!22 Dash-FastAPI-Admin v1.4.0

Merge pull request !22 from insistence/develop

Author: insistence

README.md

@@ -1,12 +1,12 @@
 <p align="center">
 	<img alt="logo" src="https://oscimg.oschina.net/oscnet/up-d3d0a9303e11d522a06cd263f3079027715.png">
 </p>
-<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">Dash-FastAPI-Admin v1.3.1</h1>
+<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">Dash-FastAPI-Admin v1.4.0</h1>
 <h4 align="center">基于Dash+FastAPI前后端分离的纯Python快速开发框架</h4>
 <p align="center">
 	<a href="https://gitee.com/insistence2022/dash-fastapi-admin/stargazers"><img src="https://gitee.com/insistence2022/dash-fastapi-admin/badge/star.svg?theme=dark"></a>
     <a href="https://github.com/insistence/Dash-FastAPI-Admin"><img src="https://img.shields.io/github/stars/insistence/Dash-FastAPI-Admin?style=social"></a>
-	<a href="https://gitee.com/insistence2022/dash-fastapi-admin"><img src="https://img.shields.io/badge/DashFastAPIAdmin-v1.3.1-brightgreen.svg"></a>
+	<a href="https://gitee.com/insistence2022/dash-fastapi-admin"><img src="https://img.shields.io/badge/DashFastAPIAdmin-v1.4.0-brightgreen.svg"></a>
 	<a href="https://gitee.com/insistence2022/dash-fastapi-admin/blob/master/LICENSE"><img src="https://img.shields.io/github/license/mashape/apistatus.svg"></a>
     <img src="https://img.shields.io/badge/python-3.8 | 3.9-blue">
     <img src="https://img.shields.io/badge/MySQL-≥5.7-blue">
@@ -16,6 +16,7 @@
 
 
 
+
 ## 平台简介
 
 Dash-FastAPI-Admin是一套全部开源的快速开发平台，毫无保留给个人及企业免费使用。

dash-fastapi-backend/.env.dev

@@ -10,9 +10,13 @@ APP_HOST = '0.0.0.0'
 # 应用端口
 APP_PORT = 9099
 # 应用版本
-APP_VERSION= '1.3.1'
+APP_VERSION= '1.4.0'
 # 应用是否开启热重载
 APP_RELOAD = true
+# 应用是否开启IP归属区域查询
+APP_IP_LOCATION_QUERY = true
+# 应用是否允许账号同时登录
+APP_SAME_TIME_LOGIN = true
 
 # -------- Jwt配置 --------
 # Jwt秘钥
@@ -36,6 +40,8 @@ DB_USERNAME = 'root'
 DB_PASSWORD = 'mysqlroot'
 # 数据库名称
 DB_DATABASE = 'dash-fastapi'
+# 是否开启sqlalchemy日志
+DB_ECHO = true
 
 # -------- Redis配置 --------
 # Redis主机

dash-fastapi-backend/.env.prod

@@ -10,9 +10,13 @@ APP_HOST = '0.0.0.0'
 # 应用端口
 APP_PORT = 9099
 # 应用版本
-APP_VERSION= '1.3.1'
+APP_VERSION= '1.4.0'
 # 应用是否开启热重载
 APP_RELOAD = false
+# 应用是否开启IP归属区域查询
+APP_IP_LOCATION_QUERY = true
+# 应用是否允许账号同时登录
+APP_SAME_TIME_LOGIN = true
 
 # -------- Jwt配置 --------
 # Jwt秘钥
@@ -36,6 +40,8 @@ DB_USERNAME = 'root'
 DB_PASSWORD = 'mysqlroot'
 # 数据库名称
 DB_DATABASE = 'dash-fastapi'
+# 是否开启sqlalchemy日志
+DB_ECHO = true
 
