async def change_password(request: sanic.Request): target_user = request.json.get('target_user', None) original_password = request.json.get('original_password', None) new_password = request.json.get('new_password', None) if target_user is None and isinstance(original_password, str) and isinstance(new_password, str) \ and compare_digest(request.ctx.user.password, passwd_hash(original_password, system_config.PASSWORD_SALT)): request.ctx.user.password = passwd_hash(new_password, system_config.PASSWORD_SALT) request.ctx.db_session.add(request.ctx.user) await request.ctx.db_session.commit() return json(Response.success('修改成功')) elif target_user is not None and request.ctx.user.user_type == constants.USER_TYPE_SUPER_ADMIN \ and isinstance(new_password, str) and isinstance(target_user, str): # 超级用户修改普通用户不需要原密码 user = (await request.ctx.db_session.execute( select(User).where(User.username == target_user))).scalar() if user is not None and user.user_type == constants.USER_TYPE_NORMAL: user.password = passwd_hash(new_password, system_config.PASSWORD_SALT) request.ctx.db_session.add(request.ctx.user) await request.ctx.db_session.commit() return json(Response.success('修改成功')) else: return json(Response.failed('用户不存在')) else: return json(Response.invalid('原密码错误'))
async def get_last_id(request: sanic.Request): query = select(DNSLog).order_by(DNSLog.log_id.desc()) log = (await request.ctx.db_session.execute(query)).scalar() if log: return json(Response.success('', log.log_id)) else: return json(Response.success('', 0))
async def http_rule_list(request: sanic.Request): rules = (await request.ctx.db_session.execute(select(HttpRule))).scalars() rules = list(rules) # for rule in rules: # rule.create_time = rule.create_time.strftime('%Y-%m-%d %H:%M:%S') return json(Response.success('', rules))
async def modify(request: sanic.Request): if isinstance(request.json, dict): filename = request.json.get('filename', None) new_filename = request.json.get('new_filename', None) content = request.json.get('content', None) if isinstance(filename, str): filename = secure_filename_with_directory(filename) path = join(system_config.UPLOAD_PATH, filename) if exists(path) and not isdir(path): response = Response.success('修改成功') if isinstance(content, str): await write_file(path, content.encode()) if isinstance(new_filename, str): new_filename = secure_filename_with_directory(new_filename) new_path = join(system_config.UPLOAD_PATH, new_filename) if not exists(new_path): try: rename(path, new_path) except FileNotFoundError: response = Response.failed('重命名失败, 请确认新文件所在文件夹存在') else: response = Response.failed('重命名失败, 目标文件名已存在') return json(response) else: return json(Response.failed('文件不存在')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def system_log_list(request: sanic.Request): if isinstance(request.json, dict): page = request.json.get('page', 0) page_size = request.json.get('page_size', 35) filter = request.json.get('filter', {}) if isinstance(page, int) and isinstance(page_size, int) and isinstance( filter, dict): system_log_scalars = (await request.ctx.db_session.execute( select(SystemLog).order_by(SystemLog.log_id.desc()).offset( page * page_size).limit(page_size))).scalars() count = (await request.ctx.db_session.execute( select(func.count('1')).select_from(SystemLog))).scalar() system_logs = [] for log in system_log_scalars: log.log_time = log.log_time.strftime('%Y-%m-%d %H:%M:%S') system_logs.append(log) paged = PagedResponse(payload=system_logs, total_page=ceil(count / page_size), curr_page=page) return json(Response.success('', paged)) else: return json(Response.invalid('无效参数')) else: return json(Response.invalid('无效参数'))
async def login(request: sanic.Request): if isinstance(request.json, dict): username = request.json.get('username', None) password = request.json.get('password', None) user: typing.Union[None, User] = (await request.ctx.db_session.execute( select(User).where(User.username == username))).scalar() if isinstance(username, str) and isinstance(password, str) and \ (user is not None) and compare_digest(passwd_hash(password, system_config.PASSWORD_SALT), user.password): token = sign_token(user.user_id) if system_config.BEHIND_PROXY: client_ip = request.headers.get(constants.REAL_IP_HEADER) else: client_ip = request.ip log_content = f'Login with username [{username}] in [{client_ip} | {get_region_from_ip(client_ip)}]' await add_system_log(request.ctx.db_session, log_content, constants.LOG_TYPE_LOGIN) return json( Response.success('登录成功', { 'token': token, 'user_type': user.user_type })) else: return json(Response.failed('用户名或密码错误')) else: return json(Response.invalid('无效请求'))
