feat:CORS

Author: 2412322029

.gitignore

@@ -2,3 +2,5 @@
 /.venv/
 uploads/*
 log/*
+.venv
+.idea

api/adminapi.py

@@ -28,30 +28,46 @@ async def get_admin(current_user: TokenData = Depends(get_current_user)):
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='非管理员')
 
 
-@adminapp.get("/alluser", response_model=list[UserOut | None], dependencies=[Depends(get_admin)])
+@adminapp.get("/alluser",
+              response_model=list[UserOut | None],
+              dependencies=[Depends(get_admin)],
+              summary='查询所有用户信息',
+              description='返回用户信息列表')
 async def alluserinfo(session: Session = Depends(get_session)):
     userlist: list[UserOut | None] = await crud.get_all_user(session=session)
     return userlist
 
 
-@adminapp.get("/is_allow_register", response_model=bool)
+@adminapp.get("/is_allow_register",
+              response_model=bool,
+              summary='返回是否可以注册',
+              description='返回是否可以注册')
 async def is_allow_register():
     return Allow_register
 
 
-@adminapp.get("/is_limiter", response_model=bool)
+@adminapp.get("/is_limiter",
+              response_model=bool,
+              summary='返回是否开启接口频率限制',
+              description='返回bool ')
 async def is_limiter():
     return limiter.enabled
 
 
-@adminapp.put("/allow_register", dependencies=[Depends(get_admin)])
+@adminapp.put("/allow_register",
+              dependencies=[Depends(get_admin)],
+              summary='设置是否允许注册',
+              description='输入bool')
 async def allow_register(allow: bool):
     global Allow_register
     Allow_register = allow
     return '修改成功'
 
 
-@adminapp.put("/set_limiter", dependencies=[Depends(get_admin)])
+@adminapp.put("/set_limiter",
+              dependencies=[Depends(get_admin)],
+              summary='设置是否开启接口频率限制',
+              description='输入bool')
 async def set_limiter(allow: bool):
     limiter.enabled = allow
     if allow:
@@ -60,6 +76,8 @@ async def set_limiter(allow: bool):
         return '关闭限制'
 
 
-@adminapp.delete("/deleteuser")
+@adminapp.delete("/deleteuser",
+                summary = '删除用户',
+                description = '根据用户名')
 async def deleteuser(username, session: Session = Depends(get_session), current_admin=Depends(get_admin)):
     return await crud.delete_user(session=session, username=username)

api/postapi.py

@@ -9,6 +9,7 @@
 postapp = APIRouter()
 
 
-@postapp.get("/test")
+@postapp.get("/test",
+             summary='测试')
 async def userinfo(session: Session = Depends(get_session), current_user: TokenData = Depends(get_current_user)):
     return current_user

api/userapi.py

@@ -19,7 +19,10 @@
 userapp = APIRouter()
 
 
-@userapp.post("/token", response_model=Token)
+@userapp.post("/token",
+              response_model=Token,
+              summary='登录返回获取token',
+              description='5 pre minute')
 @limiter.limit(limit_value="5/minute")
 async def login_for_access_token(request: Request, form_data: OAuth2PasswordRequestForm = Depends(),
                                  session: AsyncSession = Depends(get_session)):
@@ -38,7 +41,7 @@ async def login_for_access_token(request: Request, form_data: OAuth2PasswordRequ
     return {"access_token": access_token, "token_type": "bearer"}
 
 
-@userapp.post("/register", description='用户注册', response_model=RegisterSuccess)
+@userapp.post("/register", summary='用户注册', response_model=RegisterSuccess)
 @limiter.limit(limit_value="5/minute")
 async def register(request: Request, user_in: UserCreate, session: AsyncSession = Depends(get_session)):
     if get_is_Allow_register():
@@ -49,7 +52,9 @@ async def register(request: Request, user_in: UserCreate, session: AsyncSession
         raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail='不允许注册')
 
 
-@userapp.get("/pubInfo", response_model=PubUserInfo)
+@userapp.get("/pubInfo",
+             response_model=PubUserInfo,
+             summary='返回用户公开信息')
 @limiter.limit(limit_value="10/minute")
 async def publish_user_info(
         request: Request,
@@ -63,7 +68,9 @@ async def publish_user_info(
         raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=f'user:{username} not found')
 
 
-@userapp.get("/info", response_model=UserOut)
+@userapp.get("/info",
+             response_model=UserOut,
+             summary='返回当前登录用户信息')
 async def userinfo(session: AsyncSession = Depends(get_session), current_user: TokenData = Depends(get_current_user)):
     user = await crud.findUser_by_name(session, current_user.username)
     if user is not None:
@@ -72,7 +79,9 @@ async def userinfo(session: AsyncSession = Depends(get_session), current_user: T
         raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=f'user:{current_user.username} not found')
 
 
-@userapp.put("/update_username", response_model=UpdateSuccess)
+@userapp.put("/update_username",
+             response_model=UpdateSuccess,
+             summary='更新用户名')
 async def update_username(old_password: str, username_new: str,
                           session: AsyncSession = Depends(get_session),
                           current_user: TokenData = Depends(get_current_user)):
@@ -84,7 +93,9 @@ async def update_username(old_password: str, username_new: str,
     return r
 
