提测版本

server/www/teleport/app_bootstrap.py

 # -*- coding: utf-8 -*-
 
 import os
+import socket
 import sys
 
 sys.path.append(os.path.join(os.path.abspath(os.path.dirname(__file__)), 'webroot'))
 
 
+def current_ip():
+    s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+    s.connect(("8.8.8.8", 80))
+    ip = s.getsockname()[0]
+    s.close()
+    return ip
+
+
+class Consul(object):
+    def __init__(self, url):
+        self._url = url
+
+    @property
+    def url(self):
+        return "{}/v1/agent/service/register".format(self._url)
+
+    def register_device(self, name, addr, port: int):
+        data = {
+            "ID": "{}".format(name),
+            "Name": name,
+            "Address": addr,
+            "Port": int(port),
+        }
+        header = {"Authorization": "Basic  bWljcm8tY29uc3VsLWFnZW50OjEyMzQ1Ng=="}
+        from app.base.logger import log
+        log.i(self.url)
+        log.i(data)
+        import requests
+        resp = requests.put(self.url, headers=header, json=data)
+        log.i('register_device %s %s', resp.status_code, resp.text)
+        return resp.status_code == 200
+
+
 def main():
     from app.app_env import PATH_APP_ROOT, PATH_DATA
     from app.base.webapp import tp_web_app
     _web_app = tp_web_app()
     if not _web_app.init(PATH_APP_ROOT, PATH_DATA):
         return 1
-
+    # from app.base.configs import tp_cfg
+    # cfg = tp_cfg()
+    # consul_host = cfg.plugin.consul
+    # Consul(consul_host).register_device('micro-remote', current_ip(), 7190)
     return _web_app.run()
 
 

server/www/teleport/view/page_single_base.mako

@@ -13,7 +13,7 @@
     <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
     <meta content="yes" name="apple-mobile-web-app-capable">
     <meta content="black-translucent" name="apple-mobile-web-app-status-bar-style">
-    <title>${self.attr.page_title_}::TELEPORT</title>
+    <title>${self.attr.page_title_}::micro-remote</title>
     <link rel="shortcut icon" href="${ static_url('favicon.png') }">
 
     <link href="${ static_url('plugins/bootstrap/css/bootstrap.min.css') }" rel="stylesheet" type="text/css"/>

server/www/teleport/webroot/app/base/configs.py

@@ -316,7 +316,8 @@ class AppConfig(BaseAppConfig):
         return [
             {'common': ['ip', 'port', 'log-file', 'log-level', 'debug-mode', 'core-server-rpc']},
             {'database': ['type', 'sqlite-file', 'mysql-host', 'mysql-port', 'mysql-db', 'mysql-prefix', 'mysql-user',
-                          'mysql-password']}
+                          'mysql-password']},
+            {"plugin": ["core_host", "consul"]}
         ]
 
     def _on_load(self, cfg_parser):
@@ -389,6 +390,16 @@ class AppConfig(BaseAppConfig):
         if _tmp_str is not None:
             self.set_kv('database::mysql-password', _tmp_str)
 
+        _sec = cfg_parser['plugin']
+
+        _tmp_str = _sec.get('core_host', None)
+        if _tmp_str is not None:
+            self.set_kv('plugin::core_host', _tmp_str)
+
+        _tmp_str = _sec.get('consul', None)
+        if _tmp_str is not None:
+            self.set_kv('plugin::consul', _tmp_str)
+
         _log_file, ok = self.get_str('common::log-file')
         if ok and _log_file:
             self.log_path = os.path.abspath(os.path.dirname(_log_file))
@@ -459,7 +470,7 @@ class AppConfig(BaseAppConfig):
         if conf_data is None:
             log.w('system default config info is empty.\n')
             # return True
-        
+
         # =====================================
         # 全局设置相关
         # =====================================
@@ -472,7 +483,7 @@ class AppConfig(BaseAppConfig):
         self.sys.glob = tp_convert_to_attr_dict(_glob)
         if not self.sys.glob.is_exists('url_proto'):
             self.sys.glob.url_proto = False
-        
+
         # =====================================
         # 密码策略相关
         # =====================================

