PowLu/RuoYi-Vue3-FastAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: PowLu:v1.0.2
Branches Tags
PowLu:master PowLu:develop
PowLu:v1.6.2 PowLu:v1.6.1 PowLu:v1.6.0 PowLu:v1.5.1 PowLu:v1.5.0 PowLu:v1.4.0 PowLu:v1.3.3 PowLu:v1.3.2 PowLu:v1.3.1 PowLu:v1.3.0 PowLu:v1.2.2 PowLu:v1.2.1 PowLu:v1.2.0 PowLu:v1.1.3 PowLu:v1.1.2 PowLu:v1.1.1 PowLu:v1.1.0 PowLu:v1.0.3 PowLu:v1.0.2 PowLu:v1.0.1 PowLu:v1.0.0
..
compare: PowLu:v1.1.0
Branches Tags
PowLu:master PowLu:develop
PowLu:v1.6.2 PowLu:v1.6.1 PowLu:v1.6.0 PowLu:v1.5.1 PowLu:v1.5.0 PowLu:v1.4.0 PowLu:v1.3.3 PowLu:v1.3.2 PowLu:v1.3.1 PowLu:v1.3.0 PowLu:v1.2.2 PowLu:v1.2.1 PowLu:v1.2.0 PowLu:v1.1.3 PowLu:v1.1.2 PowLu:v1.1.1 PowLu:v1.1.0 PowLu:v1.0.3 PowLu:v1.0.2 PowLu:v1.0.1 PowLu:v1.0.0

14 Commits
v1.0.2 ... v1.1.0

Author SHA1 Message Date
insistence
2bade4d6c9 !7 RuoYi-Vue3-FastAPI v1.1.0 
Merge pull request !7 from insistence/develop
 2024-04-02 03:08:22 +00:00
insistence
a06c9f17d6 docs: 更新README文档 2024-04-02 10:47:48 +08:00
insistence
3654f4d88b chore: 升级版本至1.1.0 2024-04-02 10:45:44 +08:00
insistence
38aca38d4d feat: 后端配置文件新增账号同时登录开关配置 2024-04-02 10:42:07 +08:00
insistence
a57d737261 feat: 后端配置文件新增IP归属区域查询开关配置 2024-04-02 09:52:07 +08:00
insistence
84f56da523 feat: 后端配置文件新增sqlalchemy日志开关配置 2024-04-02 09:50:38 +08:00
insistence
f73a00e73c fix: 修复系统版本号或浏览器版本号无法获取时登录异常的问题 #I9CYNM 2024-04-01 09:56:22 +08:00
insistence
a84ad47de4 fix: 修复token本身过期时退出登录接口异常的问题 #I9CBWT 2024-03-29 11:08:00 +08:00
insistence
303612eed9 !6 RuoYi-Vue3-FastAPI v1.0.3 
Merge pull request !6 from insistence/develop
 2024-03-04 08:50:19 +00:00
insistence
dcb1f4d13c docs: 更新README文档 2024-03-04 15:50:48 +08:00
insistence
44ddc8c3a8 chore: 升级版本至1.0.3 2024-03-04 15:50:09 +08:00
insistence
70f6f8a471 fix: 修复添加和编辑菜单页面中是否缓存和是否外链字段回显异常的问题 #I95KBK 2024-03-04 15:49:45 +08:00
insistence
2a45df71cd fix: 修复外链菜单无法打开的问题 #I95KBK 2024-03-04 15:49:05 +08:00
insistence
eabeb705c4 feat: 账号密码登录新增IP黑名单校验 2024-03-04 15:47:13 +08:00
14 changed files with 187 additions and 141 deletions
Expand all files Collapse all files