 # -------- Redis配置 --------
 # Redis主机

dash-fastapi-backend/config/database.py

@@ -8,7 +8,7 @@
                           f"{DataBaseConfig.db_host}:{DataBaseConfig.db_port}/{DataBaseConfig.db_database}"
 
 engine = create_engine(
-    SQLALCHEMY_DATABASE_URL, echo=True
+    SQLALCHEMY_DATABASE_URL, echo=DataBaseConfig.db_echo
 )
 SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
 Base = declarative_base()

dash-fastapi-backend/config/env.py

@@ -11,12 +11,14 @@ class AppSettings(BaseSettings):
     应用配置
     """
     app_env: str = 'dev'
-    app_name: str = 'RuoYi-FasAPI'
+    app_name: str = 'Dash-FasAPI-Admin'
     app_root_path: str = '/dev-api'
     app_host: str = '0.0.0.0'
     app_port: int = 9099
-    app_version: str = '1.0.0'
+    app_version: str = '1.4.0'
     app_reload: bool = True
+    app_ip_location_query: bool = True
+    app_same_time_login: bool = True
 
 
 class JwtSettings(BaseSettings):
@@ -37,7 +39,8 @@ class DataBaseSettings(BaseSettings):
     db_port: int = 3306
     db_username: str = 'root'
     db_password: str = 'mysqlroot'
-    db_database: str = 'ruoyi-fastapi'
+    db_database: str = 'dash-fastapi'
+    db_echo: bool = True
 
 
 class RedisSettings(BaseSettings):

dash-fastapi-backend/module_admin/annotation/log_annotation.py

@@ -51,114 +51,118 @@ async def wrapper(*args, **kwargs):
             # 获取请求的ip及ip归属区域
             oper_ip = request.headers.get('remote_addr') if request.headers.get('is_browser') == 'no' else request.headers.get('X-Forwarded-For')
             oper_location = '内网IP'
-            try:
-                if oper_ip != '127.0.0.1' and oper_ip != 'localhost':
-                    ip_result = requests.get(f'https://qifu-api.baidubce.com/ip/geo/v1/district?ip={oper_ip}')
-                    if ip_result.status_code == 200:
-                        prov = ip_result.json().get('data').get('prov')
-                        city = ip_result.json().get('data').get('city')
-                        if prov or city:
-                            oper_location = f'{prov}-{city}'
+            if AppConfig.app_ip_location_query:
+                try:
+                    if oper_ip != '127.0.0.1' and oper_ip != 'localhost':
+                        ip_result = requests.get(f'https://qifu-api.baidubce.com/ip/geo/v1/district?ip={oper_ip}')
+                        if ip_result.status_code == 200:
+                            prov = ip_result.json().get('data').get('prov')
+                            city = ip_result.json().get('data').get('city')
+                            if prov or city:
+                                oper_location = f'{prov}-{city}'
+                            else:
+                                oper_location = '未知'
                         else:
                             oper_location = '未知'
-                    else:
-                        oper_location = '未知'
-            except Exception as e:
-                oper_location = '未知'
-                print(e)
-            finally:
-                # 根据不同的请求类型使用不同的方法获取请求参数
-                content_type = request.headers.get("Content-Type")
-                if content_type and ("multipart/form-data" in content_type or 'application/x-www-form-urlencoded' in content_type):
-                    payload = await request.form()
-                    oper_param = "\n".join([f"{key}: {value}" for key, value in payload.items()])
-                else:
-                    payload = await request.body()
-                    oper_param = json.dumps(json.loads(str(payload, 'utf-8')), ensure_ascii=False)
-                # 日志表请求参数字段长度最大为2000，因此在此处判断长度
-                if len(oper_param) > 2000:
-                    oper_param = '请求参数过长'
+                except Exception as e:
+                    oper_location = '未知'
+                    print(e)
+            # 根据不同的请求类型使用不同的方法获取请求参数
+            content_type = request.headers.get("Content-Type")
+            if content_type and ("multipart/form-data" in content_type or 'application/x-www-form-urlencoded' in content_type):
+                payload = await request.form()
+                oper_param = "\n".join([f"{key}: {value}" for key, value in payload.items()])
+            else:
+                payload = await request.body()
+                oper_param = json.dumps(json.loads(str(payload, 'utf-8')), ensure_ascii=False)
+            # 日志表请求参数字段长度最大为2000，因此在此处判断长度
+            if len(oper_param) > 2000:
+                oper_param = '请求参数过长'
 
