Gecko [ www.jdcpatala.org ]

Name	Size	Permission
__pycache__	[ DIR ]	drwxr-xr-x
btdockerModelV2	[ DIR ]	drwxr-xr-x
crontabModelV2	[ DIR ]	drwxr-xr-x
databaseModelV2	[ DIR ]	drwxr-xr-x
firewallModelV2	[ DIR ]	drwxr-xr-x
logsModelV2	[ DIR ]	drwxr-xr-x
monitorModelV2	[ DIR ]	drwxr-xr-x
panelModelV2	[ DIR ]	drwxr-xr-x
power_mta	[ DIR ]	drwxr-xr-x
projectModelV2	[ DIR ]	drwxr-xr-x
safeModelV2	[ DIR ]	drwxr-xr-x
safe_warning_v2	[ DIR ]	drwxr-xr-x
ssl_domainModelV2	[ DIR ]	drwxr-xr-x
virtualModelV2	[ DIR ]	drwxr-xr-x
wp_toolkit	[ DIR ]	drwxr-xr-x
acme_v3.py	133.98 KB	-rw-r--r--
ajax_v2.py	95.41 KB	-rw-r--r--
apache_v2.py	17.28 KB	-rw-r--r--
backup_bak_v2.py	24.86 KB	-rw-r--r--
breaking_through.py	47.94 KB	-rw-r--r--
cloud_stora_upload_v2.py	19.27 KB	-rw-r--r--
common_v2.py	12.45 KB	-rw-r--r--
config_v2.py	165.36 KB	-rw-r--r--
crontab_ssl_v2.py	1.85 KB	-rw-r--r--
crontab_v2.py	111.93 KB	-rw-r--r--
data_v2.py	36.54 KB	-rw-r--r--
database_v2.py	125.54 KB	-rw-r--r--
datatool_v2.py	5.83 KB	-rw-r--r--
db_mysql_v2.py	11.41 KB	-rw-r--r--
db_v2.py	11.04 KB	-rw-r--r--
dk_db.py	18.34 KB	-rw-r--r--
download_file_v2.py	2.54 KB	-rw-r--r--
fastcgi_client_two_v2.py	12.26 KB	-rw-r--r--
fastcgi_client_v2.py	6.89 KB	-rw-r--r--
file_execute_deny_v2.py	10.34 KB	-rw-r--r--
files_v2.py	149.12 KB	-rw-r--r--
firewall_new_v2.py	22.4 KB	-rw-r--r--
firewalld_v2.py	11.09 KB	-rw-r--r--
firewalls_v2.py	17.44 KB	-rw-r--r--
flask_compress_v2.py	5.12 KB	-rw-r--r--
flask_sockets_v2.py	3.75 KB	-rw-r--r--
ftp_log_v2.py	21.72 KB	-rw-r--r--
ftp_v2.py	16.17 KB	-rw-r--r--
http_requests_v2.py	24.25 KB	-rw-r--r--
jobs_v2.py	36.98 KB	-rw-r--r--
letsencrypt_v2.py	12.85 KB	-rw-r--r--
log_analysis_v2.py	12.23 KB	-rw-r--r--
monitor_v2.py	13.53 KB	-rw-r--r--
one_key_wp_v2.py	75.79 KB	-rw-r--r--
panelControllerV2.py	4.97 KB	-rw-r--r--
panelDatabaseControllerV2.py	5.76 KB	-rw-r--r--
panelDockerControllerV2.py	5.86 KB	-rw-r--r--
panelFireControllerV2.py	4.65 KB	-rw-r--r--
panelModControllerV2.py	5.13 KB	-rw-r--r--
panelProjectControllerV2.py	6.07 KB	-rw-r--r--
panelSafeControllerV2.py	4.65 KB	-rw-r--r--
panel_api_v2.py	10.43 KB	-rw-r--r--
panel_auth_v2.py	33.21 KB	-rw-r--r--
panel_backup_v2.py	102.56 KB	-rw-r--r--
panel_dns_api_v2.py	22.2 KB	-rw-r--r--
panel_http_proxy_v2.py	11.33 KB	-rw-r--r--
panel_lets_v2.py	43.61 KB	-rw-r--r--
panel_mssql_v2.py	4.48 KB	-rw-r--r--
panel_mysql_v2.py	7.55 KB	-rw-r--r--
panel_php_v2.py	24.78 KB	-rw-r--r--
panel_ping_v2.py	2.88 KB	-rw-r--r--
panel_plugin_v2.py	125.11 KB	-rw-r--r--
panel_push_v2.py	23.78 KB	-rw-r--r--
panel_redirect_v2.py	34.02 KB	-rw-r--r--
panel_restore_v2.py	11.04 KB	-rw-r--r--
panel_site_v2.py	343.73 KB	-rw-r--r--
panel_ssl_v2.py	75.34 KB	-rw-r--r--
panel_task_v2.py	28.7 KB	-rw-r--r--
panel_video_V2.py	1.88 KB	-rw-r--r--
panel_warning_v2.py	68.71 KB	-rw-r--r--
password_v2.py	8.09 KB	-rw-r--r--
plugin_auth_v2.py	3.14 KB	-rw-r--r--
plugin_deployment_v2.py	28.85 KB	-rw-r--r--
san_baseline_v2.py	51.13 KB	-rw-r--r--
site_dir_auth_v2.py	17.67 KB	-rw-r--r--
ssh_security_v2.py	45.66 KB	-rw-r--r--
ssh_terminal_v2.py	58.86 KB	-rw-r--r--
system_v2.py	44.77 KB	-rw-r--r--
userRegister_v2.py	6.74 KB	-rw-r--r--
user_login_v2.py	21.2 KB	-rw-r--r--
vilidate_v2.py	4.94 KB	-rw-r--r--
wxapp_v2.py	5.62 KB	-rw-r--r--