8
README.md
View File

@@ -1,12 +1,12 @@
<p align="center">
<img alt="logo" src="https://oscimg.oschina.net/oscnet/up-d3d0a9303e11d522a06cd263f3079027715.png">
</p>
<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">RuoYi-Vue3-FastAPI v1.0.2</h1>
<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">RuoYi-Vue3-FastAPI v1.1.0</h1>
<h4 align="center">基于RuoYi-Vue3+FastAPI前后端分离的快速开发框架</h4>
<p align="center">
<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/stargazers"><img src="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/badge/star.svg?theme=dark"></a>
<a href="https://github.com/insistence/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/github/stars/insistence/RuoYi-Vue3-FastAPI?style=social"></a>
<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/badge/RuoYiVue3FastAPI-v1.0.2-brightgreen.svg"></a>
<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/badge/RuoYiVue3FastAPI-v1.1.0-brightgreen.svg"></a>
<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/blob/master/LICENSE"><img src="https://img.shields.io/github/license/mashape/apistatus.svg"></a>
<img src="https://img.shields.io/badge/python-≥3.8-blue">
<img src="https://img.shields.io/badge/MySQL-≥5.7-blue">
@@ -14,9 +14,11 @@
## 平台简介
RuoYi-Vue-FastAPI是一套全部开源的快速开发平台毫无保留给个人及企业免费使用。
RuoYi-Vue3-FastAPI是一套全部开源的快速开发平台毫无保留给个人及企业免费使用。
* 前端采用Vue、Element Plus基于<u>[RuoYi-Vue3](https://github.com/yangzongzhuan/RuoYi-Vue3)</u>前端项目修改。
* 后端采用FastAPI、sqlalchemy、MySQL、Redis、OAuth2 & Jwt。

10
ruoyi-fastapi-backend/.env.dev
View File

@@ -2,7 +2,7 @@
# 应用运行环境
APP_ENV = 'dev'
# 应用名称
APP_NAME = 'RuoYi-FasAPI'
APP_NAME = 'RuoYi-FastAPI'
# 应用代理路径
APP_ROOT_PATH = '/dev-api'
# 应用主机
@@ -10,9 +10,13 @@ APP_HOST = '0.0.0.0'
# 应用端口
APP_PORT = 9099
# 应用版本
APP_VERSION= '1.0.2'
APP_VERSION= '1.1.0'
# 应用是否开启热重载
APP_RELOAD = true
# 应用是否开启IP归属区域查询
APP_IP_LOCATION_QUERY = true
# 应用是否允许账号同时登录
APP_SAME_TIME_LOGIN = true
# -------- Jwt配置 --------
# Jwt秘钥
@@ -36,6 +40,8 @@ DB_USERNAME = 'root'
DB_PASSWORD = 'mysqlroot'
# 数据库名称
DB_DATABASE = 'ruoyi-fastapi'
# 是否开启sqlalchemy日志
DB_ECHO = true
# -------- Redis配置 --------
# Redis主机

10
ruoyi-fastapi-backend/.env.prod
View File

@@ -2,7 +2,7 @@
# 应用运行环境
APP_ENV = 'prod'
# 应用名称
APP_NAME = 'RuoYi-FasAPI'
APP_NAME = 'RuoYi-FastAPI'
# 应用代理路径
APP_ROOT_PATH = '/prod-api'
# 应用主机
@@ -10,9 +10,13 @@ APP_HOST = '0.0.0.0'
# 应用端口
APP_PORT = 9099
# 应用版本
APP_VERSION= '1.0.2'
APP_VERSION= '1.1.0'
# 应用是否开启热重载
APP_RELOAD = false
# 应用是否开启IP归属区域查询
APP_IP_LOCATION_QUERY = true
# 应用是否允许账号同时登录
APP_SAMETIME_LOGIN = true
# -------- Jwt配置 --------
# Jwt秘钥
@@ -36,6 +40,8 @@ DB_USERNAME = 'root'
DB_PASSWORD = 'root'
# 数据库名称
DB_DATABASE = 'ruoyi-fastapi'
# 是否开启sqlalchemy日志
DB_ECHO = true
# -------- Redis配置 --------
# Redis主机

2
ruoyi-fastapi-backend/config/database.py
View File

@@ -8,7 +8,7 @@ SQLALCHEMY_DATABASE_URL = f"mysql+pymysql://{DataBaseConfig.db_username}:{quote_
f"{DataBaseConfig.db_host}:{DataBaseConfig.db_port}/{DataBaseConfig.db_database}"
engine = create_engine(
SQLALCHEMY_DATABASE_URL, echo=True
SQLALCHEMY_DATABASE_URL, echo=DataBaseConfig.db_echo
)
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
Base = declarative_base()

3
ruoyi-fastapi-backend/config/env.py
View File

@@ -17,6 +17,8 @@ class AppSettings(BaseSettings):
app_port: int = 9099
app_version: str = '1.0.0'
app_reload: bool = True
app_ip_location_query: bool = True
app_same_time_login: bool = True
class JwtSettings(BaseSettings):
@@ -38,6 +40,7 @@ class DataBaseSettings(BaseSettings):
db_username: str = 'root'
db_password: str = 'mysqlroot'
db_database: str = 'ruoyi-fastapi'
db_echo: bool = True
class RedisSettings(BaseSettings):

