PyOne更新2.0版本

README.md

@@ -7,7 +7,7 @@
 3. PyOne适合Python程序猿进行二开
 
 ## 适用onedrive版本 ##
-1. 世纪互联版
+1. 个人版
 2. onedrive商业版
 3. onedrive教育版（需要学校管理员开启权限）
 
@@ -17,4 +17,4 @@
 3. **需要安装redis，MongoDB**
 
 ## 安装教程 ##
-请转移到我的博客查看[安装教程](https://abbeyokgo.github.io/2018/08/16/pyone-onedrive-part1/)
+请转移到我的博客查看[安装教程](https://abbeyok.com/2018/09/23/pyone2-0/)

admin.py

@@ -20,7 +20,7 @@ admin = Blueprint('admin', __name__,url_prefix='/admin')
 
 ############功能函数
 def set(key,value):
-    allow_key=['title','share_path','downloadUrl_timeout','allow_site','password']
+    allow_key=['title','share_path','downloadUrl_timeout','allow_site','password','client_secret','client_id']
     if key not in allow_key:
         return u'禁止修改'
     print 'set {}:{}'.format(key,value)
@@ -39,7 +39,7 @@ def set(key,value):
 ############视图函数
 @admin.before_request
 def before_request():
-    if request.endpoint.startswith('admin') and request.endpoint!='admin.login' and session.get('login') is None:
+    if request.endpoint.startswith('admin') and request.endpoint!='admin.login' and request.endpoint!='admin.install' and session.get('login') is None:
         return redirect(url_for('admin.login'))
 
 
@@ -172,7 +172,7 @@ def edit():
         token=GetToken()
         app_url=GetAppUrl()
         headers={'Authorization':'bearer {}'.format(token)}
-        url=app_url+'_api/v2.0/me/drive/items/{}/content'.format(fileid)
+        url=app_url+'v1.0/me/drive/items/{}/content'.format(fileid)
         try:
             r=requests.put(url,headers=headers,data=content,timeout=10)
             data=json.loads(r.content)
@@ -194,22 +194,24 @@ def edit():
     if language is None:
         language='Text'
     content=_remote_content(fileid)
-    return render_template('admin/edit.html',content=content,fileid=fileid,language=language)
+    return render_template('admin/edit.html',content=content,fileid=fileid,name=name,language=language)
 
 
-@admin.route('/setpass',methods=["GET","POST"])
-def setpass():
+@admin.route('/setFile',methods=["GET","POST"])
+@admin.route('/setFile/<filename>',methods=["GET","POST"])
+def setFile(filename=None):
     if request.method=='POST':
         path=request.form.get('path')
+        filename=request.form.get('filename')
         if not path.startswith('/'):
             path='/'+path
-        remote_file=os.path.join(path,'.password')
+        remote_file=os.path.join(path,filename)
         content=request.form.get('content').encode('utf-8')
         info={}
         token=GetToken()
         app_url=GetAppUrl()
         headers={'Authorization':'bearer {}'.format(token)}
-        url=app_url+'_api/v2.0/me/drive/items/root:{}:/content'.format(remote_file)
+        url=app_url+'v1.0/me/drive/items/root:{}:/content'.format(remote_file)
         try:
             r=requests.put(url,headers=headers,data=content,timeout=10)
             data=json.loads(r.content)
@@ -225,10 +227,10 @@ def setpass():
             info['msg']='超时'
         return jsonify(info)
     path=urllib.unquote(request.args.get('path'))
-    _,fid,i=has_item(path,'.password')
+    _,fid,i=has_item(path,filename)
     if fid!=False:
         return redirect(url_for('admin.edit',fileid=fid))
-    return render_template('admin/setpass.html',path=path)
+    return render_template('admin/setpass.html',path=path,filename=filename)
 
 
 
@@ -271,9 +273,55 @@ def logout():
 
 @admin.route('/reload',methods=['GET','POST'])
 def reload():
+    config_dir='/root/wbm/'
     cmd='supervisorctl -c {} restart pyone'.format(os.path.join(config_dir,'supervisord.conf'))
+    print cmd
     subprocess.Popen(cmd,shell=True)
     flash('正在重启网站...')
     return redirect(url_for('admin.setting'))
 
