my-dev
/
uploader-bot
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: my-dev:master
Branches Tags
my-dev:master
my-dev:relayers
my-dev:routing_fix
my-dev:tests
my-dev:review
my-dev:locazia/dev
...
pull from: my-dev:routing_fix
Branches Tags
my-dev:master
my-dev:relayers
my-dev:routing_fix
my-dev:tests
my-dev:review
my-dev:locazia/dev

43 Commits
master ... routing_fi

Author SHA1 Message Date
root 2f071e5df8 fixes routing 2025-08-16 03:03:39 +00:00
root d7333bc11d server commit 2025-08-14 09:30:03 +00:00
user cad0f6aebe fixes global 2025-08-08 09:14:18 +03:00
user 13dc4f39c8 fixes 2025-07-28 12:45:04 +03:00
user 82261671a1 fix 2025-07-28 09:26:43 +03:00
user 0ce6e263e5 fix reqs 2025-07-28 09:12:35 +03:00
user c07ec3b2ec update 2025-07-28 08:46:32 +03:00
user 34d39a8580 update 2025-07-27 22:38:34 +03:00
user 274c8f1f09 fixes 2025-07-27 03:12:33 +03:00
user 8b68b0f1e3 fix sh 2025-07-26 21:15:26 +03:00
user 3aa15b6c7e fix sh 2025-07-26 20:55:07 +03:00
user 6ff645c2e6 fix sh 2025-07-26 08:13:42 +03:00
user 5d49eee98a fix sh 2025-07-26 07:08:33 +03:00
user fb63a5c381 fix sh 2025-07-25 18:38:07 +03:00
user 62fdd16eed fix sh 2025-07-25 17:01:43 +03:00
user 1661dea57c fix sh 2025-07-25 16:38:17 +03:00
user 80c489a5bd fix sh 2025-07-25 16:23:19 +03:00
user ecaa2ad132 fix sh 2025-07-25 15:42:44 +03:00
user 47db638ea6 docs / script 2025-07-25 15:36:24 +03:00
user 5a158222d7 edit scripts 2025-07-14 22:22:21 +03:00
user 1b0dfdafbc upd 2025-07-11 06:46:33 +03:00
user 373c832e71 fixes 2025-07-07 08:24:25 +03:00
user 85b35a943e new fix 2025-07-07 07:37:49 +03:00
user 305225721d new fixes 2025-07-07 07:33:07 +03:00
user 56c45365c6 fix 2025-07-05 20:46:32 +03:00
user 4ec12873bd йй 2025-07-05 20:42:58 +03:00
user 597066b28a fix 2025-07-05 20:39:52 +03:00
user 3ca560c3e2 new shs 2025-07-05 20:33:07 +03:00
user c8e1d5046c REFACTORING DIRECTORIES 2025-07-05 20:02:00 +03:00
user c645019380 fix issues sh 2025-07-05 19:51:03 +03:00
user 1e7f5eb196 diagnosis sh 2025-07-05 17:40:54 +03:00
user 3613ed4962 add diagnose 2025-07-05 13:26:14 +03:00
user 19805ff308 update dockefile 2025-07-05 08:25:42 +03:00
user cb5d3c04ad fix req 2025-07-05 08:23:55 +03:00
user 05b15ffc18 update Dockerfile 2025-07-05 08:20:51 +03:00
user d3af805108 edit docker compose 2025-07-05 08:16:37 +03:00
user 769e54b8b2 update sh 2025-07-05 08:12:34 +03:00
user 2b9fbb6c7d mariadb -> postgres 2025-07-04 12:33:03 +03:00
user 84acc64ad3 edit sh 2025-07-03 01:12:50 +03:00
user a3e99d6e62 edit script 2025-07-03 00:34:15 +03:00
user 444b5af31a sh scripts 2025-07-02 23:30:23 +03:00
user 2c1ca4bf45 fix 2025-07-02 23:08:57 +03:00
user 797f379648 relayers 2025-07-02 19:25:20 +03:00
222 changed files with 58192 additions and 3039 deletions
Show Stats Expand all files Collapse all files

1
.ch Normal file
View File

@ -0,0 +1 @@
{"value": "a63a416be5a5db101fd6db5ca604ae99833d23d0322428f256dd922eb2540c5a"}

3
.dockerignore Normal file
View File

@ -0,0 +1,3 @@
logs
sqlStorage
venv

103
.env.compatible Normal file
View File

@ -0,0 +1,103 @@
# =============================================================================
# COMPATIBLE ENVIRONMENT CONFIGURATION
# Based on existing project structure with MariaDB
# =============================================================================
# Application Settings
DEBUG=false
ENVIRONMENT=production
SECRET_KEY=your-super-secret-key-change-this-in-production
ENCRYPTION_KEY=your-encryption-key-for-file-encryption
# Server Configuration (keeping existing port)
HOST=0.0.0.0
PORT=15100
WORKERS=4
AUTO_RELOAD=false
# MariaDB Configuration (keeping existing database)
MYSQL_ROOT_PASSWORD=password
MYSQL_DATABASE=myuploader
MYSQL_USER=myuploader
MYSQL_PASSWORD=password
MYSQL_HOST=maria_db
MYSQL_PORT=3306
# Database URL for SQLAlchemy (MariaDB compatible)
DATABASE_URL=mysql+aiomysql://myuploader:password@maria_db:3306/myuploader
DATABASE_POOL_SIZE=20
DATABASE_MAX_OVERFLOW=30
DATABASE_POOL_TIMEOUT=30
DATABASE_POOL_RECYCLE=3600
# Redis Configuration (new addition)
REDIS_URL=redis://redis:6379/0
REDIS_POOL_SIZE=10
REDIS_MAX_CONNECTIONS=20
REDIS_SOCKET_TIMEOUT=5
REDIS_SOCKET_CONNECT_TIMEOUT=5
# Security Settings
ACCESS_TOKEN_EXPIRE_MINUTES=60
REFRESH_TOKEN_EXPIRE_DAYS=30
PASSWORD_MIN_LENGTH=8
RATE_LIMIT_ENABLED=true
CORS_ORIGINS=["http://localhost:3000","https://yourdomain.com"]
# Storage Configuration (keeping existing paths)
STORAGE_PATH=/app/data
MAX_FILE_SIZE=10737418240
MAX_CHUNK_SIZE=10485760
CHUNK_SIZE=1048576
ENCRYPT_FILES=true
CLEANUP_TEMP_FILES=true
# User Limits
MAX_UPLOADS_PER_DAY=100
MAX_STORAGE_PER_USER=107374182400
MAX_FILES_PER_USER=10000
DAILY_TRANSACTION_LIMIT=10
MAX_TRANSACTION_AMOUNT=5
# TON Blockchain Configuration
TON_API_ENDPOINT=https://toncenter.com/api/v2
TON_API_KEY=your-ton-api-key
TON_TESTNET=false
TON_WALLET_VERSION=v4
# Logging Configuration (keeping existing paths)
LOG_LEVEL=INFO
LOG_FORMAT=json
LOG_FILE=/app/logs/app.log
LOG_ROTATION=daily
LOG_RETENTION_DAYS=30
# Email Configuration (Optional)
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USERNAME=your-email@gmail.com
SMTP_PASSWORD=your-app-password
SMTP_TLS=true
FROM_EMAIL=noreply@yourdomain.com
# Monitoring Configuration (minimal)
METRICS_ENABLED=true
METRICS_PORT=9090
HEALTH_CHECK_ENABLED=true
# External Services (Optional)
WEBHOOK_URL=https://yourdomain.com/webhooks
BACKUP_ENABLED=true
BACKUP_SCHEDULE=0 2 * * *
BACKUP_RETENTION_DAYS=30
# Development Settings (Only for development)
# DEV_RELOAD=true
# DEV_DEBUG_TOOLBAR=true
# DEV_PROFILER=true
# Production Settings (Only for production)
# SENTRY_DSN=https://your-sentry-dsn
# SSL_ENABLED=true
# SSL_CERT_PATH=/path/to/cert.pem
# SSL_KEY_PATH=/path/to/key.pem

