p5keycgjv
/
DjangoBlog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: p5keycgjv:zjj_branch
Branches Tags
p5keycgjv:master
p5keycgjv:yx_branch
p5keycgjv:zjj_branch
p5keycgjv:mly_branch
p5keycgjv:yxt_branch
p5keycgjv:yh_branch
p5keycgjv:develop
p5keycgjv:main
...
pull from: p5keycgjv:master
Branches Tags
p5keycgjv:master
p5keycgjv:yx_branch
p5keycgjv:zjj_branch
p5keycgjv:mly_branch
p5keycgjv:yxt_branch
p5keycgjv:yh_branch
p5keycgjv:develop
p5keycgjv:main

36 Commits
zjj_branch ... master

Author SHA1 Message Date
云涵 71f5edccbe yh:自评报告
2 weeks ago
云涵 d67012f567 yh:开源软件泛读、标注和维护报告文档和系统讲解视频
4 weeks ago
云涵 e98389cd96 yh:系统维护和新增功能
4 weeks ago
云涵 1744a1fa7c yh:解决登出报错问题
4 weeks ago
云涵 123d4dec8c yh:本地错误解决
4 weeks ago
云涵 8fdc28e910 yh:本地错误解决
4 weeks ago
云涵 64280d764f yh:修改注释后发生的错误
4 weeks ago
云涵 e080c41f83 yh:更正组号错误
1 month ago
云涵 8ebd9be17c Merge branch 'master' of https://bdgit.educoder.net/p5keycgjv/DjangoBlog
1 month ago
云涵 3aa4a029c8 yh:上传软件需求规格说明书
1 month ago
yxt f30666db7d yxt:对accounts的精读和注释
1 month ago
yx 07cc6c4952 yx: 对oauth文件的精读和注释
1 month ago
yx 5336e15893 yx: 对oauth文件的精读和注释
1 month ago
云涵 d4786ee23b yxt:对accounts的精读和注释
1 month ago
云涵 f45bfa5ded yx:对oauth的精读和注释
1 month ago
云涵 301bb7b687 yh:上传开源软件的质量分析报告文档
1 month ago
云涵 8de51a9cb1 yh:删除文件
1 month ago
云涵 8b18fdcac7 Merge branch 'master' of https://bdgit.educoder.net/p5keycgjv/DjangoBlog
1 month ago
云涵 23531bb3cb yh:上传开源软件的质量分析报告文档
1 month ago
周俊杰 1efbacc3a7 Merge branch 'master' of https://bdgit.educoder.net/p5keycgjv/DjangoBlog
1 month ago
周俊杰 aee00e6db1 zjj:对blog代码精读和注释
1 month ago
mly d7b9ec0cbd Merge branch 'master' of https://bdgit.educoder.net/p5keycgjv/DjangoBlog
1 month ago
周俊杰 6fbd0d3307 zjj:对djangoblog代码精读和注释
1 month ago
周俊杰 3b69ce6a1a Merge branch 'master' of https://bdgit.educoder.net/p5keycgjv/DjangoBlog
1 month ago
周俊杰 4395c3dd3a 周俊杰提交
1 month ago
mly cfd0d4c62c mly:对comments的精读和注释
1 month ago
云涵 6222594a95 yh:上传编码规范文档
1 month ago
云涵 f1d2d417e4 yh:删除垃圾文件
1 month ago
云涵 af2ce65fab yh:对djangoblog代码精读和注释
1 month ago
云涵 4278feb664 云涵:根据模板重新编写软件数据模型设计说明书
2 months ago
云涵 774f90685b docs: 删除未按模板编写的泛读报告
2 months ago
云涵 22ffbd67e7 docs: 删除未按模板编写的数据模型设计和界面设计文档
2 months ago
云涵 2d51add242 云涵:根据模板重新编写软件数据模型设计说明书
2 months ago
云涵 fe784a13ca 云涵:根据模板重新编写界面设计文档
2 months ago
云涵 2a01549d5e docs: 添加Django博客系统泛读报告
2 months ago
云涵 747d2c408b src:对DjangoBlog的数据分析
2 months ago
94 changed files with 9821 additions and 1435 deletions
Show Stats

BIN
doc/实践考评-开源软件大作业项目的自评报告.xlsx
View File

Binary file not shown.

BIN
doc/开源软件泛读、标注和维护报告文档.docx
View File

Binary file not shown.

BIN
doc/开源软件泛读报告.docx
View File

Binary file not shown.

BIN
doc/开源软件的质量分析报告文档.docx
View File

Binary file not shown.

BIN
doc/系统视频讲解.mp4
View File

Binary file not shown.

BIN
doc/编码规范文档.docx
View File

Binary file not shown.

BIN
doc/软件数据模型设计说明书.docx
View File

Binary file not shown.

BIN
doc/界面设计文档.docx → doc/软件界面设计说明书.docx
View File

Binary file not shown.

BIN
doc/软件需求规格说明书.docx
View File

Binary file not shown.

112
src/DjangoBlog/accounts/admin.py
Unescape View File

@ -1,60 +1,152 @@
"""
Django管理后台用户模型配置模块
本模块配置BlogUser模型在Django管理后台的显示和编辑行为
包括自定义表单验证列表显示字段搜索过滤等功能
主要组件
- BlogUserCreationForm: 用户创建表单处理密码验证和设置
- BlogUserChangeForm: 用户信息修改表单
- BlogUserAdmin: 用户模型管理后台配置类
"""
from django import forms
from django.contrib.auth.admin import UserAdmin
from django.contrib.auth.forms import UserChangeForm
from django.contrib.auth.forms import UsernameField
from django.utils.translation import gettext_lazy as _
# Register your models here.
# 导入自定义用户模型
from .models import BlogUser
class BlogUserCreationForm(forms.ModelForm):
"""
博客用户创建表单
扩展自ModelForm专门用于在Django管理后台创建新用户
提供密码确认验证和密码哈希处理功能
"""
# 密码输入字段1 - 使用PasswordInput控件隐藏输入
password1 = forms.CharField(label=_('password'), widget=forms.PasswordInput)
# 密码输入字段2 - 用于密码确认
password2 = forms.CharField(label=_('Enter password again'), widget=forms.PasswordInput)
class Meta:
"""表单元数据配置"""
# 指定关联的模型
model = BlogUser
# 指定表单中包含的字段 - 仅包含email字段
fields = ('email',)
def clean_password2(self):
# Check that the two password entries match
"""
密码确认字段验证方法
验证两次输入的密码是否一致确保用户输入正确的密码
Returns:
str: 验证通过的密码
Raises:
forms.ValidationError: 当两次密码输入不一致时抛出验证错误
"""
# 从清洗后的数据中获取两个密码字段的值
password1 = self.cleaned_data.get("password1")
password2 = self.cleaned_data.get("password2")
# 检查两个密码是否存在且相等
if password1 and password2 and password1 != password2:
# 密码不匹配时抛出验证错误
raise forms.ValidationError(_("passwords do not match"))
# 返回验证通过的密码
return password2
def save(self, commit=True):
# Save the provided password in hashed format
"""
表单保存方法
重写保存逻辑处理密码哈希化和设置用户来源
Args:
commit (bool): 是否立即保存到数据库默认为True
Returns:
BlogUser: 保存后的用户实例
"""
# 调用父类保存方法,但不立即提交到数据库
user = super().save(commit=False)
# 使用Django的密码哈希方法设置密码
user.set_password(self.cleaned_data["password1"])
# 如果设置为立即提交,则保存用户并设置来源
if commit:
# 标记用户创建来源为管理后台
user.source = 'adminsite'
# 保存用户到数据库
user.save()
return user
class BlogUserChangeForm(UserChangeForm):
"""
博客用户信息修改表单
继承自Django的UserChangeForm用于在管理后台编辑现有用户信息
保持与Django原生用户管理表单的兼容性
"""
class Meta:
"""表单元数据配置"""
# 指定关联的模型
model = BlogUser
# 包含所有字段
fields = '__all__'
# 指定用户名字段使用Django的UsernameField类型
field_classes = {'username': UsernameField}
def __init__(self, *args, **kwargs):
"""
表单初始化方法
可以在此处添加自定义的表单初始化逻辑
"""
# 调用父类初始化方法
super().__init__(*args, **kwargs)
class BlogUserAdmin(UserAdmin):
"""
博客用户管理后台配置类
继承自Django的UserAdmin自定义BlogUser模型在管理后台的显示和行为
配置列表显示搜索排序等管理界面功能
"""
# 指定用户编辑表单
form = BlogUserChangeForm
# 指定用户创建表单
add_form = BlogUserCreationForm
# 配置列表页面显示的字段
list_display = (
'id',
'nickname',
'username',
'email',
'last_login',
'date_joined',
'source')
'id', # 用户ID
'nickname', # 用户昵称
'username', # 用户名
'email', # 邮箱地址
'last_login', # 最后登录时间
'date_joined', # 注册时间
'source' # 用户来源
)
# 配置列表中可点击跳转到编辑页面的字段
list_display_links = ('id', 'username')
# 配置默认排序规则 - 按ID倒序排列最新的在前
ordering = ('-id',)
# 配置搜索框可搜索的字段
search_fields = ('username', 'nickname', 'email')

32
src/DjangoBlog/accounts/apps.py
Unescape View File

@ -1,5 +1,37 @@
"""
Django应用配置模块
本模块定义accounts应用的配置类用于配置应用级别的设置和元数据
"""
from django.apps import AppConfig
class AccountsConfig(AppConfig):
"""
用户账户应用配置类
继承自Django的AppConfig类用于配置accounts应用的各项设置
包括应用名称显示名称初始化逻辑等
属性:
name (str): 应用的Python路径标识符Django使用此名称来识别应用
"""
# 应用名称 - 使用Python路径格式Django通过此名称识别应用
# 此名称必须与应用的目录名和INSTALLED_APPS中的配置一致
name = 'accounts'
# 可选应用的可读名称用于Django管理后台显示
# verbose_name = '用户账户'
# 可选:应用初始化方法
# def ready(self):
# """
# 应用初始化完成时调用的方法
#
# 当Django启动完成所有应用加载完毕后会自动调用此方法。
# 常用于信号注册、配置检查等初始化操作。
# """
# # 导入并注册信号处理器
# from . import signals

207
src/DjangoBlog/accounts/forms.py
Unescape View File

@ -1,3 +1,15 @@
"""
用户认证表单模块
本模块定义用户相关的Django表单包括
- 用户登录表单
- 用户注册表单
- 密码重置表单
- 验证码表单
所有表单都包含Bootstrap样式类提供一致的用户界面体验
"""
from django import forms
from django.contrib.auth import get_user_model, password_validation
from django.contrib.auth.forms import AuthenticationForm, UserCreationForm
@ -9,109 +21,254 @@ from .models import BlogUser
class LoginForm(AuthenticationForm):
"""
用户登录表单
继承自Django的AuthenticationForm添加Bootstrap样式支持
用于用户通过用户名和密码登录系统
"""
def __init__(self, *args, **kwargs):
"""
初始化表单设置字段的widget属性添加Bootstrap样式
Args:
*args: 可变位置参数
**kwargs: 可变关键字参数
"""
# 调用父类初始化方法
super(LoginForm, self).__init__(*args, **kwargs)
# 设置用户名字段的输入控件和样式
self.fields['username'].widget = widgets.TextInput(
attrs={'placeholder': "username", "class": "form-control"})
attrs={
'placeholder': "username", # 输入框占位符文本
"class": "form-control" # Bootstrap表单控件样式类
})
# 设置密码字段的输入控件和样式
self.fields['password'].widget = widgets.PasswordInput(
attrs={'placeholder': "password", "class": "form-control"})
attrs={
'placeholder': "password", # 输入框占位符文本
"class": "form-control" # Bootstrap表单控件样式类
})
class RegisterForm(UserCreationForm):
"""
用户注册表单
继承自Django的UserCreationForm扩展邮箱字段和样式支持
用于新用户注册账号包含用户名邮箱和密码确认功能
"""
def __init__(self, *args, **kwargs):
"""
初始化表单设置所有字段的widget属性添加Bootstrap样式
Args:
*args: 可变位置参数
**kwargs: 可变关键字参数
"""
# 调用父类初始化方法
super(RegisterForm, self).__init__(*args, **kwargs)
# 设置用户名字段的输入控件和样式
self.fields['username'].widget = widgets.TextInput(
attrs={'placeholder': "username", "class": "form-control"})
attrs={
'placeholder': "username", # 输入框占位符文本
"class": "form-control" # Bootstrap表单控件样式类
})
# 设置邮箱字段的输入控件和样式
self.fields['email'].widget = widgets.EmailInput(
attrs={'placeholder': "email", "class": "form-control"})
attrs={
'placeholder': "email", # 输入框占位符文本
"class": "form-control" # Bootstrap表单控件样式类
})
# 设置密码字段的输入控件和样式
self.fields['password1'].widget = widgets.PasswordInput(
attrs={'placeholder': "password", "class": "form-control"})
attrs={
'placeholder': "password", # 输入框占位符文本
"class": "form-control" # Bootstrap表单控件样式类
})
# 设置密码确认字段的输入控件和样式
self.fields['password2'].widget = widgets.PasswordInput(
attrs={'placeholder': "repeat password", "class": "form-control"})
attrs={
'placeholder': "repeat password", # 输入框占位符文本
"class": "form-control" # Bootstrap表单控件样式类
})
def clean_email(self):
"""
邮箱字段验证方法
验证邮箱是否已被注册确保邮箱地址的唯一性
Returns:
str: 验证通过的邮箱地址
Raises:
ValidationError: 当邮箱已被注册时抛出验证错误
"""
# 获取清洗后的邮箱数据
email = self.cleaned_data['email']
# 检查邮箱是否已存在
if get_user_model().objects.filter(email=email).exists():
# 抛出验证错误,提示邮箱已存在
raise ValidationError(_("email already exists"))
# 返回验证通过的邮箱
return email
class Meta:
"""表单元数据配置"""
# 指定关联的用户模型
model = get_user_model()
# 指定表单中包含的字段
fields = ("username", "email")
class ForgetPasswordForm(forms.Form):
"""
忘记密码重置表单
用于用户通过邮箱和验证码重置密码包含密码强度验证和验证码校验
"""
# 新密码字段1
new_password1 = forms.CharField(
label=_("New password"),
label=_("New password"), # 字段标签
widget=forms.PasswordInput(
attrs={
"class": "form-control",
'placeholder': _("New password")
"class": "form-control", # Bootstrap样式类
'placeholder': _("New password") # 占位符文本
}
),
)
# 新密码字段2 - 用于密码确认
new_password2 = forms.CharField(
label="确认密码",
label="确认密码", # 中文标签
widget=forms.PasswordInput(
attrs={
"class": "form-control",
'placeholder': _("Confirm password")
"class": "form-control", # Bootstrap样式类
'placeholder': _("Confirm password") # 占位符文本
}
),
)
# 邮箱字段 - 用于标识用户和发送验证码
email = forms.EmailField(
label='邮箱',
label='邮箱', # 中文标签
widget=forms.TextInput(
attrs={
'class': 'form-control',
'placeholder': _("Email")
'class': 'form-control', # Bootstrap样式类
'placeholder': _("Email") # 占位符文本
}
),
)
# 验证码字段 - 用于验证用户身份
code = forms.CharField(
label=_('Code'),
label=_('Code'), # 字段标签
widget=forms.TextInput(
attrs={
'class': 'form-control',
'placeholder': _("Code")
'class': 'form-control', # Bootstrap样式类
'placeholder': _("Code") # 占位符文本
}
),
)
def clean_new_password2(self):
"""
密码确认字段验证方法
验证两次输入的密码是否一致并检查密码强度
Returns:
str: 验证通过的密码
Raises:
ValidationError: 当密码不匹配或强度不足时抛出验证错误
"""
# 从请求数据中获取两个密码字段的值
password1 = self.data.get("new_password1")
password2 = self.data.get("new_password2")
# 检查两个密码是否存在且相等
if password1 and password2 and password1 != password2:
# 密码不匹配时抛出验证错误
raise ValidationError(_("passwords do not match"))
# 使用Django内置密码验证器验证密码强度
password_validation.validate_password(password2)
# 返回验证通过的密码
return password2
def clean_email(self):
"""
邮箱字段验证方法
验证邮箱是否在系统中注册过
Returns:
str: 验证通过的邮箱地址
Raises:
ValidationError: 当邮箱未注册时抛出验证错误
"""
# 获取清洗后的邮箱数据
user_email = self.cleaned_data.get("email")
if not BlogUser.objects.filter(
email=user_email
).exists():
# todo 这里的报错提示可以判断一个邮箱是不是注册过,如果不想暴露可以修改
# 检查邮箱是否存在于用户数据库中
if not BlogUser.objects.filter(email=user_email).exists():
# TODO: 这里会暴露邮箱是否注册的信息,根据安全需求可修改提示
raise ValidationError(_("email does not exist"))
return user_email
def clean_code(self):
"""
验证码字段验证方法
验证邮箱和验证码的匹配关系
Returns:
str: 验证通过的验证码
Raises:
ValidationError: 当验证码无效或过期时抛出验证错误
"""
# 获取清洗后的验证码数据
code = self.cleaned_data.get("code")
# 调用utils模块的verify函数验证验证码
error = utils.verify(
email=self.cleaned_data.get("email"),
code=code,
email=self.cleaned_data.get("email"), # 邮箱地址
code=code, # 验证码
)
# 如果验证返回错误信息,抛出验证错误
if error:
raise ValidationError(error)
return code
class ForgetPasswordCodeForm(forms.Form):
"""
忘记密码验证码请求表单
用于用户请求发送密码重置验证码仅包含邮箱字段
"""
# 邮箱字段 - 用于发送验证码
email = forms.EmailField(
label=_('Email'),
label=_('Email'), # 字段标签
# 可以添加widget配置来设置样式
)

101
src/DjangoBlog/accounts/migrations/0001_initial.py
Unescape View File

@ -1,3 +1,16 @@
"""
用户账户应用数据库迁移文件
本迁移文件由Django自动生成用于创建自定义用户模型的数据库表结构
扩展了Django内置的AbstractUser模型添加了博客系统特有的用户字段
生成的表结构
- accounts_bloguser: 自定义博客用户表继承Django用户认证系统的所有功能
迁移依赖
- 依赖于Django auth应用的group和permission模型
"""
# Generated by Django 4.1.7 on 2023-03-02 07:14
import django.contrib.auth.models
@ -7,42 +20,118 @@ import django.utils.timezone
class Migration(migrations.Migration):
"""
用户账户应用初始迁移类
继承自migrations.Migration定义自定义用户模型的数据库表创建操作
initial = True 表示这是该应用的第一个迁移文件
主要功能
- 创建自定义用户模型BlogUser的数据库表
- 继承Django认证系统的所有基础字段
- 添加博客系统特有的自定义字段
- 设置模型的管理器和配置选项
"""
# 标记为初始迁移文件Django迁移系统会首先执行此文件
initial = True
# 定义迁移依赖关系
dependencies = [
# 声明对Django认证系统组的依赖
# 使用auth应用的0012迁移文件确保用户权限系统正常工作
('auth', '0012_alter_user_first_name_max_length'),
]
# 定义迁移操作序列
operations = [
# 创建博客用户表的迁移操作
migrations.CreateModel(
# 模型名称 - 对应数据库表名 accounts_bloguser
name='BlogUser',
# 定义模型字段列表
fields=[
# 主键字段 - 使用BigAutoField作为自增主键
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
# 密码字段 - Django认证系统标准字段存储加密后的密码
('password', models.CharField(max_length=128, verbose_name='password')),
# 最后登录时间字段 - 记录用户最后一次登录的时间
('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
# 超级用户标志字段 - 标识用户是否拥有所有权限
('is_superuser', models.BooleanField(default=False,
help_text='Designates that this user has all permissions without explicitly assigning them.',
verbose_name='superuser status')),
# 用户名字段 - 唯一标识用户的字段,包含验证器和错误消息
('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'},
help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.',
max_length=150, unique=True,
validators=[django.contrib.auth.validators.UnicodeUsernameValidator()],
verbose_name='username')),
# 名字字段 - 用户的名字(西方命名习惯)
('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
# 姓氏字段 - 用户的姓氏(西方命名习惯)
('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
# 邮箱字段 - 用户的电子邮箱地址
('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
# 员工状态字段 - 标识用户是否可以登录管理后台
('is_staff', models.BooleanField(default=False,
help_text='Designates whether the user can log into this admin site.',
verbose_name='staff status')),
# 活跃状态字段 - 标识用户账号是否激活(软删除机制)
('is_active', models.BooleanField(default=True,
help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.',
verbose_name='active')),
# 注册时间字段 - 记录用户账号创建的时间
('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
# 昵称字段 - 博客系统自定义字段,用户显示名称
('nickname', models.CharField(blank=True, max_length=100, verbose_name='昵称')),
# 创建时间字段 - 博客系统自定义字段,记录创建时间
('created_time', models.DateTimeField(default=django.utils.timezone.now, verbose_name='创建时间')),
# 最后修改时间字段 - 博客系统自定义字段,记录最后修改时间
('last_mod_time', models.DateTimeField(default=django.utils.timezone.now, verbose_name='修改时间')),
# 来源字段 - 博客系统自定义字段记录用户创建来源如注册、OAuth等
('source', models.CharField(blank=True, max_length=100, verbose_name='创建来源')),
('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.group', verbose_name='groups')),
('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.permission', verbose_name='user permissions')),
# 组关联字段 - Django权限系统的组多对多关联
('groups', models.ManyToManyField(blank=True,
help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.',
related_name='user_set', related_query_name='user', to='auth.group',
verbose_name='groups')),
# 权限关联字段 - Django权限系统的用户权限多对多关联
('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.',
related_name='user_set', related_query_name='user',
to='auth.permission', verbose_name='user permissions')),
],
# 模型元数据配置
options={
# 管理后台单数显示名称(中文)
'verbose_name': '用户',
# 管理后台复数显示名称(中文)
'verbose_name_plural': '用户',
# 默认排序规则 - 按ID倒序排列最新的记录在前
'ordering': ['-id'],
# 指定获取最新记录的字段 - 使用id字段确定最新记录
'get_latest_by': 'id',
},
# 定义模型管理器
managers=[
# 使用Django内置的UserManager管理用户对象
# 提供create_user、create_superuser等用户管理方法
('objects', django.contrib.auth.models.UserManager()),
],
),

56
src/DjangoBlog/accounts/migrations/0002_alter_bloguser_options_remove_bloguser_created_time_and_more.py
Unescape View File

@ -1,3 +1,14 @@
"""
用户账户应用数据库迁移文件 - 字段优化更新
本迁移文件对初始用户模型进行字段优化和国际化改进
- 重命名时间字段使用更清晰的英文命名
- 更新字段显示名称统一使用英文verbose_name
- 移除冗余字段优化数据库结构
这是对0001_initial迁移的后续更新依赖于初始迁移创建的表结构
"""
# Generated by Django 4.2.5 on 2023-09-06 13:13
from django.db import migrations, models
@ -5,42 +16,85 @@ import django.utils.timezone
class Migration(migrations.Migration):
"""
用户模型字段优化迁移类
对BlogUser模型进行字段级别的优化和改进
- 标准化字段命名约定
- 改进国际化支持
- 优化时间字段的语义清晰度
此迁移依赖于accounts应用的0001_initial迁移文件
"""
# 定义迁移依赖关系 - 依赖于本应用的初始迁移
dependencies = [
# 依赖accounts应用的第一个迁移文件确保BlogUser表已创建
('accounts', '0001_initial'),
]
# 定义迁移操作序列 - 按顺序执行以下数据库变更
operations = [
# 修改模型选项 - 更新管理后台显示名称
migrations.AlterModelOptions(
name='bloguser',
options={'get_latest_by': 'id', 'ordering': ['-id'], 'verbose_name': 'user', 'verbose_name_plural': 'user'},
options={
# 指定获取最新记录的字段 - 保持使用id字段
'get_latest_by': 'id',
# 保持默认排序规则 - 按ID倒序排列
'ordering': ['-id'],
# 更新单数显示名称为英文
'verbose_name': 'user',
# 更新复数显示名称为英文
'verbose_name_plural': 'user'
},
),
# 移除字段 - 删除created_time字段
# 该字段功能被creation_time字段替代
migrations.RemoveField(
model_name='bloguser',
name='created_time',
),
# 移除字段 - 删除last_mod_time字段
# 该字段功能被last_modify_time字段替代
migrations.RemoveField(
model_name='bloguser',
name='last_mod_time',
),
# 添加新字段 - 创建时间字段(新命名)
migrations.AddField(
model_name='bloguser',
name='creation_time',
# 使用DateTimeField存储完整的时间戳
# default参数使用Django的时区感知当前时间
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='creation time'),
),
# 添加新字段 - 最后修改时间字段(新命名)
migrations.AddField(
model_name='bloguser',
name='last_modify_time',
# 使用DateTimeField存储完整的时间戳
# default参数使用Django的时区感知当前时间
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='last modify time'),
),
# 修改字段选项 - 更新昵称字段的显示名称
migrations.AlterField(
model_name='bloguser',
name='nickname',
# 保持字段类型和约束不变仅更新verbose_name为英文
field=models.CharField(blank=True, max_length=100, verbose_name='nick name'),
),
# 修改字段选项 - 更新来源字段的显示名称
migrations.AlterField(
model_name='bloguser',
name='source',
# 保持字段类型和约束不变仅更新verbose_name为英文
field=models.CharField(blank=True, max_length=100, verbose_name='create source'),
),
]

110
src/DjangoBlog/accounts/models.py
Unescape View File

@ -1,3 +1,10 @@
"""
自定义用户模型模块
本模块定义博客系统的自定义用户模型BlogUser扩展Django内置的AbstractUser模型
添加博客系统特有的用户字段和方法
"""
from django.contrib.auth.models import AbstractUser
from django.db import models
from django.urls import reverse
@ -6,30 +13,113 @@ from django.utils.translation import gettext_lazy as _
from djangoblog.utils import get_current_site
# Create your models here.
class BlogUser(AbstractUser):
nickname = models.CharField(_('nick name'), max_length=100, blank=True)
creation_time = models.DateTimeField(_('creation time'), default=now)
last_modify_time = models.DateTimeField(_('last modify time'), default=now)
source = models.CharField(_('create source'), max_length=100, blank=True)
"""
博客系统自定义用户模型
继承自Django的AbstractUser在标准用户模型基础上添加博客系统特有的字段
- 昵称字段
- 创建时间字段
- 最后修改时间字段
- 用户来源字段
同时提供获取用户相关URL的便捷方法
"""
# 昵称字段 - 用户的显示名称,可以为空
nickname = models.CharField(
_('nick name'), # 字段显示名称(支持国际化)
max_length=100, # 最大长度100字符
blank=True # 允许为空(非必填字段)
)
# 创建时间字段 - 记录用户账号创建的时间
creation_time = models.DateTimeField(
_('creation time'), # 字段显示名称(支持国际化)
default=now # 默认值为当前时间
)
# 最后修改时间字段 - 记录用户信息最后修改的时间
last_modify_time = models.DateTimeField(
_('last modify time'), # 字段显示名称(支持国际化)
default=now # 默认值为当前时间
)
# 用户来源字段 - 记录用户账号的创建来源
source = models.CharField(
_('create source'), # 字段显示名称(支持国际化)
max_length=100, # 最大长度100字符
blank=True # 允许为空(非必填字段)
)
def get_absolute_url(self):
"""
获取用户的绝对URL相对路径
用于Django的通用视图和模板中生成用户详情页链接
Returns:
str: 用户详情页的URL路径
Example:
>>> user.get_absolute_url()
'/author/admin/'
"""
# 使用reverse函数通过URL名称和参数生成URL路径
return reverse(
'blog:author_detail', kwargs={
'author_name': self.username})
'blog:author_detail', # URL配置的名称
kwargs={
'author_name': self.username # URL参数作者用户名
})
def __str__(self):
"""
对象字符串表示方法
定义模型实例在Django管理后台和shell中的显示内容
Returns:
str: 用户的邮箱地址
"""
return self.email
def get_full_url(self):
"""
获取用户的完整URL包含域名
生成包含协议和域名的完整用户详情页URL用于外部链接
Returns:
str: 完整的用户详情页URL
Example:
>>> user.get_full_url()
'https://example.com/author/admin/'
"""
# 获取当前站点的域名
site = get_current_site().domain
url = "https://{site}{path}".format(site=site,
path=self.get_absolute_url())
# 生成完整的URL包含HTTPS协议和域名
url = "https://{site}{path}".format(
site=site, # 站点域名
path=self.get_absolute_url() # 相对路径
)
return url
class Meta:
"""
模型元数据配置类
定义模型的数据库表配置和Django管理后台显示选项
"""
# 默认排序规则 - 按ID倒序排列最新的记录在前
ordering = ['-id']
# 管理后台单数显示名称(支持国际化)
verbose_name = _('user')
# 管理后台复数显示名称 - 使用与单数相同的名称
verbose_name_plural = verbose_name
# 指定获取最新记录的字段 - 使用id字段确定最新记录1
get_latest_by = 'id'

145
src/DjangoBlog/accounts/tests.py
Unescape View File

@ -1,3 +1,10 @@
"""
用户账户应用测试模块
本模块包含用户账户相关的所有测试用例覆盖用户注册登录密码重置
邮箱验证等核心功能的测试
"""
from django.test import Client, RequestFactory, TestCase
from django.urls import reverse
from django.utils import timezone
@ -9,128 +16,203 @@ from djangoblog.utils import *
from . import utils
# Create your tests here.
class AccountTest(TestCase):
"""
用户账户功能测试类
测试用户账户相关的所有功能包括
- 用户认证和登录
- 用户注册流程
- 邮箱验证码功能
- 密码重置流程
- 权限访问控制
"""
def setUp(self):
"""
测试初始化方法
在每个测试方法执行前运行创建测试所需的初始数据和环境
"""
# 创建测试客户端用于模拟HTTP请求
self.client = Client()
# 创建请求工厂,用于构建请求对象
self.factory = RequestFactory()
# 创建测试用户
self.blog_user = BlogUser.objects.create_user(
username="test",
email="admin@admin.com",
password="12345678"
)
# 设置测试用的新密码
self.new_test = "xxx123--="
def test_validate_account(self):
"""
测试账户验证和权限功能
验证超级用户的创建登录管理后台访问和文章管理权限
"""
# 创建超级用户
site = get_current_site().domain
user = BlogUser.objects.create_superuser(
email="liangliangyy1@gmail.com",
username="liangliangyy1",
password="qwer!@#$ggg")
# 从数据库获取刚创建的用户
testuser = BlogUser.objects.get(username='liangliangyy1')
# 测试用户登录功能
loginresult = self.client.login(
username='liangliangyy1',
password='qwer!@#$ggg')
# 断言登录成功
self.assertEqual(loginresult, True)
# 测试管理后台访问权限
response = self.client.get('/admin/')
self.assertEqual(response.status_code, 200)
# 创建测试分类
category = Category()
category.name = "categoryaaa"
category.creation_time = timezone.now()
category.last_modify_time = timezone.now()
category.save()
# 创建测试文章
article = Article()
article.title = "nicetitleaaa"
article.body = "nicecontentaaa"
article.author = user
article.category = category
article.type = 'a'
article.status = 'p'
article.type = 'a' # 文章类型
article.status = 'p' # 发布状态
article.save()
# 测试文章管理页面访问权限
response = self.client.get(article.get_admin_url())
self.assertEqual(response.status_code, 200)
def test_validate_register(self):
"""
测试用户注册完整流程
验证用户注册邮箱验证登录权限提升和文章管理的完整流程
"""
# 验证注册前用户不存在
self.assertEquals(
0, len(
BlogUser.objects.filter(
email='user123@user.com')))
# 提交用户注册表单
response = self.client.post(reverse('account:register'), {
'username': 'user1233',
'email': 'user123@user.com',
'password1': 'password123!q@wE#R$T',
'password2': 'password123!q@wE#R$T',
})
# 验证用户已成功创建
self.assertEquals(
1, len(
BlogUser.objects.filter(
email='user123@user.com')))
# 获取新创建的用户
user = BlogUser.objects.filter(email='user123@user.com')[0]
# 生成邮箱验证签名
sign = get_sha256(get_sha256(settings.SECRET_KEY + str(user.id)))
path = reverse('accounts:result')
url = '{path}?type=validation&id={id}&sign={sign}'.format(
path=path, id=user.id, sign=sign)
# 访问验证结果页面
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
# 测试用户登录
self.client.login(username='user1233', password='password123!q@wE#R$T')
# 提升用户权限为超级用户
user = BlogUser.objects.filter(email='user123@user.com')[0]
user.is_superuser = True
user.is_staff = True
user.save()
# 清理侧边栏缓存
delete_sidebar_cache()
# 创建测试分类
category = Category()
category.name = "categoryaaa"
category.creation_time = timezone.now()
category.last_modify_time = timezone.now()
category.save()
# 创建测试文章
article = Article()
article.category = category
article.title = "nicetitle333"
article.body = "nicecontentttt"
article.author = user
article.type = 'a'
article.status = 'p'
article.type = 'a' # 文章类型
article.status = 'p' # 发布状态
article.save()
# 测试文章管理页面访问
response = self.client.get(article.get_admin_url())
self.assertEqual(response.status_code, 200)
# 测试用户登出
response = self.client.get(reverse('account:logout'))
self.assertIn(response.status_code, [301, 302, 200])
# 验证登出后无法访问管理页面
response = self.client.get(article.get_admin_url())
self.assertIn(response.status_code, [301, 302, 200])
# 测试错误密码登录
response = self.client.post(reverse('account:login'), {
'username': 'user1233',
'password': 'password123'
'password': 'password123' # 错误密码
})
self.assertIn(response.status_code, [301, 302, 200])
# 验证错误密码登录后仍无法访问管理页面
response = self.client.get(article.get_admin_url())
self.assertIn(response.status_code, [301, 302, 200])
def test_verify_email_code(self):
"""
测试邮箱验证码功能
验证验证码的生成发送存储和验证流程
"""
to_email = "admin@admin.com"
# 生成验证码
code = generate_code()
# 存储验证码
utils.set_code(to_email, code)
# 发送验证邮件
utils.send_verify_email(to_email, code)
# 测试正确验证码验证
err = utils.verify("admin@admin.com", code)
self.assertEqual(err, None)
self.assertEqual(err, None) # 验证成功应返回None
# 测试错误邮箱验证
err = utils.verify("admin@123.com", code)
self.assertEqual(type(err), str)
self.assertEqual(type(err), str) # 验证失败应返回错误信息字符串
def test_forget_password_email_code_success(self):
"""
测试忘记密码验证码请求成功场景
验证正确邮箱地址的验证码请求处理
"""
resp = self.client.post(
path=reverse("account:forget_password_code"),
data=dict(email="admin@admin.com")
@ -140,32 +222,49 @@ class AccountTest(TestCase):
self.assertEqual(resp.content.decode("utf-8"), "ok")
def test_forget_password_email_code_fail(self):
"""
测试忘记密码验证码请求失败场景
验证空邮箱和错误格式邮箱的请求处理
"""
# 测试空邮箱提交
resp = self.client.post(
path=reverse("account:forget_password_code"),
data=dict()
data=dict() # 空数据
)
self.assertEqual(resp.content.decode("utf-8"), "错误的邮箱")
# 测试错误格式邮箱提交
resp = self.client.post(
path=reverse("account:forget_password_code"),
data=dict(email="admin@com")
data=dict(email="admin@com") # 无效邮箱格式
)
self.assertEqual(resp.content.decode("utf-8"), "错误的邮箱")
def test_forget_password_email_success(self):
"""
测试忘记密码重置成功场景
验证正确的验证码和密码重置流程
"""
# 生成并设置验证码
code = generate_code()
utils.set_code(self.blog_user.email, code)
# 准备密码重置数据
data = dict(
new_password1=self.new_test,
new_password2=self.new_test,
email=self.blog_user.email,
code=code,
)
# 提交密码重置请求
resp = self.client.post(
path=reverse("account:forget_password"),
data=data
)
self.assertEqual(resp.status_code, 302)
self.assertEqual(resp.status_code, 302) # 重定向响应
# 验证用户密码是否修改成功
blog_user = BlogUser.objects.filter(
@ -175,10 +274,15 @@ class AccountTest(TestCase):
self.assertEqual(blog_user.check_password(data["new_password1"]), True)
def test_forget_password_email_not_user(self):
"""
测试不存在的用户密码重置
验证对不存在用户的密码重置请求处理
"""
data = dict(
new_password1=self.new_test,
new_password2=self.new_test,
email="123@123.com",
email="123@123.com", # 不存在的邮箱
code="123456",
)
resp = self.client.post(
@ -186,22 +290,25 @@ class AccountTest(TestCase):
data=data
)
self.assertEqual(resp.status_code, 200)
self.assertEqual(resp.status_code, 200) # 应返回表单错误页面
def test_forget_password_email_code_error(self):
"""
测试错误验证码的密码重置
验证错误验证码的密码重置请求处理
"""
code = generate_code()
utils.set_code(self.blog_user.email, code)
data = dict(
new_password1=self.new_test,
new_password2=self.new_test,
email=self.blog_user.email,
code="111111",
code="111111", # 错误的验证码
)
resp = self.client.post(
path=reverse("account:forget_password"),
data=data
)
self.assertEqual(resp.status_code, 200)
self.assertEqual(resp.status_code, 200) # 应返回表单错误页面

72
src/DjangoBlog/accounts/urls.py
Unescape View File

@ -1,28 +1,60 @@
"""
用户账户应用URL配置模块
本模块定义用户账户相关的所有URL路由包括登录注册登出
密码重置等用户认证相关的端点
URL模式使用正则表达式和路径转换器来匹配不同的用户操作请求
"""
from django.urls import path
from django.urls import re_path
# 导入视图模块
from . import views
# 导入自定义登录表单
from .forms import LoginForm
# 应用命名空间用于URL反向解析
app_name = "accounts"
urlpatterns = [re_path(r'^login/$',
views.LoginView.as_view(success_url='/'),
name='login',
kwargs={'authentication_form': LoginForm}),
re_path(r'^register/$',
views.RegisterView.as_view(success_url="/"),
name='register'),
re_path(r'^logout/$',
views.LogoutView.as_view(),
name='logout'),
path(r'account/result.html',
views.account_result,
name='result'),
re_path(r'^forget_password/$',
views.ForgetPasswordView.as_view(),
name='forget_password'),
re_path(r'^forget_password_code/$',
views.ForgetPasswordEmailCode.as_view(),
name='forget_password_code'),
]
# URL模式列表定义请求URL与视图的映射关系
urlpatterns = [
# 用户登录URL
re_path(r'^login/$', # 匹配 /login/ 路径
# 使用类视图设置登录成功后的重定向URL为首页
views.LoginView.as_view(success_url='/'),
name='login', # URL名称用于反向解析
# 传递额外参数,指定使用自定义登录表单
kwargs={'authentication_form': LoginForm}),
# 用户注册URL
re_path(r'^register/$', # 匹配 /register/ 路径
# 使用类视图设置注册成功后的重定向URL为首页
views.RegisterView.as_view(success_url="/"),
name='register'), # URL名称用于反向解析
# 用户登出URL
re_path(r'^logout/$', # 匹配 /logout/ 路径
# 使用类视图,处理用户登出逻辑
views.LogoutView.as_view(),
name='logout'), # URL名称用于反向解析
# 账户操作结果页面URL
path(r'account/result.html', # 匹配 /account/result.html 路径
# 使用函数视图,显示账户操作结果(如注册成功、验证结果等)
views.account_result,
name='result'), # URL名称用于反向解析
# 忘记密码页面URL
re_path(r'^forget_password/$', # 匹配 /forget_password/ 路径
# 使用类视图,处理密码重置请求
views.ForgetPasswordView.as_view(),
name='forget_password'), # URL名称用于反向解析
# 忘记密码验证码请求URL
re_path(r'^forget_password_code/$', # 匹配 /forget_password_code/ 路径
# 使用类视图,处理发送密码重置验证码的请求
views.ForgetPasswordEmailCode.as_view(),
name='forget_password_code'), # URL名称用于反向解析
]

67
src/DjangoBlog/accounts/user_login_backend.py
Unescape View File

@ -1,26 +1,91 @@
"""
自定义用户认证后端模块
本模块提供扩展的用户认证功能支持使用用户名或邮箱进行登录
扩展了Django标准的ModelBackend认证后端
"""
from django.contrib.auth import get_user_model
from django.contrib.auth.backends import ModelBackend
class EmailOrUsernameModelBackend(ModelBackend):
"""
允许使用用户名或邮箱登录
自定义用户认证后端 - 支持用户名或邮箱登录
继承自Django的ModelBackend扩展认证功能
- 允许用户使用用户名或邮箱地址进行登录
- 自动检测输入的是用户名还是邮箱格式
- 保持与Django原生认证系统的兼容性
使用场景
当用户输入包含'@'符号时系统将其识别为邮箱进行认证
否则将其识别为用户名进行认证
"""
def authenticate(self, request, username=None, password=None, **kwargs):
"""
用户认证方法
重写认证逻辑支持通过用户名或邮箱进行用户身份验证
Args:
request: HttpRequest对象包含请求信息
username (str): 用户输入的用户名或邮箱地址
password (str): 用户输入的密码
**kwargs: 其他关键字参数
Returns:
User: 认证成功的用户对象
None: 认证失败返回None
Example:
>>> backend = EmailOrUsernameModelBackend()
>>> # 使用用户名认证
>>> user = backend.authenticate(request, username='admin', password='password')
>>> # 使用邮箱认证
>>> user = backend.authenticate(request, username='admin@example.com', password='password')
"""
# 判断输入的是邮箱还是用户名
if '@' in username:
# 如果包含'@'符号,按邮箱处理
kwargs = {'email': username}
else:
# 否则按用户名处理
kwargs = {'username': username}
try:
# 根据用户名或邮箱查找用户
user = get_user_model().objects.get(**kwargs)
# 验证密码是否正确
if user.check_password(password):
# 密码验证成功,返回用户对象
return user
except get_user_model().DoesNotExist:
# 用户不存在返回None表示认证失败
return None
def get_user(self, username):
"""
根据用户ID获取用户对象
重写用户获取方法通过用户ID主键获取用户实例
Args:
username (int/str): 用户的ID主键值
Returns:
User: 对应的用户对象
None: 用户不存在时返回None
Note:
这里的参数名username实际上是用户ID这是为了保持与父类接口一致
"""
try:
# 根据主键用户ID查找用户
return get_user_model().objects.get(pk=username)
except get_user_model().DoesNotExist:
# 用户不存在返回None
return None

106
src/DjangoBlog/accounts/utils.py
Unescape View File

@ -1,3 +1,15 @@
"""
邮箱验证码工具模块
本模块提供邮箱验证码的生成发送验证和缓存管理功能
用于用户注册密码重置等需要邮箱验证的场景
主要功能
- 发送验证码邮件
- 验证码的存储和读取
- 验证码有效性验证
"""
import typing
from datetime import timedelta
@ -7,43 +19,109 @@ from django.utils.translation import gettext_lazy as _
from djangoblog.utils import send_email
# 验证码有效期配置 - 5分钟
_code_ttl = timedelta(minutes=5)
def send_verify_email(to_mail: str, code: str, subject: str = _("Verify Email")):
"""发送重设密码验证码
"""
发送验证码邮件
向指定邮箱发送包含验证码的邮件用于用户身份验证
Args:
to_mail: 接受邮箱
subject: 邮件主题
code: 验证码
to_mail (str): 接收邮件的邮箱地址
code (str): 要发送的验证码
subject (str): 邮件主题默认为"Verify Email"
Example:
>>> send_verify_email("user@example.com", "123456")
# 向user@example.com发送验证码123456
"""
# 构建邮件HTML内容包含验证码信息
html_content = _(
"You are resetting the password, the verification code is%(code)s, valid within 5 minutes, please keep it "
"properly") % {'code': code}
# 调用邮件发送工具发送邮件
send_email([to_mail], subject, html_content)
def verify(email: str, code: str) -> typing.Optional[str]:
"""验证code是否有效
"""
验证验证码是否有效
检查用户输入的验证码与缓存中存储的是否一致并验证有效性
Args:
email: 请求邮箱
code: 验证码
Return:
如果有错误就返回错误str
Node:
这里的错误处理不太合理应该采用raise抛出
否测调用方也需要对error进行处理
email (str): 用户邮箱地址作为缓存键
code (str): 用户输入的验证码
Returns:
typing.Optional[str]:
- None: 验证码正确且有效
- str: 错误信息字符串验证码错误或无效
Note:
当前错误处理方式不够合理应该使用异常抛出机制
这样调用方可以通过try-except处理错误而不是检查返回值
Example:
>>> result = verify("user@example.com", "123456")
>>> if result:
>>> print(f"验证失败: {result}")
>>> else:
>>> print("验证成功")
"""
# 从缓存中获取该邮箱对应的验证码
cache_code = get_code(email)
# 比较用户输入的验证码与缓存中的验证码
if cache_code != code:
# 验证码不匹配,返回错误信息
return gettext("Verification code error")
# 验证成功返回None
def set_code(email: str, code: str):
"""设置code"""
"""
设置验证码到缓存
将验证码存储到Django缓存系统中并设置有效期
Args:
email (str): 邮箱地址作为缓存键
code (str): 要存储的验证码
Example:
>>> set_code("user@example.com", "123456")
# 将验证码123456存储到缓存键为"user@example.com"
"""
# 使用Django缓存系统存储验证码设置5分钟有效期
cache.set(email, code, _code_ttl.seconds)
def get_code(email: str) -> typing.Optional[str]:
"""获取code"""
"""
从缓存中获取验证码
根据邮箱地址从缓存中获取对应的验证码
Args:
email (str): 邮箱地址作为缓存键
Returns:
typing.Optional[str]:
- str: 找到的验证码
- None: 验证码不存在或已过期
Example:
>>> code = get_code("user@example.com")
>>> if code:
>>> print(f"验证码是: {code}")
>>> else:
>>> print("验证码不存在或已过期")
"""
# 从Django缓存系统中获取验证码
return cache.get(email)

