From 0319ddc745b02eabf7d0e8a1b445090c766b2fb9 Mon Sep 17 00:00:00 2001
From: YUKI <1486147017@qq.com>
Date: Wed, 31 Aug 2022 18:05:16 +0800
Subject: [PATCH] =?UTF-8?q?v1.2=20=E6=96=B0=E5=A2=9E=EF=BC=9A=20=E6=B5=8F?=
=?UTF-8?q?=E8=A7=88=E5=99=A8=E6=8F=92=E4=BB=B6=20=E5=8F=AF=E4=BB=A5?=
=?UTF-8?q?=E4=BB=8E=E6=B5=8F=E8=A7=88=E9=A1=B5=E9=9D=A2=E6=8D=95=E8=8E=B7?=
=?UTF-8?q?=E5=9B=BE=E7=89=87=E7=9B=B4=E6=8E=A5=E4=B8=8A=E4=BC=A0=E5=88=B0?=
=?UTF-8?q?=E4=BA=91=E7=9B=B8=E5=86=8C=EF=BC=9B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
DataSQL/models.py | 5 +-
app.py | 119 ++++++++++++++++++++++++++++-------
static/js/send.js | 1 -
templates/base/baseHtml.html | 4 --
utils.py | 41 +++++++++++-
5 files changed, 137 insertions(+), 33 deletions(-)
diff --git a/DataSQL/models.py b/DataSQL/models.py
index 6d2e8e4..4477ac0 100644
--- a/DataSQL/models.py
+++ b/DataSQL/models.py
@@ -8,7 +8,6 @@ class User(db.Model):
user = db.Column(db.String(64), unique=True, nullable=False)
name = db.Column(db.String(64), nullable=False)
pwd = db.Column(db.String(64))
- facesetid = db.Column(db.String(128))
avatar = db.Column(db.LargeBinary(length=65536)) # 二进制图片流 头像
# points = db.Column(db.Integer, default=0)
# space = db.Column(db.Integer, default=1024 * 1024 * 1024) # 内存初始1GB
@@ -21,7 +20,7 @@ def __repr__(self):
# dict(user),会先调用keys方法,这里重写,自定义获取返回的字段
def keys(self):
- return ['id', 'user', 'name', 'pwd', 'facesetid']
+ return ['id', 'user', 'name', 'pwd']
# dict(user)获取完字段后,会取出对应字段的值,这里使用__getitem__,这里getattr(self, item)拿到值信息,item为key名
def __getitem__(self, item):
@@ -29,7 +28,7 @@ def __getitem__(self, item):
@staticmethod
def from_dict(u: dict):
- return User(user=u['user'], id=u['id'], name=u['name'], facesetid=u['facesetid'])
+ return User(user=u['user'], id=u['id'], name=u['name'])
tb_album_img = db.Table('album_img',
diff --git a/app.py b/app.py
index efe8ac5..da64215 100644
--- a/app.py
+++ b/app.py
@@ -132,7 +132,7 @@ def sign_in():
action='signing in fails!!!', back=url_for('sign_in_page'))
session['User'] = result
if rem == 'on':
- session.permanent = True # 设置session永久有效(7天内免登录)
+ session.permanent = True # 设置session永久有效
return redirect(url_for('index', userid=result['id'], tt=1))
@@ -202,8 +202,7 @@ def getUser():
'user': r.user,
'name': r.name,
'pwd': r.pwd,
- 'avatar': r.avatar,
- 'facesetid': r.facesetid
+ 'avatar': r.avatar
}
if r.avatar is not None and len(r.avatar) != 0:
rr['avatar'] = ImgHandler.getBase64(r.avatar)
@@ -619,49 +618,123 @@ def clear_recycle():
return '请先登录'
-@app.route('/addImageFromUrl', methods=['post', 'get'])
+@app.route('/', methods=['GET', 'POST'])
+def mainPage():
+ return redirect(url_for('sign_in_page'))
+
+
+# 插件区
+
+def checkCookie(request, session):
+ if 'XFYID' in request.cookies:
+ XFYID = request.cookies['XFYID']
+ else:
+ return False
+ if 'KEY' in request.cookies:
+ KEY = request.cookies['KEY']
+ else:
+ return False
+ username = aes_decrypt(XFYID, KEY)
+ r = session.query(User).filter(User.user == username).first()
+ if r is None:
+ return False
+ else:
+ return r
+
+
+@app.route('/plug-in/addImageFromUrl', methods=['post'])
@cross_origin()
def addImageFromUrl():
- if request.method == 'GET':
- return ''
+ u = checkCookie(request, db.session)
+ if not u:
+ return '登录失败'
else:
hhh = {
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
'Accept-Encoding': 'gzip, deflate, br',
'Accept-Language': 'zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6',
'Connection': 'keep-alive',
- 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Edg/93.0.961.38',
+ 'User-Agent': request.headers['USER_AGENT'],
}
- txt = request.data.decode()
+ txts = request.json.get('data')
data = []
- txts = txt.split(',,,')
- facesetid = txts.pop(0)
- u = db.session.query(User).filter(facesetid == facesetid).first()
+ error = []
for x in txts: # todo 插件API
- d = {}
- if 'data:image' in x:
- a = x.split('base64,')[1]
- d['filename'] = a[:7]
+ d = {'filename': x['name']}
+ if 'data:image' in x['content']:
+ a = x['content'].split('base64,')[1]
d['stream'] = decode(a)
data.append(d)
- if 'http' in x:
- temp = x.split('/')[-1]
- d['filename'] = re.findall('(.*?)\.', temp)[0]
- r = requests.get(url=x, headers=hhh, timeout=10)
+ if 'http' in x['content']:
