def initial(self): self.set_headers({'Content-Type': 'application/json; charset=UTF-8'}) name = self.req.path.split('/')[-1] # name: _xxxx means private method, only called in LAN , # xxxx_ means not need check session if name.endswith('_'): return noses_method = self.noses_path.get(self.req.path) if noses_method and (noses_method == '*' or noses_method == self.req.method): return if name.startswith('_'): # private c = self.req.clientip() log.debug('clientip:%s', c) if not c.startswith(('192.168.', '10.', '127.')): self.resp = Response('Access Deny', 403) raise HandlerFinish else: # check session self.ses = None if self.session_conf: sid = self.get_cookie('sid') if not sid: self.resp = Response('Session Error', 403) raise HandlerFinish self.ses = SessionRedis(server=self.session_conf['server'], sid=sid, expire=self.session_conf['expire']) if self.ses.get('uid'): self.resp = Response('Session Error', 403) raise HandlerFinish
def static_file(self, req, fpath): mtype, encoding = mimetypes.guess_type(fpath) if not mtype: mtype = 'application/octet-stream' try: reqtm = 0 reqgmt = req.environ.get('HTTP_IF_MODIFIED_SINCE') if reqgmt: reqgmt = reqgmt[:reqgmt.find('GMT') + 3] reqtm = time.strptime(reqgmt, '%a, %d %b %Y %H:%M:%S GMT') if type(reqtm) != float: reqtm = time.mktime(reqtm) + (time.mktime(time.localtime()) - time.mktime(time.gmtime())) except: log.warn(traceback.format_exc()) reqtm = 0 mtime = os.path.getmtime(fpath) gmt = time.strftime('%a, %d %b %Y %H:%M:%S GMT', time.gmtime(mtime)) if mtime > reqtm or mtype == 'application/octet-stream': with open(fpath, 'rb') as f: s = f.read() resp = Response(s, mimetype=mtype) else: resp = Response('', status=304, mimetype=mtype) resp.headers['Last-Modified'] = gmt return resp
def initial(self): self.set_headers({'Content-Type': 'application/json; charset=UTF-8'}) # not need session if not self.session_conf: return name = self.req.path.split('/')[-1] # name: _xxxx means private method, only called in LAN , # xxxx_ means not need check session # 仅允许内网访问 if name.startswith('_'): # private c = self.req.clientip() log.debug('clientip:%s', c) if not c.startswith(('192.168.', '10.', '127.')): self.resp = Response(status=403) raise HandlerFinish(403, 'client error') # 无session if name.endswith('_'): #log.debug('no check session 1') return sid = self.get_cookie('sid') log.debug('sid: %s', sid) #self.ses = None self.ses = session.create(self.session_conf, sid) # 不需要检查session的url。字典形式可以指定http方法。 # 如:{'/v1/test':'GET', '/v1/test2':('GET','POST')} if isinstance(self.session_nocheck, dict): noses_method = self.session_nocheck.get(self.req.path) if isinstance(noses_method, str): if noses_method and (noses_method == '*' or noses_method == self.req.method): return elif isinstance(noses_method, (list, tuple, set)): if self.req.method in noses_method: return elif isinstance(self.session_nocheck, (list, tuple)): if self.req.path in self.session_nocheck: #log.debug('no check session 3') return # check session if not sid: log.info('not found sid') self.resp = Response('403 sesson error 1', status=403) raise HandlerFinish(403, 'session error 1') if not self.ses: log.info('session %s no obj', sid) self.resp = Response('403 session error 2', status=403) raise HandlerFinish(403, 'session error 2') if not self.ses.data: log.info('session %s no data', sid) self.resp = Response('403 session error 3', status=403) raise HandlerFinish(403, 'session error 3')
def __init__(self, app, req): self.webapp = app self.req = req #self.ses = session.Session(app.settings.SESSION, req.cookie) self.ses = None self.resp = Response() self.write = self.resp.write req.allowed_methods = []