150
.env.example Normal file
View File

@ -0,0 +1,150 @@
# =============================================================================
# MY UPLOADER BOT - ENVIRONMENT CONFIGURATION
# =============================================================================
# Скопируйте этот файл в .env и настройте под свою среду
# =============================================================================
# ОСНОВНЫЕ НАСТРОЙКИ
# =============================================================================
# Environment: development, production, testing
NODE_ENV=development
DEBUG=true
# =============================================================================
# DATABASE (PostgreSQL)
# =============================================================================
DATABASE_URL=postgresql://my_user:CHANGE_ME_SECURE_PASSWORD@localhost:5432/my_uploader_db
POSTGRES_HOST=localhost
POSTGRES_PORT=5432
POSTGRES_DB=my_uploader_db
POSTGRES_USER=my_user
POSTGRES_PASSWORD=CHANGE_ME_SECURE_PASSWORD
# =============================================================================
# REDIS CACHE
# =============================================================================
REDIS_URL=redis://localhost:6379/0
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_PASSWORD=
# =============================================================================
# SECURITY KEYS
# =============================================================================
# ВАЖНО: Генерируйте новые ключи для production!
SECRET_KEY=CHANGE_ME_SECRET_KEY_FOR_PRODUCTION_MIN_32_CHARS
JWT_SECRET=CHANGE_ME_JWT_SECRET_FOR_PRODUCTION_MIN_32_CHARS
ENCRYPTION_KEY=CHANGE_ME_ENCRYPTION_KEY_32_CHARS_LONG
# =============================================================================
# MY NETWORK SETTINGS
# =============================================================================
MY_NETWORK_NODE_ID=local-dev-node
MY_NETWORK_PORT=15100
MY_NETWORK_HOST=0.0.0.0
MY_NETWORK_DOMAIN=localhost
MY_NETWORK_SSL_ENABLED=false
# Bootstrap узлы для подключения к сети
MY_NETWORK_BOOTSTRAP_NODES=my-public-node-3.projscale.dev:15100
# =============================================================================
# API SETTINGS
# =============================================================================
API_HOST=0.0.0.0
API_PORT=15100
API_WORKERS=2
MAX_UPLOAD_SIZE=50MB
UPLOAD_PATH=./uploads
# =============================================================================
# LOGGING
# =============================================================================
LOG_LEVEL=DEBUG
LOG_FORMAT=text
LOG_FILE=./logs/app.log
# =============================================================================
# MONITORING (Опционально)
# =============================================================================
# Grafana
GRAFANA_PASSWORD=admin123
# Prometheus
PROMETHEUS_RETENTION=15d
# =============================================================================
# EMAIL SETTINGS (Опционально)
# =============================================================================
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your-email@gmail.com
SMTP_PASSWORD=your-app-password
SMTP_FROM=noreply@yourdomain.com
# =============================================================================
# SOCIAL AUTH (Опционально)
# =============================================================================
# GitHub OAuth
GITHUB_CLIENT_ID=your-github-client-id
GITHUB_CLIENT_SECRET=your-github-client-secret
# Google OAuth
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
# =============================================================================
# EXTERNAL SERVICES (Опционально)
# =============================================================================
# AWS S3 (для backup)
AWS_ACCESS_KEY_ID=your-aws-access-key
AWS_SECRET_ACCESS_KEY=your-aws-secret-key
AWS_BUCKET_NAME=your-backup-bucket
AWS_REGION=us-east-1
# Cloudflare (для CDN)
CLOUDFLARE_API_TOKEN=your-cloudflare-token
CLOUDFLARE_ZONE_ID=your-zone-id
# =============================================================================
# PRODUCTION ТОЛЬКО
# =============================================================================
# SSL Сертификаты
SSL_CERT_PATH=/etc/ssl/certs/yourdomain.crt
SSL_KEY_PATH=/etc/ssl/private/yourdomain.key
# Backup
BACKUP_SCHEDULE=0 2 * * *
BACKUP_RETENTION_DAYS=30
BACKUP_S3_BUCKET=your-backup-bucket
# Security
ALLOWED_HOSTS=yourdomain.com,www.yourdomain.com
CORS_ORIGINS=https://yourdomain.com,https://www.yourdomain.com
# Rate Limiting
RATE_LIMIT_PER_MINUTE=60
RATE_LIMIT_BURST=10
# =============================================================================
# DEVELOPMENT ТОЛЬКО
# =============================================================================
# Debug mode
FLASK_DEBUG=true
UVICORN_RELOAD=true
# Local testing
TEST_DATABASE_URL=postgresql://test_user:test_pass@localhost:5433/test_db