 
+
+
+###########################################安装
+@admin.route('/install',methods=['POST','GET'])
+def install():
+    if items.count()>0 or os.path.exists(os.path.join(config_dir,'data/token.json')):
+        return redirect('/')
+    if request.method=='POST':
+        step=request.form.get('step',type=int)
+        if step==1:
+            client_secret=request.form.get('client_secret')
+            client_id=request.form.get('client_id')
+            redirect_uri='https://auth.3pp.me'
+            set('client_secret',client_secret)
+            set('client_id',client_id)
+            login_url=LoginUrl.format(client_id=client_id,redirect_uri=redirect_uri)
+            return render_template('admin/install_1.html',client_secret=client_secret,client_id=client_id,login_url=login_url)
+        else:
+            client_secret=request.form.get('client_secret')
+            client_id=request.form.get('client_id')
+            code=request.form.get('code')
+            redirect_uri='https://auth.3pp.me'
+            #授权
+            headers['Content-Type']='application/x-www-form-urlencoded'
+            data=AuthData.format(client_id=client_id,redirect_uri=urllib.quote(redirect_uri),client_secret=client_secret,code=code)
+            url=OAuthUrl
+            r=requests.post(url,data=data,headers=headers)
+            Atoken=json.loads(r.text)
+            if Atoken.get('access_token'):
+                with open(os.path.join(config_dir,'data/Atoken.json'),'w') as f:
+                    json.dump(Atoken,f,ensure_ascii=False)
+                app_url=GetAppUrl()
+                refresh_token=Atoken.get('refresh_token')
+                with open(os.path.join(config_dir,'data/AppUrl'),'w') as f:
+                    f.write(app_url)
+                token=ReFreshToken(refresh_token)
+                with open(os.path.join(config_dir,'data/token.json'),'w') as f:
+                    json.dump(token,f,ensure_ascii=False)
+                return make_response('<h1>授权成功!<a href="/">点击进入首页</a></h1>')
+            else:
+                return jsonify(Atoken)
+    resp=render_template('admin/install_0.html',step=1)
+    return resp
+

config.py

@@ -1,7 +1,7 @@
 #-*- coding=utf-8 -*-
 import os
 
-#限制调用域名。不限制，则设置为：no-referrer;只需要特定域名，比如3pp.me调用，则设置：3pp.me;可以添加多个域名
+#限制调用域名
 allow_site=[u'no-referrer']
 
 #######源码目录
@@ -11,32 +11,18 @@ data_dir=os.path.join(config_dir,'data')
 #######分享目录
 share_path="/"
 
-#onedrive类型设置
-od_type='business' #国际版：bussiness; 世纪互联版：bussiness_21v
-
 #onedrive api设置
-redirect_uri='https://auth.3pp.me/'
-base_dict={
-    'business':{
-        'BaseAuthUrl':'https://login.microsoftonline.com',
-        'ResourceID':'https://api.office.com/discovery/',
-        'client_id':'7f41584d-b8a9-4362-b79e-cd1af45e19a3',
-        'client_secret':' 3CXqrraR8Bvykx7og3sT7EkA8T1QgmAp79P/fHGIjhM=',
-    },
-    'business_21v':{
-        'BaseAuthUrl':'https://login.partner.microsoftonline.cn',
-        'ResourceID':'00000003-0000-0ff1-ce00-000000000000',
-        'client_id':'3102ff3c-ed3f-4056-9c97-3ab67f305344',
-        'client_secret':'2GFqeJoNgyKu2Nc95Lv8r73YJ5IgHdaFrdqBM1EGAI0=',
-        }
-    }
+redirect_uri='https://auth.3pp.me/' #不要修改！
+BaseAuthUrl='https://login.microsoftonline.com'
+client_id=""
+client_secret=""
 
 
 #下载链接过期时间
 downloadUrl_timeout="300"
 
 #onedrive个人页的域名。国际版为com结尾，世纪互联版为cn结尾，最后面一定要带/
-app_url=u'https://ojbkus-my.sharepoint.com/'
+app_url=u'https://graph.microsoft.com/'
 
 #后台密码设置
 password="PyOne"

function.py

@@ -23,44 +23,40 @@ from config import *
 from pymongo import MongoClient,ASCENDING,DESCENDING
 ######mongodb
 client = MongoClient('localhost',27017)
-db=client.one2
+db=client.two
 items=db.items
 