async def delete_catalog(request: sanic.Request): if isinstance(request.json, dict): catalog_id = request.json.get('catalog_id', None) if isinstance(catalog_id, int): query = select(HttpRuleCatalog).where( HttpRuleCatalog.catalog_id == catalog_id) catalog = (await request.ctx.db_session.execute(query)).scalar() if catalog is not None: # 删除分类和其下的所有规则 query = select(HttpRule).where( HttpRule.catalog_id == catalog_id) rules = (await request.ctx.db_session.execute(query)).scalars() for rule in rules: await request.ctx.db_session.delete(rule) await request.ctx.db_session.delete(catalog) await request.ctx.db_session.commit() return json(Response.success('删除成功')) else: return json(Response.failed('分类不存在')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def list_user(request: sanic.Request): users = (await request.ctx.db_session.execute( select(User.username, User.user_type))).fetchall() users = [{ 'username': user, 'user_type': user_type } for user, user_type in users] return json(Response.success('', users))
async def config_list(request: sanic.Request): configs = system_config.get_public_config() config_table = [] for key, value in configs.items(): config_table.append({ 'key': key, 'value': value, 'comment': system_config.get_config_comment(key) }) return json(Response.success("", config_table))
async def modify(request: sanic.Request): if isinstance(request.json, dict): rule_id = request.json.get('rule_id', None) rule_type = request.json.get('rule_type', None) path = request.json.get('path', None) filename = request.json.get('filename', None) write_log = request.json.get('write_log', None) send_mail = request.json.get('send_mail', None) comment = request.json.get('comment', None) catalog_id = request.json.get('catalog_id', None) if isinstance(rule_id, int): query = select(HttpRule).where(HttpRule.rule_id == rule_id) rule = (await request.ctx.db_session.execute(query)).scalar() if rule is not None: if isinstance(path, str): query = select(HttpRule).where(HttpRule.path == path) result = (await request.ctx.db_session.execute(query)).scalar() if result is None or result.rule_id == rule_id: rule.path = path else: return json(Response.failed('路径已经存在')) if isinstance(catalog_id, int): query = select(HttpRuleCatalog).where( HttpRuleCatalog.catalog_id == catalog_id) result = (await request.ctx.db_session.execute(query)).scalar() if result is not None: rule.catalog_id = catalog_id else: return json(Response.failed('分类不存在')) if isinstance(filename, str): rule.filename = filename if isinstance(write_log, bool): rule.write_log = write_log if isinstance(send_mail, bool): rule.send_mail = send_mail if isinstance(comment, str): rule.comment = comment if rule_type in constants.RULE_TYPES: rule.rule_type = rule_type request.ctx.db_session.add(rule) await request.ctx.db_session.commit() return json(Response.success('修改成功')) else: return json(Response.failed('规则不存在')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def delete_all(request: sanic.Request): if isinstance(request.json, dict): delete_check = request.json.get('delete', False) if isinstance(delete_check, bool) and delete_check: await request.ctx.db_session.execute(delete(DNSLog)) await request.ctx.db_session.commit() return json(Response.success('清空成功')) else: return json(Response.invalid('无效请求')) else: return json(Response.invalid('无效请求'))
async def add(request: sanic.Request): file = request.files.get('file', None) if file: filename = secure_filename_with_directory(file.name) path = join(system_config.UPLOAD_PATH, filename) if not exists(path): asyncio.create_task(write_file(path, file.body)) return json(Response.success('上传成功')) else: return json(Response.failed('已存在同名文件')) else: return json(Response.invalid('无效参数'))
async def delete_all(request: sanic.Request): if isinstance(request.json, dict): delete = request.json.get('delete', None) if isinstance(delete, bool) and delete: temp_files = listdir(system_config.TEMP_FILE_PATH) for filename in temp_files: path = join(system_config.TEMP_FILE_PATH, filename) unlink(path) return json(Response.success("清空成功")) else: return json(Response.invalid('无效请求')) else: return json(Response.invalid('无效请求'))
async def delete(request: sanic.Request): username = request.json.get('username', None) if isinstance(username, str): user = (await request.ctx.db_session.execute( select(User).where(User.username == username))).scalar() # 只能删除普通用户 if user is not None and user.user_type == constants.USER_TYPE_NORMAL: await request.ctx.db_session.delete(user) await request.ctx.db_session.commit() return json(Response.success('删除成功')) else: return json(Response.failed('用户不存在')) else: return json(Response.invalid('无效请求'))
