!7 RuoYi-Vue3-FastAPI v1.1.0

Merge pull request !7 from insistence/develop

README.md

@@ -1,12 +1,12 @@
 <p align="center">
 	<img alt="logo" src="https://oscimg.oschina.net/oscnet/up-d3d0a9303e11d522a06cd263f3079027715.png">
 </p>
-<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">RuoYi-Vue3-FastAPI v1.0.3</h1>
+<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">RuoYi-Vue3-FastAPI v1.1.0</h1>
 <h4 align="center">基于RuoYi-Vue3+FastAPI前后端分离的快速开发框架</h4>
 <p align="center">
 	<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/stargazers"><img src="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/badge/star.svg?theme=dark"></a>
     <a href="https://github.com/insistence/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/github/stars/insistence/RuoYi-Vue3-FastAPI?style=social"></a>
-	<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/badge/RuoYiVue3FastAPI-v1.0.3-brightgreen.svg"></a>
+	<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/badge/RuoYiVue3FastAPI-v1.1.0-brightgreen.svg"></a>
 	<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/blob/master/LICENSE"><img src="https://img.shields.io/github/license/mashape/apistatus.svg"></a>
     <img src="https://img.shields.io/badge/python-≥3.8-blue">
     <img src="https://img.shields.io/badge/MySQL-≥5.7-blue">
@@ -15,9 +15,10 @@
 
 
 
+
 ## 平台简介
 
-RuoYi-Vue-FastAPI是一套全部开源的快速开发平台，毫无保留给个人及企业免费使用。
+RuoYi-Vue3-FastAPI是一套全部开源的快速开发平台，毫无保留给个人及企业免费使用。
 
 * 前端采用Vue、Element Plus，基于<u>[RuoYi-Vue3](https://github.com/yangzongzhuan/RuoYi-Vue3)</u>前端项目修改。
 * 后端采用FastAPI、sqlalchemy、MySQL、Redis、OAuth2 & Jwt。

ruoyi-fastapi-backend/.env.dev

@@ -10,9 +10,13 @@ APP_HOST = '0.0.0.0'
 # 应用端口
 APP_PORT = 9099
 # 应用版本
-APP_VERSION= '1.0.3'
+APP_VERSION= '1.1.0'
 # 应用是否开启热重载
 APP_RELOAD = true
+# 应用是否开启IP归属区域查询
+APP_IP_LOCATION_QUERY = true
+# 应用是否允许账号同时登录
+APP_SAME_TIME_LOGIN = true
 
 # -------- Jwt配置 --------
 # Jwt秘钥
@@ -36,6 +40,8 @@ DB_USERNAME = 'root'
 DB_PASSWORD = 'mysqlroot'
 # 数据库名称
 DB_DATABASE = 'ruoyi-fastapi'
+# 是否开启sqlalchemy日志
+DB_ECHO = true
 
 # -------- Redis配置 --------
 # Redis主机

ruoyi-fastapi-backend/.env.prod

@@ -10,9 +10,13 @@ APP_HOST = '0.0.0.0'
 # 应用端口
 APP_PORT = 9099
 # 应用版本
-APP_VERSION= '1.0.3'
+APP_VERSION= '1.1.0'
 # 应用是否开启热重载
 APP_RELOAD = false
+# 应用是否开启IP归属区域查询
+APP_IP_LOCATION_QUERY = true
+# 应用是否允许账号同时登录
+APP_SAMETIME_LOGIN = true
 
 # -------- Jwt配置 --------
 # Jwt秘钥
@@ -36,6 +40,8 @@ DB_USERNAME = 'root'
 DB_PASSWORD = 'root'
 # 数据库名称
 DB_DATABASE = 'ruoyi-fastapi'
+# 是否开启sqlalchemy日志
+DB_ECHO = true
 