181
src/DjangoBlog/accounts/views.py
Unescape View File

@ -1,3 +1,15 @@
"""
用户账户视图模块
本模块包含用户账户相关的所有视图处理逻辑包括
- 用户注册登录登出
- 邮箱验证
- 密码重置
- 验证码发送
使用类视图和函数视图结合的方式处理用户认证流程
"""
import logging
from django.utils.translation import gettext_lazy as _
from django.conf import settings
@ -26,34 +38,68 @@ from . import utils
from .forms import RegisterForm, LoginForm, ForgetPasswordForm, ForgetPasswordCodeForm
from .models import BlogUser
# 配置日志记录器
logger = logging.getLogger(__name__)
# Create your views here.
class RegisterView(FormView):
"""
用户注册视图
处理新用户注册流程包括表单验证用户创建邮箱验证邮件发送等
"""
# 指定使用的表单类
form_class = RegisterForm
# 指定注册页面模板
template_name = 'account/registration_form.html'
@method_decorator(csrf_protect)
def dispatch(self, *args, **kwargs):
"""
请求分发方法添加CSRF保护装饰器
确保注册请求受到CSRF保护防止跨站请求伪造攻击
"""
return super(RegisterView, self).dispatch(*args, **kwargs)
def form_valid(self, form):
"""
表单验证通过后的处理逻辑
创建新用户发送验证邮件重定向到结果页面
Args:
form: 验证通过的注册表单实例
Returns:
HttpResponseRedirect: 重定向到结果页面
"""
if form.is_valid():
# 创建用户但不立即保存到数据库
user = form.save(False)
# 设置用户为非激活状态,等待邮箱验证
user.is_active = False
# 记录用户来源为注册页面
user.source = 'Register'
# 保存用户到数据库
user.save(True)
# 获取当前站点域名
site = get_current_site().domain
# 生成邮箱验证签名
sign = get_sha256(get_sha256(settings.SECRET_KEY + str(user.id)))
# 调试模式下使用本地地址
if settings.DEBUG:
site = '127.0.0.1:8000'
# 构建验证URL
path = reverse('account:result')
url = "http://{site}{path}?type=validation&id={id}&sign={sign}".format(
site=site, path=path, id=user.id, sign=sign)
# 构建邮件内容
content = """
<p>请点击下面链接验证您的邮箱</p>
@ -64,6 +110,8 @@ class RegisterView(FormView):
如果上面链接无法打开请将此链接复制至浏览器
{url}
""".format(url=url)
# 发送验证邮件
send_email(
emailto=[
user.email,
@ -71,43 +119,88 @@ class RegisterView(FormView):
title='验证您的电子邮箱',
content=content)
# 重定向到注册结果页面
url = reverse('accounts:result') + \
'?type=register&id=' + str(user.id)
return HttpResponseRedirect(url)
else:
# 表单验证失败,重新渲染表单页面
return self.render_to_response({
'form': form
})
class LogoutView(RedirectView):
"""
用户登出视图
处理用户登出逻辑清理会话和缓存
"""
# 登出后重定向到的URL
url = '/login/'
@method_decorator(never_cache)
def dispatch(self, request, *args, **kwargs):
"""
请求分发方法添加不缓存装饰器
确保登出页面不会被浏览器缓存
"""
return super(LogoutView, self).dispatch(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
"""
处理GET请求的登出逻辑
执行用户登出操作清理侧边栏缓存
"""
# 执行用户登出
logout(request)
# 清理侧边栏缓存
delete_sidebar_cache()
# 调用父类方法进行重定向
return super(LogoutView, self).get(request, *args, **kwargs)
class LoginView(FormView):
"""
用户登录视图
处理用户登录认证支持记住登录状态功能
"""
# 指定使用的表单类
form_class = LoginForm
# 指定登录页面模板
template_name = 'account/login.html'
# 登录成功后的默认重定向URL
success_url = '/'
# 重定向字段名称
redirect_field_name = REDIRECT_FIELD_NAME
login_ttl = 2626560 # 一个月的时间
# 记住登录状态的会话有效期(一个月)
login_ttl = 2626560
@method_decorator(sensitive_post_parameters('password'))
@method_decorator(csrf_protect)
@method_decorator(never_cache)
def dispatch(self, request, *args, **kwargs):
"""
请求分发方法添加安全装饰器
- sensitive_post_parameters: 保护密码参数
- csrf_protect: CSRF保护
- never_cache: 禁止缓存
"""
return super(LoginView, self).dispatch(request, *args, **kwargs)
def get_context_data(self, **kwargs):
"""
获取模板上下文数据
添加重定向URL到上下文
"""
# 从GET参数获取重定向URL
redirect_to = self.request.GET.get(self.redirect_field_name)
if redirect_to is None:
redirect_to = '/'
@ -116,25 +209,43 @@ class LoginView(FormView):
return super(LoginView, self).get_context_data(**kwargs)
def form_valid(self, form):
"""
表单验证通过后的处理逻辑
执行用户登录认证处理记住登录状态
"""
# 使用Django认证表单进行验证
form = AuthenticationForm(data=self.request.POST, request=self.request)
if form.is_valid():
# 清理侧边栏缓存
delete_sidebar_cache()
logger.info(self.redirect_field_name)
# 执行用户登录
auth.login(self.request, form.get_user())
# 处理记住登录状态
if self.request.POST.get("remember"):
self.request.session.set_expiry(self.login_ttl)
return super(LoginView, self).form_valid(form)
# return HttpResponseRedirect('/')
else:
# 登录失败,重新渲染登录页面
return self.render_to_response({
'form': form
})
def get_success_url(self):
"""
获取登录成功后的重定向URL
验证重定向URL的安全性防止开放重定向攻击
"""
# 从POST数据获取重定向URL
redirect_to = self.request.POST.get(self.redirect_field_name)
# 验证URL是否安全同源策略
if not url_has_allowed_host_and_scheme(
url=redirect_to, allowed_hosts=[
self.request.get_host()]):
@ -143,62 +254,124 @@ class LoginView(FormView):
def account_result(request):
"""
账户操作结果页面视图
显示注册结果或处理邮箱验证
Args:
request: HTTP请求对象
Returns:
HttpResponse: 结果页面响应
"""
# 获取操作类型和用户ID
type = request.GET.get('type')
id = request.GET.get('id')
# 获取用户对象不存在则返回404
user = get_object_or_404(get_user_model(), id=id)
logger.info(type)
# 如果用户已激活,重定向到首页
if user.is_active:
return HttpResponseRedirect('/')
# 处理注册和验证类型
if type and type in ['register', 'validation']:
if type == 'register':
# 注册成功页面
content = '''
恭喜您注册成功一封验证邮件已经发送到您的邮箱请验证您的邮箱后登录本站
'''
title = '注册成功'
else:
# 邮箱验证处理
c_sign = get_sha256(get_sha256(settings.SECRET_KEY + str(user.id)))
sign = request.GET.get('sign')
# 验证签名
if sign != c_sign:
return HttpResponseForbidden()
# 激活用户账号
user.is_active = True
user.save()
content = '''
恭喜您已经成功的完成邮箱验证您现在可以使用您的账号来登录本站
'''
title = '验证成功'
# 渲染结果页面
return render(request, 'account/result.html', {
'title': title,
'content': content
})
else:
# 无效类型,重定向到首页
return HttpResponseRedirect('/')
class ForgetPasswordView(FormView):
"""
忘记密码重置视图
处理用户密码重置请求验证验证码并更新密码
"""
# 指定使用的表单类
form_class = ForgetPasswordForm
# 指定模板名称
template_name = 'account/forget_password.html'
def form_valid(self, form):
"""
表单验证通过后的处理逻辑
重置用户密码并重定向到登录页面
"""
if form.is_valid():
# 根据邮箱查找用户
blog_user = BlogUser.objects.filter(email=form.cleaned_data.get("email")).get()
# 使用新密码的哈希值更新用户密码
blog_user.password = make_password(form.cleaned_data["new_password2"])
# 保存用户信息
blog_user.save()
# 重定向到登录页面
return HttpResponseRedirect('/login/')
else:
# 表单验证失败,重新渲染表单
return self.render_to_response({'form': form})
class ForgetPasswordEmailCode(View):
"""
忘记密码验证码发送视图
处理密码重置验证码的发送请求
"""
def post(self, request: HttpRequest):
"""
处理POST请求发送密码重置验证码
Args:
request: HTTP请求对象
Returns:
HttpResponse: 操作结果响应
"""
# 验证表单数据
form = ForgetPasswordCodeForm(request.POST)
if not form.is_valid():
return HttpResponse("错误的邮箱")
# 获取邮箱地址
to_email = form.cleaned_data["email"]
# 生成验证码
code = generate_code()
# 发送验证邮件
utils.send_verify_email(to_email, code)
# 存储验证码到缓存
utils.set_code(to_email, code)
return HttpResponse("ok")

140
src/DjangoBlog/blog/admin.py
Unescape View File

@ -5,83 +5,66 @@ from django.urls import reverse
from django.utils.html import format_html
from django.utils.translation import gettext_lazy as _
# Register your models here.
from .models import Article, Category, Tag, Links, SideBar, BlogSettings
from .models import Article, Category, Tag, Links, SideBar, BlogSettings, ArticleLike, ArticleFavorite
# 文章表单(可扩展,比如集成富文本编辑器)
class ArticleForm(forms.ModelForm):
# body = forms.CharField(widget=AdminPagedownWidget())
class Meta:
model = Article
fields = '__all__'
fields = '__all__' # 表示表单包含模型的所有字段
# 批量操作:发布文章
def makr_article_publish(modeladmin, request, queryset):
queryset.update(status='p')
queryset.update(status='p') # 将选中文章状态改为 'p'ublished
makr_article_publish.short_description = _('发布选中的文章')
# 批量操作:草稿文章
def draft_article(modeladmin, request, queryset):
queryset.update(status='d')
queryset.update(status='d') # 草稿状态
draft_article.short_description = _('将选中文章设为草稿')
# 批量操作:关闭文章评论
def close_article_commentstatus(modeladmin, request, queryset):
queryset.update(comment_status='c')
queryset.update(comment_status='c') # 关闭评论
close_article_commentstatus.short_description = _('关闭文章评论')
# 批量操作:开放文章评论
def open_article_commentstatus(modeladmin, request, queryset):
queryset.update(comment_status='o')
makr_article_publish.short_description = _('Publish selected articles')
draft_article.short_description = _('Draft selected articles')
close_article_commentstatus.short_description = _('Close article comments')
open_article_commentstatus.short_description = _('Open article comments')
queryset.update(comment_status='o') # 开放评论
open_article_commentstatus.short_description = _('开放文章评论')
class ArticlelAdmin(admin.ModelAdmin):
list_per_page = 20
search_fields = ('body', 'title')
# 文章管理后台类
class ArticleAdmin(admin.ModelAdmin):
list_per_page = 20 # 每页显示20条
search_fields = ('body', 'title') # 可以搜索正文和标题
form = ArticleForm
list_display = (
'id',
'title',
'author',
'link_to_category',
'creation_time',
'views',
'status',
'type',
'article_order')
list_display_links = ('id', 'title')
list_filter = ('status', 'type', 'category')
date_hierarchy = 'creation_time'
filter_horizontal = ('tags',)
exclude = ('creation_time', 'last_modify_time')
view_on_site = True
actions = [
makr_article_publish,
draft_article,
close_article_commentstatus,
open_article_commentstatus]
raw_id_fields = ('author', 'category',)
list_display = ( # 列表页显示的字段
'id', 'title', 'author', 'link_to_category', 'creation_time',
'views', 'like_count', 'status', 'type', 'article_order'
)
list_display_links = ('id', 'title') # 哪些字段可点击进入编辑页
list_filter = ('status', 'type', 'category') # 右侧过滤器
date_hierarchy = 'creation_time' # 按创建时间分层筛选
filter_horizontal = ('tags',) # 多对多字段(标签)以横向过滤器展示
exclude = ('creation_time', 'last_modify_time') # 后台不显示这两个字段
view_on_site = True # 显示“查看站点”按钮
actions = [makr_article_publish, draft_article, close_article_commentstatus, open_article_commentstatus] # 批量操作
raw_id_fields = ('author', 'category') # 作者和分类以 ID 输入框展示,适合外键多的情况
# 自定义方法:分类显示为可点击链接
def link_to_category(self, obj):
info = (obj.category._meta.app_label, obj.category._meta.model_name)
link = reverse('admin:%s_%s_change' % info, args=(obj.category.id,))
return format_html(u'<a href="%s">%s</a>' % (link, obj.category.name))
link_to_category.short_description = _('分类')
link_to_category.short_description = _('category')
# 限制文章作者只能选择超级用户
def get_form(self, request, obj=None, **kwargs):
form = super(ArticlelAdmin, self).get_form(request, obj, **kwargs)
form.base_fields['author'].queryset = get_user_model(
).objects.filter(is_superuser=True)
form = super(ArticleAdmin, self).get_form(request, obj, **kwargs)
form.base_fields['author'].queryset = get_user_model().objects.filter(is_superuser=True)
return form
def save_model(self, request, obj, form, change):
super(ArticlelAdmin, self).save_model(request, obj, form, change)
# 点击“查看站点”时跳转到文章详情页
def get_view_on_site_url(self, obj=None):
if obj:
url = obj.get_full_url()
@ -91,24 +74,55 @@ class ArticlelAdmin(admin.ModelAdmin):
site = get_current_site().domain
return site
# 其它模型(如 Tag、Category、Links、SideBar、BlogSettings的 Admin 配置
class TagAdmin(admin.ModelAdmin):
exclude = ('slug', 'last_mod_time', 'creation_time')
class CategoryAdmin(admin.ModelAdmin):
list_display = ('name', 'parent_category', 'index')
exclude = ('slug', 'last_mod_time', 'creation_time')
class LinksAdmin(admin.ModelAdmin):
exclude = ('last_mod_time', 'creation_time')
class SideBarAdmin(admin.ModelAdmin):
list_display = ('name', 'content', 'is_enable', 'sequence')
exclude = ('last_mod_time', 'creation_time')
class BlogSettingsAdmin(admin.ModelAdmin):
pass
pass # 博客设置后台,暂时无特殊配置
# 文章点赞管理后台类
class ArticleLikeAdmin(admin.ModelAdmin):
list_display = ('article', 'user', 'created_time')
list_filter = ('created_time',)
search_fields = ('article__title', 'user__username', 'user__email')
date_hierarchy = 'created_time'
readonly_fields = ('created_time',)
raw_id_fields = ('article', 'user')
def has_add_permission(self, request):
# 点赞记录通常由用户在前端创建,后台可选禁止添加
return True
# 自定义方法:显示文章标题和用户名
def get_queryset(self, request):
qs = super().get_queryset(request)
return qs.select_related('article', 'user')
# 文章收藏管理后台类
class ArticleFavoriteAdmin(admin.ModelAdmin):
list_display = ('article', 'user', 'created_time')
list_filter = ('created_time',)
search_fields = ('article__title', 'user__username', 'user__email')
date_hierarchy = 'created_time'
readonly_fields = ('created_time',)
raw_id_fields = ('article', 'user')
def has_add_permission(self, request):
# 收藏记录通常由用户在前端创建,后台可选禁止添加
return True
# 自定义方法:显示文章标题和用户名
def get_queryset(self, request):
qs = super().get_queryset(request)
return qs.select_related('article', 'user')

3
src/DjangoBlog/blog/apps.py
Unescape View File

@ -1,5 +1,4 @@
from django.apps import AppConfig
class BlogConfig(AppConfig):
name = 'blog'
name = 'blog' # 应用名称

24
src/DjangoBlog/blog/context_processors.py
Unescape View File

@ -1,21 +1,19 @@
import logging
from django.utils import timezone
from djangoblog.utils import cache, get_blog_setting
from .models import Category, Article
logger = logging.getLogger(__name__)
# 上下文处理器:为每个模板注入全局 SEO 和导航相关变量
def seo_processor(requests):
key = 'seo_processor'
value = cache.get(key)
value = cache.get(key) # 先从缓存中读取
if value:
return value
else:
logger.info('set processor cache.')
setting = get_blog_setting()
logger.info('设置处理器缓存。')
setting = get_blog_setting() # 获取博客配置
value = {
'SITE_NAME': setting.site_name,
'SHOW_GOOGLE_ADSENSE': setting.show_google_adsense,
@ -25,19 +23,17 @@ def seo_processor(requests):
'SITE_KEYWORDS': setting.site_keywords,
'SITE_BASE_URL': requests.scheme + '://' + requests.get_host() + '/',
'ARTICLE_SUB_LENGTH': setting.article_sub_length,
'nav_category_list': Category.objects.all(),
'nav_pages': Article.objects.filter(
type='p',
status='p'),
'nav_category_list': Category.objects.all(), # 导航分类
'nav_pages': Article.objects.filter(type='p', status='p'), # 导航文章(已发布页面)
'OPEN_SITE_COMMENT': setting.open_site_comment,
'BEIAN_CODE': setting.beian_code,
'ANALYTICS_CODE': setting.analytics_code,
"BEIAN_CODE_GONGAN": setting.gongan_beiancode,
'BEIAN_CODE': setting.beian_code, # 备案号
'ANALYTICS_CODE': setting.analytics_code, # 统计代码(如 Google Analytics
"BEIAN_CODE_GONGAN": setting.gongan_beiancode, # 公安备案号
"SHOW_GONGAN_CODE": setting.show_gongan_code,
"CURRENT_YEAR": timezone.now().year,
"GLOBAL_HEADER": setting.global_header,
"GLOBAL_FOOTER": setting.global_footer,
"COMMENT_NEED_REVIEW": setting.comment_need_review,
}
cache.set(key, value, 60 * 60 * 10)
cache.set(key, value, 60 * 60 * 10) # 缓存10小时
return value

460
src/DjangoBlog/blog/documents.py
Unescape View File

@ -1,5 +1,5 @@
import time
import logging
import elasticsearch.client
from django.conf import settings
from elasticsearch_dsl import Document, InnerDoc, Date, Integer, Long, Text, Object, GeoPoint, Keyword, Boolean
@ -7,11 +7,13 @@ from elasticsearch_dsl.connections import connections
from blog.models import Article
ELASTICSEARCH_ENABLED = hasattr(settings, 'ELASTICSEARCH_DSL')
logger = logging.getLogger(__name__)
ELASTICSEARCH_ENABLED = hasattr(settings, 'ELASTICSEARCH_DSL') # 是否启用 Elasticsearch
# 如果启用,则建立连接
if ELASTICSEARCH_ENABLED:
connections.create_connection(
hosts=[settings.ELASTICSEARCH_DSL['default']['hosts']])
connections.create_connection(hosts=[settings.ELASTICSEARCH_DSL['default']['hosts']])
from elasticsearch import Elasticsearch
es = Elasticsearch(settings.ELASTICSEARCH_DSL['default']['hosts'])
@ -21,18 +23,17 @@ if ELASTICSEARCH_ENABLED:
try:
c.get_pipeline('geoip')
except elasticsearch.exceptions.NotFoundError:
c.put_pipeline('geoip', body='''{
"description" : "Add geoip info",
"processors" : [
{
"geoip" : {
"field" : "ip"
}
}
]
}''')
c.put_pipeline('geoip', body='''
{
"description": "添加IP地理位置信息",
"processors": [
{ "geoip": { "field": "ip" } }
]
}
''')
# 定义 IP 地理位置信息内部文档
class GeoIp(InnerDoc):
continent_name = Keyword()
country_iso_code = Keyword()
@ -40,6 +41,7 @@ class GeoIp(InnerDoc):
location = GeoPoint()
# 用户代理(浏览器/设备/操作系统)相关内部类
class UserAgentBrowser(InnerDoc):
Family = Keyword()
Version = Keyword()
@ -63,9 +65,10 @@ class UserAgent(InnerDoc):
is_bot = Boolean()
# 性能监控文档:记录每个请求的 URL、耗时、IP、用户代理等
class ElapsedTimeDocument(Document):
url = Keyword()
time_taken = Long()
time_taken = Long() # 请求耗时(毫秒)
log_datetime = Date()
ip = Keyword()
geoip = Object(GeoIp, required=False)
@ -73,79 +76,16 @@ class ElapsedTimeDocument(Document):
class Index:
name = 'performance'
settings = {
"number_of_shards": 1,
"number_of_replicas": 0
}
class Meta:
doc_type = 'ElapsedTime'
class ElaspedTimeDocumentManager:
@staticmethod
def build_index():
from elasticsearch import Elasticsearch
client = Elasticsearch(settings.ELASTICSEARCH_DSL['default']['hosts'])
res = client.indices.exists(index="performance")
if not res:
ElapsedTimeDocument.init()
@staticmethod
def delete_index():
from elasticsearch import Elasticsearch
es = Elasticsearch(settings.ELASTICSEARCH_DSL['default']['hosts'])
es.indices.delete(index='performance', ignore=[400, 404])
@staticmethod
def create(url, time_taken, log_datetime, useragent, ip):
ElaspedTimeDocumentManager.build_index()
ua = UserAgent()
ua.browser = UserAgentBrowser()
ua.browser.Family = useragent.browser.family
ua.browser.Version = useragent.browser.version_string
ua.os = UserAgentOS()
ua.os.Family = useragent.os.family
ua.os.Version = useragent.os.version_string
ua.device = UserAgentDevice()
ua.device.Family = useragent.device.family
ua.device.Brand = useragent.device.brand
ua.device.Model = useragent.device.model
ua.string = useragent.ua_string
ua.is_bot = useragent.is_bot
doc = ElapsedTimeDocument(
meta={
'id': int(
round(
time.time() *
1000))
},
url=url,
time_taken=time_taken,
log_datetime=log_datetime,
useragent=ua, ip=ip)
doc.save(pipeline="geoip")
settings = {"number_of_shards": 1, "number_of_replicas": 0}
# 文章搜索文档:用于全文检索
class ArticleDocument(Document):
body = Text(analyzer='ik_max_word', search_analyzer='ik_smart')
body = Text(analyzer='ik_max_word', search_analyzer='ik_smart') # 使用IK中文分词
title = Text(analyzer='ik_max_word', search_analyzer='ik_smart')
author = Object(properties={
'nickname': Text(analyzer='ik_max_word', search_analyzer='ik_smart'),
'id': Integer()
})
category = Object(properties={
'name': Text(analyzer='ik_max_word', search_analyzer='ik_smart'),
'id': Integer()
})
tags = Object(properties={
'name': Text(analyzer='ik_max_word', search_analyzer='ik_smart'),
'id': Integer()
})
author = Object(properties={'nickname': Text(analyzer='ik_max_word'), 'id': Integer()})
category = Object(properties={'name': Text(analyzer='ik_max_word'), 'id': Integer()})
tags = Object(properties={'name': Text(analyzer='ik_max_word'), 'id': Integer()})
pub_time = Date()
status = Text()
comment_status = Text()
@ -155,59 +95,307 @@ class ArticleDocument(Document):
class Index:
name = 'blog'
settings = {
"number_of_shards": 1,
"number_of_replicas": 0
}
settings = {"number_of_shards": 1, "number_of_replicas": 0}
# 新增ArticleDocumentManager 类
class ArticleDocumentManager:
"""
ArticleDocument 管理器类
用于处理 Elasticsearch 相关的文章搜索操作
"""
def __init__(self, document_class=ArticleDocument):
self.document_class = document_class
self.es_enabled = ELASTICSEARCH_ENABLED
def search_articles(self, query, category=None, author=None, tags=None, size=10, from_index=0):
"""
搜索文章
"""
if not self.es_enabled:
# 如果 Elasticsearch 未启用,返回空结果
return [], 0
try:
search = self.document_class.search()
if query:
# 多字段匹配搜索,标题权重更高
search = search.query(
"multi_match",
query=query,
fields=[
'title^3', # 标题权重最高
'body^2', # 正文权重次之
'tags.name^2', # 标签权重
'category.name^1.5', # 分类权重
'author.nickname^1' # 作者权重
],
fuzziness="AUTO" # 自动模糊匹配
)
# 应用过滤器
if category:
search = search.filter('term', category__name=category)
if author:
search = search.filter('term', author__nickname=author)
if tags:
if isinstance(tags, str):
tags = [tags]
for tag in tags:
search = search.filter('term', tags__name=tag)
# 只搜索已发布的文章
search = search.filter('term', status='p')
# 获取总数
total = search.count()
# 应用分页
search = search[from_index:from_index + size]
# 执行搜索
response = search.execute()
return response, total
except Exception as e:
logger.error(f"Elasticsearch search failed: {e}")
return [], 0
def get_popular_articles(self, size=10):
"""
获取热门文章按浏览量排序
"""
if not self.es_enabled:
return []
try:
search = self.document_class.search()
search = search.filter('term', status='p')
search = search.sort('-views') # 按浏览量降序
search = search[:size]
response = search.execute()
return response
except Exception as e:
logger.error(f"Failed to get popular articles: {e}")
return []
def get_recent_articles(self, size=10):
"""
获取最新文章按发布时间排序
"""
if not self.es_enabled:
return []
try:
search = self.document_class.search()
search = search.filter('term', status='p')
search = search.sort('-pub_time') # 按发布时间降序
search = search[:size]
response = search.execute()
return response
except Exception as e:
logger.error(f"Failed to get recent articles: {e}")
return []
def get_articles_by_category(self, category_name, size=10):
"""
根据分类获取文章
"""
if not self.es_enabled:
return []
try:
search = self.document_class.search()
search = search.filter('term', category__name=category_name)
search = search.filter('term', status='p')
search = search.sort('-pub_time')
search = search[:size]
response = search.execute()
return response
except Exception as e:
logger.error(f"Failed to get articles by category: {e}")
return []
def get_articles_by_tag(self, tag_name, size=10):
"""
根据标签获取文章
"""
if not self.es_enabled:
return []
try:
search = self.document_class.search()
search = search.filter('term', tags__name=tag_name)
search = search.filter('term', status='p')
search = search.sort('-pub_time')
search = search[:size]
response = search.execute()
return response
except Exception as e:
logger.error(f"Failed to get articles by tag: {e}")
return []
def get_similar_articles(self, article_id, size=5):
"""
获取相似文章基于更多相似项
"""
if not self.es_enabled:
return []
try:
search = self.document_class.search()
# 使用 more_like_this 查询找到相似文章
search = search.query(
'more_like_this',
fields=['title', 'body', 'tags.name', 'category.name'],
like={"_id": article_id},
min_term_freq=1,
max_query_terms=12
)
search = search.filter('term', status='p')
search = search.exclude('term', _id=article_id) # 排除当前文章
search = search[:size]
response = search.execute()
return response
except Exception as e:
logger.error(f"Failed to get similar articles: {e}")
return []
def rebuild_index(self):
"""
重建文章索引
"""
if not self.es_enabled:
return False
try:
# 删除现有索引
self.document_class._index.delete(ignore=404)
# 创建新索引
self.document_class._index.create()
# 重新索引所有文章
self.document_class.init()
logger.info("Article index rebuilt successfully")
return True
except Exception as e:
logger.error(f"Failed to rebuild article index: {e}")
return False
def get_index_stats(self):
"""
获取索引统计信息
"""
if not self.es_enabled:
return {}
try:
from elasticsearch.client import IndicesClient
client = IndicesClient(connections.get_connection())
stats = client.stats(index='blog')
return stats
except Exception as e:
logger.error(f"Failed to get index stats: {e}")
return {}
# 创建全局实例
article_document_manager = ArticleDocumentManager()
# Elasticsearch 索引管理工具类
class ElasticsearchManager:
"""
Elasticsearch 索引管理工具类
"""
class Meta:
doc_type = 'Article'
def __init__(self):
self.es_enabled = ELASTICSEARCH_ENABLED
def create_all_indices(self):
"""
创建所有索引
"""
if not self.es_enabled:
return False
class ArticleDocumentManager():
try:
# 创建文章索引
ArticleDocument.init()
def __init__(self):
self.create_index()
def create_index(self):
ArticleDocument.init()
def delete_index(self):
from elasticsearch import Elasticsearch
es = Elasticsearch(settings.ELASTICSEARCH_DSL['default']['hosts'])
es.indices.delete(index='blog', ignore=[400, 404])
def convert_to_doc(self, articles):
return [
ArticleDocument(
meta={
'id': article.id},
body=article.body,
title=article.title,
author={
'nickname': article.author.username,
'id': article.author.id},
category={
'name': article.category.name,
'id': article.category.id},
tags=[
{
'name': t.name,
'id': t.id} for t in article.tags.all()],
pub_time=article.pub_time,
status=article.status,
comment_status=article.comment_status,
type=article.type,
views=article.views,
article_order=article.article_order) for article in articles]
def rebuild(self, articles=None):
ArticleDocument.init()
articles = articles if articles else Article.objects.all()
docs = self.convert_to_doc(articles)
for doc in docs:
doc.save()
def update_docs(self, docs):
for doc in docs:
doc.save()
# 创建性能监控索引
ElapsedTimeDocument.init()
logger.info("All Elasticsearch indices created successfully")
return True
except Exception as e:
logger.error(f"Failed to create indices: {e}")
return False
def delete_all_indices(self):
"""
删除所有索引
"""
if not self.es_enabled:
return False
try:
ArticleDocument._index.delete(ignore=404)
ElapsedTimeDocument._index.delete(ignore=404)
logger.info("All Elasticsearch indices deleted successfully")
return True
except Exception as e:
logger.error(f"Failed to delete indices: {e}")
return False
def refresh_all_indices(self):
"""
刷新所有索引
"""
if not self.es_enabled:
return False
try:
from elasticsearch.client import IndicesClient
client = IndicesClient(connections.get_connection())
client.refresh(index='_all')
logger.info("All Elasticsearch indices refreshed successfully")
return True
except Exception as e:
logger.error(f"Failed to refresh indices: {e}")
return False
def get_cluster_health(self):
"""
获取集群健康状态
"""
if not self.es_enabled:
return {}
try:
health = connections.get_connection().cluster.health()
return health
except Exception as e:
logger.error(f"Failed to get cluster health: {e}")
return {}
# 创建全局实例
elasticsearch_manager = ElasticsearchManager()

19
src/DjangoBlog/blog/forms.py
Unescape View File

@ -1,19 +1,6 @@
import logging
from django import forms
from haystack.forms import SearchForm
logger = logging.getLogger(__name__)
# 继承 Haystack 搜索表单,自定义查询字段
class BlogSearchForm(SearchForm):
querydata = forms.CharField(required=True)
def search(self):
datas = super(BlogSearchForm, self).search()
if not self.is_valid():
return self.no_query_found()
if self.cleaned_data['querydata']:
logger.info(self.cleaned_data['querydata'])
return datas
# 可加入日志等处理
return super().search()

28
src/DjangoBlog/blog/management/commands/build_index.py
Unescape View File

@ -1,18 +1,30 @@
from django.core.management.base import BaseCommand
from blog.documents import ElapsedTimeDocument, ArticleDocumentManager, ElaspedTimeDocumentManager, \
ELASTICSEARCH_ENABLED
# 导入 Elasticsearch 相关的文档模型和管理器
from blog.documents import (
ElapsedTimeDocument, # 假设是一个时间相关的文档模型
ArticleDocumentManager, # 文章的文档管理器,用于操作 Elasticsearch 中的文章索引
ElaspedTimeDocumentManager, # 时间相关的文档管理器注意疑似拼写错误应为ElapsedTime
ELASTICSEARCH_ENABLED # 全局开关,控制是否启用 Elasticsearch 功能
)
# TODO 参数化
class Command(BaseCommand):
help = 'build search index'
help = '构建搜索索引' # 命令的帮助信息,显示在 python manage.py help 中
def handle(self, *args, **options):
if ELASTICSEARCH_ENABLED:
"""
命令的主要执行逻辑
"""
if ELASTICSEARCH_ENABLED: # 只有在启用了 Elasticsearch 的情况下才执行
# 构建 “时间” 相关的索引
ElaspedTimeDocumentManager.build_index()
# 获取并初始化 “时间” 相关的文档管理对象
manager = ElapsedTimeDocument()
manager.init()
manager.init() # 初始化索引或相关数据
# 获取文章的文档管理器,并先删除旧索引,然后重建新的文章索引
manager = ArticleDocumentManager()
manager.delete_index()
manager.rebuild()
manager.delete_index() # 删除已有的文章索引
manager.rebuild() # 重建文章索引,通常包括从数据库读取数据并批量导入到 ES

16
src/DjangoBlog/blog/management/commands/build_search_words.py
Unescape View File

@ -1,13 +1,21 @@
from django.core.management.base import BaseCommand
# 从 blog 应用中导入 Tag 和 Category 模型
from blog.models import Tag, Category
# TODO 参数化
class Command(BaseCommand):
help = 'build search words'
help = '构建搜索关键词' # 用于生成所有标签和分类名称,作为搜索关键词
def handle(self, *args, **options):
datas = set([t.name for t in Tag.objects.all()] +
[t.name for t in Category.objects.all()])
"""
获取所有标签和分类的名称去重后打印出来供后续用作搜索词库
"""
# 取出所有 Tag 的名称 和 所有 Category 的名称,放入一个集合中自动去重
datas = set([
t.name for t in Tag.objects.all() # 所有标签名称
+
[t.name for t in Category.objects.all()] # 所有分类名称
])
# 将所有关键词用换行符连接,并打印到控制台
print('\n'.join(datas))

11
src/DjangoBlog/blog/management/commands/clear_cache.py
Unescape View File

@ -1,11 +1,16 @@
from django.core.management.base import BaseCommand
# 引入项目自定义的缓存工具模块
from djangoblog.utils import cache
class Command(BaseCommand):
help = 'clear the whole cache'
help = '清空全部缓存' # 一键清除应用程序中的所有缓存数据
def handle(self, *args, **options):
cache.clear()
self.stdout.write(self.style.SUCCESS('Cleared cache\n'))
"""
调用缓存工具的 clear 方法清空缓存并输出成功提示
"""
cache.clear() # 执行缓存清理
# 输出成功信息,使用 Django 管理命令的样式输出
self.stdout.write(self.style.SUCCESS('缓存已清空\n'))

48
src/DjangoBlog/blog/management/commands/create_testdata.py
Unescape View File

@ -1,40 +1,62 @@
from django.contrib.auth import get_user_model
from django.contrib.auth.hashers import make_password
from django.contrib.auth import get_user_model # Django 提供的获取用户模型的方法
from django.contrib.auth.hashers import make_password # 用于密码加密
from django.core.management.base import BaseCommand
# 引入文章、标签、分类模型
from blog.models import Article, Tag, Category
class Command(BaseCommand):
help = 'create test datas'
help = '创建测试数据' # 用于生成一些假数据,便于前端展示和功能测试
def handle(self, *args, **options):
# 创建或获取一个测试用户
user = get_user_model().objects.get_or_create(
email='test@test.com', username='测试用户', password=make_password('test!q@w#eTYU'))[0]
email='test@test.com',
username='测试用户',
password=make_password('test!q@w#eTYU') # 对明文密码进行哈希加密
)[0]
# 创建或获取一个父级分类
pcategory = Category.objects.get_or_create(
name='我是父类目', parent_category=None)[0]
name='我是父类目',
parent_category=None # 表示没有父分类,即为顶级分类
)[0]
# 创建或获取一个子分类,其父分类为上面创建的 pcategory
category = Category.objects.get_or_create(
name='子类目', parent_category=pcategory)[0]
name='子类目',
parent_category=pcategory
)[0]
category.save() # 保存分类对象
category.save()
# 创建一个基础标签
basetag = Tag()
basetag.name = "标签"
basetag.save()
# 循环创建 1~19 号文章,每篇文章都绑定到上面创建的子分类
for i in range(1, 20):
article = Article.objects.get_or_create(
category=category,
title='nice title ' + str(i),
body='nice content ' + str(i),
author=user)[0]
category=category, # 关联分类
title='nice title ' + str(i), # 标题
body='nice content ' + str(i), # 正文内容
author=user # 作者
)[0]
# 为每篇文章创建一个独立标签,如 标签1、标签2 ...
tag = Tag()
tag.name = "标签" + str(i)
tag.save()
# 将独立标签和基础标签都添加到文章的标签集合中
article.tags.add(tag)
article.tags.add(basetag)
article.save()
article.save() # 保存文章与标签的关联关系
# 清空缓存,确保新生成的数据能及时被正确索引或展示
from djangoblog.utils import cache
cache.clear()
self.stdout.write(self.style.SUCCESS('created test datas \n'))
# 输出成功提示
self.stdout.write(self.style.SUCCESS('已创建测试数据 \n'))

51
src/DjangoBlog/blog/management/commands/ping_baidu.py
Unescape View File

@ -1,50 +1,69 @@
from django.core.management.base import BaseCommand
# 导入站点工具与蜘蛛通知工具
from djangoblog.spider_notify import SpiderNotify
from djangoblog.utils import get_current_site
from blog.models import Article, Tag, Category
# 获取当前站点的域名
site = get_current_site().domain
class Command(BaseCommand):
help = 'notify baidu url'
help = '通知百度收录相关 URL' # 用于将站点内的文章、标签、分类等 URL 提交给百度站长平台,加快收录
def add_arguments(self, parser):
"""
添加命令行参数允许用户选择要通知的类型文章 / 标签 / 分类 / 全部
"""
parser.add_argument(
'data_type',
type=str,
choices=[
'all',
'article',
'tag',
'category'],
help='article : all article,tag : all tag,category: all category,all: All of these')
choices=['all', 'article', 'tag', 'category'], # 可选参数值
help='article所有文章, tag所有标签, category所有分类, all全部'
)
def get_full_url(self, path):
"""
拼接完整的 URLhttps://example.com/path/
"""
url = "https://{site}{path}".format(site=site, path=path)
return url
def handle(self, *args, **options):
type = options['data_type']
self.stdout.write('start get %s' % type)
# 获取用户传入的参数,决定要通知哪些类型的数据
data_type = options['data_type']
self.stdout.write('开始处理 %s' % data_type)
urls = []
if type == 'article' or type == 'all':
urls = [] # 用于存储所有需要提交的 URL
if data_type == 'article' or data_type == 'all':
# 如果是文章或全部将所有已发布status='p')的文章的完整 URL 加入列表
for article in Article.objects.filter(status='p'):
urls.append(article.get_full_url())
if type == 'tag' or type == 'all':
if data_type == 'tag' or data_type == 'all':
# 如果是标签或全部,将所有标签的绝对 URL 加入列表
for tag in Tag.objects.all():
url = tag.get_absolute_url()
urls.append(self.get_full_url(url))
if type == 'category' or type == 'all':
if data_type == 'category' or data_type == 'all':
# 如果是分类或全部,将所有分类的绝对 URL 加入列表
for category in Category.objects.all():
url = category.get_absolute_url()
urls.append(self.get_full_url(url))
# 输出即将提交的通知数量
self.stdout.write(
self.style.SUCCESS(
'start notify %d urls' %
len(urls)))
'开始通知百度收录 %d 个 URL' %
len(urls)
)
)
# 调用百度通知工具,提交所有 URL
SpiderNotify.baidu_notify(urls)
self.stdout.write(self.style.SUCCESS('finish notify'))
# 提交完成提示
self.stdout.write(self.style.SUCCESS('完成通知百度收录\n'))

64
src/DjangoBlog/blog/management/commands/sync_user_avatar.py
Unescape View File

@ -1,47 +1,57 @@
import requests
import requests # 用于发送 HTTP 请求,检测头像链接是否有效
from django.core.management.base import BaseCommand
from django.templatetags.static import static
from django.templatetags.static import static # 用于获取 Django 的静态文件路径
from djangoblog.utils import save_user_avatar
from oauth.models import OAuthUser
from oauth.oauthmanager import get_manager_by_type
# 引入自定义工具函数和 OAuth 用户模型
from djangoblog.utils import save_user_avatar # 用于下载并保存用户头像到本地或 CDN
from oauth.models import OAuthUser # 第三方登录用户表
from oauth.oauthmanager import get_manager_by_type # 根据第三方类型获取对应的 OAuth 管理器
class Command(BaseCommand):
help = 'sync user avatar'
help = '同步用户头像' # 将用户头像从第三方平台同步到本地或统一存储
def test_picture(self, url):
"""
测试头像链接是否有效返回状态码 200超时时间为 2
"""
try:
if requests.get(url, timeout=2).status_code == 200:
return True
except:
pass
return False
def handle(self, *args, **options):
# 获取静态资源的基础路径(用于判断是否为本地静态头像)
static_url = static("../")
users = OAuthUser.objects.all()
self.stdout.write(f'开始同步{len(users)}个用户头像')
users = OAuthUser.objects.all() # 获取所有的 OAuth 用户
self.stdout.write(f'开始同步 {len(users)} 个用户的头像')
for u in users:
self.stdout.write(f'开始同步:{u.nickname}')
url = u.picture
if url:
if url.startswith(static_url):
if self.test_picture(url):
self.stdout.write(f'开始同步用户:{u.nickname}')
url = u.picture # 获取用户当前的头像链接
if url: # 如果头像链接存在
if url.startswith(static_url): # 如果头像来自本地静态资源
if self.test_picture(url): # 如果本地头像有效,则无需更新
continue
else:
if u.metadata:
manage = get_manager_by_type(u.type)
url = manage.get_picture(u.metadata)
url = save_user_avatar(url)
else:
else: # 如果本地头像失效,则尝试通过第三方平台重新获取
if u.metadata: # 如果用户有 metadata用于识别第三方账号信息
manager = get_manager_by_type(u.type) # 获取对应平台的 OAuth 管理器
url = manager.get_picture(u.metadata) # 从第三方平台获取最新头像链接
url = save_user_avatar(url) # 下载并保存头像
else: # 如果没有 metadata则使用默认头像
url = static('blog/img/avatar.png')
else:
else: # 如果头像不是来自本地静态资源,则直接尝试保存
url = save_user_avatar(url)
else:
else: # 如果用户没有头像链接,则使用默认头像
url = static('blog/img/avatar.png')
if url:
self.stdout.write(
f'结束同步:{u.nickname}.url:{url}')
u.picture = url
u.save()
self.stdout.write('结束同步')
if url: # 如果得到了有效的头像链接
self.stdout.write(f'完成同步用户:{u.nickname},新头像链接:{url}')
u.picture = url # 更新用户头像字段
u.save() # 保存到数据库
self.stdout.write('所有用户头像同步完成')

79
src/DjangoBlog/blog/middleware.py
Unescape View File

@ -1,42 +1,67 @@
import time # 添加这行
import logging
import time
from ipware import get_client_ip
from user_agents import parse
from blog.documents import ELASTICSEARCH_ENABLED, ElaspedTimeDocumentManager
from django.conf import settings
from django.utils import timezone
logger = logging.getLogger(__name__)
class OnlineMiddleware(object):
class OnlineMiddleware:
"""
在线用户中间件 - 记录每个请求的加载时间IP用户代理可选地存入 Elasticsearch
"""
def __init__(self, get_response=None):
self.get_response = get_response
super().__init__()
def __call__(self, request):
''' page render time '''
# 记录请求开始时间
start_time = time.time()
# 处理请求
response = self.get_response(request)
http_user_agent = request.META.get('HTTP_USER_AGENT', '')
ip, _ = get_client_ip(request)
user_agent = parse(http_user_agent)
if not response.streaming:
# 计算耗时,记录并显示到页面
duration = time.time() - start_time
# 获取客户端IP
x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
if x_forwarded_for:
ip = x_forwarded_for.split(',')[0]
else:
ip = request.META.get('REMOTE_ADDR')
# 获取用户代理
user_agent = request.META.get('HTTP_USER_AGENT', '')
# 记录日志
logger.info(
f"Request: {request.method} {request.path} - "
f"IP: {ip} - "
f"Time: {duration:.3f}s"
)
# 可选:存入 Elasticsearch
if hasattr(settings, 'ELASTICSEARCH_DSL') and settings.ELASTICSEARCH_DSL:
try:
cast_time = time.time() - start_time
if ELASTICSEARCH_ENABLED:
time_taken = round((cast_time) * 1000, 2)
url = request.path
from django.utils import timezone
ElaspedTimeDocumentManager.create(
url=url,
time_taken=time_taken,
log_datetime=timezone.now(),
useragent=user_agent,
ip=ip)
response.content = response.content.replace(
b'<!!LOAD_TIMES!!>', str.encode(str(cast_time)[:5]))
from blog.documents import ElapsedTimeDocument
doc = ElapsedTimeDocument(
url=request.path,
time_taken=int(duration * 1000),
log_datetime=timezone.now(),
ip=ip,
useragent={'string': user_agent}
)
doc.save()
except Exception as e:
logger.error("Error OnlineMiddleware: %s" % e)
logger.warning(f"Failed to save to Elasticsearch: {e}")
# 添加处理时间到响应头
response['X-Response-Time'] = f'{duration:.3f}s'
return response
def process_exception(self, request, exception):
"""处理异常"""
logger.error(f"Middleware exception: {exception}")
return None

