PyPI - valar - Versions diffs - 1.2.5__tar.gz → 1.3.0__tar.gz - Mend

valar 1.2.5tar.gz → 1.3.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of valar might be problematic. Click here for more details.

Files changed (60) hide show

{valar-1.2.5/src/valar.egg-info → valar-1.3.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: valar
-Version: 1.2.5
+Version: 1.3.0
 Summary: valar for morghulis
 Home-page: https://gitee.com/GRIFFIN120/valar_dev
 Author: LYP
@@ -16,6 +16,7 @@ Requires-Dist: pandas==2.2.3
 Requires-Dist: openpyxl==3.1.5
 Requires-Dist: deepmerge~=2.0
 Requires-Dist: minio==7.2.2
+Requires-Dist: PyJWT~=2.10.1
 Dynamic: author
 Dynamic: author-email
 Dynamic: description

{valar-1.2.5 → valar-1.3.0}/setup.py RENAMED Viewed

@@ -12,11 +12,11 @@ requires = [
     'openpyxl==3.1.5',
     'deepmerge~=2.0',
     'minio==7.2.2',
+    'PyJWT~=2.10.1'
 ]
 setup(
     name="valar",  # 包名
-    version="1.2.5",  # 版本号
+    version="1.3.0",  # 版本号
     author="LYP",  # 作者
     author_email="liuyinpeng@buaa.edu.cn",  # 邮箱
     description="valar for morghulis",  # 简短描述

{valar-1.2.5 → valar-1.3.0}/src/valar/apps.py RENAMED Viewed

@@ -1,4 +1,6 @@
 import os
+import traceback
 from django.apps import AppConfig
 from .classes.app_mixins.auto_migration_mixin import AutoMigrationMixin
@@ -11,7 +13,11 @@ class ValarConfig(AutoMigrationMixin, AutoUrlPatternsMixin, AppConfig):
     def ready(self):
         if os.environ.get('RUN_MAIN') == 'true':
-            from .dao.frame import MetaFrame
-            getattr(super(), 'set_url', None)()
-            getattr(super(), 'auto_migrate', None)()
-            MetaFrame()
+            try:
+                from .dao.frame import MetaFrame
+                getattr(super(), 'set_url', None)()
+                getattr(super(), 'auto_migrate', None)()
+                MetaFrame()
+            except Exception as e:
+                traceback.print_exc()
+                print('ERROR', e)

valar-1.3.0/src/valar/auth/Authentication.py ADDED Viewed

@@ -0,0 +1,32 @@
+import jwt
+from django.conf import settings
+from src.valar.classes.valar_response import ValarResponse
+def auth_required(view_func):
+    def wrapper(request, *args, **kwargs):
+        payload, response = validate(request)
+        if payload:
+            request.user_id = payload["user_id"]
+            return view_func(request, *args, **kwargs)
+        else:
+            return response
+    return wrapper
+def validate(request):
+    auth_header = request.headers.get("Authorization")
+    if not auth_header or not auth_header.startswith("Bearer "):
+        return None, ValarResponse(False, '请登录系统', 'info', status=401)
+    token = auth_header.split(" ")[1]
+    if not token:
+        return None, ValarResponse(False, status=401)
+    try:
+        payload = jwt.decode(token, settings.SECRET_KEY, algorithms=["HS256"])
+        return payload, ValarResponse(False)
+    except jwt.ExpiredSignatureError:
+        return None, ValarResponse(False, '状态已过期，请重新登录', 'warning', status=401)
+    except jwt.InvalidTokenError:
+        return None, ValarResponse(False, '错误状态，请重新登录', 'error', status=401)

valar-1.3.0/src/valar/auth/Middleware.py ADDED Viewed

@@ -0,0 +1,28 @@
+import base64
+import json
+from django.http import HttpRequest
+from django.utils.deprecation import MiddlewareMixin
+from src.valar.auth.Authentication import validate
+from src.valar.classes.valar_response import ValarResponse
+class ValarMiddleware(MiddlewareMixin):
+    @staticmethod
+    def process_response(request: HttpRequest, response: ValarResponse):
+        auth = request.headers.get("Auth")
+        if auth:
+            payload, _ = validate(request)
+            if not payload:
+                return ValarResponse(False, '无效权限', 'error', status=403)
+        if type(response) == ValarResponse:
+            valar_message, valar_code = response.valar_message, response.valar_code
+            data = {
+                'payload': json.loads(response.content),
+                'message': valar_message,
+                'code': valar_code
+            }
+            response.content = json.dumps(data, ensure_ascii=False).encode("utf-8")
+            response["Content-Type"] = "application/json; charset=utf-8"
+        return response