 # -------- Redis配置 --------
 # Redis主机

ruoyi-fastapi-backend/config/database.py

@@ -8,7 +8,7 @@ SQLALCHEMY_DATABASE_URL = f"mysql+pymysql://{DataBaseConfig.db_username}:{quote_
                           f"{DataBaseConfig.db_host}:{DataBaseConfig.db_port}/{DataBaseConfig.db_database}"
 
 engine = create_engine(
-    SQLALCHEMY_DATABASE_URL, echo=True
+    SQLALCHEMY_DATABASE_URL, echo=DataBaseConfig.db_echo
 )
 SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
 Base = declarative_base()

ruoyi-fastapi-backend/config/env.py

@@ -17,6 +17,8 @@ class AppSettings(BaseSettings):
     app_port: int = 9099
     app_version: str = '1.0.0'
     app_reload: bool = True
+    app_ip_location_query: bool = True
+    app_same_time_login: bool = True
 
 
 class JwtSettings(BaseSettings):
@@ -38,6 +40,7 @@ class DataBaseSettings(BaseSettings):
     db_username: str = 'root'
     db_password: str = 'mysqlroot'
     db_database: str = 'ruoyi-fastapi'
+    db_echo: bool = True
 
 
 class RedisSettings(BaseSettings):

ruoyi-fastapi-backend/module_admin/annotation/log_annotation.py

@@ -12,6 +12,7 @@ from typing import Optional
 from module_admin.service.login_service import LoginService
 from module_admin.service.log_service import OperationLogService, LoginLogService
 from module_admin.entity.vo.log_vo import OperLogModel, LogininforModel
+from config.env import AppConfig
 
 
 def log_decorator(title: str, business_type: int, log_type: Optional[str] = 'operation'):
@@ -50,122 +51,126 @@ def log_decorator(title: str, business_type: int, log_type: Optional[str] = 'ope
             # 获取请求的ip及ip归属区域
             oper_ip = request.headers.get("X-Forwarded-For")
             oper_location = '内网IP'
-            try:
-                if oper_ip != '127.0.0.1' and oper_ip != 'localhost':
-                    ip_result = requests.get(f'https://qifu-api.baidubce.com/ip/geo/v1/district?ip={oper_ip}')
-                    if ip_result.status_code == 200:
-                        prov = ip_result.json().get('data').get('prov')
-                        city = ip_result.json().get('data').get('city')
-                        if prov or city:
-                            oper_location = f'{prov}-{city}'
+            if AppConfig.app_ip_location_query:
+                try:
+                    if oper_ip != '127.0.0.1' and oper_ip != 'localhost':
+                        ip_result = requests.get(f'https://qifu-api.baidubce.com/ip/geo/v1/district?ip={oper_ip}')
+                        if ip_result.status_code == 200:
+                            prov = ip_result.json().get('data').get('prov')
+                            city = ip_result.json().get('data').get('city')
+                            if prov or city:
+                                oper_location = f'{prov}-{city}'
+                            else:
+                                oper_location = '未知'
                         else:
                             oper_location = '未知'
-                    else:
-                        oper_location = '未知'
-            except Exception as e:
-                oper_location = '未知'
-                print(e)
-            finally:
-                # 根据不同的请求类型使用不同的方法获取请求参数
-                content_type = request.headers.get("Content-Type")
-                if content_type and ("multipart/form-data" in content_type or 'application/x-www-form-urlencoded' in content_type):
-                    payload = await request.form()
-                    oper_param = "\n".join([f"{key}: {value}" for key, value in payload.items()])
-                else:
-                    payload = await request.body()
-                    # 通过 request.path_params 直接访问路径参数
-                    path_params = request.path_params
-                    oper_param = {}
-                    if payload:
-                        oper_param.update(json.loads(str(payload, 'utf-8')))
-                    if path_params:
-                        oper_param.update(path_params)
-                    oper_param = json.dumps(oper_param, ensure_ascii=False)
-                # 日志表请求参数字段长度最大为2000，因此在此处判断长度
-                if len(oper_param) > 2000:
-                    oper_param = '请求参数过长'
+                except Exception as e:
+                    oper_location = '未知'
+                    print(e)
+            # 根据不同的请求类型使用不同的方法获取请求参数
+            content_type = request.headers.get("Content-Type")
+            if content_type and ("multipart/form-data" in content_type or 'application/x-www-form-urlencoded' in content_type):
+                payload = await request.form()
+                oper_param = "\n".join([f"{key}: {value}" for key, value in payload.items()])
+            else:
+                payload = await request.body()
+                # 通过 request.path_params 直接访问路径参数
+                path_params = request.path_params
+                oper_param = {}
+                if payload:
+                    oper_param.update(json.loads(str(payload, 'utf-8')))
+                if path_params:
+                    oper_param.update(path_params)
+                oper_param = json.dumps(oper_param, ensure_ascii=False)
+            # 日志表请求参数字段长度最大为2000，因此在此处判断长度
+            if len(oper_param) > 2000:
+                oper_param = '请求参数过长'
 
