web-counter 0.1.0__py3-none-any.whl

web_counter/__init__.py

@@ -0,0 +1 @@
+"""web-counter: A self-hosted website visit counter."""

web_counter/auth.py

@@ -0,0 +1,44 @@
+"""Authentication: bcrypt password hashing and session management."""
+
+import secrets
+import time
+
+import bcrypt
+
+# In-memory session store: token -> {"username": str, "created_at": float}
+_sessions: dict[str, dict] = {}
+
+SESSION_MAX_AGE = 86400  # 24 hours
+
+
+def hash_password(password: str) -> str:
+    """Hash a password with bcrypt."""
+    return bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt()).decode("utf-8")
+
+
+def verify_password(password: str, password_hash: str) -> bool:
+    """Verify a password against its bcrypt hash."""
+    return bcrypt.checkpw(password.encode("utf-8"), password_hash.encode("utf-8"))
+
+
+def create_session(username: str) -> str:
+    """Create a new session token for the given username."""
+    token = secrets.token_hex(32)
+    _sessions[token] = {"username": username, "created_at": time.time()}
+    return token
+
+
+def validate_session(token: str) -> str | None:
+    """Validate a session token. Returns username if valid, None otherwise."""
+    if token not in _sessions:
+        return None
+    session = _sessions[token]
+    if time.time() - session["created_at"] > SESSION_MAX_AGE:
+        del _sessions[token]
+        return None
+    return session["username"]
+
+
+def destroy_session(token: str):
+    """Destroy a session token."""
+    _sessions.pop(token, None)

web_counter/cli.py

@@ -0,0 +1,249 @@
+"""CLI: start, restart, stop, createsuperuser, export-js."""
+
+import argparse
+import asyncio
+import os
+import signal
+import subprocess
+import sys
+import time
+from pathlib import Path
+
+
+def _read_pid(pid_file: str) -> int | None:
+    """Read PID from file."""
+    try:
+        with open(pid_file, "r") as f:
+            return int(f.read().strip())
+    except (FileNotFoundError, ValueError):
+        return None
+
+
+def _is_running(pid: int | None) -> bool:
+    """Check if a process with given PID is running."""
+    if pid is None:
+        return False
+    try:
+        os.kill(pid, 0)
+        return True
+    except OSError:
+        return False
+
+
+def start_command(args):
+    """Start the web-counter server in the background."""
+    from .config import Config
+
+    config = Config(
+        salt=args.salt,
+        host=args.host,
+        port=args.port,
+        db_path=args.db_path,
+        pid_file=args.pid_file,
+        allowed_origins=args.allowed_origins,
+        rate_limit=args.rate_limit,
+    )
+    config.validate()
+
+    # Check if already running
+    pid = _read_pid(config.pid_file)
+    if _is_running(pid):
+        print(f"✗ web-counter 已在运行中 (PID: {pid})")
+        sys.exit(1)
+
+    # Ensure data directory exists
+    Path(config.db_path).parent.mkdir(parents=True, exist_ok=True)
+    Path(config.pid_file).parent.mkdir(parents=True, exist_ok=True)
+
+    # Build command
+    cmd = [
+        sys.executable, "-m", "uvicorn", "web_counter.main:app",
+        "--host", config.host,
+        "--port", str(config.port),
+        "--log-level", "info",
+    ]
+
+    # Set environment variables for the subprocess
+    env = os.environ.copy()
+    env["COUNTER_SALT"] = config.salt
+    env["COUNTER_HOST"] = config.host
+    env["COUNTER_PORT"] = str(config.port)
+    env["COUNTER_DB_PATH"] = config.db_path
+    env["COUNTER_PID_FILE"] = config.pid_file
+    env["COUNTER_ALLOWED_ORIGINS"] = config.allowed_origins
+    env["COUNTER_RATE_LIMIT"] = str(config.rate_limit)
+
+    # Start process (background)
+    proc = subprocess.Popen(
+        cmd,
+        env=env,
+        stdout=subprocess.DEVNULL,
+        stderr=subprocess.DEVNULL,
+        creationflags=subprocess.CREATE_NO_WINDOW if sys.platform == "win32" else 0,
+    )
+
+    # Write PID file
+    with open(config.pid_file, "w") as f:
+        f.write(str(proc.pid))
+
+    origin = f"http://{config.host}:{config.port}"
+    print(f"✓ web-counter 已启动，监听 {origin}")
+    print()
+    print("---------- 复制以下代码到网页 </body> 前 ----------")
+    print()
+    print(f'<script async src="{origin}/counter.js"></script>')
+    print()
+    print('<span style="display:none" class="counter-container" data-counter-style="card">')
+    print("  本站访问次数 <span data-pv-site></span> 次 ·")
+    print("  今日访问量 <span data-pv-today></span> 次 ·")
+    print("  今日访客 <span data-uv-today></span> 人 ·")
+    print("  总访问量 <span data-pv-site></span> 次 ·")
+    print("  总访客 <span data-uv-site></span> 人")
+    print("</span>")
+    print()
+    print("------------------------------------------------------")
+
+
+def stop_command(args):
+    """Stop the running web-counter server."""