{valar-1.2.5 → valar-1.3.0}/src/valar/channels/sender.py RENAMED Viewed

@@ -7,6 +7,7 @@ from channels.layers import get_channel_layer
 from django.http import HttpRequest
 import threading
 from .consumer import VALAR_CHANNEL_GROUP
+from ..auth.Authentication import validate
 class Channel:
@@ -54,7 +55,9 @@ class ValarChannelSender(Sender):
         self.__lock__ = threading.Lock()
         self.__interval__ = interval
         if self.__channel__.auth and not self.uid:
-            raise Exception('Unauthorized!')
+            payload, _ = validate(request)
+            if payload is None:
+                raise Exception('Unauthorized!')
     def _run(self):
         while self.__loading__:

valar-1.3.0/src/valar/classes/valar_response.py ADDED Viewed

@@ -0,0 +1,9 @@
+from django.http import JsonResponse
+class ValarResponse(JsonResponse):
+    def __init__(self, data=True, message='', code='info', status=200):
+        self.valar_message = message
+        self.valar_code = code
+        self.status_code = status
+        super(ValarResponse, self).__init__(data, safe=False)

{valar-1.2.5 → valar-1.3.0}/src/valar/dao/abstract.py RENAMED Viewed

@@ -1,8 +1,10 @@
 from abc import ABC, abstractmethod
 from bson import ObjectId
+from django.db.models import QuerySet
 from ..dao.engine import ValarEngine
+from ..models.core import VModel
 class AbstractField(ABC):
@@ -12,6 +14,7 @@ class AbstractField(ABC):
     label = None
     domain = None
     refer = None
+    model_field = None
     @abstractmethod
     def to_dict(self):
@@ -51,7 +54,7 @@ class AbstractDao(ABC):
         pass
     @abstractmethod
-    def values(self, conditions, props):
+    def values(self, conditions, props) -> list:
         pass
     @abstractmethod
@@ -59,11 +62,11 @@ class AbstractDao(ABC):
         pass
     @abstractmethod
-    def find_one(self, _id):
+    def find_one(self, _id) -> VModel:
         pass
     @abstractmethod
-    def find(self, conditions=None, orders=None, size=0, page=1):
+    def find(self, conditions=None, orders=None, size=0, page=1) -> (QuerySet, int):
         pass
     @abstractmethod

{valar-1.2.5 → valar-1.3.0}/src/valar/dao/defaults/field_keys_default.py RENAMED Viewed

@@ -39,10 +39,19 @@ meta_field_key_defaults = {
             ]
         ),
     },
-    'valar.Valar': {
+    'valar.Vala': {
         'simple': ('pick', ['id', 'name', 'text_field', 'boolean_field', 'integer_field', 'float_field']),
         'date': ('pick', ['id', 'name', 'date_field', 'datetime_field', 'time_field']),
         'special': ('pick', ['id', 'name', 'text_field', 'json_field', 'file', 'm2m']),
         'ref': ('pick', ['id', 'name', 'm2o', 'm2m', 'o2o_id']),
     },
+    'valar.Account': {
+        'auth': ('pick', ['user_id', 'username', 'email', 'is_active', 'is_admin', 'roles']),
+    },
+    'valar.Role': {
+        'auth': ('pick', ['name', 'duty', 'menu', 'account']),
+    },
+    'valar.Menu': {
+        'auth': ('pick', ['icon', 'path', 'name', 'roles', 'is_admin', 'scope']),
+    },
 }

{valar-1.2.5 → valar-1.3.0}/src/valar/dao/engine.py RENAMED Viewed

@@ -2,6 +2,8 @@ import pymongo
 from django.apps import apps
 from django.conf import settings
 from urllib.parse import urlparse
+from django.core.mail import EmailMessage
 from minio import Minio
 from pymongo.synchronous.collection import Collection
@@ -55,6 +57,13 @@ class ValarEngine(metaclass=SingletonMeta):
         else:
             self.minio_engine = None
+        self.from_email = settings.EMAIL_HOST_USER
+    def send_email(self, title, content, email):
+        e = EmailMessage(title, content, self.from_email, [email])
+        e.content_subtype = 'html'
+        e.send()
     def get_orm_model(self, entity) -> VModel:
         return self.orm_engine[entity]