-                # 获取操作时间
-                oper_time = datetime.now()
-                # 此处在登录之前向原始函数传递一些登录信息，用于监测在线用户的相关信息
-                login_log = {}
-                if log_type == 'login':
-                    user_agent_info = parse(user_agent)
-                    browser = f'{user_agent_info.browser.family} {user_agent_info.browser.version[0]}'
-                    system_os = f'{user_agent_info.os.family} {user_agent_info.os.version[0]}'
-                    login_log = dict(
-                        ipaddr=oper_ip,
-                        loginLocation=oper_location,
-                        browser=browser,
-                        os=system_os,
-                        loginTime=oper_time.strftime('%Y-%m-%d %H:%M:%S')
-                    )
-                    kwargs['form_data'].login_info = login_log
-                # 调用原始函数
-                result = await func(*args, **kwargs)
-                # 获取请求耗时
-                cost_time = float(time.time() - start_time) * 100
-                # 判断请求是否来自api文档
-                request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False
-                request_from_redoc = request.headers.get('referer').endswith('redoc') if request.headers.get('referer') else False
-                # 根据响应结果的类型使用不同的方法获取响应结果参数
-                if isinstance(result, JSONResponse) or isinstance(result, ORJSONResponse) or isinstance(result, UJSONResponse):
-                    result_dict = json.loads(str(result.body, 'utf-8'))
+            # 获取操作时间
+            oper_time = datetime.now()
+            # 此处在登录之前向原始函数传递一些登录信息，用于监测在线用户的相关信息
+            login_log = {}
+            if log_type == 'login':
+                user_agent_info = parse(user_agent)
+                browser = f'{user_agent_info.browser.family}'
+                system_os = f'{user_agent_info.os.family}'
+                if user_agent_info.browser.version != ():
+                    browser += f' {user_agent_info.browser.version[0]}'
+                if user_agent_info.os.version != ():
+                    system_os += f' {user_agent_info.os.version[0]}'
+                login_log = dict(
+                    ipaddr=oper_ip,
+                    loginLocation=oper_location,
+                    browser=browser,
+                    os=system_os,
+                    loginTime=oper_time.strftime('%Y-%m-%d %H:%M:%S')
+                )
+                kwargs['form_data'].login_info = login_log
+            # 调用原始函数
+            result = await func(*args, **kwargs)
+            # 获取请求耗时
+            cost_time = float(time.time() - start_time) * 100
+            # 判断请求是否来自api文档
+            request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False
+            request_from_redoc = request.headers.get('referer').endswith('redoc') if request.headers.get('referer') else False
+            # 根据响应结果的类型使用不同的方法获取响应结果参数
+            if isinstance(result, JSONResponse) or isinstance(result, ORJSONResponse) or isinstance(result, UJSONResponse):
+                result_dict = json.loads(str(result.body, 'utf-8'))
+            else:
+                if request_from_swagger or request_from_redoc:
+                    result_dict = {}
                 else:
-                    if request_from_swagger or request_from_redoc:
-                        result_dict = {}
+                    if result.status_code == 200:
+                        result_dict = {'code': result.status_code, 'message': '获取成功'}
                     else:
-                        if result.status_code == 200:
-                            result_dict = {'code': result.status_code, 'message': '获取成功'}
-                        else:
-                            result_dict = {'code': result.status_code, 'message': '获取失败'}
-                json_result = json.dumps(result_dict, ensure_ascii=False)
-                # 根据响应结果获取响应状态及异常信息
-                status = 1
-                error_msg = ''
-                if result_dict.get('code') == 200:
-                    status = 0
+                        result_dict = {'code': result.status_code, 'message': '获取失败'}
+            json_result = json.dumps(result_dict, ensure_ascii=False)
+            # 根据响应结果获取响应状态及异常信息
+            status = 1
+            error_msg = ''
+            if result_dict.get('code') == 200:
+                status = 0
+            else:
+                error_msg = result_dict.get('msg')
+            # 根据日志类型向对应的日志表插入数据
+            if log_type == 'login':
+                # 登录请求来自于api文档时不记录登录日志，其余情况则记录
+                if request_from_swagger or request_from_redoc:
+                    pass
                 else:
-                    error_msg = result_dict.get('msg')
-                # 根据日志类型向对应的日志表插入数据
-                if log_type == 'login':
-                    # 登录请求来自于api文档时不记录登录日志，其余情况则记录
-                    if request_from_swagger or request_from_redoc:
-                        pass
-                    else:
-                        user = kwargs.get('form_data')
-                        user_name = user.username
-                        login_log['loginTime'] = oper_time
-                        login_log['userName'] = user_name
-                        login_log['status'] = str(status)
-                        login_log['msg'] = result_dict.get('msg')
+                    user = kwargs.get('form_data')
+                    user_name = user.username
+                    login_log['loginTime'] = oper_time
+                    login_log['userName'] = user_name
+                    login_log['status'] = str(status)
+                    login_log['msg'] = result_dict.get('msg')
 