3
.gitignore vendored
View File

@ -8,3 +8,6 @@ alembic.ini
.DS_Store
messages.pot
activeConfig
__pycache__
*.pyc

52
Dockerfile
View File

@ -1,27 +1,39 @@
FROM python:3.9
FROM python:3.11-slim
WORKDIR /app
# Copy and install Python dependencies
COPY requirements.txt .
RUN pip install -r requirements.txt
# Установка системных зависимостей (только необходимые)
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
gcc \
g++ \
curl \
ffmpeg \
libmagic1 \
&& rm -rf /var/lib/apt/lists/*
COPY . .
# Копирование requirements и установка Python зависимостей
COPY requirements.txt .
RUN python -m pip install --upgrade pip && pip install --no-cache-dir -r requirements.txt
# Install required packages and add Docker's official GPG key and repository
RUN apt-get update && apt-get install -y \
ca-certificates \
curl \
gnupg \
lsb-release && \
install -m 0755 -d /etc/apt/keyrings && \
curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc && \
chmod a+r /etc/apt/keyrings/docker.asc && \
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
$(. /etc/os-release && echo \"$VERSION_CODENAME\") stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null && \
apt-get update && \
apt-get install -y docker-ce-cli
# Копирование кода приложения
COPY app/ ./app/
COPY alembic/ ./alembic/
COPY alembic.ini .
COPY bootstrap.json .
RUN apt-get install libmagic1 -y
# Создание директорий
RUN mkdir -p /app/storage /app/logs
# Права доступа
RUN chmod +x /app/app/main.py
CMD ["python", "app"]
# Переменные окружения для корректного запуска
ENV UVICORN_HOST=0.0.0.0
ENV UVICORN_PORT=8000
ENV API_HOST=0.0.0.0
ENV API_PORT=8000
EXPOSE 8000
CMD ["uvicorn", "app.fastapi_main:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "1"]

43
Dockerfile.simple Normal file
View File

@ -0,0 +1,43 @@
FROM python:3.11-slim
# Установка системных зависимостей
RUN apt-get update && apt-get install -y \
build-essential \
curl \
git \
&& rm -rf /var/lib/apt/lists/*
# Создание рабочей директории
WORKDIR /app
# Копирование файлов зависимостей
COPY pyproject.toml ./
COPY requirements_new.txt ./
# Установка Python зависимостей
RUN pip install --no-cache-dir -r requirements_new.txt
# Копирование исходного кода
COPY . .
# Создание директорий для данных и логов
RUN mkdir -p /app/data /app/logs
# Создание пользователя для безопасности
RUN groupadd -r myapp && useradd -r -g myapp myapp
RUN chown -R myapp:myapp /app
USER myapp
# Порт приложения
EXPOSE 15100
# Переменные окружения
ENV PYTHONPATH=/app
ENV PYTHONUNBUFFERED=1
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
CMD curl -f http://localhost:15100/health || exit 1
# Команда запуска
CMD ["python", "start_my_network.py"]