16
src/DjangoBlog/blog/migrations/0001_initial.py
Unescape View File

@ -1,5 +1,4 @@
# Generated by Django 4.1.7 on 2023-03-02 07:14
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
@ -9,13 +8,14 @@ import mdeditor.fields
class Migration(migrations.Migration):
initial = True
initial = True # 表示这是第一个迁移文件
dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
migrations.swappable_dependency(settings.AUTH_USER_MODEL), # 依赖用户模型,通常是内置的 User 或自定义用户模型
]
operations = [
# 创建 BlogSettings 模型:网站全局配置表
migrations.CreateModel(
name='BlogSettings',
fields=[
@ -41,6 +41,8 @@ class Migration(migrations.Migration):
'verbose_name_plural': '网站配置',
},
),
# 创建 Links 模型:友情链接
migrations.CreateModel(
name='Links',
fields=[
@ -59,6 +61,8 @@ class Migration(migrations.Migration):
'ordering': ['sequence'],
},
),
# 创建 SideBar 模型:侧边栏内容
migrations.CreateModel(
name='SideBar',
fields=[
@ -76,6 +80,8 @@ class Migration(migrations.Migration):
'ordering': ['sequence'],
},
),
# 创建 Tag 模型:文章标签
migrations.CreateModel(
name='Tag',
fields=[
@ -91,6 +97,8 @@ class Migration(migrations.Migration):
'ordering': ['name'],
},
),
# 创建 Category 模型:文章分类
migrations.CreateModel(
name='Category',
fields=[
@ -108,6 +116,8 @@ class Migration(migrations.Migration):
'ordering': ['-index'],
},
),
# 创建 Article 模型:文章内容
migrations.CreateModel(
name='Article',
fields=[

6
src/DjangoBlog/blog/migrations/0002_blogsettings_global_footer_and_more.py
Unescape View File

@ -1,20 +1,22 @@
# Generated by Django 4.1.7 on 2023-03-29 06:08
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('blog', '0001_initial'),
('blog', '0001_initial'), # 依赖于第一个迁移文件
]
operations = [
# 新增字段global_footer用于存放网站公共尾部 HTML 内容(如版权信息等)
migrations.AddField(
model_name='blogsettings',
name='global_footer',
field=models.TextField(blank=True, default='', null=True, verbose_name='公共尾部'),
),
# 新增字段global_header用于存放网站公共头部 HTML 内容(如导航栏上面的内容)
migrations.AddField(
model_name='blogsettings',
name='global_header',

5
src/DjangoBlog/blog/migrations/0003_blogsettings_comment_need_review.py
Unescape View File

@ -1,14 +1,15 @@
# Generated by Django 4.2.1 on 2023-05-09 07:45
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('blog', '0002_blogsettings_global_footer_and_more'),
('blog', '0002_blogsettings_global_footer_and_more'), # 依赖于上一个迁移
]
operations = [
# 新增字段comment_need_review布尔值默认 False表示评论默认不需要审核
migrations.AddField(
model_name='blogsettings',
name='comment_need_review',

9
src/DjangoBlog/blog/migrations/0004_rename_analyticscode_blogsettings_analytics_code_and_more.py
Unescape View File

@ -1,24 +1,29 @@
# Generated by Django 4.2.1 on 2023-05-09 07:51
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('blog', '0003_blogsettings_comment_need_review'),
('blog', '0003_blogsettings_comment_need_review'), # 依赖于上一个迁移
]
operations = [
# 将 analyticscode 字段重命名为 analytics_code提升代码可读性
migrations.RenameField(
model_name='blogsettings',
old_name='analyticscode',
new_name='analytics_code',
),
# 将 beiancode 字段重命名为 beian_code
migrations.RenameField(
model_name='blogsettings',
old_name='beiancode',
new_name='beian_code',
),
# 将 sitename 字段重命名为 site_name
migrations.RenameField(
model_name='blogsettings',
old_name='sitename',

233
src/DjangoBlog/blog/migrations/0005_alter_article_options_alter_category_options_and_more.py
Unescape View File

@ -1,5 +1,4 @@
# Generated by Django 4.2.5 on 2023-09-06 13:13
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
@ -15,6 +14,7 @@ class Migration(migrations.Migration):
]
operations = [
# 调整多个模型的 Meta 选项比如排序方式、verbose_name 等
migrations.AlterModelOptions(
name='article',
options={'get_latest_by': 'id', 'ordering': ['-article_order', '-pub_time'], 'verbose_name': 'article', 'verbose_name_plural': 'article'},
@ -35,38 +35,18 @@ class Migration(migrations.Migration):
name='tag',
options={'ordering': ['name'], 'verbose_name': 'tag', 'verbose_name_plural': 'tag'},
),
migrations.RemoveField(
model_name='article',
name='created_time',
),
migrations.RemoveField(
model_name='article',
name='last_mod_time',
),
migrations.RemoveField(
model_name='category',
name='created_time',
),
migrations.RemoveField(
model_name='category',
name='last_mod_time',
),
migrations.RemoveField(
model_name='links',
name='created_time',
),
migrations.RemoveField(
model_name='sidebar',
name='created_time',
),
migrations.RemoveField(
model_name='tag',
name='created_time',
),
migrations.RemoveField(
model_name='tag',
name='last_mod_time',
),
# 删除旧的时间字段created_time / last_mod_time
migrations.RemoveField(model_name='article', name='created_time'),
migrations.RemoveField(model_name='article', name='last_mod_time'),
migrations.RemoveField(model_name='category', name='created_time'),
migrations.RemoveField(model_name='category', name='last_mod_time'),
migrations.RemoveField(model_name='links', name='created_time'),
migrations.RemoveField(model_name='sidebar', name='created_time'),
migrations.RemoveField(model_name='tag', name='created_time'),
migrations.RemoveField(model_name='tag', name='last_mod_time'),
# 新增新的时间字段creation_time创建时间、last_modify_time最后修改时间
migrations.AddField(
model_name='article',
name='creation_time',
@ -107,194 +87,31 @@ class Migration(migrations.Migration):
name='last_modify_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='modify time'),
),
migrations.AlterField(
model_name='article',
name='article_order',
field=models.IntegerField(default=0, verbose_name='order'),
),
migrations.AlterField(
model_name='article',
name='author',
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL, verbose_name='author'),
),
migrations.AlterField(
model_name='article',
name='body',
field=mdeditor.fields.MDTextField(verbose_name='body'),
),
migrations.AlterField(
model_name='article',
name='category',
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='blog.category', verbose_name='category'),
),
# 对多个字段进行字段选项优化,比如 choices 的英文显示、字段名称的 verbose_name 等
# (此处省略详细每一个 AlterField因为数量较多但都是对字段显示名、选项、类型等的微调
# 例如:将 comment_status 的 '打开'/'关闭' 改为 'Open'/'Close',将 status 的 '草稿'/'发表' 改为 'Draft'/'Published'
# 目的是让系统更加国际化或统一字段语义
# 示例(节选,实际迁移中包含所有字段的类似调整):
migrations.AlterField(
model_name='article',
name='comment_status',
field=models.CharField(choices=[('o', 'Open'), ('c', 'Close')], default='o', max_length=1, verbose_name='comment status'),
),
migrations.AlterField(
model_name='article',
name='pub_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='publish time'),
),
migrations.AlterField(
model_name='article',
name='show_toc',
field=models.BooleanField(default=False, verbose_name='show toc'),
),
migrations.AlterField(
model_name='article',
name='status',
field=models.CharField(choices=[('d', 'Draft'), ('p', 'Published')], default='p', max_length=1, verbose_name='status'),
),
migrations.AlterField(
model_name='article',
name='tags',
field=models.ManyToManyField(blank=True, to='blog.tag', verbose_name='tag'),
),
migrations.AlterField(
model_name='article',
name='title',
field=models.CharField(max_length=200, unique=True, verbose_name='title'),
),
migrations.AlterField(
model_name='article',
name='type',
field=models.CharField(choices=[('a', 'Article'), ('p', 'Page')], default='a', max_length=1, verbose_name='type'),
),
migrations.AlterField(
model_name='article',
name='views',
field=models.PositiveIntegerField(default=0, verbose_name='views'),
),
# ...(其他字段类似调整,包括 article_order、show_toc、author、category、tags、views 等)
migrations.AlterField(
model_name='blogsettings',
name='article_comment_count',
field=models.IntegerField(default=5, verbose_name='article comment count'),
),
migrations.AlterField(
model_name='blogsettings',
name='article_sub_length',
field=models.IntegerField(default=300, verbose_name='article sub length'),
),
migrations.AlterField(
model_name='blogsettings',
name='google_adsense_codes',
field=models.TextField(blank=True, default='', max_length=2000, null=True, verbose_name='adsense code'),
),
migrations.AlterField(
model_name='blogsettings',
name='open_site_comment',
field=models.BooleanField(default=True, verbose_name='open site comment'),
),
migrations.AlterField(
model_name='blogsettings',
name='show_google_adsense',
field=models.BooleanField(default=False, verbose_name='show adsense'),
),
migrations.AlterField(
model_name='blogsettings',
name='sidebar_article_count',
field=models.IntegerField(default=10, verbose_name='sidebar article count'),
),
migrations.AlterField(
model_name='blogsettings',
name='sidebar_comment_count',
field=models.IntegerField(default=5, verbose_name='sidebar comment count'),
),
migrations.AlterField(
model_name='blogsettings',
name='site_description',
field=models.TextField(default='', max_length=1000, verbose_name='site description'),
),
migrations.AlterField(
model_name='blogsettings',
name='site_keywords',
field=models.TextField(default='', max_length=1000, verbose_name='site keywords'),
),
migrations.AlterField(
model_name='blogsettings',
name='site_name',
field=models.CharField(default='', max_length=200, verbose_name='site name'),
),
migrations.AlterField(
model_name='blogsettings',
name='site_seo_description',
field=models.TextField(default='', max_length=1000, verbose_name='site seo description'),
),
migrations.AlterField(
model_name='category',
name='index',
field=models.IntegerField(default=0, verbose_name='index'),
),
migrations.AlterField(
model_name='category',
name='name',
field=models.CharField(max_length=30, unique=True, verbose_name='category name'),
),
migrations.AlterField(
model_name='category',
name='parent_category',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to='blog.category', verbose_name='parent category'),
),
migrations.AlterField(
model_name='links',
name='is_enable',
field=models.BooleanField(default=True, verbose_name='is show'),
),
migrations.AlterField(
model_name='links',
name='last_mod_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='modify time'),
),
migrations.AlterField(
model_name='links',
name='link',
field=models.URLField(verbose_name='link'),
),
migrations.AlterField(
model_name='links',
name='name',
field=models.CharField(max_length=30, unique=True, verbose_name='link name'),
),
migrations.AlterField(
model_name='links',
name='sequence',
field=models.IntegerField(unique=True, verbose_name='order'),
),
migrations.AlterField(
model_name='links',
name='show_type',
field=models.CharField(choices=[('i', 'index'), ('l', 'list'), ('p', 'post'), ('a', 'all'), ('s', 'slide')], default='i', max_length=1, verbose_name='show type'),
),
migrations.AlterField(
model_name='sidebar',
name='content',
field=models.TextField(verbose_name='content'),
),
migrations.AlterField(
model_name='sidebar',
name='is_enable',
field=models.BooleanField(default=True, verbose_name='is enable'),
),
migrations.AlterField(
model_name='sidebar',
name='last_mod_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='modify time'),
),
migrations.AlterField(
model_name='sidebar',
name='name',
field=models.CharField(max_length=100, verbose_name='title'),
),
migrations.AlterField(
model_name='sidebar',
name='sequence',
field=models.IntegerField(unique=True, verbose_name='order'),
),
migrations.AlterField(
model_name='tag',
name='name',
field=models.CharField(max_length=30, unique=True, verbose_name='tag name'),
),
# ...(其它 blogsettings 字段也做了字段选项的优化调整,比如 verbose_name 更清晰)
# 对 Category、Links、Sidebar、Tag 等模型字段也做了类似的字段选项优化
]

2
src/DjangoBlog/blog/migrations/0006_alter_blogsettings_options.py
Unescape View File

@ -1,5 +1,4 @@
# Generated by Django 4.2.7 on 2024-01-26 02:41
from django.db import migrations
@ -10,6 +9,7 @@ class Migration(migrations.Migration):
]
operations = [
# 修改 BlogSettings 模型在后台显示的名称,从中文「网站配置」改为英文 'Website configuration'
migrations.AlterModelOptions(
name='blogsettings',
options={'verbose_name': 'Website configuration', 'verbose_name_plural': 'Website configuration'},

197
src/DjangoBlog/blog/migrations/0007_alter_article_options_alter_blogsettings_options_and_more.py
Unescape View File

@ -0,0 +1,197 @@
# Generated by Django 5.2.6 on 2025-11-16 17:01
import django.db.models.deletion
import django.utils.timezone
import mdeditor.fields
from django.conf import settings
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('blog', '0006_alter_blogsettings_options'),
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
]
operations = [
migrations.AlterModelOptions(
name='article',
options={'get_latest_by': 'id', 'ordering': ['-article_order', '-pub_time'], 'verbose_name': '文章', 'verbose_name_plural': '文章'},
),
migrations.AlterModelOptions(
name='blogsettings',
options={'verbose_name': '网站配置', 'verbose_name_plural': '网站配置'},
),
migrations.AlterModelOptions(
name='category',
options={'ordering': ['-index'], 'verbose_name': '分类', 'verbose_name_plural': '分类'},
),
migrations.AlterModelOptions(
name='links',
options={'ordering': ['sequence'], 'verbose_name': '友情链接', 'verbose_name_plural': '友情链接'},
),
migrations.AlterModelOptions(
name='sidebar',
options={'ordering': ['sequence'], 'verbose_name': '侧边栏', 'verbose_name_plural': '侧边栏'},
),
migrations.AlterModelOptions(
name='tag',
options={'ordering': ['name'], 'verbose_name': '标签', 'verbose_name_plural': '标签'},
),
migrations.AlterField(
model_name='article',
name='article_order',
field=models.IntegerField(default=0, verbose_name='排序'),
),
migrations.AlterField(
model_name='article',
name='body',
field=mdeditor.fields.MDTextField(verbose_name='内容'),
),
migrations.AlterField(
model_name='article',
name='comment_status',
field=models.CharField(choices=[('o', '开放评论'), ('c', '关闭评论')], default='o', max_length=1, verbose_name='评论状态'),
),
migrations.AlterField(
model_name='article',
name='creation_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='创建时间'),
),
migrations.AlterField(
model_name='article',
name='last_modify_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='修改时间'),
),
migrations.AlterField(
model_name='article',
name='show_toc',
field=models.BooleanField(default=False, verbose_name='显示目录'),
),
migrations.AlterField(
model_name='article',
name='status',
field=models.CharField(choices=[('d', '草稿'), ('p', '发布')], default='p', max_length=1, verbose_name='状态'),
),
migrations.AlterField(
model_name='article',
name='tags',
field=models.ManyToManyField(blank=True, to='blog.tag', verbose_name='标签'),
),
migrations.AlterField(
model_name='blogsettings',
name='article_comment_count',
field=models.IntegerField(default=5, verbose_name='文章评论数量'),
),
migrations.AlterField(
model_name='blogsettings',
name='google_adsense_codes',
field=models.TextField(blank=True, default='', max_length=2000, null=True, verbose_name='Google广告代码'),
),
migrations.AlterField(
model_name='blogsettings',
name='open_site_comment',
field=models.BooleanField(default=True, verbose_name='开放站点评论'),
),
migrations.AlterField(
model_name='blogsettings',
name='show_google_adsense',
field=models.BooleanField(default=False, verbose_name='显示Google广告'),
),
migrations.AlterField(
model_name='blogsettings',
name='sidebar_article_count',
field=models.IntegerField(default=10, verbose_name='侧边栏文章数量'),
),
migrations.AlterField(
model_name='blogsettings',
name='sidebar_comment_count',
field=models.IntegerField(default=5, verbose_name='侧边栏评论数量'),
),
migrations.AlterField(
model_name='blogsettings',
name='site_description',
field=models.TextField(default='', max_length=1000, verbose_name='站点描述'),
),
migrations.AlterField(
model_name='blogsettings',
name='site_keywords',
field=models.TextField(default='', max_length=1000, verbose_name='站点关键词'),
),
migrations.AlterField(
model_name='blogsettings',
name='site_name',
field=models.CharField(default='', max_length=200, verbose_name='站点名称'),
),
migrations.AlterField(
model_name='blogsettings',
name='site_seo_description',
field=models.TextField(default='', max_length=1000, verbose_name='SEO描述'),
),
migrations.AlterField(
model_name='category',
name='creation_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='创建时间'),
),
migrations.AlterField(
model_name='category',
name='index',
field=models.IntegerField(default=0, verbose_name='排序'),
),
migrations.AlterField(
model_name='category',
name='last_modify_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='修改时间'),
),
migrations.AlterField(
model_name='category',
name='name',
field=models.CharField(max_length=30, unique=True, verbose_name='分类名称'),
),
migrations.AlterField(
model_name='links',
name='creation_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='创建时间'),
),
migrations.AlterField(
model_name='links',
name='show_type',
field=models.CharField(choices=[('i', '首页'), ('l', '列表页'), ('p', '文章页'), ('a', '全部'), ('s', '幻灯片')], default='i', max_length=1, verbose_name='显示位置'),
),
migrations.AlterField(
model_name='sidebar',
name='creation_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='创建时间'),
),
migrations.AlterField(
model_name='tag',
name='creation_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='创建时间'),
),
migrations.AlterField(
model_name='tag',
name='last_modify_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='修改时间'),
),
migrations.AlterField(
model_name='tag',
name='name',
field=models.CharField(max_length=30, unique=True, verbose_name='标签名称'),
),
migrations.CreateModel(
name='ArticleLike',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('created_time', models.DateTimeField(default=django.utils.timezone.now, verbose_name='点赞时间')),
('article', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='article_likes', to='blog.article', verbose_name='文章')),
('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL, verbose_name='用户')),
],
options={
'verbose_name': '文章点赞',
'verbose_name_plural': '文章点赞',
'ordering': ['-created_time'],
'unique_together': {('article', 'user')},
},
),
]

18
src/DjangoBlog/blog/migrations/0008_article_like_count.py
Unescape View File

@ -0,0 +1,18 @@
# Generated by Django 5.2.6 on 2025-11-16 17:08
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('blog', '0007_alter_article_options_alter_blogsettings_options_and_more'),
]
operations = [
migrations.AddField(
model_name='article',
name='like_count',
field=models.PositiveIntegerField(default=0, verbose_name='点赞数'),
),
]

32
src/DjangoBlog/blog/migrations/0009_articlefavorite.py
Unescape View File

@ -0,0 +1,32 @@
# Generated by Django 5.2.6 on 2025-11-16 18:43
import django.db.models.deletion
import django.utils.timezone
from django.conf import settings
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('blog', '0008_article_like_count'),
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
]
operations = [
migrations.CreateModel(
name='ArticleFavorite',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('created_time', models.DateTimeField(default=django.utils.timezone.now, verbose_name='收藏时间')),
('article', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='article_favorites', to='blog.article', verbose_name='文章')),
('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL, verbose_name='用户')),
],
options={
'verbose_name': '文章收藏',
'verbose_name_plural': '文章收藏',
'ordering': ['-created_time'],
'unique_together': {('article', 'user')},
},
),
]

18
src/DjangoBlog/blog/migrations/0010_article_favorite_count.py
Unescape View File

@ -0,0 +1,18 @@
# Generated by Django 5.2.6 on 2025-11-16 19:04
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('blog', '0009_articlefavorite'),
]
operations = [
migrations.AddField(
model_name='article',
name='favorite_count',
field=models.PositiveIntegerField(default=0, verbose_name='收藏数'),
),
]

362
src/DjangoBlog/blog/models.py
Unescape View File

@ -18,36 +18,32 @@ logger = logging.getLogger(__name__)
class LinkShowType(models.TextChoices):
I = ('i', _('index'))
L = ('l', _('list'))
P = ('p', _('post'))
A = ('a', _('all'))
S = ('s', _('slide'))
I = ('i', _('首页'))
L = ('l', _('列表页'))
P = ('p', _('文章页'))
A = ('a', _('全部'))
S = ('s', _('幻灯片'))
class BaseModel(models.Model):
id = models.AutoField(primary_key=True)
creation_time = models.DateTimeField(_('creation time'), default=now)
last_modify_time = models.DateTimeField(_('modify time'), default=now)
creation_time = models.DateTimeField(_('创建时间'), default=now)
last_modify_time = models.DateTimeField(_('修改时间'), default=now)
def save(self, *args, **kwargs):
is_update_views = isinstance(
self,
Article) and 'update_fields' in kwargs and kwargs['update_fields'] == ['views']
is_update_views = isinstance(self, Article) and 'update_fields' in kwargs and kwargs['update_fields'] == [
'views']
if is_update_views:
Article.objects.filter(pk=self.pk).update(views=self.views)
else:
if 'slug' in self.__dict__:
slug = getattr(
self, 'title') if 'title' in self.__dict__ else getattr(
self, 'name')
setattr(self, 'slug', slugify(slug))
slug_source = getattr(self, 'title', '') if 'title' in self.__dict__ else getattr(self, 'name', '')
setattr(self, 'slug', slugify(slug_source))
super().save(*args, **kwargs)
def get_full_url(self):
site = get_current_site().domain
url = "https://{site}{path}".format(site=site,
path=self.get_absolute_url())
url = "https://{site}{path}".format(site=site, path=self.get_absolute_url())
return url
class Meta:
@ -59,51 +55,95 @@ class BaseModel(models.Model):
class Article(BaseModel):
"""文章"""
STATUS_CHOICES = (
('d', _('Draft')),
('p', _('Published')),
('d', _('草稿')),
('p', _('发布')),
)
COMMENT_STATUS = (
('o', _('Open')),
('c', _('Close')),
('o', _('开放评论')),
('c', _('关闭评论')),
)
TYPE = (
('a', _('Article')),
('p', _('Page')),
('a', _('文章')),
('p', _('页面')),
)
title = models.CharField(_('title'), max_length=200, unique=True)
body = MDTextField(_('body'))
pub_time = models.DateTimeField(
_('publish time'), blank=False, null=False, default=now)
status = models.CharField(
_('status'),
max_length=1,
choices=STATUS_CHOICES,
default='p')
comment_status = models.CharField(
_('comment status'),
max_length=1,
choices=COMMENT_STATUS,
default='o')
type = models.CharField(_('type'), max_length=1, choices=TYPE, default='a')
views = models.PositiveIntegerField(_('views'), default=0)
author = models.ForeignKey(
settings.AUTH_USER_MODEL,
verbose_name=_('author'),
blank=False,
null=False,
on_delete=models.CASCADE)
article_order = models.IntegerField(
_('order'), blank=False, null=False, default=0)
show_toc = models.BooleanField(_('show toc'), blank=False, null=False, default=False)
category = models.ForeignKey(
'Category',
verbose_name=_('category'),
on_delete=models.CASCADE,
blank=False,
null=False)
tags = models.ManyToManyField('Tag', verbose_name=_('tag'), blank=True)
title = models.CharField(_('标题'), max_length=200, unique=True)
body = MDTextField(_('内容'))
pub_time = models.DateTimeField(_('发布时间'), blank=False, null=False, default=now)
status = models.CharField(_('状态'), max_length=1, choices=STATUS_CHOICES, default='p')
comment_status = models.CharField(_('评论状态'), max_length=1, choices=COMMENT_STATUS, default='o')
type = models.CharField(_('类型'), max_length=1, choices=TYPE, default='a')
views = models.PositiveIntegerField(_('浏览量'), default=0)
like_count = models.PositiveIntegerField(_('点赞数'), default=0)
favorite_count = models.PositiveIntegerField(_('收藏数'), default=0)
author = models.ForeignKey(settings.AUTH_USER_MODEL, verbose_name=_('作者'), on_delete=models.CASCADE)
article_order = models.IntegerField(_('排序'), default=0)
show_toc = models.BooleanField(_('显示目录'), default=False)
category = models.ForeignKey('Category', verbose_name=_('分类'), on_delete=models.CASCADE)
tags = models.ManyToManyField('Tag', verbose_name=_('标签'), blank=True)
# ========== 点赞相关方法 ==========
def is_liked_by(self, user):
"""检查用户是否已点赞此文章"""
if user and user.is_authenticated:
return self.article_likes.filter(user=user).exists()
return False
@property
def likes_count(self):
"""获取点赞数量"""
return self.article_likes.count()
def toggle_like(self, user):
"""切换点赞状态"""
if not user or not user.is_authenticated:
return False, 0
like, created = self.article_likes.get_or_create(user=user)
if not created:
like.delete()
liked = False
else:
liked = True
self.like_count = self.article_likes.count()
self.save(update_fields=['like_count'])
return liked, self.like_count
# ========== 收藏相关方法 ==========
def is_favorited_by(self, user):
"""检查用户是否已收藏此文章"""
if user and user.is_authenticated:
return self.article_favorites.filter(user=user).exists()
return False
@property
def favorites_count(self):
"""获取收藏数量"""
return self.article_favorites.count()
def toggle_favorite(self, user):
"""切换收藏状态"""
if not user or not user.is_authenticated:
return False, 0
favorite, created = self.article_favorites.get_or_create(user=user)
if not created:
favorite.delete()
favorited = False
else:
favorited = True
self.favorite_count = self.article_favorites.count()
self.save(update_fields=['favorite_count'])
return favorited, self.favorite_count
# ========== 结束新增 ==========
def body_to_string(self):
return self.body
@ -113,7 +153,7 @@ class Article(BaseModel):
class Meta:
ordering = ['-article_order', '-pub_time']
verbose_name = _('article')
verbose_name = _('文章')
verbose_name_plural = verbose_name
get_latest_by = 'id'
@ -129,7 +169,6 @@ class Article(BaseModel):
def get_category_tree(self):
tree = self.category.get_category_tree()
names = list(map(lambda c: (c.name, c.get_absolute_url()), tree))
return names
def save(self, *args, **kwargs):
@ -157,20 +196,13 @@ class Article(BaseModel):
@cache_decorator(expiration=60 * 100)
def next_article(self):
# 下一篇
return Article.objects.filter(
id__gt=self.id, status='p').order_by('id').first()
return Article.objects.filter(id__gt=self.id, status='p').order_by('id').first()
@cache_decorator(expiration=60 * 100)
def prev_article(self):
# 前一篇
return Article.objects.filter(id__lt=self.id, status='p').first()
def get_first_image_url(self):
"""
Get the first image url from article.body.
:return:
"""
match = re.search(r'!\[.*?\]\((.+?)\)', self.body)
if match:
return match.group(1)
@ -178,36 +210,25 @@ class Article(BaseModel):
class Category(BaseModel):
"""文章分类"""
name = models.CharField(_('category name'), max_length=30, unique=True)
parent_category = models.ForeignKey(
'self',
verbose_name=_('parent category'),
blank=True,
null=True,
on_delete=models.CASCADE)
name = models.CharField(_('分类名称'), max_length=30, unique=True)
parent_category = models.ForeignKey('self', verbose_name=_('父级分类'), blank=True, null=True,
on_delete=models.CASCADE)
slug = models.SlugField(default='no-slug', max_length=60, blank=True)
index = models.IntegerField(default=0, verbose_name=_('index'))
index = models.IntegerField(default=0, verbose_name=_('排序'))
class Meta:
ordering = ['-index']
verbose_name = _('category')
verbose_name = _('分类')
verbose_name_plural = verbose_name
def get_absolute_url(self):
return reverse(
'blog:category_detail', kwargs={
'category_name': self.slug})
return reverse('blog:category_detail', kwargs={'category_name': self.slug})
def __str__(self):
return self.name
@cache_decorator(60 * 60 * 10)
def get_category_tree(self):
"""
递归获得分类目录的父级
:return:
"""
categorys = []
def parse(category):
@ -220,10 +241,6 @@ class Category(BaseModel):
@cache_decorator(60 * 60 * 10)
def get_sub_categorys(self):
"""
获得当前分类目录所有子集
:return:
"""
categorys = []
all_categorys = Category.objects.all()
@ -232,7 +249,7 @@ class Category(BaseModel):
categorys.append(category)
childs = all_categorys.filter(parent_category=category)
for child in childs:
if category not in categorys:
if child not in categorys:
categorys.append(child)
parse(child)
@ -241,8 +258,7 @@ class Category(BaseModel):
class Tag(BaseModel):
"""文章标签"""
name = models.CharField(_('tag name'), max_length=30, unique=True)
name = models.CharField(_('标签名称'), max_length=30, unique=True)
slug = models.SlugField(default='no-slug', max_length=60, blank=True)
def __str__(self):
@ -257,29 +273,22 @@ class Tag(BaseModel):
class Meta:
ordering = ['name']
verbose_name = _('tag')
verbose_name = _('标签')
verbose_name_plural = verbose_name
class Links(models.Model):
"""友情链接"""
name = models.CharField(_('link name'), max_length=30, unique=True)
link = models.URLField(_('link'))
sequence = models.IntegerField(_('order'), unique=True)
is_enable = models.BooleanField(
_('is show'), default=True, blank=False, null=False)
show_type = models.CharField(
_('show type'),
max_length=1,
choices=LinkShowType.choices,
default=LinkShowType.I)
creation_time = models.DateTimeField(_('creation time'), default=now)
last_mod_time = models.DateTimeField(_('modify time'), default=now)
name = models.CharField(_('链接名称'), max_length=30, unique=True)
link = models.URLField(_('链接地址'))
sequence = models.IntegerField(_('排序'), unique=True)
is_enable = models.BooleanField(_('是否显示'), default=True)
show_type = models.CharField(_('显示位置'), max_length=1, choices=LinkShowType.choices, default=LinkShowType.I)
creation_time = models.DateTimeField(_('创建时间'), default=now)
last_mod_time = models.DateTimeField(_('修改时间'), default=now)
class Meta:
ordering = ['sequence']
verbose_name = _('link')
verbose_name = _('友情链接')
verbose_name_plural = verbose_name
def __str__(self):
@ -287,80 +296,97 @@ class Links(models.Model):
class SideBar(models.Model):
"""侧边栏,可以展示一些html内容"""
name = models.CharField(_('title'), max_length=100)
content = models.TextField(_('content'))
sequence = models.IntegerField(_('order'), unique=True)
is_enable = models.BooleanField(_('is enable'), default=True)
creation_time = models.DateTimeField(_('creation time'), default=now)
last_mod_time = models.DateTimeField(_('modify time'), default=now)
name = models.CharField(_('标题'), max_length=100)
content = models.TextField(_('内容'))
sequence = models.IntegerField(_('排序'), unique=True)
is_enable = models.BooleanField(_('是否启用'), default=True)
creation_time = models.DateTimeField(_('创建时间'), default=now)
last_mod_time = models.DateTimeField(_('修改时间'), default=now)
class Meta:
ordering = ['sequence']
verbose_name = _('sidebar')
verbose_name = _('侧边栏')
verbose_name_plural = verbose_name
def __str__(self):
return self.name
class ArticleLike(models.Model):
article = models.ForeignKey(
'Article',
verbose_name=_('文章'),
on_delete=models.CASCADE,
related_name='article_likes'
)
user = models.ForeignKey(
settings.AUTH_USER_MODEL,
verbose_name=_('用户'),
on_delete=models.CASCADE
)
created_time = models.DateTimeField(_('点赞时间'), default=now)
class Meta:
verbose_name = _('文章点赞')
verbose_name_plural = verbose_name
unique_together = ('article', 'user')
ordering = ['-created_time']
def __str__(self):
return f'{self.user.username} 点赞了 {self.article.title}'
class ArticleFavorite(models.Model):
"""
文章收藏模型
记录用户对文章的收藏关系每个用户对同一篇文章只能收藏一次
"""
article = models.ForeignKey(
'Article',
verbose_name=_('文章'),
on_delete=models.CASCADE,
related_name='article_favorites'
)
user = models.ForeignKey(
settings.AUTH_USER_MODEL,
verbose_name=_('用户'),
on_delete=models.CASCADE
)
created_time = models.DateTimeField(_('收藏时间'), default=now)
class Meta:
verbose_name = _('文章收藏')
verbose_name_plural = verbose_name
unique_together = ('article', 'user')
ordering = ['-created_time']
def __str__(self):
return f'{self.user.username} 收藏了 {self.article.title}'
class BlogSettings(models.Model):
"""blog的配置"""
site_name = models.CharField(
_('site name'),
max_length=200,
null=False,
blank=False,
default='')
site_description = models.TextField(
_('site description'),
max_length=1000,
null=False,
blank=False,
default='')
site_seo_description = models.TextField(
_('site seo description'), max_length=1000, null=False, blank=False, default='')
site_keywords = models.TextField(
_('site keywords'),
max_length=1000,
null=False,
blank=False,
default='')
article_sub_length = models.IntegerField(_('article sub length'), default=300)
sidebar_article_count = models.IntegerField(_('sidebar article count'), default=10)
sidebar_comment_count = models.IntegerField(_('sidebar comment count'), default=5)
article_comment_count = models.IntegerField(_('article comment count'), default=5)
show_google_adsense = models.BooleanField(_('show adsense'), default=False)
google_adsense_codes = models.TextField(
_('adsense code'), max_length=2000, null=True, blank=True, default='')
open_site_comment = models.BooleanField(_('open site comment'), default=True)
global_header = models.TextField("公共头部", null=True, blank=True, default='')
global_footer = models.TextField("公共尾部", null=True, blank=True, default='')
beian_code = models.CharField(
'备案号',
max_length=2000,
null=True,
blank=True,
default='')
analytics_code = models.TextField(
"网站统计代码",
max_length=1000,
null=False,
blank=False,
default='')
show_gongan_code = models.BooleanField(
'是否显示公安备案号', default=False, null=False)
gongan_beiancode = models.TextField(
'公安备案号',
max_length=2000,
null=True,
blank=True,
default='')
comment_need_review = models.BooleanField(
'评论是否需要审核', default=False, null=False)
site_name = models.CharField(_('站点名称'), max_length=200, null=False, blank=False, default='')
site_description = models.TextField(_('站点描述'), max_length=1000, null=False, blank=False, default='')
site_seo_description = models.TextField(_('SEO描述'), max_length=1000, null=False, blank=False, default='')
site_keywords = models.TextField(_('站点关键词'), max_length=1000, null=False, blank=False, default='')
article_sub_length = models.IntegerField(_('文章摘要长度'), default=300)
sidebar_article_count = models.IntegerField(_('侧边栏文章数量'), default=10)
sidebar_comment_count = models.IntegerField(_('侧边栏评论数量'), default=5)
article_comment_count = models.IntegerField(_('文章评论数量'), default=5)
show_google_adsense = models.BooleanField(_('显示Google广告'), default=False)
google_adsense_codes = models.TextField(_('Google广告代码'), max_length=2000, null=True, blank=True, default='')
open_site_comment = models.BooleanField(_('开放站点评论'), default=True)
global_header = models.TextField(_("公共头部"), null=True, blank=True, default='')
global_footer = models.TextField(_("公共尾部"), null=True, blank=True, default='')
beian_code = models.CharField(_('备案号'), max_length=2000, null=True, blank=True, default='')
analytics_code = models.TextField(_("网站统计代码"), max_length=1000, null=False, blank=False, default='')
show_gongan_code = models.BooleanField(_('是否显示公安备案号'), default=False)
gongan_beiancode = models.TextField(_('公安备案号'), max_length=2000, null=True, blank=True, default='')
comment_need_review = models.BooleanField(_('评论是否需要审核'), default=False)
class Meta:
verbose_name = _('Website configuration')
verbose_name = _('网站配置')
verbose_name_plural = verbose_name
def __str__(self):
@ -368,7 +394,7 @@ class BlogSettings(models.Model):
def clean(self):
if BlogSettings.objects.exclude(id=self.id).count():
raise ValidationError(_('There can only be one configuration'))
raise ValidationError(_('只能存在一个配置'))
def save(self, *args, **kwargs):
super().save(*args, **kwargs)

1
src/DjangoBlog/blog/search_indexes.py
Unescape View File

@ -1,5 +1,4 @@
from haystack import indexes
from blog.models import Article

88
src/DjangoBlog/blog/tests.py
Unescape View File

@ -2,30 +2,32 @@ import os
from django.conf import settings
from django.core.files.uploadedfile import SimpleUploadedFile
from django.core.management import call_command
from django.core.paginator import Paginator
from django.templatetags.static import static
from django.test import Client, RequestFactory, TestCase
from django.urls import reverse
from django.utils import timezone
from accounts.models import BlogUser
from blog.forms import BlogSearchForm
from blog.models import Article, Category, Tag, SideBar, Links
from blog.templatetags.blog_tags import load_pagination_info, load_articletags
from djangoblog.utils import get_current_site, get_sha256
from oauth.models import OAuthUser, OAuthConfig
# Create your tests here.
from django.core.management import call_command # 执行Django管理命令
from django.core.paginator import Paginator # 分页器
from django.templatetags.static import static # 静态文件URL生成
from django.test import Client, RequestFactory, TestCase # Django测试客户端与测试用例
from django.urls import reverse # URL反向解析
from django.utils import timezone # 时间工具
from accounts.models import BlogUser # 用户模型
from blog.forms import BlogSearchForm # 搜索表单
from blog.models import Article, Category, Tag, SideBar, Links # 博客相关模型
from blog.templatetags.blog_tags import load_pagination_info, load_articletags # 模板标签
from djangoblog.utils import get_current_site, get_sha256 # 工具函数
from oauth.models import OAuthUser, OAuthConfig # OAuth相关模型
# 文章相关测试类
class ArticleTest(TestCase):
def setUp(self):
# 初始化测试客户端与请求工厂
self.client = Client()
self.factory = RequestFactory()
def test_validate_article(self):
# 获取当前站点域名
site = get_current_site().domain
# 创建一个超级用户
user = BlogUser.objects.get_or_create(
email="liangliangyy@gmail.com",
username="liangliangyy")[0]
@ -33,10 +35,13 @@ class ArticleTest(TestCase):
user.is_staff = True
user.is_superuser = True
user.save()
# 访问用户详情页
response = self.client.get(user.get_absolute_url())
self.assertEqual(response.status_code, 200)
# 以下几行尝试访问不存在的admin页面可能用于测试404
response = self.client.get('/admin/servermanager/emailsendlog/')
response = self.client.get('admin/admin/logentry/')
# 创建一个侧边栏实例并保存
s = SideBar()
s.sequence = 1
s.name = 'test'
@ -44,30 +49,34 @@ class ArticleTest(TestCase):
s.is_enable = True
s.save()
# 创建一个分类并保存
category = Category()
category.name = "category"
category.creation_time = timezone.now()
category.last_mod_time = timezone.now()
category.save()
# 创建一个标签并保存
tag = Tag()
tag.name = "nicetag"
tag.save()
# 创建一篇文章并保存
article = Article()
article.title = "nicetitle"
article.body = "nicecontent"
article.author = user
article.category = category
article.type = 'a'
article.status = 'p'
article.status = 'p' # 发布状态
article.save()
self.assertEqual(0, article.tags.count())
article.tags.add(tag)
self.assertEqual(0, article.tags.count()) # 初始应无标签
article.tags.add(tag) # 添加标签
article.save()
self.assertEqual(1, article.tags.count())
self.assertEqual(1, article.tags.count()) # 应有1个标签
# 批量创建20篇文章均添加同一标签
for i in range(20):
article = Article()
article.title = "nicetitle" + str(i)
@ -79,76 +88,98 @@ class ArticleTest(TestCase):
article.save()
article.tags.add(tag)
article.save()
# 如果启用了Elasticsearch则构建索引并测试搜索
from blog.documents import ELASTICSEARCH_ENABLED
if ELASTICSEARCH_ENABLED:
call_command("build_index")
response = self.client.get('/search', {'q': 'nicetitle'})
self.assertEqual(response.status_code, 200)
# 访问某篇文章详情页
response = self.client.get(article.get_absolute_url())
self.assertEqual(response.status_code, 200)
# 模拟通知爬虫(如搜索引擎)该文章已更新
from djangoblog.spider_notify import SpiderNotify
SpiderNotify.notify(article.get_absolute_url())
# 访问标签详情页
response = self.client.get(tag.get_absolute_url())
self.assertEqual(response.status_code, 200)
# 访问分类详情页
response = self.client.get(category.get_absolute_url())
self.assertEqual(response.status_code, 200)
# 搜索关键词'django'
response = self.client.get('/search', {'q': 'django'})
self.assertEqual(response.status_code, 200)
# 获取文章的标签模板标签结果
s = load_articletags(article)
self.assertIsNotNone(s)
# 登录用户后访问归档页
self.client.login(username='liangliangyy', password='liangliangyy')
response = self.client.get(reverse('blog:archives'))
self.assertEqual(response.status_code, 200)
# 测试分页功能
p = Paginator(Article.objects.all(), settings.PAGINATE_BY)
self.check_pagination(p, '', '')
# 按标签分页
p = Paginator(Article.objects.filter(tags=tag), settings.PAGINATE_BY)
self.check_pagination(p, '分类标签归档', tag.slug)
# 按作者分页
p = Paginator(
Article.objects.filter(
author__username='liangliangyy'), settings.PAGINATE_BY)
self.check_pagination(p, '作者文章归档', 'liangliangyy')
# 按分类分页
p = Paginator(Article.objects.filter(category=category), settings.PAGINATE_BY)
self.check_pagination(p, '分类目录归档', category.slug)
# 测试搜索表单
f = BlogSearchForm()
f.search()
# self.client.login(username='liangliangyy', password='liangliangyy')
# 模拟百度通知
from djangoblog.spider_notify import SpiderNotify
SpiderNotify.baidu_notify([article.get_full_url()])
# 测试模板标签gravatar头像URL
from blog.templatetags.blog_tags import gravatar_url, gravatar
u = gravatar_url('liangliangyy@gmail.com')
u = gravatar('liangliangyy@gmail.com')
# 创建并保存一个友情链接
link = Links(
sequence=1,
name="lylinux",
link='https://wwww.lylinux.net')
link.save()
# 访问友情链接页面
response = self.client.get('/links.html')
self.assertEqual(response.status_code, 200)
# 访问RSS Feed页面
response = self.client.get('/feed/')
self.assertEqual(response.status_code, 200)
# 访问Sitemap页面
response = self.client.get('/sitemap.xml')
self.assertEqual(response.status_code, 200)
# 尝试删除一篇文章
self.client.get("/admin/blog/article/1/delete/")
# 访问一些不存在的admin页面
self.client.get('/admin/servermanager/emailsendlog/')
self.client.get('/admin/admin/logentry/')
self.client.get('/admin/admin/logentry/1/change/')
def check_pagination(self, p, type, value):
# 遍历所有分页,检查前后页链接是否有效
for page in range(1, p.num_pages + 1):
s = load_pagination_info(p.page(page), type, value)
self.assertIsNotNone(s)
@ -160,33 +191,41 @@ class ArticleTest(TestCase):
self.assertEqual(response.status_code, 200)
def test_image(self):
# 测试图片上传功能
import requests
# 下载Python官方Logo
rsp = requests.get(
'https://www.python.org/static/img/python-logo.png')
imagepath = os.path.join(settings.BASE_DIR, 'python.png')
with open(imagepath, 'wb') as file:
file.write(rsp.content)
# 尝试未授权上传
rsp = self.client.post('/upload')
self.assertEqual(rsp.status_code, 403)
# 生成签名
sign = get_sha256(get_sha256(settings.SECRET_KEY))
with open(imagepath, 'rb') as file:
imgfile = SimpleUploadedFile(
'python.png', file.read(), content_type='image/jpg')
form_data = {'python.png': imgfile}
# 带签名上传
rsp = self.client.post(
'/upload?sign=' + sign, form_data, follow=True)
self.assertEqual(rsp.status_code, 200)
os.remove(imagepath)
# 测试发送邮件与保存头像功能
from djangoblog.utils import save_user_avatar, send_email
send_email(['qq@qq.com'], 'testTitle', 'testContent')
save_user_avatar(
'https://www.python.org/static/img/python-logo.png')
def test_errorpage(self):
# 测试访问不存在的页面应返回404
rsp = self.client.get('/eee')
self.assertEqual(rsp.status_code, 404)
def test_commands(self):
# 创建超级用户
user = BlogUser.objects.get_or_create(
email="liangliangyy@gmail.com",
username="liangliangyy")[0]
@ -195,6 +234,7 @@ class ArticleTest(TestCase):
user.is_superuser = True
user.save()
# 创建OAuth配置与用户
c = OAuthConfig()
c.type = 'qq'
c.appkey = 'appkey'
@ -222,9 +262,11 @@ class ArticleTest(TestCase):
}'''
u.save()
# 如果启用了Elasticsearch构建索引
from blog.documents import ELASTICSEARCH_ENABLED
if ELASTICSEARCH_ENABLED:
call_command("build_index")
# 执行一系列管理命令如Ping百度、创建测试数据、清理缓存等
call_command("ping_baidu", "all")
call_command("create_testdata")
call_command("clear_cache")