Code Editor : wxapp_v2.py

# coding: utf-8
# +-------------------------------------------------------------------
# | aaPanel
# +-------------------------------------------------------------------
# | Copyright (c) 2015-2019 aaPanel(www.aapanel.com) All rights reserved.
# +-------------------------------------------------------------------
# | Author: hwliang <hwl@aapanel.com>
# +-------------------------------------------------------------------
import os
import sys
if not 'class/' in sys.path:
    sys.path.insert(0,'class/')
import public
import json
import time
import uuid
from BTPanel import session,cache,request

class wxapp():

def __init__(self):
        self.app_path = '/www/server/panel/data/'
        self.app_path_p = '/www/server/panel/plugin/app/'

def _check(self, get):
        if get['fun'] in ['set_login', 'is_scan_ok', 'login_qrcode']:
            return True
        return public.returnMsg(False, public.lang("Unauthorized"))

# 验证是否扫码成功
    def is_scan_ok(self, get):
        if os.path.exists(self.app_path+"app_login_check.pl"):
            try:
                key, init_time, tid, status = public.readFile(self.app_path+'app_login_check.pl').split(':')
                if time.time() - float(init_time) > 60:
                    return public.returnMsg(False, public.lang("QR code expired"))
                session_id = public.get_session_id()
                if cache.get(session_id) == public.md5(uuid.UUID(int=uuid.getnode()).hex):
                    return public.returnMsg(True, public.lang("Scan QRCORE successfully"))
            except:
                os.remove(self.app_path + "app_login_check.pl")
                return public.returnMsg(False, public.lang(""))
        return public.returnMsg(False, public.lang(""))

# 返回二维码地址
    def login_qrcode(self, get):
        tid = public.GetRandomString(32)
        qrcode_str = 'https://app.bt.cn/app.html?&panel_url='+public.getPanelAddr()+'&v=' + public.GetRandomString(3)+'?login&tid=' + tid
        data = public.get_session_id() + ':' + str(time.time()) + ':' + tid + ':' + tid
        public.writeFile(self.app_path + "app_login_check.pl", data)
        cache.set(tid,public.get_session_id(),360)
        cache.set(public.get_session_id(),tid,360)
        return public.returnMsg(True, qrcode_str)

# 设置登录状态
    def set_login(self, get):
        session_id = public.get_session_id()
        if cache.get(session_id):
            if cache.get(session_id) == public.md5(uuid.UUID(int=uuid.getnode()).hex):
                return self.check_app_login(get)
            else:
                cache.delete(cache.get(session_id))
                cache.delete(session_id)
                return public.returnMsg(False, public.lang("Login failed 2"))
        return public.returnMsg(False, public.lang("Login failed 1"))

#验证APP是否登录成功
    def check_app_login(self,get):
        #判断是否存在绑定
        btapp_info = json.loads(public.readFile('/www/server/panel/config/api.json'))
        if not btapp_info:return public.returnMsg(False, public.lang("Unbound!"))
        if not btapp_info['open']:return public.returnMsg(False, public.lang("API is not turned on"))
        if not 'apps' in btapp_info:return public.returnMsg(False, public.lang("Unbound phone"))
        if not btapp_info['apps']:return public.returnMsg(False, public.lang("Unbound phone"))
        try:
            session_id=public.get_session_id()
            if not os.path.exists(self.app_path+'app_login_check.pl'):return public.returnMsg(False, public.lang("Waiting for APP scan code login 1"))
            data = public.readFile(self.app_path+'app_login_check.pl')
            public.ExecShell('rm ' + self.app_path+"app_login_check.pl")
            secret_key, init_time, tid, status = data.split(':')
            if len(session_id)!=64:return public.returnMsg(False, public.lang("Waiting for APP scan code login 2"))
            if len(secret_key)!=64:return public.returnMsg(False, public.lang("Waiting for APP scan code login 2"))
            if  session_id != secret_key:
                    return public.returnMsg(False, public.lang("QR code expired"))
            if time.time() - float(init_time) > 60:
                return public.returnMsg(False, public.lang("Waiting for APP scan code login"))
            import uuid
            if status != uuid.UUID(int=uuid.getnode()).hex[-12:]: return public.returnMsg(False, public.lang("当前二维码失效222"))
            cache.delete(session_id)
            cache.delete(tid)
            userInfo = public.M('users').where("id=?",(1,)).field('id,username').find()
            session['login'] = True
            session['username'] = userInfo['username']
            session['tmp_login'] = True
            public.WriteLog('Login','APP scan code login, account: {}, login IP: {}'.format(userInfo['username'],public.GetClientIp()+ ":" + str(request.environ.get('REMOTE_PORT'))))
            cache.delete('panelNum')
            cache.delete('dologin')
            session['session_timeout'] = time.time() + public.get_session_timeout()
            login_type = 'data/app_login.pl'
            self.set_request_token()
            import config
            config.config().reload_session()
            public.writeFile(login_type,'True')
            public.login_send_body("aaPanel Mobile",userInfo['username'],public.GetClientIp(),str(request.environ.get('REMOTE_PORT')))
            return public.returnMsg(True, public.lang("login successful!"))
        except:
            return public.returnMsg(False, public.lang("Login failed 2"))
    #生成request_token
    def set_request_token(self):
        session['request_token_head'] = public.GetRandomString(48)

${this.title}

Code Editor : wxapp_v2.py