def add_header(response):
logger.info(json.dumps({
"AccessLog": {
"status_code": response.status_code,
"method": request.method,
"ip": request.headers.get('X-Real-Ip', request.remote_addr),
"url": request.url,
"referer": request.headers.get('Referer'),
"agent": request.headers.get("User-Agent"),
}
}
))
return response
class Conf(Resource):
"""/conf资源, get/post, post详细参数,但必须添加token头和username参数。"""
def get(self):
res = {"url": request.url, "msg": "ConfigControlCenter(C3)", "code": 0}
res["C3"] = config.C3
logger.info(res)
return res
def post(self):
res = {"url": request.url, "msg": "ConfigControlCenter(C3)", "code": 0}
#get mysql config
_ReqToken = request.headers.get("token", None)
_ReqUser = request.args.get("username", None)
_ReqMysql = request.args.get("mysql", False)
sql = "SELECT username,token FROM user WHERE username='******' AND token='%s' LIMIT 1" % (
_ReqUser, _ReqToken)
if _ReqMysql == "true" or _ReqMysql == True:
try:
if mysql.get(sql):
res["C3"] = config.C3
res["C3"]["MYSQL"] = config.MYSQL
res["msg"] = "C3: username match token successful"
else:
res["msg"] = "C3: username match token failed"
res["code"] = 1040
except Exception, e:
logger.error(e)
res.update({"msg": "exception", "code": 1041})
logger.info({"res": res, "Conf:post:SQL": sql})
return res
def put(self):
""" 更新博客文章接口 """
blog_title = request.form.get('title')
blog_content = request.form.get('content')
blog_utime = today()
blog_tag = request.form.get("tag")
blog_catalog = request.form.get("catalog", "linux")
blog_sources = request.form.get("sources", "原创")
blog_author = request.form.get("author")
blog_blogId = request.form.get("blogId")
logger.info("Update blog, blog_title:%s, blog_content:%s, blog_utime:%s, blog_tag:%s, blog_catalog:%s, blog_sources:%s, blog_author:%s, blog_blogId:%s" %(blog_title, blog_content, blog_utime, blog_tag, blog_catalog, blog_sources, blog_author, blog_blogId))
try:
blog_blogId = int(blog_blogId)
except ValueError,e:
logger.error(e, exc_info=True)
res = {"code": 5, "msg": "blog form error."}
def get(self):
"""/blog资源,参数是
1.num|limit(int, str), 限制列出数据数量,另外可设置为all,列出所有blog, 全局参数。
2.sort(str), 数据排序, 全局参数。
3.blogId(int), 查询某一个id的文章, 独立参数。
4.get_catalog_list(bool), 列出博客所有目录,独立参数。
5.get_sources_list(bool), 列出博客所有类型,独立参数。
6.get_catalog_data(str), 查询博客某目录下的num个文章。
7.get_sources_data(str), 查询博客某类型下的num个文章。
8.get_index_only(bool),仅仅查询所有博客标题、ID、创建时间。
9.get_user_blog(str),查询某用户的所有博客。
"""
num = request.args.get('num', request.args.get('limit', 10))
LIMIT = '' if num in ("all", "All") else "LIMIT " + str(num)
sort = request.args.get('sort', 'desc')
blogId = request.args.get('blogId')
get_catalog_list = True if request.args.get("get_catalog_list") in ("true", "True", True) else False
get_sources_list = True if request.args.get("get_sources_list") in ("true", "True", True) else False
get_catalog_data = request.args.get("get_catalog_data")
get_sources_data = request.args.get("get_sources_data")
get_index_only = True if request.args.get("get_index_only") in ("true", "True", True) else False
get_user_blog = request.args.get("get_user_blog")
res = {"url": request.url, "msg": None, "data": None, "code": 0}
logger.debug({"num": num, "blogId": blogId, "get_catalog_list": get_catalog_list, "get_sources_list": get_sources_list, "get_catalog_data": get_catalog_data, "get_sources_data": get_sources_data})
if get_sources_data:
if get_sources_data.lower()[:3] == "ori":
get_sources_data = '原创'
elif get_sources_data.lower()[:3] == "rep":
get_sources_data = '转载'
elif get_sources_data.lower()[:3] == "tra":
