def get_sk(self): save_path = '/www/server/panel/config/api.json' if not os.path.exists(save_path): return redirect('/login') try: api_config = json.loads(public.ReadFile(save_path)) except: os.remove(save_path) return redirect('/login') if not api_config['open']: return redirect('/login') from BTPanel import get_input get = get_input() client_ip = public.GetClientIp() if not 'client_bind_token' in get: if not 'request_token' in get or not 'request_time' in get: return redirect('/login') num_key = client_ip + '_api' if not public.get_error_num(num_key,20): return public.returnJson(False,'AUTH_FAILED1') if not client_ip in api_config['limit_addr']: public.set_error_num(num_key) return public.returnJson(False,'%s[' % public.GetMsg("AUTH_FAILED1")+client_ip+']') else: num_key = client_ip + '_app' if not public.get_error_num(num_key,20): return public.returnJson(False,'AUTH_FAILED1') a_file = '/dev/shm/' + get.client_bind_token if not os.path.exists(a_file): import panelApi if not panelApi.panelApi().get_app_find(get.client_bind_token): public.set_error_num(num_key) return public.returnJson(False,'UNBOUND_DEVICE') public.writeFile(a_file,'') if not 'key' in api_config: public.set_error_num(num_key) return public.returnJson(False, 'KEY_ERR') if not 'form_data' in get: public.set_error_num(num_key) return public.returnJson(False, 'FORM_DATA_ERR') g.form_data = json.loads(public.aes_decrypt(get.form_data, api_config['key'])) get = get_input() if not 'request_token' in get or not 'request_time' in get: return redirect('/login') g.is_aes = True g.aes_key = api_config['key'] request_token = public.md5(get.request_time + api_config['token']) if get.request_token == request_token: public.set_error_num(num_key,True) return False public.set_error_num(num_key) return public.returnJson(False,'SECRET_KEY_CHECK_FALSE')
def get_sk(self): save_path = '/www/server/panel/config/api.json' if not os.path.exists(save_path): return redirect('/login') try: api_config = json.loads(public.ReadFile(save_path)) except: os.remove(save_path) return redirect('/login') if not api_config['open']: return redirect('/login') from BTPanel import get_input get = get_input() if not 'client_bind_token' in get: if not 'request_token' in get or not 'request_time' in get: return redirect('/login') client_ip = public.GetClientIp() if not client_ip in api_config['limit_addr']: return public.returnJson( False, '%s[' % public.GetMsg("CHECK_IP_FALSE") + client_ip + ']') else: a_file = '/dev/shm/' + get.client_bind_token if not os.path.exists(a_file): import panelApi if not panelApi.panelApi().get_app_find(get.client_bind_token): return public.returnMsg(False, 'Unbound device') public.writeFile(a_file, '') if not 'key' in api_config: return public.returnJson(False, 'Key verification failed') if not 'form_data' in get: return public.returnJson(False, 'No form_data data found') g.form_data = json.loads( public.aes_decrypt(get.form_data, api_config['key'])) get = get_input() if not 'request_token' in get or not 'request_time' in get: return redirect('/login') g.is_aes = True g.aes_key = api_config['key'] request_token = public.md5(get.request_time + api_config['token']) if get.request_token == request_token: return False return public.returnJson(False, 'SECRET_KEY_CHECK_FALSE')
def get_sk(self): save_path = '/www/server/panel/config/api.json' if not os.path.exists(save_path): return redirect('/login') try: api_config = json.loads(public.ReadFile(save_path)) except: os.remove(save_path) return redirect('/login') if not api_config['open']: return redirect('/login') from BTPanel import get_input get = get_input() if not 'client_bind_token' in get: if not 'request_token' in get or not 'request_time' in get: return redirect('/login') client_ip = public.GetClientIp() if not client_ip in api_config['limit_addr']: return public.returnJson(False, 'IP校验失败,您的访问IP为[' + client_ip + ']') else: a_file = '/dev/shm/' + get.client_bind_token if not os.path.exists(a_file): import panelApi if not panelApi.panelApi().get_app_find(get.client_bind_token): return public.returnMsg(False, '未绑定的设备') public.writeFile(a_file, '') if not 'key' in api_config: return public.returnJson(False, '密钥校验失败') if not 'form_data' in get: return public.returnJson(False, '没有找到form_data数据') g.form_data = json.loads( public.aes_decrypt(get.form_data, api_config['key'])) get = get_input() if not 'request_token' in get or not 'request_time' in get: return redirect('/login') g.is_aes = True g.aes_key = api_config['key'] request_token = public.md5(get.request_time + api_config['token']) if get.request_token == request_token: return False return public.returnJson(False, '密钥校验失败')
def __get_site_total(self,siteName): data = {} get = get_input() if hasattr(get,'today'): today = get['today'] else: today = time.strftime('%Y-%m-%d',time.localtime()) data['client'] = 0 spdata = self.__get_file_json(self.__plugin_path + '/total/'+siteName+'/client/total.json') for c in spdata.values(): data['client'] += c data['network'] = self.__get_file_json(self.__plugin_path + '/total/'+siteName+'/network/total.json',0) data['day_network'] = 0 path = self.__plugin_path + '/total/'+siteName+'/network/'+today+'.json' if os.path.exists(path): spdata = self.__get_file_json(path) for c in spdata.values(): data['day_network'] += c data['request'] = self.__total_request(self.__plugin_path + '/total/'+siteName+'/request/total.json') data['day_request'],data['day_ip'],data['day_pv'],data['day_uv'],data['day_post'],data['day_get'],data['day_put'],data['day_500'],data['day_502'],data['day_503'] = self.__total_request(self.__plugin_path + '/total/'+siteName+'/request/'+today+'.json') data['spider'] = 0 spdata = self.__get_file_json(self.__plugin_path + '/total/'+siteName+'/spider/total.json') for c in spdata.values(): data['spider'] += c data['day_spider'] = 0 path = self.__plugin_path + '/total/'+siteName+'/spider/'+today+'.json' if os.path.exists(path): spdata = self.__get_file_json(path) for c in spdata.values(): for d in c.values(): data['day_spider'] += d return data
