diff --git a/README.md b/README.md
index dd25877e23695f07d33c7aeb79efadbcc98e0ed5..0fe715c817574cd5f3ad1bb5820bbd011230cbee 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,12 @@
-Dash-FastAPI-Admin v1.3.1
+Dash-FastAPI-Admin v1.4.0
基于Dash+FastAPI前后端分离的纯Python快速开发框架
- 
+ 
@@ -16,6 +16,7 @@
+
## 平台简介
Dash-FastAPI-Admin是一套全部开源的快速开发平台,毫无保留给个人及企业免费使用。
diff --git a/dash-fastapi-backend/.env.dev b/dash-fastapi-backend/.env.dev
index 71ea2f6af4f8375da93584dff2a3c21ef245e1c2..4923d01a8a9ecd3ba046e66a177cbaad27b773ed 100644
--- a/dash-fastapi-backend/.env.dev
+++ b/dash-fastapi-backend/.env.dev
@@ -10,9 +10,13 @@ APP_HOST = '0.0.0.0'
# 应用端口
APP_PORT = 9099
# 应用版本
-APP_VERSION= '1.3.1'
+APP_VERSION= '1.4.0'
# 应用是否开启热重载
APP_RELOAD = true
+# 应用是否开启IP归属区域查询
+APP_IP_LOCATION_QUERY = true
+# 应用是否允许账号同时登录
+APP_SAME_TIME_LOGIN = true
# -------- Jwt配置 --------
# Jwt秘钥
@@ -36,6 +40,8 @@ DB_USERNAME = 'root'
DB_PASSWORD = 'mysqlroot'
# 数据库名称
DB_DATABASE = 'dash-fastapi'
+# 是否开启sqlalchemy日志
+DB_ECHO = true
# -------- Redis配置 --------
# Redis主机
diff --git a/dash-fastapi-backend/.env.prod b/dash-fastapi-backend/.env.prod
index 0857b79a3e9b318a90ecb0d37950eeec669eaf3e..1e06e0d8c8d8d85ea92560461683426c1bbdfd96 100644
--- a/dash-fastapi-backend/.env.prod
+++ b/dash-fastapi-backend/.env.prod
@@ -10,9 +10,13 @@ APP_HOST = '0.0.0.0'
# 应用端口
APP_PORT = 9099
# 应用版本
-APP_VERSION= '1.3.1'
+APP_VERSION= '1.4.0'
# 应用是否开启热重载
APP_RELOAD = false
+# 应用是否开启IP归属区域查询
+APP_IP_LOCATION_QUERY = true
+# 应用是否允许账号同时登录
+APP_SAME_TIME_LOGIN = true
# -------- Jwt配置 --------
# Jwt秘钥
@@ -36,6 +40,8 @@ DB_USERNAME = 'root'
DB_PASSWORD = 'mysqlroot'
# 数据库名称
DB_DATABASE = 'dash-fastapi'
+# 是否开启sqlalchemy日志
+DB_ECHO = true
# -------- Redis配置 --------
# Redis主机
diff --git a/dash-fastapi-backend/config/database.py b/dash-fastapi-backend/config/database.py
index 8d2012fbcd07067aacb69682876e474444058ace..4f00f8b73d941698ad19824c8eed134ba2afc1d9 100644
--- a/dash-fastapi-backend/config/database.py
+++ b/dash-fastapi-backend/config/database.py
@@ -8,7 +8,7 @@ SQLALCHEMY_DATABASE_URL = f"mysql+pymysql://{DataBaseConfig.db_username}:{quote_
f"{DataBaseConfig.db_host}:{DataBaseConfig.db_port}/{DataBaseConfig.db_database}"
engine = create_engine(
- SQLALCHEMY_DATABASE_URL, echo=True
+ SQLALCHEMY_DATABASE_URL, echo=DataBaseConfig.db_echo
)
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
Base = declarative_base()
diff --git a/dash-fastapi-backend/config/env.py b/dash-fastapi-backend/config/env.py
index ce63d17aaac9cf10522806240d627fdd39e04505..f257c1f6e61138ec6ab14604208b051a9fac4579 100644
--- a/dash-fastapi-backend/config/env.py
+++ b/dash-fastapi-backend/config/env.py
@@ -11,12 +11,14 @@ class AppSettings(BaseSettings):
应用配置
"""
app_env: str = 'dev'
- app_name: str = 'RuoYi-FasAPI'
+ app_name: str = 'Dash-FasAPI-Admin'
app_root_path: str = '/dev-api'
app_host: str = '0.0.0.0'
app_port: int = 9099
- app_version: str = '1.0.0'
+ app_version: str = '1.4.0'
app_reload: bool = True
+ app_ip_location_query: bool = True
+ app_same_time_login: bool = True
class JwtSettings(BaseSettings):
@@ -37,7 +39,8 @@ class DataBaseSettings(BaseSettings):
db_port: int = 3306
db_username: str = 'root'
db_password: str = 'mysqlroot'
- db_database: str = 'ruoyi-fastapi'
+ db_database: str = 'dash-fastapi'
+ db_echo: bool = True
class RedisSettings(BaseSettings):
diff --git a/dash-fastapi-backend/module_admin/annotation/log_annotation.py b/dash-fastapi-backend/module_admin/annotation/log_annotation.py
index 46f80e610e59e304e94c77095019869e6fe1600e..2e12462d2fea76901f60ddaf7b93c9cc3a3118f4 100644
--- a/dash-fastapi-backend/module_admin/annotation/log_annotation.py
+++ b/dash-fastapi-backend/module_admin/annotation/log_annotation.py
@@ -51,114 +51,118 @@ def log_decorator(title: str, business_type: int, log_type: Optional[str] = 'ope
# 获取请求的ip及ip归属区域
oper_ip = request.headers.get('remote_addr') if request.headers.get('is_browser') == 'no' else request.headers.get('X-Forwarded-For')