 
 #######授权链接
-base=base_dict[od_type]
-BaseAuthUrl=base['BaseAuthUrl']
-ResourceID=base['ResourceID']
-client_id=base['client_id']
-client_secret=base['client_secret']
+LoginUrl=BaseAuthUrl+'/common/oauth2/v2.0/authorize?response_type=code\
+&client_id={client_id}&redirect_uri={redirect_uri}&scope=offline_access%20files.readwrite.all'
+OAuthUrl=BaseAuthUrl+'/common/oauth2/v2.0/token'
+AuthData='client_id={client_id}&redirect_uri={redirect_uri}&client_secret={client_secret}&code={code}&grant_type=authorization_code'
+ReFreshData='client_id={client_id}&redirect_uri={redirect_uri}&client_secret={client_secret}&refresh_token={refresh_token}&grant_type=refresh_token'
 
-LoginUrl=BaseAuthUrl+'/common/oauth2/authorize?response_type=code\
-&client_id={client_id}&redirect_uri={redirect_uri}'.format(client_id=client_id,redirect_uri=urllib.quote(redirect_uri))
-OAuthUrl=BaseAuthUrl+'/common/oauth2/token'
-AuthData='client_id={client_id}&redirect_uri={redirect_uri}&client_secret={client_secret}&code={code}&grant_type=authorization_code&resource={resource_id}'
-ReFreshData='client_id={client_id}&redirect_uri={redirect_uri}&client_secret={client_secret}&refresh_token={refresh_token}&grant_type=refresh_token&resource={resource_id}'
-
-headers={}
+headers={'User-Agent':'ISV|PyOne|PyOne/2.0'}
 
 def convert2unicode(string):
     return string.encode('utf-8')
 