-                # 获取操作时间
-                oper_time = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
-                # 此处在登录之前向原始函数传递一些登录信息，用于监测在线用户的相关信息
-                login_log = {}
-                if log_type == 'login':
-                    user_agent_info = parse(user_agent)
-                    browser = f'{user_agent_info.browser.family} {user_agent_info.browser.version[0]}'
-                    system_os = f'{user_agent_info.os.family} {user_agent_info.os.version[0]}'
-                    login_log = dict(
-                        ipaddr=oper_ip,
-                        login_location=oper_location,
-                        browser=browser,
-                        os=system_os,
-                        login_time=oper_time
-                    )
-                    kwargs['form_data'].login_info = login_log
-                # 调用原始函数
-                result = await func(*args, **kwargs)
-                # 获取请求耗时
-                cost_time = float(time.time() - start_time) * 100
-                # 判断请求是否来自api文档
-                request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False
-                request_from_redoc = request.headers.get('referer').endswith('redoc') if request.headers.get('referer') else False
-                # 根据响应结果的类型使用不同的方法获取响应结果参数
-                if isinstance(result, JSONResponse) or isinstance(result, ORJSONResponse) or isinstance(result, UJSONResponse):
-                    result_dict = json.loads(str(result.body, 'utf-8'))
+            # 获取操作时间
+            oper_time = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
+            # 此处在登录之前向原始函数传递一些登录信息，用于监测在线用户的相关信息
+            login_log = {}
+            if log_type == 'login':
+                user_agent_info = parse(user_agent)
+                browser = f'{user_agent_info.browser.family}'
+                system_os = f'{user_agent_info.os.family}'
+                if user_agent_info.browser.version != ():
+                    browser += f' {user_agent_info.browser.version[0]}'
+                if user_agent_info.os.version != ():
+                    system_os += f' {user_agent_info.os.version[0]}'
+                login_log = dict(
+                    ipaddr=oper_ip,
+                    login_location=oper_location,
+                    browser=browser,
+                    os=system_os,
+                    login_time=oper_time
+                )
+                kwargs['form_data'].login_info = login_log
+            # 调用原始函数
+            result = await func(*args, **kwargs)
+            # 获取请求耗时
+            cost_time = float(time.time() - start_time) * 100
+            # 判断请求是否来自api文档
+            request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False
+            request_from_redoc = request.headers.get('referer').endswith('redoc') if request.headers.get('referer') else False
+            # 根据响应结果的类型使用不同的方法获取响应结果参数
+            if isinstance(result, JSONResponse) or isinstance(result, ORJSONResponse) or isinstance(result, UJSONResponse):
+                result_dict = json.loads(str(result.body, 'utf-8'))
+            else:
+                if request_from_swagger or request_from_redoc:
+                    result_dict = {}
                 else:
-                    if request_from_swagger or request_from_redoc:
-                        result_dict = {}
+                    if result.status_code == 200:
+                        result_dict = {'code': result.status_code, 'message': '获取成功'}
                     else:
-                        if result.status_code == 200:
-                            result_dict = {'code': result.status_code, 'message': '获取成功'}
-                        else:
-                            result_dict = {'code': result.status_code, 'message': '获取失败'}
-                json_result = json.dumps(dict(code=result_dict.get('code'), message=result_dict.get('message')), ensure_ascii=False)
-                # 根据响应结果获取响应状态及异常信息
-                status = 1
-                error_msg = ''
-                if result_dict.get('code') == 200:
-                    status = 0
+                        result_dict = {'code': result.status_code, 'message': '获取失败'}
+            json_result = json.dumps(dict(code=result_dict.get('code'), message=result_dict.get('message')), ensure_ascii=False)
+            # 根据响应结果获取响应状态及异常信息
+            status = 1
+            error_msg = ''
+            if result_dict.get('code') == 200:
+                status = 0
+            else:
+                error_msg = result_dict.get('message')
+            # 根据日志类型向对应的日志表插入数据
+            if log_type == 'login':
+                # 登录请求来自于api文档时不记录登录日志，其余情况则记录
+                if request_from_swagger or request_from_redoc:
+                    pass
                 else:
-                    error_msg = result_dict.get('message')
-                # 根据日志类型向对应的日志表插入数据
-                if log_type == 'login':
-                    # 登录请求来自于api文档时不记录登录日志，其余情况则记录
-                    if request_from_swagger or request_from_redoc:
-                        pass
-                    else:
-                        user = kwargs.get('form_data')
-                        user_name = user.username
-                        login_log['user_name'] = user_name
-                        login_log['status'] = str(status)
-                        login_log['msg'] = result_dict.get('message')
+                    user = kwargs.get('form_data')
+                    user_name = user.username
+                    login_log['user_name'] = user_name
+                    login_log['status'] = str(status)
+                    login_log['msg'] = result_dict.get('message')
 