server/www/teleport/webroot/app/controller/__init__.py

@@ -292,9 +292,10 @@ controllers = [
     # 绑定支付宝账户
     (r'/plugin/bind_pay_account', plugin.BindPayAccountHandler),
     # 账户状态
-    (r'/plugin/account_status', plugin.AccountStatusHandler),
+    (r'/micro_remote/plugin/account_status', plugin.AccountStatusHandler),
     # 账户账户密码获取
-    (r'/plugin/account_info', plugin.AccountInfoHandler),
+
+    (r'/micro_remote/plugin/account_info', plugin.AccountInfoHandler),
 
     # websocket for real-time information
     # ws-client call 'http://ip:7190/ws/action/'

server/www/teleport/webroot/app/controller/plugin.py

@@ -7,8 +7,9 @@ import socket
 import hashlib
 import time
 
-from pyDes import des, CBC, PAD_PKCS5
 import binascii
+import traceback
+
 import requests
 from concurrent.futures import ThreadPoolExecutor
 from tornado.escape import json_decode, json_encode
@@ -17,13 +18,16 @@ import tornado.web
 from app.base.controller import TPBaseHandler
 from app.base.logger import *
 from app.const import TP_PRIVILEGE_ASSET_CREATE, TPE_PARAM, TPE_OK, TPE_JSON_FORMAT, TP_AUTH_TYPE_PASSWORD, \
-    TP_AUTH_TYPE_PRIVATE_KEY, TPE_EXISTS, TPE_FAILED, TPE_NOT_EXISTS
+    TP_AUTH_TYPE_PRIVATE_KEY, TPE_EXISTS, TPE_FAILED, TPE_NOT_EXISTS, TPE_DATABASE
 from app.model import plugin
 from app.model.plugin import free_host
+from app.base.configs import tp_cfg
+from pyDes import des, CBC, PAD_PKCS5
 
 
 # todo 间歇性 ERROR:tornado.application:Uncaught exception
 
+
 def current_ip():
     s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
     s.connect(("8.8.8.8", 80))
@@ -106,14 +110,18 @@ class TPBasePluginHandler(TPBaseHandler):
                 '_is_login': False
             }
         self._user = _user
-
+        log.i("请求ip:{}\n".format(self.request.remote_ip))
         if not self.control_ip(self.request.remote_ip):
+            log.i("")
             raise tornado.web.HTTPError(404)
 
     def get_payload(self):
         log.i(self.request.body)
-        log.i("\n")
-        return json_decode(self.request.body)
+        log.i("{} {}\n".format(self.request.method, self.request.uri))
+        try:
+            return json_decode(self.request.body)
+        except:
+            raise tornado.web.HTTPError(500)
 
     def check_ip(self, props):
         ip = props.get("ip", "")
@@ -127,6 +135,8 @@ class TPBasePluginHandler(TPBaseHandler):
         if ip == '127.0.0.1' or items == self.outer_ip.split(".")[:2] or items == self.local_ip.split(".")[:2]:
             return True
         else:
+            if self.query("acc", "id", {"ip": ip}):
+                return True
             return False
 
     def finish_json(self, code, msg="成功", data: list = None):
@@ -181,6 +191,15 @@ class UpdateHostHandler(TPBasePluginHandler):
 
         os_type, host_id, app_id, status = self.param_get(props, ['os_type', 'host_id', 'app_id', 'status'], 0)
         ip, username, password, name, desc = self.param_get(props, ['ip', 'username', 'password', 'name', 'desc', ], '')
+        password = password.replace("*", "")
+        try:
+            os_type = int(os_type)
+            host_id = int(host_id)
+            # app_id = int(app_id)
+            status = int(status)
+        except:
+            self.finish_json(1001, "参数传递异常，请检查请求参数")
+            return
 