+def get_value(key):
+    allow_key=['client_secret','client_id']
+    if key not in allow_key:
+        return u'禁止获取'
+    config_path=os.path.join(config_dir,'config.py')
+    with open(config_path,'r') as f:
+        value=re.findall('{}="(.*)"'.format(key),f.read())[0]
+    return value
+    
+
 ################################################################################
 ###################################授权函数#####################################
 ################################################################################
-
-
-def OAuth(code):
-    headers['Content-Type']='application/x-www-form-urlencoded'
-    data=AuthData.format(client_id=client_id,redirect_uri=urllib.quote(redirect_uri),client_secret=client_secret,code=code,resource_id=ResourceID)
-    url=OAuthUrl
-    r=requests.post(url,data=data,headers=headers)
-    return json.loads(r.text)
-
 def ReFreshToken(refresh_token):
-    app_url=GetAppUrl()
+    client_id=get_value('client_id')
+    client_secret=get_value('client_secret')
     headers['Content-Type']='application/x-www-form-urlencoded'
-    data=ReFreshData.format(client_id=client_id,redirect_uri=urllib.quote(redirect_uri),client_secret=client_secret,refresh_token=refresh_token,resource_id=app_url)
+    data=ReFreshData.format(client_id=client_id,redirect_uri=urllib.quote(redirect_uri),client_secret=client_secret,refresh_token=refresh_token)
     url=OAuthUrl
     r=requests.post(url,data=data,headers=headers)
     return json.loads(r.text)
@@ -102,7 +98,7 @@ def GetAppUrl():
         #     print 'token:',token
         #     if token:
         #         header={'Authorization': 'Bearer {}'.format(token)}
-        #         url='https://api.office.com/discovery/v2.0/me/services'
+        #         url='https://api.office.com/discovery/v1.0/me/services'
         #         r=requests.get(url,headers=header)
         #         retdata=json.loads(r.text)
         #         print retdata
@@ -128,7 +124,7 @@ def date_to_char(date):
 def Dir(path=u'/'):
     app_url=GetAppUrl()
     if path=='/':
-        BaseUrl=app_url+u'_api/v2.0/me/drive/root/children?expand=thumbnails'
+        BaseUrl=app_url+u'v1.0/me/drive/root/children?expand=thumbnails'
         items.remove()
         queue=Queue()
         # queue.put(dict(url=BaseUrl,grandid=grandid,parent=parent,trytime=1))
@@ -163,7 +159,7 @@ def Dir(path=u'/'):
             grandid=idx+1
             parent=parent_id
         path=urllib.quote(path)
-        BaseUrl=app_url+u'_api/v2.0/me/drive/root:{}:/children?expand=thumbnails'.format(path)
+        BaseUrl=app_url+u'v1.0/me/drive/root:{}:/children?expand=thumbnails'.format(path)
         queue=Queue()
         # queue.put(dict(url=BaseUrl,grandid=grandid,parent=parent,trytime=1))
         g=GetItemThread(queue)
@@ -226,7 +222,7 @@ class GetItemThread(Thread):
                         if value.get('folder').get('childCount')==0:
                             continue
                         else:
-                            url=app_url+'_api/v2.0/me'+value.get('parentReference').get('path')+'/'+value.get('name')+':/children?expand=thumbnails'
+                            url=app_url+'v1.0/me'+value.get('parentReference').get('path')+'/'+value.get('name')+':/children?expand=thumbnails'
                             self.queue.put(dict(url=url,grandid=grandid+1,parent=item['id'],trytime=1))
                     else:
                         item['type']=GetExt(value['name'])
@@ -257,7 +253,7 @@ class GetItemThread(Thread):
         app_url=GetAppUrl()
         token=GetToken()
         header={'Authorization': 'Bearer {}'.format(token)}
-        url=app_url+u'_api/v2.0/me/drive/root:{}:/'.format(path)
+        url=app_url+u'v1.0/me/drive/root:{}:/'.format(path)
         r=requests.get(url,headers=header)
         data=json.loads(r.content)
         return data
@@ -272,7 +268,7 @@ def UpdateFile():
 def FileExists(filename):
     token=GetToken()
     headers={'Authorization':'bearer {}'.format(token),'Content-Type':'application/json'}
-    search_url=app_url+"_api/v2.0/me/drive/root/search(q='{}')".format(filename)
+    search_url=app_url+"v1.0/me/drive/root/search(q='{}')".format(filename)
     r=requests.get(search_url,headers=headers)
     jsondata=json.loads(r.text)
     if len(jsondata['value'])==0:
@@ -283,7 +279,7 @@ def FileExists(filename):
 def FileInfo(fileid):
     token=GetToken()
     headers={'Authorization':'bearer {}'.format(token),'Content-Type':'application/json'}
-    search_url=app_url+"_api/v2.0/me/drive/items/{}".format(fileid)
+    search_url=app_url+"v1.0/me/drive/items/{}".format(fileid)
     r=requests.get(search_url,headers=headers)
     jsondata=json.loads(r.text)
     return jsondata
@@ -336,13 +332,13 @@ def _file_content(path,offset,length):
 def _upload(filepath,remote_path): #remote_path like 'share/share.mp4'
     token=GetToken()
     headers={'Authorization':'bearer {}'.format(token)}
-    url=app_url+'_api/v2.0/me/drive/root:'+urllib.quote(remote_path)+':/content'
+    url=app_url+'v1.0/me/drive/root:'+urllib.quote(remote_path)+':/content'
     r=requests.put(url,headers=headers,data=open(filepath,'rb'))
     data=json.loads(r.content)
     if data.get('error'):
         print(data.get('error').get('message'))
         return False
-    elif data.get('@content.downloadUrl'):
+    elif data.get('@microsoft.graph.downloadUrl'):
         return data
     else:
         print(data)
@@ -365,7 +361,7 @@ def _upload_part(uploadUrl, filepath, offset, length,trytime=1):
     try:
         r=requests.put(uploadUrl,headers=headers,data=filebin)
         data=json.loads(r.content)
-        if data.get('@content.downloadUrl'):
+        if data.get('@microsoft.graph.downloadUrl'):
             print(u'{} upload success!'.format(filepath))
             return {'status':'success','msg':'all upload success','code':0,'info':data}
         elif r.status_code==202:
@@ -387,9 +383,9 @@ def _upload_part(uploadUrl, filepath, offset, length,trytime=1):
         trytime+=1
         print('error to opreate _upload_part("{}","{}","{}","{}"), try times {}'.format(uploadUrl, filepath, offset, length,trytime))
         if trytime<=3:
-            return {'status':'fail','msg':'please retry','code':2,'trytime':trytime}
+            return {'status':'fail','msg':'please retry','code':2,'trytime':trytime,'sys_msg':''}
         else:
-            return {'status':'fail','msg':'retry times limit','code':3}
+            return {'status':'fail','msg':'retry times limit','code':3,'sys_msg':''}
 