async def delete(request: sanic.Request): if isinstance(request.json, dict): filename = request.json.get('filename', None) if isinstance(filename, str): filename = secure_filename_with_directory(filename) path = join(system_config.UPLOAD_PATH, filename) if exists(path) and not isdir(path): unlink(path) return json(Response.success('删除成功')) else: return json(Response.failed('删除的文件不存在')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def delete_directory(request: sanic.Request): if isinstance(request.json, dict): directory_name = request.json.get('directory_name', None) if isinstance(directory_name, str) and len(secure_filename(directory_name)) > 0: directory_name = secure_filename(directory_name) full_path = join(system_config.UPLOAD_PATH, directory_name) if exists(full_path) and not isfile(full_path): shutil.rmtree(full_path) return json(Response.success('删除成功')) else: return json(Response.failed('文件夹不存在')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def add_directory(request: sanic.Request): if isinstance(request.json, dict): directory_name = request.json.get('directory_name', None) if isinstance(directory_name, str) and len(secure_filename(directory_name)) > 0: directory_name = secure_filename(directory_name) full_path = join(system_config.UPLOAD_PATH, directory_name) if not exists(full_path): mkdir(full_path) return json(Response.success('创建成功')) else: return json(Response.failed('文件夹已存在')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def dns_log_list(request: sanic.Request): if isinstance(request.json, dict): page = request.json.get('page', 0) page_size = request.json.get('page_size', 35) filter = request.json.get('filter', {}) if isinstance(page, int) and isinstance(page_size, int) and isinstance( filter, dict): query = select(DNSLog) count_query = select(func.count('1')).select_from(DNSLog) available_filter = { 'client_ip': DNSLog.client_ip.__eq__, 'domain': DNSLog.domain.__eq__, 'dns_type': DNSLog.dns_type.__eq__, 'time_before': DNSLog.log_time.__le__, 'time_after': DNSLog.log_time.__ge__ } for key in filter: if isinstance(filter[key], (str, int)) and key in available_filter: query = query.where(available_filter[key](filter[key])) count_query = count_query.where(available_filter[key]( filter[key])) dns_log_scalars = (await request.ctx.db_session.execute( query.order_by(DNSLog.log_id.desc()).offset( page * page_size).limit(page_size))).scalars() count = (await request.ctx.db_session.execute(count_query)).scalar() dns_logs = [] for i in dns_log_scalars: # 也可以在入库的时候计算地区, 在这里输出时计算是因为感觉存储大量地址挺浪费空间的 233, 而计算不用太耗时间 i.region = get_region_from_ip(i.client_ip) i.log_time = i.log_time.strftime('%Y-%m-%d %H:%M:%S') dns_logs.append(i) paged = PagedResponse(payload=dns_logs, total_page=ceil(count / page_size), curr_page=page) return json(Response.success('', paged)) else: return json(Response.invalid('无效请求')) else: return json(Response.invalid('无效请求'))
async def modify(request: sanic.Request): if isinstance(request.json, dict): key = request.json.get('key', None) value = request.json.get('value', None) if isinstance(key, str) and value is not None: _, mutable = system_config.get_config_privileges(key) if mutable and isinstance(value, system_config.get_config_type(key)): setattr(system_config, key, value) return json(Response.success('修改成功')) else: return json(Response.failed('目标配置无法修改或者类型不正确')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def delete(request: sanic.Request): if isinstance(request.json, dict): rule_id = request.json.get('rule_id', None) if isinstance(rule_id, int): query = select(HttpRule).where(HttpRule.rule_id == rule_id) rule = (await request.ctx.db_session.execute(query)).scalar() if rule is not None: await request.ctx.db_session.delete(rule) await request.ctx.db_session.commit() return json(Response.success('删除成功')) else: return json(Response.failed('规则不存在')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def add_catalog(request: sanic.Request): if isinstance(request.json, dict): catalog_name = request.json.get('catalog_name', None) if isinstance(catalog_name, str): query = select(HttpRuleCatalog).where( HttpRuleCatalog.catalog_name == catalog_name) catalog = (await request.ctx.db_session.execute(query)).scalar() if catalog is None: catalog = HttpRuleCatalog(catalog_name=catalog_name) request.ctx.db_session.add(catalog) await