         # “res”:1,“ec”:”0”,“msg”:”成功”
         if not os_type or not ip or not username or not password:
@@ -245,12 +264,25 @@ class UpdateHostHandler(TPBasePluginHandler):
 
         os_type, host_id, status = self.param_get(props, ['os_type', 'host_id', 'status'], 0)
         ip, username, password, name, desc = self.param_get(props, ['ip', 'username', 'password', 'name', 'desc', ], '')
+        password = password.replace("*", "")
+        try:
+            os_type = int(os_type)
+            host_id = int(host_id)
+            status = int(status)
+        except:
+            self.finish_json(1001, "参数传递异常，请检查请求参数")
+            return
 
         # “res”:1,“ec”:”0”,“msg”:”成功”
-        if not os_type or not ip or not username:
+        if not os_type or not ip or not username or not host_id:
             self.finish_json(1001, "缺少必要参数异常")
             return
 
+        old_ip = self.query('remote_host', 'ip', {"id": host_id})
+        if old_ip != ip:
+            self.finish_json(1001, "主机IP不可修改")
+            return
+
         assets_num = self.generate_assets_num(ip, os_type)
 
         url = "http://127.0.0.1:7190/asset/update-host"
@@ -269,14 +301,12 @@ class UpdateHostHandler(TPBasePluginHandler):
             self.finish_json(1003, "修改主机异常")
             return
 
-        acc_id = plugin.query("acc", ["id"], {"host_id": host_id, "username": username})
+        acc_id = self.query("acc", "id", {"host_id": host_id, "username": username})
 
         if not acc_id:
             self.finish_json(1011, "未发现该服务器信息")
             return
 
-        acc_id = acc_id[0].get("id", 0)
-
         url = "http://127.0.0.1:7190/asset/update-account"
 
         args = {"args": json.dumps({"host_id": host_id, "acc_id": acc_id,
@@ -293,15 +323,21 @@ class UpdateHostHandler(TPBasePluginHandler):
             self.finish_json(1004, "添加服务器账户异常")
             return
 
-        acc_id = resp.get("data")
-
         args = {"os_type": os_type, "ip": ip, "username": username, "password": "", "name": name, "remark": desc,
-                "id": host_id, "assets_num": "", "status": status}
+                "id": host_id, "assets_num": assets_num, "status": status}
 
         # 调用更新接口
         err = plugin.update_host(self, args)
+
         # 已经存在数据库
-        self.finish_json(0, "成功")
+        if err == TPE_NOT_EXISTS:
+            self.finish_json(1001, "修改服务器不存在")
+        elif err == TPE_DATABASE:
+            self.finish_json(1001, "修改服务器失败")
+        elif err == TPE_FAILED:
+            self.finish_json(1001, "服务器禁用不可修改")
+        else:
+            self.finish_json(0, "成功")
 
 
 class GetHostListHandler(TPBasePluginHandler):
@@ -312,6 +348,15 @@ class GetHostListHandler(TPBasePluginHandler):
                                                                 0)
         ip, search = self.param_get(props, ['ip', 'search', ], '')
 
+        try:
+            os_type = int(os_type)
+            status = int(status)
+            page_index = int(page_index)
+            page_size = int(page_size)
+        except:
+            self.finish_json(1001, "参数传递异常，请检查请求参数")
+            return
+
         sql_limit = dict()
         sql_limit['page_index'] = page_index - 1 if page_index - 1 > 0 else 0
         sql_limit['per_page'] = page_size
@@ -326,31 +371,47 @@ class GetHostListHandler(TPBasePluginHandler):
         for item in row_data:
             item['desc'] = item.pop("remark", "")
             item['host_id'] = item.pop("id", 0)
+            item['create_time'] = item.get("create_time", 0) * 1000
+            item['password'] = '******'
             # 绑定详情
-            item['bind'] = plugin.get_bind_info(item['host_id'])
+            bind = plugin.get_bind_info(item['host_id'])
+            if bind:
+                bind[0]['password'] = '******'
+            item['bind'] = bind
 