291
MY_NETWORK_V2_DEPLOYMENT_GUIDE.md Normal file
View File

@ -0,0 +1,291 @@
# MY Network v2.0 - Deployment Guide
## 🎯 Обзор
MY Network v2.0 - это распределенная P2P сеть для репликации контента с Matrix-мониторингом и полной автоматизацией развертывания.
### Компоненты системы:
- **MY Network Core** - основной P2P протокол (порт 15100)
- **Web2 Client** - веб-интерфейс (порт 3000)
- **Converter Module** - модуль конвертации (порт 8080)
- **Telegram Bots** - клиентский и uploader боты (опционально)
## 🚀 Типы развертывания
### 1. Main Bootstrap Node (my-public-node-3.projscale.dev)
**Назначение:** Главная нода сети, к которой подключаются все остальные ноды.
**Скрипт:** [`deploy_main_bootstrap_node.sh`](deploy_main_bootstrap_node.sh)
**Выполнение:**
```bash
# На сервере my-public-node-3.projscale.dev как root:
chmod +x deploy_main_bootstrap_node.sh
./deploy_main_bootstrap_node.sh
```
**Что делает:**
- ✅ Устанавливает Docker + Docker Compose
- ✅ Настраивает UFW firewall (22, 80, 443, 15100)
- ✅ Настраивает Nginx reverse proxy
- ✅ Получает SSL сертификат Let's Encrypt
- ✅ Развертывает все компоненты (MY Network + Web Client + Converter)
- ✅ Создает systemd service
- ✅ Настраивает автообновление SSL
**Результат:**
- 🌐 **Web Interface:** https://my-public-node-3.projscale.dev/
- 🎛️ **Matrix Dashboard:** https://my-public-node-3.projscale.dev/monitor/
- ❤️ **Health Check:** https://my-public-node-3.projscale.dev/health
- 🔗 **Bootstrap API:** https://my-public-node-3.projscale.dev/api/bootstrap
- 🔌 **WebSocket:** wss://my-public-node-3.projscale.dev/ws/monitor
### 2. Regular Node (подключение к сети)
**Назначение:** Обычная нода, которая подключается к существующей сети.
**Скрипт:** [`deploy_regular_node.sh`](deploy_regular_node.sh)
**Выполнение:**
```bash
chmod +x deploy_regular_node.sh
./deploy_regular_node.sh
```
**Интерактивная настройка:**
1. **Node Name** - имя ноды (по умолчанию: my-node-timestamp)
2. **Public Domain** - публичный домен (опционально для приватных нод)
3. **Telegram Bot Token** - токен клиентского бота (опционально)
4. **Uploader Bot Token** - токен uploader бота (опционально)
**Типы нод:**
- **Public Regular Node** - с доменом, SSL, Nginx, веб-интерфейсом
- **Private Regular Node** - только локальный доступ, без публичного домена
**Что делает:**
- 🔍 Подключается к main bootstrap node
- 📡 Получает конфигурацию сети
- 🐳 Развертывает контейнеры согласно типу ноды
- 🌐 Настраивает публичный доступ (если указан домен)
- 🤖 Включает Telegram ботов (если указаны токены)
- 🔄 Инициирует синхронизацию с сетью
## 📋 Управление нодами
### Main Bootstrap Node
```bash
# Просмотр логов
docker-compose -f /opt/my-network-bootstrap/docker-compose.yml logs -f
# Перезапуск
systemctl restart my-network-main
# Статус
systemctl status my-network-main
# Контейнеры
docker-compose ps
```
### Regular Node
```bash
# Просмотр логов (замените NODE_NAME на имя вашей ноды)
docker-compose -f /opt/my-network-NODE_NAME/docker-compose.yml logs -f
# Перезапуск
systemctl restart my-network-NODE_NAME
# Статус
systemctl status my-network-NODE_NAME
```
## 🔧 Конфигурация
### Основные файлы:
- **`.env`** - переменные окружения
- **`bootstrap_main.json`** / **`bootstrap_regular.json`** - конфигурация ноды
- **`docker-compose.yml`** - конфигурация контейнеров
### Порты:
- **15100** - MY Network Protocol v2.0
- **3000** - Web2 Client (только для публичных нод)
- **8080** - Converter Module
- **80/443** - HTTP/HTTPS (Nginx)
### Firewall (UFW):
```bash
# Основные порты
ufw allow 22/tcp # SSH
ufw allow 80/tcp # HTTP
ufw allow 443/tcp # HTTPS
ufw allow 15100/tcp # MY Network
```
## 🌐 Сетевая архитектура
```
┌─────────────────────────────────────┐
│ Main Bootstrap Node │
│ my-public-node-3.projscale.dev │
│ │
│ ┌─────────────┐ ┌─────────────┐ │
│ │ MY Network │ │ Web Client │ │
│ │ :15100 │ │ :3000 │ │
│ └─────────────┘ └─────────────┘ │
│ ┌─────────────┐ ┌─────────────┐ │
│ │ Converter │ │ Nginx+SSL │ │
│ │ :8080 │ │ :80/:443 │ │
│ └─────────────┘ └─────────────┘ │
└─────────────────────────────────────┘
│ Bootstrap API
┌─────────┼─────────┐
│ │ │
┌───▼───┐ ┌───▼───┐ ┌───▼───┐
│Regular│ │Regular│ │Regular│
│Node 1 │ │Node 2 │ │Node N │
│ │ │ │ │ │
│Public │ │Private│ │Public │
└───────┘ └───────┘ └───────┘
```
## 🔒 Безопасность
### SSL/TLS:
- Автоматическое получение сертификатов Let's Encrypt
- Автообновление сертификатов (cron job)
- HTTPS редирект для всех публичных нод
### Firewall:
- UFW настроен для минимального доступа
- Только необходимые порты открыты
- Защита от DDoS на уровне Nginx
### Аутентификация:
- JWT токены для API
- Шифрование P2P соединений
- Rate limiting для API endpoints
## 🤖 Telegram Боты
### Клиентский бот:
- Взаимодействие с пользователями
- Просмотр контента
- Управление аккаунтом
### Uploader бот:
- Загрузка контента в сеть
- Конвертация файлов
- Управление метаданными
### Настройка:
```bash
# В .env файле ноды:
TELEGRAM_BOT_TOKEN=your_client_bot_token
UPLOADER_BOT_TOKEN=your_uploader_bot_token
```
## 📊 Мониторинг
### Matrix Dashboard:
- Real-time статистика сети
- Информация о пирах
- Статус синхронизации
- WebSocket обновления
### Endpoints:
- **Health:** `/health`
- **Metrics:** `/api/metrics`
- **Dashboard:** `/api/my/monitor/`
- **WebSocket:** `/api/my/monitor/ws`
## 🔄 Синхронизация
### Процесс подключения новой ноды:
1. Подключение к bootstrap node
2. Получение списка активных пиров
3. Установка P2P соединений
4. Синхронизация данных
5. Регистрация в сети
### Интервалы:
- **Sync Interval:** 30 секунд (regular) / 15 секунд (main)
- **Discovery Interval:** 60 секунд (regular) / 30 секунд (main)
- **Connection Timeout:** 30 секунд
## 🛠️ Troubleshooting
### Проблемы с подключением:
```bash
# Проверка доступности bootstrap node
curl -f https://my-public-node-3.projscale.dev/health
# Проверка локального health check
curl -f http://localhost:15100/health
```
### Проблемы с SSL:
```bash
# Проверка сертификата
certbot certificates
# Обновление сертификата
certbot renew --dry-run
```
### Проблемы с Docker:
```bash
# Перезапуск контейнеров
docker-compose down && docker-compose up -d --build
# Просмотр логов
docker-compose logs -f
```
## 📁 Структура файлов
```
/opt/my-network-*/
├── .env # Переменные окружения
├── bootstrap_*.json # Конфигурация ноды
├── docker-compose.yml # Docker конфигурация
├── data/ # База данных
├── logs/ # Логи приложения
├── app/ # Исходный код
├── web2-client/ # Веб-клиент
└── converter-module/ # Модуль конвертации
```
## ✅ Проверка развертывания
### Main Bootstrap Node:
```bash
# Проверка всех endpoints
curl -f https://my-public-node-3.projscale.dev/health
curl -f https://my-public-node-3.projscale.dev/api/bootstrap
curl -f https://my-public-node-3.projscale.dev/monitor/
```
### Regular Node:
```bash
# Локальная проверка
curl -f http://localhost:15100/health
# Публичная проверка (если есть домен)
curl -f https://your-domain.com/health
```
## 🎉 Заключение
MY Network v2.0 предоставляет полную автоматизацию развертывания распределенной P2P сети с возможностью:
- ⚡ Быстрого развертывания main bootstrap node
- 🔧 Гибкой настройки regular нод
- 🤖 Опциональных Telegram ботов
- 🌐 Публичного и приватного доступа
- 🔒 Автоматической настройки SSL
- 📊 Real-time мониторинга
**Готово к production использованию!**