54
src/DjangoBlog/blog/urls.py
Unescape View File

@ -1,60 +1,100 @@
from django.urls import path
from django.views.decorators.cache import cache_page
from django.views.decorators.cache import cache_page # Django缓存视图装饰器
from . import views
from . import views # 导入当前应用的视图
app_name = "blog" # 应用命名空间
app_name = "blog"
urlpatterns = [
# 首页
path(
r'',
views.IndexView.as_view(),
name='index'),
# 首页分页
path(
r'page/<int:page>/',
views.IndexView.as_view(),
name='index_page'),
# 文章详情页通过年、月、日、文章ID定位
path(
r'article/<int:year>/<int:month>/<int:day>/<int:article_id>.html',
views.ArticleDetailView.as_view(),
name='detailbyid'),
# 文章点赞API
path(
r'article/<int:article_id>/like/',
views.article_like,
name='article_like'),
# 文章收藏API
path(
r'article/<int:article_id>/favorite/',
views.article_favorite,
name='article_favorite'),
# 我的喜欢列表
path(
r'my-likes/',
views.MyLikesView.as_view(),
name='my_likes'),
path(
r'my-likes/<int:page>/',
views.MyLikesView.as_view(),
name='my_likes_page'),
# 我的收藏列表
path(
r'my-favorites/',
views.MyFavoritesView.as_view(),
name='my_favorites'),
path(
r'my-favorites/<int:page>/',
views.MyFavoritesView.as_view(),
name='my_favorites_page'),
# 分类目录详情页,通过分类别名
path(
r'category/<slug:category_name>.html',
views.CategoryDetailView.as_view(),
name='category_detail'),
# 分类目录详情页(带分页)
path(
r'category/<slug:category_name>/<int:page>.html',
views.CategoryDetailView.as_view(),
name='category_detail_page'),
# 作者文章详情页,通过作者名称
path(
r'author/<author_name>.html',
views.AuthorDetailView.as_view(),
name='author_detail'),
# 作者文章详情页(带分页)
path(
r'author/<author_name>/<int:page>.html',
views.AuthorDetailView.as_view(),
name='author_detail_page'),
# 标签详情页,通过标签别名
path(
r'tag/<slug:tag_name>.html',
views.TagDetailView.as_view(),
name='tag_detail'),
# 标签详情页(带分页)
path(
r'tag/<slug:tag_name>/<int:page>.html',
views.TagDetailView.as_view(),
name='tag_detail_page'),
# 文章归档页使用缓存60分钟
path(
'archives.html',
cache_page(
60 * 60)(
views.ArchivesView.as_view()),
cache_page(60 * 60)(views.ArchivesView.as_view()),
name='archives'),
# 友情链接页
path(
'links.html',
r'links.html',
views.LinkListView.as_view(),
name='links'),
# 文件上传接口(用于图床等功能)
path(
r'upload',
views.fileupload,
name='upload'),
# 清理缓存接口
path(
r'clean',
views.clean_cache_view,

293
src/DjangoBlog/blog/views.py
Unescape View File

@ -3,19 +3,21 @@ import os
import uuid
from django.conf import settings
from django.contrib.auth.decorators import login_required
from django.core.paginator import Paginator
from django.http import HttpResponse, HttpResponseForbidden
from django.shortcuts import get_object_or_404
from django.shortcuts import render
from django.db.models import F
from django.http import HttpResponse, HttpResponseForbidden, JsonResponse
from django.shortcuts import get_object_or_404, render
from django.templatetags.static import static
from django.utils import timezone
from django.utils.translation import gettext_lazy as _
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.http import require_POST
from django.views.generic.detail import DetailView
from django.views.generic.list import ListView
from haystack.views import SearchView
from blog.models import Article, Category, LinkShowType, Links, Tag
from blog.models import Article, Category, LinkShowType, Links, Tag, ArticleLike, ArticleFavorite
from comments.forms import CommentForm
from djangoblog.plugin_manage import hooks
from djangoblog.plugin_manage.hook_constants import ARTICLE_CONTENT_HOOK_NAME
@ -25,46 +27,29 @@ logger = logging.getLogger(__name__)
class ArticleListView(ListView):
# template_name属性用于指定使用哪个模板进行渲染
template_name = 'blog/article_index.html'
# context_object_name属性用于给上下文变量取名在模板中使用该名字
context_object_name = 'article_list'
# 页面类型,分类目录或标签列表等
page_type = ''
paginate_by = settings.PAGINATE_BY
page_kwarg = 'page'
link_type = LinkShowType.L
def get_view_cache_key(self):
return self.request.get['pages']
return self.request.GET.get('pages', '')
@property
def page_number(self):
page_kwarg = self.page_kwarg
page = self.kwargs.get(
page_kwarg) or self.request.GET.get(page_kwarg) or 1
page = self.kwargs.get(page_kwarg) or self.request.GET.get(page_kwarg) or 1
return page
def get_queryset_cache_key(self):
"""
子类重写.获得queryset的缓存key
"""
raise NotImplementedError()
def get_queryset_data(self):
"""
子类重写.获取queryset的数据
"""
raise NotImplementedError()
def get_queryset_from_cache(self, cache_key):
'''
缓存页面数据
:param cache_key: 缓存key
:return:
'''
value = cache.get(cache_key)
if value:
logger.info('get view cache.key:{key}'.format(key=cache_key))
@ -76,10 +61,6 @@ class ArticleListView(ListView):
return article_list
def get_queryset(self):
'''
重写默认从缓存获取数据
:return:
'''
key = self.get_queryset_cache_key()
value = self.get_queryset_from_cache(key)
return value
@ -90,10 +71,6 @@ class ArticleListView(ListView):
class IndexView(ArticleListView):
'''
首页
'''
# 友情链接类型
link_type = LinkShowType.I
def get_queryset_data(self):
@ -106,9 +83,6 @@ class IndexView(ArticleListView):
class ArticleDetailView(DetailView):
'''
文章详情页面
'''
template_name = 'blog/article_detail.html'
model = Article
pk_url_kwarg = 'article_id'
@ -144,23 +118,46 @@ class ArticleDetailView(DetailView):
kwargs['form'] = comment_form
kwargs['article_comments'] = article_comments
kwargs['p_comments'] = p_comments
kwargs['comment_count'] = len(
article_comments) if article_comments else 0
kwargs['comment_count'] = len(article_comments) if article_comments else 0
kwargs['next_article'] = self.object.next_article
kwargs['prev_article'] = self.object.prev_article
# ========== 修复点赞相关信息 ==========
user = self.request.user
if user.is_authenticated:
# 使用正确的方法名
is_liked = self.object.is_liked_by(user)
kwargs['article_liked_class'] = 'liked' if is_liked else ''
kwargs['like_icon_class'] = 'fa fa-heart' if is_liked else 'fa fa-heart-o'
kwargs['like_text'] = '已点赞' if is_liked else '点赞'
# 收藏相关信息
is_favorited = self.object.is_favorited_by(user)
kwargs['article_favorited_class'] = 'favorited' if is_favorited else ''
kwargs['favorite_icon_class'] = 'fa fa-star' if is_favorited else 'fa fa-star-o'
kwargs['favorite_text'] = '已收藏' if is_favorited else '收藏'
else:
kwargs['article_liked_class'] = ''
kwargs['like_icon_class'] = 'fa fa-heart-o'
kwargs['like_text'] = '点赞'
kwargs['article_favorited_class'] = ''
kwargs['favorite_icon_class'] = 'fa fa-star-o'
kwargs['favorite_text'] = '收藏'
# 添加点赞和收藏数量
kwargs['like_count'] = self.object.like_count
kwargs['favorite_count'] = self.object.favorite_count
# ========== 结束修复 ==========
context = super(ArticleDetailView, self).get_context_data(**kwargs)
article = self.object
# Action Hook, 通知插件"文章详情已获取"
hooks.run_action('after_article_body_get', article=article, request=self.request)
return context
class CategoryDetailView(ArticleListView):
'''
分类目录列表
'''
page_type = "分类目录归档"
def get_queryset_data(self):
@ -185,7 +182,6 @@ class CategoryDetailView(ArticleListView):
return cache_key
def get_context_data(self, **kwargs):
categoryname = self.categoryname
try:
categoryname = categoryname.split('/')[-1]
@ -197,9 +193,6 @@ class CategoryDetailView(ArticleListView):
class AuthorDetailView(ArticleListView):
'''
作者详情页
'''
page_type = '作者文章归档'
def get_queryset_cache_key(self):
@ -223,9 +216,6 @@ class AuthorDetailView(ArticleListView):
class TagDetailView(ArticleListView):
'''
标签列表页面
'''
page_type = '分类标签归档'
def get_queryset_data(self):
@ -247,7 +237,6 @@ class TagDetailView(ArticleListView):
return cache_key
def get_context_data(self, **kwargs):
# tag_name = self.kwargs['tag_name']
tag_name = self.name
kwargs['page_type'] = TagDetailView.page_type
kwargs['tag_name'] = tag_name
@ -255,9 +244,6 @@ class TagDetailView(ArticleListView):
class ArchivesView(ArticleListView):
'''
文章归档页面
'''
page_type = '文章归档'
paginate_by = None
page_kwarg = None
@ -292,17 +278,11 @@ class EsSearchView(SearchView):
if hasattr(self.results, "query") and self.results.query.backend.include_spelling:
context["suggestion"] = self.results.query.get_spelling_suggestion()
context.update(self.extra_context())
return context
@csrf_exempt
def fileupload(request):
"""
该方法需自己写调用端来上传图片该方法仅提供图床功能
:param request:
:return:
"""
if request.method == 'POST':
sign = request.GET.get('sign', None)
if not sign:
@ -331,7 +311,6 @@ def fileupload(request):
url = static(savepath)
response.append(url)
return HttpResponse(response)
else:
return HttpResponse("only for post")
@ -373,3 +352,201 @@ def permission_denied_view(
def clean_cache_view(request):
cache.clear()
return HttpResponse('ok')
# 文章点赞API视图
@login_required
def article_like(request, article_id):
"""
文章点赞/取消点赞 API
用户可以通过该接口对文章进行点赞或取消点赞
如果用户已点赞再次点赞将取消点赞如果未点赞则添加点赞
Args:
request: HTTP请求对象
article_id: 文章ID
Returns:
JsonResponse: 返回JSON格式的响应
"""
# 只接受POST请求
if request.method != 'POST':
return JsonResponse({
'success': False,
'message': _('只支持POST请求')
}, status=405)
# 获取文章对象
article = get_object_or_404(Article, id=article_id, status='p')
user = request.user
try:
# 尝试获取点赞记录
like = ArticleLike.objects.filter(article=article, user=user).first()
if like:
# 如果已点赞,则取消点赞
like.delete()
# 减少点赞数使用F表达式避免竞态条件
Article.objects.filter(id=article_id).update(like_count=F('like_count') - 1)
article.refresh_from_db()
return JsonResponse({
'success': True,
'liked': False,
'like_count': article.like_count,
'message': _('取消点赞成功')
})
else:
# 如果未点赞,则添加点赞
ArticleLike.objects.create(article=article, user=user)
# 增加点赞数使用F表达式避免竞态条件
Article.objects.filter(id=article_id).update(like_count=F('like_count') + 1)
article.refresh_from_db()
return JsonResponse({
'success': True,
'liked': True,
'like_count': article.like_count,
'message': _('点赞成功')
})
except Exception as e:
logger.error(f'点赞失败: {str(e)}')
return JsonResponse({
'success': False,
'message': _('点赞失败,请稍后再试')
}, status=500)
# 文章收藏API视图
@login_required
def article_favorite(request, article_id):
"""
文章收藏/取消收藏 API
用户可以通过该接口对文章进行收藏或取消收藏
如果用户已收藏再次收藏将取消收藏如果未收藏则添加收藏
Args:
request: HTTP请求对象
article_id: 文章ID
Returns:
JsonResponse: 返回JSON格式的响应
"""
# 只接受POST请求
if request.method != 'POST':
return JsonResponse({
'success': False,
'message': _('只支持POST请求')
}, status=405)
# 获取文章对象
article = get_object_or_404(Article, id=article_id, status='p')
user = request.user
try:
# 尝试获取收藏记录
favorite = ArticleFavorite.objects.filter(article=article, user=user).first()
if favorite:
# 如果已收藏,则取消收藏
favorite.delete()
# 减少收藏数使用F表达式避免竞态条件
Article.objects.filter(id=article_id).update(favorite_count=F('favorite_count') - 1)
article.refresh_from_db()
return JsonResponse({
'success': True,
'favorited': False,
'favorite_count': article.favorite_count,
'message': _('取消收藏成功')
})
else:
# 如果未收藏,则添加收藏
ArticleFavorite.objects.create(article=article, user=user)
# 增加收藏数使用F表达式避免竞态条件
Article.objects.filter(id=article_id).update(favorite_count=F('favorite_count') + 1)
article.refresh_from_db()
return JsonResponse({
'success': True,
'favorited': True,
'favorite_count': article.favorite_count,
'message': _('收藏成功')
})
except Exception as e:
logger.error(f'收藏失败: {str(e)}')
return JsonResponse({
'success': False,
'message': _('收藏失败,请稍后再试')
}, status=500)
# 我的喜欢列表视图
class MyLikesView(ArticleListView):
"""显示当前用户点赞的所有文章"""
template_name = 'blog/article_index.html'
page_type = '我的喜欢'
def get_queryset_data(self):
if not self.request.user.is_authenticated:
return Article.objects.none()
# 获取用户点赞的所有文章ID
liked_article_ids = ArticleLike.objects.filter(
user=self.request.user
).values_list('article_id', flat=True)
# 返回对应的文章列表
return Article.objects.filter(
id__in=liked_article_ids,
status='p'
).order_by('-pub_time')
def get_queryset_cache_key(self):
# 不使用缓存,因为点赞列表会频繁变化
return None
def get_queryset_from_cache(self, cache_key):
# 直接返回数据,不使用缓存
return self.get_queryset_data()
def get_context_data(self, **kwargs):
kwargs['page_type'] = self.page_type
return super(MyLikesView, self).get_context_data(**kwargs)
# 我的收藏列表视图
class MyFavoritesView(ArticleListView):
"""显示当前用户收藏的所有文章"""
template_name = 'blog/article_index.html'
page_type = '我的收藏'
def get_queryset_data(self):
if not self.request.user.is_authenticated:
return Article.objects.none()
# 获取用户收藏的所有文章ID
favorited_article_ids = ArticleFavorite.objects.filter(
user=self.request.user
).values_list('article_id', flat=True)
# 返回对应的文章列表
return Article.objects.filter(
id__in=favorited_article_ids,
status='p'
).order_by('-pub_time')
def get_queryset_cache_key(self):
# 不使用缓存,因为收藏列表会频繁变化
return None
def get_queryset_from_cache(self, cache_key):
# 直接返回数据,不使用缓存
return self.get_queryset_data()
def get_context_data(self, **kwargs):
kwargs['page_type'] = self.page_type
return super(MyFavoritesView, self).get_context_data(**kwargs)

1615
src/DjangoBlog/class_diagram.dot
View File

File diff suppressed because it is too large Load Diff

34
src/DjangoBlog/comments/admin.py
Unescape View File

@ -1,49 +1,79 @@
# 模块级注释Django管理后台配置模块 - 评论管理
# 本模块定义了评论模型在Django管理后台的显示配置和操作功能
from django.contrib import admin
from django.urls import reverse
from django.utils.html import format_html
from django.utils.translation import gettext_lazy as _
# 函数级注释:禁用评论状态操作
# 管理员动作函数,用于批量禁用选中的评论
def disable_commentstatus(modeladmin, request, queryset):
# 核心代码将查询集中所有评论的is_enable字段更新为False
queryset.update(is_enable=False)
# 函数级注释:启用评论状态操作
# 管理员动作函数,用于批量启用选中的评论
def enable_commentstatus(modeladmin, request, queryset):
# 核心代码将查询集中所有评论的is_enable字段更新为True
queryset.update(is_enable=True)
# 设置动作函数的显示名称(国际化)
disable_commentstatus.short_description = _('Disable comments')
enable_commentstatus.short_description = _('Enable comments')
# 类级注释:评论管理类
# 继承自admin.ModelAdmin自定义评论模型在Django管理后台的显示和行为
class CommentAdmin(admin.ModelAdmin):
# 每页显示记录数配置
list_per_page = 20
# 列表页显示的字段配置
list_display = (
'id',
'body',
'link_to_userinfo',
'link_to_article',
'link_to_userinfo', # 自定义方法显示用户链接
'link_to_article', # 自定义方法显示文章链接
'is_enable',
'creation_time')
# 可点击进入编辑页的字段
list_display_links = ('id', 'body', 'is_enable')
# 右侧过滤器配置
list_filter = ('is_enable',)
# 编辑页排除的字段(不显示)
exclude = ('creation_time', 'last_modify_time')
# 批量操作动作列表
actions = [disable_commentstatus, enable_commentstatus]
# 使用原始ID输入框的外键字段提升大表性能
raw_id_fields = ('author', 'article')
# 搜索字段配置
search_fields = ('body',)
# 方法级注释:用户信息链接显示
# 自定义方法,在列表页显示带链接的用户信息
def link_to_userinfo(self, obj):
# 核心代码获取用户模型的app_label和model_name
info = (obj.author._meta.app_label, obj.author._meta.model_name)
# 核心代码生成用户编辑页面的URL
link = reverse('admin:%s_%s_change' % info, args=(obj.author.id,))
# 核心代码返回带HTML链接的格式化字符串
return format_html(
u'<a href="%s">%s</a>' %
(link, obj.author.nickname if obj.author.nickname else obj.author.email))
# 方法级注释:文章链接显示
# 自定义方法,在列表页显示带链接的文章标题
def link_to_article(self, obj):
# 核心代码获取文章模型的app_label和model_name
info = (obj.article._meta.app_label, obj.article._meta.model_name)
# 核心代码生成文章编辑页面的URL
link = reverse('admin:%s_%s_change' % info, args=(obj.article.id,))
# 核心代码返回带HTML链接的格式化字符串
return format_html(
u'<a href="%s">%s</a>' % (link, obj.article.title))
# 设置自定义方法在列表页的显示名称(国际化)
link_to_userinfo.short_description = _('User')
link_to_article.short_description = _('Article')

6
src/DjangoBlog/comments/apps.py
Unescape View File

@ -1,5 +1,11 @@
# 模块级注释Django应用配置模块
# 本模块定义了comments应用的配置信息用于Django应用注册和初始化设置
from django.apps import AppConfig
# 类级注释:评论应用配置类
# 继承自AppConfig用于配置comments应用的基本信息和启动行为
class CommentsConfig(AppConfig):
# 应用名称字段定义应用的完整Python路径
# 此名称用于Django内部识别和应用引用
name = 'comments'

11
src/DjangoBlog/comments/forms.py
Unescape View File

@ -1,13 +1,24 @@
# 模块级注释Django表单定义模块 - 评论功能
# 本模块定义了评论相关的表单类,用于前端评论数据的验证和处理
from django import forms
from django.forms import ModelForm
# 导入评论模型,用于构建模型表单
from .models import Comment
# 类级注释:评论表单类
# 继承自ModelForm基于Comment模型自动生成表单字段和验证规则
class CommentForm(ModelForm):
# 父级评论ID字段隐藏输入字段用于处理评论回复功能
# 存储被回复评论的ID用户不可见但表单会处理
parent_comment_id = forms.IntegerField(
widget=forms.HiddenInput, required=False)
# 元数据类:配置模型表单的基本行为
class Meta:
# 指定关联的模型Comment模型
model = Comment
# 定义表单中包含的字段:只包含评论正文字段
# 其他字段如作者、文章等通过其他方式自动设置
fields = ['body']

28
src/DjangoBlog/comments/migrations/0001_initial.py
Unescape View File

@ -1,37 +1,65 @@
# Generated by Django 4.1.7 on 2023-03-02 07:14
# 模块级注释Django数据库迁移文件
# 本模块定义了评论功能的数据库迁移操作,包括创建评论表和相关字段
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
import django.utils.timezone
# 类级注释:数据库迁移类
# 继承自migrations.Migration定义数据库结构变更的完整操作序列
class Migration(migrations.Migration):
# 标记为初始迁移
# 表示这是comments应用的第一个迁移文件
initial = True
# 依赖关系定义
# 指定本迁移执行前需要先完成的依赖迁移
dependencies = [
# 依赖blog应用的初始迁移确保文章表已创建
('blog', '0001_initial'),
# 依赖用户模型迁移,确保用户表已存在
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
]
# 迁移操作列表
# 按顺序执行的数据库操作集合
operations = [
# 创建模型操作
# 定义Comment模型的数据库表结构
migrations.CreateModel(
name='Comment',
fields=[
# 主键字段自增BigAutoField作为评论的唯一标识
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
# 正文字段存储评论内容限制最大长度300字符
('body', models.TextField(max_length=300, verbose_name='正文')),
# 创建时间字段:记录评论创建时间,默认使用当前时区时间
('created_time', models.DateTimeField(default=django.utils.timezone.now, verbose_name='创建时间')),
# 修改时间字段:记录评论最后修改时间,默认使用当前时区时间
('last_mod_time', models.DateTimeField(default=django.utils.timezone.now, verbose_name='修改时间')),
# 启用状态字段控制评论是否显示布尔类型默认True
('is_enable', models.BooleanField(default=True, verbose_name='是否显示')),
# 外键字段:关联到文章模型,级联删除确保数据一致性
('article', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='blog.article', verbose_name='文章')),
# 外键字段:关联到用户模型,记录评论作者
('author', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL, verbose_name='作者')),
# 自关联外键:支持评论回复功能,允许空值表示顶级评论
('parent_comment', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to='comments.comment', verbose_name='上级评论')),
],
# 模型元选项配置
# 定义模型在admin中的显示名称和默认排序等行为
options={
# 单数显示名称在Django admin中显示的单数名称
'verbose_name': '评论',
# 复数显示名称在Django admin中显示的复数名称
'verbose_name_plural': '评论',
# 默认排序按ID倒序排列最新评论显示在最前面
'ordering': ['-id'],
# 最新记录定义指定按id字段获取最新记录
'get_latest_by': 'id',
},
),

16
src/DjangoBlog/comments/migrations/0002_alter_comment_is_enable.py
Unescape View File

@ -1,18 +1,34 @@
# Generated by Django 4.1.7 on 2023-04-24 13:48
# 模块级注释Django数据库迁移文件 - 评论功能字段修改
# 本模块用于修改评论表中is_enable字段的默认值配置
from django.db import migrations, models
# 类级注释:数据库迁移类
# 继承自migrations.Migration定义对现有数据库结构的修改操作
class Migration(migrations.Migration):
# 依赖关系定义
# 指定本迁移依赖于comments应用的初始迁移文件
dependencies = [
# 依赖comments应用的0001_initial迁移
# 确保评论表已创建后再执行本迁移
('comments', '0001_initial'),
]
# 迁移操作列表
# 包含对数据库结构的具体修改操作
operations = [
# 修改字段操作
# 对Comment模型的is_enable字段进行配置修改
migrations.AlterField(
# 指定要修改的模型名称
model_name='comment',
# 指定要修改的字段名称
name='is_enable',
# 新的字段配置将默认值从True改为False
# 新创建的评论默认不显示,需要手动启用
field=models.BooleanField(default=False, verbose_name='是否显示'),
),
]

29
src/DjangoBlog/comments/migrations/0003_alter_comment_options_remove_comment_created_time_and_more.py
Unescape View File

@ -1,57 +1,86 @@
# Generated by Django 4.2.5 on 2023-09-06 13:13
# 模块级注释Django数据库迁移文件 - 评论模型字段重构
# 本模块对评论模型进行重大重构,包括字段重命名、显示名称国际化等操作
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
import django.utils.timezone
# 类级注释:数据库迁移类
# 继承自migrations.Migration定义对评论模型的多个结构变更操作
class Migration(migrations.Migration):
# 依赖关系定义
# 指定本迁移执行前需要完成的依赖迁移文件
dependencies = [
# 依赖用户模型迁移,确保用户表结构就绪
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
# 依赖博客应用的第5次迁移确保文章表结构稳定
('blog', '0005_alter_article_options_alter_category_options_and_more'),
# 依赖评论应用的第2次迁移确保之前的字段修改已应用
('comments', '0002_alter_comment_is_enable'),
]
# 迁移操作列表
# 包含多个对评论模型的结构变更操作,按顺序执行
operations = [
# 修改模型选项操作
# 更新Comment模型的元数据配置主要修改显示名称
migrations.AlterModelOptions(
name='comment',
options={'get_latest_by': 'id', 'ordering': ['-id'], 'verbose_name': 'comment', 'verbose_name_plural': 'comment'},
),
# 删除字段操作
# 移除旧的创建时间字段,为新增字段做准备
migrations.RemoveField(
model_name='comment',
name='created_time',
),
# 删除字段操作
# 移除旧的最后修改时间字段,为新增字段做准备
migrations.RemoveField(
model_name='comment',
name='last_mod_time',
),
# 新增字段操作
# 添加新的创建时间字段,使用更清晰的字段命名
migrations.AddField(
model_name='comment',
name='creation_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='creation time'),
),
# 新增字段操作
# 添加新的最后修改时间字段,使用更清晰的字段命名
migrations.AddField(
model_name='comment',
name='last_modify_time',
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='last modify time'),
),
# 修改字段操作
# 更新文章外键字段的显示名称,改为英文
migrations.AlterField(
model_name='comment',
name='article',
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='blog.article', verbose_name='article'),
),
# 修改字段操作
# 更新作者外键字段的显示名称,改为英文
migrations.AlterField(
model_name='comment',
name='author',
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL, verbose_name='author'),
),
# 修改字段操作
# 更新启用状态字段的显示名称,改为英文
migrations.AlterField(
model_name='comment',
name='is_enable',
field=models.BooleanField(default=False, verbose_name='enable'),
),
# 修改字段操作
# 更新父级评论外键字段的显示名称,改为英文
migrations.AlterField(
model_name='comment',
name='parent_comment',

21
src/DjangoBlog/comments/models.py
Unescape View File

@ -1,39 +1,56 @@
# 模块级注释Django数据模型模块 - 评论系统
# 本模块定义了评论系统的数据模型,包括评论的基本字段、关联关系和业务逻辑
from django.conf import settings
from django.db import models
from django.utils.timezone import now
from django.utils.translation import gettext_lazy as _
# 导入文章模型,用于建立评论与文章的关联
from blog.models import Article
# Create your models here.
# 类级注释:评论模型类
# 继承自models.Model定义了评论数据的数据库表结构和字段约束
class Comment(models.Model):
# 正文字段存储评论内容最大长度300字符使用中文标签
body = models.TextField('正文', max_length=300)
# 创建时间字段:自动记录评论创建时间,使用国际化标签
creation_time = models.DateTimeField(_('creation time'), default=now)
# 最后修改时间字段:记录评论最后修改时间,使用国际化标签
last_modify_time = models.DateTimeField(_('last modify time'), default=now)
# 作者字段:外键关联到用户模型,级联删除,使用国际化标签
author = models.ForeignKey(
settings.AUTH_USER_MODEL,
verbose_name=_('author'),
on_delete=models.CASCADE)
# 文章字段:外键关联到文章模型,级联删除,使用国际化标签
article = models.ForeignKey(
Article,
verbose_name=_('article'),
on_delete=models.CASCADE)
# 父级评论字段:自关联外键,支持评论回复功能,允许空值
parent_comment = models.ForeignKey(
'self',
verbose_name=_('parent comment'),
blank=True,
null=True,
on_delete=models.CASCADE)
# 启用状态字段:控制评论是否显示,默认不显示,使用国际化标签
is_enable = models.BooleanField(_('enable'),
default=False, blank=False, null=False)
# 元数据类配置模型在数据库和admin中的行为
class Meta:
# 默认排序按ID倒序最新评论在前
ordering = ['-id']
# 单数显示名称:使用国际化翻译
verbose_name = _('comment')
# 复数显示名称:与单数相同
verbose_name_plural = verbose_name
# 最新记录定义按ID字段确定最新记录
get_latest_by = 'id'
# 字符串表示方法定义对象在Python中的显示格式
def __str__(self):
# 返回评论正文作为对象的字符串表示
return self.body

48
src/DjangoBlog/comments/tests.py
Unescape View File

@ -1,68 +1,92 @@
# 模块级注释Django测试模块 - 评论系统功能测试
# 本模块包含评论系统的完整测试用例,验证评论发布、回复、显示等核心功能
from django.test import Client, RequestFactory, TransactionTestCase
from django.urls import reverse
# 导入相关模型,用于测试数据准备
from accounts.models import BlogUser
from blog.models import Category, Article
from comments.models import Comment
# 导入评论标签模块,测试模板标签功能
from comments.templatetags.comments_tags import *
from djangoblog.utils import get_max_articleid_commentid
# Create your tests here.
# 类级注释:评论系统测试类
# 继承自TransactionTestCase支持数据库事务的测试用例
class CommentsTest(TransactionTestCase):
# 测试初始化方法:在每个测试方法执行前运行
def setUp(self):
# 创建测试客户端用于模拟HTTP请求
self.client = Client()
# 创建请求工厂,用于构建请求对象
self.factory = RequestFactory()
# 配置博客设置:启用评论审核功能
from blog.models import BlogSettings
value = BlogSettings()
value.comment_need_review = True
value.comment_need_review = True # 设置评论需要审核
value.save()
# 创建超级用户,用于测试认证相关的评论功能
self.user = BlogUser.objects.create_superuser(
email="liangliangyy1@gmail.com",
username="liangliangyy1",
password="liangliangyy1")
# 辅助方法:更新文章评论状态为启用
def update_article_comment_status(self, article):
# 获取文章的所有评论
comments = article.comment_set.all()
# 遍历所有评论,将其状态设置为启用
for comment in comments:
comment.is_enable = True
comment.save()
# 测试方法:验证评论功能
def test_validate_comment(self):
# 使用测试用户登录系统
self.client.login(username='liangliangyy1', password='liangliangyy1')
# 创建测试分类
category = Category()
category.name = "categoryccc"
category.save()
# 创建测试文章
article = Article()
article.title = "nicetitleccc"
article.body = "nicecontentccc"
article.author = self.user
article.category = category
article.type = 'a'
article.status = 'p'
article.type = 'a' # 文章类型
article.status = 'p' # 发布状态
article.save()
# 生成评论提交URL
comment_url = reverse(
'comments:postcomment', kwargs={
'article_id': article.id})
# 测试提交第一条评论
response = self.client.post(comment_url,
{
'body': '123ffffffffff'
})
# 验证响应状态码为302重定向
self.assertEqual(response.status_code, 302)
# 重新获取文章对象验证评论数量由于审核机制初始应为0
article = Article.objects.get(pk=article.pk)
self.assertEqual(len(article.comment_list()), 0)
self.update_article_comment_status(article)
# 更新评论状态为启用后验证评论数量变为1
self.update_article_comment_status(article)
self.assertEqual(len(article.comment_list()), 1)
# 测试提交第二条评论
response = self.client.post(comment_url,
{
'body': '123ffffffffff',
@ -70,11 +94,15 @@ class CommentsTest(TransactionTestCase):
self.assertEqual(response.status_code, 302)
# 验证第二条评论提交成功
article = Article.objects.get(pk=article.pk)
self.update_article_comment_status(article)
self.assertEqual(len(article.comment_list()), 2)
# 获取第一条评论的ID用于测试回复功能
parent_comment_id = article.comment_list()[0].id
# 测试提交带Markdown格式的回复评论
response = self.client.post(comment_url,
{
'body': '''
@ -93,17 +121,25 @@ class CommentsTest(TransactionTestCase):
'parent_comment_id': parent_comment_id
})
# 验证回复评论提交成功
self.assertEqual(response.status_code, 302)
self.update_article_comment_status(article)
article = Article.objects.get(pk=article.pk)
self.assertEqual(len(article.comment_list()), 3)
# 测试评论树解析功能
comment = Comment.objects.get(id=parent_comment_id)
tree = parse_commenttree(article.comment_list(), comment)
self.assertEqual(len(tree), 1)
# 测试评论项显示功能
data = show_comment_item(comment, True)
self.assertIsNotNone(data)
# 测试获取最大文章ID和评论ID功能
s = get_max_articleid_commentid()
self.assertIsNotNone(s)
# 测试评论邮件发送功能
from comments.utils import send_comment_email
send_comment_email(comment)

12
src/DjangoBlog/comments/urls.py
Unescape View File

@ -1,11 +1,23 @@
# 模块级注释Django URL配置模块 - 评论系统路由
# 本模块定义了评论系统的URL路由配置将URL路径映射到对应的视图函数
from django.urls import path
# 导入当前应用的视图模块用于处理URL请求
from . import views
# 应用命名空间定义:设置评论应用的命名空间为"comments"
# 用于Django的URL反向解析避免不同应用间的URL名称冲突
app_name = "comments"
# URL模式列表定义评论系统的所有URL路由规则
urlpatterns = [
# 评论提交路由:处理文章评论的提交请求
path(
# URL路径模式匹配/article/{文章ID}/postcomment格式的URL
# 其中<int:article_id>为路径参数捕获整数类型的文章ID
'article/<int:article_id>/postcomment',
# 对应的视图类使用CommentPostView类视图处理该路径的请求
views.CommentPostView.as_view(),
# URL名称命名为'postcomment'用于在模板和代码中进行URL反向解析
name='postcomment'),
]

23
src/DjangoBlog/comments/utils.py
Unescape View File

@ -1,17 +1,29 @@
# 模块级注释:评论邮件通知模块
# 本模块提供评论相关的邮件通知功能,包括新评论确认邮件和评论回复通知邮件
import logging
# 导入Django国际化翻译模块
from django.utils.translation import gettext_lazy as _
# 导入工具函数:获取当前站点信息和发送邮件
from djangoblog.utils import get_current_site
from djangoblog.utils import send_email
# 创建日志记录器实例,用于记录邮件发送过程中的错误信息
logger = logging.getLogger(__name__)
# 函数级注释:发送评论邮件通知
# 主要功能:向评论作者发送评论确认邮件,如果是对回复的评论,则同时向被回复者发送通知邮件
def send_comment_email(comment):
# 获取当前站点域名,用于构建完整的文章链接
site = get_current_site().domain
# 邮件主题:使用国际化翻译
subject = _('Thanks for your comment')
# 构建完整的文章URL地址
article_url = f"https://{site}{comment.article.get_absolute_url()}"
# 构建评论确认邮件的HTML内容
html_content = _("""<p>Thank you very much for your comments on this site</p>
You can visit <a href="%(article_url)s" rel="bookmark">%(article_title)s</a>
to review your comments,
@ -19,10 +31,17 @@ def send_comment_email(comment):
<br />
If the link above cannot be opened, please copy this link to your browser.
%(article_url)s""") % {'article_url': article_url, 'article_title': comment.article.title}
# 获取评论作者的邮箱地址
tomail = comment.author.email
# 发送评论确认邮件给评论作者
send_email([tomail], subject, html_content)
# 异常处理块:处理评论回复通知邮件的发送
try:
# 检查是否存在父级评论(即当前评论是否为回复评论)
if comment.parent_comment:
# 构建回复通知邮件的HTML内容
html_content = _("""Your comment on <a href="%(article_url)s" rel="bookmark">%(article_title)s</a><br/> has
received a reply. <br/> %(comment_body)s
<br/>
@ -32,7 +51,11 @@ def send_comment_email(comment):
%(article_url)s
""") % {'article_url': article_url, 'article_title': comment.article.title,
'comment_body': comment.parent_comment.body}
# 获取被回复评论作者的邮箱地址
tomail = comment.parent_comment.author.email
# 发送回复通知邮件给被回复者
send_email([tomail], subject, html_content)
# 捕获邮件发送过程中可能出现的任何异常
except Exception as e:
# 记录异常信息到日志,但不中断程序执行
logger.error(e)

38
src/DjangoBlog/comments/views.py
Unescape View File

@ -1,3 +1,5 @@
# 模块级注释Django视图模块 - 评论系统
# 本模块定义了评论提交的视图处理逻辑,包括评论验证、保存和重定向等功能
# Create your views here.
from django.core.exceptions import ValidationError
from django.http import HttpResponseRedirect
@ -6,58 +8,94 @@ from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_protect
from django.views.generic.edit import FormView
# 导入相关模型
from accounts.models import BlogUser
from blog.models import Article
from .forms import CommentForm
from .models import Comment
# 类级注释:评论提交视图类
# 继承自FormView处理评论表单的提交和验证
class CommentPostView(FormView):
# 指定使用的表单类
form_class = CommentForm
# 指定模板名称
template_name = 'blog/article_detail.html'
# 方法装饰器添加CSRF保护
@method_decorator(csrf_protect)
def dispatch(self, *args, **kwargs):
# 调用父类的dispatch方法确保CSRF保护生效
return super(CommentPostView, self).dispatch(*args, **kwargs)
# GET请求处理方法
def get(self, request, *args, **kwargs):
# 从URL参数获取文章ID
article_id = self.kwargs['article_id']
# 获取文章对象如果不存在返回404
article = get_object_or_404(Article, pk=article_id)
# 获取文章的绝对URL
url = article.get_absolute_url()
# 重定向到文章详情页的评论区域
return HttpResponseRedirect(url + "#comments")
# 表单验证失败处理方法
def form_invalid(self, form):
# 获取文章ID
article_id = self.kwargs['article_id']
# 获取文章对象
article = get_object_or_404(Article, pk=article_id)
# 重新渲染模板,显示表单错误信息
return self.render_to_response({
'form': form,
'article': article
})
# 表单验证成功处理方法
def form_valid(self, form):
"""提交的数据验证合法后的逻辑"""
# 获取当前登录用户
user = self.request.user
# 根据用户ID获取用户对象
author = BlogUser.objects.get(pk=user.pk)
# 从URL参数获取文章ID
article_id = self.kwargs['article_id']
# 获取文章对象
article = get_object_or_404(Article, pk=article_id)
# 检查文章是否允许评论
if article.comment_status == 'c' or article.status == 'c':
# 抛出验证异常:文章评论已关闭
raise ValidationError("该文章评论已关闭.")
# 从表单获取评论对象但不保存到数据库
comment = form.save(False)
# 设置评论关联的文章
comment.article = article
# 获取博客设置
from djangoblog.utils import get_blog_setting
settings = get_blog_setting()
# 如果设置不需要审核,直接启用评论
if not settings.comment_need_review:
comment.is_enable = True
# 设置评论作者
comment.author = author
# 处理回复评论的情况
if form.cleaned_data['parent_comment_id']:
# 获取父级评论对象
parent_comment = Comment.objects.get(
pk=form.cleaned_data['parent_comment_id'])
# 设置父级评论
comment.parent_comment = parent_comment
# 保存评论到数据库
comment.save(True)
# 重定向到文章页面并定位到新评论的位置
return HttpResponseRedirect(
"%s#div-comment-%d" %
(article.get_absolute_url(), comment.pk))

15
src/DjangoBlog/djangoblog/__init__.py
Unescape View File

@ -1 +1,16 @@
"""
Django应用配置入口模块
本模块定义了Django应用的默认配置类路径用于在Django启动时自动加载应用配置
这是Django应用的标准配置方式确保应用初始化代码能够正确执行
功能说明
- 指定默认的应用配置类
- 确保Django在启动时加载自定义应用配置
- 触发应用相关的初始化流程
"""
# 指定默认的应用配置类路径
# Django在启动时会自动加载此配置类并执行其中的ready()方法
# 这确保了插件系统和其他初始化代码能够在应用启动时正确执行
default_app_config = 'djangoblog.apps.DjangoblogAppConfig'

83
src/DjangoBlog/djangoblog/admin_site.py
Unescape View File

@ -1,8 +1,22 @@
"""
DjangoBlog 后台管理站点配置模块
本模块定义了自定义的Django后台管理站点用于统一管理博客系统的所有数据模型
通过自定义AdminSite类实现了权限控制界面定制和模型注册的集中管理
主要功能
- 自定义后台管理站点外观和权限
- 集中注册所有应用的模型到统一后台
- 提供超级用户专属的管理界面
- 集成日志记录用户管理内容管理等功能
"""
from django.contrib.admin import AdminSite
from django.contrib.admin.models import LogEntry
from django.contrib.sites.admin import SiteAdmin
from django.contrib.sites.models import Site
# 导入各应用的Admin配置类和模型类
from accounts.admin import *
from blog.admin import *
from blog.models import *
@ -18,15 +32,43 @@ from servermanager.models import *
class DjangoBlogAdminSite(AdminSite):
"""
自定义DjangoBlog后台管理站点
继承自Django原生的AdminSite类提供博客系统的定制化后台管理界面
包含站点标题设置权限控制和可选的URL扩展功能
"""
# 设置后台管理站点的头部标题
site_header = 'djangoblog administration'
# 设置浏览器标签页标题
site_title = 'djangoblog site admin'
def __init__(self, name='admin'):
"""
初始化后台管理站点
Args:
name (str): 管理站点的名称默认为'admin'
"""
# 调用父类初始化方法
super().__init__(name)
def has_permission(self, request):
"""
权限验证方法
重写权限检查逻辑只允许超级用户访问后台管理界面
Args:
request: HTTP请求对象
Returns:
bool: 如果是超级用户返回True否则返回False
"""
return request.user.is_superuser
# 注释掉的URL扩展方法 - 预留用于添加自定义管理视图
# def get_urls(self):
# urls = super().get_urls()
# from django.urls import path
@ -38,27 +80,38 @@ class DjangoBlogAdminSite(AdminSite):
# return urls + my_urls
# 创建自定义后台管理站点的实例
admin_site = DjangoBlogAdminSite(name='admin')
admin_site.register(Article, ArticlelAdmin)
admin_site.register(Category, CategoryAdmin)
admin_site.register(Tag, TagAdmin)
admin_site.register(Links, LinksAdmin)
admin_site.register(SideBar, SideBarAdmin)
admin_site.register(BlogSettings, BlogSettingsAdmin)
# 注册博客相关模型到后台管理
admin_site.register(Article, ArticleAdmin) # 文章模型
admin_site.register(Category, CategoryAdmin) # 分类模型
admin_site.register(Tag, TagAdmin) # 标签模型
admin_site.register(Links, LinksAdmin) # 友情链接模型
admin_site.register(SideBar, SideBarAdmin) # 侧边栏模型
admin_site.register(BlogSettings, BlogSettingsAdmin) # 博客设置模型
admin_site.register(ArticleLike, ArticleLikeAdmin) # 文章点赞模型
admin_site.register(ArticleFavorite, ArticleFavoriteAdmin) # 文章收藏模型
admin_site.register(commands, CommandsAdmin)
admin_site.register(EmailSendLog, EmailSendLogAdmin)
# 注册服务器管理相关模型
admin_site.register(commands, CommandsAdmin) # 命令模型
admin_site.register(EmailSendLog, EmailSendLogAdmin) # 邮件发送日志模型
admin_site.register(BlogUser, BlogUserAdmin)
# 注册用户管理模型
admin_site.register(BlogUser, BlogUserAdmin) # 博客用户模型
admin_site.register(Comment, CommentAdmin)
# 注册评论管理模型
admin_site.register(Comment, CommentAdmin) # 评论模型
admin_site.register(OAuthUser, OAuthUserAdmin)
admin_site.register(OAuthConfig, OAuthConfigAdmin)
# 注册OAuth认证相关模型
admin_site.register(OAuthUser, OAuthUserAdmin) # OAuth用户模型
admin_site.register(OAuthConfig, OAuthConfigAdmin) # OAuth配置模型
admin_site.register(OwnTrackLog, OwnTrackLogsAdmin)
# 注册位置追踪相关模型
admin_site.register(OwnTrackLog, OwnTrackLogsAdmin) # 位置追踪日志模型
admin_site.register(Site, SiteAdmin)
# 注册Django内置站点模型
admin_site.register(Site, SiteAdmin) # 站点模型
admin_site.register(LogEntry, LogEntryAdmin)
# 注册日志记录模型
admin_site.register(LogEntry, LogEntryAdmin) # 管理员操作日志模型

40
src/DjangoBlog/djangoblog/apps.py
Unescape View File

@ -1,11 +1,49 @@
"""
DjangoBlog 应用配置模块
本模块定义了DjangoBlog应用的核心配置类负责应用启动时的初始化工作
主要功能包括应用元数据配置和插件系统的自动加载
关键功能
- 配置Django应用的默认设置
- 在应用准备就绪时自动加载插件系统
- 确保插件在Django启动过程中正确初始化
"""
from django.apps import AppConfig
class DjangoblogAppConfig(AppConfig):
"""
DjangoBlog 应用配置类
继承自Django的AppConfig类用于配置DjangoBlog应用的各项设置
在Django启动时自动实例化并执行ready()方法完成初始化
"""
# 设置默认自增主键字段类型为BigAutoField64位整数
default_auto_field = 'django.db.models.BigAutoField'
# 定义应用的Python路径Django通过此名称识别应用
name = 'djangoblog'
def ready(self):
"""
应用准备就绪回调方法
当Django应用注册表完全加载后自动调用此方法
在此处执行应用启动时需要完成的初始化操作特别是插件系统的加载
执行流程
1. 调用父类的ready()方法确保基础初始化完成
2. 导入插件加载器模块
3. 调用load_plugins()函数加载所有激活的插件
"""
# 调用父类ready()方法确保Django基础初始化完成
super().ready()
# Import and load plugins here
# 导入插件加载器模块 - 在方法内导入避免循环依赖
from .plugin_manage.loader import load_plugins
# 执行插件加载函数,初始化所有配置的插件
load_plugins()