get_sources_data = '翻译'
#Original reproduced translation
if get_index_only:
sql = "SELECT id,title,create_time,update_time FROM team.blog ORDER BY id %s %s" %(sort, LIMIT)
logger.info("SELECT title only SQL: %s" %sql)
try:
data = mysql2().query(sql)
except Exception,e:
logger.error(e, exc_info=True)
res.update(data=[], msg="Only title query fail", code=7)
else:
res.update(data=data)
logger.info(res)
return res
class Token(Resource):
def post(self):
"""create token, with post data:
1. username,
2. password,
return token
"""
code = 1030
res = {"url": request.url, "msg": None, 'code': code}
_Pd = postData(request, res)
logger.debug({"Token:tool:postData": _Pd})
try:
username, password, email, res = _Pd.get("data")[0], _Pd.get(
"data")[1], _Pd.get("data")[2], _Pd.get("res")
except (AttributeError, IndexError), e:
res.update({'msg': "Server Error", "code": 500})
logger.error(res)
logger.error(e)
return res
#login check(as a function), in user.py(User:post:action=log)
ReqData = dbUser(username, password=True, token=True)
if not ReqData:
res['msg'] = 'User not exists'
res['code'] = code + 2
logger.warn(res)
return res
#ReqData is True(user is exists), it's dict, eg:{'username': u'xxxxx', 'password': u'xxxxxxxxxx'}
_Reqpass = md5(password)
_DBuser = ReqData.get('username')
_DBpass = ReqData.get('password')
_DBtoken = ReqData.get('token')
if _DBtoken:
res.update({
'msg': 'Token already exists',
'code': code + 3,
"token": _DBtoken
})
logger.warn(res)
return res
if _Reqpass == _DBpass:
token = gen_token()
res.update({
'msg':
'username + password authentication success, token has been created.',
'code': 0,
'token': token
})
sql = "UPDATE user SET token='%s' WHERE username='******'" % (token,
username)
try:
mysql.update(sql)
logger.info('Token:post:create_token:sql--> "%s"' % sql)
except Exception, e:
logger.error(e)
res['msg'] = 'token insert error' #had token for return
return res
def add_header(response):
response.headers[
"X-SaintIC-Media-Type"] = "saintic.v" + __version_list__[0]
response.headers["X-SaintIC-Request-Id"] = g.requestId
response.headers["Access-Control-Allow-Origin"] = "*"
response.headers[
"Access-Control-Allow-Methods"] = "PUT,GET,POST,DELETE,OPTIONS"
logger.info(
json.dumps({
"AccessLog": {
"status_code": response.status_code,
"method": request.method,
"ip": request.headers.get('X-Real-Ip', request.remote_addr),
"url": request.url,
"referer": request.headers.get('Referer'),
"agent": request.headers.get("User-Agent"),
"requestId": str(g.requestId),
}
}))
return response
def get(self):
"""Public func, no token, with url args:
1. num, 展现的数量,默认是10条,可为all
2. username|email, 用户名或邮箱,数据库主键,唯一。
3. token, if true, display token info.
返回数据样例,{'msg':'success or error(errmsg)', 'code':'http code', 'data':data}
"""
res = {"code": 200, "msg": None, "data": None}
username = request.args.get("username")
sql = "SELECT a.username, a.email, a.cname, a.avatar, a.motto, a.url, a.time, a.weibo, a.github, a.gender, a.extra FROM passport.User a INNER JOIN passport.OAuth b ON a.username = b.oauth_username WHERE a.username=%s"
if username:
data = mysql2().get(sql, username)
if not data:
sql = "SELECT a.username, a.email, a.cname, a.avatar, a.motto, a.url, a.time, a.weibo, a.github, a.gender, a.extra FROM passport.User a INNER JOIN passport.LAuth b ON a.username = b.lauth_username WHERE a.username=%s"
data = mysql2().get(sql, username)
logger.info(username)
logger.info(sql)
logger.debug(data)
res.update(data=data)
return res
def post(self):
""" 创建博客文章接口 """
#get blog form informations.