 
-@userapp.put("/update_password", response_model=UpdateSuccess)
+@userapp.put("/update_password",
+             response_model=UpdateSuccess,
+             summary='更新密码')
 async def update_password(old_password: str, password_new: str,
                           session: AsyncSession = Depends(get_session),
                           current_user: TokenData = Depends(get_current_user)):
@@ -96,7 +107,9 @@ async def update_password(old_password: str, password_new: str,
     return r
 
 
-@userapp.put("/update_avatar", response_model=UploadSuccess)
+@userapp.put("/update_avatar",
+             response_model=UploadSuccess,
+             summary='更新用户头像')
 @limiter.limit(limit_value="5/minute")
 async def update_username(request: Request, avatar_new: UploadFile, session: AsyncSession = Depends(get_session),
                           current_user: TokenData = Depends(get_current_user)):
@@ -105,7 +118,10 @@ async def update_username(request: Request, avatar_new: UploadFile, session: Asy
     return r
 
 
-@userapp.post("/upload_file/", response_model=UploadSuccess, dependencies=[Depends(get_current_user)])
+@userapp.post("/upload_file/",
+              response_model=UploadSuccess,
+              dependencies=[Depends(get_current_user)],
+             summary='图片文件上传')
 @limiter.limit(limit_value="5/minute")
 async def create_upload_file(request: Request, file: UploadFile):
     return await upload(file)

app.py

@@ -1,5 +1,6 @@
 import uvicorn
 from fastapi import FastAPI
+from fastapi.middleware.cors import CORSMiddleware
 from uvicorn.config import LOGGING_CONFIG
 
 from api.adminapi import adminapp
@@ -11,33 +12,30 @@
 app = FastAPI(
     title='api docs',
     version='1.0',
-    description='接口文档'
 )
 
-
-@app.on_event("startup")
-async def startup():
-    ...
-
-
-@app.on_event("shutdown")
-async def shutdown():
-    ...
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=Config['allow_origins'],
+    allow_origin_regex=Config['allow_origin_regex'],
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
 
 
 app.include_router(userapp, prefix='/api/user', tags=['用户'])
 app.include_router(adminapp, prefix='/api/admin', tags=['管理员'])
 app.include_router(postapp, prefix='/api/post', tags=['post'])
 
-log_cfg = my_LOGGING_CONFIG if Config['Development'] else LOGGING_CONFIG
-
+log_cfg = LOGGING_CONFIG if Config['Development'] else my_LOGGING_CONFIG  # Development 输出到终端
 
 if __name__ == '__main__':
+    print('后台运行: nohup python3 app.py > ./log/output.log 2>&1 &\n')
     c = Config["uvicorn"]
     uvicorn.run(app='app:app',
                 host=c["host"],
                 port=c["port"],
                 reload=Config['Development'],
                 workers=c['workers'],
-                log_config=log_cfg,
+                # log_config=log_cfg,
                 )

config.yaml

@@ -1,5 +1,15 @@
 # 开发模式输出更多信息
 Development: true
+#Development: false
+
+# 跨域规则
+allow_origins:
+    - '*'
+    - 'http://127.0.0.0:8000'
+
+# 匹配一个字符串
+allow_origin_regex: 'https://.*\.unrun\.top'
+
 # mysql数据库信息
 databases:
     host: 127.0.0.1
@@ -15,14 +25,18 @@ uvicorn:
     # 使用多个工作进程
     workers: 1
 
+
 # token密钥
 SECRET_KEY: "b7a9563b93f709f4caa6cf63be75e094faa9d288e8d36ca259f6f056c818166"
+
 ALGORITHM: "HS256"
+
 # token过期时间
 ACCESS_TOKEN_EXPIRE_MINUTES: 1440
 
 # 默认管理员
 Default_Administrator: 'admin'
+
 # 默认密码
 Default_Passwd: 'nHYjlSm773RlLq'
 

config/__init__.py

@@ -1,16 +1,8 @@
-import logging
 import os
 import yaml
 
 with open(os.path.join(os.path.dirname(__file__), '..', 'config.yaml'), 'r', encoding='utf8') as f:
     Config = yaml.safe_load(f)
 
-if Config['Development'] is False:
-    logging.basicConfig()
-    handler = logging.FileHandler('./log/sqlalchemy.log')
-    handler.setLevel(logging.INFO)
-    handler.setFormatter(logging.Formatter('%(levelname)s [%(asctime)s] - %(name)s - %(message)s'))
-    logging.getLogger('sqlalchemy.engine').addHandler(handler)
-
 if __name__ == '__main__':
     print(Config)

sql/database.py

@@ -8,12 +8,12 @@
 DATABASE_URL = f'mysql+aiomysql://{d["username"]}:{d["password"]}@{d["host"]}:{d["port"]}/{d["dbname"]}'
 engine = create_async_engine(
     DATABASE_URL,
-    echo=True,
     hide_parameters=True,
     connect_args={'charset': 'utf8mb4'}
 )
 engine.echo = 'debug' if Config['Development'] else True
-# engine.echo = False
+engine.echo = False
+
 async_session = async_sessionmaker(bind=engine, expire_on_commit=False, class_=AsyncSession)
 Base = declarative_base()