+ r = requests.get(url=x['content'], headers=hhh, timeout=5)
if '' not in r.text:
d['stream'] = r.content
data.append(d)
+ else:
+ error.append(x['content'])
upload_img(db.session, u.user, data, 10, None, True)
- return '成功'
+ if len(error) > 0:
+ return "以下链接上传失败: \n" + '\n'.join(error)
+ else:
+ return '上传成功'
-@app.route('/', methods=['GET', 'POST'])
-def mainPage():
- return redirect(url_for('sign_in_page'))
+# 登录 username -用户名 pwd -登录密码
+@app.route('/plug-in/sign-in', methods=['post'])
+def sign_in_():
+ user = request.form.get('username')
+ pwd = request.form.get('pwd')
+ result = db.session.query(User).filter(User.user == user).first()
+ if result is None:
+ return '该用户不存在'
+ if result.pwd != pwd:
+ return '密码错误'
+ session['User'] = result
+ resp = make_response('登陆成功')
+ aes_key = generate_random_str(16)
+ resp.set_cookie("XFYID", aes_encrypt(user, aes_key), max_age=3600 * 24 * 365)
+ resp.set_cookie("KEY", aes_key, max_age=3600 * 24 * 365)
+ return resp
+
+
+# 获得用户个人信息
+@app.route('/plug-in/getUser', methods=['POST'])
+def getUser_():
+ r = checkCookie(request, db.session)
+ if not r:
+ return '登录失败'
+ rr = {
+ 'user': r.user,
+ 'name': r.name,
+ 'avatar': r.avatar
+ }
+ if r.avatar is not None and len(r.avatar) != 0:
+ rr['avatar'] = ImgHandler.getBase64(r.avatar)
+ return jsonify(rr)
+
+
+# 登出
+@app.route('/plug-in/logout', methods=['get'])
+def logout_():
+ resp = make_response('登出成功')
+ resp.delete_cookie('XFYID')
+ resp.delete_cookie('KEY')
+ return resp
+
+
+@app.route('/plug-in/getAblumName', methods=['get'])
+def getAblumName_():
+ u = checkCookie(request, db.session)
+ if not u:
+ return '登录失败'
+ r = db.session.query(Album.name).filter(Album.user == u.user).all()
+ r = [x[0] for x in r]
+ return json.dumps({'data': r})
if __name__ == '__main__':
delete_timeout(db.session)
# reset()
app.run(host='127.0.0.1', port=80)
+ # app.run(host='10.0.4.12', port=80)
pass
diff --git a/static/js/send.js b/static/js/send.js
index dd3ee10..55de24d 100644
--- a/static/js/send.js
+++ b/static/js/send.js
@@ -467,7 +467,6 @@ function openRegisterModal(t){
console.log(data.avatar)
e.find('input[name=username]').val(data.user)
e.find('input[name=name]').val(data.name)
- e.find('#facesetid').html(data.facesetid)
if(data.avatar){
$('#myAvatar').attr('src',data.avatar)
$('#nav-avatar').attr('src',data.avatar)
diff --git a/templates/base/baseHtml.html b/templates/base/baseHtml.html
index 5690437..e6bce72 100644
--- a/templates/base/baseHtml.html
+++ b/templates/base/baseHtml.html
@@ -501,10 +501,6 @@ 个人信息
-
- 库ID
-
-
diff --git a/utils.py b/utils.py
index c7e6312..9072562 100644
--- a/utils.py
+++ b/utils.py
@@ -8,8 +8,9 @@
import urllib.parse
from hashlib import sha1
from hashlib import sha256
+from Crypto.Cipher import AES
+from binascii import b2a_hex, a2b_hex
from io import BytesIO
-
import cv2
import numpy as np
from PIL import Image
@@ -99,7 +100,8 @@ class ImgHandler:
'ICO': b'\x00\x00\x01\x00\x01\x00\x20\x20',
'GIF': b'\x47\x49\x46',
'BMP': b'\x42\xd4D',
- 'TIFF': [b'\x4D\x4D', b'\x49\x49']
+ 'TIFF': [b'\x4D\x4D', b'\x49\x49'],
+ 'webp': b'RIFF'
}
@staticmethod
@@ -130,6 +132,41 @@ def getBase64(f_stream, t=None) -> [str, None]:
return None
+def aes_encrypt(message, aes_key):
+ """use AES to encrypt message,
+ :param message: 需要加密的内容
+ :param aes_key: 密钥
+ :return: encrypted_message密文
+ """
+ mode = AES.MODE_ECB # 加密模式
+ if type(message) == str:
+ message = bytes(message, 'utf-8')
+ if type(aes_key) == str:
+ aes_key = bytes(aes_key, 'utf-8')
+ # aes_key, message必须为16的倍数
+ while len(aes_key) % 16 != 0:
+ aes_key += b' '
+ while len(message) % 16 != 0:
+ message += b' '
+ # 加密对象aes
+ aes = AES.new(key=aes_key, mode=mode)
+ encrypt_message = aes.encrypt(plaintext=message)
+ return b2a_hex(encrypt_message)
+
+
+def aes_decrypt(encrypt_message, aes_key):
+ """ AES解密
+ :param encrypt_message: 密文
+ :param aes_key: 秘钥
+ :return: decrypt_text解密后内容
+ """
+ aes_mode = AES.MODE_ECB # 加密模式
+ aes = AES.new(key=bytes(aes_key, 'utf-8'), mode=aes_mode)
+ decrypted_text = aes.decrypt(a2b_hex(encrypt_message))
+ decrypted_text = decrypted_text.rstrip() # 去空格
+ return decrypted_text.decode()
+
+
class Signature:
def __init__(self, accessKey, secretKey):
self.access_key = accessKey