blog_title = request.form.get('title')
blog_content = request.form.get('content')
blog_ctime = today()
blog_tag = request.form.get("tag")
blog_catalog = request.form.get("catalog", "linux")
blog_sources = request.form.get("sources", "原创")
blog_author = request.form.get("author")
logger.info("blog_title:%s, blog_content:%s, blog_ctime:%s, blog_tag:%s, blog_catalog:%s, blog_sources:%s, blog_author:%s" %(blog_title, blog_content, blog_ctime, blog_tag, blog_catalog, blog_sources, blog_author))
if blog_title and blog_content and blog_ctime and blog_author:
#sql = 'INSERT INTO blog (title,content,create_time,tag,catalog,sources) VALUES ("%s", "%s", "%s", "%s", "%s", "%s")'
sql = 'INSERT INTO blog (title,content,create_time,tag,catalog,sources,author) VALUES (%s, %s, %s, %s, %s, %s, %s)'
logger.info(sql %(blog_title, blog_content, blog_ctime, blog_tag, blog_catalog, blog_sources, blog_author))
try:
blog_id = mysql2().insert(sql, blog_title, blog_content, blog_ctime, blog_tag, blog_catalog, blog_sources, blog_author)
except Exception,e:
logger.error(e, exc_info=True)
res = {"code": 3, "data": None, "msg": "blog write error."}
else:
res = {"code": 0, "data": blog_id, "msg": "blog write success."}
def delete(self):
"""delete user, with url args:
1. token, must match username,
2. username, must match token,
And, operator must have administrator rights.
"""
#from pub.config.BLOG import AdminGroup
AdminGroup = config.BLOG.get('AdminGroup')
res = {"url": request.url, "msg": None, "data": None, "code": 200}
token = request.args.get('token', None)
username = request.args.get('username', None)
if not token:
res.update({
'msg': 'No token',
"code": 1020
}) #code:1020, 请求参数无token
logger.warn(res)
return res
if not username:
res.update({
'msg': 'No username',
"code": 1021
}) #code:1021, 请求参数无username
logger.warn(res)
return res
if not username in AdminGroup:
res.update({
'msg': 'The user does not have permission!',
"code": 1022
}) #code:1022, 请求的username不在配置文件的AdminGroup组,没有删除权限
logger.error(res)
return res
ReqData = dbUser(username, token=True)
logger.debug({"User:delete:ReqData": ReqData})
if ReqData:
_DBtoken = ReqData.get('token')
_DBuser = ReqData.get('username')
if _DBtoken != token:
res.update({
'msg': 'token miss match!',
'code': 1023
}) #code:1023, 请求的token参数与数据库token值不匹配
logger.error(res)
return res
sql = "DELETE FROM user WHERE username='******'" % username
logger.info({"User:delete:SQL": sql})
try:
if hasattr(mysql, 'delete'):
mysql.delete(sql)
else:
mysql.execute(sql)
except Exception, e:
res.update({
'code': 1024,
'msg': 'Delete user failed'
}) #code:1024, delete user from mysql, it's error
logger.error(res)
return res
else:
res.update({
'code': 0,
'msg': 'Delete success',
'data': {
'delete username': username
}
}) #token match username, deleter ok
data = mysql.get(sql)
logger.info(data)
data = list(set([ v for _ in data for v in _.values() if v ]))
#data = [ v.split(",")[0] for i in data for v in i.values() if v and v.split(",")[0] ]
except Exception,e:
logger.error(e, exc_info=True)
res.update(data=[], msg="Catalog query fail", code=1)
else:
res.update(data=data)
logger.info(res)
return res
if get_sources_list:
#sql = "SELECT GROUP_CONCAT(sources) FROM blog GROUP BY sources"
sql = 'select sources from blog'
logger.info("SELECT sources list SQL: %s" %sql)
try:
data = mysql.get(sql)
logger.info(data)
#data = [ v.split(",")[0] for i in data for v in i.values() if v and v.split(",")[0] ]
data = list(set([ v for _ in data for v in _.values() if v ]))
except Exception,e:
logger.error(e, exc_info=True)
res.update(data=[], msg="Sources query fail", code=2)
else:
res.update(data=data)
logger.info(res)
return res
if get_catalog_data:
sql = "SELECT id,title,content,create_time,update_time,tag,catalog,sources,author FROM team.blog WHERE catalog='%s' ORDER BY id %s %s" %(get_catalog_data, sort, LIMIT)
from api import app
from pub import logger, RunEnvError
from pub.config import GLOBAL, PRODUCT
Host = GLOBAL.get('Host')
Port = GLOBAL.get('Port')
ProcessName = PRODUCT.get('ProcessName')
ProductType = PRODUCT.get('ProductType')
try:
import setproctitle
except ImportError, e:
logger.warn("%s, try to pip install setproctitle, otherwise, you can't use the process to customize the function" %e)
else:
setproctitle.setproctitle(ProcessName)
logger.info("The process is %s" % ProcessName)
if GLOBAL.get("put2Redis") == True:
from pub import put2Redis
from threading import Thread
logger.info("Open `Register2Redis` process.")
