Merge pull request #401 from midoks/dev

0.13.6
midoks · Apr 3, 2023 · 9bc9944 · 9bc9944
2 parents e1820ad + 9e4c2b1
commit 9bc9944
Show file tree

Hide file tree

Showing 11 changed files with 235 additions and 19 deletions.
diff --git a/README.md b/README.md
@@ -99,10 +99,10 @@ docker run -itd --name mw-server --privileged=true -p 7200:7200 -p 80:80 -p 443:
 ```
 
 
-### 版本更新 0.13.5
+### 版本更新 0.13.6
 
-* 添加邮件通知功能。
-* 修复初始安装脚本。
+* 修复初始化安装，缺少解压命令。
+* 加入aes加密/解密方法。
 
 ### JSDelivr安装地址
 

diff --git a/class/core/config_api.py b/class/core/config_api.py
@@ -27,7 +27,7 @@
 
 class config_api:
 
-    __version = '0.13.5'
+    __version = '0.13.6'
     __api_addr = 'data/api.json'
 
     def __init__(self):

diff --git a/class/core/mw.py b/class/core/mw.py
@@ -23,11 +23,13 @@
 import datetime
 import subprocess
 import glob
-
+import base64
 import re
-import db
+
 from random import Random
 
+import db
+
 
 def execShell(cmdstring, cwd=None, timeout=None, shell=True):
 
@@ -776,6 +778,133 @@ def deDoubleCrypt(key, strings):
         return strings
 
 
+def aesEncrypt(data, key='ABCDEFGHIJKLMNOP', vi='0102030405060708'):
+    # aes加密
+    # @param data 被加密的数据
+    # @param key 加解密密匙 16位
+    # @param vi 16位
+
+    from cryptography.hazmat.primitives import padding
+    from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
+    from cryptography.hazmat.backends import default_backend
+
+    if not isinstance(data, bytes):
+        data = data.encode()
+
+    # AES_CBC_KEY = os.urandom(32)
+    # AES_CBC_IV = os.urandom(16)
+
+    AES_CBC_KEY = key.encode()
+    AES_CBC_IV = vi.encode()
+
+    # print("AES_CBC_KEY:", AES_CBC_KEY)
+    # print("AES_CBC_IV:", AES_CBC_IV)
+
+    padder = padding.PKCS7(algorithms.AES.block_size).padder()
+    padded_data = padder.update(data) + padder.finalize()
+
+    cipher = Cipher(algorithms.AES(AES_CBC_KEY),
+                    modes.CBC(AES_CBC_IV),
+                    backend=default_backend())
+    encryptor = cipher.encryptor()
+
+    edata = encryptor.update(padded_data)
+
+    # print(edata)
+    # print(str(edata))
+    # print(edata.decode())
+    return edata
+
+
+def aesDecrypt(data, key='ABCDEFGHIJKLMNOP', vi='0102030405060708'):
+    # aes加密
+    # @param data 被解密的数据
+    # @param key 加解密密匙 16位
+    # @param vi 16位
+
+    from cryptography.hazmat.primitives import padding
+    from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
+    from cryptography.hazmat.backends import default_backend
+
+    from cryptography.hazmat.primitives import padding
+    from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
+    from cryptography.hazmat.backends import default_backend
+
+    if not isinstance(data, bytes):
+        data = data.encode()
+
+    AES_CBC_KEY = key.encode()
+    AES_CBC_IV = vi.encode()
+
+    cipher = Cipher(algorithms.AES(AES_CBC_KEY),
+                    modes.CBC(AES_CBC_IV),
+                    backend=default_backend())
+    decryptor = cipher.decryptor()
+
+    ddata = decryptor.update(data)
+
+    unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
+    data = unpadder.update(ddata)
+
+    try:
+        uppadded_data = data + unpadder.finalize()
+    except ValueError:
+        raise Exception('无效的加密信息!')