 def _GetAllFile(parent_id="",parent_path="",filelist=[]):
     for f in db.items.find({'parent':parent_id}):
@@ -451,7 +447,7 @@ def AddResource(data):
 def CreateUploadSession(path):
     token=GetToken()
     headers={'Authorization':'bearer {}'.format(token),'Content-Type':'application/json'}
-    url=app_url+'_api/v2.0/me/drive/root:'+urllib.quote(path)+':/createUploadSession'
+    url=app_url+'v1.0/me/drive/root:'+urllib.quote(path)+':/createUploadSession'
     data={
           "item": {
             "@microsoft.graph.conflictBehavior": "rename",
@@ -487,8 +483,8 @@ def UploadSession(uploadUrl, filepath):
         #错误，重试
         elif code==2:
             if result['sys_msg']=='The request has been throttled':
-                print(result['sys_msg']+' ; wait for 180s')
-                time.sleep(180)
+                print(result['sys_msg']+' ; wait for 1800s')
+                time.sleep(1800)
             offset=offset
             trytime=result['trytime']
         #重试超过3次，放弃
@@ -540,7 +536,7 @@ class MultiUpload(Thread):
             Upload(localpath,remote_dir)
 
 
-def UploadDir(local_dir,remote_dir,threads=10):
+def UploadDir(local_dir,remote_dir,threads=5):
     print(u'geting file from dir {}'.format(local_dir))
     localfiles=list_all_files(local_dir)
     print(u'get {} files from dir {}'.format(len(localfiles),local_dir))
@@ -610,7 +606,7 @@ def DeleteRemoteFile(fileid):
     app_url=GetAppUrl()
     token=GetToken()
     headers={'Authorization':'bearer {}'.format(token)}
-    url=app_url+'_api/v2.0/me/drive/items/'+fileid
+    url=app_url+'v1.0/me/drive/items/'+fileid
     r=requests.delete(url,headers=headers)
     if r.status_code==204:
         DeleteLocalFile(fileid)
@@ -623,11 +619,11 @@ def CheckTimeOut(fileid):
     app_url=GetAppUrl()
     token=GetToken()
     headers={'Authorization':'bearer {}'.format(token),'Content-Type':'application/json'}
-    url=app_url+'_api/v2.0/me/drive/items/'+fileid
+    url=app_url+'v1.0/me/drive/items/'+fileid
     r=requests.get(url,headers=headers)
     data=json.loads(r.content)
-    if data.get('@content.downloadUrl'):
-        downloadUrl=data.get('@content.downloadUrl')
+    if data.get('@microsoft.graph.downloadUrl'):
+        downloadUrl=data.get('@microsoft.graph.downloadUrl')
         start_time=time.time()
         for i in range(10000):
             r=requests.head(downloadUrl)

run.py

@@ -84,12 +84,11 @@ def FetchData(path='/',page=1,per_page=50,sortby='lastModtime',order='desc'):
         total=0
     return resp,total
 
-
 def _thunbnail(id):
     app_url=GetAppUrl()
     token=GetToken()
     headers={'Authorization':'bearer {}'.format(token),'Content-type':'application/json'}
-    url=app_url+'_api/v2.0/me/drive/items/{}/thumbnails/0?select=large'.format(id)
+    url=app_url+'v1.0/me/drive/items/{}/thumbnails/0?select=large'.format(id)
     r=requests.get(url,headers=headers)
     data=json.loads(r.content)
     if data.get('large').get('url'):
@@ -109,24 +108,24 @@ def _getdownloadurl(id):
         return downloadUrl
     else:
         headers={'Authorization':'bearer {}'.format(token),'Content-type':'application/json'}
-        url=app_url+'_api/v2.0/me/drive/items/'+id
+        url=app_url+'v1.0/me/drive/items/'+id
         r=requests.get(url,headers=headers)
         data=json.loads(r.content)
-        if data.get('@content.downloadUrl'):
-            return data.get('@content.downloadUrl')
+        if data.get('@microsoft.graph.downloadUrl'):
+            return data.get('@microsoft.graph.downloadUrl')
         else:
             return False
 
 
 def GetDownloadUrl(id):
-    if rd.exists('downloadUrl:{}'.format(id)):
-        downloadUrl,ftime=rd.get('downloadUrl:{}'.format(id)).split('####')
+    if rd.exists('downloadUrl2:{}'.format(id)):
+        downloadUrl,ftime=rd.get('downloadUrl2:{}'.format(id)).split('####')
         if time.time()-int(ftime)>=600:
             print('{} downloadUrl expired!'.format(id))
             downloadUrl=_getdownloadurl(id)
             ftime=int(time.time())
             k='####'.join([downloadUrl,str(ftime)])
-            rd.set('downloadUrl:{}'.format(id),k)
+            rd.set('downloadUrl2:{}'.format(id),k)
         else:
             print('get {}\'s downloadUrl from cache'.format(id))
             downloadUrl=downloadUrl
@@ -135,7 +134,7 @@ def GetDownloadUrl(id):
         downloadUrl=_getdownloadurl(id)
         ftime=int(time.time())
         k='####'.join([downloadUrl,str(ftime)])
-        rd.set('downloadUrl:{}'.format(id),k)
+        rd.set('downloadUrl2:{}'.format(id),k)
     return downloadUrl
 