t = Thread(target=put2Redis, name='Application.Register2Redis')
t.start()
try:
logger.info('%s has been launched, %s:%d' %(ProcessName, Host, Port))
if ProductType == 'gevent':
from gevent.wsgi import WSGIServer
http_server = WSGIServer((Host, Port), app)
http_server.serve_forever()
def before_request():
logger.info("Start Once Access")
'msg': 'Token already exists',
'code': code + 3,
"token": _DBtoken
})
logger.warn(res)
return res
if _Reqpass == _DBpass:
token = gen_token()
res.update({
'msg':
'username + password authentication success, token has been created.',
'code': 0,
'token': token
})
sql = "UPDATE user SET token='%s' WHERE username='******'" % (token,
username)
try:
mysql.update(sql)
logger.info('Token:post:create_token:sql--> "%s"' % sql)
except Exception, e:
logger.error(e)
res['msg'] = 'token insert error' #had token for return
return res
else:
res.update({
'msg': 'username + password authentication failed',
'code': code + 4
})
logger.info(res)
return res
class Blog(Resource):
def get(self):
"""/blog资源,参数是
1.num|limit(int, str), 限制列出数据数量,另外可设置为all,列出所有blog, 全局参数。
2.sort(str), 数据排序, 全局参数。
3.blogId(int), 查询某一个id的文章, 独立参数。
4.get_catalog_list(bool), 列出博客所有目录,独立参数。
5.get_sources_list(bool), 列出博客所有类型,独立参数。
6.get_catalog_data(str), 查询博客某目录下的num个文章。
7.get_sources_data(str), 查询博客某类型下的num个文章。
8.get_index_only(bool),仅仅查询所有博客标题、ID、创建时间。
9.get_user_blog(str),查询某用户的所有博客。
"""
num = request.args.get('num', request.args.get('limit', 10))
LIMIT = '' if num in ("all", "All") else "LIMIT " + str(num)
sort = request.args.get('sort', 'desc')
blogId = request.args.get('blogId')
get_catalog_list = True if request.args.get("get_catalog_list") in ("true", "True", True) else False
get_sources_list = True if request.args.get("get_sources_list") in ("true", "True", True) else False
get_catalog_data = request.args.get("get_catalog_data")
get_sources_data = request.args.get("get_sources_data")
get_index_only = True if request.args.get("get_index_only") in ("true", "True", True) else False
get_user_blog = request.args.get("get_user_blog")
res = {"url": request.url, "msg": None, "data": None, "code": 0}
logger.debug({"num": num, "blogId": blogId, "get_catalog_list": get_catalog_list, "get_sources_list": get_sources_list, "get_catalog_data": get_catalog_data, "get_sources_data": get_sources_data})
if get_sources_data:
if get_sources_data.lower()[:3] == "ori":
get_sources_data = '原创'
elif get_sources_data.lower()[:3] == "rep":
get_sources_data = '转载'
elif get_sources_data.lower()[:3] == "tra":
get_sources_data = '翻译'
#Original reproduced translation
if get_index_only:
sql = "SELECT id,title,create_time,update_time FROM team.blog ORDER BY id %s %s" %(sort, LIMIT)
logger.info("SELECT title only SQL: %s" %sql)
try:
data = mysql2().query(sql)
except Exception,e:
logger.error(e, exc_info=True)
res.update(data=[], msg="Only title query fail", code=7)
else:
res.update(data=data)
logger.info(res)
return res
if get_catalog_list and get_sources_list:
sql="SELECT sources,catalog FROM team.blog"
logger.info("get_catalog_sources_list SQL: %s" %sql)
data=mysql2().query(sql)
sources=set()
catalog=set()
for i in data:
sources.add(i.get("sources"))
catalog.add(i.get("catalog"))
res.update(data={"sources": sorted(list(sources)), "catalog": sorted(list(catalog))})