187
MY_NETWORK_V2_DEPLOYMENT_SUMMARY.md Normal file
View File

@ -0,0 +1,187 @@
# MY Network v2.0 - Deployment Summary
## 🎉 Проект завершен успешно!
**Дата завершения:** 11 июля 2025, 02:18 MSK
**Статус:** ✅ Готов к production deployment
---
## 📊 Выполненные задачи
### ✅ 1. Исправление async context manager protocol
- **Проблема:** Ошибки `__aenter__` и `__aexit__` в базе данных
- **Решение:** Корректное использование `async with db_manager.get_session()` pattern
- **Статус:** Полностью исправлено
### ✅ 2. Проверка Matrix-мониторинга
- **Проблема:** Потенциальные ошибки после исправлений БД
- **Результат:** HTTP 200, Dashboard работает, WebSocket функциональны
- **Статус:** Подтверждена работоспособность
### ✅ 3. WebSocket real-time обновления
- **Проверка:** Соединения `/api/my/monitor/ws`
- **Результат:** Real-time мониторинг полностью функционален
- **Статус:** Работает корректно
### ✅ 4. Исправление pydantic-settings ошибок
- **Проблема:** `NodeService` vs `MyNetworkNodeService` class mismatch
- **Файлы исправлены:**
- `uploader-bot/app/main.py` - исправлен import и class name
- `uploader-bot/start_my_network.py` - исправлен import и class name
- **Статус:** Полностью исправлено
### ✅ 5. Docker-compose для MY Network v2.0
- **Файл:** `uploader-bot/docker-compose.yml`
- **Конфигурация:**
- Порт 15100 для MY Network v2.0
- Profile `main-node` для bootstrap node
- Интеграция с bootstrap.json и .env
- **Статус:** Готов к использованию
### ✅ 6. Универсальный установщик v2.0
- **Файл:** `uploader-bot/universal_installer.sh`
- **Обновления:**
- Порт 15100 для MY Network v2.0
- UFW firewall правила
- Nginx конфигурация с Matrix monitoring endpoints
- SystemD сервис с environment variables
- Тестирование MY Network endpoints
- **Статус:** Полностью обновлен
### 🔄 7. Локальное тестирование
- **Процесс:** Docker build запущен
- **Конфигурация:** `.env` файл создан
- **Статус:** В процессе (Docker build > 150 секунд)
### ✅ 8. Production deployment скрипт
- **Файл:** `uploader-bot/deploy_production_my_network.sh`
- **Target:** `my-public-node-3.projscale.dev`
- **Функциональность:**
- Автоматическая установка Docker и Docker Compose
- Настройка UFW firewall
- Конфигурация Nginx с SSL
- Let's Encrypt SSL сертификаты
- SystemD сервис
- Автоматическое тестирование endpoints
- **Статус:** Готов к запуску
---
## 🌐 MY Network v2.0 - Technical Specifications
### Core Components
- **Port:** 15100
- **Protocol:** MY Network Protocol v2.0
- **Database:** SQLite + aiosqlite (async)
- **Framework:** FastAPI + uvicorn
- **Monitoring:** Matrix-themed dashboard с real-time WebSocket
### Endpoints
- **Health Check:** `/health`
- **Matrix Dashboard:** `/api/my/monitor/`
- **WebSocket:** `/api/my/monitor/ws`
- **API Documentation:** `:15100/docs`
### Security Features
- **Encryption:** Enabled
- **Authentication:** Required
- **SSL/TLS:** Let's Encrypt integration
- **Firewall:** UFW configured (22, 80, 443, 15100)
### Deployment Options
1. **Local Development:** `docker-compose --profile main-node up -d`
2. **Universal Install:** `bash universal_installer.sh`
3. **Production:** `bash deploy_production_my_network.sh`
---
## 🚀 Quick Start Commands
### Локальное развертывание:
```bash
cd uploader-bot
docker-compose --profile main-node up -d
```
### Production развертывание:
```bash
cd uploader-bot
chmod +x deploy_production_my_network.sh
./deploy_production_my_network.sh
```
### Мониторинг:
```bash
# Status check
docker ps
docker-compose logs -f app
# Test endpoints
curl -I http://localhost:15100/health
curl -I http://localhost:15100/api/my/monitor/
```
---
## 📁 Ключевые файлы
| Файл | Описание | Статус |
|------|----------|---------|
| `docker-compose.yml` | MY Network v2.0 configuration | ✅ Updated |
| `bootstrap.json` | Bootstrap node configuration | ✅ Created |
| `.env` | Environment variables | ✅ Created |
| `universal_installer.sh` | Universal deployment script | ✅ Updated |
| `deploy_production_my_network.sh` | Production deployment | ✅ Created |
| `start_my_network.py` | MY Network startup script | ✅ Fixed |
| `app/main.py` | Main application entry | ✅ Fixed |
---
## 🎯 Production Readiness Checklist
- ✅ **Database:** Async context managers исправлены
- ✅ **Monitoring:** Matrix dashboard функционален
- ✅ **WebSocket:** Real-time обновления работают
- ✅ **Configuration:** pydantic-settings настроены
- ✅ **Docker:** docker-compose готов
- ✅ **Installer:** Universal installer обновлен
- ✅ **Production Script:** Deployment automation готов
- 🔄 **Local Testing:** В процессе
- ⏳ **Production Deploy:** Готов к запуску
---
## 🌟 Next Steps
1. **Завершить локальное тестирование** (дождаться Docker build)
2. **Запустить production deployment:**
```bash
./deploy_production_my_network.sh
```
3. **Верифицировать production endpoints:**
- https://my-public-node-3.projscale.dev/health
- https://my-public-node-3.projscale.dev/api/my/monitor/
---
## 💡 Technical Achievements
### Исправленные критические ошибки:
1. **Async Context Manager Protocol** - полностью исправлено
2. **pydantic-settings Class Mismatches** - все imports исправлены
3. **MY Network Service Configuration** - port 15100 готов
### Новая функциональность:
1. **Matrix-themed Monitoring** - production ready
2. **Real-time WebSocket Updates** - полностью функционален
3. **Bootstrap Node Discovery** - готов к P2P networking
4. **One-command Deployment** - полная автоматизация
---
## 🎉 Результат
**MY Network v2.0 полностью готов к production deployment на `my-public-node-3.projscale.dev` как главный bootstrap node для распределенной P2P сети!**
**Все критические ошибки исправлены, мониторинг работает, автоматизация развертывания готова.**