{valar-1.2.5 → valar-1.3.0}/src/valar/dao/orm_field.py RENAMED Viewed

@@ -131,12 +131,10 @@ class OrmField(AbstractField):
 def column_width(domain, tool):
-    if domain in ['BooleanField', 'FileField', 'JSONField']:
-        return 80
-    elif domain in ['DateField', 'DateTimeField', 'TimeField']:
+    if domain in ['BooleanField', 'DateField', 'DateTimeField', 'TimeField']:
         return 120
-    elif domain in ['ManyToManyRel', 'ManyToManyRel', 'ManyToOneRel']:
-        return 80
-    elif domain in ['TextField']:
+    elif domain in ['ManyToManyRel', 'ManyToManyField', 'ManyToOneRel']:
+        return 120
+    elif domain in ['TextField', 'FileField', 'JSONField']:
         return 80 if tool == 'rich' else 0
     return 0

valar-1.3.0/src/valar/models/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+ from . import core, frame, meta, auth, test

valar-1.3.0/src/valar/models/auth.py ADDED Viewed

@@ -0,0 +1,47 @@
+from django.db import models
+from .core import VModel, VTree
+from django.contrib.auth.hashers import check_password
+class Role(VModel):
+    duty = models.TextField(null=True, verbose_name='职责描述')
+    class Meta:
+        verbose_name = '角色'
+class Account(VModel):
+    """账户核心信息"""
+    username = models.CharField(max_length=255, null=True, unique=True, verbose_name='账号')
+    password = models.CharField(max_length=255, verbose_name='密码')
+    email = models.CharField(max_length=255, null=True, unique=True, verbose_name='邮箱')
+    """权限"""
+    is_admin = models.BooleanField(default=False, verbose_name='超级管理员')
+    roles = models.ManyToManyField(Role)
+    """密码找回"""
+    is_active = models.BooleanField(default=False, verbose_name='激活状态')
+    token = models.CharField(max_length=255, null=True, verbose_name='Token')
+    def is_auth(self, password):
+        return password == self.token or check_password(password, self.password)
+    class Meta:
+        verbose_name = '账户信息'
+class Menu(VTree):
+    scope = models.CharField(max_length=100, null=True, verbose_name='域')
+    path = models.CharField(max_length=255, null=True, verbose_name='地址')
+    roles = models.ManyToManyField(Role)
+    is_admin = models.BooleanField(null=True, default=False, verbose_name='超管权限')
+    class Meta:
+        verbose_name = '菜单'
+        unique_together = ('scope', 'path')
+class AbstractUser(VModel):
+    account = models.OneToOneField(Account, null=True, on_delete=models.SET_NULL)
+    class Meta:
+        abstract = True

{valar-1.2.5 → valar-1.3.0}/src/valar/urls.py RENAMED Viewed

@@ -1,7 +1,6 @@
-from django.urls import path
 from .channels.views import handel_channel
-from .views import rest, meta, file
+from .views import rest, meta, file, auth, password
+from django.urls import path
 urlpatterns = [
     path('socket/<str:handler>', handel_channel),
@@ -13,7 +12,6 @@ urlpatterns = [
     path('<str:db>/<str:entity>/update', rest.update),
     path('<str:db>/<str:entity>/search', rest.search),
     path('<str:db>/<str:entity>/values', rest.values),
-    # path('<str:db>/<str:entity>/tree', rest.tree),
     path('<str:db>/<str:entity>/meta_view', meta.meta_view),
     path('metas', meta.metas),
@@ -26,4 +24,12 @@ urlpatterns = [
     path('<str:db>/<str:entity>/save_file', file.save_file),
     path('<str:db>/<str:entity>/remove_file', file.remove_file),
+    path('sign_in', auth.sign_in),
+    path("user_profile", auth.user_profile),
+    path("free_menus", auth.free_menus),
+    path("change_password", password.change_password),
+    path("retrieve_password", password.retrieve_password),
+    path("send_password", password.send_password),
 ]