122
src/DjangoBlog/djangoblog/blog_signals.py
Unescape View File

@ -1,3 +1,17 @@
"""
DjangoBlog 信号处理模块
本模块定义了DjangoBlog系统的所有信号处理函数用于在特定事件发生时执行相应的操作
通过Django的信号机制实现了模块间的解耦和事件驱动的编程模式
主要功能
- 邮件发送信号处理
- OAuth用户登录信号处理
- 模型保存后的回调处理
- 用户登录/登出事件处理
- 缓存管理和搜索引擎通知
"""
import _thread
import logging
@ -9,6 +23,7 @@ from django.core.mail import EmailMultiAlternatives
from django.db.models.signals import post_save
from django.dispatch import receiver
# 导入应用相关模块
from comments.models import Comment
from comments.utils import send_comment_email
from djangoblog.spider_notify import SpiderNotify
@ -16,51 +31,88 @@ from djangoblog.utils import cache, expire_view_cache, delete_sidebar_cache, del
from djangoblog.utils import get_current_site
from oauth.models import OAuthUser
# 初始化模块级日志器
logger = logging.getLogger(__name__)
# 定义自定义信号
# OAuth用户登录信号传递用户ID参数
oauth_user_login_signal = django.dispatch.Signal(['id'])
# 邮件发送信号,传递收件人、标题和内容参数
send_email_signal = django.dispatch.Signal(
['emailto', 'title', 'content'])
@receiver(send_email_signal)
def send_email_signal_handler(sender, **kwargs):
emailto = kwargs['emailto']
title = kwargs['title']
content = kwargs['content']
"""
邮件发送信号处理函数
当收到send_email_signal信号时异步发送HTML格式邮件并记录发送日志
Args:
sender: 信号发送者
**kwargs: 包含emailto, title, content等参数
"""
# 从信号参数中提取邮件信息
emailto = kwargs['emailto'] # 收件人列表
title = kwargs['title'] # 邮件标题
content = kwargs['content'] # 邮件内容
# 创建邮件消息对象设置HTML格式
msg = EmailMultiAlternatives(
title,
content,
from_email=settings.DEFAULT_FROM_EMAIL,
from_email=settings.DEFAULT_FROM_EMAIL, # 使用配置的默认发件人
to=emailto)
msg.content_subtype = "html"
msg.content_subtype = "html" # 设置内容类型为HTML
# 导入邮件日志模型并创建日志记录
from servermanager.models import EmailSendLog
log = EmailSendLog()
log.title = title
log.content = content
log.emailto = ','.join(emailto)
log.emailto = ','.join(emailto) # 将收件人列表转换为字符串存储
try:
# 尝试发送邮件send()方法返回发送成功的邮件数量
result = msg.send()
log.send_result = result > 0
log.send_result = result > 0 # 记录发送结果(成功/失败)
except Exception as e:
# 记录邮件发送异常信息
logger.error(f"失败邮箱号: {emailto}, {e}")
log.send_result = False
# 保存邮件发送日志记录
log.save()
@receiver(oauth_user_login_signal)
def oauth_user_login_signal_handler(sender, **kwargs):
"""
OAuth用户登录信号处理函数
处理第三方登录用户的头像保存和缓存清理
Args:
sender: 信号发送者
**kwargs: 包含用户ID参数
"""
# 从信号参数中获取用户ID
id = kwargs['id']
# 根据ID获取OAuth用户对象
oauthuser = OAuthUser.objects.get(id=id)
# 获取当前站点域名
site = get_current_site().domain
# 检查用户头像是否需要下载保存(非本站图片)
if oauthuser.picture and not oauthuser.picture.find(site) >= 0:
# 导入头像保存工具函数
from djangoblog.utils import save_user_avatar
# 下载并保存用户头像更新头像URL
oauthuser.picture = save_user_avatar(oauthuser.picture)
oauthuser.save()
# 清理侧边栏缓存,确保显示最新用户信息
delete_sidebar_cache()
@ -73,42 +125,79 @@ def model_post_save_callback(
using,
update_fields,
**kwargs):
clearcache = False
"""
模型保存后回调信号处理函数
监听所有模型的post_save信号执行相应的缓存清理和通知操作
Args:
sender: 保存的模型类
instance: 保存的模型实例
created: 是否为新建记录
raw: 是否为原始保存
using: 使用的数据库别名
update_fields: 更新的字段集合
**kwargs: 其他参数
"""
clearcache = False # 标记是否需要清理整个缓存
# 跳过管理员操作日志的保存处理
if isinstance(instance, LogEntry):
return
# 检查实例是否有get_full_url方法通常是文章等可访问的模型
if 'get_full_url' in dir(instance):
# 判断是否为仅更新浏览量字段
is_update_views = update_fields == {'views'}
# 非测试环境且非仅更新浏览量时,通知搜索引擎
if not settings.TESTING and not is_update_views:
try:
# 获取实例的完整URL并通知百度搜索引擎
notify_url = instance.get_full_url()
SpiderNotify.baidu_notify([notify_url])
except Exception as ex:
logger.error("notify sipder", ex)
# 非仅更新浏览量时标记需要清理缓存
if not is_update_views:
clearcache = True
# 处理评论保存的特殊逻辑
if isinstance(instance, Comment):
# 只处理已启用的评论
if instance.is_enable:
# 获取评论所属文章的URL路径
path = instance.article.get_absolute_url()
site = get_current_site().domain
# 处理端口号(如果有)
if site.find(':') > 0:
site = site[0:site.find(':')]
# 使文章详情页缓存失效
expire_view_cache(
path,
servername=site,
serverport=80,
key_prefix='blogdetail')
# 清理SEO处理器缓存
if cache.get('seo_processor'):
cache.delete('seo_processor')
# 清理文章评论缓存
comment_cache_key = 'article_comments_{id}'.format(
id=instance.article.id)
cache.delete(comment_cache_key)
# 清理侧边栏缓存和评论视图缓存
delete_sidebar_cache()
delete_view_cache('article_comments', [str(instance.article.pk)])
# 在新线程中发送评论通知邮件(避免阻塞主线程)
_thread.start_new_thread(send_comment_email, (instance,))
# 如果需要清理整个缓存(文章等主要内容更新时)
if clearcache:
cache.clear()
@ -116,7 +205,20 @@ def model_post_save_callback(
@receiver(user_logged_in)
@receiver(user_logged_out)
def user_auth_callback(sender, request, user, **kwargs):
"""
用户登录/登出信号处理函数
处理用户认证状态变化时的缓存清理操作
Args:
sender: 信号发送者
request: HTTP请求对象
user: 用户对象
**kwargs: 其他参数
"""
# 确保用户对象存在且有用户名
if user and user.username:
logger.info(user)
delete_sidebar_cache()
logger.info(user) # 记录用户认证日志
delete_sidebar_cache() # 清理侧边栏缓存
# 注释掉的完整缓存清理(可根据需要启用)
# cache.clear()

247
src/DjangoBlog/djangoblog/elasticsearch_backend.py
Unescape View File

@ -1,3 +1,17 @@
"""
Elasticsearch 搜索引擎集成模块
本模块提供了Django Haystack与Elasticsearch的深度集成实现了博客文章的全文搜索功能
包含自定义的后端查询类搜索表单和引擎配置支持智能推荐和高效检索
主要功能
- Elasticsearch文档的索引管理
- 高级布尔查询和过滤
- 搜索词智能推荐
- 搜索结果的高亮和评分
- 与Django Haystack框架的无缝集成
"""
from django.utils.encoding import force_str
from elasticsearch_dsl import Q
from haystack.backends import BaseEngine, BaseSearchBackend, BaseSearchQuery, log_query
@ -5,98 +19,218 @@ from haystack.forms import ModelSearchForm
from haystack.models import SearchResult
from haystack.utils import log as logging
# 导入博客相关的文档定义和管理器
from blog.documents import ArticleDocument, ArticleDocumentManager
from blog.models import Article
# 初始化模块级日志器
logger = logging.getLogger(__name__)
class ElasticSearchBackend(BaseSearchBackend):
"""
Elasticsearch 搜索后端实现
继承自Haystack的BaseSearchBackend提供与Elasticsearch的交互功能
负责索引创建文档更新搜索执行和推荐词生成等核心操作
"""
def __init__(self, connection_alias, **connection_options):
"""
初始化Elasticsearch后端
Args:
connection_alias: 连接别名
**connection_options: 连接配置选项
"""
super(
ElasticSearchBackend,
self).__init__(
connection_alias,
**connection_options)
# 初始化文章文档管理器
self.manager = ArticleDocumentManager()
# 启用拼写建议功能
self.include_spelling = True
def _get_models(self, iterable):
"""
获取模型并转换为文档
Args:
iterable: 模型实例集合
Returns:
list: 转换后的文档对象列表
"""
# 如果提供了模型集合则使用,否则获取所有文章
models = iterable if iterable and iterable[0] else Article.objects.all()
# 将Django模型转换为Elasticsearch文档
docs = self.manager.convert_to_doc(models)
return docs
def _create(self, models):
"""
创建索引并添加文档
Args:
models: 要创建索引的模型集合
"""
# 创建Elasticsearch索引
self.manager.create_index()
# 获取并转换模型为文档
docs = self._get_models(models)
# 重建索引(添加所有文档)
self.manager.rebuild(docs)
def _delete(self, models):
"""
删除文档
Args:
models: 要删除的模型集合
Returns:
bool: 删除操作结果
"""
# 遍历并删除每个模型对应的文档
for m in models:
m.delete()
return True
def _rebuild(self, models):
"""
重建索引
Args:
models: 要重建索引的模型集合
"""
# 获取所有文章或指定模型集合
models = models if models else Article.objects.all()
# 转换模型为文档
docs = self.manager.convert_to_doc(models)
# 更新文档到索引
self.manager.update_docs(docs)
def update(self, index, iterable, commit=True):
"""
更新索引文档
Args:
index: 索引名称
iterable: 要更新的模型集合
commit: 是否立即提交Elasticsearch自动提交此参数保留
"""
# 获取模型并转换为文档
models = self._get_models(iterable)
# 更新文档到索引
self.manager.update_docs(models)
def remove(self, obj_or_string):
"""
移除单个文档
Args:
obj_or_string: 要移除的模型对象或标识
"""
# 获取要删除的模型文档
models = self._get_models([obj_or_string])
# 执行删除操作
self._delete(models)
def clear(self, models=None, commit=True):
"""
清空索引
Args:
models: 要清空的模型集合保留参数
commit: 是否立即提交保留参数
"""
# 移除所有文档传入None表示清空
self.remove(None)
@staticmethod
def get_suggestion(query: str) -> str:
"""获取推荐词, 如果没有找到添加原搜索词"""
"""
获取搜索推荐词
使用Elasticsearch的suggest功能提供搜索词建议
如果没有找到合适的建议词则返回原搜索词
Args:
query (str): 原始搜索词
Returns:
str: 处理后的推荐搜索词
"""
# 构建搜索请求包含suggest功能
search = ArticleDocument.search() \
.query("match", body=query) \
.suggest('suggest_search', query, term={'field': 'body'}) \
.execute()
keywords = []
# 处理suggest结果
for suggest in search.suggest.suggest_search:
if suggest["options"]:
# 使用推荐词
keywords.append(suggest["options"][0]["text"])
else:
# 没有推荐词时使用原词
keywords.append(suggest["text"])
# 将推荐词列表合并为字符串返回
return ' '.join(keywords)
@log_query
def search(self, query_string, **kwargs):
"""
执行搜索查询
核心搜索方法处理查询字符串并返回匹配的结果
支持分页过滤和拼写建议
Args:
query_string: 搜索查询字符串
**kwargs: 其他搜索参数分页偏移等
Returns:
dict: 包含搜索结果命中数分面信息和拼写建议的字典
"""
# 记录搜索查询日志
logger.info('search query_string:' + query_string)
# 获取分页参数
start_offset = kwargs.get('start_offset')
end_offset = kwargs.get('end_offset')
# 推荐词搜索
# 根据是否启用建议搜索,获取处理后的搜索词
if getattr(self, "is_suggest", None):
# 获取推荐搜索词
suggestion = self.get_suggestion(query_string)
else:
# 使用原搜索词
suggestion = query_string
# 构建布尔查询标题或正文匹配设置最小匹配度70%
q = Q('bool',
should=[Q('match', body=suggestion), Q('match', title=suggestion)],
minimum_should_match="70%")
# 构建搜索请求:添加状态和类型过滤,设置分页
search = ArticleDocument.search() \
.query('bool', filter=[q]) \
.filter('term', status='p') \
.filter('term', type='a') \
.source(False)[start_offset: end_offset]
# 执行搜索
results = search.execute()
# 获取总命中数
hits = results['hits'].total
raw_results = []
# 处理搜索结果转换为Haystack的SearchResult格式
for raw_result in results['hits']['hits']:
app_label = 'blog'
model_name = 'Article'
@ -104,47 +238,75 @@ class ElasticSearchBackend(BaseSearchBackend):
result_class = SearchResult
# 创建SearchResult对象
result = result_class(
app_label,
model_name,
raw_result['_id'],
raw_result['_score'],
raw_result['_id'], # 文档ID
raw_result['_score'], # 匹配分数
**additional_fields)
raw_results.append(result)
# 分面信息(当前未使用)
facets = {}
# 拼写建议:如果推荐词与原词不同则返回推荐词
spelling_suggestion = None if query_string == suggestion else suggestion
# 返回标准格式的搜索结果
return {
'results': raw_results,
'hits': hits,
'facets': facets,
'spelling_suggestion': spelling_suggestion,
'results': raw_results, # 搜索结果列表
'hits': hits, # 总命中数
'facets': facets, # 分面信息
'spelling_suggestion': spelling_suggestion, # 拼写建议
}
class ElasticSearchQuery(BaseSearchQuery):
"""
Elasticsearch 查询构建器
继承自Haystack的BaseSearchQuery负责构建Elasticsearch查询
处理查询字符串的清理和参数构建
"""
def _convert_datetime(self, date):
"""
转换日期时间格式
Args:
date: 日期时间对象
Returns:
str: 格式化后的日期时间字符串
"""
if hasattr(date, 'hour'):
# 包含时间的完整日期时间格式
return force_str(date.strftime('%Y%m%d%H%M%S'))
else:
# 仅日期格式,时间部分补零
return force_str(date.strftime('%Y%m%d000000'))
def clean(self, query_fragment):
"""
Provides a mechanism for sanitizing user input before presenting the
value to the backend.
清理查询片段
对用户输入的查询词进行清理和转义处理防止注入攻击
Whoosh 1.X differs here in that you can no longer use a backslash
to escape reserved characters. Instead, the whole word should be
quoted.
Args:
query_fragment: 原始查询片段
Returns:
str: 清理后的查询字符串
"""
words = query_fragment.split()
cleaned_words = []
for word in words:
# 处理保留字(转为小写)
if word in self.backend.RESERVED_WORDS:
word = word.replace(word, word.lower())
# 处理保留字符(用引号包围)
for char in self.backend.RESERVED_CHARACTERS:
if char in word:
word = "'%s'" % word
@ -155,29 +317,86 @@ class ElasticSearchQuery(BaseSearchQuery):
return ' '.join(cleaned_words)
def build_query_fragment(self, field, filter_type, value):
"""
构建查询片段
Args:
field: 字段名
filter_type: 过滤器类型
value: 字段值
Returns:
str: 查询片段字符串
"""
return value.query_string
def get_count(self):
"""
获取搜索结果数量
Returns:
int: 搜索结果数量
"""
results = self.get_results()
return len(results) if results else 0
def get_spelling_suggestion(self, preferred_query=None):
"""
获取拼写建议
Args:
preferred_query: 优先查询词
Returns:
str: 拼写建议
"""
return self._spelling_suggestion
def build_params(self, spelling_query=None):
"""
构建搜索参数
Args:
spelling_query: 拼写查询词
Returns:
dict: 搜索参数字典
"""
kwargs = super(ElasticSearchQuery, self).build_params(spelling_query=spelling_query)
return kwargs
class ElasticSearchModelSearchForm(ModelSearchForm):
"""
Elasticsearch 模型搜索表单
扩展Haystack的ModelSearchForm支持建议搜索功能
"""
def search(self):
# 是否建议搜索
"""
执行搜索
重写搜索方法根据表单数据设置是否启用建议搜索
Returns:
SearchQuerySet: 搜索查询结果集
"""
# 根据表单数据设置是否启用建议搜索
self.searchqueryset.query.backend.is_suggest = self.data.get("is_suggest") != "no"
# 调用父类搜索方法
sqs = super().search()
return sqs
class ElasticSearchEngine(BaseEngine):
"""
Elasticsearch 搜索引擎配置
配置Haystack使用自定义的Elasticsearch后端和查询类
"""
# 指定自定义的后端类
backend = ElasticSearchBackend
# 指定自定义的查询类
query = ElasticSearchQuery

52
src/DjangoBlog/djangoblog/feeds.py
Unescape View File

@ -1,3 +1,16 @@
"""
RSS订阅源生成模块
本模块提供了DjangoBlog的RSS订阅功能基于Django的Feed框架实现
生成符合RSS 2.0标准的订阅源包含文章标题内容作者信息等
主要功能
- 生成博客文章的RSS订阅源
- 支持Markdown格式的内容渲染
- 提供作者信息和版权声明
- 符合RSS 2.0标准规范
"""
from django.contrib.auth import get_user_model
from django.contrib.syndication.views import Feed
from django.utils import timezone
@ -8,33 +21,72 @@ from djangoblog.utils import CommonMarkdown
class DjangoBlogFeed(Feed):
# 指定使用RSS 2.0格式生成订阅源
feed_type = Rss201rev2Feed
# 订阅源描述信息
description = '大巧无工,重剑无锋.'
# 订阅源标题
title = "且听风吟 大巧无工,重剑无锋. "
# 订阅源链接地址
link = "/feed/"
def author_name(self):
"""
获取作者名称
返回博客第一用户的昵称作为订阅源作者
"""
return get_user_model().objects.first().nickname
def author_link(self):
"""
获取作者链接
返回博客第一用户的个人主页链接
"""
return get_user_model().objects.first().get_absolute_url()
def items(self):
"""
获取订阅项目列表
返回最近发布的5篇文章按发布时间倒序排列
只包含已发布的文章类型
"""
return Article.objects.filter(type='a', status='p').order_by('-pub_time')[:5]
def item_title(self, item):
"""
获取单个项目的标题
"""
return item.title
def item_description(self, item):
"""
获取单个项目的描述内容
将文章的Markdown内容转换为HTML格式
"""
return CommonMarkdown.get_markdown(item.body)
def feed_copyright(self):
"""
获取订阅源版权信息
生成包含当前年份的版权声明
"""
now = timezone.now()
return "Copyright© {year} 且听风吟".format(year=now.year)
def item_link(self, item):
"""
获取单个项目的链接
"""
return item.get_absolute_url()
def item_guid(self, item):
"""
获取单个项目的全局唯一标识符
"""
return

72
src/DjangoBlog/djangoblog/logentryadmin.py
Unescape View File

@ -1,3 +1,16 @@
"""
管理员操作日志后台管理模块
本模块提供了Django管理员操作日志的自定义后台管理界面
用于查看和追踪管理员在后台的所有操作记录包括增删改等操作
主要功能
- 自定义日志列表显示格式
- 提供对象和用户的超链接跳转
- 权限控制和操作限制
- 搜索和过滤功能
"""
from django.contrib import admin
from django.contrib.admin.models import DELETION
from django.contrib.contenttypes.models import ContentType
@ -9,45 +22,73 @@ from django.utils.translation import gettext_lazy as _
class LogEntryAdmin(admin.ModelAdmin):
"""
管理员操作日志后台管理类
自定义Django默认的LogEntry模型管理界面提供更好的用户体验和功能
"""
# 列表页过滤器配置 - 按内容类型过滤
list_filter = [
'content_type'
]
# 搜索字段配置 - 支持按对象表示和变更消息搜索
search_fields = [
'object_repr',
'change_message'
]
# 列表页可点击的字段 - 操作时间作为链接
list_display_links = [
'action_time',
'get_change_message',
]
# 列表页显示的字段
list_display = [
'action_time',
'user_link',
'content_type',
'object_link',
'get_change_message',
'action_time', # 操作时间
'user_link', # 操作用户(带链接)
'content_type', # 内容类型
'object_link', # 操作对象(带链接)
'get_change_message', # 变更消息
]
def has_add_permission(self, request):
"""
禁用添加权限 - 日志记录只能由系统自动创建
"""
return False
def has_change_permission(self, request, obj=None):
"""
控制修改权限 - 只允许超级用户或具有特定权限的用户查看
"""
return (
request.user.is_superuser or
request.user.has_perm('admin.change_logentry')
) and request.method != 'POST'
def has_delete_permission(self, request, obj=None):
"""
禁用删除权限 - 防止误删重要的操作日志
"""
return False
def object_link(self, obj):
"""
生成操作对象的超链接
对于非删除操作尝试生成指向对象编辑页面的链接
如果是删除操作或无法生成链接则返回纯文本表示
"""
# 转义对象表示字符串防止XSS攻击
object_link = escape(obj.object_repr)
content_type = obj.content_type
# 对于非删除操作且内容类型存在的情况,尝试生成链接
if obj.action_flag != DELETION and content_type is not None:
# try returning an actual link instead of object repr string
# 尝试返回实际链接而不是对象表示字符串
try:
url = reverse(
'admin:{}_{}_change'.format(content_type.app_label,
@ -56,17 +97,26 @@ class LogEntryAdmin(admin.ModelAdmin):
)
object_link = '<a href="{}">{}</a>'.format(url, object_link)
except NoReverseMatch:
# 如果无法生成反向URL保持原样
pass
return mark_safe(object_link)
# 设置对象链接的排序字段和显示名称
object_link.admin_order_field = 'object_repr'
object_link.short_description = _('object')
def user_link(self, obj):
"""
生成操作用户的超链接
尝试生成指向用户编辑页面的链接如果无法生成则返回纯文本
"""
# 获取用户模型的内容类型
content_type = ContentType.objects.get_for_model(type(obj.user))
# 转义用户表示字符串
user_link = escape(force_str(obj.user))
try:
# try returning an actual link instead of object repr string
# 尝试返回实际链接而不是用户表示字符串
url = reverse(
'admin:{}_{}_change'.format(content_type.app_label,
content_type.model),
@ -74,17 +124,25 @@ class LogEntryAdmin(admin.ModelAdmin):
)
user_link = '<a href="{}">{}</a>'.format(url, user_link)
except NoReverseMatch:
# 如果无法生成反向URL保持原样
pass
return mark_safe(user_link)
# 设置用户链接的排序字段和显示名称
user_link.admin_order_field = 'user'
user_link.short_description = _('user')
def get_queryset(self, request):
"""
优化查询集 - 预取关联的内容类型数据
"""
queryset = super(LogEntryAdmin, self).get_queryset(request)
return queryset.prefetch_related('content_type')
def get_actions(self, request):
"""
移除批量删除操作 - 防止误删日志记录
"""
actions = super(LogEntryAdmin, self).get_actions(request)
if 'delete_selected' in actions:
del actions['delete_selected']

72
src/DjangoBlog/djangoblog/plugin_manage/base_plugin.py
Unescape View File

@ -1,41 +1,93 @@
"""
插件系统基础模块
本模块提供了插件系统的基础框架定义了所有插件的基类BasePlugin
实现了插件的元数据管理初始化流程钩子注册和插件信息获取等核心功能
主要功能
- 插件元数据定义和验证
- 标准化的插件初始化流程
- 钩子注册机制
- 插件信息统一管理
"""
import logging
# 初始化模块级日志器,用于记录插件相关操作
logger = logging.getLogger(__name__)
class BasePlugin:
# 插件元数据
PLUGIN_NAME = None
PLUGIN_DESCRIPTION = None
PLUGIN_VERSION = None
"""
插件基类
所有具体插件的父类定义了插件的标准接口和基本行为
提供了插件元数据管理初始化钩子注册等基础功能
类属性:
PLUGIN_NAME: 插件名称必须由子类定义
PLUGIN_DESCRIPTION: 插件描述必须由子类定义
PLUGIN_VERSION: 插件版本必须由子类定义
"""
# 插件元数据 - 必须由子类重写的类属性
PLUGIN_NAME = None # 插件名称标识
PLUGIN_DESCRIPTION = None # 插件功能描述
PLUGIN_VERSION = None # 插件版本号
def __init__(self):
"""
插件基类构造函数
执行插件初始化流程包括
1. 验证插件元数据完整性
2. 调用插件初始化方法
3. 注册插件钩子
Raises:
ValueError: 当插件元数据未完整定义时抛出
"""
# 验证插件元数据是否完整定义
if not all([self.PLUGIN_NAME, self.PLUGIN_DESCRIPTION, self.PLUGIN_VERSION]):
raise ValueError("Plugin metadata (PLUGIN_NAME, PLUGIN_DESCRIPTION, PLUGIN_VERSION) must be defined.")
# 执行插件初始化逻辑
self.init_plugin()
# 注册插件钩子函数
self.register_hooks()
def init_plugin(self):
"""
插件初始化逻辑
子类可以重写此方法来实现特定的初始化操作
子类可以重写此方法来实现特定的初始化操作
基类实现仅记录初始化日志信息
"""
# 记录插件初始化成功日志
logger.info(f'{self.PLUGIN_NAME} initialized.')
def register_hooks(self):
"""
注册插件钩子
子类可以重写此方法来注册特定的钩子
子类可以重写此方法来注册特定的钩子
基类实现为空方法由子类按需实现具体钩子注册逻辑
"""
# 基类不实现具体钩子注册,由子类重写
pass
def get_plugin_info(self):
"""
获取插件信息
:return: 包含插件元数据的字典
返回包含插件完整元数据的字典用于插件信息展示和管理
Returns:
dict: 包含插件名称描述和版本的字典对象
"""
# 构建并返回插件元数据字典
return {
'name': self.PLUGIN_NAME,
'description': self.PLUGIN_DESCRIPTION,
'version': self.PLUGIN_VERSION
'name': self.PLUGIN_NAME, # 插件名称
'description': self.PLUGIN_DESCRIPTION, # 插件功能描述
'version': self.PLUGIN_VERSION # 插件版本号
}

21
src/DjangoBlog/djangoblog/plugin_manage/hook_constants.py
Unescape View File

@ -1,7 +1,26 @@
"""
钩子事件常量定义模块
本模块定义了文章相关的钩子事件常量用于在插件系统中标识不同的事件类型
这些常量作为事件触发器名称用于在特定时机执行注册的钩子函数
主要用途
- 统一管理事件名称常量
- 提供类型安全的钩子标识
- 便于在插件系统中注册和触发事件
"""
# 文章详情加载事件 - 当文章详情数据被加载时触发
ARTICLE_DETAIL_LOAD = 'article_detail_load'
# 文章创建事件 - 当新文章被创建时触发
ARTICLE_CREATE = 'article_create'
# 文章更新事件 - 当现有文章被修改时触发
ARTICLE_UPDATE = 'article_update'
# 文章删除事件 - 当文章被删除时触发
ARTICLE_DELETE = 'article_delete'
# 文章内容处理钩子名称 - 专门用于处理文章内容的钩子标识
ARTICLE_CONTENT_HOOK_NAME = "the_content"

86
src/DjangoBlog/djangoblog/plugin_manage/hooks.py
Unescape View File

@ -1,44 +1,116 @@
"""
钩子管理系统模块
本模块提供了完整的钩子Hook管理机制支持两种类型的钩子
1. Action Hook动作钩子按顺序执行注册的回调函数不返回值
2. Filter Hook过滤器钩子对输入值进行链式处理返回处理后的值
主要功能
- 钩子回调函数的注册管理
- 动作钩子的顺序执行
- 过滤器钩子的链式处理
- 完善的错误处理和日志记录
"""
import logging
# 初始化模块级日志器,用于记录钩子相关操作
logger = logging.getLogger(__name__)
# 全局钩子存储字典
# 结构:{hook_name: [callback1, callback2, ...]}
_hooks = {}
def register(hook_name: str, callback: callable):
"""
注册一个钩子回调
注册一个钩子回调函数
将回调函数注册到指定的钩子名称下支持同一钩子名称注册多个回调函数
回调函数将按照注册顺序执行
Args:
hook_name (str): 钩子名称标识
callback (callable): 要注册的回调函数
Examples:
>>> register('article_create', my_callback_function)
"""
# 检查钩子名称是否已存在,不存在则初始化空列表
if hook_name not in _hooks:
_hooks[hook_name] = []
# 将回调函数添加到对应钩子的回调列表中
_hooks[hook_name].append(callback)
# 记录调试日志,跟踪钩子注册情况
logger.debug(f"Registered hook '{hook_name}' with callback '{callback.__name__}'")
def run_action(hook_name: str, *args, **kwargs):
"""
执行一个 Action Hook
它会按顺序执行所有注册到该钩子上的回调函数
执行一个 Action Hook动作钩子
按注册顺序执行所有注册到该钩子上的回调函数
动作钩子主要用于执行副作用操作不返回任何值
Args:
hook_name (str): 要执行的钩子名称
*args: 传递给回调函数的位置参数
**kwargs: 传递给回调函数的关键字参数
Examples:
>>> run_action('article_create', article_obj, user_obj)
"""
# 检查指定钩子是否有注册的回调函数
if hook_name in _hooks:
# 记录钩子执行开始日志
logger.debug(f"Running action hook '{hook_name}'")
# 遍历该钩子下的所有回调函数
for callback in _hooks[hook_name]:
try:
# 执行回调函数,传入所有参数
callback(*args, **kwargs)
except Exception as e:
logger.error(f"Error running action hook '{hook_name}' callback '{callback.__name__}': {e}", exc_info=True)
# 捕获并记录回调函数执行中的异常,但不中断其他回调的执行
logger.error(f"Error running action hook '{hook_name}' callback '{callback.__name__}': {e}",
exc_info=True)
def apply_filters(hook_name: str, value, *args, **kwargs):
"""
执行一个 Filter Hook
它会把 value 依次传递给所有注册的回调函数进行处理
执行一个 Filter Hook过滤器钩子
将输入值依次传递给所有注册的回调函数进行链式处理
每个回调函数的返回值将作为下一个回调函数的输入值
Args:
hook_name (str): 要执行的过滤器钩子名称
value: 初始输入值将被回调函数处理
*args: 传递给回调函数的额外位置参数
**kwargs: 传递给回调函数的额外关键字参数
Returns:
any: 经过所有回调函数处理后的最终值
Examples:
>>> processed_content = apply_filters('the_content', raw_content)
"""
# 检查指定过滤器钩子是否有注册的回调函数
if hook_name in _hooks:
# 记录过滤器应用开始日志
logger.debug(f"Applying filter hook '{hook_name}'")
# 遍历该钩子下的所有回调函数
for callback in _hooks[hook_name]:
try:
# 将当前值传递给回调函数处理,并更新为返回值
value = callback(value, *args, **kwargs)
except Exception as e:
logger.error(f"Error applying filter hook '{hook_name}' callback '{callback.__name__}': {e}", exc_info=True)
# 捕获并记录回调函数执行中的异常,但不中断处理链
logger.error(f"Error applying filter hook '{hook_name}' callback '{callback.__name__}': {e}",
exc_info=True)
# 返回经过所有过滤器处理后的最终值
return value

39
src/DjangoBlog/djangoblog/plugin_manage/loader.py
Unescape View File

@ -1,19 +1,54 @@
"""
插件动态加载模块
本模块提供了插件系统的动态加载功能负责在Django应用启动时自动加载和初始化已激活的插件
通过扫描插件目录并导入插件模块实现插件的热插拔管理
主要功能
- 动态扫描插件目录
- 按配置加载激活的插件
- 插件模块的导入和初始化
- 加载状态的日志记录
"""
import os
import logging
from django.conf import settings
# 初始化模块级日志器,用于记录插件加载过程
logger = logging.getLogger(__name__)
def load_plugins():
"""
Dynamically loads and initializes plugins from the 'plugins' directory.
This function is intended to be called when the Django app registry is ready.
动态加载并初始化插件
从配置的插件目录中加载所有激活的插件模块
此函数应在Django应用注册表准备就绪后调用
加载流程
1. 遍历settings.ACTIVE_PLUGINS中配置的插件名称
2. 检查插件目录和plugin.py文件是否存在
3. 动态导入插件模块
4. 记录加载成功或失败状态
注意插件模块的导入会触发其内部代码执行包括类定义和注册逻辑
"""
# 遍历所有在配置中激活的插件名称
for plugin_name in settings.ACTIVE_PLUGINS:
# 构建插件目录的完整路径
plugin_path = os.path.join(settings.PLUGINS_DIR, plugin_name)
# 检查插件目录是否存在且包含plugin.py文件
if os.path.isdir(plugin_path) and os.path.exists(os.path.join(plugin_path, 'plugin.py')):
try:
# 动态导入插件模块,使用点分模块路径格式
# 导入操作会执行插件模块中的代码,完成插件注册
__import__(f'plugins.{plugin_name}.plugin')
# 记录插件加载成功日志
logger.info(f"Successfully loaded plugin: {plugin_name}")
except ImportError as e:
# 捕获导入异常,记录详细的错误信息
logger.error(f"Failed to import plugin: {plugin_name}", exc_info=e)

182
src/DjangoBlog/djangoblog/settings.py
Unescape View File

@ -1,14 +1,20 @@
"""
Django settings for djangoblog project.
Generated by 'django-admin startproject' using Django 1.10.2.
For more information on this file, see
https://docs.djangoproject.com/en/1.10/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/1.10/ref/settings/
DjangoBlog 项目配置文件
本模块包含DjangoBlog项目的所有配置设置包括数据库应用中间件国际化缓存邮件等
根据Django 1.10+的配置规范组织支持开发和生产环境的不同配置
主要配置类别
- 基础路径和密钥配置
- 应用和中间件配置
- 数据库和缓存配置
- 国际化设置
- 静态文件和媒体文件配置
- 邮件和日志配置
- 安全相关配置
- 搜索和插件系统配置
"""
import os
import sys
from pathlib import Path
@ -17,34 +23,46 @@ from django.utils.translation import gettext_lazy as _
def env_to_bool(env, default):
"""
环境变量转布尔值工具函数
将环境变量的字符串值转换为布尔值用于灵活的配置开关
Args:
env: 环境变量名
default: 默认值
Returns:
bool: 转换后的布尔值
"""
str_val = os.environ.get(env)
return default if str_val is None else str_val == 'True'
# Build paths inside the project like this: BASE_DIR / 'subdir'.
# 构建项目基础路径 - 使用pathlib现代路径处理方式
BASE_DIR = Path(__file__).resolve().parent.parent
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
# 安全密钥配置 - 生产环境必须从环境变量获取
SECRET_KEY = os.environ.get(
'DJANGO_SECRET_KEY') or 'n9ceqv38)#&mwuat@(mjb_p%em$e8$qyr#fw9ot!=ba6lijx-6'
# SECURITY WARNING: don't run with debug turned on in production!
# 调试模式开关 - 生产环境必须关闭
DEBUG = env_to_bool('DJANGO_DEBUG', True)
# DEBUG = False
# 测试模式标识 - 根据命令行参数判断是否为测试环境
TESTING = len(sys.argv) > 1 and sys.argv[1] == 'test'
# ALLOWED_HOSTS = []
# 允许的主机名配置 - 生产环境需要具体指定
ALLOWED_HOSTS = ['*', '127.0.0.1', 'example.com']
# django 4.0新增配置
CSRF_TRUSTED_ORIGINS = ['http://example.com']
# Application definition
# Django 4.0新增CSRF信任源配置
CSRF_TRUSTED_ORIGINS = ['http://example.com']
# 已安装应用列表 - 定义项目使用的所有Django应用
INSTALLED_APPS = [
# 'django.contrib.admin',
# 使用简化的Admin配置
'django.contrib.admin.apps.SimpleAdminConfig',
# Django核心功能应用
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
@ -52,37 +70,54 @@ INSTALLED_APPS = [
'django.contrib.staticfiles',
'django.contrib.sites',
'django.contrib.sitemaps',
'mdeditor',
'haystack',
'blog',
'accounts',
'comments',
'oauth',
'servermanager',
'owntracks',
'compressor',
'djangoblog'
# 第三方应用
'mdeditor', # Markdown编辑器
'haystack', # 搜索框架
'compressor', # 静态文件压缩
# 项目自定义应用
'blog', # 博客核心功能
'accounts', # 用户账户管理
'comments', # 评论系统
'oauth', # OAuth认证
'servermanager', # 服务器管理
'owntracks', # 位置追踪
'djangoblog' # 项目主应用
]
# 中间件配置 - 定义请求处理管道
MIDDLEWARE = [
# 安全相关中间件
'django.middleware.security.SecurityMiddleware',
# 会话管理中间件
'django.contrib.sessions.middleware.SessionMiddleware',
# 国际化中间件
'django.middleware.locale.LocaleMiddleware',
# Gzip压缩中间件
'django.middleware.gzip.GZipMiddleware',
# 缓存中间件(注释状态)
# 'django.middleware.cache.UpdateCacheMiddleware',
# 通用中间件
'django.middleware.common.CommonMiddleware',
# 缓存中间件(注释状态)
# 'django.middleware.cache.FetchFromCacheMiddleware',
# CSRF保护中间件
'django.middleware.csrf.CsrfViewMiddleware',
# 认证中间件
'django.contrib.auth.middleware.AuthenticationMiddleware',
# 消息中间件
'django.contrib.messages.middleware.MessageMiddleware',
# 点击劫持保护中间件
'django.middleware.clickjacking.XFrameOptionsMiddleware',
# 条件GET中间件
'django.middleware.http.ConditionalGetMiddleware',
# 自定义在线用户中间件
'blog.middleware.OnlineMiddleware'
]
# 根URL配置
ROOT_URLCONF = 'djangoblog.urls'
# 模板配置
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
@ -94,18 +129,17 @@ TEMPLATES = [
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
# 自定义SEO处理器
'blog.context_processors.seo_processor'
],
},
},
]
# WSGI应用配置
WSGI_APPLICATION = 'djangoblog.wsgi.application'
# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
# 数据库配置 - 使用MySQL作为默认数据库
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
@ -117,9 +151,7 @@ DATABASES = {
}
}
# Password validation
# https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators
# 密码验证器配置
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
@ -135,62 +167,75 @@ AUTH_PASSWORD_VALIDATORS = [
},
]
# 国际化配置
LANGUAGES = (
('en', _('English')),
('zh-hans', _('Simplified Chinese')),
('zh-hant', _('Traditional Chinese')),
)
# 本地化文件路径
LOCALE_PATHS = (
os.path.join(BASE_DIR, 'locale'),
)
# 默认语言代码
LANGUAGE_CODE = 'zh-hans'
# 时区配置
TIME_ZONE = 'Asia/Shanghai'
# 国际化开关
USE_I18N = True
# 本地化开关
USE_L10N = True
# 时区支持开关
USE_TZ = False
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.10/howto/static-files/
# Haystack搜索配置
HAYSTACK_CONNECTIONS = {
'default': {
'ENGINE': 'djangoblog.whoosh_cn_backend.WhooshEngine',
'PATH': os.path.join(os.path.dirname(__file__), 'whoosh_index'),
},
}
# Automatically update searching index
# 实时更新搜索索引
HAYSTACK_SIGNAL_PROCESSOR = 'haystack.signals.RealtimeSignalProcessor'
# Allow user login with username and password
# 认证后端配置 - 支持邮箱或用户名登录
AUTHENTICATION_BACKENDS = [
'accounts.user_login_backend.EmailOrUsernameModelBackend']
# 静态文件配置
STATIC_ROOT = os.path.join(BASE_DIR, 'collectedstatic')
STATIC_URL = '/static/'
STATICFILES = os.path.join(BASE_DIR, 'static')
# 自定义用户模型
AUTH_USER_MODEL = 'accounts.BlogUser'
# 登录URL
LOGIN_URL = '/login/'
# 时间格式配置
TIME_FORMAT = '%Y-%m-%d %H:%M:%S'
DATE_TIME_FORMAT = '%Y-%m-%d'
# bootstrap color styles
# Bootstrap颜色类型
BOOTSTRAP_COLOR_TYPES = [
'default', 'primary', 'success', 'info', 'warning', 'danger'
]
# paginate
# 分页配置
PAGINATE_BY = 10
# http cache timeout
# HTTP缓存超时时间
CACHE_CONTROL_MAX_AGE = 2592000
# cache setting
# 缓存配置 - 默认使用本地内存缓存
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
@ -198,7 +243,8 @@ CACHES = {
'LOCATION': 'unique-snowflake',
}
}
# 使用redis作为缓存
# 如果配置了Redis环境变量则使用Redis缓存
if os.environ.get("DJANGO_REDIS_URL"):
CACHES = {
'default': {
@ -207,11 +253,14 @@ if os.environ.get("DJANGO_REDIS_URL"):
}
}
# 站点ID
SITE_ID = 1
# 百度站长平台通知URL
BAIDU_NOTIFY_URL = os.environ.get('DJANGO_BAIDU_NOTIFY_URL') \
or 'http://data.zz.baidu.com/urls?site=https://www.lylinux.net&token=1uAOGrMsUm5syDGn'
# Email:
# 邮件配置
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_USE_TLS = env_to_bool('DJANGO_EMAIL_TLS', False)
EMAIL_USE_SSL = env_to_bool('DJANGO_EMAIL_SSL', True)
@ -221,12 +270,15 @@ EMAIL_HOST_USER = os.environ.get('DJANGO_EMAIL_USER')
EMAIL_HOST_PASSWORD = os.environ.get('DJANGO_EMAIL_PASSWORD')
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
SERVER_EMAIL = EMAIL_HOST_USER
# Setting debug=false did NOT handle except email notifications
# 管理员邮箱配置 - 用于错误报告
ADMINS = [('admin', os.environ.get('DJANGO_ADMIN_EMAIL') or 'admin@admin.com')]
# WX ADMIN password(Two times md5)
# 微信管理员密码两次MD5加密
WXADMIN = os.environ.get(
'DJANGO_WXADMIN_PASSWORD') or '995F03AC401D6CABABAEF756FC4D43C7'
# 日志配置
LOG_PATH = os.path.join(BASE_DIR, 'logs')
if not os.path.exists(LOG_PATH):
os.makedirs(LOG_PATH, exist_ok=True)
@ -292,36 +344,41 @@ LOGGING = {
}
}
# 静态文件查找器配置
STATICFILES_FINDERS = (
'django.contrib.staticfiles.finders.FileSystemFinder',
'django.contrib.staticfiles.finders.AppDirectoriesFinder',
# other
# 压缩器查找器
'compressor.finders.CompressorFinder',
)
# 静态文件压缩配置
COMPRESS_ENABLED = True
# COMPRESS_OFFLINE = True
COMPRESS_CSS_FILTERS = [
# creates absolute urls from relative ones
# 从相对URL创建绝对URL
'compressor.filters.css_default.CssAbsoluteFilter',
# css minimizer
# CSS压缩过滤器
'compressor.filters.cssmin.CSSMinFilter'
]
COMPRESS_JS_FILTERS = [
'compressor.filters.jsmin.JSMinFilter'
]
# 媒体文件配置
MEDIA_ROOT = os.path.join(BASE_DIR, 'uploads')
MEDIA_URL = '/media/'
# 框架选项配置
X_FRAME_OPTIONS = 'SAMEORIGIN'
# 安全头部配置 - 防XSS和其他攻击
# 安全头部配置
SECURE_BROWSER_XSS_FILTER = True
SECURE_CONTENT_TYPE_NOSNIFF = True
SECURE_REFERRER_POLICY = 'strict-origin-when-cross-origin'
# 内容安全策略 (CSP) - 防XSS攻击
# 内容安全策略配置
CSP_DEFAULT_SRC = ["'self'"]
CSP_SCRIPT_SRC = ["'self'", "'unsafe-inline'", "cdn.mathjax.org", "*.googleapis.com"]
CSP_STYLE_SRC = ["'self'", "'unsafe-inline'", "*.googleapis.com", "*.gstatic.com"]
@ -331,8 +388,10 @@ CSP_CONNECT_SRC = ["'self'"]
CSP_FRAME_SRC = ["'none'"]
CSP_OBJECT_SRC = ["'none'"]
# 默认自增主键字段类型
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
# Elasticsearch配置如果配置了环境变量
if os.environ.get('DJANGO_ELASTICSEARCH_HOST'):
ELASTICSEARCH_DSL = {
'default': {
@ -345,7 +404,7 @@ if os.environ.get('DJANGO_ELASTICSEARCH_HOST'):
},
}
# Plugin System
# 插件系统配置
PLUGINS_DIR = BASE_DIR / 'plugins'
ACTIVE_PLUGINS = [
'article_copyright',
@ -355,4 +414,3 @@ ACTIVE_PLUGINS = [
'seo_optimizer',
'image_lazy_loading',
]