-                        LoginLogService.add_login_log_services(query_db, LogininforModel(**login_log))
-                else:
-                    current_user = await LoginService.get_current_user(request, token, query_db)
-                    oper_name = current_user.user.user_name
-                    dept_name = current_user.user.dept.dept_name if current_user.user.dept else None
-                    operation_log = OperLogModel(
-                        title=title,
-                        businessType=business_type,
-                        method=func_path,
-                        requestMethod=request_method,
-                        operatorType=operator_type,
-                        operName=oper_name,
-                        deptName=dept_name,
-                        operUrl=oper_url,
-                        operIp=oper_ip,
-                        operLocation=oper_location,
-                        operParam=oper_param,
-                        jsonResult=json_result,
-                        status=status,
-                        errorMsg=error_msg,
-                        operTime=oper_time,
-                        costTime=int(cost_time)
-                    )
-                    OperationLogService.add_operation_log_services(query_db, operation_log)
+                    LoginLogService.add_login_log_services(query_db, LogininforModel(**login_log))
+            else:
+                current_user = await LoginService.get_current_user(request, token, query_db)
+                oper_name = current_user.user.user_name
+                dept_name = current_user.user.dept.dept_name if current_user.user.dept else None
+                operation_log = OperLogModel(
+                    title=title,
+                    businessType=business_type,
+                    method=func_path,
+                    requestMethod=request_method,
+                    operatorType=operator_type,
+                    operName=oper_name,
+                    deptName=dept_name,
+                    operUrl=oper_url,
+                    operIp=oper_ip,
+                    operLocation=oper_location,
+                    operParam=oper_param,
+                    jsonResult=json_result,
+                    status=status,
+                    errorMsg=error_msg,
+                    operTime=oper_time,
+                    costTime=int(cost_time)
+                )
+                OperationLogService.add_operation_log_services(query_db, operation_log)
 