+    from .config import Config
+
+    config = Config(pid_file=args.pid_file)
+
+    pid = _read_pid(config.pid_file)
+    if not _is_running(pid):
+        print("✗ web-counter 未在运行")
+        if Path(config.pid_file).exists():
+            Path(config.pid_file).unlink()
+        sys.exit(1)
+
+    # Send SIGTERM for graceful shutdown
+    os.kill(pid, signal.SIGTERM)
+
+    # Wait for process to exit (max 10 seconds)
+    for _ in range(100):
+        if not _is_running(pid):
+            break
+        time.sleep(0.1)
+
+    if _is_running(pid):
+        print(f"✗ 无法停止进程 (PID: {pid})，尝试强制终止...")
+        try:
+            os.kill(pid, signal.SIGKILL)
+        except OSError:
+            pass
+        time.sleep(0.5)
+
+    # Clean up PID file
+    if Path(config.pid_file).exists():
+        Path(config.pid_file).unlink()
+
+    print("✓ web-counter 已停止")
+
+
+def restart_command(args):
+    """Restart the web-counter server."""
+    print("正在重启 web-counter...")
+    stop_command(args)
+    start_command(args)
+
+
+def createsuperuser_command(args):
+    """Create an admin user interactively."""
+    from .config import Config
+    from .database import init_db, create_admin
+    from .auth import hash_password
+
+    config = Config(
+        salt="dummy",
+        db_path=args.db_path,
+    )
+
+    username = input("Username: ").strip()
+    if not username:
+        print("✗ 用户名不能为空")
+        sys.exit(1)
+
+    password = input("Password: ").strip()
+    if not password:
+        print("✗ 密码不能为空")
+        sys.exit(1)
+
+    confirm = input("Confirm password: ").strip()
+    if password != confirm:
+        print("✗ 两次输入的密码不一致")
+        sys.exit(1)
+
+    async def _create():
+        await init_db(config.db_path)
+        password_hash = hash_password(password)
+        await create_admin(config.db_path, username, password_hash)
+
+    asyncio.run(_create())
+    print(f"✓ 管理员 {username} 创建成功")
+
+
+def export_js_command(args):
+    """Export counter.js to stdout."""
+    js_path = Path(__file__).parent / "static" / "counter.js"
+    print(js_path.read_text(encoding="utf-8"))
+
+
+def main():
+    """CLI entry point."""