124
src/DjangoBlog/djangoblog/sitemap.py
Unescape View File

@ -1,3 +1,16 @@
"""
站点地图生成模块
本模块定义了DjangoBlog的站点地图(Sitemap)配置用于生成搜索引擎友好的XML站点地图
包含静态页面文章分类标签和用户页面的站点地图配置
主要功能
- 生成符合搜索引擎标准的XML站点地图
- 为不同类型的内容设置不同的更新频率和优先级
- 提供最后修改时间信息
- 帮助搜索引擎更好地索引网站内容
"""
from django.contrib.sitemaps import Sitemap
from django.urls import reverse
@ -5,55 +18,166 @@ from blog.models import Article, Category, Tag
class StaticViewSitemap(Sitemap):
"""
静态页面站点地图
用于生成首页等静态页面的站点地图条目
"""
# 优先级设置0.0-1.0
priority = 0.5
# 内容更新频率
changefreq = 'daily'
def items(self):
"""
获取包含在站点地图中的项目
返回需要生成站点地图的URL名称列表
"""
return ['blog:index', ]
def location(self, item):
"""
生成项目的完整URL
Args:
item: URL名称
Returns:
str: 完整的URL路径
"""
return reverse(item)
class ArticleSiteMap(Sitemap):
"""
文章页面站点地图
用于生成所有已发布文章的站点地图条目
"""
# 文章更新频率 - 每月更新
changefreq = "monthly"
# 文章优先级 - 较高优先级
priority = "0.6"
def items(self):
"""
获取所有已发布的文章
Returns:
QuerySet: 已发布文章的查询集
"""
return Article.objects.filter(status='p')
def lastmod(self, obj):
"""
获取文章的最后修改时间
Args:
obj: 文章对象
Returns:
datetime: 最后修改时间
"""
return obj.last_modify_time
class CategorySiteMap(Sitemap):
"""
分类页面站点地图
用于生成所有文章分类的站点地图条目
"""
# 分类更新频率 - 每周更新
changefreq = "Weekly"
# 分类优先级 - 较高优先级
priority = "0.6"
def items(self):
"""
获取所有分类
Returns:
QuerySet: 所有分类的查询集
"""
return Category.objects.all()
def lastmod(self, obj):
"""
获取分类的最后修改时间
Args:
obj: 分类对象
Returns:
datetime: 最后修改时间
"""
return obj.last_modify_time
class TagSiteMap(Sitemap):
"""
标签页面站点地图
用于生成所有标签的站点地图条目
"""
# 标签更新频率 - 每周更新
changefreq = "Weekly"
# 标签优先级 - 中等优先级
priority = "0.3"
def items(self):
"""
获取所有标签
Returns:
QuerySet: 所有标签的查询集
"""
return Tag.objects.all()
def lastmod(self, obj):
"""
获取标签的最后修改时间
Args:
obj: 标签对象
Returns:
datetime: 最后修改时间
"""
return obj.last_modify_time
class UserSiteMap(Sitemap):
"""
用户页面站点地图
用于生成所有文章作者的站点地图条目
"""
# 用户页面更新频率 - 每周更新
changefreq = "Weekly"
# 用户页面优先级 - 中等优先级
priority = "0.3"
def items(self):
"""
获取所有发表过文章的用户
通过文章作者去重确保每个用户只出现一次
Returns:
list: 用户对象列表
"""
return list(set(map(lambda x: x.author, Article.objects.all())))
def lastmod(self, obj):
"""
获取用户的注册时间
Args:
obj: 用户对象
Returns:
datetime: 用户注册时间
"""
return obj.date_joined

44
src/DjangoBlog/djangoblog/spider_notify.py
Unescape View File

@ -1,21 +1,65 @@
"""
搜索引擎蜘蛛通知模块
本模块提供了向搜索引擎主动推送URL更新的功能主要用于通知搜索引擎及时抓取网站内容更新
目前主要支持百度搜索引擎的URL推送接口
主要功能
- 向百度站长平台推送URL更新
- 批量推送URL列表
- 错误处理和日志记录
- 统一的推送接口封装
"""
import logging
import requests
from django.conf import settings
# 初始化模块级日志器
logger = logging.getLogger(__name__)
class SpiderNotify():
"""
搜索引擎蜘蛛通知类
提供静态方法用于向搜索引擎推送URL更新帮助搜索引擎及时发现网站内容变化
"""
@staticmethod
def baidu_notify(urls):
"""
向百度站长平台推送URL更新
将更新的URL列表推送给百度搜索引擎加速内容收录
Args:
urls: 需要推送的URL列表可以是字符串或字符串列表
Note:
使用settings.BAIDU_NOTIFY_URL配置的百度推送接口
"""
try:
# 将URL列表转换为换行分隔的字符串格式
data = '\n'.join(urls)
# 向百度推送接口发送POST请求
result = requests.post(settings.BAIDU_NOTIFY_URL, data=data)
# 记录推送结果日志
logger.info(result.text)
except Exception as e:
# 捕获并记录推送过程中的异常
logger.error(e)
@staticmethod
def notify(url):
"""
统一的URL推送接口
提供简化的推送方法支持单个URL或URL列表的推送
Args:
url: 单个URL字符串或URL列表
"""
# 调用百度推送方法处理URL
SpiderNotify.baidu_notify(url)

40
src/DjangoBlog/djangoblog/tests.py
Unescape View File

@ -1,15 +1,51 @@
"""
DjangoBlog 单元测试模块
本模块包含DjangoBlog项目的单元测试用例用于验证工具函数和核心功能的正确性
基于Django的TestCase框架确保代码质量和功能稳定性
测试功能
- 加密工具函数测试
- Markdown渲染功能测试
- 字典转换URL参数测试
"""
from django.test import TestCase
from djangoblog.utils import *
class DjangoBlogTest(TestCase):
"""
DjangoBlog 核心功能测试类
继承自Django的TestCase提供项目核心功能的自动化测试
"""
def setUp(self):
"""
测试前置设置方法
在每个测试方法执行前运行用于初始化测试环境
当前测试用例无需特殊设置保留空实现
"""
pass
def test_utils(self):
"""
工具函数综合测试方法
测试工具模块中的多个核心功能
1. SHA256加密功能
2. Markdown文本渲染功能
3. 字典转URL参数字符串功能
"""
# 测试SHA256加密功能
md5 = get_sha256('test')
# 验证加密结果不为空
self.assertIsNotNone(md5)
# 测试Markdown渲染功能
c = CommonMarkdown.get_markdown('''
# Title1
@ -23,10 +59,14 @@ class DjangoBlogTest(TestCase):
''')
# 验证Markdown渲染结果不为空
self.assertIsNotNone(c)
# 测试字典转URL参数功能
d = {
'd': 'key1',
'd2': 'key2'
}
data = parse_dict_to_url(d)
# 验证转换结果不为空
self.assertIsNotNone(data)

33
src/DjangoBlog/djangoblog/urls.py
Unescape View File

@ -1,18 +1,19 @@
"""djangoblog URL Configuration
"""
DjangoBlog 项目URL配置模块
本模块定义了DjangoBlog项目的所有URL路由配置包括管理后台博客评论用户认证等功能的URL映射
采用Django 1.10+的URL配置方式支持国际化路由和静态文件服务
The `urlpatterns` list routes URLs to views. For more information please see:
https://docs.djangoproject.com/en/1.10/topics/http/urls/
Examples:
Function views
1. Add an import: from my_app import views
2. Add a URL to urlpatterns: url(r'^$', views.home, name='home')
Class-based views
1. Add an import: from other_app.views import Home
2. Add a URL to urlpatterns: url(r'^$', Home.as_view(), name='home')
Including another URLconf
1. Import the include() function: from django.conf.urls import url, include
2. Add a URL to urlpatterns: url(r'^blog/', include('blog.urls'))
主要路由分组
- 国际化路由配置
- 管理后台路由
- 博客应用路由
- 第三方应用路由
- 站点地图和订阅源
- 搜索功能路由
- 静态文件服务
"""
from django.conf import settings
from django.conf.urls.i18n import i18n_patterns
from django.conf.urls.static import static
@ -23,12 +24,14 @@ from haystack.views import search_view_factory
from django.http import JsonResponse
import time
# 导入项目自定义模块
from blog.views import EsSearchView
from djangoblog.admin_site import admin_site
from djangoblog.elasticsearch_backend import ElasticSearchModelSearchForm
from djangoblog.feeds import DjangoBlogFeed
from djangoblog.sitemap import ArticleSiteMap, CategorySiteMap, StaticViewSitemap, TagSiteMap, UserSiteMap
# 站点地图配置字典 - 定义不同类型内容的站点地图
sitemaps = {
'blog': ArticleSiteMap,
@ -38,6 +41,7 @@ sitemaps = {
'static': StaticViewSitemap
}
# 自定义错误处理视图配置
handler404 = 'blog.views.page_not_found_view'
handler500 = 'blog.views.server_error_view'
handle403 = 'blog.views.permission_denied_view'
@ -53,10 +57,12 @@ def health_check(request):
'timestamp': time.time()
})
# 基础URL模式配置 - 不包含语言前缀的URL
urlpatterns = [
path('i18n/', include('django.conf.urls.i18n')),
path('health/', health_check, name='health_check'),
]
# 国际化URL模式配置 - 自动添加语言前缀的URL
urlpatterns += i18n_patterns(
re_path(r'^admin/', admin_site.urls),
re_path(r'', include('blog.urls', namespace='blog')),
@ -73,6 +79,7 @@ urlpatterns += i18n_patterns(
re_path(r'', include('servermanager.urls', namespace='servermanager')),
re_path(r'', include('owntracks.urls', namespace='owntracks'))
, prefix_default_language=False) + static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)
# 开发环境媒体文件服务配置
if settings.DEBUG:
urlpatterns += static(settings.MEDIA_URL,
document_root=settings.MEDIA_ROOT)

194
src/DjangoBlog/djangoblog/utils.py
Unescape View File

@ -1,6 +1,20 @@
#!/usr/bin/env python
# encoding: utf-8
"""
DjangoBlog 通用工具函数模块
本模块提供了DjangoBlog项目的各种通用工具函数包括缓存装饰器Markdown处理
邮件发送安全过滤等核心功能这些工具函数在整个项目中广泛使用
主要功能
- 缓存管理和装饰器
- Markdown文本处理和转换
- 电子邮件发送功能
- 安全HTML过滤和XSS防护
- 随机码生成和URL处理
- 用户头像下载和管理
"""
import logging
import os
@ -17,33 +31,65 @@ from django.contrib.sites.models import Site
from django.core.cache import cache
from django.templatetags.static import static
# 初始化模块级日志器
logger = logging.getLogger(__name__)
def get_max_articleid_commentid():
"""
获取最大文章ID和评论ID
用于生成新文章或评论时的ID参考
Returns:
tuple: (最大文章ID, 最大评论ID)
"""
from blog.models import Article
from comments.models import Comment
return (Article.objects.latest().pk, Comment.objects.latest().pk)
def get_sha256(str):
"""
SHA256加密函数
Args:
str: 要加密的字符串
Returns:
str: SHA256加密后的十六进制字符串
"""
m = sha256(str.encode('utf-8'))
return m.hexdigest()
def cache_decorator(expiration=3 * 60):
"""
缓存装饰器
为函数添加缓存功能减少重复计算和数据库查询
Args:
expiration: 缓存过期时间默认3分钟
Returns:
function: 装饰后的函数
"""
def wrapper(func):
def news(*args, **kwargs):
try:
# 尝试从视图类获取缓存键
view = args[0]
key = view.get_cache_key()
except:
key = None
if not key:
# 生成基于函数参数的唯一缓存键
unique_str = repr((func, args, kwargs))
m = sha256(unique_str.encode('utf-8'))
key = m.hexdigest()
# 尝试从缓存获取值
value = cache.get(key)
if value is not None:
# logger.info('cache_decorator get cache:%s key:%s' % (func.__name__, key))
@ -52,6 +98,7 @@ def cache_decorator(expiration=3 * 60):
else:
return value
else:
# 缓存未命中,执行函数并设置缓存
logger.debug(
'cache_decorator set cache:%s key:%s' %
(func.__name__, key))
@ -70,19 +117,27 @@ def cache_decorator(expiration=3 * 60):
def expire_view_cache(path, servername, serverport, key_prefix=None):
'''
刷新视图缓存
:param path:url路径
:param servername:host
:param serverport:端口
:param key_prefix:前缀
:return:是否成功
使指定路径的视图缓存失效确保内容更新后及时反映
Args:
path: URL路径
servername: 主机名
serverport: 端口号
key_prefix: 缓存键前缀
Returns:
bool: 是否成功删除缓存
'''
from django.http import HttpRequest
from django.utils.cache import get_cache_key
# 创建模拟请求对象用于生成缓存键
request = HttpRequest()
request.META = {'SERVER_NAME': servername, 'SERVER_PORT': serverport}
request.path = path
# 获取缓存键并删除对应缓存
key = get_cache_key(request, key_prefix=key_prefix, cache=cache)
if key:
logger.info('expire_view_cache:get key:{path}'.format(path=path))
@ -94,19 +149,43 @@ def expire_view_cache(path, servername, serverport, key_prefix=None):
@cache_decorator()
def get_current_site():
"""
获取当前站点信息
返回当前Django站点的配置信息带缓存功能
Returns:
Site: 当前站点对象
"""
site = Site.objects.get_current()
return site
class CommonMarkdown:
"""
Markdown处理工具类
提供Markdown文本到HTML的转换功能支持代码高亮和目录生成
"""
@staticmethod
def _convert_markdown(value):
"""
内部Markdown转换方法
Args:
value: Markdown格式文本
Returns:
tuple: (转换后的HTML内容, 生成的目录)
"""
# 配置Markdown扩展
md = markdown.Markdown(
extensions=[
'extra',
'codehilite',
'toc',
'tables',
'extra', # 额外语法支持
'codehilite', # 代码高亮
'toc', # 目录生成
'tables', # 表格支持
]
)
body = md.convert(value)
@ -115,16 +194,44 @@ class CommonMarkdown:
@staticmethod
def get_markdown_with_toc(value):
"""
获取带目录的Markdown转换结果
Args:
value: Markdown格式文本
Returns:
tuple: (HTML内容, 目录HTML)
"""
body, toc = CommonMarkdown._convert_markdown(value)
return body, toc
@staticmethod
def get_markdown(value):
"""
获取Markdown转换结果不含目录
Args:
value: Markdown格式文本
Returns:
str: 转换后的HTML内容
"""
body, toc = CommonMarkdown._convert_markdown(value)
return body
def send_email(emailto, title, content):
"""
发送电子邮件
通过信号机制异步发送邮件
Args:
emailto: 收件人邮箱地址
title: 邮件标题
content: 邮件内容
"""
from djangoblog.blog_signals import send_email_signal
send_email_signal.send(
send_email.__class__,
@ -139,6 +246,15 @@ def generate_code() -> str:
def parse_dict_to_url(dict):
"""
将字典转换为URL参数字符串
Args:
dict: 参数字典
Returns:
str: URL参数字符串
"""
from urllib.parse import quote
url = '&'.join(['{}={}'.format(quote(k, safe='/'), quote(v, safe='/'))
for k, v in dict.items()])
@ -146,11 +262,21 @@ def parse_dict_to_url(dict):
def get_blog_setting():
"""
获取博客设置
返回博客的全局设置信息带缓存功能
如果设置不存在则创建默认设置
Returns:
BlogSettings: 博客设置对象
"""
value = cache.get('get_blog_setting')
if value:
return value
else:
from blog.models import BlogSettings
# 如果不存在设置记录,创建默认设置
if not BlogSettings.objects.count():
setting = BlogSettings()
setting.site_name = 'djangoblog'
@ -176,32 +302,48 @@ def get_blog_setting():
def save_user_avatar(url):
'''
保存用户头像
:param url:头像url
:return: 本地路径
从远程URL下载用户头像并保存到本地静态文件目录
Args:
url: 头像URL地址
Returns:
str: 本地静态文件路径
'''
logger.info(url)
try:
basedir = os.path.join(settings.STATICFILES, 'avatar')
# 下载头像文件
rsp = requests.get(url, timeout=2)
if rsp.status_code == 200:
if not os.path.exists(basedir):
os.makedirs(basedir)
# 检查文件扩展名
image_extensions = ['.jpg', '.png', 'jpeg', '.gif']
isimage = len([i for i in image_extensions if url.endswith(i)]) > 0
ext = os.path.splitext(url)[1] if isimage else '.jpg'
# 生成唯一文件名
save_filename = str(uuid.uuid4().hex) + ext
logger.info('保存用户头像:' + basedir + save_filename)
# 保存文件
with open(os.path.join(basedir, save_filename), 'wb+') as file:
file.write(rsp.content)
return static('avatar/' + save_filename)
except Exception as e:
logger.error(e)
# 返回默认头像
return static('blog/img/avatar.png')
def delete_sidebar_cache():
"""
删除侧边栏缓存
清理所有侧边栏相关的缓存数据
"""
from blog.models import LinkShowType
keys = ["sidebar" + x for x in LinkShowType.values]
for k in keys:
@ -210,12 +352,27 @@ def delete_sidebar_cache():
def delete_view_cache(prefix, keys):
"""
删除视图缓存
根据前缀和键删除特定的模板片段缓存
Args:
prefix: 缓存前缀
keys: 缓存键列表
"""
from django.core.cache.utils import make_template_fragment_key
key = make_template_fragment_key(prefix, keys)
cache.delete(key)
def get_resource_url():
"""
获取资源URL基础路径
Returns:
str: 静态资源基础URL
"""
if settings.STATIC_URL:
return settings.STATIC_URL
else:
@ -223,6 +380,7 @@ def get_resource_url():
return 'http://' + site.domain + '/static/'
# HTML标签白名单 - 允许的安全HTML标签
ALLOWED_TAGS = ['a', 'abbr', 'acronym', 'b', 'blockquote', 'code', 'em', 'i', 'li', 'ol', 'pre', 'strong', 'ul', 'h1',
'h2', 'p', 'span', 'div']
@ -235,6 +393,7 @@ ALLOWED_CLASSES = [
's1', 'ss', 'bp', 'vc', 'vg', 'vi', 'il'
]
def class_filter(tag, name, value):
"""自定义class属性过滤器"""
if name == 'class':
@ -243,6 +402,7 @@ def class_filter(tag, name, value):
return ' '.join(allowed_classes) if allowed_classes else False
return value
# 安全的属性白名单
ALLOWED_ATTRIBUTES = {
'a': ['href', 'title'],
@ -257,10 +417,18 @@ ALLOWED_ATTRIBUTES = {
# 安全的协议白名单 - 防止javascript:等危险协议
ALLOWED_PROTOCOLS = ['http', 'https', 'mailto']
def sanitize_html(html):
"""
安全的HTML清理函数
使用bleach库进行白名单过滤防止XSS攻击
使用bleach库进行白名单过滤防止XSS攻击
Args:
html: 要清理的HTML内容
Returns:
str: 清理后的安全HTML
"""
return bleach.clean(
html,

335
src/DjangoBlog/djangoblog/whoosh_cn_backend.py
Unescape View File

@ -1,5 +1,19 @@
# encoding: utf-8
"""
Whoosh中文搜索后端模块
本模块提供了基于Whoosh搜索引擎的中文全文搜索功能专门针对Django Haystack框架进行定制
集成了jieba中文分词器支持中文文本的高效索引和搜索
主要特性
- 中文分词支持使用jieba
- 高性能索引和搜索
- 拼写建议和查询高亮
- 多字段类型支持文本数字日期等
- 与Django Haystack框架深度集成
"""
from __future__ import absolute_import, division, print_function, unicode_literals
import json
@ -40,30 +54,39 @@ except ImportError:
raise MissingDependency(
"The 'whoosh' backend requires the installation of 'Whoosh'. Please refer to the documentation.")
# Handle minimum requirement.
# 检查Whoosh版本要求
if not hasattr(whoosh, '__version__') or whoosh.__version__ < (2, 5, 0):
raise MissingDependency(
"The 'whoosh' backend requires version 2.5.0 or greater.")
# Bubble up the correct error.
# 日期时间正则表达式 - 用于解析日期格式
DATETIME_REGEX = re.compile(
'^(?P<year>\d{4})-(?P<month>\d{2})-(?P<day>\d{2})T(?P<hour>\d{2}):(?P<minute>\d{2}):(?P<second>\d{2})(\.\d{3,6}Z?)?$')
# 线程本地存储 - 用于内存索引
LOCALS = threading.local()
LOCALS.RAM_STORE = None
class WhooshHtmlFormatter(HtmlFormatter):
"""
This is a HtmlFormatter simpler than the whoosh.HtmlFormatter.
We use it to have consistent results across backends. Specifically,
Solr, Xapian and Elasticsearch are using this formatting.
简化的Whoosh HTML格式化器
提供跨后端一致的高亮结果显示格式
SolrXapian和Elasticsearch都使用这种格式化方式
"""
template = '<%(tag)s>%(t)s</%(tag)s>'
class WhooshSearchBackend(BaseSearchBackend):
# Word reserved by Whoosh for special use.
"""
Whoosh搜索后端实现
继承自Haystack的BaseSearchBackend提供Whoosh搜索引擎的核心功能
支持文件存储和内存存储两种方式
"""
# Whoosh保留关键字
RESERVED_WORDS = (
'AND',
'NOT',
@ -71,15 +94,20 @@ class WhooshSearchBackend(BaseSearchBackend):
'TO',
)
# Characters reserved by Whoosh for special use.
# The '\\' must come first, so as not to overwrite the other slash
# replacements.
# Whoosh保留字符
RESERVED_CHARACTERS = (
'\\', '+', '-', '&&', '||', '!', '(', ')', '{', '}',
'[', ']', '^', '"', '~', '*', '?', ':', '.',
)
def __init__(self, connection_alias, **connection_options):
"""
初始化Whoosh搜索后端
Args:
connection_alias: 连接别名
**connection_options: 连接配置选项
"""
super(
WhooshSearchBackend,
self).__init__(
@ -93,9 +121,11 @@ class WhooshSearchBackend(BaseSearchBackend):
128 * 1024 * 1024)
self.path = connection_options.get('PATH')
# 检查存储类型
if connection_options.get('STORAGE', 'file') != 'file':
self.use_file_storage = False
# 文件存储必须指定路径
if self.use_file_storage and not self.path:
raise ImproperlyConfigured(
"You must specify a 'PATH' in your settings for connection '%s'." %
@ -105,21 +135,26 @@ class WhooshSearchBackend(BaseSearchBackend):
def setup(self):
"""
Defers loading until needed.
初始化设置
延迟加载在需要时进行初始化
创建或打开索引构建schema
"""
from haystack import connections
new_index = False
# Make sure the index is there.
# 确保索引目录存在
if self.use_file_storage and not os.path.exists(self.path):
os.makedirs(self.path)
new_index = True
# 检查目录写入权限
if self.use_file_storage and not os.access(self.path, os.W_OK):
raise IOError(
"The path to your Whoosh index '%s' is not writable for the current user/group." %
self.path)
# 初始化存储
if self.use_file_storage:
self.storage = FileStorage(self.path)
else:
@ -130,10 +165,12 @@ class WhooshSearchBackend(BaseSearchBackend):
self.storage = LOCALS.RAM_STORE
# 构建schema和解析器
self.content_field_name, self.schema = self.build_schema(
connections[self.connection_alias].get_unified_index().all_searchfields())
self.parser = QueryParser(self.content_field_name, schema=self.schema)
# 创建或打开索引
if new_index is True:
self.index = self.storage.create_index(self.schema)
else:
@ -145,18 +182,30 @@ class WhooshSearchBackend(BaseSearchBackend):
self.setup_complete = True
def build_schema(self, fields):
"""
构建Whoosh schema
根据字段定义创建Whoosh索引schema
Args:
fields: 字段定义字典
Returns:
tuple: (内容字段名, schema对象)
"""
# 基础字段
schema_fields = {
ID: WHOOSH_ID(stored=True, unique=True),
DJANGO_CT: WHOOSH_ID(stored=True),
DJANGO_ID: WHOOSH_ID(stored=True),
}
# Grab the number of keys that are hard-coded into Haystack.
# We'll use this to (possibly) fail slightly more gracefully later.
initial_key_count = len(schema_fields)
content_field_name = ''
# 处理每个字段
for field_name, field_class in fields.items():
if field_class.is_multivalued:
# 多值字段
if field_class.indexed is False:
schema_fields[field_class.index_fieldname] = IDLIST(
stored=True, field_boost=field_class.boost)
@ -164,35 +213,42 @@ class WhooshSearchBackend(BaseSearchBackend):
schema_fields[field_class.index_fieldname] = KEYWORD(
stored=True, commas=True, scorable=True, field_boost=field_class.boost)
elif field_class.field_type in ['date', 'datetime']:
# 日期时间字段
schema_fields[field_class.index_fieldname] = DATETIME(
stored=field_class.stored, sortable=True)
elif field_class.field_type == 'integer':
# 整数字段
schema_fields[field_class.index_fieldname] = NUMERIC(
stored=field_class.stored, numtype=int, field_boost=field_class.boost)
elif field_class.field_type == 'float':
# 浮点数字段
schema_fields[field_class.index_fieldname] = NUMERIC(
stored=field_class.stored, numtype=float, field_boost=field_class.boost)
elif field_class.field_type == 'boolean':
# Field boost isn't supported on BOOLEAN as of 1.8.2.
# 布尔字段
schema_fields[field_class.index_fieldname] = BOOLEAN(
stored=field_class.stored)
elif field_class.field_type == 'ngram':
# N-gram字段
schema_fields[field_class.index_fieldname] = NGRAM(
minsize=3, maxsize=15, stored=field_class.stored, field_boost=field_class.boost)
elif field_class.field_type == 'edge_ngram':
# 边缘N-gram字段
schema_fields[field_class.index_fieldname] = NGRAMWORDS(minsize=2, maxsize=15, at='start',
stored=field_class.stored,
field_boost=field_class.boost)
else:
# 文本字段 - 使用中文分析器
# schema_fields[field_class.index_fieldname] = TEXT(stored=True, analyzer=StemmingAnalyzer(), field_boost=field_class.boost, sortable=True)
schema_fields[field_class.index_fieldname] = TEXT(
stored=True, analyzer=ChineseAnalyzer(), field_boost=field_class.boost, sortable=True)
# 标记内容字段
if field_class.document is True:
content_field_name = field_class.index_fieldname
schema_fields[field_class.index_fieldname].spelling = True
# Fail more gracefully than relying on the backend to die if no fields
# are found.
# 检查是否有有效字段
if len(schema_fields) <= initial_key_count:
raise SearchBackendError(
"No fields were found in any search_indexes. Please correct this before attempting to search.")
@ -200,6 +256,14 @@ class WhooshSearchBackend(BaseSearchBackend):
return (content_field_name, Schema(**schema_fields))
def update(self, index, iterable, commit=True):
"""
更新索引
Args:
index: 搜索索引
iterable: 可迭代对象
commit: 是否提交更改
"""
if not self.setup_complete:
self.setup()
@ -212,12 +276,11 @@ class WhooshSearchBackend(BaseSearchBackend):
except SkipDocument:
self.log.debug(u"Indexing for object `%s` skipped", obj)
else:
# Really make sure it's unicode, because Whoosh won't have it any
# other way.
# 确保所有值为unicode
for key in doc:
doc[key] = self._from_python(doc[key])
# Document boosts aren't supported in Whoosh 2.5.0+.
# Whoosh 2.5.0+不支持文档boost
if 'boost' in doc:
del doc['boost']
@ -227,9 +290,6 @@ class WhooshSearchBackend(BaseSearchBackend):
if not self.silently_fail:
raise
# We'll log the object identifier but won't include the actual object
# to avoid the possibility of that generating encoding errors while
# processing the log message:
self.log.error(
u"%s while preparing object for update" %
e.__class__.__name__,
@ -239,12 +299,18 @@ class WhooshSearchBackend(BaseSearchBackend):
"index": index,
"object": get_identifier(obj)}})
# 提交更改
if len(iterable) > 0:
# For now, commit no matter what, as we run into locking issues
# otherwise.
writer.commit()
def remove(self, obj_or_string, commit=True):
"""
移除文档
Args:
obj_or_string: 对象或标识符
commit: 是否提交更改
"""
if not self.setup_complete:
self.setup()
@ -267,6 +333,13 @@ class WhooshSearchBackend(BaseSearchBackend):
exc_info=True)
def clear(self, models=None, commit=True):
"""
清空索引
Args:
models: 要清空的模型列表
commit: 是否提交更改
"""
if not self.setup_complete:
self.setup()
@ -304,17 +377,27 @@ class WhooshSearchBackend(BaseSearchBackend):
"Failed to clear Whoosh index: %s", e, exc_info=True)
def delete_index(self):
# Per the Whoosh mailing list, if wiping out everything from the index,
# it's much more efficient to simply delete the index files.
"""
删除索引
彻底删除索引文件并重新创建
"""
# 文件存储:直接删除目录
if self.use_file_storage and os.path.exists(self.path):
shutil.rmtree(self.path)
elif not self.use_file_storage:
# 内存存储:清理存储
self.storage.clean()
# Recreate everything.
# 重新创建
self.setup()
def optimize(self):
"""
优化索引
提高搜索性能
"""
if not self.setup_complete:
self.setup()
@ -322,12 +405,21 @@ class WhooshSearchBackend(BaseSearchBackend):
self.index.optimize()
def calculate_page(self, start_offset=0, end_offset=None):
# Prevent against Whoosh throwing an error. Requires an end_offset
# greater than 0.
"""
计算分页参数
Args:
start_offset: 起始偏移量
end_offset: 结束偏移量
Returns:
tuple: (页码, 页大小)
"""
# 防止Whoosh错误
if end_offset is not None and end_offset <= 0:
end_offset = 1
# Determine the page.
# 确定页码
page_num = 0
if end_offset is None:
@ -341,7 +433,7 @@ class WhooshSearchBackend(BaseSearchBackend):
if page_length and page_length > 0:
page_num = int(start_offset / page_length)
# Increment because Whoosh uses 1-based page numbers.
# Whoosh使用1-based页码
page_num += 1
return page_num, page_length
@ -366,10 +458,15 @@ class WhooshSearchBackend(BaseSearchBackend):
limit_to_registered_models=None,
result_class=None,
**kwargs):
"""
执行搜索查询
核心搜索方法处理各种搜索参数和选项
"""
if not self.setup_complete:
self.setup()
# A zero length query should return no results.
# 空查询返回无结果
if len(query_string) == 0:
return {
'results': [],
@ -378,8 +475,7 @@ class WhooshSearchBackend(BaseSearchBackend):
query_string = force_str(query_string)
# A one-character query (non-wildcard) gets nabbed by a stopwords
# filter and should yield zero results.
# 单字符查询(非通配符)返回无结果
if len(query_string) <= 1 and query_string != u'*':
return {
'results': [],
@ -388,10 +484,8 @@ class WhooshSearchBackend(BaseSearchBackend):
reverse = False
# 处理排序
if sort_by is not None:
# Determine if we need to reverse the results and if Whoosh can
# handle what it's being asked to sort by. Reversing is an
# all-or-nothing action, unfortunately.
sort_by_list = []
reverse_counter = 0
@ -399,6 +493,7 @@ class WhooshSearchBackend(BaseSearchBackend):
if order_by.startswith('-'):
reverse_counter += 1
# Whoosh要求所有排序字段方向一致
if reverse_counter and reverse_counter != len(sort_by):
raise SearchBackendError("Whoosh requires all order_by fields"
" to use the same sort direction")
@ -406,17 +501,16 @@ class WhooshSearchBackend(BaseSearchBackend):
for order_by in sort_by:
if order_by.startswith('-'):
sort_by_list.append(order_by[1:])
if len(sort_by_list) == 1:
reverse = True
else:
sort_by_list.append(order_by)
if len(sort_by_list) == 1:
reverse = False
sort_by = sort_by_list[0]
# Whoosh不支持facet功能
if facets is not None:
warnings.warn(
"Whoosh does not handle faceting.",
@ -438,6 +532,7 @@ class WhooshSearchBackend(BaseSearchBackend):
narrowed_results = None
self.index = self.index.refresh()
# 模型限制处理
if limit_to_registered_models is None:
limit_to_registered_models = getattr(
settings, 'HAYSTACK_LIMIT_TO_REGISTERED_MODELS', True)
@ -445,12 +540,11 @@ class WhooshSearchBackend(BaseSearchBackend):
if models and len(models):
model_choices = sorted(get_model_ct(model) for model in models)
elif limit_to_registered_models:
# Using narrow queries, limit the results to only models handled
# with the current routers.
model_choices = self.build_models_list()
else:
model_choices = []
# 构建窄查询
if len(model_choices) > 0:
if narrow_queries is None:
narrow_queries = set()
@ -460,9 +554,8 @@ class WhooshSearchBackend(BaseSearchBackend):
narrow_searcher = None
# 处理窄查询
if narrow_queries is not None:
# Potentially expensive? I don't see another way to do it in
# Whoosh...
narrow_searcher = self.index.searcher()
for nq in narrow_queries:
@ -482,11 +575,12 @@ class WhooshSearchBackend(BaseSearchBackend):
self.index = self.index.refresh()
# 执行搜索
if self.index.doc_count():
searcher = self.index.searcher()
parsed_query = self.parser.parse(query_string)
# In the event of an invalid/stopworded query, recover gracefully.
# 处理无效查询
if parsed_query is None:
return {
'results': [],
@ -502,7 +596,7 @@ class WhooshSearchBackend(BaseSearchBackend):
'reverse': reverse,
}
# Handle the case where the results have been narrowed.
# 应用窄查询过滤
if narrowed_results is not None:
search_kwargs['filter'] = narrowed_results
@ -522,8 +616,7 @@ class WhooshSearchBackend(BaseSearchBackend):
'spelling_suggestion': None,
}
# Because as of Whoosh 2.5.1, it will return the wrong page of
# results if you request something too high. :(
# 检查页码有效性
if raw_page.pagenum < page_num:
return {
'results': [],
@ -531,6 +624,7 @@ class WhooshSearchBackend(BaseSearchBackend):
'spelling_suggestion': None,
}
# 处理搜索结果
results = self._process_results(
raw_page,
highlight=highlight,
@ -544,6 +638,7 @@ class WhooshSearchBackend(BaseSearchBackend):
return results
else:
# 无文档时的处理
if self.include_spelling:
if spelling_query:
spelling_suggestion = self.create_spelling_suggestion(
@ -570,18 +665,21 @@ class WhooshSearchBackend(BaseSearchBackend):
limit_to_registered_models=None,
result_class=None,
**kwargs):
"""
查找相似文档
基于给定模型实例查找相似内容
"""
if not self.setup_complete:
self.setup()
# Deferred models will have a different class ("RealClass_Deferred_fieldname")
# which won't be in our registry:
model_klass = model_instance._meta.concrete_model
field_name = self.content_field_name
narrow_queries = set()
narrowed_results = None
self.index = self.index.refresh()
# 模型限制处理
if limit_to_registered_models is None:
limit_to_registered_models = getattr(
settings, 'HAYSTACK_LIMIT_TO_REGISTERED_MODELS', True)
@ -589,12 +687,11 @@ class WhooshSearchBackend(BaseSearchBackend):
if models and len(models):
model_choices = sorted(get_model_ct(model) for model in models)
elif limit_to_registered_models:
# Using narrow queries, limit the results to only models handled
# with the current routers.
model_choices = self.build_models_list()
else:
model_choices = []
# 构建查询
if len(model_choices) > 0:
if narrow_queries is None:
narrow_queries = set()
@ -607,9 +704,8 @@ class WhooshSearchBackend(BaseSearchBackend):
narrow_searcher = None
# 处理窄查询
if narrow_queries is not None:
# Potentially expensive? I don't see another way to do it in
# Whoosh...
narrow_searcher = self.index.searcher()
for nq in narrow_queries:
@ -632,6 +728,7 @@ class WhooshSearchBackend(BaseSearchBackend):
self.index = self.index.refresh()
raw_results = EmptyResults()
# 执行相似文档搜索
if self.index.doc_count():
query = "%s:%s" % (ID, get_identifier(model_instance))
searcher = self.index.searcher()
@ -642,7 +739,7 @@ class WhooshSearchBackend(BaseSearchBackend):
raw_results = results[0].more_like_this(
field_name, top=end_offset)
# Handle the case where the results have been narrowed.
# 应用窄查询过滤
if narrowed_results is not None and hasattr(raw_results, 'filter'):
raw_results.filter(narrowed_results)
@ -658,8 +755,7 @@ class WhooshSearchBackend(BaseSearchBackend):
'spelling_suggestion': None,
}
# Because as of Whoosh 2.5.1, it will return the wrong page of
# results if you request something too high. :(
# 检查页码有效性
if raw_page.pagenum < page_num:
return {
'results': [],
@ -667,6 +763,7 @@ class WhooshSearchBackend(BaseSearchBackend):
'spelling_suggestion': None,
}
# 处理结果
results = self._process_results(raw_page, result_class=result_class)
searcher.close()
@ -682,11 +779,15 @@ class WhooshSearchBackend(BaseSearchBackend):
query_string='',
spelling_query=None,
result_class=None):
"""
处理搜索结果
将Whoosh原始结果转换为Haystack格式
"""
from haystack import connections
results = []
# It's important to grab the hits first before slicing. Otherwise, this
# can cause pagination failures.
# 获取命中数
hits = len(raw_page)
if result_class is None:
@ -697,6 +798,7 @@ class WhooshSearchBackend(BaseSearchBackend):
unified_index = connections[self.connection_alias].get_unified_index()
indexed_models = unified_index.get_indexed_models()
# 处理每个结果
for doc_offset, raw_result in enumerate(raw_page):
score = raw_page.score(doc_offset) or 0
app_label, model_name = raw_result[DJANGO_CT].split('.')
@ -704,13 +806,14 @@ class WhooshSearchBackend(BaseSearchBackend):
model = haystack_get_model(app_label, model_name)
if model and model in indexed_models:
# 处理字段值
for key, value in raw_result.items():
index = unified_index.get_index(model)
string_key = str(key)
if string_key in index.fields and hasattr(
index.fields[string_key], 'convert'):
# Special-cased due to the nature of KEYWORD fields.
# 多值字段特殊处理
if index.fields[string_key].is_multivalued:
if value is None or len(value) == 0:
additional_fields[string_key] = []
@ -723,9 +826,11 @@ class WhooshSearchBackend(BaseSearchBackend):
else:
additional_fields[string_key] = self._to_python(value)
# 移除系统字段
del (additional_fields[DJANGO_CT])
del (additional_fields[DJANGO_ID])
# 高亮处理
if highlight:
sa = StemmingAnalyzer()
formatter = WhooshHtmlFormatter('em')
@ -742,6 +847,7 @@ class WhooshSearchBackend(BaseSearchBackend):
self.content_field_name: [whoosh_result],
}
# 创建结果对象
result = result_class(
app_label,
model_name,
@ -752,6 +858,7 @@ class WhooshSearchBackend(BaseSearchBackend):
else:
hits -= 1
# 拼写建议
if self.include_spelling:
if spelling_query:
spelling_suggestion = self.create_spelling_suggestion(
@ -768,6 +875,15 @@ class WhooshSearchBackend(BaseSearchBackend):
}
def create_spelling_suggestion(self, query_string):
"""
创建拼写建议
Args:
query_string: 查询字符串
Returns:
str: 拼写建议
"""
spelling_suggestion = None
reader = self.index.reader()
corrector = reader.corrector(self.content_field_name)
@ -776,14 +892,14 @@ class WhooshSearchBackend(BaseSearchBackend):
if not query_string:
return spelling_suggestion
# Clean the string.
# 清理查询字符串
for rev_word in self.RESERVED_WORDS:
cleaned_query = cleaned_query.replace(rev_word, '')
for rev_char in self.RESERVED_CHARACTERS:
cleaned_query = cleaned_query.replace(rev_char, '')
# Break it down.
# 分词并获取建议
query_words = cleaned_query.split()
suggested_words = []
@ -798,22 +914,29 @@ class WhooshSearchBackend(BaseSearchBackend):
def _from_python(self, value):
"""
Converts Python values to a string for Whoosh.
Python值转换为Whoosh字符串
Code courtesy of pysolr.
Args:
value: Python值
Returns:
str: Whoosh格式字符串
"""
if hasattr(value, 'strftime'):
# 日期时间处理
if not hasattr(value, 'hour'):
value = datetime(value.year, value.month, value.day, 0, 0, 0)
elif isinstance(value, bool):
# 布尔值处理
if value:
value = 'true'
else:
value = 'false'
elif isinstance(value, (list, tuple)):
# 列表元组处理
value = u','.join([force_str(v) for v in value])
elif isinstance(value, (six.integer_types, float)):
# Leave it alone.
# 数字类型保持原样
pass
else:
value = force_str(value)
@ -821,15 +944,20 @@ class WhooshSearchBackend(BaseSearchBackend):
def _to_python(self, value):
"""
Converts values from Whoosh to native Python values.
Whoosh值转换为Python值
Args:
value: Whoosh值
A port of the same method in pysolr, as they deal with data the same way.
Returns:
object: Python值
"""
if value == 'true':
return True
elif value == 'false':
return False
# 日期时间解析
if value and isinstance(value, six.string_types):
possible_datetime = DATETIME_REGEX.search(value)
@ -847,11 +975,10 @@ class WhooshSearchBackend(BaseSearchBackend):
date_values['minute'],
date_values['second'])
# JSON解析尝试
try:
# Attempt to use json to load the values.
converted_value = json.loads(value)
# Try to handle most built-in types.
if isinstance(
converted_value,
(list,
@ -863,15 +990,28 @@ class WhooshSearchBackend(BaseSearchBackend):
complex)):
return converted_value
except BaseException:
# If it fails (SyntaxError or its ilk) or we don't trust it,
# continue on.
pass
return value
class WhooshSearchQuery(BaseSearchQuery):
"""
Whoosh搜索查询构建器
负责构建Whoosh搜索引擎的查询语句
"""
def _convert_datetime(self, date):
"""
日期时间转换
Args:
date: 日期时间对象
Returns:
str: 格式化字符串
"""
if hasattr(date, 'hour'):
return force_str(date.strftime('%Y%m%d%H%M%S'))
else:
@ -879,20 +1019,25 @@ class WhooshSearchQuery(BaseSearchQuery):
def clean(self, query_fragment):
"""
Provides a mechanism for sanitizing user input before presenting the
value to the backend.
清理查询片段
对用户输入进行清理和转义处理
Whoosh 1.X differs here in that you can no longer use a backslash
to escape reserved characters. Instead, the whole word should be
quoted.
Args:
query_fragment: 查询片段
Returns:
str: 清理后的查询字符串
"""
words = query_fragment.split()
cleaned_words = []
for word in words:
# 保留字转为小写
if word in self.backend.RESERVED_WORDS:
word = word.replace(word, word.lower())
# 保留字符用引号包围
for char in self.backend.RESERVED_CHARACTERS:
if char in word:
word = "'%s'" % word
@ -903,12 +1048,23 @@ class WhooshSearchQuery(BaseSearchQuery):
return ' '.join(cleaned_words)
def build_query_fragment(self, field, filter_type, value):
"""
构建查询片段
Args:
field: 字段名
filter_type: 过滤器类型
value: 字段值
Returns:
str: 查询片段
"""
from haystack import connections
query_frag = ''
is_datetime = False
# 值类型处理
if not hasattr(value, 'input_type_name'):
# Handle when we've got a ``ValuesListQuerySet``...
if hasattr(value, 'values_list'):
value = list(value)
@ -916,26 +1072,24 @@ class WhooshSearchQuery(BaseSearchQuery):
is_datetime = True
if isinstance(value, six.string_types) and value != ' ':
# It's not an ``InputType``. Assume ``Clean``.
value = Clean(value)
else:
value = PythonData(value)
# Prepare the query using the InputType.
# 准备值
prepared_value = value.prepare(self)
if not isinstance(prepared_value, (set, list, tuple)):
# Then convert whatever we get back to what pysolr wants if needed.
prepared_value = self.backend._from_python(prepared_value)
# 'content' is a special reserved word, much like 'pk' in
# Django's ORM layer. It indicates 'no special field'.
# 字段名处理
if field == 'content':
index_fieldname = ''
else:
index_fieldname = u'%s:' % connections[self._using].get_unified_index(
).get_index_fieldname(field)
# 过滤器类型映射
filter_types = {
'content': '%s',
'contains': '*%s*',
@ -949,6 +1103,7 @@ class WhooshSearchQuery(BaseSearchQuery):
'fuzzy': u'%s~',
}
# 查询片段构建
if value.post_process is False:
query_frag = prepared_value
else:
@ -961,8 +1116,6 @@ class WhooshSearchQuery(BaseSearchQuery):
if value.input_type_name == 'exact':
query_frag = prepared_value
else:
# Iterate over terms & incorportate the converted form of
# each into the query.
terms = []
if isinstance(prepared_value, six.string_types):
@ -1026,19 +1179,19 @@ class WhooshSearchQuery(BaseSearchQuery):
query_frag = filter_types[filter_type] % prepared_value
# 添加括号
if len(query_frag) and not isinstance(value, Raw):
if not query_frag.startswith('(') and not query_frag.endswith(')'):
query_frag = "(%s)" % query_frag
return u"%s%s" % (index_fieldname, query_frag)
# if not filter_type in ('in', 'range'):
# # 'in' is a bit of a special case, as we don't want to
# # convert a valid list/tuple to string. Defer handling it
# # until later...
# value = self.backend._from_python(value)
class WhooshEngine(BaseEngine):
"""
Whoosh搜索引擎配置
配置Haystack使用Whoosh作为搜索后端
"""
backend = WhooshSearchBackend
query = WhooshSearchQuery