valar-1.3.0/src/valar/views/__init__.py ADDED Viewed

File without changes

valar-1.3.0/src/valar/views/auth.py ADDED Viewed

@@ -0,0 +1,110 @@
+import datetime
+import json
+import jwt
+from django.conf import settings
+from django.db.models import OneToOneRel
+from django.contrib.auth.hashers import make_password
+from ..auth.Authentication import auth_required
+from ..classes.valar_response import ValarResponse
+from ..dao import Dao
+from ..models.auth import Account, AbstractUser, Menu
+def sign_in(request):
+    body = json.loads(request.body)
+    username = body.get("username")
+    email = body.get("email")
+    password = body.get("password")
+    signin = body.get("signin")
+    dao = Dao('valar.Account')
+    account = dao.search({"username": username}).first()
+    if account is not None:
+        if signin:
+            if not account.is_auth(password):
+                return ValarResponse(False, '密码错误', 'warning', status=400)
+        else:
+            return ValarResponse(False, f"{username}已被占用", 'warning', status=400)
+    else:
+        if signin:
+            return ValarResponse(False, f"{username}不存在", 'warning', status=400)
+        else:
+            if username == 'admin' and password != settings.SECRET_KEY:
+                return ValarResponse(False, "请输入正确的admin密码", 'warning', status=400)
+            else:
+                account = dao.save_one({
+                    "username": username,
+                    "email": email,
+                    "password": make_password(password),
+                    "is_admin": username == 'admin'
+                })
+    return ValarResponse(jwt.encode({
+        "user_id": account.id,
+        "exp": datetime.datetime.utcnow() + datetime.timedelta(minutes=30)
+    }, settings.SECRET_KEY, algorithm="HS256"))
+def free_menus(request):
+    body = json.loads(request.body)
+    scope = body.get("scope", 'admin')
+    menus = Menu.objects.filter(isLeaf=True, scope=scope, is_admin=False, path__isnull=False,
+                                roles__isnull=True).values('path')
+    payload = {
+        "permissions": [m['path'] for m in menus]
+    }
+    token = jwt.encode(payload, settings.SECRET_KEY, algorithm="HS256")
+    return ValarResponse(token)
+@auth_required
+def user_profile(request):
+    body = json.loads(request.body)
+    scope = body.get("scope", 'admin')
+    account_id = request.user_id
+    account = Account.objects.filter(id=account_id).first()
+    if account is None:
+        return ValarResponse(False, f"账户已不存在", 'warning', status=401)
+    user_admin = account.is_admin
+    user_roles = list(account.roles.values('id', 'name'))
+    user_role_keys = [r['id'] for r in user_roles]
+    permissions = []
+    for m in Menu.objects.filter(isLeaf=True, scope=scope):
+        _id = m.path
+        if _id is None:
+            continue
+        if user_admin:
+            permissions.append(_id)
+        else:
+            if not m.is_admin:
+                menu_role_keys = [r['id'] for r in m.roles.all().values('id')]
+                if len(menu_role_keys):
+                    if bool(set(user_role_keys) & set(menu_role_keys)):
+                        permissions.append(_id)
+                else:
+                    permissions.append(_id)
+    payload = {
+        "username": account.username,
+        "roles": user_roles,
+        "is_admin": user_admin,
+        "email": account.email,
+        "is_active": account.is_active,
+        "temporary": account.token is not None,
+        "permissions": permissions
+    }
+    print(permissions)
+    field = (
+        next((field for field in account.get_meta().get_fields()
+              if type(field) == OneToOneRel
+              and issubclass(field.related_model, AbstractUser)), None))
+    if field:
+        accessor = field.get_accessor_name()
+        model = field.related_model
+        entity = f'{model._meta.app_label}.{model.__name__}'
+        payload.update({'user_entity': entity, 'user_accessor': accessor})
+        if hasattr(account, accessor):
+            user = getattr(account, accessor)
+            name = getattr(user, 'name')
+            payload.update({'name': name})
+    token = jwt.encode(payload, settings.SECRET_KEY, algorithm="HS256")
+    return ValarResponse(token)