+    parser = argparse.ArgumentParser(
+        prog="web-counter",
+        description="A self-hosted website visit counter",
+    )
+    subparsers = parser.add_subparsers(dest="command", help="Available commands")
+
+    # start
+    p = subparsers.add_parser("start", help="Start the server in background")
+    p.add_argument("--salt", default=None, help="IP hash salt (required)")
+    p.add_argument("--host", default=None, help="Listen address (default: 0.0.0.0)")
+    p.add_argument("--port", type=int, default=None, help="Listen port (default: 8000)")
+    p.add_argument("--db-path", default=None, help="SQLite database path")
+    p.add_argument("--pid-file", default=None, help="PID file path")
+    p.add_argument("--allowed-origins", default=None, help="CORS allowed origins")
+    p.add_argument("--rate-limit", type=int, default=None, help="Rate limit per IP per minute")
+
+    # restart
+    p = subparsers.add_parser("restart", help="Restart the server")
+    p.add_argument("--salt", default=None, help="IP hash salt")
+    p.add_argument("--host", default=None, help="Listen address")
+    p.add_argument("--port", type=int, default=None, help="Listen port")
+    p.add_argument("--db-path", default=None, help="SQLite database path")
+    p.add_argument("--pid-file", default=None, help="PID file path")
+    p.add_argument("--allowed-origins", default=None, help="CORS allowed origins")
+    p.add_argument("--rate-limit", type=int, default=None, help="Rate limit per IP per minute")
+
+    # stop
+    p = subparsers.add_parser("stop", help="Stop the server")
+    p.add_argument("--pid-file", default=None, help="PID file path")
+
+    # createsuperuser
+    p = subparsers.add_parser("createsuperuser", help="Create an admin user")
+    p.add_argument("--db-path", default=None, help="SQLite database path")
+
+    # export-js
+    subparsers.add_parser("export-js", help="Export counter.js to stdout")
+
+    args = parser.parse_args()
+
+    if args.command == "start":
+        start_command(args)
+    elif args.command == "restart":
+        restart_command(args)
+    elif args.command == "stop":
+        stop_command(args)
+    elif args.command == "createsuperuser":
+        createsuperuser_command(args)
+    elif args.command == "export-js":
+        export_js_command(args)
+    else:
+        parser.print_help()
+        sys.exit(1)
+
+
+if __name__ == "__main__":
+    main()

web_counter/config.py

@@ -0,0 +1,48 @@
+"""Configuration management.
+
+Priority (highest to lowest): CLI arguments > environment variables > .env file.
+"""
+
+import os
+from pathlib import Path
+
+
+def _load_dotenv():
+    """Load .env file from current working directory if it exists."""
+    env_path = Path.cwd() / ".env"
+    if not env_path.exists():
+        return
+    with open(env_path, "r", encoding="utf-8") as f:
+        for line in f:
+            line = line.strip()
+            if not line or line.startswith("#") or "=" not in line:
+                continue
+            key, _, value = line.partition("=")
+            key = key.strip()
+            value = value.strip().strip('"').strip("'")
+            if key and key not in os.environ:
+                os.environ[key] = value
+
+
+_load_dotenv()
+
+
+class Config:
+    """Application configuration."""
+
+    def __init__(self, **kwargs):
+        self.salt = kwargs.get("salt") or os.environ.get("COUNTER_SALT", "")
+        self.host = kwargs.get("host") or os.environ.get("COUNTER_HOST", "0.0.0.0")
+        self.port = int(kwargs.get("port") or os.environ.get("COUNTER_PORT", "8000"))
+        self.db_path = kwargs.get("db_path") or os.environ.get("COUNTER_DB_PATH", "./data/counter.db")
+        self.pid_file = kwargs.get("pid_file") or os.environ.get("COUNTER_PID_FILE", "./data/counter.pid")
+        self.allowed_origins = kwargs.get("allowed_origins") or os.environ.get("COUNTER_ALLOWED_ORIGINS", "*")
+        self.rate_limit = int(kwargs.get("rate_limit") or os.environ.get("COUNTER_RATE_LIMIT", "60"))
+
+    def validate(self):
+        """Validate required configuration."""
+        if not self.salt:
+            raise ValueError(
+                "COUNTER_SALT is required. Set it via --salt, COUNTER_SALT env var, "
+                "or .env file.\nGenerate one with: openssl rand -hex 16"
+            )

web_counter/dashboard.py

@@ -0,0 +1,293 @@
+"""Dashboard and login page server-rendered HTML."""
+
+import json
+
+
+def get_login_html(error: str = "") -> str:
+    """Return the login page HTML."""