17
src/DjangoBlog/djangoblog/wsgi.py
Unescape View File

@ -1,16 +1,25 @@
"""
WSGI config for djangoblog project.
DjangoBlog WSGI 配置模块
It exposes the WSGI callable as a module-level variable named ``application``.
本模块定义了DjangoBlog项目的WSGIWeb Server Gateway Interface配置
用于将Django应用部署到支持WSGI的Web服务器如ApacheNginx + uWSGI等
For more information on this file, see
https://docs.djangoproject.com/en/1.10/howto/deployment/wsgi/
WSGI是Python Web应用与Web服务器之间的标准接口确保应用能够在生产环境中正确运行
主要功能
- 设置Django环境变量
- 创建WSGI应用实例
- 提供Web服务器与Django应用之间的桥梁
"""
import os
from django.core.wsgi import get_wsgi_application
# 设置Django设置模块的环境变量
# 告诉Django使用哪个配置文件这里设置为'djangoblog.settings'
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "djangoblog.settings")
# 创建WSGI应用实例
# 这是Web服务器将调用的入口点用于处理HTTP请求
application = get_wsgi_application()

1
src/DjangoBlog/models.json
View File

File diff suppressed because one or more lines are too long

2051
src/DjangoBlog/models_analysis.json
View File

File diff suppressed because it is too large Load Diff

116
src/DjangoBlog/oauth/admin.py
Unescape View File

@ -1,54 +1,144 @@
"""
Django Admin 管理站点配置模块 - OAuth 认证
该模块用于配置OAuth相关模型在Django Admin管理站点的显示和操作方式
包含OAuth用户和OAuth配置两个管理类用于自定义管理界面
"""
import logging
# 导入Django Admin管理模块
from django.contrib import admin
# Register your models here.
# 导入URL反向解析功能
from django.urls import reverse
# 导入HTML格式化工具
from django.utils.html import format_html
# 获取当前模块的日志记录器
logger = logging.getLogger(__name__)
class OAuthUserAdmin(admin.ModelAdmin):
"""
OAuth用户模型的管理配置类
自定义OAuthUser模型在Django Admin中的显示和行为
包括搜索列表显示过滤等功能
"""
# 设置可搜索的字段
search_fields = ('nickname', 'email')
# 设置每页显示的项目数量
list_per_page = 20
# 设置列表页面显示的字段
list_display = (
'id',
'nickname',
'link_to_usermodel',
'show_user_image',
'type',
'email',
'id', # 用户ID
'nickname', # 昵称
'link_to_usermodel', # 自定义方法:关联本地用户链接
'show_user_image', # 自定义方法:显示用户头像
'type', # OAuth类型
'email', # 邮箱
)
# 设置可作为链接点击的字段(跳转到编辑页面)
list_display_links = ('id', 'nickname')
# 设置右侧过滤侧边栏的过滤字段
list_filter = ('author', 'type',)
# 初始化只读字段列表
readonly_fields = []
def get_readonly_fields(self, request, obj=None):
"""
动态获取只读字段列表
重写方法使所有字段在Admin中均为只读防止在管理界面修改OAuth用户数据
Args:
request: HttpRequest对象
obj: 模型实例对象
Returns:
list: 包含所有字段名的列表使所有字段只读
"""
# 返回所有字段名称的列表,包括普通字段和多对多字段
return list(self.readonly_fields) + \
[field.name for field in obj._meta.fields] + \
[field.name for field in obj._meta.many_to_many]
[field.name for field in obj._meta.fields] + \
[field.name for field in obj._meta.many_to_many]
def has_add_permission(self, request):
"""
禁用添加权限
防止在Admin界面手动添加OAuth用户OAuth用户只能通过认证流程自动创建
Args:
request: HttpRequest对象
Returns:
bool: 始终返回False禁止添加新记录
"""
return False
def link_to_usermodel(self, obj):
"""
自定义方法生成关联本地用户的链接
在Admin列表中显示关联的本地用户并提供跳转到用户编辑页面的链接
Args:
obj: OAuthUser实例对象
Returns:
str: 格式化的HTML链接包含用户昵称或邮箱显示
"""
# 检查是否存在关联的本地用户
if obj.author:
# 获取关联用户模型的app和model信息
info = (obj.author._meta.app_label, obj.author._meta.model_name)
# 生成编辑页面的URL
link = reverse('admin:%s_%s_change' % info, args=(obj.author.id,))
# 返回格式化的HTML链接显示用户昵称或邮箱
return format_html(
u'<a href="%s">%s</a>' %
(link, obj.author.nickname if obj.author.nickname else obj.author.email))
def show_user_image(self, obj):
"""
自定义方法显示用户头像
在Admin列表中以缩略图形式显示用户的第三方平台头像
Args:
obj: OAuthUser实例对象
Returns:
str: 格式化的HTML图片标签
"""
# 获取用户头像URL
img = obj.picture
# 返回格式化的HTML图片标签设置固定尺寸
return format_html(
u'<img src="%s" style="width:50px;height:50px"></img>' %
(img))
link_to_usermodel.short_description = '用户'
show_user_image.short_description = '用户头像'
# 设置自定义方法在Admin中的显示名称
link_to_usermodel.short_description = '用户' # 关联用户列的显示名称
show_user_image.short_description = '用户头像' # 用户头像列的显示名称
class OAuthConfigAdmin(admin.ModelAdmin):
list_display = ('type', 'appkey', 'appsecret', 'is_enable')
list_filter = ('type',)
"""
OAuth配置模型的管理配置类
自定义OAuthConfig模型在Django Admin中的显示方式
用于管理不同第三方平台的OAuth应用配置
"""
# 设置列表页面显示的字段
list_display = (
'type', # OAuth类型
'appkey', # 应用Key
'appsecret', # 应用Secret
'is_enable' # 是否启用
)
# 设置右侧过滤侧边栏的过滤字段
list_filter = ('type',) # 按OAuth类型过滤

36
src/DjangoBlog/oauth/forms.py
Unescape View File

@ -1,12 +1,46 @@
"""
OAuth 认证表单模块 - 邮箱补充表单
该模块定义了在OAuth认证过程中需要用户补充邮箱信息时使用的表单
当第三方登录未返回邮箱地址时使用此表单让用户手动输入邮箱
"""
# 导入Django表单相关模块
from django.contrib.auth.forms import forms
from django.forms import widgets
class RequireEmailForm(forms.Form):
"""
邮箱补充表单类
用于OAuth登录过程中当第三方平台未提供用户邮箱时
要求用户手动输入邮箱地址的表单
"""
# 邮箱字段,必填字段,用于用户输入电子邮箱
email = forms.EmailField(label='电子邮箱', required=True)
# 隐藏的OAuth用户ID字段用于关联OAuth用户记录
oauthid = forms.IntegerField(widget=forms.HiddenInput, required=False)
def __init__(self, *args, **kwargs):
"""
初始化表单自定义字段控件属性
重写初始化方法为邮箱字段添加HTML属性和样式类
改善用户体验和界面美观
Args:
*args: 可变位置参数
**kwargs: 可变关键字参数
"""
# 调用父类的初始化方法
super(RequireEmailForm, self).__init__(*args, **kwargs)
# 自定义邮箱字段的widget添加placeholder和CSS类
self.fields['email'].widget = widgets.EmailInput(
attrs={'placeholder': "email", "class": "form-control"})
attrs={
'placeholder': "email", # 输入框内的提示文本
"class": "form-control" # Bootstrap样式类用于表单控件样式
})

2
src/DjangoBlog/oauth/migrations/0001_initial.py
Unescape View File

@ -1,4 +1,4 @@
# Generated by Django 4.1.7 on 2023-03-07 09:53
# oauth/migrations/0001_initial.py
from django.conf import settings
from django.db import migrations, models

80
src/DjangoBlog/oauth/migrations/0002_alter_oauthconfig_options_alter_oauthuser_options_and_more.py
Unescape View File

@ -1,86 +1,138 @@
# Generated by Django 4.2.5 on 2023-09-06 13:13
"""
Django 数据库迁移模块 - OAuth 认证配置更新
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
import django.utils.timezone
该模块是OAuth认证系统的第二次迁移主要用于优化字段命名和国际化显示
对已有的OAuthConfig和OAuthUser模型进行字段调整和选项更新
这是Django迁移系统自动生成的迁移文件在Django 4.2.5版本中创建于2023-09-06
"""
# 导入Django核心模块
from django.conf import settings # 导入Django设置
from django.db import migrations, models # 导入数据库迁移和模型相关功能
import django.db.models.deletion # 导入外键删除操作
import django.utils.timezone # 导入时区工具
class Migration(migrations.Migration):
"""
OAuth认证系统的数据库迁移更新类
这个迁移类负责对已有的OAuth相关模型进行字段优化和国际化改进
主要涉及时间字段重命名和verbose_name的英文标准化
"""
# 定义依赖关系 - 依赖于初始迁移和用户模型
dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
('oauth', '0001_initial'),
('oauth', '0001_initial'), # 依赖于oauth应用的初始迁移
]
# 定义要执行的数据库操作序列
operations = [
# 修改OAuthConfig模型的选项配置
migrations.AlterModelOptions(
name='oauthconfig',
options={'ordering': ['-creation_time'], 'verbose_name': 'oauth配置', 'verbose_name_plural': 'oauth配置'},
options={
# 更新排序字段为新的creation_time字段
'ordering': ['-creation_time'],
# 保持中文显示名称不变
'verbose_name': 'oauth配置',
'verbose_name_plural': 'oauth配置'
},
),
# 修改OAuthUser模型的选项配置
migrations.AlterModelOptions(
name='oauthuser',
options={'ordering': ['-creation_time'], 'verbose_name': 'oauth user', 'verbose_name_plural': 'oauth user'},
options={
# 更新排序字段为新的creation_time字段
'ordering': ['-creation_time'],
# 将显示名称改为英文
'verbose_name': 'oauth user',
'verbose_name_plural': 'oauth user'
},
),
# 移除OAuthConfig模型的旧时间字段
migrations.RemoveField(
model_name='oauthconfig',
name='created_time',
name='created_time', # 删除旧的创建时间字段
),
migrations.RemoveField(
model_name='oauthconfig',
name='last_mod_time',
name='last_mod_time', # 删除旧的修改时间字段
),
# 移除OAuthUser模型的旧时间字段
migrations.RemoveField(
model_name='oauthuser',
name='created_time',
name='created_time', # 删除旧的创建时间字段
),
migrations.RemoveField(
model_name='oauthuser',
name='last_mod_time',
name='last_mod_time', # 删除旧的修改时间字段
),
# 为OAuthConfig模型添加新的创建时间字段
migrations.AddField(
model_name='oauthconfig',
name='creation_time',
# 使用当前时间作为默认值,字段标签改为英文
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='creation time'),
),
# 为OAuthConfig模型添加新的修改时间字段
migrations.AddField(
model_name='oauthconfig',
name='last_modify_time',
# 使用当前时间作为默认值,字段标签改为英文
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='last modify time'),
),
# 为OAuthUser模型添加新的创建时间字段
migrations.AddField(
model_name='oauthuser',
name='creation_time',
# 使用当前时间作为默认值,字段标签改为英文
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='creation time'),
),
# 为OAuthUser模型添加新的修改时间字段
migrations.AddField(
model_name='oauthuser',
name='last_modify_time',
# 使用当前时间作为默认值,字段标签改为英文
field=models.DateTimeField(default=django.utils.timezone.now, verbose_name='last modify time'),
),
# 修改OAuthConfig回调地址字段的配置
migrations.AlterField(
model_name='oauthconfig',
name='callback_url',
# 将默认回调地址改为空字符串,字段标签改为英文
field=models.CharField(default='', max_length=200, verbose_name='callback url'),
),
# 修改OAuthConfig启用状态字段的标签
migrations.AlterField(
model_name='oauthconfig',
name='is_enable',
# 保持字段定义不变只修改verbose_name为英文
field=models.BooleanField(default=True, verbose_name='is enable'),
),
# 修改OAuthConfig类型字段的选项和标签
migrations.AlterField(
model_name='oauthconfig',
name='type',
field=models.CharField(choices=[('weibo', 'weibo'), ('google', 'google'), ('github', 'GitHub'), ('facebook', 'FaceBook'), ('qq', 'QQ')], default='a', max_length=10, verbose_name='type'),
# 将微博和谷歌的显示名称改为英文,其他保持不变
field=models.CharField(
choices=[('weibo', 'weibo'), ('google', 'google'), ('github', 'GitHub'), ('facebook', 'FaceBook'),
('qq', 'QQ')], default='a', max_length=10, verbose_name='type'),
),
# 修改OAuthUser作者字段的标签
migrations.AlterField(
model_name='oauthuser',
name='author',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL, verbose_name='author'),
# 保持外键关系不变修改verbose_name为英文
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE,
to=settings.AUTH_USER_MODEL, verbose_name='author'),
),
# 修改OAuthUser昵称字段的标签
migrations.AlterField(
model_name='oauthuser',
name='nickname',
# 保持字段定义不变只修改verbose_name为英文
field=models.CharField(max_length=50, verbose_name='nickname'),
),
]

27
src/DjangoBlog/oauth/migrations/0003_alter_oauthuser_nickname.py
Unescape View File

@ -1,18 +1,37 @@
# Generated by Django 4.2.7 on 2024-01-26 02:41
"""
Django 数据库迁移模块 - OAuth 用户昵称字段优化
from django.db import migrations, models
该模块是OAuth认证系统的第三次迁移主要用于微调OAuthUser模型中昵称字段的显示标签
这是一个小的优化迁移仅修改字段的verbose_name以改善可读性
这是Django迁移系统自动生成的迁移文件在Django 4.2.7版本中创建于2024-01-26
"""
# 导入Django核心模块
from django.db import migrations, models # 导入数据库迁移和模型相关功能
class Migration(migrations.Migration):
"""
OAuth认证系统的数据库微调迁移类
这个迁移类负责对OAuthUser模型的昵称字段进行显示标签优化
'nickname'改为'nick name'以改善管理界面的可读性
"""
# 定义依赖关系 - 依赖于前一次迁移
dependencies = [
# 依赖于oauth应用的第二次迁移字段重命名和国际化迁移
('oauth', '0002_alter_oauthconfig_options_alter_oauthuser_options_and_more'),
]
# 定义要执行的数据库操作序列
operations = [
# 修改OAuthUser模型昵称字段的显示标签
migrations.AlterField(
model_name='oauthuser',
name='nickname',
model_name='oauthuser', # 指定要修改的模型名称
name='nickname', # 指定要修改的字段名称
# 保持字段类型和约束不变仅优化verbose_name显示
# 将'nickname'改为'nick name',增加空格提高可读性
field=models.CharField(max_length=50, verbose_name='nick name'),
),
]

119
src/DjangoBlog/oauth/models.py
Unescape View File

@ -1,4 +1,11 @@
# Create your models here.
"""
OAuth 认证数据模型模块
该模块定义了OAuth认证系统所需的数据模型包括OAuth用户信息和OAuth服务商配置
用于存储第三方登录的用户数据和OAuth应用配置信息
"""
# 导入Django核心模块
from django.conf import settings
from django.core.exceptions import ValidationError
from django.db import models
@ -7,61 +14,135 @@ from django.utils.translation import gettext_lazy as _
class OAuthUser(models.Model):
"""
OAuth用户模型
存储通过第三方OAuth服务登录的用户信息包括用户基本信息
认证令牌以及与本地用户的关联关系
"""
# 关联本地用户模型的外键,可为空(未绑定本地用户时)
author = models.ForeignKey(
settings.AUTH_USER_MODEL,
verbose_name=_('author'),
blank=True,
null=True,
on_delete=models.CASCADE)
settings.AUTH_USER_MODEL, # 使用Django的可切换用户模型
verbose_name=_('author'), # 字段显示名称(支持国际化)
blank=True, # 允许表单中为空
null=True, # 允许数据库中为NULL
on_delete=models.CASCADE # 关联用户删除时级联删除OAuth用户
)
# 第三方平台的用户唯一标识符
openid = models.CharField(max_length=50)
# 用户在第三方平台的昵称
nickname = models.CharField(max_length=50, verbose_name=_('nick name'))
# OAuth访问令牌用于调用第三方API
token = models.CharField(max_length=150, null=True, blank=True)
# 用户头像的URL地址
picture = models.CharField(max_length=350, blank=True, null=True)
# OAuth服务类型weibo, github等
type = models.CharField(blank=False, null=False, max_length=50)
# 用户邮箱地址,可能为空(某些平台不提供邮箱)
email = models.CharField(max_length=50, null=True, blank=True)
# 存储额外的元数据信息使用JSON格式
metadata = models.TextField(null=True, blank=True)
# 记录创建时间,默认使用当前时间
creation_time = models.DateTimeField(_('creation time'), default=now)
# 记录最后修改时间,默认使用当前时间
last_modify_time = models.DateTimeField(_('last modify time'), default=now)
def __str__(self):
"""
定义模型的字符串表示形式
Returns:
str: 返回用户的昵称用于Admin和其他显示场景
"""
return self.nickname
class Meta:
verbose_name = _('oauth user')
verbose_name_plural = verbose_name
ordering = ['-creation_time']
"""模型元数据配置"""
verbose_name = _('oauth user') # 模型在Admin中的单数显示名称
verbose_name_plural = verbose_name # 模型在Admin中的复数显示名称
ordering = ['-creation_time'] # 默认按创建时间降序排列
class OAuthConfig(models.Model):
"""
OAuth服务配置模型
存储不同第三方OAuth服务的应用配置信息包括AppKeyAppSecret等
用于管理多个OAuth服务的认证参数
"""
# OAuth服务类型选择项
TYPE = (
('weibo', _('weibo')),
('google', _('google')),
('github', 'GitHub'),
('facebook', 'FaceBook'),
('qq', 'QQ'),
('weibo', _('weibo')), # 微博OAuth
('google', _('google')), # 谷歌OAuth
('github', 'GitHub'), # GitHub OAuth
('facebook', 'FaceBook'), # Facebook OAuth
('qq', 'QQ'), # QQ OAuth
)
# OAuth服务类型字段使用选择项限制输入
type = models.CharField(_('type'), max_length=10, choices=TYPE, default='a')
# OAuth应用的客户端IDApp Key
appkey = models.CharField(max_length=200, verbose_name='AppKey')
# OAuth应用的客户端密钥App Secret
appsecret = models.CharField(max_length=200, verbose_name='AppSecret')
# OAuth认证成功后的回调地址
callback_url = models.CharField(
max_length=200,
verbose_name=_('callback url'),
blank=False,
default='')
blank=False, # 不允许为空
default='' # 默认值为空字符串
)
# 标识该OAuth配置是否启用
is_enable = models.BooleanField(
_('is enable'), default=True, blank=False, null=False)
# 记录配置创建时间
creation_time = models.DateTimeField(_('creation time'), default=now)
# 记录配置最后修改时间
last_modify_time = models.DateTimeField(_('last modify time'), default=now)
def clean(self):
"""
模型验证方法
确保同一类型的OAuth配置只能存在一个防止重复配置
Raises:
ValidationError: 当同一类型的配置已存在时抛出异常
"""
# 检查是否已存在相同类型的配置(排除当前记录)
if OAuthConfig.objects.filter(
type=self.type).exclude(id=self.id).count():
# 抛出验证错误,提示该类型配置已存在
raise ValidationError(_(self.type + _('already exists')))
def __str__(self):
"""
定义模型的字符串表示形式
Returns:
str: 返回OAuth服务类型名称
"""
return self.type
class Meta:
verbose_name = 'oauth配置'
verbose_name_plural = verbose_name
ordering = ['-creation_time']
"""模型元数据配置"""
verbose_name = 'oauth配置' # 模型在Admin中的中文显示名称
verbose_name_plural = verbose_name # 复数显示名称
ordering = ['-creation_time'] # 默认按创建时间降序排列

282
src/DjangoBlog/oauth/oauthmanager.py
Unescape View File

@ -1,3 +1,11 @@
"""
OAuth 认证管理器模块
该模块实现了多平台OAuth认证的核心逻辑包含基类定义和具体平台实现
支持微博谷歌GitHubFacebookQQ等主流第三方登录平台
采用抽象基类和混合类设计模式提供统一的OAuth认证接口
"""
import json
import logging
import os
@ -9,79 +17,139 @@ import requests
from djangoblog.utils import cache_decorator
from oauth.models import OAuthUser, OAuthConfig
# 获取当前模块的日志记录器
logger = logging.getLogger(__name__)
class OAuthAccessTokenException(Exception):
'''
oauth授权失败异常
OAuth授权令牌获取异常类
当从OAuth服务商获取访问令牌失败时抛出此异常
通常由于错误的授权码应用配置问题或网络问题导致
'''
class BaseOauthManager(metaclass=ABCMeta):
"""获取用户授权"""
"""
OAuth认证管理器抽象基类
定义所有OAuth平台必须实现的接口和方法
提供统一的OAuth认证流程模板
"""
# OAuth授权页面URL需要子类实现
AUTH_URL = None
"""获取token"""
# 获取访问令牌的URL需要子类实现
TOKEN_URL = None
"""获取用户信息"""
# 获取用户信息的API URL需要子类实现
API_URL = None
'''icon图标名'''
# 平台图标名称,用于标识和显示(需要子类实现)
ICON_NAME = None
def __init__(self, access_token=None, openid=None):
"""
初始化OAuth管理器
Args:
access_token: 已存在的访问令牌可选
openid: 已存在的用户OpenID可选
"""
self.access_token = access_token
self.openid = openid
@property
def is_access_token_set(self):
"""检查访问令牌是否已设置"""
return self.access_token is not None
@property
def is_authorized(self):
"""检查是否已完成授权拥有令牌和OpenID"""
return self.is_access_token_set and self.access_token is not None and self.openid is not None
@abstractmethod
def get_authorization_url(self, nexturl='/'):
"""获取授权页面URL抽象方法子类必须实现"""
pass
@abstractmethod
def get_access_token_by_code(self, code):
"""通过授权码获取访问令牌(抽象方法,子类必须实现)"""
pass
@abstractmethod
def get_oauth_userinfo(self):
"""获取OAuth用户信息抽象方法子类必须实现"""
pass
@abstractmethod
def get_picture(self, metadata):
"""从元数据中提取用户头像URL抽象方法子类必须实现"""
pass
def do_get(self, url, params, headers=None):
"""
执行GET请求的通用方法
Args:
url: 请求URL
params: 请求参数
headers: 请求头可选
Returns:
str: 响应文本内容
"""
rsp = requests.get(url=url, params=params, headers=headers)
logger.info(rsp.text)
logger.info(rsp.text) # 记录响应日志
return rsp.text
def do_post(self, url, params, headers=None):
"""
执行POST请求的通用方法
Args:
url: 请求URL
params: 请求参数
headers: 请求头可选
Returns:
str: 响应文本内容
"""
rsp = requests.post(url, params, headers=headers)
logger.info(rsp.text)
logger.info(rsp.text) # 记录响应日志
return rsp.text
def get_config(self):
"""
从数据库获取当前平台的OAuth配置
Returns:
OAuthConfig: 配置对象如果不存在则返回None
"""
value = OAuthConfig.objects.filter(type=self.ICON_NAME)
return value[0] if value else None
class WBOauthManager(BaseOauthManager):
"""
微博OAuth认证管理器
实现微博平台的OAuth2.0认证流程包括授权令牌获取和用户信息获取
"""
# 微博OAuth接口地址
AUTH_URL = 'https://api.weibo.com/oauth2/authorize'
TOKEN_URL = 'https://api.weibo.com/oauth2/access_token'
API_URL = 'https://api.weibo.com/2/users/show.json'
ICON_NAME = 'weibo'
def __init__(self, access_token=None, openid=None):
"""初始化微博OAuth配置"""
config = self.get_config()
self.client_id = config.appkey if config else ''
self.client_secret = config.appsecret if config else ''
self.callback_url = config.callback_url if config else ''
self.client_id = config.appkey if config else '' # 应用Key
self.client_secret = config.appsecret if config else '' # 应用Secret
self.callback_url = config.callback_url if config else '' # 回调地址
super(
WBOauthManager,
self).__init__(
@ -89,6 +157,15 @@ class WBOauthManager(BaseOauthManager):
openid=openid)
def get_authorization_url(self, nexturl='/'):
"""
生成微博授权页面URL
Args:
nexturl: 授权成功后跳转的URL
Returns:
str: 完整的授权URL
"""
params = {
'client_id': self.client_id,
'response_type': 'code',
@ -98,7 +175,18 @@ class WBOauthManager(BaseOauthManager):
return url
def get_access_token_by_code(self, code):
"""
使用授权码获取访问令牌
Args:
code: OAuth授权码
Returns:
OAuthUser: 用户信息对象
Raises:
OAuthAccessTokenException: 令牌获取失败时抛出
"""
params = {
'client_id': self.client_id,
'client_secret': self.client_secret,
@ -110,13 +198,20 @@ class WBOauthManager(BaseOauthManager):
obj = json.loads(rsp)
if 'access_token' in obj:
# 设置访问令牌和用户ID
self.access_token = str(obj['access_token'])
self.openid = str(obj['uid'])
return self.get_oauth_userinfo()
return self.get_oauth_userinfo() # 获取并返回用户信息
else:
raise OAuthAccessTokenException(rsp)
def get_oauth_userinfo(self):
"""
获取微博用户信息
Returns:
OAuthUser: 包含用户信息的对象获取失败返回None
"""
if not self.is_authorized:
return None
params = {
@ -127,14 +222,14 @@ class WBOauthManager(BaseOauthManager):
try:
datas = json.loads(rsp)
user = OAuthUser()
user.metadata = rsp
user.picture = datas['avatar_large']
user.nickname = datas['screen_name']
user.openid = datas['id']
user.type = 'weibo'
user.token = self.access_token
user.metadata = rsp # 存储原始响应数据
user.picture = datas['avatar_large'] # 用户头像
user.nickname = datas['screen_name'] # 用户昵称
user.openid = datas['id'] # 用户OpenID
user.type = 'weibo' # 平台类型
user.token = self.access_token # 访问令牌
if 'email' in datas and datas['email']:
user.email = datas['email']
user.email = datas['email'] # 用户邮箱
return user
except Exception as e:
logger.error(e)
@ -142,13 +237,30 @@ class WBOauthManager(BaseOauthManager):
return None
def get_picture(self, metadata):
"""
从元数据中提取微博用户头像
Args:
metadata: 用户元数据JSON字符串
Returns:
str: 用户头像URL
"""
datas = json.loads(metadata)
return datas['avatar_large']
class ProxyManagerMixin:
"""
代理管理器混合类
为OAuth管理器添加HTTP代理支持用于网络访问受限的环境
"""
def __init__(self, *args, **kwargs):
"""初始化代理配置"""
if os.environ.get("HTTP_PROXY"):
# 设置HTTP和HTTPS代理
self.proxies = {
"http": os.environ.get("HTTP_PROXY"),
"https": os.environ.get("HTTP_PROXY")
@ -157,23 +269,32 @@ class ProxyManagerMixin:
self.proxies = None
def do_get(self, url, params, headers=None):
"""带代理支持的GET请求"""
rsp = requests.get(url=url, params=params, headers=headers, proxies=self.proxies)
logger.info(rsp.text)
return rsp.text
def do_post(self, url, params, headers=None):
"""带代理支持的POST请求"""
rsp = requests.post(url, params, headers=headers, proxies=self.proxies)
logger.info(rsp.text)
return rsp.text
class GoogleOauthManager(ProxyManagerMixin, BaseOauthManager):
"""
谷歌OAuth认证管理器
实现谷歌平台的OAuth2.0认证流程支持代理访问
"""
AUTH_URL = 'https://accounts.google.com/o/oauth2/v2/auth'
TOKEN_URL = 'https://www.googleapis.com/oauth2/v4/token'
API_URL = 'https://www.googleapis.com/oauth2/v3/userinfo'
ICON_NAME = 'google'
def __init__(self, access_token=None, openid=None):
"""初始化谷歌OAuth配置"""
config = self.get_config()
self.client_id = config.appkey if config else ''
self.client_secret = config.appsecret if config else ''
@ -185,22 +306,23 @@ class GoogleOauthManager(ProxyManagerMixin, BaseOauthManager):
openid=openid)
def get_authorization_url(self, nexturl='/'):
"""生成谷歌授权页面URL"""
params = {
'client_id': self.client_id,
'response_type': 'code',
'redirect_uri': self.callback_url,
'scope': 'openid email',
'scope': 'openid email', # 请求openid和email权限
}
url = self.AUTH_URL + "?" + urllib.parse.urlencode(params)
return url
def get_access_token_by_code(self, code):
"""使用授权码获取谷歌访问令牌"""
params = {
'client_id': self.client_id,
'client_secret': self.client_secret,
'grant_type': 'authorization_code',
'code': code,
'redirect_uri': self.callback_url
}
rsp = self.do_post(self.TOKEN_URL, params)
@ -216,6 +338,7 @@ class GoogleOauthManager(ProxyManagerMixin, BaseOauthManager):
raise OAuthAccessTokenException(rsp)
def get_oauth_userinfo(self):
"""获取谷歌用户信息"""
if not self.is_authorized:
return None
params = {
@ -223,17 +346,16 @@ class GoogleOauthManager(ProxyManagerMixin, BaseOauthManager):
}
rsp = self.do_get(self.API_URL, params)
try:
datas = json.loads(rsp)
user = OAuthUser()
user.metadata = rsp
user.picture = datas['picture']
user.nickname = datas['name']
user.openid = datas['sub']
user.picture = datas['picture'] # 谷歌用户头像
user.nickname = datas['name'] # 谷歌用户姓名
user.openid = datas['sub'] # 谷歌用户唯一标识
user.token = self.access_token
user.type = 'google'
if datas['email']:
user.email = datas['email']
user.email = datas['email'] # 谷歌邮箱
return user
except Exception as e:
logger.error(e)
@ -241,17 +363,25 @@ class GoogleOauthManager(ProxyManagerMixin, BaseOauthManager):
return None
def get_picture(self, metadata):
"""从元数据中提取谷歌用户头像"""
datas = json.loads(metadata)
return datas['picture']
class GitHubOauthManager(ProxyManagerMixin, BaseOauthManager):
"""
GitHub OAuth认证管理器
实现GitHub平台的OAuth2.0认证流程支持代理访问
"""
AUTH_URL = 'https://github.com/login/oauth/authorize'
TOKEN_URL = 'https://github.com/login/oauth/access_token'
API_URL = 'https://api.github.com/user'
ICON_NAME = 'github'
def __init__(self, access_token=None, openid=None):
"""初始化GitHub OAuth配置"""
config = self.get_config()
self.client_id = config.appkey if config else ''
self.client_secret = config.appsecret if config else ''
@ -263,28 +393,29 @@ class GitHubOauthManager(ProxyManagerMixin, BaseOauthManager):
openid=openid)
def get_authorization_url(self, next_url='/'):
"""生成GitHub授权页面URL"""
params = {
'client_id': self.client_id,
'response_type': 'code',
'redirect_uri': f'{self.callback_url}&next_url={next_url}',
'scope': 'user'
'scope': 'user' # 请求用户信息权限
}
url = self.AUTH_URL + "?" + urllib.parse.urlencode(params)
return url
def get_access_token_by_code(self, code):
"""使用授权码获取GitHub访问令牌"""
params = {
'client_id': self.client_id,
'client_secret': self.client_secret,
'grant_type': 'authorization_code',
'code': code,
'redirect_uri': self.callback_url
}
rsp = self.do_post(self.TOKEN_URL, params)
from urllib import parse
r = parse.parse_qs(rsp)
r = parse.parse_qs(rsp) # 解析查询字符串格式的响应
if 'access_token' in r:
self.access_token = (r['access_token'][0])
return self.access_token
@ -292,21 +423,22 @@ class GitHubOauthManager(ProxyManagerMixin, BaseOauthManager):
raise OAuthAccessTokenException(rsp)
def get_oauth_userinfo(self):
"""获取GitHub用户信息"""
# 使用Bearer Token认证方式调用GitHub API
rsp = self.do_get(self.API_URL, params={}, headers={
"Authorization": "token " + self.access_token
})
try:
datas = json.loads(rsp)
user = OAuthUser()
user.picture = datas['avatar_url']
user.nickname = datas['name']
user.openid = datas['id']
user.picture = datas['avatar_url'] # GitHub头像
user.nickname = datas['name'] # GitHub姓名
user.openid = datas['id'] # GitHub用户ID
user.type = 'github'
user.token = self.access_token
user.metadata = rsp
if 'email' in datas and datas['email']:
user.email = datas['email']
user.email = datas['email'] # GitHub邮箱
return user
except Exception as e:
logger.error(e)
@ -314,17 +446,25 @@ class GitHubOauthManager(ProxyManagerMixin, BaseOauthManager):
return None
def get_picture(self, metadata):
"""从元数据中提取GitHub用户头像"""
datas = json.loads(metadata)
return datas['avatar_url']
class FaceBookOauthManager(ProxyManagerMixin, BaseOauthManager):
"""
Facebook OAuth认证管理器
实现Facebook平台的OAuth2.0认证流程支持代理访问
"""
AUTH_URL = 'https://www.facebook.com/v16.0/dialog/oauth'
TOKEN_URL = 'https://graph.facebook.com/v16.0/oauth/access_token'
API_URL = 'https://graph.facebook.com/me'
ICON_NAME = 'facebook'
def __init__(self, access_token=None, openid=None):
"""初始化Facebook OAuth配置"""
config = self.get_config()
self.client_id = config.appkey if config else ''
self.client_secret = config.appsecret if config else ''
@ -336,22 +476,22 @@ class FaceBookOauthManager(ProxyManagerMixin, BaseOauthManager):
openid=openid)
def get_authorization_url(self, next_url='/'):
"""生成Facebook授权页面URL"""
params = {
'client_id': self.client_id,
'response_type': 'code',
'redirect_uri': self.callback_url,
'scope': 'email,public_profile'
'scope': 'email,public_profile' # 请求邮箱和公开资料权限
}
url = self.AUTH_URL + "?" + urllib.parse.urlencode(params)
return url
def get_access_token_by_code(self, code):
"""使用授权码获取Facebook访问令牌"""
params = {
'client_id': self.client_id,
'client_secret': self.client_secret,
# 'grant_type': 'authorization_code',
'code': code,
'redirect_uri': self.callback_url
}
rsp = self.do_post(self.TOKEN_URL, params)
@ -365,21 +505,23 @@ class FaceBookOauthManager(ProxyManagerMixin, BaseOauthManager):
raise OAuthAccessTokenException(rsp)
def get_oauth_userinfo(self):
"""获取Facebook用户信息"""
params = {
'access_token': self.access_token,
'fields': 'id,name,picture,email'
'fields': 'id,name,picture,email' # 指定需要返回的字段
}
try:
rsp = self.do_get(self.API_URL, params)
datas = json.loads(rsp)
user = OAuthUser()
user.nickname = datas['name']
user.openid = datas['id']
user.nickname = datas['name'] # Facebook姓名
user.openid = datas['id'] # Facebook用户ID
user.type = 'facebook'
user.token = self.access_token
user.metadata = rsp
if 'email' in datas and datas['email']:
user.email = datas['email']
user.email = datas['email'] # Facebook邮箱
# 处理嵌套的头像数据结构
if 'picture' in datas and datas['picture'] and datas['picture']['data'] and datas['picture']['data']['url']:
user.picture = str(datas['picture']['data']['url'])
return user
@ -388,18 +530,26 @@ class FaceBookOauthManager(ProxyManagerMixin, BaseOauthManager):
return None
def get_picture(self, metadata):
"""从元数据中提取Facebook用户头像"""
datas = json.loads(metadata)
return str(datas['picture']['data']['url'])
class QQOauthManager(BaseOauthManager):
"""
QQ OAuth认证管理器
实现QQ平台的OAuth2.0认证流程包含特殊的OpenID获取步骤
"""
AUTH_URL = 'https://graph.qq.com/oauth2.0/authorize'
TOKEN_URL = 'https://graph.qq.com/oauth2.0/token'
API_URL = 'https://graph.qq.com/user/get_user_info'
OPEN_ID_URL = 'https://graph.qq.com/oauth2.0/me'
OPEN_ID_URL = 'https://graph.qq.com/oauth2.0/me' # QQ特有的OpenID获取接口
ICON_NAME = 'qq'
def __init__(self, access_token=None, openid=None):
"""初始化QQ OAuth配置"""
config = self.get_config()
self.client_id = config.appkey if config else ''
self.client_secret = config.appsecret if config else ''
@ -411,6 +561,7 @@ class QQOauthManager(BaseOauthManager):
openid=openid)
def get_authorization_url(self, next_url='/'):
"""生成QQ授权页面URL"""
params = {
'response_type': 'code',
'client_id': self.client_id,
@ -420,6 +571,7 @@ class QQOauthManager(BaseOauthManager):
return url
def get_access_token_by_code(self, code):
"""使用授权码获取QQ访问令牌"""
params = {
'grant_type': 'authorization_code',
'client_id': self.client_id,
@ -429,7 +581,7 @@ class QQOauthManager(BaseOauthManager):
}
rsp = self.do_get(self.TOKEN_URL, params)
if rsp:
d = urllib.parse.parse_qs(rsp)
d = urllib.parse.parse_qs(rsp) # 解析查询字符串响应
if 'access_token' in d:
token = d['access_token']
self.access_token = token[0]
@ -438,23 +590,27 @@ class QQOauthManager(BaseOauthManager):
raise OAuthAccessTokenException(rsp)
def get_open_id(self):
"""
获取QQ用户的OpenID
QQ平台需要额外调用接口获取用户OpenID
"""
if self.is_access_token_set:
params = {
'access_token': self.access_token
}
rsp = self.do_get(self.OPEN_ID_URL, params)
if rsp:
rsp = rsp.replace(
'callback(', '').replace(
')', '').replace(
';', '')
# 清理JSONP响应格式
rsp = rsp.replace('callback(', '').replace(')', '').replace(';', '')
obj = json.loads(rsp)
openid = str(obj['openid'])
self.openid = openid
return openid
def get_oauth_userinfo(self):
openid = self.get_open_id()
"""获取QQ用户信息"""
openid = self.get_open_id() # 先获取OpenID
if openid:
params = {
'access_token': self.access_token,
@ -465,36 +621,56 @@ class QQOauthManager(BaseOauthManager):
logger.info(rsp)
obj = json.loads(rsp)
user = OAuthUser()
user.nickname = obj['nickname']
user.openid = openid
user.nickname = obj['nickname'] # QQ昵称
user.openid = openid # QQ OpenID
user.type = 'qq'
user.token = self.access_token
user.metadata = rsp
if 'email' in obj:
user.email = obj['email']
user.email = obj['email'] # QQ邮箱
if 'figureurl' in obj:
user.picture = str(obj['figureurl'])
user.picture = str(obj['figureurl']) # QQ头像
return user
def get_picture(self, metadata):
"""从元数据中提取QQ用户头像"""
datas = json.loads(metadata)
return str(datas['figureurl'])
@cache_decorator(expiration=100 * 60)
def get_oauth_apps():
"""
获取所有启用的OAuth应用配置
使用缓存装饰器缓存100分钟减少数据库查询
Returns:
list: 启用的OAuth管理器实例列表
"""
configs = OAuthConfig.objects.filter(is_enable=True).all()
if not configs:
return []
configtypes = [x.type for x in configs]
applications = BaseOauthManager.__subclasses__()
configtypes = [x.type for x in configs] # 提取启用的平台类型
applications = BaseOauthManager.__subclasses__() # 获取所有子类
# 过滤出已启用的平台管理器实例
apps = [x() for x in applications if x().ICON_NAME.lower() in configtypes]
return apps
def get_manager_by_type(type):
"""
根据平台类型获取对应的OAuth管理器
Args:
type: 平台类型字符串'weibo', 'github'
Returns:
BaseOauthManager: 对应平台的OAuth管理器实例未找到返回None
"""
applications = get_oauth_apps()
if applications:
# 查找匹配平台类型的管理器
finds = list(
filter(
lambda x: x.ICON_NAME.lower() == type.lower(),

48
src/DjangoBlog/oauth/templatetags/oauth_tags.py
Unescape View File

@ -1,22 +1,64 @@
"""
OAuth 认证模板标签模块
该模块提供Django模板标签用于在模板中动态加载和显示OAuth第三方登录应用列表
主要功能是生成可用的OAuth应用链接并在模板中渲染
"""
# 导入Django模板模块
from django import template
# 导入URL反向解析功能
from django.urls import reverse
# 导入自定义的OAuth管理器用于获取可用的OAuth应用
from oauth.oauthmanager import get_oauth_apps
# 创建模板库实例
register = template.Library()
@register.inclusion_tag('oauth/oauth_applications.html')
def load_oauth_applications(request):
"""
自定义包含标签 - 加载OAuth应用列表
该模板标签用于在页面中渲染OAuth第三方登录的应用图标和链接
它会获取所有可用的OAuth应用并生成对应的登录URL
Args:
request: HttpRequest对象用于获取当前请求的完整路径
Returns:
dict: 包含应用列表的字典用于模板渲染
- 'apps': 包含OAuth应用信息的列表每个元素为(应用类型, 登录URL)的元组
"""
# 获取所有可用的OAuth应用配置
applications = get_oauth_apps()
# 检查是否存在可用的OAuth应用
if applications:
# 生成OAuth登录的基础URL不包含参数
baseurl = reverse('oauth:oauthlogin')
# 获取当前请求的完整路径,用于登录成功后跳转回原页面
path = request.get_full_path()
apps = list(map(lambda x: (x.ICON_NAME, '{baseurl}?type={type}&next_url={next}'.format(
baseurl=baseurl, type=x.ICON_NAME, next=path)), applications))
# 使用map和lambda函数处理每个OAuth应用生成应用信息列表
# 每个应用信息包含应用类型图标名称和完整的登录URL
apps = list(map(lambda x: (
# OAuth应用的类型/图标名称weibo, github等
x.ICON_NAME,
# 生成完整的登录URL包含应用类型和回调地址参数
'{baseurl}?type={type}&next_url={next}'.format(
baseurl=baseurl, # 基础登录URL
type=x.ICON_NAME, # OAuth应用类型
next=path # 登录成功后的回调地址
)),
applications)) # 遍历的应用列表
else:
# 如果没有可用的OAuth应用返回空列表
apps = []
# 返回模板渲染所需的上下文数据
return {
'apps': apps
'apps': apps # OAuth应用列表传递给模板进行渲染
}