         self.finish_json(0, data=row_data)
 
 
 class GetHostInfoHandler(TPBasePluginHandler):
     async def post(self):
-        props = self.get_payload()
-        host_id = props.get("host_id") or 0
-        mch_no = props.get("mch_no") or ""
-
-        err, host_info = plugin.get_account_info(host_id=host_id, mch_no=mch_no)
-        if err != TPE_OK:
-            if mch_no and not host_id:
-                # 商家平台 通过商户请求
-                self.finish_json(0, data=[])
-            else:
-                self.finish_json("1004", msg="设备信息获取异常")
-            return
+        try:
+            props = self.get_payload()
+            host_id = props.get("host_id") or 0
+            mch_no = props.get("mch_no") or ""
+
+            try:
+                host_id = int(host_id)
+            except:
+                self.finish_json(1001, "参数传递异常，请检查请求参数")
+                return
+
+            err, host_info = plugin.get_account_info(host_id=host_id, mch_no=mch_no)
+            if err != TPE_OK:
+                if mch_no and not host_id:
+                    # 商家平台 通过商户请求
+                    self.finish_json(0, data=[])
+                else:
+                    self.finish_json("1004", msg="设备信息获取异常")
+                return
 
-        host_info['desc'] = host_info.pop("remark", "")
-        host_info['host_id'] = host_info.pop("id", 0)
+            host_info['password'] = '*******'
+            host_info['desc'] = host_info.pop("remark", "")
+            host_info['host_id'] = host_info.pop("id", 0)
 
-        self.finish_json(0, data=[host_info])
+            self.finish_json(0, data=[host_info])
+        except:
+            info = traceback.format_exc()
+            log.e("设备详情，异常信息：{}".format(info))
 
 
 class GetSessionInfoHandler(TPBasePluginHandler):
@@ -368,6 +429,12 @@ class GetSessionInfoHandler(TPBasePluginHandler):
         username = props.get("username") or ""
         password = props.get("password") or ""
 
+        try:
+            host_id = int(host_id)
+        except:
+            self.finish_json(1001, "参数传递异常，请检查请求参数")
+            return
+
         if not host_id and not mch_no and not (ip and username and password):
             self.finish_json(1001, "缺少必要参数异常")
             return
@@ -377,7 +444,16 @@ class GetSessionInfoHandler(TPBasePluginHandler):
             url = "http://127.0.0.1:7190/plugin/update_host"
             resp = await self.request_api(url, json=data)
 
+        if not mch_no and not ip and not host_id:
+            self.finish_json(1001, "请求信息异常，请检查参数")
+            return
+
         err, info, host_id = plugin.get_session_info(host_id, mch_no, ip)
+
+        if err == TPE_NOT_EXISTS:
+            self.finish_json(1002, "未发现请求主机信息")
+            return
+
         url = "http://127.0.0.1:7190/ops/get-session-id"
 
         args = {"args": json.dumps(
@@ -389,7 +465,11 @@ class GetSessionInfoHandler(TPBasePluginHandler):
 
         if isinstance(resp, dict):
             ip = ip or plugin.get_host_ip(host_id)
-            resp = {"teleport_ip": "172.30.10.104", "teleport_port": 52089, "remote_host_ip": ip,
+
+            cfg = tp_cfg()
+            core_host = cfg.plugin.core_host
+            # log.i("core_host:{}".format(core_host))
+            resp = {"teleport_ip": core_host, "teleport_port": 52089, "remote_host_ip": ip,
                     "session_id": resp.get("data", {}).get("session_id"), "protocol_type": 1, "protocol_sub_type": 100,
                     "protocol_flag": resp.get("data", {}).get("protocol_flag"), "rdp_width": 0, "rdp_height": 0,
                     "rdp_console": False}
@@ -413,7 +493,7 @@ class BindPayAccountHandler(TPBasePluginHandler):
 
         user_id = resp.get("data", 0) or self.query("user", "id", {"username": str(biz_id)})
 