-                        LoginLogService.add_login_log_services(query_db, LogininforModel(**login_log))
-                else:
-                    current_user = await get_current_user(request, token, query_db)
-                    oper_name = current_user.user.user_name
-                    dept_name = current_user.dept.dept_name if current_user.dept else None
-                    operation_log = dict(
-                        title=title,
-                        business_type=business_type,
-                        method=func_path,
-                        request_method=request_method,
-                        operator_type=operator_type,
-                        oper_name=oper_name,
-                        dept_name=dept_name,
-                        oper_url=oper_url,
-                        oper_ip=oper_ip,
-                        oper_location=oper_location,
-                        oper_param=oper_param,
-                        json_result=json_result,
-                        status=status,
-                        error_msg=error_msg,
-                        oper_time=oper_time,
-                        cost_time=cost_time
-                    )
-                    OperationLogService.add_operation_log_services(query_db, OperLogModel(**operation_log))
+                    LoginLogService.add_login_log_services(query_db, LogininforModel(**login_log))
+            else:
+                current_user = await get_current_user(request, token, query_db)
+                oper_name = current_user.user.user_name
+                dept_name = current_user.dept.dept_name if current_user.dept else None
+                operation_log = dict(
+                    title=title,
+                    business_type=business_type,
+                    method=func_path,
+                    request_method=request_method,
+                    operator_type=operator_type,
+                    oper_name=oper_name,
+                    dept_name=dept_name,
+                    oper_url=oper_url,
+                    oper_ip=oper_ip,
+                    oper_location=oper_location,
+                    oper_param=oper_param,
+                    json_result=json_result,
+                    status=status,
+                    error_msg=error_msg,
+                    oper_time=oper_time,
+                    cost_time=cost_time
+                )
+                OperationLogService.add_operation_log_services(query_db, OperLogModel(**operation_log))
 
-                return result
+            return result
 
         return wrapper
 

dash-fastapi-backend/module_admin/controller/login_controller.py

@@ -44,11 +44,13 @@ async def login(request: Request, form_data: CustomOAuth2PasswordRequestForm = D
             },
             expires_delta=access_token_expires
         )
-        await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", access_token,
-                                          ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
-        # 此方法可实现同一账号同一时间只能登录一次
-        # await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token,
-        #                                   ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+        if AppConfig.app_same_time_login:
+            await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", access_token,
+                                              ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+        else:
+            # 此方法可实现同一账号同一时间只能登录一次
+            await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token,
+                                              ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
         logger.info('登录成功')
         # 判断请求是否来自于api文档，如果是返回指定格式的结果，用于修复api文档认证成功后token显示undefined的bug
         request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False

dash-fastapi-backend/module_admin/service/login_service.py

@@ -73,14 +73,18 @@ async def get_current_user(request: Request = Request, token: str = Depends(oaut
     if user is None:
         logger.warning("用户token不合法")
         raise AuthException(data="", message="用户token不合法")
-    redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}")
-    # 此方法可实现同一账号同一时间只能登录一次
-    # redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}")
+    if AppConfig.app_same_time_login:
+        redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}")
+    else:
+        # 此方法可实现同一账号同一时间只能登录一次
+        redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}")
     if token == redis_token:
-        await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", redis_token,
-                                          ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
-        # await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}", redis_token,
-        #                                   ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+        if AppConfig.app_same_time_login:
+            await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", redis_token,
+                                              ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+        else:
+            await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}", redis_token,
+                                              ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
 
         return CurrentUserInfoServiceResponse(
             user=user.user_basic_info,