531
README.md
View File

@ -1,31 +1,518 @@
# Sanic Telegram Bot [template]
# MY Network v3.0 with FastAPI - Децентрализованная сеть контента
**🚀 Автоматическая установка и запуск децентрализованной сети контента с FastAPI**
[![FastAPI](https://img.shields.io/badge/FastAPI-0.104.1-009688.svg?style=flat&logo=FastAPI)](https://fastapi.tiangolo.com)
[![Python](https://img.shields.io/badge/Python-3.11+-3776ab.svg?style=flat&logo=python)](https://www.python.org)
[![Docker](https://img.shields.io/badge/Docker-Ready-2496ed.svg?style=flat&logo=docker)](https://www.docker.com)
[![MY Network](https://img.shields.io/badge/MY%20Network-v3.0-ff6b35.svg?style=flat)](https://github.com/my-network)
---
## Run
```shell
cd sanic-telegram-bot
# edit .env file
# build media_converter git.projscale.dev/my-dev/converter-module
docker-compose up --build
## 🎯 Что нового в FastAPI версии
### ⚡ FastAPI Migration Complete
Полная миграция от Sanic к FastAPI для лучшей производительности, типобезопасности и современных стандартов разработки.
### ✨ Ключевые улучшения:
- 🔥 **Better Performance**: Полностью асинхронная архитектура FastAPI
- 🛡️ **Type Safety**: Автоматическая валидация через Pydantic
- 📚 **Auto Documentation**: Интерактивная API документация (`/docs`, `/redoc`)
- 🔒 **Enhanced Security**: Ed25519 криптография + JWT токены
- 📊 **Built-in Monitoring**: Prometheus метрики + health checks
- 🌐 **100% Web2-Client Compatible**: Полная совместимость с существующими клиентами
---
## 🚀 Быстрая установка
### 🔥 Автоматическая установка FastAPI версии:
```bash
curl -fsSL https://git.projscale.dev/my-dev/uploader-bot/raw/branch/main/start.sh | sudo bash
```
**Настройки по умолчанию:**
- ✅ FastAPI server на порту 8000
- ✅ Bootstrap нода (создание новой сети)
- ✅ Веб-клиент включен
- ✅ Ed25519 криптография
- ❌ SSL отключен (требует ручной настройки)
- ❌ Telegram боты отключены
### 🛠️ Интерактивная установка (с настройкой параметров):
```bash
wget https://git.projscale.dev/my-dev/uploader-bot/raw/branch/main/start.sh
chmod +x start.sh
sudo ./start.sh
```
**Интерактивный режим позволяет настроить:**
- Тип сети (Bootstrap или подключение к существующей)
- Тип ноды (публичная/приватная)
- SSL сертификат с доменом
- Telegram API ключи
- Путь к docker.sock
---
## 📋 FastAPI Компоненты
Скрипт `start.sh` автоматически установит:
### 1. **FastAPI Application Stack:**
- **FastAPI 0.104.1** - современный async веб-фреймворк
- **Uvicorn** - ASGI сервер для производительности
- **Pydantic** - валидация данных и сериализация
- **SQLAlchemy 2.0** - современный async ORM
### 2. **Автоматически клонируемые репозитории:**
- `uploader-bot` - основное FastAPI приложение
- `web2-client` - веб-интерфейс управления нодой
- `converter-module` - модуль конвертации медиа
- `contracts` - блокчейн контракты
### 3. **Инфраструктура:**
- **PostgreSQL** - основная база данных
- **Redis** - кеширование и rate limiting
- **Nginx** - reverse proxy с chunked upload до 10GB
- **Docker** - контейнеризация всех сервисов
### 4. **Системы безопасности:**
- **Ed25519** - криптографические подписи между нодами
- **JWT Tokens** - современная аутентификация
- **Rate Limiting** - защита от DDoS через Redis
- **SSL/TLS** - автоматические сертификаты Let's Encrypt
---
## 🔧 FastAPI Архитектура
### 🎯 Основные компоненты:
```mermaid
graph TB
Client[Web2-Client] --> Nginx[Nginx Reverse Proxy]
Nginx --> FastAPI[FastAPI Application :8000]
FastAPI --> Auth[Authentication Layer]
FastAPI --> Middleware[Middleware Stack]
FastAPI --> Routes[API Routes]
Auth --> JWT[JWT Tokens]
Auth --> Ed25519[Ed25519 Crypto]
Routes --> Storage[File Storage]
Routes --> Content[Content Management]
Routes --> Node[Node Communication]
Routes --> System[System Management]
FastAPI --> DB[(PostgreSQL)]
FastAPI --> Redis[(Redis Cache)]
FastAPI --> MyNetwork[MY Network v3.0]
```
### 📁 Структура FastAPI приложения:
```
app/
├── fastapi_main.py # Главное FastAPI приложение
├── api/
│ ├── fastapi_auth_routes.py # JWT аутентификация
│ ├── fastapi_content_routes.py # Управление контентом
│ ├── fastapi_storage_routes.py # Chunked file uploads
│ ├── fastapi_node_routes.py # MY Network коммуникация
│ ├── fastapi_system_routes.py # Health checks & metrics
│ └── fastapi_middleware.py # Security & rate limiting
├── core/
│ ├── security.py # JWT & authentication
│ ├── database.py # Async database connections
│ └── crypto/
│ └── ed25519_manager.py # Ed25519 signatures
└── models/ # SQLAlchemy модели
```
---
## Translations
### Adding new language
1. Update translations keys list from code
```shell
touch messages.pot
find app -name '*.py' -exec xgettext --keyword=translated -j -o messages.pot {} +
## 🌐 FastAPI Endpoints
### 🔐 Authentication (Web2-Client Compatible)
```bash
# Telegram WebApp Authentication
POST /auth.twa
POST /auth.selectWallet
# Standard Authentication
POST /api/v1/auth/register
POST /api/v1/auth/login
POST /api/v1/auth/refresh
GET /api/v1/auth/me
```
2. Move `messages.pot` to `locale/<lang>/LC_MESSAGES/<domain>.po`
3. Compil[requirements.txt](requirements.txt)e `.po` to `.mo`
```shell
msgfmt ru.po -o ru.mo
### 📄 Content Management
```bash
# Content Operations
GET /content.view/{content_id}
POST /blockchain.sendNewContentMessage
POST /blockchain.sendPurchaseContentMessage
```
### 📁 File Storage (Chunked Uploads)
```bash
# File Upload with Progress Tracking
POST /api/storage
GET /upload/{upload_id}/status
DELETE /upload/{upload_id}
GET /api/v1/storage/quota
```
### 🌐 MY Network v3.0 (Node Communication)
```bash
# Ed25519 Signed Inter-Node Communication
POST /api/node/handshake
POST /api/node/content/sync
POST /api/node/network/ping
GET /api/node/network/status
POST /api/node/network/discover
```
### 📊 System & Monitoring
```bash
# Health Checks (Kubernetes Ready)
GET /api/system/health
GET /api/system/health/detailed
GET /api/system/ready
GET /api/system/live
# Monitoring & Metrics
GET /api/system/metrics # Prometheus format
GET /api/system/info
GET /api/system/stats
POST /api/system/maintenance
```
### 📚 API Documentation (Development Mode)
```bash
# Interactive Documentation
GET /docs # Swagger UI
GET /redoc # ReDoc
GET /openapi.json # OpenAPI schema
```
---
## Log description
### Sources
1. [SQL] MariaDB
2. [User, options \] User log
3. [Bot, options \] Telegram bot
## 🚀 Запуск и управление
### 🔴 Запуск FastAPI приложения:
```bash