valar-1.3.0/src/valar/views/password.py ADDED Viewed

@@ -0,0 +1,60 @@
+import json
+import secrets
+from django.contrib.auth.hashers import check_password, make_password
+from ..auth.Authentication import auth_required
+from ..classes.valar_response import ValarResponse
+from ..dao.engine import ValarEngine
+from ..models.auth import Account, AbstractUser
+def send_password(request):
+    body = json.loads(request.body)
+    account_id = body.get('account_id')
+    account = Account.objects.filter(id=account_id).first()
+    return __send__(account)
+def retrieve_password(request):
+    includes = json.loads(request.body)
+    account = Account.objects.filter(**includes).first()
+    account.token = account.token or secrets.token_hex(16)
+    account.save()
+    if account:
+        return __send__(account)
+    else:
+        return ValarResponse(False, '该邮箱未在系统中注册', code='error')
+@auth_required
+def change_password(request):
+    body = json.loads(request.body)
+    old_password = body.get('old_password')
+    new_password = body.get('new_password')
+    account_id = request.user_id
+    account = Account.objects.get(id=account_id)
+    if not account:
+        return ValarResponse(False, '账户不存在', code='error')
+    if not account.is_auth(old_password):
+        return ValarResponse(False, '当前密码错误', code='error')
+    if old_password == new_password:
+        return ValarResponse(False, '新密码不能与当前密码一致', code='error')
+    account.password = make_password(new_password)
+    account.token = None
+    account.save()
+    return ValarResponse(True)
+def __send__(account):
+    if not account:
+        return ValarResponse(False, '账户不存在', code='error')
+    token = account.token
+    if not token:
+        return ValarResponse(False, '未生成临时密码', code='error')
+    email = account.email
+    if not email:
+        return ValarResponse(False, '该账户未登记邮箱信息', code='error')
+    content = f'Your temporary password is {token}, please change it as soon as possible.'
+    ValarEngine().send_email('Retrieve Password', content, email)
+    return ValarResponse(True, '临时密码发送成功', 'success')

{valar-1.2.5 → valar-1.3.0/src/valar.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: valar
-Version: 1.2.5
+Version: 1.3.0
 Summary: valar for morghulis
 Home-page: https://gitee.com/GRIFFIN120/valar_dev
 Author: LYP
@@ -16,6 +16,7 @@ Requires-Dist: pandas==2.2.3
 Requires-Dist: openpyxl==3.1.5
 Requires-Dist: deepmerge~=2.0
 Requires-Dist: minio==7.2.2
+Requires-Dist: PyJWT~=2.10.1
 Dynamic: author
 Dynamic: author-email
 Dynamic: description

{valar-1.2.5 → valar-1.3.0}/src/valar.egg-info/SOURCES.txt RENAMED Viewed

@@ -9,6 +9,9 @@ src/valar.egg-info/SOURCES.txt
 src/valar.egg-info/dependency_links.txt
 src/valar.egg-info/requires.txt
 src/valar.egg-info/top_level.txt
+src/valar/auth/Authentication.py
+src/valar/auth/Middleware.py
+src/valar/auth/__init__.py
 src/valar/channels/__init__.py
 src/valar/channels/consumer.py
 src/valar/channels/counter.py
@@ -39,12 +42,15 @@ src/valar/dao/defaults/field_values_default.py
 src/valar/dao/defaults/view_defaults.py
 src/valar/migrations/__init__.py
 src/valar/models/__init__.py
+src/valar/models/auth.py
 src/valar/models/core.py
 src/valar/models/frame.py
 src/valar/models/meta.py
 src/valar/models/test.py
 src/valar/views/__init__.py
+src/valar/views/auth.py
 src/valar/views/file.py
 src/valar/views/handler.py
 src/valar/views/meta.py
+src/valar/views/password.py
 src/valar/views/rest.py

{valar-1.2.5 → valar-1.3.0}/src/valar.egg-info/requires.txt RENAMED Viewed

@@ -6,3 +6,4 @@ pandas==2.2.3
 openpyxl==3.1.5
 deepmerge~=2.0
 minio==7.2.2
+PyJWT~=2.10.1

valar-1.2.5/src/valar/classes/valar_response.py DELETED Viewed

@@ -1,8 +0,0 @@
-from django.http import JsonResponse
-class ValarResponse(JsonResponse):
-    def __init__(self, data=True, message='', code='info'):
-        self.message = message
-        self.code = code
-        super(ValarResponse, self).__init__(data, safe=False)