request.ctx.db_session.commit() return json(Response.success('创建成功')) else: return json(Response.failed('已有此分类')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def register(request: sanic.Request): username = request.json.get('username', None) password = request.json.get('password', None) user = (await request.ctx.db_session.execute( select(User).where(User.username == username))).scalar() if user is None: if isinstance(username, str) and isinstance( password, str) and len(username) < 255: user = User(username=username, password=passwd_hash(password, system_config.PASSWORD_SALT), user_type=constants.USER_TYPE_NORMAL) request.ctx.db_session.add(user) await request.ctx.db_session.commit() return json(Response.success('注册成功')) else: return json(Response.invalid('无效请求')) else: return json(Response.failed('用户名已经被注册'))
async def file_list(request: sanic.Request): def get_dir_files(path: str, base=''): files = [] for entry in scandir(path): files.append({ 'filename': entry.name, 'path': join(base, entry.name), 'size': entry.stat().st_size, 'mttime': entry.stat().st_mtime, 'dir': entry.is_dir() }) files = sorted(files, key=lambda x: x['filename']) return files files = get_dir_files(system_config.UPLOAD_PATH) for file in files: # 只支持一层深度 if file['dir']: file['children'] = get_dir_files( join(system_config.UPLOAD_PATH, file['filename']), file['filename']) return json(Response.success('', files))
async def preview(request: sanic.Request): if isinstance(request.json, dict): filename = request.json.get('filename', None) if isinstance(filename, str): filename = secure_filename(filename) path = join(system_config.TEMP_FILE_PATH, filename) if exists(path) and not isdir(path): if getsize(path) < system_config.MAX_PREVIEW_SIZE: content = await read_file(path) try: content = content.decode('utf-8') return json(Response.success('', content)) except Exception: return json(Response.failed('文件不是纯文本, 无法预览')) else: json(Response.failed('文件过大, 无法预览')) else: return json(Response.failed('文件不存在或者为文件夹')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def modify_directory(request: sanic.Request): if isinstance(request.json, dict): directory_name = request.json.get('directory_name', None) new_directory_name = request.json.get('new_directory_name', None) if isinstance( directory_name, str) and len(secure_filename(directory_name)) > 0 and len( secure_filename(new_directory_name)) > 0: full_path = join(system_config.UPLOAD_PATH, secure_filename(directory_name)) new_full_path = join(system_config.UPLOAD_PATH, secure_filename(new_directory_name)) if exists(full_path) and not exists(new_full_path): rename(full_path, new_full_path) return json(Response.success('重命名成功')) else: return json(Response.failed('目标文件夹名已存在')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def add(request: sanic.Request): if isinstance(request.json, dict): path = request.json.get('path', None) rule_type = request.json.get('rule_type', None) filename = request.json.get('filename', None) write_log = request.json.get('write_log', None) send_mail = request.json.get('send_mail', None) comment = request.json.get('comment', None) catalog_id = request.json.get('catalog_id', None) if isinstance(path, str) and isinstance(filename, str) and isinstance(write_log, bool) \ and isinstance(send_mail, bool) and isinstance(comment, str) and isinstance(catalog_id, int) and rule_type in constants.RULE_TYPES: query = select(HttpRuleCatalog).where( HttpRuleCatalog.catalog_id == catalog_id) catalog = (await request.ctx.db_session.execute(query)).scalar() if catalog is not None: query = select(HttpRule).where(HttpRule.path == path) rule = (await request.ctx.db_session.execute(query)).scalar() if rule is None: rule = HttpRule(path=path, rule_type=rule_type, filename=filename, write_log=write_log, send_mail=send_mail, comment=comment, catalog_id=catalog_id) request.ctx.db_session.add(rule) await request.ctx.db_session.commit() return json(Response.success('添加成功')) else: return json(Response.failed('已经存在此规则')) else: return json(Response.failed('分类不存在')) else: return json(Response.invalid('参数无效')) else: return json(Response.invalid('参数无效'))
async def status(request: sanic.Request): if request.ctx.auth: return json(Response.success('', request.ctx.user.user_type)) else: return json(Response.failed())
async def catalog_list(request: sanic.Request): catalogs = (await request.ctx.db_session.execute(select(HttpRuleCatalog) )).scalars() catalogs = list(catalogs) return json(Response.success('', catalogs))