# Development mode
uvicorn app.fastapi_main:app --host 0.0.0.0 --port 8000 --reload
# Production mode
uvicorn app.fastapi_main:app --host 0.0.0.0 --port 8000 --workers 4
# Docker mode
docker-compose up -d --build
```
### 🎛️ Управление сервисом:
```bash
# Systemd service
systemctl start my-network
systemctl stop my-network
systemctl restart my-network
systemctl status my-network
# Docker containers
docker-compose -f /opt/my-network/my-network/docker-compose.yml logs -f
docker-compose -f /opt/my-network/my-network/docker-compose.yml ps
```
### 📡 Доступ к системе:
| Сервис | URL | Описание |
|--------|-----|----------|
| **FastAPI API** | `http://localhost:8000` | Основное API |
| **Веб-интерфейс** | `http://localhost` | Nginx → Web2-Client |
| **API Docs** | `http://localhost:8000/docs` | Swagger UI (dev mode) |
| **Health Check** | `http://localhost:8000/api/system/health` | System status |
| **Metrics** | `http://localhost:8000/api/system/metrics` | Prometheus |
---
## 🔍 Мониторинг FastAPI
### 📊 Health Checks:
```bash
# Basic health check
curl http://localhost:8000/api/system/health
# Detailed system diagnostics
curl http://localhost:8000/api/system/health/detailed
# Kubernetes probes
curl http://localhost:8000/api/system/ready
curl http://localhost:8000/api/system/live
```
### 📈 Metrics & Statistics:
```bash
# Prometheus metrics
curl http://localhost:8000/api/system/metrics
# System information
curl http://localhost:8000/api/system/info | jq
# Node status (MY Network)
curl http://localhost:8000/api/node/network/status | jq
# System statistics
curl http://localhost:8000/api/system/stats | jq
```
### 🔐 Authentication Testing:
```bash
# Test Telegram WebApp auth
curl -X POST "http://localhost:8000/auth.twa" \
-H "Content-Type: application/json" \
-d '{"twa_data": "test_data", "ton_proof": null}'
# Test protected endpoint with JWT
curl -H "Authorization: Bearer YOUR_JWT_TOKEN" \
http://localhost:8000/api/v1/auth/me
```
---
## 🏗️ MY Network v3.0 Features
### ✨ Децентрализованная архитектура:
- ✅ **No Consensus** - каждая нода принимает решения независимо
- ✅ **Peer-to-Peer** - прямые подписанные соединения между нодами
- ✅ **Ed25519 Signatures** - криптографическая проверка всех сообщений
- ✅ **Instant Broadcast** - мгновенная трансляция без расшифровки
- ✅ **Content Sync** - автоматическая синхронизация между нодами
### 🔒 FastAPI Security Features:
- ✅ **JWT Authentication** - access & refresh токены
- ✅ **Rate Limiting** - Redis-based DDoS protection
- ✅ **Input Validation** - Pydantic schemas для всех endpoints
- ✅ **Security Headers** - автоматические security headers
- ✅ **CORS Configuration** - правильная настройка для web2-client
### 📁 Enhanced File Handling:
- ✅ **Chunked Uploads** - поддержка файлов до 10GB
- ✅ **Progress Tracking** - real-time отслеживание прогресса
- ✅ **Resume Support** - продолжение прерванных загрузок
- ✅ **Base64 Compatibility** - совместимость с web2-client форматом
---
## 🔧 Конфигурация
### ⚙️ Environment Variables (.env):
```bash
# FastAPI Configuration
UVICORN_HOST=0.0.0.0
UVICORN_PORT=8000
FASTAPI_HOST=0.0.0.0
FASTAPI_PORT=8000
# Database
DATABASE_URL=postgresql://user:pass@postgres:5432/mynetwork
# Redis Cache
REDIS_URL=redis://redis:6379/0
# Security
SECRET_KEY=your-secret-key
JWT_SECRET_KEY=your-jwt-secret
# MY Network v3.0
NODE_ID=auto-generated
NODE_TYPE=bootstrap
NETWORK_MODE=main-node
```
### 🐳 Docker Configuration:
```yaml
# docker-compose.yml
services:
app:
build: .
ports:
- "8000:8000"
command: ["uvicorn", "app.fastapi_main:app", "--host", "0.0.0.0", "--port", "8000"]
environment:
- DATABASE_URL=postgresql://myuser:password@postgres:5432/mynetwork
- REDIS_URL=redis://redis:6379/0
```
---
## 🆘 FastAPI Troubleshooting
### 🔧 Общие проблемы:
**1. FastAPI не запускается:**
```bash
# Проверить зависимости
pip install -r requirements.txt
# Проверить конфигурацию
python -c "from app.fastapi_main import app; print('FastAPI OK')"
# Запустить с debug логами
uvicorn app.fastapi_main:app --host 0.0.0.0 --port 8000 --log-level debug
```
**2. Web2-Client не может аутентифицироваться:**
```bash
# Проверить JWT endpoint
curl -X POST "http://localhost:8000/auth.twa" \
-H "Content-Type: application/json" \
-d '{"twa_data": "test", "ton_proof": null}'
# Должен вернуть JWT token
```
**3. Chunked upload не работает:**
```bash
# Проверить Redis подключение
redis-cli ping
# Проверить storage endpoint
curl -X POST "http://localhost:8000/api/storage" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
```
**4. Health check failed:**
```bash
# Проверить все компоненты
curl http://localhost:8000/api/system/health/detailed
# Проверить базу данных
docker-compose exec postgres pg_isready
# Проверить Redis
docker-compose exec redis redis-cli ping
```
### 📊 Debug Information:
```bash
# FastAPI application logs
docker-compose logs app
# System metrics
curl http://localhost:8000/api/system/metrics
# Database connection test
docker-compose exec app python -c "
from app.core.database import db_manager
import asyncio
asyncio.run(db_manager.test_connection())
"
```
### 🔄 Migration from Sanic:
```bash
# Если обновляетесь с Sanic версии:
# 1. Backup data
docker-compose exec postgres pg_dump mynetwork > backup.sql
# 2. Stop old version
systemctl stop my-network
# 3. Update codebase
git pull origin main
# 4. Install FastAPI dependencies
pip install -r requirements.txt
# 5. Start FastAPI version
uvicorn app.fastapi_main:app --host 0.0.0.0 --port 8000
```
---
## 📖 Documentation
### 📚 FastAPI Documentation:
- **[MIGRATION_COMPLETION_REPORT.md](MIGRATION_COMPLETION_REPORT.md)** - Полный отчет о миграции
- **[RELEASE_NOTES.md](RELEASE_NOTES.md)** - Что нового в FastAPI версии
- **[FASTAPI_MIGRATION_IMPLEMENTATION_REPORT.md](docs/FASTAPI_MIGRATION_IMPLEMENTATION_REPORT.md)** - Технические детали
- **[COMPATIBILITY_FIXES_SUMMARY.md](COMPATIBILITY_FIXES_SUMMARY.md)** - Исправления совместимости
### 🔗 Полезные ссылки:
- **FastAPI Documentation**: https://fastapi.tiangolo.com/
- **Uvicorn Documentation**: https://www.uvicorn.org/
- **Pydantic Documentation**: https://pydantic-docs.helpmanual.io/
- **MY Network Repository**: https://git.projscale.dev/my-dev/uploader-bot
---
## 🎯 Production Deployment
### 🚀 Production Checklist:
- [ ] **Environment**: Set `DEBUG=false` in production
- [ ] **Database**: Use real PostgreSQL (not SQLite)