+    error_html = f'<p style="color:#e74c3c;text-align:center;margin-bottom:16px;">{error}</p>' if error else ""
+    return f"""<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>web-counter - Login</title>
+<style>
+  * {{ margin:0; padding:0; box-sizing:border-box; }}
+  body {{
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+    background: #f5f5f5;
+    display: flex; align-items: center; justify-content: center;
+    min-height: 100vh;
+  }}
+  .login-box {{
+    background: #fff; border-radius: 8px; box-shadow: 0 2px 12px rgba(0,0,0,0.08);
+    padding: 40px; width: 360px; max-width: 90vw;
+  }}
+  h1 {{ text-align:center; font-size:20px; margin-bottom:24px; color:#333; }}
+  label {{ display:block; font-size:14px; color:#666; margin-bottom:6px; }}
+  input[type="text"], input[type="password"] {{
+    width:100%; padding:10px 12px; border:1px solid #ddd; border-radius:4px;
+    font-size:14px; margin-bottom:16px; outline:none;
+  }}
+  input:focus {{ border-color:#4a90d9; }}
+  button {{
+    width:100%; padding:10px; background:#4a90d9; color:#fff; border:none;
+    border-radius:4px; font-size:15px; cursor:pointer;
+  }}
+  button:hover {{ background:#357abd; }}
+</style>
+</head>
+<body>
+<div class="login-box">
+  <h1>web-counter 管理后台</h1>
+  {error_html}
+  <form method="POST" action="/dashboard">
+    <label for="username">用户名</label>
+    <input type="text" id="username" name="username" required autofocus>
+    <label for="password">密码</label>
+    <input type="password" id="password" name="password" required>
+    <button type="submit">登 录</button>
+  </form>
+</div>
+</body>
+</html>"""
+
+
+def get_dashboard_html(
+    today_pv: int = 0,
+    today_uv: int = 0,
+    site_pv: int = 0,
+    site_uv: int = 0,
+    offsets: dict | None = None,
+    daily_stats: list | None = None,
+) -> str:
+    """Return the dashboard page HTML with embedded data."""
+    if offsets is None:
+        offsets = {}
+    if daily_stats is None:
+        daily_stats = []
+
+    stats_json = json.dumps({
+        "today_pv": today_pv,
+        "today_uv": today_uv,
+        "site_pv": site_pv,
+        "site_uv": site_uv,
+        "offsets": offsets,
+        "daily": daily_stats,
+    })
+
+    return f"""<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>web-counter - Dashboard</title>
+<script src="https://cdn.jsdelivr.net/npm/chart.js@4.4.0/dist/chart.umd.min.js"></script>
+<style>
+  * {{ margin:0; padding:0; box-sizing:border-box; }}
+  body {{
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+    background: #f5f5f5; color:#333;
+  }}
+  .header {{
+    background:#fff; border-bottom:1px solid #e0e0e0; padding:12px 24px;
+    display:flex; align-items:center; justify-content:space-between;
+  }}
+  .header h1 {{ font-size:18px; }}
+  .header a {{ color:#e74c3c; text-decoration:none; font-size:14px; }}
+  .container {{ max-width:960px; margin:0 auto; padding:24px; }}
+  .cards {{ display:grid; grid-template-columns:repeat(auto-fit,minmax(200px,1fr)); gap:16px; margin-bottom:24px; }}
+  .card {{
+    background:#fff; border-radius:8px; box-shadow:0 1px 4px rgba(0,0,0,0.06);
+    padding:20px;
+  }}
+  .card .label {{ font-size:13px; color:#999; margin-bottom:8px; }}
+  .card .value {{ font-size:28px; font-weight:600; }}
+  .card.today {{ border-left:3px solid #4a90d9; }}
+  .card.site {{ border-left:3px solid #27ae60; }}
+  .section {{ background:#fff; border-radius:8px; box-shadow:0 1px 4px rgba(0,0,0,0.06); padding:20px; margin-bottom:24px; }}
+  .section h2 {{ font-size:16px; margin-bottom:16px; color:#333; }}
+  .chart-wrap {{ position:relative; width:100%; height:300px; }}