 
@@ -205,7 +204,8 @@ def has_item(path,name):
     try:
         if path=='/':
             if items.find_one({'grandid':0,'name':name}):
-                item=_remote_content(items.find_one({'grandid':0,'name':name})['id']).strip()
+                fid=items.find_one({'grandid':0,'name':name})['id']
+                item=_remote_content(fid).strip()
         else:
             route=path.split('/')
             pid=0
@@ -283,98 +283,73 @@ def before_request():
     print '{}:{}:{}'.format(request.endpoint,ip,ua)
     referrer=request.referrer if request.referrer is not None else 'no-referrer'
 
-
 @app.route('/<path:path>',methods=['POST','GET'])
 @app.route('/',methods=['POST','GET'])
 def index(path='/'):
     if path=='favicon.ico':
         return redirect('https://www.baidu.com/favicon.ico')
-    code=request.args.get('code')
-    if code is not None:
-        Atoken=OAuth(code)
-        if Atoken.get('access_token'):
-            with open('data/Atoken.json','w') as f:
-                json.dump(Atoken,f,ensure_ascii=False)
-            app_url=GetAppUrl()
-            refresh_token=Atoken.get('refresh_token')
-            with open('data/AppUrl','w') as f:
-                f.write(app_url)
-            token=ReFreshToken(refresh_token)
-            with open('data/token.json','w') as f:
-                json.dump(token,f,ensure_ascii=False)
-            return make_response('<h1>授权成功!<a href="/">点击进入首页</a></h1>')
+    if items.count()==0:
+        if not os.path.exists(os.path.join(config_dir,'data/token.json')):
+            return redirect(url_for('admin.install',step=0))
         else:
-            return jsonify(Atoken)
+            subprocess.Popen('python {} UpdateFile'.format(os.path.join(config_dir,'function.py')),shell=True)
+            return make_response('<h1>正在更新数据!</h1>')
+    #参数
+    page=request.args.get('page',1,type=int)
+    image_mode=request.args.get('image_mode')
+    sortby=request.args.get('sortby')
+    order=request.args.get('order')
+    #是否有密码
+    password,_,cur=has_item(path,'.password')
+    md5_p=md5(path)
+    has_verify_=has_verify(path)
+    if request.method=="POST":
+        password1=request.form.get('password')
+        if password1==password:
+            resp=make_response(redirect(url_for('.index',path=path)))
+            resp.delete_cookie(md5_p)
+            resp.set_cookie(md5_p,password)
+            return resp
+    if password!=False:
+        if (not request.cookies.get(md5_p) or request.cookies.get(md5_p)!=password) and has_verify_==False:
+            return render_template('password.html',path=path)
+    #设置cookies
+    if image_mode:
+        image_mode=request.args.get('image_mode',type=int)
     else:
-        if items.count()==0:
-            if not os.path.exists('data/token.json'):
-                html='''
-                <h1><a href="{}" target="_blank">点击授权账号</a></h1><br>
-                <form action="" method="get">
-                    <input type="text" name="code" placeholder="输入验证码并验证">
-                    <input type="submit" name="提交验证">
-                </form>
-                '''
-                return make_response(html.format(LoginUrl))
-            else:
-                subprocess.Popen('python {} UpdateFile'.format(os.path.join(config_dir,'function.py')),shell=True)
-                return make_response('<h1>正在更新数据!</h1>')
-        #参数
-        page=request.args.get('page',1,type=int)
-        image_mode=request.args.get('image_mode')
+        image_mode=request.cookies.get('image_mode') if request.cookies.get('image_mode') is not None else 0
+        image_mode=int(image_mode)
+    if sortby:
         sortby=request.args.get('sortby')
+    else:
+        sortby=request.cookies.get('sortby') if request.cookies.get('sortby') is not None else 'lastModtime'
+        sortby=sortby
+    if order:
         order=request.args.get('order')
-        #是否有密码
-        password,_,cur=has_item(path,'.password')
-        md5_p=md5(path)
-        has_verify_=has_verify(path)
-        if request.method=="POST":
