description") crontab_id = put.get("crontab_id") obj = PeriodicTask.objects.filter(id=id).update(name=name, args=args, kwargs=kwargs, queue=queue, exchange=exchange, routing_key=routing_key, expires=expires, enabled=enabled, last_run_at=last_run_at, total_run_count=total_run_count, date_changed=date_changed, description=description, crontab_id=crontab_id) if obj == 0: result = json_result("error", "更新定时任务失败:-(") else: result = json_result("success", "更新定时任务成功:-)") return HttpResponse(result, content_type="application/json;charset=utf-8") elif request.method == 'GET': if id: obj = PeriodicTask.objects.filter(id=id) if not isinstance(obj, QuerySet): result = json_result("error", "查询定时任务失败:-(") else: data = list() data.append(to_json_dict(obj)) result = json_result("success", "查询定时任务成功:-)", data=data) else: rows = int(request.GET.get("rows")) if request.GET.get("rows") else 10 page = int(request.GET.get("page")) if request.GET.get("page") else 1 start = (page - 1) * rows end = start + rows objs = PeriodicTask.objects.all()[start: end] if not isinstance(objs, QuerySet): result = json_result("error", "查询定时任务失败:-(") else: data = list() for obj in objs: data.append(to_json_dict(obj)) recoards = PeriodicTask.objects.count() total_pages = math.floor(recoards / rows) + 1 result = json_result("success", "查询定时任务成功:-)", data=data, page=page, total=total_pages, records=recoards) return HttpResponse(result, content_type="application/json;charset=utf-8") else: return render(request, 'isadmin/error/error-404.html')
def tasks(request): """与任务相关的CURD操作""" # todo 事务处理 oper = request.GET.get("oper") if oper == "add": try: task_name = request.GET.get("task_name") start_url = request.GET.get("start_url") exist_time = request.GET.get("exist_time") depth = request.GET.get("depth") max_num = request.GET.get("max_num") expires = request.GET.get("expires") enabled = int(request.GET.get("enabled")) description = request.GET.get("description") minute = request.GET.get("minute") hour = request.GET.get("hour") day_of_week = request.GET.get("day_of_week") day_of_month = request.GET.get("day_of_month") month_of_year = request.GET.get("month_of_year") now = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time())) # 对任务名查重 with connection.cursor() as cursor: sql = "SELECT * FROM django_celery_beat_periodictask WHERE name=%s;" rows = cursor.execute(sql, (task_name, )) if rows > 0: result = json_result("error", "任务名重复,请更改。") return HttpResponse( result, content_type="application/json;charset=utf-8") with connection.cursor() as cursor: sql = "INSERT INTO django_celery_beat_crontabschedule(minute,hour,day_of_week,day_of_month,month_of_year)" \ " VALUE (%s,%s,%s,%s,%s);" cursor.execute( sql, (minute, hour, day_of_week, day_of_month, month_of_year)) with connection.cursor() as cursor: sql = "SELECT LAST_INSERT_ID() as id;" cursor.execute(sql) result = cursor.fetchone() cron_id = result[0] task_args = json.dumps([start_url, exist_time, depth, max_num]) with connection.cursor() as cursor: sql = "INSERT INTO django_celery_beat_periodictask(name,task,args,kwargs,queue,exchange,routing_key,expires,enabled," \ "total_run_count,date_changed,description,crontab_id) VALUE (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s);" cursor.execute( sql, (task_name, "tasks.snapshot", task_args, "{}", "default_queue", "default_exchange", "default_key", expires, enabled, 0, now, description, cron_id)) result = json_result("success", "任务插入成功") except Exception as e: raise e logging.error("Error %s occurred" % (e.__class__, )) result = json_result("error", "任务插入失败") return HttpResponse(result, content_type="application/json;charset=utf-8") elif oper == "get": with connection.cursor() as cursor: sql = "SELECT task.name,task.description,task.args,task.expires,cron.minute,cron.hour," \ "cron.day_of_week,cron.day_of_month,cron.month_of_year,task.id,task.enabled" \ " FROM django_celery_beat_periodictask AS task" \ " INNER JOIN django_celery_beat_crontabschedule AS cron" \ " ON task.crontab_id=cron.id" \ " WHERE task.task='tasks.snapshot'" cursor.execute(sql) items = cursor.fetchall() datas = list() for item in items: data = dict() data["name"] = item[0] data["description"] = item[1] args = json.loads(item[2]) data["start_url"] = args[0] data["exist_time"] = args[1] data["depth"] = args[2] data["max_num"] = args[3] data["expires"] = item[3] data["crontab"] = item[4] + " " + item[5] + " " + item[6] \ + " " + item[7] + " " + item[8] data["id"] = item[9] data["enabled"] = item[10] datas.append(data) result = json_result("success", "查询成功", data=datas) return HttpResponse(result, content_type="application/json;charset=utf-8") elif oper == "edit": try: task_id = request.GET.get("task_id") task_name = request.GET.get("task_name") start_url = request.GET.get("start_url") exist_time = request.GET.get("exist_time") depth = request.GET.get("depth") max_num = request.GET.get("max_num") expires = request.GET.get("expires") if request.GET.get( "expires") is not "" else None enabled = int(request.GET.get("enabled")) description = request.GET.get("description") minute = request.GET.get("minute") hour = request.GET.get("hour") day_of_week = request.GET.get("day_of_week") day_of_month = request.GET.get("day_of_month") month_of_year = request.GET.get("month_of_year") now = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time())) with connection.cursor() as cursor: sql = "INSERT INTO django_celery_beat_crontabschedule(minute,hour,day_of_week,day_of_month,month_of_year)" \ " VALUE (%s,%s,%s,%s,%s);" cursor.execute( sql, (minute, hour, day_of_week, day_of_month, month_of_year)) with connection.cursor() as cursor: sql = "SELECT LAST_INSERT_ID() as id;" cursor.execute(sql) result = cursor.fetchone() cron_id = result[0] task_args = json.dumps([start_url, exist_time, depth, max_num]) with connection.cursor() as cursor: sql = "UPDATE django_celery_beat_periodictask SET name=%s,args=%s,expires=%s,enabled=%s," \ "date_changed=%s,description=%s,crontab_id=%s WHERE id=%s;" cursor.execute(sql, (task_name, task_args, expires, enabled, now, description, cron_id, task_id)) result = json_result("success", "任务更新成功") except Exception as e: raise e logging.error("Error %s occurred" % (e.__class__, )) result = json_result("error", "任务更新失败") return HttpResponse(result, content_type="application/json;charset=utf-8") else: return render(request, 'isadmin/error/error-404.html')