+  form.manage {{ display:flex; flex-direction:column; gap:12px; }}
+  .row {{ display:flex; gap:12px; align-items:flex-end; flex-wrap:wrap; }}
+  .field {{ display:flex; flex-direction:column; gap:4px; }}
+  .field label {{ font-size:13px; color:#666; }}
+  .field input, .field select {{
+    padding:8px 10px; border:1px solid #ddd; border-radius:4px; font-size:14px;
+  }}
+  button.btn {{
+    padding:8px 16px; border:none; border-radius:4px; font-size:14px; cursor:pointer; color:#fff;
+  }}
+  .btn-primary {{ background:#4a90d9; }}
+  .btn-danger {{ background:#e74c3c; }}
+  .btn-primary:hover {{ background:#357abd; }}
+  .btn-danger:hover {{ background:#c0392b; }}
+  pre {{ background:#f8f8f8; border:1px solid #eee; border-radius:4px; padding:16px; font-size:13px; overflow-x:auto; white-space:pre-wrap; word-break:break-all; }}
+  .toast {{ position:fixed; top:20px; right:20px; padding:12px 20px; border-radius:4px; color:#fff; font-size:14px; z-index:999; display:none; }}
+  .toast.success {{ background:#27ae60; }}
+  .toast.error {{ background:#e74c3c; }}
+</style>
+</head>
+<body>
+<div class="header">
+  <h1>web-counter 统计看板</h1>
+  <a href="#" onclick="logout();return false;">退出登录</a>
+</div>
+<div class="container">
+  <div class="cards">
+    <div class="card today"><div class="label">今日 PV</div><div class="value" id="todayPv">{today_pv}</div></div>
+    <div class="card today"><div class="label">今日 UV</div><div class="value" id="todayUv">{today_uv}</div></div>
+    <div class="card site"><div class="label">累计 PV</div><div class="value" id="sitePv">{site_pv}</div></div>
+    <div class="card site"><div class="label">累计 UV</div><div class="value" id="siteUv">{site_uv}</div></div>
+  </div>
+
+  <div class="section">
+    <h2>30 天趋势</h2>
+    <div class="chart-wrap"><canvas id="trendChart"></canvas></div>
+  </div>
+
+  <div class="section">
+    <h2>接入代码</h2>
+    <p style="font-size:13px;color:#666;margin-bottom:8px;">将以下代码复制到网页 &lt;/body&gt; 前即可接入统计：</p>
+    <pre id="embedCode">&lt;script async src="{_get_origin()}/counter.js"&gt;&lt;/script&gt;
+
+&lt;span style="display:none" class="counter-container" data-counter-style="card"&gt;
+  本站访问次数 &lt;span data-pv-site&gt;&lt;/span&gt; 次 ·
+  今日访问量 &lt;span data-pv-today&gt;&lt;/span&gt; 次 ·
+  今日访客 &lt;span data-uv-today&gt;&lt;/span&gt; 人 ·
+  总访客 &lt;span data-uv-site&gt;&lt;/span&gt; 人
+&lt;/span&gt;</pre>
+  </div>
+
+  <div class="section">
+    <h2>数据重置</h2>
+    <form class="manage" id="resetForm" onsubmit="resetData(event)">
+      <div class="row">
+        <div class="field">
+          <label>重置范围</label>
+          <select id="resetScope">
+            <option value="today">今日数据</option>
+            <option value="all">全部数据 (不可逆)</option>
+            <option value="page">指定页面</option>
+          </select>
+        </div>
+        <div class="field" id="resetPathField" style="display:none;">
+          <label>页面路径</label>
+          <input type="text" id="resetPath" placeholder="/blog/hello">
+        </div>
+        <button type="submit" class="btn btn-danger">执行重置</button>
+      </div>
+    </form>
+  </div>
+
+  <div class="section">
+    <h2>起始值设置</h2>
+    <form class="manage" id="offsetForm" onsubmit="setOffset(event)">
+      <div class="row">
+        <div class="field"><label>累计 PV 起始值</label><input type="number" id="offsetSitePv" value="{offsets.get('site_pv', 0)}"></div>
+        <div class="field"><label>累计 UV 起始值</label><input type="number" id="offsetSiteUv" value="{offsets.get('site_uv', 0)}"></div>
+        <button type="submit" class="btn btn-primary">保存起始值</button>
+      </div>
+    </form>
+  </div>
+</div>
+
