24024
af7c11d7f9
- 新增图像生成接口,支持试用、积分和自定义API Key模式 - 实现生成图片结果异步上传至MinIO存储,带重试机制 - 优化积分预扣除和异常退还逻辑,保障用户积分准确 - 添加获取生成历史记录接口,支持时间范围和分页 - 提供本地字典配置接口,支持模型、比例、提示模板和尺寸 - 实现图片批量上传接口,支持S3兼容对象存储 feat(admin): 增加管理员角色管理与权限分配接口 - 实现角色列表查询、角色创建、更新及删除功能 - 增加权限列表查询接口 - 实现用户角色分配接口,便于统一管理用户权限 - 增加系统字典增删查改接口,支持分类过滤和排序 - 权限控制全面覆盖管理接口,保证安全访问 feat(auth): 完善用户登录注册及权限相关接口与页面 - 实现手机号验证码发送及校验功能,保障注册安全 - 支持手机号注册、登录及退出接口,集成日志记录 - 增加修改密码功能,验证原密码后更新 - 提供动态导航菜单接口,基于权限展示不同菜单 - 实现管理界面路由及日志、角色、字典管理页面访问权限控制 - 添加系统日志查询接口,支持关键词和等级筛选 feat(app): 初始化Flask应用并配置蓝图与数据库 - 创建应用程序工厂,加载配置,初始化数据库和Redis客户端 - 注册认证、API及管理员蓝图,整合路由 - 根路由渲染主页模板 - 应用上下文中自动创建数据库表,保证运行环境准备完毕 feat(database): 提供数据库创建与迁移支持脚本 - 新增数据库创建脚本,支持自动检测是否已存在 - 添加数据库表初始化脚本,支持创建和删除所有表 - 实现RBAC权限初始化,包含基础权限和角色创建 - 新增字段手动修复脚本,添加用户API Key和积分字段 - 强制迁移脚本支持清理连接和修复表结构,初始化默认数据及角色分配 feat(config): 新增系统配置参数 - 配置数据库、Redis、Session和MinIO相关参数 - 添加AI接口地址及试用Key配置 - 集成阿里云短信服务配置及开发模式相关参数 feat(extensions): 初始化数据库、Redis和MinIO客户端 - 创建全局SQLAlchemy数据库实例和Redis客户端 - 配置基于boto3的MinIO兼容S3客户端 chore(logs): 添加示例系统日志文件 - 记录用户请求、验证码发送成功与失败的日志信息
204 lines
6.3 KiB
Python
204 lines
6.3 KiB
Python
from __future__ import annotations
|
|
|
|
import codecs
|
|
import re
|
|
import typing as t
|
|
import urllib.parse
|
|
from urllib.parse import quote
|
|
from urllib.parse import unquote
|
|
from urllib.parse import urlencode
|
|
from urllib.parse import urlsplit
|
|
from urllib.parse import urlunsplit
|
|
|
|
from .datastructures import iter_multi_items
|
|
|
|
|
|
def _codec_error_url_quote(e: UnicodeError) -> tuple[str, int]:
|
|
"""Used in :func:`uri_to_iri` after unquoting to re-quote any
|
|
invalid bytes.
|
|
"""
|
|
# the docs state that UnicodeError does have these attributes,
|
|
# but mypy isn't picking them up
|
|
out = quote(e.object[e.start : e.end], safe="") # type: ignore
|
|
return out, e.end # type: ignore
|
|
|
|
|
|
codecs.register_error("werkzeug.url_quote", _codec_error_url_quote)
|
|
|
|
|
|
def _make_unquote_part(name: str, chars: str) -> t.Callable[[str], str]:
|
|
"""Create a function that unquotes all percent encoded characters except those
|
|
given. This allows working with unquoted characters if possible while not changing
|
|
the meaning of a given part of a URL.
|
|
"""
|
|
choices = "|".join(f"{ord(c):02X}" for c in sorted(chars))
|
|
pattern = re.compile(f"((?:%(?:{choices}))+)", re.I)
|
|
|
|
def _unquote_partial(value: str) -> str:
|
|
parts = iter(pattern.split(value))
|
|
out = []
|
|
|
|
for part in parts:
|
|
out.append(unquote(part, "utf-8", "werkzeug.url_quote"))
|
|
out.append(next(parts, ""))
|
|
|
|
return "".join(out)
|
|
|
|
_unquote_partial.__name__ = f"_unquote_{name}"
|
|
return _unquote_partial
|
|
|
|
|
|
# characters that should remain quoted in URL parts
|
|
# based on https://url.spec.whatwg.org/#percent-encoded-bytes
|
|
# always keep all controls, space, and % quoted
|
|
_always_unsafe = bytes((*range(0x21), 0x25, 0x7F)).decode()
|
|
_unquote_fragment = _make_unquote_part("fragment", _always_unsafe)
|
|
_unquote_query = _make_unquote_part("query", _always_unsafe + "&=+#")
|
|
_unquote_path = _make_unquote_part("path", _always_unsafe + "/?#")
|
|
_unquote_user = _make_unquote_part("user", _always_unsafe + ":@/?#")
|
|
|
|
|
|
def uri_to_iri(uri: str) -> str:
|
|
"""Convert a URI to an IRI. All valid UTF-8 characters are unquoted,
|
|
leaving all reserved and invalid characters quoted. If the URL has
|
|
a domain, it is decoded from Punycode.