def save_session(self, app, session, response): domain = self.get_cookie_domain(app) path = self.get_cookie_path(app) full_session_key = self.key_prefix + session.sid if PY2 and isinstance(full_session_key, unicode): full_session_key = full_session_key.encode('utf-8') if not session: if session.modified: self.client.delete(full_session_key) response.delete_cookie(app.session_cookie_name, domain=domain, path=path) return httponly = self.get_cookie_httponly(app) secure = self.get_cookie_secure(app) expires = self.get_expiration_time(app, session) samesite = self.get_cookie_samesite(app) if not PY2: val = self.serializer.dumps(dict(session), 0) else: val = self.serializer.dumps(dict(session)) self.client.set( full_session_key, val, self._get_memcache_timeout( total_seconds(app.permanent_session_lifetime))) if self.use_signer: session_id = self._get_signer(app).sign(want_bytes(session.sid)) else: session_id = session.sid from BTPanel import request, g, get_input if 'auth_error' in g: return if request.path in ['/', '/tips', '/robots.txt']: return if request.path in ['/public']: get = get_input() if 'get_ping' in get: return if response.status_code in [401]: return if request.full_path.find('/login?tmp_token=') != 0: if response.status_code not in [200, 308]: return else: if response.status_code not in [302, 301]: return if secure: samesite = 'None' if response.status_code not in [200, 302]: return if not request.cookies.get(app.session_cookie_name): if request.full_path.find('/login?tmp_token=') == 0: samesite = 'None' secure = True response.set_cookie(app.session_cookie_name, session_id, expires=expires, httponly=httponly, domain=domain, path=path, secure=secure, samesite=samesite)
def get_sk(self,): save_path = '/www/server/panel/config/api.json' if not os.path.exists(save_path): return redirect('/login') api_config = json.loads(public.ReadFile(save_path)) if not api_config['open']: return redirect('/login') from BTPanel import get_input get = get_input() if not 'request_token' in get or not 'request_time' in get: return redirect('/login') client_ip = public.GetClientIp() if not client_ip in api_config['limit_addr']: return public.returnJson(False,'IP校验失败,您的访问IP为['+client_ip+']') request_token = public.md5(get.request_time + api_config['token']) if get.request_token == request_token: return False return public.returnJson(False,'密钥校验失败')
def get_sk(self, ): save_path = '/www/server/panel/config/api.json' if not os.path.exists(save_path): return False api_config = json.loads(public.ReadFile(save_path)) if not api_config['open']: return False from BTPanel import get_input get = get_input() if not 'request_token' in get: return False if not 'request_time' in get: return False client_ip = public.GetClientIp() if not client_ip in api_config['limit_addr']: return False request_token = public.md5(get.request_time + api_config['token']) if get.request_token == request_token: return True return False
def __get_site_total(self, siteName, get=None): data = {} is_red = False if not get: get = get_input() if hasattr(get, 'today'): today = get['today'] else: today_time = time.localtime() today = time.strftime('%Y-%m-%d', today_time) is_red = True data['client'] = 0 siteName = self.__get_siteName(siteName) spdata = self.__get_file_json(self.__plugin_path + '/total/' + siteName + '/client/total.json') for c in spdata.values(): data['client'] += c data['network'] = self.__get_file_json( self.__plugin_path + '/total/' + siteName + '/network/total.json', 0) data['day_network'] = 0 path = self.__plugin_path + '/total/' + siteName + '/network/' + today + '.json' if os.path.exists(path): spdata = self.__get_file_json(path) for c in spdata.values(): data['day_network'] += c data['request'] = self.__total_request(self.__plugin_path + '/total/' + siteName + '/request/total.json') data['day_request'], data['day_ip'], data['day_pv'], data[ 'day_uv'], data['day_post'], data['day_get'], data[ 'day_put'], data['day_500'], data['day_502'], data[ 'day_503'] = self.__total_request(self.__plugin_path + '/total/' + siteName + '/request/' + today + '.json') data['spider'] = 0 spdata = self.__get_file_json(self.__plugin_path + '/total/' + siteName + '/spider/total.json') for c in spdata.values(): data['spider'] += c data['day_spider'] = 0 path = self.__plugin_path + '/total/' + siteName + '/spider/' + today + '.json' data['day_spider_arr'] = {} if os.path.exists(path): spdata = self.__get_file_json(path) data['day_spider_arr'] = spdata for c in spdata.values(): for d in c.values(): data['day_spider'] += d if is_red: try: data['7day_total'] = [] for i in range(6): get.today = ( datetime.date.today() + datetime.timedelta(~(i + 1) + 1)).strftime("%Y-%m-%d") tmp = self.__get_site_total(siteName, get) tmp['date'] = get.today data['7day_total'].insert(0, tmp) except: pass return data