-        url = "http://172.30.10.104:7190/ops/policy/update"
+        url = "http://127.0.0.1:7190/ops/policy/update"
         args = {"args": json.dumps({"id": -1, "name": str(biz_id), "desc": ""})}
         # 创建权限组
         resp = await self.request_api(url, args)
@@ -421,16 +501,16 @@ class BindPayAccountHandler(TPBasePluginHandler):
         policy_id = resp.get("data", 0) or self.query("ops_policy", "id", {"name": str(biz_id)})
 
         # 运维权限
-        url = "http://172.30.10.104:7190/ops/policy/add-members"
+        url = "http://127.0.0.1:7190/ops/policy/add-members"
         args = {"args": json.dumps(
             {"policy_id": policy_id, "type": 0, "rtype": 1, "members": [{"id": user_id, "name": str(biz_id)}]})}
         resp = await self.request_api(url, args)
 
         ip = self.query("host", 'ip', {"id": host_id})
 
-        url = "http://172.30.10.104:7190/ops/policy/add-members"
+        url = "http://127.0.0.1:7190/ops/policy/add-members"
         args = {"args": json.dumps(
-            {"policy_id": policy_id, "type": 1, "rtype": 5, "members": [{"id": host_id, "name": ip}]})}
+            {"policy_id": policy_id, "type": 1, "rtype": 5, "members": [{"id": host_id, "name": ip}]}).encode()}
         resp = await self.request_api(url, args)
 
     def allot_ip(self, host_assigned, ip, username, password):
@@ -448,33 +528,49 @@ class BindPayAccountHandler(TPBasePluginHandler):
 
         comp_id, biz_id, host_assigned, host_id = \
             self.param_get(props, ['comp_id', 'biz_id', 'host_assigned', 'host_id'], 0)
-        host_assigned = int(host_assigned)
+
+        try:
+            host_assigned = int(host_assigned)
+            host_id = int(host_id)
+            comp_id = int(comp_id)
+            biz_id = int(biz_id)
+        except:
+            self.finish_json(1001, "参数传递异常，请检查请求参数")
+            return
+
         ip, username, host_password, account, password, mch_no \
             = self.param_get(props, ['ip', 'username', 'host_password', 'account', 'password', 'mch_no'], "")
+        password = password.replace("*", "")
+        host_password = host_password.replace("*", "")
 
-        if not biz_id or not mch_no or not comp_id or not account or not password:
+        if not biz_id or not mch_no or not comp_id or not account:
             self.finish_json(1001, "缺少必要参数异常：biz_id,mch_no")
             return
 
         # not host_id and not host_assigned and (not ip or not username or not host_password)
-        if not host_id and not host_assigned and (not ip or not username or not host_password):
+        if not host_id and not host_assigned and (not ip or not username):
             self.finish_json(1001, "手动分配，缺少必要参数异常：ip,username,password")
             return
 
         if not host_id:
             if int(host_assigned) == 1:
+                # 查询已分配过的主机
+                host_id = self.query("remote_account_host_bind", "host_id", {"mch_no": mch_no})
                 # 自动分配功能
-                err, info = free_host()
-                if err == TPE_OK:
-                    host_id = info
-                else:
-                    self.finish_json(1010, "未发现空闲主机")
-                    return
+                if not host_id:
+                    err, info = free_host()
+                    if err == TPE_OK:
+                        host_id = info
+                    else:
+                        self.finish_json(1010, "未发现空闲主机")
+                        return
             else:
-                data = {"ip": ip, "os_type": 1, "username": username, "password": host_password}
-                url = "http://127.0.0.1:7190/plugin/update_host"
-                resp = await self.request_api(url, json=data)
-                host_id = resp.get("data", 0) or self.query("host", 'id', {"ip": ip})
+                if host_password:
+                    data = {"ip": ip, "os_type": 1, "username": username, "password": host_password}
+                    url = "http://127.0.0.1:7190/plugin/update_host"
+                    resp = await self.request_api(url, json=data)
+                    host_id = resp.get("data", 0)
+                host_id = host_id or self.query("host", 'id', {"ip": ip})
 
         if not host_id:
             self.finish_json(1010, "无法找到对应主机信息")
@@ -485,20 +581,30 @@ class BindPayAccountHandler(TPBasePluginHandler):
 
         id = self.query("remote_account_host_bind", "id", {"host_id": host_id, "mch_no": mch_no})
 