oper_location = '内网IP'
- try:
- if oper_ip != '127.0.0.1' and oper_ip != 'localhost':
- ip_result = requests.get(f'https://qifu-api.baidubce.com/ip/geo/v1/district?ip={oper_ip}')
- if ip_result.status_code == 200:
- prov = ip_result.json().get('data').get('prov')
- city = ip_result.json().get('data').get('city')
- if prov or city:
- oper_location = f'{prov}-{city}'
+ if AppConfig.app_ip_location_query:
+ try:
+ if oper_ip != '127.0.0.1' and oper_ip != 'localhost':
+ ip_result = requests.get(f'https://qifu-api.baidubce.com/ip/geo/v1/district?ip={oper_ip}')
+ if ip_result.status_code == 200:
+ prov = ip_result.json().get('data').get('prov')
+ city = ip_result.json().get('data').get('city')
+ if prov or city:
+ oper_location = f'{prov}-{city}'
+ else:
+ oper_location = '未知'
else:
oper_location = '未知'
- else:
- oper_location = '未知'
- except Exception as e:
- oper_location = '未知'
- print(e)
- finally:
- # 根据不同的请求类型使用不同的方法获取请求参数
- content_type = request.headers.get("Content-Type")
- if content_type and ("multipart/form-data" in content_type or 'application/x-www-form-urlencoded' in content_type):
- payload = await request.form()
- oper_param = "\n".join([f"{key}: {value}" for key, value in payload.items()])
- else:
- payload = await request.body()
- oper_param = json.dumps(json.loads(str(payload, 'utf-8')), ensure_ascii=False)
- # 日志表请求参数字段长度最大为2000,因此在此处判断长度
- if len(oper_param) > 2000:
- oper_param = '请求参数过长'
+ except Exception as e:
+ oper_location = '未知'
+ print(e)
+ # 根据不同的请求类型使用不同的方法获取请求参数
+ content_type = request.headers.get("Content-Type")
+ if content_type and ("multipart/form-data" in content_type or 'application/x-www-form-urlencoded' in content_type):
+ payload = await request.form()
+ oper_param = "\n".join([f"{key}: {value}" for key, value in payload.items()])
+ else:
+ payload = await request.body()
+ oper_param = json.dumps(json.loads(str(payload, 'utf-8')), ensure_ascii=False)
+ # 日志表请求参数字段长度最大为2000,因此在此处判断长度
+ if len(oper_param) > 2000:
+ oper_param = '请求参数过长'
- # 获取操作时间
- oper_time = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
- # 此处在登录之前向原始函数传递一些登录信息,用于监测在线用户的相关信息
- login_log = {}
- if log_type == 'login':
- user_agent_info = parse(user_agent)
- browser = f'{user_agent_info.browser.family} {user_agent_info.browser.version[0]}'
- system_os = f'{user_agent_info.os.family} {user_agent_info.os.version[0]}'
- login_log = dict(
- ipaddr=oper_ip,
- login_location=oper_location,
- browser=browser,
- os=system_os,
- login_time=oper_time
- )
- kwargs['form_data'].login_info = login_log
- # 调用原始函数
- result = await func(*args, **kwargs)
- # 获取请求耗时
- cost_time = float(time.time() - start_time) * 100
- # 判断请求是否来自api文档
- request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False
- request_from_redoc = request.headers.get('referer').endswith('redoc') if request.headers.get('referer') else False
- # 根据响应结果的类型使用不同的方法获取响应结果参数
- if isinstance(result, JSONResponse) or isinstance(result, ORJSONResponse) or isinstance(result, UJSONResponse):
- result_dict = json.loads(str(result.body, 'utf-8'))
+ # 获取操作时间
+ oper_time = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
+ # 此处在登录之前向原始函数传递一些登录信息,用于监测在线用户的相关信息
+ login_log = {}
+ if log_type == 'login':
+ user_agent_info = parse(user_agent)
+ browser = f'{user_agent_info.browser.family}'
+ system_os = f'{user_agent_info.os.family}'
+ if user_agent_info.browser.version != ():
+ browser += f' {user_agent_info.browser.version[0]}'
+ if user_agent_info.os.version != ():
+ system_os += f' {user_agent_info.os.version[0]}'
+ login_log = dict(
+ ipaddr=oper_ip,
+ login_location=oper_location,
+ browser=browser,
+ os=system_os,
+ login_time=oper_time
+ )
+ kwargs['form_data'].login_info = login_log
+ # 调用原始函数
+ result = await func(*args, **kwargs)
+ # 获取请求耗时
+ cost_time = float(time.time() - start_time) * 100
+ # 判断请求是否来自api文档