def initial(self): self.set_headers({'Content-Type': 'application/json; charset=UTF-8'}) name = self.req.path.split('/')[-1] self.ses = None if self.session_conf: sid = self.get_cookie('sid') log.debug('sid: %s', sid) self.ses = session.create(self.session_conf, sid) # name: _xxxx means private method, only called in LAN , # xxxx_ means not need check session if name.endswith('_'): log.debug('no need check session 1') return if isinstance(self.session_nocheck, dict): noses_method = self.session_nocheck.get(self.req.path) if noses_method and (noses_method == '*' or noses_method == self.req.method): log.debug('no need check session 2') return elif isinstance(self.session_nocheck, (list, tuple)): if self.req.path in self.session_nocheck: log.debug('no need check session 3') return if name.startswith('_'): # private c = self.req.clientip() log.debug('clientip:%s', c) if not c.startswith(('192.168.', '10.', '127.')): self.resp = Response(status=403) raise HandlerFinish # check session if not sid: log.info('not found sid') self.resp = Response('403 sesson error', status=403) raise HandlerFinish if not self.ses.data: log.info('session %s no data', sid) self.resp = Response('403 session error', status=403) raise HandlerFinish
def __init__(self, app, req): self.webapp = app self.conf = app.settings self.req = req self.ses = None self.resp = Response() self.write = self.resp.write req.allowed_methods = [] self.initial_session() reqid = self.req.get_header('X-Req-Id', '') log.debug('X-Req-Id: %s', reqid) logger.set_req_id(reqid)
def __init__(self): self.req = Req({'name': 'aaaaa', 'age': '12', 'money': '12.44'}) self.resp = Response()
def __call__(self, environ, start_response): times = [time.time()] req = None resp = None viewobj = None try: if self.reloader: if self.reloader(): self.install() req = Request(environ) times.append(time.time()) if req.path.startswith(tuple(self.settings.STATICS.keys())): fpath = self.document_root + req.path resp = NotFound('Not Found: ' + fpath) for k, v in self.settings.STATICS.items(): if req.path.startswith(k): fpath = fpath.replace(k, v) if os.path.isfile(fpath): resp = self.static_file(req, fpath) else: for regex, view, kwargs in self.urls: match = regex.match(req.path) if match is not None: if req.method not in self.allowed_methods: raise NotImplemented args = () mkwargs = match.groupdict() if mkwargs: kwargs.update(mkwargs) else: args = match.groups() #log.debug('url match:%s %s', args, kwargs) times.append(time.time()) viewobj = view(self, req) middleware = [] try: viewobj.initial() viewobj.allowed_methods = self.allowed_methods for x in self.settings.MIDDLEWARE: obj = x() resp = obj.before(viewobj, *args, **kwargs) if resp: log.debug('middleware before:%s', resp) break middleware.append(obj) ret = getattr(viewobj, req.method)(*args, **kwargs) if ret: viewobj.resp.write(ret) viewobj.finish() except HandlerFinish: pass resp = viewobj.resp for obj in middleware: resp = obj.after(viewobj) log.debug('middleware after:%s', resp) break else: resp = NotFound('Not Found') except Exception as e: times.append(time.time()) log.warn('web call error: %s', traceback.format_exc()) if self.debug: resp = Response('<pre>%s</pre>' % traceback.format_exc(), 500) else: global error_page_content resp = Response(error_page_content, 500) times.append(time.time()) #s = '%s %s %s ' % (req.method, req.path, str(viewobj.__class__)[8:-2]) s = [str(resp.status), req.method, req.path] s.append('%d' % ((times[-1] - times[0]) * 1000000)) s.append('%d' % ((times[1] - times[0]) * 1000000)) s.append('%d' % ((times[-1] - times[-2]) * 1000000)) try: if req.query_string: s.append(req.query_string[:2048]) if req.method in ('POST', 'PUT'): s.append(str(req.input())[:2048]) if not req.input() and req.data: s.append(str(req.data)[:2048]) # if resp.content and resp.headers['Content-Type'].startswith('application/json'): if resp.content and resp.content[0] == 123 and resp.content[ -1] == 125: # json, start { end } s.append(str(resp.content)[:4096]) except: log.error(traceback.format_exc()) if not req.path.startswith(tuple(self.settings.STATICS.keys())): log.warn('|'.join(s)) return resp(environ, start_response)