+
+    return uppadded_data
+
+
+def aesEncrypt_Crypto(data, key, vi):
+    # 该方法保留，暂时不使用
+    # aes加密
+    # @param data 被加密的数据
+    # @param key 加解密密匙 16位
+    # @param vi 16位
+
+    from Crypto.Cipher import AES
+    cryptor = AES.new(key.encode('utf8'), AES.MODE_CBC, vi.encode('utf8'))
+    # 判断是否含有中文
+    zhmodel = re.compile(u'[\u4e00-\u9fff]')
+    match = zhmodel.search(data)
+    if match == None:
+        # 无中文时
+        add = 16 - len(data) % 16
+        pad = lambda s: s + add * chr(add)
+        data = pad(data)
+        enctext = cryptor.encrypt(data.encode('utf8'))
+    else:
+        # 含有中文时
+        data = data.encode()
+        add = 16 - len(data) % 16
+        data = data + add * (chr(add)).encode()
+        enctext = cryptor.encrypt(data)
+    encodestrs = base64.b64encode(enctext).decode('utf8')
+    return encodestrs
+
+
+def aesDecrypt_Crypto(data, key, vi):
+    # 该方法保留，暂时不使用
+    # aes加密
+    # @param data 被加密的数据
+    # @param key 加解密密匙 16位
+    # @param vi 16位
+
+    from crypto.Cipher import AES
+    data = data.encode('utf8')
+    encodebytes = base64.urlsafe_b64decode(data)
+    cipher = AES.new(key.encode('utf8'), AES.MODE_CBC, vi.encode('utf8'))
+    text_decrypted = cipher.decrypt(encodebytes)
+    # 判断是否含有中文
+    zhmodel = re.compile(u'[\u4e00-\u9fff]')
+    match = zhmodel.search(text_decrypted)
+    if match == False:
+        # 无中文时补位
+        unpad = lambda s: s[0:-s[-1]]
+        text_decrypted = unpad(text_decrypted)
+    text_decrypted = text_decrypted.decode('utf8').rstrip()  # 去掉补位的右侧空格
+    return text_decrypted
+
+
 def buildSoftLink(src, dst, force=False):
     '''
     建立软连接

diff --git a/class/core/vip_api.py b/class/core/vip_api.py
@@ -0,0 +1,39 @@
+# coding:utf-8
+
+# ---------------------------------------------------------------------------------
+# MW-Linux面板
+# ---------------------------------------------------------------------------------
+# copyright (c) 2018-∞(https://github.com/midoks/mdserver-web) All rights reserved.
+# ---------------------------------------------------------------------------------
+# Author: midoks <[email protected]>
+# ---------------------------------------------------------------------------------
+
+# ---------------------------------------------------------------------------------
+# VIP用户管理
+# ---------------------------------------------------------------------------------
+
+import mw
+
+from flask import request
+
+
+class vip_api:
+
+    def __init__(self):
+        pass
+
+    def loginApi(self):
+        username = request.form.get('username', '')
+        password = request.form.get('password', '')
+
+        print(username, password)
+
+        password = mw.aesEncrypt(
+            password, 'ABCDEFGHIJKLMNOP', '0102030405060708')
+
+        print(password)
+
+        p = mw.aesDecrypt(password, 'ABCDEFGHIJKLMNOP', '0102030405060708')
+        print(p)
+
+        return mw.returnJson(False, "测试中!")
diff --git a/data/vip/readme.md b/data/vip/readme.md
@@ -0,0 +1 @@
+存放VIP关键数据
diff --git a/plugins/tgbot/startup/extend/push_notice_msg.py b/plugins/tgbot/startup/extend/push_notice_msg.py
@@ -76,7 +76,12 @@ def send_msg(bot, tag='ad', trigger_time=300):
     markup = types.InlineKeyboardMarkup(keyboard)
 
     msg_notice = "由于在解决的问题的时候，不给信息，无法了解情况。以后不再群里回答技术问题。全部去论坛提问。在解决问题的过程中，可能需要面板信息，和SSH信息，如无法提供请不要提问。为了让群里都知晓。轮播一年！\n"
-    msg_notice += "为了不打扰双方，私聊解决问题先转100U，否则无视!"
+    msg_notice += "为了不打扰双方，私聊解决问题先转100U，否则无视!\n"
+    msg_notice += "现阶段3件事:\n"
+    msg_notice += "* 炒币\n"
+    msg_notice += "* 量化交易\n"
+    msg_notice += "* MW-VIP系统开发\n"
+    msg_notice += "至少1年时间都没空。非诚勿扰!"