+<div class="toast" id="toast"></div>
+
+<script>
+  var INITIAL_DATA = {stats_json};
+
+  function fmt(n) {{ return n.toString().replace(/\\B(?=(\\d{{3}})+(?!\\d))/g, ','); }}
+
+  // Trend chart
+  (function() {{
+    var daily = INITIAL_DATA.daily || [];
+    var labels = daily.map(function(d) {{ return d.date.slice(5); }});
+    var pvData = daily.map(function(d) {{ return d.pv; }});
+    var uvData = daily.map(function(d) {{ return d.uv; }});
+
+    new Chart(document.getElementById('trendChart'), {{
+      type: 'line',
+      data: {{
+        labels: labels,
+        datasets: [
+          {{ label: 'PV', data: pvData, borderColor: '#4a90d9', tension:0.3, pointRadius:1 }},
+          {{ label: 'UV', data: uvData, borderColor: '#27ae60', tension:0.3, pointRadius:1 }}
+        ]
+      }},
+      options: {{
+        responsive:true, maintainAspectRatio:false,
+        scales: {{ y: {{ beginAtZero:true, ticks:{{precision:0}} }} }}
+      }}
+    }});
+  }})();
+
+  // Show/hide path field for page reset
+  document.getElementById('resetScope').addEventListener('change', function() {{
+    document.getElementById('resetPathField').style.display = this.value === 'page' ? '' : 'none';
+  }});
+
+  function toast(msg, type) {{
+    var t = document.getElementById('toast');
+    t.textContent = msg;
+    t.className = 'toast ' + (type || 'success');
+    t.style.display = 'block';
+    setTimeout(function() {{ t.style.display = 'none'; }}, 3000);
+  }}
+
+  async function resetData(e) {{
+    e.preventDefault();
+    var scope = document.getElementById('resetScope').value;
+    var body = {{scope: scope}};
+    if (scope === 'page') body.path = document.getElementById('resetPath').value;
+    if (scope === 'all' && !confirm('确定要删除全部数据吗？此操作不可逆！')) return;
+    var resp = await fetch('/api/admin/reset', {{
+      method:'POST', headers:{{'Content-Type':'application/json'}}, body:JSON.stringify(body)
+    }});
+    if (resp.ok) {{ toast('重置成功'); setTimeout(function(){{ location.reload(); }}, 500); }}
+    else toast('重置失败: ' + (await resp.text()), 'error');
+  }}
+
+  async function setOffset(e) {{
+    e.preventDefault();
+    var body = {{
+      site_pv: parseInt(document.getElementById('offsetSitePv').value) || 0,
+      site_uv: parseInt(document.getElementById('offsetSiteUv').value) || 0,
+    }};
+    var resp = await fetch('/api/admin/offset', {{
+      method:'POST', headers:{{'Content-Type':'application/json'}}, body:JSON.stringify(body)
+    }});
+    if (resp.ok) {{ toast('起始值已保存'); setTimeout(function(){{ location.reload(); }}, 500); }}
+    else toast('保存失败: ' + (await resp.text()), 'error');
+  }}
+
+  async function logout() {{
+    await fetch('/api/admin/logout', {{method:'POST'}});
+    location.reload();
+  }}
+
+  // Auto-refresh every 30s
+  setInterval(function() {{
+    fetch('/api/count').then(function(r){{ return r.json(); }}).then(function(d) {{
+      document.getElementById('todayPv').textContent = fmt(d.today_pv);
+      document.getElementById('todayUv').textContent = fmt(d.today_uv);
+      document.getElementById('sitePv').textContent = fmt(d.site_pv);
+      document.getElementById('siteUv').textContent = fmt(d.site_uv);
+    }}).catch(function(){{}});
+  }}, 30000);
+</script>
+</body>
+</html>"""
+
+
+def _get_origin() -> str:
+    """Get the origin from environment for embed code display."""
+    import os
+    host = os.environ.get("COUNTER_HOST", "0.0.0.0")
+    port = os.environ.get("COUNTER_PORT", "8000")
+    if host == "0.0.0.0":
+        host = "your-domain.com"
+    if port == "80" or port == "443":
+        return f"http://{host}"
+    return f"http://{host}:{port}"