logger.info(res)
return res
if get_catalog_list:
#sql = "SELECT GROUP_CONCAT(catalog) FROM blog GROUP BY catalog"
sql = 'select catalog from blog'
logger.info("SELECT catalog list SQL: %s" %sql)
try:
data = mysql.get(sql)
logger.info(data)
data = list(set([ v for _ in data for v in _.values() if v ]))
#data = [ v.split(",")[0] for i in data for v in i.values() if v and v.split(",")[0] ]
except Exception,e:
logger.error(e, exc_info=True)
res.update(data=[], msg="Catalog query fail", code=1)
else:
res.update(data=data)
logger.info(res)
return res
class User(Resource):
"""User resource, url is /user, /user/.
1. #get: Get user
2. #post: Create user, registry and login
3. #put: Update user profile
4. #delete: Delete user
"""
def get(self):
"""Public func, no token, with url args:
1. num, 展现的数量,默认是10条,可为all
2. username|email, 用户名或邮箱,数据库主键,唯一。
3. token, if true, display token info.
返回数据样例,{'msg':'success or error(errmsg)', 'code':'http code', 'data':data}
"""
res = {"code": 200, "msg": None, "data": None}
username = request.args.get("username")
sql = "SELECT a.username, a.email, a.cname, a.avatar, a.motto, a.url, a.time, a.weibo, a.github, a.gender, a.extra FROM passport.User a INNER JOIN passport.OAuth b ON a.username = b.oauth_username WHERE a.username=%s"
if username:
data = mysql2().get(sql, username)
if not data:
sql = "SELECT a.username, a.email, a.cname, a.avatar, a.motto, a.url, a.time, a.weibo, a.github, a.gender, a.extra FROM passport.User a INNER JOIN passport.LAuth b ON a.username = b.lauth_username WHERE a.username=%s"
data = mysql2().get(sql, username)
logger.info(username)
logger.info(sql)
logger.debug(data)
res.update(data=data)
return res
def post(self):
"""login and registry, with url args:
1. action=log/reg, default is log;
post data:
1. username,
2. password,
3. email,可选, 不用做系统登录, 如果有则会做正则检测不符合格式则弹回请求.
"""
res = {"url": request.url, "msg": None, "data": None}
_Pd = postData(request, res)
logger.debug({"Token:tool:postData": _Pd})
try:
username, password, email, res = _Pd.get("data")[0], _Pd.get(
"data")[1], _Pd.get("data")[2], _Pd.get("res")
except (AttributeError, IndexError), e:
res.update({'msg': "Server Error", "code": 500})
logger.error(res)
logger.error(e)
return res
if not username or not password:
logger.debug({
"User:post:request.json(user, pass)": (username, password),
"res":
res.update({
'msg': 'Invaild username or password',
'code': 1016
})
}) #code:1016, 请求的username或password为空。
return res
else:
res.update({'data': {'username': username, 'email': email}})
#define username and password length(can be from config.py)
if len(username) < 5 or len(password) < 5:
res.update({
'msg': 'username or password length of at least 5',
'code': 1010
}) #code:1010, username/password length < 5
logger.warn(res)
return res
if chinese_check.search(unicode(
username)): #reload(sys), and set defaultencoding('utf8')
res.update({
'msg': 'username contains Chinese, not allowed!',
'code': 1019
}) #code:1019,请求的username含有中文
logger.error(res)
return res
if email and mail_check.match(email) == None:
logger.debug(
{
"User:post:request.json": email,
"res": res.update({
'msg': "email format error",
'code': 1017
})
}
) #when email has set, otherwise, pass `if...abort`. The code:1017, email format error in request.json.