-            password1=request.form.get('password')
-            if password1==password:
-                resp=make_response(redirect(url_for('.index',path=path)))
-                resp.delete_cookie(md5_p)
-                resp.set_cookie(md5_p,password)
-                return resp
-        if password!=False:
-            if (not request.cookies.get(md5_p) or request.cookies.get(md5_p)!=password) and has_verify_==False:
-                return render_template('password.html',path=path)
-        #设置cookies
-        if image_mode:
-            image_mode=request.args.get('image_mode',type=int)
-        else:
-            image_mode=request.cookies.get('image_mode') if request.cookies.get('image_mode') is not None else 0
-            image_mode=int(image_mode)
-        if sortby:
-            sortby=request.args.get('sortby')
-        else:
-            sortby=request.cookies.get('sortby') if request.cookies.get('sortby') is not None else 'lastModtime'
-            sortby=sortby
-        if order:
-            order=request.args.get('order')
-        else:
-            order=request.cookies.get('order') if request.cookies.get('order') is not None else 'desc'
-            order=order
-        # README
-        ext='Markdown'
-        readme,_,i=has_item(path,'README.md')
-        if readme==False:
-            readme,_,i=has_item(path,'readme.md')
-        if readme==False:
-            ext='Text'
-            readme,_,i=has_item(path,'readme.txt')
-        if readme==False:
-            ext='Text'
-            readme,_,i=has_item(path,'README.txt')
-        if readme!=False:
-            readme=markdown.markdown(readme)
-        #参数
-        resp,total = FetchData(path=path,page=page,per_page=50,sortby=sortby,order=order)
-        pagination=Pagination(query=None,page=page, per_page=50, total=total, items=None)
-        resp=make_response(render_template('index.html',pagination=pagination,items=resp,path=path,image_mode=image_mode,readme=readme,ext=ext,sortby=sortby,order=order,endpoint='.index'))
-        resp.set_cookie('image_mode',str(image_mode))
-        resp.set_cookie('sortby',str(sortby))
-        resp.set_cookie('order',str(order))
-        return resp
+    else:
+        order=request.cookies.get('order') if request.cookies.get('order') is not None else 'desc'
+        order=order
+    # README
+    ext='Markdown'
+    readme,_,i=has_item(path,'README.md')
+    if readme==False:
+        readme,_,i=has_item(path,'readme.md')
+    if readme==False:
+        ext='Text'
+        readme,_,i=has_item(path,'readme.txt')
+    if readme==False:
+        ext='Text'
+        readme,_,i=has_item(path,'README.txt')
+    if readme!=False:
+        readme=markdown.markdown(readme)
+    #参数
+    resp,total = FetchData(path=path,page=page,per_page=50,sortby=sortby,order=order)
+    pagination=Pagination(query=None,page=page, per_page=50, total=total, items=None)
+    resp=make_response(render_template('index.html',pagination=pagination,items=resp,path=path,image_mode=image_mode,readme=readme,ext=ext,sortby=sortby,order=order,endpoint='.index'))
+    resp.set_cookie('image_mode',str(image_mode))
+    resp.set_cookie('sortby',str(sortby))
+    resp.set_cookie('order',str(order))
+    return resp
 
 
 @app.route('/file/<fileid>',methods=['GET','POST'])
@@ -406,16 +381,16 @@ def show(fileid):
     else:
         if 'no-referrer' in allow_site:
             downloadUrl=GetDownloadUrl(fileid)
-            return redirect(downloadUrl)
-        if sum([i in referrer for i in allow_site])>0:
+            resp=redirect(downloadUrl)
+            return resp
+        elif sum([i in referrer for i in allow_site])>0:
             downloadUrl=GetDownloadUrl(fileid)
-            if ext in ['mp4','webm','avi','mpg', 'mpeg', 'rm', 'rmvb', 'mov', 'wmv', 'mkv', 'asf']:
-                downloadUrl=downloadUrl.replace('thumbnail','videomanifest')+'&part=index&format=dash&useScf=True&pretranscode=0&transcodeahead=0'
             return redirect(downloadUrl)
         else:
             return abort(404)
 