11
ruoyi-fastapi-backend/module_admin/annotation/log_annotation.py
View File

@@ -12,6 +12,7 @@ from typing import Optional
from module_admin.service.login_service import LoginService
from module_admin.service.log_service import OperationLogService, LoginLogService
from module_admin.entity.vo.log_vo import OperLogModel, LogininforModel
from config.env import AppConfig
def log_decorator(title: str, business_type: int, log_type: Optional[str] = 'operation'):
@@ -50,6 +51,7 @@ def log_decorator(title: str, business_type: int, log_type: Optional[str] = 'ope
# 获取请求的ip及ip归属区域
oper_ip = request.headers.get("X-Forwarded-For")
oper_location = '内网IP'
if AppConfig.app_ip_location_query:
try:
if oper_ip != '127.0.0.1' and oper_ip != 'localhost':
ip_result = requests.get(f'https://qifu-api.baidubce.com/ip/geo/v1/district?ip={oper_ip}')
@@ -65,7 +67,6 @@ def log_decorator(title: str, business_type: int, log_type: Optional[str] = 'ope
except Exception as e:
oper_location = '未知'
print(e)
finally:
# 根据不同的请求类型使用不同的方法获取请求参数
content_type = request.headers.get("Content-Type")
if content_type and ("multipart/form-data" in content_type or 'application/x-www-form-urlencoded' in content_type):
@@ -91,8 +92,12 @@ def log_decorator(title: str, business_type: int, log_type: Optional[str] = 'ope
login_log = {}
if log_type == 'login':
user_agent_info = parse(user_agent)
browser = f'{user_agent_info.browser.family} {user_agent_info.browser.version[0]}'
system_os = f'{user_agent_info.os.family} {user_agent_info.os.version[0]}'
browser = f'{user_agent_info.browser.family}'
system_os = f'{user_agent_info.os.family}'
if user_agent_info.browser.version != ():
browser += f' {user_agent_info.browser.version[0]}'
if user_agent_info.os.version != ():
system_os += f' {user_agent_info.os.version[0]}'
login_log = dict(
ipaddr=oper_ip,
loginLocation=oper_location,

8
ruoyi-fastapi-backend/module_admin/controller/login_controller.py
View File

@@ -41,11 +41,13 @@ async def login(request: Request, form_data: CustomOAuth2PasswordRequestForm = D
},
expires_delta=access_token_expires
)
if AppConfig.app_same_time_login:
await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", access_token,
ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
else:
# 此方法可实现同一账号同一时间只能登录一次
# await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token,
# ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token,
ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
UserService.edit_user_services(query_db, EditUserModel(userId=result[0].user_id, loginDate=datetime.now(), type='status'))
logger.info('登录成功')
# 判断请求是否来自于api文档如果是返回指定格式的结果用于修复api文档认证成功后token显示undefined的bug
@@ -131,7 +133,7 @@ async def register_user(request: Request, user_register: UserRegister, query_db:
@loginController.post("/logout")
async def logout(request: Request, token: Optional[str] = Depends(oauth2_scheme)):
try:
payload = jwt.decode(token, JwtConfig.jwt_secret_key, algorithms=[JwtConfig.jwt_algorithm])
payload = jwt.decode(token, JwtConfig.jwt_secret_key, algorithms=[JwtConfig.jwt_algorithm], options={'verify_exp': False})
session_id: str = payload.get("session_id")
await LoginService.logout_services(request, session_id)
logger.info('退出成功')