return res
#Start Action with (log, reg)
_MD5pass = md5(password)
action = request.args.get("action") #log or reg (登录or注册)
ReqData = dbUser(username, password=True, uid=True)
#ReqData is True(user is exists), it's dict, eg:{'username': u'xxxxx', 'password': u'xxxxxxxxxx'}
logger.debug({"request.action": action, 'ReqData': ReqData})
if action == 'log':
#When `ReqData` is True, has user, it's right, continue login
if not ReqData:
res.update({
'msg': 'User not exists',
'code': 1018
}) #code:1018, 登录请求时,请求中的username在数据库中获取不到信息(没有此用户)。
logger.warn(res)
return res
try:
_DBuser = ReqData.get('username')
_DBpass = ReqData.get('password')
res['data']['uid'] = ReqData.get('id')
except AttributeError, e:
logger.error(e)
res.update({
'msg': 'User not exists',
'code': 1018
}) #code:1018, 登录请求时,请求中的username在数据库中获取不到信息(没有此用户)。
logger.warn(res)
return res
else:
logger.debug({
'ReqUser': username,
'ReqPassMD5': _MD5pass,
'DBuser': _DBuser,
'DBpass': _DBpass
})
if _MD5pass == _DBpass:
res.update({
'msg': 'Password authentication success at sign in',
'code': 0
}) #code:0, it's successful
else:
res.update({
'msg': 'Password authentication failed at sign in',
'code': 1011
}) #code:1011, request pass != mysql pass
logger.info(res)
return res
#When `ReqData` is True, has user, it's wrong, cannot registry
if ReqData:
res.update({
'msg': 'User already exists, cannot be registered!',
'code': 1014
}) #code:1024, already has user when reg.
logger.warn(res)
return res
try:
sql = "INSERT INTO user (username, password, email, time) VALUES('%s', '%s', '%s', '%s')" % (
username, _MD5pass, email, time.strftime("%Y-%m-%d"))
if hasattr(mysql, 'insert'):
mysql.insert(sql)
else:
mysql.execute(sql)
logger.info({"User:post:reg:sql": sql})
except Exception, e:
logger.error(e, exc_info=True)
print e
res.update({
'code': 1012,
'msg': 'Sign up failed'
}) #code:1012, sign up failed when write into mysql
logger.info(res)
else:
res.update({'code': 0, 'msg': 'Sign up success'})
logger.info(res)
return res
else:
res.update({
'msg': 'Request action error',
def get(self):
res = {"url": request.url, "msg": "ConfigControlCenter(C3)", "code": 0}
res["C3"] = config.C3
logger.info(res)
return res
def before_request():
g.requestId = gen_requestId()
logger.info("Start Once Access, and this requestId is %s" % g.requestId)
#!/usr/bin/python -O
#product environment start application with `tornado IOLoop` and `gevent server`
from main import app
from pub import logger
from pub.config import Host, Port, Environment, ProcessName, ProductType
try:
import setproctitle
if ProcessName:
setproctitle.setproctitle(ProcessName)
logger.info("The process is %s" % ProcessName)
except ImportError, e:
ProcessName = None
logger.warn("%s, try to pip install setproctitle, otherwise, you can't use the process to customize the function" %e)
if Environment != 'product':
logger.error("%s isn't product, exit." % Environment)
exit(128)
try:
logger.info('%s has been launched, %s:%d' %(ProcessName, Host, Port))
if ProductType == 'gevent':
from gevent.wsgi import WSGIServer
http_server = WSGIServer((Host, Port), app)
http_server.serve_forever()
elif ProductType == 'tornado':
from tornado.wsgi import WSGIContainer
from tornado.httpserver import HTTPServer
from tornado.ioloop import IOLoop