+ request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False
+ request_from_redoc = request.headers.get('referer').endswith('redoc') if request.headers.get('referer') else False
+ # 根据响应结果的类型使用不同的方法获取响应结果参数
+ if isinstance(result, JSONResponse) or isinstance(result, ORJSONResponse) or isinstance(result, UJSONResponse):
+ result_dict = json.loads(str(result.body, 'utf-8'))
+ else:
+ if request_from_swagger or request_from_redoc:
+ result_dict = {}
else:
- if request_from_swagger or request_from_redoc:
- result_dict = {}
+ if result.status_code == 200:
+ result_dict = {'code': result.status_code, 'message': '获取成功'}
else:
- if result.status_code == 200:
- result_dict = {'code': result.status_code, 'message': '获取成功'}
- else:
- result_dict = {'code': result.status_code, 'message': '获取失败'}
- json_result = json.dumps(dict(code=result_dict.get('code'), message=result_dict.get('message')), ensure_ascii=False)
- # 根据响应结果获取响应状态及异常信息
- status = 1
- error_msg = ''
- if result_dict.get('code') == 200:
- status = 0
+ result_dict = {'code': result.status_code, 'message': '获取失败'}
+ json_result = json.dumps(dict(code=result_dict.get('code'), message=result_dict.get('message')), ensure_ascii=False)
+ # 根据响应结果获取响应状态及异常信息
+ status = 1
+ error_msg = ''
+ if result_dict.get('code') == 200:
+ status = 0
+ else:
+ error_msg = result_dict.get('message')
+ # 根据日志类型向对应的日志表插入数据
+ if log_type == 'login':
+ # 登录请求来自于api文档时不记录登录日志,其余情况则记录
+ if request_from_swagger or request_from_redoc:
+ pass
else:
- error_msg = result_dict.get('message')
- # 根据日志类型向对应的日志表插入数据
- if log_type == 'login':
- # 登录请求来自于api文档时不记录登录日志,其余情况则记录
- if request_from_swagger or request_from_redoc:
- pass
- else:
- user = kwargs.get('form_data')
- user_name = user.username
- login_log['user_name'] = user_name
- login_log['status'] = str(status)
- login_log['msg'] = result_dict.get('message')
+ user = kwargs.get('form_data')
+ user_name = user.username
+ login_log['user_name'] = user_name
+ login_log['status'] = str(status)
+ login_log['msg'] = result_dict.get('message')
- LoginLogService.add_login_log_services(query_db, LogininforModel(**login_log))
- else:
- current_user = await get_current_user(request, token, query_db)
- oper_name = current_user.user.user_name
- dept_name = current_user.dept.dept_name if current_user.dept else None
- operation_log = dict(
- title=title,
- business_type=business_type,
- method=func_path,
- request_method=request_method,
- operator_type=operator_type,
- oper_name=oper_name,
- dept_name=dept_name,
- oper_url=oper_url,
- oper_ip=oper_ip,
- oper_location=oper_location,
- oper_param=oper_param,
- json_result=json_result,
- status=status,
- error_msg=error_msg,
- oper_time=oper_time,
- cost_time=cost_time
- )
- OperationLogService.add_operation_log_services(query_db, OperLogModel(**operation_log))
+ LoginLogService.add_login_log_services(query_db, LogininforModel(**login_log))
+ else:
+ current_user = await get_current_user(request, token, query_db)
+ oper_name = current_user.user.user_name
+ dept_name = current_user.dept.dept_name if current_user.dept else None
+ operation_log = dict(
+ title=title,
+ business_type=business_type,
+ method=func_path,
+ request_method=request_method,
+ operator_type=operator_type,
+ oper_name=oper_name,
+ dept_name=dept_name,
+ oper_url=oper_url,
+ oper_ip=oper_ip,
+ oper_location=oper_location,
+ oper_param=oper_param,
+ json_result=json_result,
+ status=status,
+ error_msg=error_msg,
+ oper_time=oper_time,
+ cost_time=cost_time
+ )
+ OperationLogService.add_operation_log_services(query_db, OperLogModel(**operation_log))
- return result
+ return result
return wrapper
diff --git a/dash-fastapi-backend/module_admin/controller/login_controller.py b/dash-fastapi-backend/module_admin/controller/login_controller.py
index 191d8715c0b9d251af4c551eef70cd855b5b33fd..23f7b94e0f0c29ab0319a439e3e21b772a626e84 100644
