所谓的社工库可能是最简单的web项目了,没有登录、注册、权限等逻辑,当然这里只是最简单的那种。今天拿这个为例聊下前后端分离项目的结构。
下面是Github上搜到的别人开源社工库项目https://github.com/Leezj9671/socialdb_vue_flask,socialdb_vue_flask,同样只是技术说明,不提供数据,并做了下小修改:添加了级联搜索,多进程并发写入数据库
环境:前端 Nodejs Vue
后端 Python Flask
数据库 MongoDB
常规小的web项目,比如Flask + Bootstrap,不同的是可以前后端约定后接口后分别独立开发调试,然后部署整合成一个项目
原作者的前端页面
后端接口
api_main.py
'''
api
存在问题:
- 并发请求时,且前一请求正在查询会导致卡死
'''
import time
from pymongo import MongoClient
from flask import Flask, request, jsonify, redirect, url_for
from flask_restful import Api, Resource, reqparse
from conf.config import MongoDBConfig
app = Flask(__name__)
client = MongoClient(MongoDBConfig.g_server_ip, MongoDBConfig.g_server_port)
db = client[MongoDBConfig.g_db_name]
def response_cors(data=None, datacnts=None, status=None):
'''为返回的json格式进行跨域请求'''
if data:
resp = jsonify({
"status": status, "data": data, "datacounts": datacnts})
else:
resp = jsonify({
"status": status})
resp.headers['Access-Control-Allow-Origin'] = '*'
return resp
class Person(Resource):
'''人员类'''
def get(self, user=None, email=None, password=None, passwordHash=None, source=None, xtime=None):
# 该处可能存在安全问题,做出限制会更好
# print(user)
parser = reqparse.RequestParser()
parser.add_argument('limit', type=int, help='Show [limitn] datas in one page')
parser.add_argument('skip', type=int, help='Skip [skipn] datas')
args = parser.parse_args()
limitn = 10 if args['limit'] is None else args['limit']
skipn = 0 if args['skip'] is None else args['skip']
# data用于存储获取到的信息
data = []
datacnts = 0
# 待改进
if user:
persons_info = db.person.find({
"user": {
"$regex": user, "$options": "$i"}}, {
"_id": 0}).limit(limitn).skip(
skipn)
datacnts = db.person.find({
"user": {
"$regex": user, "$options": "$i"}}, {
"_id": 0}).count()
elif email:
persons_info = db.person.find({
"email": {
"$regex": email, "$options": "$i"}}, {
"_id": 0}).limit(
limitn).skip(skipn)
datacnts = db.person.find({
"email": {
"$regex": email, "$options": "$i"}}, {
"_id": 0}).count()
elif password:
persons_info = db.person.find({
"password": {
"$regex": password, "$options": "$i"}}, {
"_id": 0}).limit(
limitn).skip(skipn)
datacnts = db.person.find({
"password": {
"$regex": password, "$options": "$i"}}, {
"_id": 0}).count()
elif passwordHash:
persons_info = db.person.find({
"passwordHash": {
"$regex": passwordHash, "$options": "$i"}},
{
"_id": 0}).limit(limitn).skip(skipn)
datacnts = db.person.find({
"passwordHash": {
"$regex": passwordHash, "$options": "$i"}}, {
"_id": 0}).count()
# elif source:
# persons_info = db.person.find({"source": {"$regex": source, "$options":"$i"}}, {"_id": 0}).limit(limitn).skip(skipn)
# elif xtime:
# persons_info = db.person.find({"xtime": {"$regex": xtime, "$options":"$i"}}, {"_id": 0}).limit(limitn).skip(skipn)
else:
# 限制只能查询10个
persons_info = db.person.find({
}, {
"_id": 0, "update_time": 0}).limit(10)
for person in persons_info:
data.append(person)
# 判断有无数据返回
if data:
return response_cors(data, datacnts, "ok")
else:
return response_cors(data, datacnts, "not found")
def post(self):
'''
以json格式进行提交文档
'''
data = request.get_json()
if not data:
return {
"response": "ERROR DATA"}
else:
user = data.get('user')
email = data.get('email')
if user and email:
if db.person.find_one({
"user": user, "email": email}, {
"_id": 0}):
return {
"response": "{
{} {} already exists.".format(user, email)}
else:
data.create_time = time.strftime('%Y%m%d', time.localtime(time.time()))
db.person.insert(data)
else:
return redirect(url_for("person"))
# 暂时关闭高危操作
# def put(self, user, email):
# '''
# 根据user和email进行定位更新数据
# '''
# data = request.get_json()
# db.person.update({'user': user, 'email': email},{'$set': data},)
# return redirect(url_for("person"))
# def delete(self, email):
# '''
# email作为唯一值, 对其进行删除
# '''
# db.person.remove({'email': email})
# return redirect(url_for("person"))
class Info(Resource):
'''个人信息类'''
def get(self, id=None, name=None, sex=None, qq=None, phonenumber