 
+
 ######################注册应用
 from admin import admin as admin_blueprint
 app.register_blueprint(admin_blueprint)

templates/admin/install_0.html

@@ -0,0 +1,44 @@
+{%extends 'layout.html'%}
+{% import '_macro.html' as macros %}
+
+{%block content%}
+<div class="mdui-container-fluid">
+    <div class="mdui-typo">
+      <h1>系统安装 <small>应用ID和机密</small></h1>
+    </div>
+
+    <div class="mdui-typo">
+      <h4 class="doc-article-title">
+        填入<code>client_id</code>和<code>client_secret</code>,
+        <a href="https://apps.dev.microsoft.com/?referrer=https%3a%2f%2fdeveloper.microsoft.com%2fzh-cn%2fgraph%2fquick-start#/quickstart/graphIO?publicClientSupport=false&appName=PyOne&redirectUrl=https:%2F%2Fauth.3pp.me&allowImplicitFlow=false&ru=https:%2F%2Fdeveloper.microsoft.com%2Fzh-cn%2Fgraph%2Fquick-start%3FappID%3D_appId_%26appName%3D_appName_%26redirectUrl%3Dhttps:%2F%2Fauth.3pp.me%26platform%3Doption-php" target="_blank" class="mdui-btn mdui-color-theme-accent mdui-ripple"><i class="mdui-icon material-icons">&#xe89e;</i> 获取应用ID和机密(分两个页面显示，请注意保存)</a>
+      </h4>
+    </div>
+
+    <form action="{{url_for('admin.install')}}" method="post">
+        <div class="mdui-textfield mdui-textfield-floating-label">
+            <i class="mdui-icon material-icons">https</i>
+            <label class="mdui-textfield-label">应用机密(client secret)</label>
+            <input type="text" type="text" class="mdui-textfield-input" name="client_secret" required"/>
+            <div class="mdui-textfield-error">应用机密不能为空</div>
+        </div>
+        <br>
+        <div class="mdui-textfield mdui-textfield-floating-label">
+            <i class="mdui-icon material-icons">&#xe5c3;</i>
+            <label class="mdui-textfield-label">应用 ID(client_id)</label>
+            <input type="text" class="mdui-textfield-input" name="client_id" required"/>
+            <div class="mdui-textfield-error">应用 ID不能为空</div>
+        </div>
+        <input type="hidden" name="step" value="1">
+        <br>
+        <br>
+     <button class="mdui-btn mdui-color-theme-accent mdui-ripple mdui-float-right" type="submit">下一步</button>
+    </form>
+    <div class="mdui-typo">
+        <h4>示例，分别获取client_secret和client_id</h4>
+    <img src="http://wx4.sinaimg.cn/large/0060lm7Tly1fvja29hhvsj30zy0a9758.jpg">
+    <img src="http://wx3.sinaimg.cn/large/0060lm7Tly1fvja29hmx2j31ca0edt9u.jpg">
+    </div>
+
+    
+</div>
+{%endblock content%}

templates/admin/install_1.html

@@ -0,0 +1,33 @@
+{%extends 'layout.html'%}
+{% import '_macro.html' as macros %}
+
+{%block content%}
+<div class="mdui-container-fluid">
+    <div class="mdui-typo">
+      <h1>系统安装 <small>绑定账号</small></h1>
+    </div>
+
+    <div class="mdui-typo">
+        <h4>步骤1：绑定账号，获取code</h4>
+    </div>
+      
+    <div class="mdui-typo">
+        <h4>步骤2：输入code，结束绑定</h4>
+    <a href="{{login_url}}" class="mdui-btn mdui-color-theme-accent mdui-ripple mdui-float-right" target="_blank">1. 绑定账号</a>
+     <form action="{{url_for('admin.install')}}" method="post">
+         <div class="mdui-textfield mdui-textfield-floating-label">
+             <i class="mdui-icon material-icons">https</i>
+             <label class="mdui-textfield-label">code</label>
+             <input type="text" type="text" class="mdui-textfield-input" name="code" required"/>
+             <div class="mdui-textfield-error">code不能为空</div>
+         </div>
+         <input type="hidden" name="step" value="2">
+         <input type="hidden" name="client_id" value="{{client_id}}">
+         <input type="hidden" name="client_secret" value="{{client_secret}}">
+         <br>
+         <br>
+      <button class="mdui-btn mdui-color-theme-accent mdui-ripple mdui-float-right" type="submit">2. 结束绑定</button>
+     </form>
+    </div>
+</div>
+{%endblock content%}