32
ruoyi-fastapi-backend/module_admin/service/login_service.py
View File

@@ -56,6 +56,7 @@ class LoginService:
:param login_user: 登录用户对象
:return: 校验结果
"""
await cls.__check_login_ip(request)
account_lock = await request.app.state.redis.get(
f"{RedisInitKeyConfig.ACCOUNT_LOCK.get('key')}:{login_user.user_name}")
if login_user.user_name == account_lock:
@@ -100,6 +101,21 @@ class LoginService:
f"{RedisInitKeyConfig.PASSWORD_ERROR_COUNT.get('key')}:{login_user.user_name}")
return user
@classmethod
async def __check_login_ip(cls, request: Request):
"""
校验用户登录ip是否在黑名单内
:param request: Request对象
:return: 校验结果
"""
black_ip_value = await request.app.state.redis.get(
f"{RedisInitKeyConfig.SYS_CONFIG.get('key')}:sys.login.blackIPList")
black_ip_list = black_ip_value.split(',') if black_ip_value else []
if request.headers.get('X-Forwarded-For') in black_ip_list:
logger.warning("当前IP禁止登录")
raise LoginException(data="", message="当前IP禁止登录")
return True
@classmethod
async def __check_login_captcha(cls, request: Request, login_user: UserLogin):
"""
@@ -166,14 +182,18 @@ class LoginService:
if query_user.get('user_basic_info') is None:
logger.warning("用户token不合法")
raise AuthException(data="", message="用户token不合法")
if AppConfig.app_same_time_login:
redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}")
else:
# 此方法可实现同一账号同一时间只能登录一次
# redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}")
redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{query_user.get('user_basic_info').user_id}")
if token == redis_token:
if AppConfig.app_same_time_login:
await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", redis_token,
ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
# await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}", redis_token,
# ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
else:
await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{query_user.get('user_basic_info').user_id}", redis_token,
ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
role_id_list = [item.role_id for item in query_user.get('user_role_info')]
if 1 in role_id_list:
@@ -229,14 +249,16 @@ class LoginService:
if permission.menu_type == 'M':
router_list_data['name'] = permission.path.capitalize()
router_list_data['hidden'] = False if permission.visible == '0' else True
if permission.is_frame == 1:
router_list_data['redirect'] = 'noRedirect'
if permission.parent_id == 0:
router_list_data['component'] = 'Layout'
router_list_data['path'] = f'/{permission.path}'
else:
router_list_data['component'] = 'ParentView'
router_list_data['path'] = permission.path
if permission.is_frame == 1:
router_list_data['redirect'] = 'noRedirect'
else:
router_list_data['path'] = permission.path
if children:
router_list_data['alwaysShow'] = True
router_list_data['children'] = children

2
ruoyi-fastapi-frontend/.env.development
View File

@@ -4,5 +4,5 @@ VITE_APP_TITLE = vfadmin管理系统
# 开发环境配置
VITE_APP_ENV = 'development'
# 若依管理系统/开发环境
# vfadmin管理系统/开发环境
VITE_APP_BASE_API = '/dev-api'

2
ruoyi-fastapi-frontend/.env.production
View File

@@ -4,7 +4,7 @@ VITE_APP_TITLE = vfadmin管理系统
# 生产环境配置
VITE_APP_ENV = 'production'
# 若依管理系统/生产环境
# vfadmin管理系统/生产环境
VITE_APP_BASE_API = '/prod-api'
# 是否在打包时开启压缩,支持 gzip 和 brotli

4
ruoyi-fastapi-frontend/.env.staging
View File

@@ -1,10 +1,10 @@
# 页面标题
VITE_APP_TITLE = 若依管理系统
VITE_APP_TITLE = vfadmin管理系统
# 生产环境配置
VITE_APP_ENV = 'staging'
# 若依管理系统/生产环境
# vfadmin管理系统/生产环境
VITE_APP_BASE_API = '/stage-api'
# 是否在打包时开启压缩,支持 gzip 和 brotli

2
ruoyi-fastapi-frontend/index.html
View File

@@ -7,7 +7,7 @@
<meta name="renderer" content="webkit">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
<link rel="icon" href="/favicon.ico">
<title>若依管理系统</title>
<title>vfadmin管理系统</title>
<!--[if lt IE 11]><script>window.location.href='/html/ie.html';</script><![endif]-->
<style>
html,

2
ruoyi-fastapi-frontend/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "vfadmin",
"version": "1.0.2",
"version": "1.1.0",
"description": "vfadmin管理系统",
"author": "insistence",
"license": "MIT",

8
ruoyi-fastapi-frontend/src/views/system/menu/index.vue
View File

@@ -152,8 +152,8 @@
</span>
</template>
<el-radio-group v-model="form.isFrame">
<el-radio label="0"></el-radio>
<el-radio label="1"></el-radio>
<el-radio :label="0"></el-radio>
<el-radio :label="1"></el-radio>
</el-radio-group>
</el-form-item>
</el-col>
@@ -220,8 +220,8 @@
</span>
</template>
<el-radio-group v-model="form.isCache">
<el-radio label="0">缓存</el-radio>
<el-radio label="1">不缓存</el-radio>
<el-radio :label="0">缓存</el-radio>
<el-radio :label="1">不缓存</el-radio>
</el-radio-group>
</el-form-item>
</el-col>