def login_qrcode(self, get): tid = public.GetRandomString(12) qrcode_str = 'https://app.bt.cn/app.html?&panel_url=' + public.getPanelAddr( ) + '&v=' + public.GetRandomString(3) + '?login&tid=' + tid cache.set(tid, public.get_session_id(), 360) cache.set(public.get_session_id(), tid, 360) return public.returnMsg(True, qrcode_str)
def login_qrcode(self, get): tid = public.GetRandomString(12) qrcode_str = 'https://app.bt.cn/app.html?&panel_url=' + public.getPanelAddr( ) + '&v=' + public.GetRandomString(3) + '?login&tid=' + tid data = public.get_session_id() + ':' + str(time.time()) public.writeFile(self.app_path + "app_login_check.pl", data) cache.set(tid, public.get_session_id(), 360) cache.set(public.get_session_id(), tid, 360) return public.returnMsg(True, qrcode_str)
def check_app_login(self, get): session_id = public.get_session_id() if cache.get(session_id) != 'True': return public.returnMsg( False, 'Wait for the app to scan the code and log in') cache.delete(session_id) userInfo = public.M('users').where("id=?", (1, )).field('id,username').find() session['login'] = True session['username'] = userInfo['username'] session['tmp_login'] = True public.WriteLog( 'TYPE_LOGIN', 'APP scan code login, account: {}, login IP: {}'.format( userInfo['username'], public.GetClientIp() + ":" + str(request.environ.get('REMOTE_PORT')))) cache.delete('panelNum') cache.delete('dologin') sess_input_path = 'data/session_last.pl' public.writeFile(sess_input_path, str(int(time.time()))) login_type = 'data/app_login.pl' self.set_request_token() import config config.config().reload_session() public.writeFile(login_type, 'True') return public.returnMsg(True, 'login successful!')
def set_login(self, get): session_id = public.get_session_id() if cache.get(session_id) == 'True': return self.check_app_login(get) if os.path.exists(self.app_path + "login.pl"): data = public.readFile(self.app_path + 'login.pl') public.ExecShell('rm ' + self.app_path + "login.pl") secret_key, init_time = data.split(':') if time.time() - float(init_time) < 60 and get[ 'secret_key'] == secret_key: sql = db.Sql() userInfo = sql.table('users').where( "id=?", (1, )).field('id,username,password').find() session['login'] = True session['username'] = userInfo['username'] cache.delete('panelNum') cache.delete('dologin') public.WriteLog( 'TYPE_LOGIN', 'LOGIN_SUCCESS', ('WeChat scan code login', public.GetClientIp() + ":" + str(request.environ.get('REMOTE_PORT')))) login_type = 'data/app_login.pl' self.set_request_token() import config config.config().reload_session() public.writeFile(login_type, 'True') return public.returnMsg(True, 'login successful') return public.returnMsg(False, 'Login failed')
def set_login(self, get): session_id = public.get_session_id() if cache.get(session_id) == 'True': return self.check_app_login(get) # if os.path.exists(self.app_path+"login.pl"): # data = public.readFile(self.app_path+'login.pl') # public.ExecShell('rm ' + self.app_path+"login.pl") # secret_key, init_time = data.split(':') # if time.time() - float(init_time) < 60 and get['secret_key'] == secret_key: # sql = db.Sql() # userInfo = sql.table('users').where( # "id=?", (1,)).field('id,username,password').find() # session['login'] = True # session['username'] = userInfo['username'] # cache.delete('panelNum') # cache.delete('dologin') # public.WriteLog('TYPE_LOGIN', 'LOGIN_SUCCESS', # ('微信扫码登录', public.GetClientIp()+ ":" + str(request.environ.get('REMOTE_PORT')))) # login_type = 'data/app_login.pl' # self.set_request_token() # import config # config.config().reload_session() # public.writeFile(login_type,'True') # public.login_send_body("微信小程序",userInfo['username'],public.GetClientIp(),str(request.environ.get('REMOTE_PORT'))) # return public.returnMsg(True, '登录成功') return public.returnMsg(False, '登录失败')
def check_app_login(self, get): #判断是否存在绑定 btapp_info = json.loads( public.readFile('/www/server/panel/config/api.json')) if not btapp_info: return public.returnMsg(False, 'Unbound') if not btapp_info['open']: return public.returnMsg(False, 'API is not turned on') if not 'apps' in btapp_info: return public.returnMsg(False, 'Unbound phone') if not btapp_info['apps']: return public.returnMsg(False, 'Unbound phone') try: session_id = public.get_session_id() if not os.path.exists(self.app_path + 'app_login_check.pl'): return public.returnMsg(False, 'Waiting for APP scan code login 1') data = public.readFile(self.app_path + 'app_login_check.pl') public.ExecShell('rm ' + self.app_path + "app_login_check.pl") secret_key, init_time = data.split(':') if len(session_id) != 64: return public.returnMsg(False, 'Waiting for APP scan code login 2') if len(secret_key) != 64: return public.returnMsg(False, 'Waiting for APP scan code login 2') if time.time() - float(init_time) > 60: return public.returnMsg(False, 'Waiting for APP scan code login') if session_id != secret_key: return public.returnMsg(False, 'Waiting for APP scan code login') cache.delete(session_id) userInfo = public.M('users').where( "id=?", (1, )).field('id,username').find() session['login'] = True session['username'] = userInfo['username'] session['tmp_login'] = True public.WriteLog( 'TYPE_LOGIN', 'APP scan code login, account: {}, login IP: {}'.format( userInfo['username'], public.GetClientIp() + ":" + str(request.environ.get('REMOTE_PORT')))) cache.delete('panelNum') cache.delete('dologin') session['session_timeout'] = time.time( ) + public.get_session_timeout() login_type = 'data/app_login.pl' self.set_request_token() import config config.config().reload_session() public.writeFile(login_type, 'True') public.login_send_body("aaPanel Mobile", userInfo['username'], public.GetClientIp(), str(request.environ.get('REMOTE_PORT'))) return public.returnMsg(True, 'login successful!') except: return public.returnMsg(False, 'Login failed 2')
def is_scan_ok(self, get): if os.path.exists(self.app_path + "login.pl"): key, init_time = public.readFile(self.app_path + 'login.pl').split(':') if time.time() - float(init_time) < 60: return public.returnMsg(True, key) session_id = public.get_session_id() if cache.get(session_id) == 'True': return public.returnMsg(True, 'Scan QRCORE successfully') return public.returnMsg(False, '')
def check_app_login(self,get): session_id = public.get_session_id() if cache.get(session_id) != 'True': return public.returnMsg(False,'等待APP扫码登录') cache.delete(session_id) userInfo = public.M('users').where("id=?",(1,)).field('id,username').find() session['login'] = True session['username'] = userInfo['username'] session['tmp_login'] = True public.WriteLog('TYPE_LOGIN','APP扫码登录,帐号:{},登录IP:{}'.format(userInfo['username'],public.GetClientIp()+ ":" + str(request.environ.get('REMOTE_PORT')))) cache.delete('panelNum') cache.delete('dologin') sess_input_path = 'data/session_last.pl' public.writeFile(sess_input_path,str(int(time.time()))) login_type = 'data/app_login.pl' import config config.config().reload_session() public.writeFile(login_type,'True') return public.returnMsg(True,'登录成功!')
def set_login(self, get): session_id = public.get_session_id() if cache.get(session_id) == 'True': return self.check_app_login(get) return public.returnMsg(False, 'Login failed 1')
def after_request(self, response): app = self.app or current_app accept_encoding = request.headers.get('Accept-Encoding', '') response.headers['Server'] = 'nginx' response.headers['Connection'] = 'keep-alive' if 'dologin' in g and app.config['SSL']: try: for k, v in request.cookies.items(): response.set_cookie( k, '', expires='Thu, 01-Jan-1970 00:00:00 GMT', path='/') except: pass if 'rm_ssl' in g: import public try: for k, v in request.cookies.items(): response.set_cookie( k, '', expires='Thu, 01-Jan-1970 00:00:00 GMT', path='/') except: pass session_name = app.config['SESSION_COOKIE_NAME'] session_id = public.get_session_id() response.set_cookie(session_name, '', expires='Thu, 01-Jan-1970 00:00:00 GMT', path='/') response.set_cookie(session_name, session_id, path='/', max_age=86400 * 30, httponly=True) request_token = request.cookies.get('request_token', '') if request_token: response.set_cookie('request_token', request_token, path='/', max_age=86400 * 30) if (response.mimetype not in app.config['COMPRESS_MIMETYPES'] or 'gzip' not in accept_encoding.lower() or not 200 <= response.status_code < 300 or (response.content_length is not None and response.content_length < app.config['COMPRESS_MIN_SIZE']) or 'Content-Encoding' in response.headers): return response response.direct_passthrough = False if self.cache: key = self.cache_key(response) gzip_content = self.cache.get(key) or self.compress(app, response) self.cache.set(key, gzip_content) else: gzip_content = self.compress(app, response) response.set_data(gzip_content) response.headers['Content-Encoding'] = 'gzip' response.headers['Content-Length'] = response.content_length vary = response.headers.get('Vary') if vary: if 'accept-encoding' not in vary.lower(): response.headers['Vary'] = '{}, Accept-Encoding'.format(vary) else: response.headers['Vary'] = 'Accept-Encoding' return response