     msg = bot.send_message(chat_id, msg_notice, reply_markup=markup)
 
     # print(msg.message_id)

diff --git a/plugins/tgbot/startup/tgbot.py b/plugins/tgbot/startup/tgbot.py
@@ -173,13 +173,6 @@ def botPushOther():
         time.sleep(1)
 
 
-def setDaemon(t):
-    if sys.version_info.major == 3 and sys.version_info.minor >= 10:
-        t.daemon = True
-    else:
-        t.setDaemon(True)
-
-
 def runBot(bot):
     try:
         bot.polling()

diff --git a/route/__init__.py b/route/__init__.py
@@ -548,7 +548,7 @@ def index(reqClass=None, reqAction=None, reqData=None):
 
     # API请求
     classFile = ('config_api', 'crontab_api', 'files_api', 'firewall_api',
-                 'plugins_api', 'system_api', 'site_api', 'task_api')
+                 'plugins_api', 'system_api', 'site_api', 'task_api', 'vip_api')
     className = reqClass + '_api'
     if not className in classFile:
         return "api error request"

diff --git a/route/static/app/config.js b/route/static/app/config.js
@@ -86,6 +86,55 @@ $('input[name="bind_ssl"]').click(function(){
 /** op **/
 
 
+// VIP -- start
+function setVipInfo(){
+	layer.open({
+		type: 1,
+		area: "400px",
+		title: 'VIP登录',
+		closeBtn: 1,
+		shift: 5,
+		btn:["登录","关闭"],
+		shadeClose: false,
+		content: "<div class='bt-form pd20'>\
+				<div class='line'>\
+					<span class='tname'>用户名</span>\
+					<div class='info-r'><input class='bt-input-text' type='text' name='username' value='' style='width:85%' autocomplete='off'/></div>\
+				</div>\
+				<div class='line'>\
+					<span class='tname'>密码</span>\
+					<div class='info-r'><input class='bt-input-text' type='password' name='password' value='' style='width:85%' autocomplete='off'/></div>\
+				</div>\
+			</div>",
+		yes:function(index){
+			var pdata = {};
+
+			pdata['username'] = $('input[name="username"]').val();
+			pdata['password'] = $('input[name="password"]').val();
+
+			if (pdata['username'] == ''){
+				layer.msg('用户名不能为空!', {icon:2});
+				return false;
+			}
+
+			if (pdata['password'] == ''){
+				layer.msg('密码不能为空!', {icon:2});
+				return false;
+			}
+
+			$.post('/vip/login',{'username':pdata['username'], 'password':pdata['password']},function(rdata){
+				showMsg(rdata.msg, function(){
+					if (rdata.status){
+						layer.close(index);
+					}
+				},{icon:rdata.status?1:2},2000);
+			},'json');
+		},
+	});
+}
+// VIP -- end
+
+
 //关闭面板
 function closePanel(){
 	layer.confirm('关闭面板会导致您无法访问面板 ,您真的要关闭Linux面板吗？',{title:'关闭面板',closeBtn:2,icon:13,cancel:function(){

diff --git a/route/templates/default/config.html b/route/templates/default/config.html
@@ -175,12 +175,11 @@
 			<div class="setting-con pd15">
 				<p class="mtb15">
 					<span class="set-tit text-right" title="用户登录" style="float: left;">用户登录</span>
-						<input id="cfg_login" name="cfg_login" onclick="" class="btswitch btswitch-ios" type="checkbox">
+						<input id="cfg_login" name="cfg_login" onclick="" class="btswitch btswitch-ios" type="checkbox" disabled>
 						<label class="btswitch-btn ml5" for="cfg_login" style="float: left;margin-top:4px;"></label>
-	                <button ype="button" class="btn btn-default btn-xs" style="vertical-align: middle; margin-left: 10px" onclick="">绑定</button>
-					<span class="set-info c7">【<b style="color:red;">请勿使用</b>】(开发中)</span>
+	                <button ype="button" class="btn btn-default btn-xs" style="vertical-align: middle; margin-left: 10px" onclick="setVipInfo();">绑定</button>
+					<span class="set-info c7">【<b style="color:red;">请勿使用</b>】测试版(开发中)</span>
 				</p>
-
 			</div> -->
 		</div>
 	</div>

diff --git a/scripts/install.sh b/scripts/install.sh
@@ -90,6 +90,7 @@ if [ $OSNAME != "macos" ];then
 			rm -rf /tmp/mdserver-web-master
 		else
 			curl --insecure -sSLo /tmp/master.zip https://code.midoks.me/midoks/mdserver-web/archive/master.zip
+			cd /tmp && unzip /tmp/master.zip
 			mv -f /tmp/mdserver-web /www/server/mdserver-web
 			rm -rf /tmp/master.zip
 			rm -rf /tmp/mdserver-web