--- a/dash-fastapi-backend/module_admin/controller/login_controller.py
+++ b/dash-fastapi-backend/module_admin/controller/login_controller.py
@@ -44,11 +44,13 @@ async def login(request: Request, form_data: CustomOAuth2PasswordRequestForm = D
},
expires_delta=access_token_expires
)
- await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", access_token,
- ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
- # 此方法可实现同一账号同一时间只能登录一次
- # await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token,
- # ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+ if AppConfig.app_same_time_login:
+ await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", access_token,
+ ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+ else:
+ # 此方法可实现同一账号同一时间只能登录一次
+ await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token,
+ ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
logger.info('登录成功')
# 判断请求是否来自于api文档,如果是返回指定格式的结果,用于修复api文档认证成功后token显示undefined的bug
request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False
diff --git a/dash-fastapi-backend/module_admin/service/login_service.py b/dash-fastapi-backend/module_admin/service/login_service.py
index 321ab55f1882dd70d43c152ec7a23d25c3300d5f..9197bc7438bc0ec4e4774d5b0de7b6a57274e7d5 100644
--- a/dash-fastapi-backend/module_admin/service/login_service.py
+++ b/dash-fastapi-backend/module_admin/service/login_service.py
@@ -73,14 +73,18 @@ async def get_current_user(request: Request = Request, token: str = Depends(oaut
if user is None:
logger.warning("用户token不合法")
raise AuthException(data="", message="用户token不合法")
- redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}")
- # 此方法可实现同一账号同一时间只能登录一次
- # redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}")
+ if AppConfig.app_same_time_login:
+ redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}")
+ else:
+ # 此方法可实现同一账号同一时间只能登录一次
+ redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}")
if token == redis_token:
- await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", redis_token,
- ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
- # await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}", redis_token,
- # ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+ if AppConfig.app_same_time_login:
+ await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", redis_token,
+ ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+ else:
+ await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}", redis_token,
+ ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
return CurrentUserInfoServiceResponse(
user=user.user_basic_info,
diff --git a/dash-fastapi-frontend/server.py b/dash-fastapi-frontend/server.py
index ada6f7bccc2503b8c9bcd072c15dd7719fa0f9ce..026ad3dcbabc3f92b2e458181a7485e65bfeba81 100644
--- a/dash-fastapi-frontend/server.py
+++ b/dash-fastapi-frontend/server.py
@@ -39,16 +39,17 @@ def get_user_agent_info():
user_string = str(request.user_agent)
user_agent = parse(user_string)
bw = user_agent.browser.family
- bw_version = user_agent.browser.version[0]
- if bw == 'IE':
- logger.warning("[sys]请求人:{}||请求IP:{}||请求方法:{}||请求Data:{}",
- session.get('name'), request_addr, request.method, '用户使用IE内核')
- return "
请不要使用IE浏览器或360浏览器兼容模式
"
- if bw_version < 71:
- logger.warning("[sys]请求人:{}||请求IP:{}||请求方法:{}||请求Data:{}",
- session.get('name'), request_addr, request.method, '用户Chrome内核版本太低')
- return "Chrome内核版本号太低,请升级浏览器
" \
- "点击此处可下载最新版Chrome浏览器
"
+ if user_agent.browser.version != ():
+ bw_version = user_agent.browser.version[0]
+ if bw == 'IE':
+ logger.warning("[sys]请求人:{}||请求IP:{}||请求方法:{}||请求Data:{}",
+ session.get('name'), request_addr, request.method, '用户使用IE内核')
+ return "请不要使用IE浏览器或360浏览器兼容模式
"
+ if bw_version < 71:
+ logger.warning("[sys]请求人:{}||请求IP:{}||请求方法:{}||请求Data:{}",
+ session.get('name'), request_addr, request.method, '用户Chrome内核版本太低')
+ return "Chrome内核版本号太低,请升级浏览器
" \
+ "点击此处可下载最新版Chrome浏览器
"
# 配置系统日志