|
|
|
|
>>> uri_to_iri("http://xn--n3h.net/p%C3%A5th?q=%C3%A8ry%DF")
|
|
'http://\\u2603.net/p\\xe5th?q=\\xe8ry%DF'
|
|
|
|
:param uri: The URI to convert.
|
|
|
|
.. versionchanged:: 3.0
|
|
Passing a tuple or bytes, and the ``charset`` and ``errors`` parameters,
|
|
are removed.
|
|
|
|
.. versionchanged:: 2.3
|
|
Which characters remain quoted is specific to each part of the URL.
|
|
|
|
.. versionchanged:: 0.15
|
|
All reserved and invalid characters remain quoted. Previously,
|
|
only some reserved characters were preserved, and invalid bytes
|
|
were replaced instead of left quoted.
|
|
|
|
.. versionadded:: 0.6
|
|
"""
|
|
parts = urlsplit(uri)
|
|
path = _unquote_path(parts.path)
|
|
query = _unquote_query(parts.query)
|
|
fragment = _unquote_fragment(parts.fragment)
|
|
|
|
if parts.hostname:
|
|
netloc = _decode_idna(parts.hostname)
|
|
else:
|
|
netloc = ""
|
|
|
|
if ":" in netloc:
|
|
netloc = f"[{netloc}]"
|
|
|
|
if parts.port:
|
|
netloc = f"{netloc}:{parts.port}"
|
|
|
|
if parts.username:
|
|
auth = _unquote_user(parts.username)
|
|
|
|
if parts.password:
|
|
password = _unquote_user(parts.password)
|
|
auth = f"{auth}:{password}"
|
|
|
|
netloc = f"{auth}@{netloc}"
|
|
|
|
return urlunsplit((parts.scheme, netloc, path, query, fragment))
|
|
|
|
|
|
def iri_to_uri(iri: str) -> str:
|
|
"""Convert an IRI to a URI. All non-ASCII and unsafe characters are
|
|
quoted. If the URL has a domain, it is encoded to Punycode.
|
|
|
|
>>> iri_to_uri('http://\\u2603.net/p\\xe5th?q=\\xe8ry%DF')
|
|
'http://xn--n3h.net/p%C3%A5th?q=%C3%A8ry%DF'
|
|
|
|
:param iri: The IRI to convert.
|
|
|
|
.. versionchanged:: 3.0
|
|
Passing a tuple or bytes, the ``charset`` and ``errors`` parameters,
|
|
and the ``safe_conversion`` parameter, are removed.
|
|
|
|
.. versionchanged:: 2.3
|
|
Which characters remain unquoted is specific to each part of the URL.
|
|
|
|
.. versionchanged:: 0.15
|
|
All reserved characters remain unquoted. Previously, only some reserved
|
|
characters were left unquoted.
|
|
|
|
.. versionchanged:: 0.9.6
|
|
The ``safe_conversion`` parameter was added.
|
|
|
|
.. versionadded:: 0.6
|
|
"""
|
|
parts = urlsplit(iri)
|
|
# safe = https://url.spec.whatwg.org/#url-path-segment-string
|
|
# as well as percent for things that are already quoted
|
|
path = quote(parts.path, safe="%!$&'()*+,/:;=@")
|
|
query = quote(parts.query, safe="%!$&'()*+,/:;=?@")
|
|
fragment = quote(parts.fragment, safe="%!#$&'()*+,/:;=?@")
|
|
|
|
if parts.hostname:
|
|
netloc = parts.hostname.encode("idna").decode("ascii")
|
|
else:
|
|
netloc = ""
|
|
|
|
if ":" in netloc:
|
|
netloc = f"[{netloc}]"
|
|
|
|
if parts.port:
|
|
netloc = f"{netloc}:{parts.port}"
|
|
|
|
if parts.username:
|
|
auth = quote(parts.username, safe="%!$&'()*+,;=")
|
|
|
|
if parts.password:
|
|
password = quote(parts.password, safe="%!$&'()*+,;=")
|
|
auth = f"{auth}:{password}"
|
|
|
|
netloc = f"{auth}@{netloc}"
|
|
|
|
return urlunsplit((parts.scheme, netloc, path, query, fragment))
|
|
|
|
|
|
# Python < 3.12
|
|
# itms-services was worked around in previous iri_to_uri implementations, but
|
|
# we can tell Python directly that it needs to preserve the //.
|
|
if "itms-services" not in urllib.parse.uses_netloc:
|
|
urllib.parse.uses_netloc.append("itms-services")
|
|
|
|
|
|
def _decode_idna(domain: str) -> str:
|
|
try:
|
|
data = domain.encode("ascii")
|
|
except UnicodeEncodeError:
|
|
# If the domain is not ASCII, it's decoded already.
|
|
return domain
|
|
|
|
try:
|
|
# Try decoding in one shot.
|
|
return data.decode("idna")
|
|
except UnicodeDecodeError:
|
|
pass
|
|
|
|
# Decode each part separately, leaving invalid parts as punycode.
|
|
parts = []
|
|
|
|
for part in data.split(b"."):
|
|
try:
|
|
parts.append(part.decode("idna"))
|
|
except UnicodeDecodeError:
|
|
parts.append(part.decode("ascii"))
|
|
|
|
return ".".join(parts)
|
|
|
|
|
|
def _urlencode(query: t.Mapping[str, str] | t.Iterable[tuple[str, str]]) -> str:
|
|
items = [x for x in iter_multi_items(query) if x[1] is not None]
|
|
# safe = https://url.spec.whatwg.org/#percent-encoded-bytes
|
|
return urlencode(items, safe="!$'()*,/:;?@")
|