-        password = des_encrypt(password)
+        password = des_encrypt(password).decode()
+        args = {"mch_no": mch_no, "comp_id": comp_id, "host_id": host_id, "host_assigned": host_assigned,
+                "account_source": 1, "account": account, "password": password, "login_status": 0, "mch_name": "",
+                "biz_id": biz_id, "ip": ip, "host_password": host_password, "username": username}
+
+        log.i("id:{}".format(id))
         # xiugai
         if id:
-            args = {"mch_no": mch_no, "comp_id": comp_id, "host_id": host_id, "host_assigned": host_assigned,
-                    "account_source": 1, "account": account, "password": password, "login_status": 0, "mch_name": ""}
-            err = plugin.update_account_host_bind(self, args)
+            old_account = self.query('remote_account_host_bind', "account", {"id": id})
+            if account != old_account:
+                self.finish_json(1011, "不允许修改绑定账户")
+                return
 
+            err = plugin.update_account_host_bind(self, args)
             if err == TPE_FAILED:
                 self.finish_json(1011, "不允许修改公司资质")
             elif err == TPE_NOT_EXISTS:
                 self.finish_json(1012, "设备不存在")
             elif err == TPE_OK:
                 self.finish_json(0)
+            return
 
+        if not password:
+            self.finish_json(1001, "缺少必要参数异常：password")
             return
 
         args['password'] = password
@@ -510,6 +616,8 @@ class BindPayAccountHandler(TPBasePluginHandler):
             self.finish_json(1011, "不可跨资质绑定")
         elif err == TPE_NOT_EXISTS:
             self.finish_json(1011, "绑定设备不存在")
+        elif err == TPE_DATABASE:
+            self.finish_json(1011, "绑定账户异常，请检查请求参数")
         else:
             self.finish_json(0)
 
@@ -532,6 +640,8 @@ class BindPayAccountHandler(TPBasePluginHandler):
         ip, username, host_password, account, password, mch_no \
             = self.param_get(props, ['ip', 'username', 'host_password', 'account', 'password', 'mch_no'], "")
 
+        password = password.replace("*", "")
+
         host_id = host_id or self.query('remote_account_host_bind', 'host_id', {"mch_no": mch_no})
         if not host_id:
             self.finish_json(1010, "未发现对应主机信息")
@@ -579,6 +689,7 @@ class AccountInfoHandler(TPBasePluginHandler):
     async def post(self):
         prop = self.get_payload()
         info = prop.get("info") or ""
+        info1 = prop.get("info1") or ""
         timestamp = prop.get("timestamp")
 
         if not timestamp:
@@ -587,11 +698,10 @@ class AccountInfoHandler(TPBasePluginHandler):
 
         # md5 (key + timestamp)[:8]
         key = md5('{}{}'.format(KEY, timestamp))[:8]
-        info = des_descrypt(info, key)
-        info = info.decode()
-        # ip = en
+        info = des_descrypt(info, key).decode()
+        info1 = des_descrypt(info1, key).decode()
         if info:
-            host_id = self.query('host', 'id', {"ip": info})
+            host_id = self.query('host', 'id', {"ip": info}) or self.query('host', 'id', {"ip": info1})
             accounts = plugin.query('remote_account_host_bind', ['account', 'password'],
                                     {"account_source": 1, "host_id": host_id})
             info = {k: v for account in accounts for k, v in account.items()}