diff --git a/.flaskenv b/.flaskenv index ddabb3b0b3f06889ed40773783e2837b09eba8fe..721d9f047bc213a9f64ae7e2507f1aef93fddd7b 100644 --- a/.flaskenv +++ b/.flaskenv @@ -14,11 +14,11 @@ MYSQL_HOST=127.0.0.1 MYSQL_PORT=3306 MYSQL_DATABASE=PearAdminFlask MYSQL_USERNAME=root -MYSQL_PASSWORD=root +MYSQL_PASSWORD=123456 # Redis 配置 -REDIS_HOST=127.0.0.1 -REDIS_PORT=6379 +# REDIS_HOST=127.0.0.1 +# REDIS_PORT=6379 # 密钥配置(记得改) SECRET_KEY='pear-admin-flask' diff --git a/Dockerfile b/Dockerfile index 45a2cbe5501d2e64b5d3bf158b5c1a3a052de485..0b051cd9293a0e6bf619bc5ebcda87652a6cb084 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ -FROM python:3.7-alpine +FROM python:3.7.13-alpine3.15 -RUN echo http://mirrors.aliyun.com/alpine/v3.12/main > /etc/apk/repositories \ - && echo http://mirrors.aliyun.com/alpine/v3.12/community >> /etc/apk/repositories \ +RUN echo http://mirrors.aliyun.com/alpine/v3.15/main > /etc/apk/repositories \ + && echo http://mirrors.aliyun.com/alpine/v3.15/community >> /etc/apk/repositories \ && apk update \ && apk --update add --no-cache gcc \ && apk --update add --no-cache g++ \ diff --git a/README.md b/README.md index e0adb5eb704894500e2253304cfc953a275514f2..42f18b091a31f4028af1f40cdf58cb137b0d4872 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ 开 箱 即 用 的 Flask 快 速 开 发 平 台 - [预 览](http://flask.pearadmin.com) | [官 网](http://www.pearadmin.com/) | [群聊](https://jq.qq.com/?_wv=1027&k=5OdSmve) | [社区](http://forum.pearadmin.com/) + [预 览](http://flask.pearadmin.com) | [官 网](http://www.pearadmin.com/) | [群聊](https://jq.qq.com/?_wv=1027&k=TkLAKUxC) | [社区](http://forum.pearadmin.com/)

@@ -90,8 +90,6 @@ Pear Admin Flask ``` - - #### 项目安装 ```bash diff --git a/applications/common/script/initdb.py b/applications/common/script/initdb.py index 84399ff00a1dc70ad87a9fa21a0f3908326a837d..27358e36fef1bee7ea55ce3fd37b94293814cc9c 100644 --- a/applications/common/script/initdb.py +++ b/applications/common/script/initdb.py @@ -22,7 +22,7 @@ def is_exist_database(): def init_database(): db = pymysql.connect(host=HOST, port=int(PORT), user=USERNAME, password=PASSWORD, charset='utf8mb4') cursor1 = db.cursor() - sql = "CREATE DATABASE IF NOT EXISTS %s" % DATABASE + sql = "CREATE DATABASE IF NOT EXISTS %s CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;" % DATABASE res = cursor1.execute(sql) db.close() return res diff --git a/applications/configs/config.py b/applications/configs/config.py index bdae8ece24bff3575db7ae7b29864ea3d6a094d7..18b9edd9561d9aa5b0ed7090290736b308a137f0 100644 --- a/applications/configs/config.py +++ b/applications/configs/config.py @@ -1,5 +1,6 @@ import logging import os +from urllib.parse import quote_plus as urlquote class BaseConfig: @@ -44,7 +45,8 @@ class BaseConfig: MYSQL_DATABASE = os.getenv('MYSQL_DATABASE') or "PearAdminFlask" # mysql 数据库的配置信息 - SQLALCHEMY_DATABASE_URI = f"mysql+pymysql://{MYSQL_USERNAME}:{MYSQL_PASSWORD}@{MYSQL_HOST}:{MYSQL_PORT}/{MYSQL_DATABASE}" + SQLALCHEMY_DATABASE_URI = f"mysql+pymysql://{MYSQL_USERNAME}:{urlquote(MYSQL_PASSWORD)}@{MYSQL_HOST}:{MYSQL_PORT}/{MYSQL_DATABASE}?charset=utf8mb4" + # 默认日志等级 LOG_LEVEL = logging.WARN # diff --git a/applications/extensions/init_sqlalchemy.py b/applications/extensions/init_sqlalchemy.py index ed9fdc0a7c6aba72a96623de9841bb47f2244b7b..13e68d4f2f055e13eeabb875bd7d3c4dad160a1a 100644 --- a/applications/extensions/init_sqlalchemy.py +++ b/applications/extensions/init_sqlalchemy.py @@ -55,15 +55,33 @@ class Query(BaseQuery): def logic_all(self): return self.filter_by(delete_at=None).all() + def all_json(self, schema: Marshmallow().Schema): + return schema(many=True).dump(self.all()) + def layui_paginate(self): + return self.paginate(page=request.args.get('page', type=int), + per_page=request.args.get('limit', type=int), + error_out=False) + + def layui_paginate_json(self, schema: Marshmallow().Schema): """ - layui表格分页 - page - limit + 返回dict """ - return self.paginate(page=request.args.get('page', type=int), + _res = self.paginate( + page=request.args.get('page', type=int), + per_page=request.args.get('limit', type=int), + error_out=False + ) + return schema(many=True).dump(_res.items), _res.total, _res.page, _res.per_page + + def layui_paginate_db_json(self): + """ + db.query(A.name).layui_paginate_db_json() + """ + _res = self.paginate(page=request.args.get('page', type=int), per_page=request.args.get('limit', type=int), error_out=False) + return [dict(i) for i in _res.items], _res.total db = SQLAlchemy(query_class=Query) diff --git a/applications/view/department/__init__.py b/applications/view/department/__init__.py index c8a8584811eeb9e61f01deec27340ecbbe883f97..322c87a6d1f2c22987f18cfa55c353b04727b757 100644 --- a/applications/view/department/__init__.py +++ b/applications/view/department/__init__.py @@ -1,15 +1,13 @@ from flask import Blueprint, render_template, request, jsonify -from marshmallow import INCLUDE -from webargs.flaskparser import use_args from applications.common import curd +from applications.common.utils import validate from applications.common.utils.http import success_api, fail_api from applications.common.utils.rights import authorize -from applications.common.utils import validate +from applications.common.utils.validate import xss_escape from applications.extensions import db from applications.models import Dept, User from applications.schemas import DeptOutSchema -from applications.schemas.admin_dept import DeptInSchema dept_bp = Blueprint('dept', __name__, url_prefix='/dept') @@ -56,17 +54,17 @@ def tree(): @dept_bp.post('/save') @authorize("admin:dept:add", log=True) -@use_args(DeptInSchema(), location="json", unknown=True) -def save(args): +def save(): + req_json = request.json dept = Dept( - parent_id=args['parentId'], - dept_name=args['deptName'], - sort=args['sort'], - leader=args['leader'], - phone=args['phone'], - email=args['email'], - status=args['status'], - address=args['address'] + parent_id=req_json.get('parentId'), + dept_name=xss_escape(req_json.get('deptName')), + sort=xss_escape(req_json.get('sort')), + leader=xss_escape(req_json.get('leader')), + phone=xss_escape(req_json.get('phone')), + email=xss_escape(req_json.get('email')), + status=xss_escape(req_json.get('status')), + address=xss_escape(req_json.get('address')) ) r = db.session.add(dept) db.session.commit() @@ -77,7 +75,7 @@ def save(args): @authorize("admin:dept:edit", log=True) def edit(): _id = request.args.get("deptId") - dept = curd.get_one_by_id(model=Dept,id=_id) + dept = curd.get_one_by_id(model=Dept, id=_id) return render_template('admin/dept/edit.html', dept=dept) @@ -115,7 +113,6 @@ def dis_enable(): @authorize("admin:dept:edit", log=True) def update(): json = request.json - validate.check_data(DeptSchema(unknown=INCLUDE), json) id = json.get("deptId"), data = { "dept_name": validate.xss_escape(json.get("deptName")), diff --git a/applications/view/passport/__init__.py b/applications/view/passport/__init__.py index 16a971d100302652f55232d919782cde6503ca2f..3c18e507ab766ae12626233ed2afb37788617528 100644 --- a/applications/view/passport/__init__.py +++ b/applications/view/passport/__init__.py @@ -49,10 +49,10 @@ def login_post(): return fail_api(msg="验证码错误") user = User.query.filter_by(username=username).first() - if user is None: + if not user: return fail_api(msg="不存在的用户") - if user.enable is 0: + if user.enable == 0: return fail_api(msg="用户被暂停使用") if username == user.username and user.validate_password(password): diff --git a/requirement/requirement-dev.txt b/requirement/requirement-dev.txt index 7b61d56efa57852e37ff8c898e5cf356da3b4acf..e0394971f48808cc3bdf18abf88d965aff4deee0 100644 --- a/requirement/requirement-dev.txt +++ b/requirement/requirement-dev.txt @@ -1,8 +1,8 @@ -Flask==2.0.2 +Flask==2.1.1 Flask-APScheduler==1.12.2 Flask-DebugToolbar==0.11.0 Flask-Migrate==3.1.0 -Flask-Login==0.5.0 +Flask-Login==0.6.0 Flask_Reuploaded==0.5.0 Flask-SQLAlchemy==2.5.1 flask-marshmallow==0.14.0