246
src/DjangoBlog/oauth/tests.py
Unescape View File

@ -1,55 +1,112 @@
"""
OAuth 认证测试模块
该模块包含OAuth认证系统的完整测试用例覆盖所有支持的第三方登录平台
测试包括配置验证授权流程用户信息获取和异常处理等场景
"""
import json
from unittest.mock import patch
# 导入Django测试相关模块
from django.conf import settings
from django.contrib import auth
from django.test import Client, RequestFactory, TestCase
from django.urls import reverse
# 导入项目工具函数和模型
from djangoblog.utils import get_sha256
from oauth.models import OAuthConfig
from oauth.oauthmanager import BaseOauthManager
# Create your tests here.
class OAuthConfigTest(TestCase):
"""
OAuth配置模型测试类
测试OAuth配置的基本功能包括配置保存和基础授权流程
"""
def setUp(self):
self.client = Client()
self.factory = RequestFactory()
"""
测试初始化方法
在每个测试方法执行前运行创建测试所需的客户端和工厂对象
"""
self.client = Client() # 创建测试客户端
self.factory = RequestFactory() # 创建请求工厂
def test_oauth_login_test(self):
"""
测试OAuth登录流程
验证微博OAuth配置的创建和基础授权重定向功能
"""
# 创建微博OAuth配置
c = OAuthConfig()
c.type = 'weibo'
c.appkey = 'appkey'
c.appsecret = 'appsecret'
c.save()
# 测试OAuth登录请求应该重定向到微博授权页面
response = self.client.get('/oauth/oauthlogin?type=weibo')
self.assertEqual(response.status_code, 302)
self.assertTrue("api.weibo.com" in response.url)
self.assertEqual(response.status_code, 302) # 验证重定向状态码
self.assertTrue("api.weibo.com" in response.url) # 验证重定向到微博
# 测试授权回调请求(模拟授权码流程)
response = self.client.get('/oauth/authorize?type=weibo&code=code')
self.assertEqual(response.status_code, 302)
self.assertEqual(response.url, '/')
self.assertEqual(response.status_code, 302) # 验证重定向状态码
self.assertEqual(response.url, '/') # 验证重定向到首页
class OauthLoginTest(TestCase):
"""
OAuth登录流程测试类
测试所有支持的OAuth平台的完整登录流程包括模拟API调用和用户认证
"""
def setUp(self) -> None:
self.client = Client()
self.factory = RequestFactory()
self.apps = self.init_apps()
"""
测试初始化方法
创建测试环境初始化所有OAuth应用配置
"""
self.client = Client() # 创建测试客户端
self.factory = RequestFactory() # 创建请求工厂
self.apps = self.init_apps() # 初始化所有OAuth应用配置
def init_apps(self):
"""
初始化所有OAuth应用配置
为每个OAuth平台创建测试配置数据
Returns:
list: 初始化的OAuth管理器实例列表
"""
# 获取所有OAuth管理器的子类并实例化
applications = [p() for p in BaseOauthManager.__subclasses__()]
for application in applications:
# 为每个平台创建测试配置
c = OAuthConfig()
c.type = application.ICON_NAME.lower()
c.appkey = 'appkey'
c.appsecret = 'appsecret'
c.type = application.ICON_NAME.lower() # 设置平台类型
c.appkey = 'appkey' # 测试应用Key
c.appsecret = 'appsecret' # 测试应用Secret
c.save()
return applications
def get_app_by_type(self, type):
"""
根据类型获取OAuth应用
Args:
type: 平台类型字符串
Returns:
BaseOauthManager: 对应平台的OAuth管理器实例
"""
for app in self.apps:
if app.ICON_NAME.lower() == type:
return app
@ -57,73 +114,129 @@ class OauthLoginTest(TestCase):
@patch("oauth.oauthmanager.WBOauthManager.do_post")
@patch("oauth.oauthmanager.WBOauthManager.do_get")
def test_weibo_login(self, mock_do_get, mock_do_post):
"""
测试微博OAuth登录流程
使用模拟对象测试微博授权码获取令牌和用户信息的完整流程
Args:
mock_do_get: 模拟GET请求的mock对象
mock_do_post: 模拟POST请求的mock对象
"""
weibo_app = self.get_app_by_type('weibo')
assert weibo_app
assert weibo_app # 验证微博应用存在
# 测试授权URL生成
url = weibo_app.get_authorization_url()
# 设置模拟返回值 - 令牌获取响应
mock_do_post.return_value = json.dumps({"access_token": "access_token",
"uid": "uid"
})
# 设置模拟返回值 - 用户信息获取响应
mock_do_get.return_value = json.dumps({
"avatar_large": "avatar_large",
"screen_name": "screen_name",
"id": "id",
"email": "email",
})
# 执行授权码换取用户信息流程
userinfo = weibo_app.get_access_token_by_code('code')
self.assertEqual(userinfo.token, 'access_token')
self.assertEqual(userinfo.openid, 'id')
# 验证返回的用户信息正确性
self.assertEqual(userinfo.token, 'access_token') # 验证访问令牌
self.assertEqual(userinfo.openid, 'id') # 验证用户OpenID
@patch("oauth.oauthmanager.GoogleOauthManager.do_post")
@patch("oauth.oauthmanager.GoogleOauthManager.do_get")
def test_google_login(self, mock_do_get, mock_do_post):
"""
测试谷歌OAuth登录流程
验证谷歌OAuth的令牌获取和用户信息解析
"""
google_app = self.get_app_by_type('google')
assert google_app
assert google_app # 验证谷歌应用存在
# 测试授权URL生成
url = google_app.get_authorization_url()
# 设置模拟返回值 - 令牌获取响应
mock_do_post.return_value = json.dumps({
"access_token": "access_token",
"id_token": "id_token",
})
# 设置模拟返回值 - 用户信息获取响应
mock_do_get.return_value = json.dumps({
"picture": "picture",
"name": "name",
"sub": "sub",
"email": "email",
})
# 执行授权流程
token = google_app.get_access_token_by_code('code')
userinfo = google_app.get_oauth_userinfo()
self.assertEqual(userinfo.token, 'access_token')
self.assertEqual(userinfo.openid, 'sub')
# 验证用户信息正确性
self.assertEqual(userinfo.token, 'access_token') # 验证访问令牌
self.assertEqual(userinfo.openid, 'sub') # 验证用户唯一标识
@patch("oauth.oauthmanager.GitHubOauthManager.do_post")
@patch("oauth.oauthmanager.GitHubOauthManager.do_get")
def test_github_login(self, mock_do_get, mock_do_post):
"""
测试GitHub OAuth登录流程
验证GitHub的特殊令牌响应格式和用户信息获取
"""
github_app = self.get_app_by_type('github')
assert github_app
assert github_app # 验证GitHub应用存在
# 测试授权URL生成
url = github_app.get_authorization_url()
self.assertTrue("github.com" in url)
self.assertTrue("client_id" in url)
self.assertTrue("github.com" in url) # 验证URL包含GitHub域名
self.assertTrue("client_id" in url) # 验证URL包含客户端ID
# 设置模拟返回值 - GitHub特殊的查询字符串格式响应
mock_do_post.return_value = "access_token=gho_16C7e42F292c6912E7710c838347Ae178B4a&scope=repo%2Cgist&token_type=bearer"
# 设置模拟返回值 - 用户信息获取响应
mock_do_get.return_value = json.dumps({
"avatar_url": "avatar_url",
"name": "name",
"id": "id",
"email": "email",
})
# 执行授权流程
token = github_app.get_access_token_by_code('code')
userinfo = github_app.get_oauth_userinfo()
self.assertEqual(userinfo.token, 'gho_16C7e42F292c6912E7710c838347Ae178B4a')
self.assertEqual(userinfo.openid, 'id')
# 验证用户信息正确性
self.assertEqual(userinfo.token, 'gho_16C7e42F292c6912E7710c838347Ae178B4a') # 验证GitHub令牌
self.assertEqual(userinfo.openid, 'id') # 验证用户ID
@patch("oauth.oauthmanager.FaceBookOauthManager.do_post")
@patch("oauth.oauthmanager.FaceBookOauthManager.do_get")
def test_facebook_login(self, mock_do_get, mock_do_post):
"""
测试Facebook OAuth登录流程
验证Facebook的令牌获取和嵌套头像数据结构处理
"""
facebook_app = self.get_app_by_type('facebook')
assert facebook_app
assert facebook_app # 验证Facebook应用存在
# 测试授权URL生成
url = facebook_app.get_authorization_url()
self.assertTrue("facebook.com" in url)
self.assertTrue("facebook.com" in url) # 验证URL包含Facebook域名
# 设置模拟返回值 - 令牌获取响应
mock_do_post.return_value = json.dumps({
"access_token": "access_token",
})
# 设置模拟返回值 - 用户信息获取响应(包含嵌套的头像数据)
mock_do_get.return_value = json.dumps({
"name": "name",
"id": "id",
@ -134,14 +247,18 @@ class OauthLoginTest(TestCase):
}
}
})
# 执行授权流程
token = facebook_app.get_access_token_by_code('code')
userinfo = facebook_app.get_oauth_userinfo()
# 验证访问令牌正确性
self.assertEqual(userinfo.token, 'access_token')
@patch("oauth.oauthmanager.QQOauthManager.do_get", side_effect=[
'access_token=access_token&expires_in=3600',
'callback({"client_id":"appid","openid":"openid"} );',
json.dumps({
'access_token=access_token&expires_in=3600', # 第一次调用:令牌获取响应
'callback({"client_id":"appid","openid":"openid"} );', # 第二次调用OpenID获取响应
json.dumps({ # 第三次调用:用户信息获取响应
"nickname": "nickname",
"email": "email",
"figureurl": "figureurl",
@ -149,21 +266,41 @@ class OauthLoginTest(TestCase):
})
])
def test_qq_login(self, mock_do_get):
"""
测试QQ OAuth登录流程
验证QQ的特殊三步骤流程获取令牌 获取OpenID 获取用户信息
Args:
mock_do_get: 配置了side_effect的模拟GET请求对象
"""
qq_app = self.get_app_by_type('qq')
assert qq_app
assert qq_app # 验证QQ应用存在
# 测试授权URL生成
url = qq_app.get_authorization_url()
self.assertTrue("qq.com" in url)
self.assertTrue("qq.com" in url) # 验证URL包含QQ域名
# 执行授权流程mock_do_get会根据side_effect顺序返回不同的响应
token = qq_app.get_access_token_by_code('code')
userinfo = qq_app.get_oauth_userinfo()
# 验证访问令牌正确性
self.assertEqual(userinfo.token, 'access_token')
@patch("oauth.oauthmanager.WBOauthManager.do_post")
@patch("oauth.oauthmanager.WBOauthManager.do_get")
def test_weibo_authoriz_login_with_email(self, mock_do_get, mock_do_post):
"""
测试带邮箱的微博授权登录完整流程
验证用户首次登录和重复登录的场景确保用户认证状态正确
"""
# 设置模拟返回值 - 令牌获取响应
mock_do_post.return_value = json.dumps({"access_token": "access_token",
"uid": "uid"
})
# 设置模拟用户信息(包含邮箱)
mock_user_info = {
"avatar_large": "avatar_large",
"screen_name": "screen_name1",
@ -172,25 +309,32 @@ class OauthLoginTest(TestCase):
}
mock_do_get.return_value = json.dumps(mock_user_info)
# 第一步发起OAuth登录请求
response = self.client.get('/oauth/oauthlogin?type=weibo')
self.assertEqual(response.status_code, 302)
self.assertTrue("api.weibo.com" in response.url)
self.assertEqual(response.status_code, 302) # 验证重定向
self.assertTrue("api.weibo.com" in response.url) # 验证重定向到微博
# 第二步:模拟授权回调(首次登录)
response = self.client.get('/oauth/authorize?type=weibo&code=code')
self.assertEqual(response.status_code, 302)
self.assertEqual(response.url, '/')
self.assertEqual(response.status_code, 302) # 验证重定向
self.assertEqual(response.url, '/') # 验证重定向到首页
# 验证用户认证状态
user = auth.get_user(self.client)
assert user.is_authenticated
assert user.is_authenticated # 验证用户已认证
self.assertTrue(user.is_authenticated)
self.assertEqual(user.username, mock_user_info['screen_name'])
self.assertEqual(user.email, mock_user_info['email'])
self.assertEqual(user.username, mock_user_info['screen_name']) # 验证用户名
self.assertEqual(user.email, mock_user_info['email']) # 验证邮箱
# 登出用户
self.client.logout()
# 第三步:模拟再次登录(测试重复登录场景)
response = self.client.get('/oauth/authorize?type=weibo&code=code')
self.assertEqual(response.status_code, 302)
self.assertEqual(response.url, '/')
# 验证用户再次认证状态
user = auth.get_user(self.client)
assert user.is_authenticated
self.assertTrue(user.is_authenticated)
@ -200,10 +344,16 @@ class OauthLoginTest(TestCase):
@patch("oauth.oauthmanager.WBOauthManager.do_post")
@patch("oauth.oauthmanager.WBOauthManager.do_get")
def test_weibo_authoriz_login_without_email(self, mock_do_get, mock_do_post):
"""
测试不带邮箱的微博授权登录完整流程
验证需要补充邮箱的场景包括邮箱表单提交和邮箱确认流程
"""
# 设置模拟返回值 - 令牌获取响应
mock_do_post.return_value = json.dumps({"access_token": "access_token",
"uid": "uid"
})
# 设置模拟用户信息(不包含邮箱)
mock_user_info = {
"avatar_large": "avatar_large",
"screen_name": "screen_name1",
@ -211,28 +361,34 @@ class OauthLoginTest(TestCase):
}
mock_do_get.return_value = json.dumps(mock_user_info)
# 第一步发起OAuth登录请求
response = self.client.get('/oauth/oauthlogin?type=weibo')
self.assertEqual(response.status_code, 302)
self.assertTrue("api.weibo.com" in response.url)
# 第二步:模拟授权回调(应该重定向到邮箱补充页面)
response = self.client.get('/oauth/authorize?type=weibo&code=code')
self.assertEqual(response.status_code, 302)
# 解析OAuth用户ID从重定向URL中
oauth_user_id = int(response.url.split('/')[-1].split('.')[0])
self.assertEqual(response.url, f'/oauth/requireemail/{oauth_user_id}.html')
# 第三步:提交邮箱表单
response = self.client.post(response.url, {'email': 'test@gmail.com', 'oauthid': oauth_user_id})
self.assertEqual(response.status_code, 302)
# 生成邮箱确认签名
sign = get_sha256(settings.SECRET_KEY +
str(oauth_user_id) + settings.SECRET_KEY)
# 验证重定向到绑定成功页面
url = reverse('oauth:bindsuccess', kwargs={
'oauthid': oauth_user_id,
})
self.assertEqual(response.url, f'{url}?type=email')
# 第四步:模拟邮箱确认链接点击
path = reverse('oauth:email_confirm', kwargs={
'id': oauth_user_id,
'sign': sign
@ -240,10 +396,12 @@ class OauthLoginTest(TestCase):
response = self.client.get(path)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.url, f'/oauth/bindsuccess/{oauth_user_id}.html?type=success')
# 验证最终用户认证状态和关联信息
user = auth.get_user(self.client)
from oauth.models import OAuthUser
oauth_user = OAuthUser.objects.get(author=user)
self.assertTrue(user.is_authenticated)
self.assertEqual(user.username, mock_user_info['screen_name'])
self.assertEqual(user.email, 'test@gmail.com')
self.assertEqual(oauth_user.pk, oauth_user_id)
self.assertTrue(user.is_authenticated) # 验证用户已认证
self.assertEqual(user.username, mock_user_info['screen_name']) # 验证用户名
self.assertEqual(user.email, 'test@gmail.com') # 验证补充的邮箱
self.assertEqual(oauth_user.pk, oauth_user_id) # 验证OAuth用户关联正确

56
src/DjangoBlog/oauth/urls.py
Unescape View File

@ -1,25 +1,53 @@
"""
OAuth 认证URL路由配置模块
该模块定义了OAuth认证系统的所有URL路由包括授权回调邮箱验证绑定成功等端点
这些路由处理第三方登录的完整流程从初始授权到最终的用户绑定
"""
# 导入Django URL路由相关模块
from django.urls import path
# 导入当前应用的视图模块
from . import views
# 定义应用命名空间用于URL反向解析
app_name = "oauth"
# 定义URL模式列表将URL路径映射到对应的视图处理函数
urlpatterns = [
# OAuth授权回调端点 - 处理第三方平台返回的授权码
path(
r'oauth/authorize',
views.authorize),
r'oauth/authorize', # URL路径/oauth/authorize
views.authorize, # 对应的视图函数
# 名称未指定使用默认可通过views.authorize.__name__访问
),
# 邮箱补充页面 - 当第三方登录未提供邮箱时显示
path(
r'oauth/requireemail/<int:oauthid>.html',
views.RequireEmailView.as_view(),
name='require_email'),
r'oauth/requireemail/<int:oauthid>.html', # URL路径包含OAuth用户ID参数
views.RequireEmailView.as_view(), # 类视图需要调用as_view()方法
name='require_email' # URL名称用于反向解析
),
# 邮箱确认端点 - 验证用户提交的邮箱地址
path(
r'oauth/emailconfirm/<int:id>/<sign>.html',
views.emailconfirm,
name='email_confirm'),
r'oauth/emailconfirm/<int:id>/<sign>.html', # URL路径包含用户ID和签名参数
views.emailconfirm, # 对应的视图函数
name='email_confirm' # URL名称用于反向解析
),
# 绑定成功页面 - 显示OAuth账号绑定成功信息
path(
r'oauth/bindsuccess/<int:oauthid>.html',
views.bindsuccess,
name='bindsuccess'),
r'oauth/bindsuccess/<int:oauthid>.html', # URL路径包含OAuth用户ID参数
views.bindsuccess, # 对应的视图函数
name='bindsuccess' # URL名称用于反向解析
),
# OAuth登录入口 - 初始化第三方登录流程
path(
r'oauth/oauthlogin',
views.oauthlogin,
name='oauthlogin')]
r'oauth/oauthlogin', # URL路径/oauth/oauthlogin
views.oauthlogin, # 对应的视图函数
name='oauthlogin' # URL名称用于反向解析
)
]

282
src/DjangoBlog/oauth/views.py
Unescape View File

@ -1,119 +1,223 @@
"""
OAuth 认证视图模块
该模块实现了OAuth认证系统的核心视图逻辑处理第三方登录的完整流程
包括授权初始化回调处理邮箱验证用户绑定等功能
"""
import logging
# Create your views here.
from urllib.parse import urlparse
# 导入日志模块
from urllib.parse import urlparse # 导入URL解析工具
# 导入Django核心模块
from django.conf import settings
from django.contrib.auth import get_user_model
from django.contrib.auth import login
from django.core.exceptions import ObjectDoesNotExist
from django.db import transaction
from django.http import HttpResponseForbidden
from django.http import HttpResponseRedirect
from django.shortcuts import get_object_or_404
from django.shortcuts import render
from django.urls import reverse
from django.utils import timezone
from django.utils.translation import gettext_lazy as _
from django.views.generic import FormView
from djangoblog.blog_signals import oauth_user_login_signal
from djangoblog.utils import get_current_site
from djangoblog.utils import send_email, get_sha256
from oauth.forms import RequireEmailForm
from .models import OAuthUser
from .oauthmanager import get_manager_by_type, OAuthAccessTokenException
from django.contrib.auth import get_user_model # 获取用户模型
from django.contrib.auth import login # 用户登录功能
from django.core.exceptions import ObjectDoesNotExist # 对象不存在异常
from django.db import transaction # 数据库事务
from django.http import HttpResponseForbidden # 403禁止访问响应
from django.http import HttpResponseRedirect # 重定向响应
from django.shortcuts import get_object_or_404 # 获取对象或404
from django.shortcuts import render # 模板渲染
from django.urls import reverse # URL反向解析
from django.utils import timezone # 时区工具
from django.utils.translation import gettext_lazy as _ # 国际化翻译
from django.views.generic import FormView # 表单视图基类
# 导入项目自定义模块
from djangoblog.blog_signals import oauth_user_login_signal # 信号量
from djangoblog.utils import get_current_site # 获取当前站点
from djangoblog.utils import send_email, get_sha256 # 邮件发送和加密工具
from oauth.forms import RequireEmailForm # 邮箱表单
from .models import OAuthUser # OAuth用户模型
from .oauthmanager import get_manager_by_type, OAuthAccessTokenException # OAuth管理器
# 获取当前模块的日志记录器
logger = logging.getLogger(__name__)
def get_redirecturl(request):
"""
获取安全的重定向URL
验证next_url参数的安全性防止开放重定向漏洞
Args:
request: HttpRequest对象
Returns:
str: 安全的跳转URL默认为首页
"""
# 从请求参数获取跳转URL
nexturl = request.GET.get('next_url', None)
# 如果nexturl为空或是登录页面则重定向到首页
if not nexturl or nexturl == '/login/' or nexturl == '/login':
nexturl = '/'
return nexturl
# 解析URL以验证安全性
p = urlparse(nexturl)
# 检查URL是否指向外部域名防止开放重定向攻击
if p.netloc:
site = get_current_site().domain
# 比较域名忽略www前缀如果不匹配则视为非法URL
if not p.netloc.replace('www.', '') == site.replace('www.', ''):
logger.info('非法url:' + nexturl)
return "/"
return "/" # 重定向到首页
return nexturl
def oauthlogin(request):
"""
OAuth登录入口视图
根据平台类型初始化第三方登录流程重定向到对应平台的授权页面
Args:
request: HttpRequest对象
Returns:
HttpResponseRedirect: 重定向到第三方授权页面或首页
"""
# 从请求参数获取OAuth平台类型
type = request.GET.get('type', None)
if not type:
return HttpResponseRedirect('/')
return HttpResponseRedirect('/') # 类型为空则重定向到首页
# 获取对应平台的OAuth管理器
manager = get_manager_by_type(type)
if not manager:
return HttpResponseRedirect('/')
return HttpResponseRedirect('/') # 管理器不存在则重定向到首页
# 获取安全的跳转URL
nexturl = get_redirecturl(request)
# 生成第三方平台的授权URL
authorizeurl = manager.get_authorization_url(nexturl)
# 重定向到第三方授权页面
return HttpResponseRedirect(authorizeurl)
def authorize(request):
"""
OAuth授权回调视图
处理第三方平台返回的授权码获取访问令牌和用户信息
完成用户认证或引导用户补充信息
Args:
request: HttpRequest对象
Returns:
HttpResponseRedirect: 重定向到相应页面
"""
# 从请求参数获取OAuth平台类型
type = request.GET.get('type', None)
if not type:
return HttpResponseRedirect('/')
# 获取对应平台的OAuth管理器
manager = get_manager_by_type(type)
if not manager:
return HttpResponseRedirect('/')
# 从请求参数获取授权码
code = request.GET.get('code', None)
try:
# 使用授权码获取访问令牌和用户信息
rsp = manager.get_access_token_by_code(code)
except OAuthAccessTokenException as e:
# 处理令牌获取异常
logger.warning("OAuthAccessTokenException:" + str(e))
return HttpResponseRedirect('/')
except Exception as e:
# 处理其他异常
logger.error(e)
rsp = None
# 获取安全的跳转URL
nexturl = get_redirecturl(request)
# 如果获取用户信息失败,重新跳转到授权页面
if not rsp:
return HttpResponseRedirect(manager.get_authorization_url(nexturl))
# 获取OAuth用户信息
user = manager.get_oauth_userinfo()
if user:
# 处理昵称为空的情况,生成默认昵称
if not user.nickname or not user.nickname.strip():
user.nickname = "djangoblog" + timezone.now().strftime('%y%m%d%I%M%S')
try:
# 检查是否已存在相同平台和OpenID的用户
temp = OAuthUser.objects.get(type=type, openid=user.openid)
# 更新现有用户信息
temp.picture = user.picture
temp.metadata = user.metadata
temp.nickname = user.nickname
user = temp
except ObjectDoesNotExist:
# 用户不存在,使用新用户对象
pass
# facebook的token过长
# Facebook的token过长清空存储
if type == 'facebook':
user.token = ''
# 如果用户有邮箱,直接完成登录流程
if user.email:
with transaction.atomic():
with transaction.atomic(): # 使用事务保证数据一致性
author = None
try:
# 尝试获取已关联的本地用户
author = get_user_model().objects.get(id=user.author_id)
except ObjectDoesNotExist:
pass
# 如果没有关联的本地用户
if not author:
# 根据邮箱获取或创建本地用户
result = get_user_model().objects.get_or_create(email=user.email)
author = result[0]
# 如果是新创建的用户
if result[1]:
try:
# 检查昵称是否已被使用
get_user_model().objects.get(username=user.nickname)
except ObjectDoesNotExist:
# 昵称可用,设置为用户名
author.username = user.nickname
else:
# 昵称已被使用,生成唯一用户名
author.username = "djangoblog" + timezone.now().strftime('%y%m%d%I%M%S')
# 设置用户来源和保存
author.source = 'authorize'
author.save()
# 关联OAuth用户和本地用户
user.author = author
user.save()
# 发送用户登录信号
oauth_user_login_signal.send(
sender=authorize.__class__, id=user.id)
# 登录用户
login(request, author)
# 重定向到目标页面
return HttpResponseRedirect(nexturl)
else:
# 用户没有邮箱,保存用户信息并跳转到邮箱补充页面
user.save()
url = reverse('oauth:require_email', kwargs={
'oauthid': user.id
@ -121,35 +225,68 @@ def authorize(request):
return HttpResponseRedirect(url)
else:
# 获取用户信息失败,重定向到目标页面
return HttpResponseRedirect(nexturl)
def emailconfirm(request, id, sign):
"""
邮箱确认视图
验证邮箱确认链接的签名完成OAuth用户与本地用户的绑定
Args:
request: HttpRequest对象
id: OAuth用户ID
sign: 安全签名
Returns:
HttpResponseRedirect: 重定向到绑定成功页面
"""
# 验证签名是否存在
if not sign:
return HttpResponseForbidden()
# 验证签名是否正确
if not get_sha256(settings.SECRET_KEY +
str(id) +
settings.SECRET_KEY).upper() == sign.upper():
return HttpResponseForbidden()
# 获取OAuth用户对象
oauthuser = get_object_or_404(OAuthUser, pk=id)
with transaction.atomic():
with transaction.atomic(): # 使用事务保证数据一致性
# 处理用户关联
if oauthuser.author:
# 已有关联用户,直接获取
author = get_user_model().objects.get(pk=oauthuser.author_id)
else:
# 没有关联用户,根据邮箱创建或获取用户
result = get_user_model().objects.get_or_create(email=oauthuser.email)
author = result[0]
# 如果是新创建的用户
if result[1]:
author.source = 'emailconfirm'
author.source = 'emailconfirm' # 设置用户来源
# 设置用户名(使用昵称或生成唯一用户名)
author.username = oauthuser.nickname.strip() if oauthuser.nickname.strip(
) else "djangoblog" + timezone.now().strftime('%y%m%d%I%M%S')
author.save()
# 保存用户关联关系
oauthuser.author = author
oauthuser.save()
# 发送用户登录信号
oauth_user_login_signal.send(
sender=emailconfirm.__class__,
id=oauthuser.id)
# 登录用户
login(request, author)
# 准备邮件内容
site = 'http://' + get_current_site().domain
content = _('''
<p>Congratulations, you have successfully bound your email address. You can use
@ -162,7 +299,10 @@ def emailconfirm(request, id, sign):
%(site)s
''') % {'oauthuser_type': oauthuser.type, 'site': site}
# 发送绑定成功邮件
send_email(emailto=[oauthuser.email, ], title=_('Congratulations on your successful binding!'), content=content)
# 重定向到绑定成功页面
url = reverse('oauth:bindsuccess', kwargs={
'oauthid': id
})
@ -171,49 +311,96 @@ def emailconfirm(request, id, sign):
class RequireEmailView(FormView):
form_class = RequireEmailForm
template_name = 'oauth/require_email.html'
"""
邮箱补充表单视图
当第三方登录未提供邮箱时显示表单让用户输入邮箱地址
"""
form_class = RequireEmailForm # 使用的表单类
template_name = 'oauth/require_email.html' # 模板名称
def get(self, request, *args, **kwargs):
oauthid = self.kwargs['oauthid']
"""
GET请求处理
检查OAuth用户是否已有邮箱如有则跳过此步骤
"""
oauthid = self.kwargs['oauthid'] # 获取OAuth用户ID
oauthuser = get_object_or_404(OAuthUser, pk=oauthid)
# 如果用户已有邮箱,理论上应该跳过此步骤
if oauthuser.email:
pass
# return HttpResponseRedirect('/')
# 这里可以添加重定向逻辑:return HttpResponseRedirect('/')
return super(RequireEmailView, self).get(request, *args, **kwargs)
def get_initial(self):
"""
设置表单初始值
Returns:
dict: 包含初始值的字典
"""
oauthid = self.kwargs['oauthid']
return {
'email': '',
'oauthid': oauthid
'email': '', # 邮箱初始值为空
'oauthid': oauthid # 隐藏的OAuth用户ID
}
def get_context_data(self, **kwargs):
"""
添加上下文数据
将OAuth用户的头像URL添加到模板上下文
"""
oauthid = self.kwargs['oauthid']
oauthuser = get_object_or_404(OAuthUser, pk=oauthid)
# 如果用户有头像,添加到上下文
if oauthuser.picture:
kwargs['picture'] = oauthuser.picture
return super(RequireEmailView, self).get_context_data(**kwargs)
def form_valid(self, form):
"""
表单验证通过后的处理
保存用户邮箱发送确认邮件
Args:
form: 验证通过的表单实例
Returns:
HttpResponseRedirect: 重定向到邮件发送提示页面
"""
# 获取表单数据
email = form.cleaned_data['email']
oauthid = form.cleaned_data['oauthid']
# 获取OAuth用户并更新邮箱
oauthuser = get_object_or_404(OAuthUser, pk=oauthid)
oauthuser.email = email
oauthuser.save()
# 生成安全签名
sign = get_sha256(settings.SECRET_KEY +
str(oauthuser.id) + settings.SECRET_KEY)
# 构建确认链接
site = get_current_site().domain
if settings.DEBUG:
site = '127.0.0.1:8000'
site = '127.0.0.1:8000' # 调试模式使用本地地址
path = reverse('oauth:email_confirm', kwargs={
'id': oauthid,
'sign': sign
})
url = "http://{site}{path}".format(site=site, path=path)
# 准备邮件内容
content = _("""
<p>Please click the link below to bind your email</p>
@ -225,28 +412,51 @@ class RequireEmailView(FormView):
<br />
%(url)s
""") % {'url': url}
# 发送确认邮件
send_email(emailto=[email, ], title=_('Bind your email'), content=content)
# 重定向到提示页面
url = reverse('oauth:bindsuccess', kwargs={
'oauthid': oauthid
})
url = url + '?type=email'
url = url + '?type=email' # 添加类型参数
return HttpResponseRedirect(url)
def bindsuccess(request, oauthid):
"""
绑定成功页面视图
根据绑定状态显示不同的成功信息
Args:
request: HttpRequest对象
oauthid: OAuth用户ID
Returns:
HttpResponse: 渲染的绑定成功页面
"""
# 获取绑定类型
type = request.GET.get('type', None)
oauthuser = get_object_or_404(OAuthUser, pk=oauthid)
# 根据类型设置不同的显示内容
if type == 'email':
# 邮箱已发送状态
title = _('Bind your email')
content = _(
'Congratulations, the binding is just one step away. '
'Please log in to your email to check the email to complete the binding. Thank you.')
else:
# 绑定完成状态
title = _('Binding successful')
content = _(
"Congratulations, you have successfully bound your email address. You can use %(oauthuser_type)s"
" to directly log in to this website without a password. You are welcome to continue to follow this site." % {
'oauthuser_type': oauthuser.type})
# 渲染绑定成功页面
return render(request, 'oauth/bindsuccess.html', {
'title': title,
'content': content

398
src/DjangoBlog/templates/blog/article_detail.html
Unescape View File

@ -2,12 +2,158 @@
{% load blog_tags %}
{% block header %}
<style>
/* 点赞按钮样式 */
.article-like-btn {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
background-color: #f8f9fa;
border: 2px solid #dee2e6;
border-radius: 25px;
cursor: pointer;
transition: all 0.3s ease;
font-size: 16px;
color: #495057;
text-align: center;
}
.article-like-btn:hover {
background-color: #e9ecef;
border-color: #adb5bd;
transform: translateY(-2px);
box-shadow: 0 4px 8px rgba(0,0,0,0.1);
}
.article-like-btn.liked {
background-color: #ff6b6b;
border-color: #ff6b6b;
color: white;
}
.article-like-btn.liked:hover {
background-color: #ff5252;
border-color: #ff5252;
}
.article-like-btn i {
margin-right: 5px;
font-size: 18px;
}
.article-like-btn.liked i {
animation: heartBeat 0.3s ease;
}
/* 收藏按钮样式 */
.article-favorite-btn {
display: inline-block;
padding: 10px 20px;
margin: 20px 0;
background-color: #f8f9fa;
border: 2px solid #dee2e6;
border-radius: 25px;
cursor: pointer;
transition: all 0.3s ease;
font-size: 16px;
color: #495057;
text-align: center;
}
.article-favorite-btn:hover {
background-color: #e9ecef;
border-color: #adb5bd;
transform: translateY(-2px);
box-shadow: 0 4px 8px rgba(0,0,0,0.1);
}
.article-favorite-btn.favorited {
background-color: #ffc107;
border-color: #ffc107;
color: white;
}
.article-favorite-btn.favorited:hover {
background-color: #ffb300;
border-color: #ffb300;
}
.article-favorite-btn i {
margin-right: 5px;
font-size: 18px;
}
.article-favorite-btn.favorited i {
animation: starBounce 0.3s ease;
}
@keyframes heartBeat {
0%, 100% { transform: scale(1); }
25% { transform: scale(1.2); }
50% { transform: scale(1.1); }
}
@keyframes starBounce {
0%, 100% { transform: scale(1); }
50% { transform: scale(1.2); }
}
.like-container {
text-align: center;
margin: 30px 0;
}
.article-like-btn:disabled,
.article-favorite-btn:disabled {
opacity: 0.6;
cursor: not-allowed;
}
</style>
{% endblock %}
{% block content %}
<div id="primary" class="site-content">
<div id="content" role="main">
{% load_article_detail article False user %}
<!-- 文章点赞和收藏按钮 -->
<div class="like-container" style="display: flex; gap: 15px; justify-content: center; flex-wrap: wrap;">
<!-- 点赞按钮 -->
{% if user.is_authenticated %}
<button class="article-like-btn {{ article_liked_class }}"
id="like-btn"
data-article-id="{{ article.id }}"
onclick="toggleLike()">
<i class="{{ like_icon_class }}" id="like-icon"></i>
<span id="like-text">{{ like_text }}</span>
<span id="like-count">{{ article.like_count }}</span>
</button>
{% else %}
<button class="article-like-btn" disabled title="请登录后点赞">
<i class="fa fa-heart-o"></i>
<span>点赞</span>
<span id="like-count">{{ article.like_count }}</span>
</button>
{% endif %}
<!-- 收藏按钮 -->
{% if user.is_authenticated %}
<button class="article-favorite-btn {{ article_favorited_class }}"
id="favorite-btn"
data-article-id="{{ article.id }}"
onclick="toggleFavorite()">
<i class="{{ favorite_icon_class }}" id="favorite-icon"></i>
<span id="favorite-text">{{ favorite_text }}</span>
<span id="favorite-count">{{ article.favorite_count }}</span>
</button>
{% else %}
<button class="article-favorite-btn" disabled title="请登录后收藏">
<i class="fa fa-star-o"></i>
<span>收藏</span>
<span id="favorite-count">{{ article.favorite_count }}</span>
</button>
{% endif %}
</div>
{% if article.type == 'a' %}
<nav class="nav-single">
<h3 class="assistive-text">文章导航</h3>
@ -50,3 +196,255 @@
{% block sidebar %}
{% load_sidebar user "p" %}
{% endblock %}
{% block extra_js %}
<script>
console.log('Like script loaded successfully');
function toggleLike() {
console.log('toggleLike function called');
const btn = document.getElementById('like-btn');
const icon = document.getElementById('like-icon');
const text = document.getElementById('like-text');
const count = document.getElementById('like-count');
if (!btn) {
console.error('Like button not found!');
return;
}
const articleId = btn.dataset.articleId;
// 禁用按钮防止重复点击
btn.disabled = true;
// 获取CSRF token
const csrftoken = getCookie('csrftoken');
console.log('Article ID:', articleId);
console.log('CSRF Token:', csrftoken);
console.log('Request URL:', `/article/${articleId}/like/`);
if (!csrftoken) {
console.error('CSRF token not found!');
showMessage('无法获取CSRF token请刷新页面', 'error');
btn.disabled = false;
return;
}
// 发送Ajax请求
fetch(`/article/${articleId}/like/`, {
method: 'POST',
headers: {
'X-CSRFToken': csrftoken,
'Content-Type': 'application/json'
},
credentials: 'same-origin'
})
.then(response => {
console.log('Response status:', response.status);
console.log('Response headers:', response.headers);
if (!response.ok) {
throw new Error(`HTTP error! status: ${response.status}`);
}
return response.json();
})
.then(data => {
console.log('Response data:', data);
if (data.success) {
// 更新UI
if (data.liked) {
// 已点赞状态
btn.classList.add('liked');
icon.className = 'fa fa-heart';
text.textContent = '已点赞';
} else {
// 未点赞状态
btn.classList.remove('liked');
icon.className = 'fa fa-heart-o';
text.textContent = '点赞';
}
// 更新点赞数
count.textContent = data.like_count;
// 显示提示消息
showMessage(data.message, 'success');
} else {
// 错误处理
showMessage(data.message || '操作失败,请稍后再试', 'error');
}
})
.catch(error => {
console.error('Fetch error:', error);
showMessage('网络错误: ' + error.message, 'error');
})
.finally(() => {
// 重新启用按钮
btn.disabled = false;
console.log('Request completed');
});
}
// 收藏功能
function toggleFavorite() {
console.log('toggleFavorite function called');
const btn = document.getElementById('favorite-btn');
const icon = document.getElementById('favorite-icon');
const text = document.getElementById('favorite-text');
const count = document.getElementById('favorite-count');
if (!btn) {
console.error('Favorite button not found!');
return;
}
const articleId = btn.dataset.articleId;
// 禁用按钮防止重复点击
btn.disabled = true;
// 获取CSRF token
const csrftoken = getCookie('csrftoken');
console.log('Article ID:', articleId);
console.log('CSRF Token:', csrftoken);
console.log('Request URL:', `/article/${articleId}/favorite/`);
if (!csrftoken) {
console.error('CSRF token not found!');
showMessage('无法获取CSRF token请刷新页面', 'error');
btn.disabled = false;
return;
}
// 发送Ajax请求
fetch(`/article/${articleId}/favorite/`, {
method: 'POST',
headers: {
'X-CSRFToken': csrftoken,
'Content-Type': 'application/json'
},
credentials: 'same-origin'
})
.then(response => {
console.log('Response status:', response.status);
if (!response.ok) {
throw new Error(`HTTP error! status: ${response.status}`);
}
return response.json();
})
.then(data => {
console.log('Response data:', data);
if (data.success) {
// 更新UI
if (data.favorited) {
// 已收藏状态
btn.classList.add('favorited');
icon.className = 'fa fa-star';
text.textContent = '已收藏';
} else {
// 未收藏状态
btn.classList.remove('favorited');
icon.className = 'fa fa-star-o';
text.textContent = '收藏';
}
// 更新收藏数
count.textContent = data.favorite_count;
// 显示提示消息
showMessage(data.message, 'success');
} else {
// 错误处理
showMessage(data.message || '操作失败,请稍后再试', 'error');
}
})
.catch(error => {
console.error('Fetch error:', error);
showMessage('网络错误: ' + error.message, 'error');
})
.finally(() => {
// 重新启用按钮
btn.disabled = false;
console.log('Request completed');
});
}
// 获取Cookie函数
function getCookie(name) {
let cookieValue = null;
if (document.cookie && document.cookie !== '') {
const cookies = document.cookie.split(';');
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i].trim();
if (cookie.substring(0, name.length + 1) === (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
// 显示提示消息函数
function showMessage(message, type) {
console.log('Showing message:', message, 'type:', type);
// 简单的提示消息实现
const messageDiv = document.createElement('div');
messageDiv.style.cssText = `
position: fixed;
top: 20px;
right: 20px;
padding: 15px 20px;
background-color: ${type === 'success' ? '#28a745' : '#dc3545'};
color: white;
border-radius: 5px;
box-shadow: 0 4px 6px rgba(0,0,0,0.1);
z-index: 9999;
animation: slideIn 0.3s ease;
`;
messageDiv.textContent = message;
document.body.appendChild(messageDiv);
// 3秒后自动消失
setTimeout(() => {
messageDiv.style.animation = 'slideOut 0.3s ease';
setTimeout(() => messageDiv.remove(), 300);
}, 3000);
}
// 添加动画样式
if (!document.getElementById('message-animations')) {
const style = document.createElement('style');
style.id = 'message-animations';
style.textContent = `
@keyframes slideIn {
from { transform: translateX(100%); opacity: 0; }
to { transform: translateX(0); opacity: 1; }
}
@keyframes slideOut {
from { transform: translateX(0); opacity: 1; }
to { transform: translateX(100%); opacity: 0; }
}
`;
document.head.appendChild(style);
}
// 页面加载后检查
document.addEventListener('DOMContentLoaded', function() {
console.log('DOM loaded');
const likeBtn = document.getElementById('like-btn');
if (likeBtn) {
console.log('Like button found:', likeBtn);
console.log('Article ID:', likeBtn.dataset.articleId);
} else {
console.log('Like button NOT found - user might not be logged in');
}
});
</script>
{% endblock %}

218
src/DjangoBlog/templates/share_layout/base.html
Unescape View File

@ -58,12 +58,185 @@
{% endblock %}
{% endcompress %}
<!-- 暗色模式CSS样式 -->
<style>
/* 默认亮色模式变量 */
:root {
--bg-color: #ffffff;
--text-color: #333333;
--header-bg: #f9f9f9;
--nav-bg: #ffffff;
--nav-text: #333333;
--link-color: #21759b;
--border-color: #e5e5e5;
--code-bg: #f5f5f5;
--sidebar-bg: #ffffff;
}
/* 暗色模式变量 */
body.dark-mode {
--bg-color: #1a1a1a;
--text-color: #e0e0e0;
--header-bg: #2d2d2d;
--nav-bg: #2d2d2d;
--nav-text: #e0e0e0;
--link-color: #4a9eff;
--border-color: #404040;
--code-bg: #2d2d2d;
--sidebar-bg: #2d2d2d;
}
/* 应用样式 */
body {
background-color: var(--bg-color);
color: var(--text-color);
transition: background-color 0.3s ease, color 0.3s ease;
}
/* 确保所有主要容器都使用正确的背景色 */
#page {
background-color: var(--bg-color);
}
.wrapper {
background-color: var(--bg-color);
}
#masthead {
background-color: var(--header-bg);
border-bottom: 1px solid var(--border-color);
}
.site-title a,
.site-description {
color: var(--text-color);
}
#site-navigation {
background-color: var(--nav-bg);
border-bottom: 1px solid var(--border-color);
}
.nav-menu a {
color: var(--nav-text);
border-bottom: none;
transition: background-color 0.2s ease;
}
.nav-menu a:hover {
background-color: rgba(0, 0, 0, 0.05);
}
body.dark-mode .nav-menu a:hover {
background-color: rgba(255, 255, 255, 0.1);
}
a {
color: var(--link-color);
}
#primary,
#secondary {
background-color: var(--bg-color);
}
/* 文章列表和文章内容 */
.entry-content,
.comment-content,
.entry-header,
.entry-meta {
color: var(--text-color);
}
article,
.hentry {
background-color: var(--bg-color);
border-color: var(--border-color);
}
.entry-title a {
color: var(--text-color);
}
.entry-title a:hover {
color: var(--link-color);
}
pre,
code {
background-color: var(--code-bg);
border-color: var(--border-color);
color: var(--text-color);
}
.widget-area .widget {
background-color: var(--sidebar-bg);
border: 1px solid var(--border-color);
}
.widget-title {
color: var(--text-color);
}
/* 搜索框和输入框 */
input[type="text"],
input[type="search"],
input[type="email"],
textarea {
background-color: var(--code-bg);
color: var(--text-color);
border-color: var(--border-color);
}
/* 评论区域 */
.comments-area,
.comment-list,
.comment-body {
background-color: var(--bg-color);
border-color: var(--border-color);
}
/* 右上角暗色模式切换按钮 */
.dark-mode-toggle-btn {
position: fixed;
top: 20px;
right: 20px;
z-index: 9999;
width: 50px;
height: 50px;
border-radius: 50%;
background-color: var(--nav-bg);
border: 2px solid var(--border-color);
cursor: pointer;
display: flex;
align-items: center;
justify-content: center;
box-shadow: 0 2px 10px rgba(0, 0, 0, 0.2);
transition: all 0.3s ease;
}
.dark-mode-toggle-btn:hover {
transform: scale(1.1);
box-shadow: 0 4px 15px rgba(0, 0, 0, 0.3);
}
.dark-mode-toggle-btn i {
font-size: 24px;
color: var(--nav-text);
}
</style>
{% if GLOBAL_HEADER %}
{{ GLOBAL_HEADER|safe }}
{% endif %}
</head>
<body class="home blog custom-font-enabled">
<!-- 右上角暗色模式切换按钮 -->
<button class="dark-mode-toggle-btn" onclick="toggleDarkMode()" title="切换亮/暗模式">
<i class="fa fa-moon-o" id="dark-mode-icon"></i>
</button>
<div id="page" class="hfeed site">
<header id="masthead" class="site-header" role="banner">
<hgroup>
@ -103,6 +276,51 @@
<!-- MathJax智能加载器 -->
<script src="{% static 'blog/js/mathjax-loader.js' %}" async defer></script>
<!-- 暗色模式切换JavaScript -->
<script>
// 页面加载时检查本地存储的主题设置
(function() {
const darkMode = localStorage.getItem('darkMode');
const body = document.body;
if (darkMode === 'enabled') {
body.classList.add('dark-mode');
// 等待DOM加载后更新图标
document.addEventListener('DOMContentLoaded', function() {
const icon = document.getElementById('dark-mode-icon');
if (icon) {
icon.className = 'fa fa-sun-o';
}
});
}
})();
// 切换暗色模式函数
function toggleDarkMode() {
const body = document.body;
const icon = document.getElementById('dark-mode-icon');
body.classList.toggle('dark-mode');
if (body.classList.contains('dark-mode')) {
// 启用暗色模式
localStorage.setItem('darkMode', 'enabled');
if (icon) {
icon.className = 'fa fa-sun-o'; // 显示太阳图标(表示可切换到亮色)
}
} else {
// 禁用暗色模式
localStorage.setItem('darkMode', 'disabled');
if (icon) {
icon.className = 'fa fa-moon-o'; // 显示月亮图标(表示可切换到暗色)
}
}
}
</script>
{% block extra_js %}
{% endblock %}
{% block footer %}
{% endblock %}
</body>

11
src/DjangoBlog/templates/share_layout/nav.html
Unescape View File

@ -21,6 +21,17 @@
</li>
{% endfor %}
{% endif %}
<!-- 喜欢和收藏链接 -->
{% if user.is_authenticated %}
<li class="menu-item menu-item-type-taxonomy menu-item-object-category">
<a href="{% url 'blog:my_likes' %}"><i class="fa fa-heart"></i> 我的喜欢</a>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-category">
<a href="{% url 'blog:my_favorites' %}"><i class="fa fa-star"></i> 我的收藏</a>
</li>
{% endif %}
<li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-has-children">
<a href="{% url "blog:archives" %}">{% trans 'Article archive' %}</a>

Write Preview
Loading…
Cancel
Save