-                return result
+            return result
 
         return wrapper
 

ruoyi-fastapi-backend/module_admin/controller/login_controller.py

@@ -41,11 +41,13 @@ async def login(request: Request, form_data: CustomOAuth2PasswordRequestForm = D
             },
             expires_delta=access_token_expires
         )
-        await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", access_token,
-                                          ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
-        # 此方法可实现同一账号同一时间只能登录一次
-        # await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token,
-        #                                   ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+        if AppConfig.app_same_time_login:
+            await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", access_token,
+                                              ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+        else:
+            # 此方法可实现同一账号同一时间只能登录一次
+            await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token,
+                                              ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
         UserService.edit_user_services(query_db, EditUserModel(userId=result[0].user_id, loginDate=datetime.now(), type='status'))
         logger.info('登录成功')
         # 判断请求是否来自于api文档，如果是返回指定格式的结果，用于修复api文档认证成功后token显示undefined的bug
@@ -131,7 +133,7 @@ async def register_user(request: Request, user_register: UserRegister, query_db:
 @loginController.post("/logout")
 async def logout(request: Request, token: Optional[str] = Depends(oauth2_scheme)):
     try:
-        payload = jwt.decode(token, JwtConfig.jwt_secret_key, algorithms=[JwtConfig.jwt_algorithm])
+        payload = jwt.decode(token, JwtConfig.jwt_secret_key, algorithms=[JwtConfig.jwt_algorithm], options={'verify_exp': False})
         session_id: str = payload.get("session_id")
         await LoginService.logout_services(request, session_id)
         logger.info('退出成功')

ruoyi-fastapi-backend/module_admin/service/login_service.py

@@ -182,14 +182,18 @@ class LoginService:
         if query_user.get('user_basic_info') is None:
             logger.warning("用户token不合法")
             raise AuthException(data="", message="用户token不合法")
-        redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}")
-        # 此方法可实现同一账号同一时间只能登录一次
-        # redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}")
+        if AppConfig.app_same_time_login:
+            redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}")
+        else:
+            # 此方法可实现同一账号同一时间只能登录一次
+            redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{query_user.get('user_basic_info').user_id}")
         if token == redis_token:
-            await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", redis_token,
-                                              ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
-            # await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}", redis_token,
-            #                                   ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+            if AppConfig.app_same_time_login:
+                await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", redis_token,
+                                                  ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
+            else:
+                await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{query_user.get('user_basic_info').user_id}", redis_token,
+                                                  ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
 
             role_id_list = [item.role_id for item in query_user.get('user_role_info')]
             if 1 in role_id_list:

ruoyi-fastapi-frontend/.env.development

@@ -4,5 +4,5 @@ VITE_APP_TITLE = vfadmin管理系统
 # 开发环境配置
 VITE_APP_ENV = 'development'
 
-# 若依管理系统/开发环境
+# vfadmin管理系统/开发环境
 VITE_APP_BASE_API = '/dev-api'

ruoyi-fastapi-frontend/.env.production

@@ -4,7 +4,7 @@ VITE_APP_TITLE = vfadmin管理系统
 # 生产环境配置
 VITE_APP_ENV = 'production'
 
-# 若依管理系统/生产环境
+# vfadmin管理系统/生产环境
 VITE_APP_BASE_API = '/prod-api'
 
 # 是否在打包时开启压缩，支持 gzip 和 brotli

ruoyi-fastapi-frontend/.env.staging

@@ -1,10 +1,10 @@
 # 页面标题
-VITE_APP_TITLE = 若依管理系统
+VITE_APP_TITLE = vfadmin管理系统
 
 # 生产环境配置
 VITE_APP_ENV = 'staging'
 
-# 若依管理系统/生产环境
+# vfadmin管理系统/生产环境
 VITE_APP_BASE_API = '/stage-api'
 
 # 是否在打包时开启压缩，支持 gzip 和 brotli

ruoyi-fastapi-frontend/index.html

@@ -7,7 +7,7 @@
   <meta name="renderer" content="webkit">
   <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
   <link rel="icon" href="/favicon.ico">
-  <title>若依管理系统</title>
+  <title>vfadmin管理系统</title>
   <!--[if lt IE 11]><script>window.location.href='/html/ie.html';</script><![endif]-->
   <style>
     html,

ruoyi-fastapi-frontend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vfadmin",
-  "version": "1.0.3",
+  "version": "1.1.0",
   "description": "vfadmin管理系统",
   "author": "insistence",
   "license": "MIT",