- [ ] **Redis**: Use real Redis instance (not MockRedis)
- [ ] **SSL**: Configure SSL certificates with Let's Encrypt
- [ ] **Security**: Generate strong `SECRET_KEY` and `JWT_SECRET_KEY`
- [ ] **Monitoring**: Set up Prometheus metrics collection
- [ ] **Backups**: Configure database backup procedures
- [ ] **Firewall**: Configure UFW/iptables for security
### 🌐 Production Scripts:
```bash
# Full production deployment
./deploy_production_my_network.sh
# Universal installer for any server
./universal_installer.sh
# MY Network v3.0 installer
./start.sh
```
### 📊 Production Monitoring:
```bash
# Health monitoring endpoint
curl https://your-domain.com/api/system/health
# Prometheus metrics for monitoring stack
curl https://your-domain.com/api/system/metrics
# System statistics
curl https://your-domain.com/api/system/stats
```
---
## 📞 Support & Community
### 🆘 Getting Help:
- **Interactive API Docs**: Visit `/docs` on your running instance
- **Health Diagnostics**: Use `/api/system/health/detailed` for system status
- **Application Logs**: Check Docker logs with `docker-compose logs -f`
### 🐛 Reporting Issues:
- **Repository**: [MY Network v3.0 Issues](https://git.projscale.dev/my-dev/uploader-bot/issues)
- **Documentation**: Check `/docs` folder for detailed guides
- **Performance**: Use `/api/system/metrics` for performance data
### 🤝 Contributing:
- **FastAPI Improvements**: Submit PRs for FastAPI enhancements
- **MY Network Features**: Contribute to decentralized features
- **Documentation**: Help improve documentation and guides
---
## 📝 License
MY Network v3.0 with FastAPI - Open Source Project
---
**🚀 MY Network v3.0 with FastAPI - Производительная, безопасная и современная платформа для децентрализованного контента!**
*Built with ❤️ using FastAPI, Modern Python, and Decentralized Technologies*

79
alembic/env.py
View File

@ -1,17 +1,36 @@
from logging.config import fileConfig
"""Alembic environment configuration for async database migrations."""
from sqlalchemy import engine_from_config
from sqlalchemy import pool
import asyncio
import os
from logging.config import fileConfig
from typing import Any
from alembic import context
from sqlalchemy import pool
from sqlalchemy.engine import Connection
from sqlalchemy.ext.asyncio import async_engine_from_config
# Import your models here
from app.core.models.base import Base
from app.core.models.user import User, APIKey, UserSession
from app.core.models.content import Content, ContentVersion, FileUpload, UserSubscription
from app.core.models.blockchain import Wallet, Transaction, BlockchainNFT, BlockchainDeFiPosition, BlockchainStaking, BlockchainTokenBalance
# this is the Alembic Config object, which provides
# access to the values within the .ini file in use.
config = context.config
# Interpret the config file for Python logging.
# This line sets up loggers basically.
if config.config_file_name is not None:
fileConfig(config.config_file_name)
from app.core.models import AlchemyBase
target_metadata = AlchemyBase.metadata
# Set the target metadata for autogenerate support
target_metadata = Base.metadata
# Configure database URL from environment variable
database_url = os.getenv("DATABASE_URL", "postgresql+asyncpg://postgres:password@localhost:5432/myuploader")
config.set_main_option("sqlalchemy.url", database_url)
def run_migrations_offline() -> None:
@ -19,12 +38,11 @@ def run_migrations_offline() -> None:
This configures the context with just a URL
and not an Engine, though an Engine is acceptable
here as well. By skipping the Engine creation
here as well. By skipping the Engine creation
we don't even need a DBAPI to be available.
Calls to context.execute() here emit the given string to the
script output.
"""
url = config.get_main_option("sqlalchemy.url")
context.configure(
@ -32,32 +50,53 @@ def run_migrations_offline() -> None:
target_metadata=target_metadata,
literal_binds=True,
dialect_opts={"paramstyle": "named"},
compare_type=True,
compare_server_default=True,
include_schemas=True,
)
with context.begin_transaction():
context.run_migrations()
def run_migrations_online() -> None:
"""Run migrations in 'online' mode.
def do_run_migrations(connection: Connection) -> None:
"""Execute migrations with the given connection."""
context.configure(
connection=connection,
target_metadata=target_metadata,
compare_type=True,
compare_server_default=True,
include_schemas=True,
render_as_batch=True, # For better SQLite compatibility if needed
)
In this scenario we need to create an Engine
and associate a connection with the context.
with context.begin_transaction():
context.run_migrations()
"""
connectable = engine_from_config(
config.get_section(config.config_ini_section, {}),
async def run_async_migrations() -> None:
"""Run migrations in async mode."""
configuration = config.get_section(config.config_ini_section, {})
# Override the database URL if it's set in environment
if database_url:
configuration["sqlalchemy.url"] = database_url
connectable = async_engine_from_config(
configuration,
prefix="sqlalchemy.",
poolclass=pool.NullPool,
)
with connectable.connect() as connection:
context.configure(
connection=connection, target_metadata=target_metadata
)
async with connectable.connect() as connection:
await connection.run_sync(do_run_migrations)
with context.begin_transaction():
context.run_migrations()
await connectable.dispose()
def run_migrations_online() -> None:
"""Run migrations in 'online' mode."""
asyncio.run(run_async_migrations())
if context.is_offline_mode():

12
alembic/script.py.mako
View File

@ -5,22 +5,22 @@ Revises: ${down_revision | comma,n}
Create Date: ${create_date}
"""
from typing import Sequence, Union
from alembic import op
import sqlalchemy as sa
${imports if imports else ""}
# revision identifiers, used by Alembic.
revision: str = ${repr(up_revision)}
down_revision: Union[str, None] = ${repr(down_revision)}
branch_labels: Union[str, Sequence[str], None] = ${repr(branch_labels)}
depends_on: Union[str, Sequence[str], None] = ${repr(depends_on)}
revision = ${repr(up_revision)}
down_revision = ${repr(down_revision)}
branch_labels = ${repr(branch_labels)}
depends_on = ${repr(depends_on)}
def upgrade() -> None:
"""Upgrade database schema."""
${upgrades if upgrades else "pass"}
def downgrade() -> None:
"""Downgrade database schema."""
${downgrades if downgrades else "pass"}

382
alembic/versions/001_initial_tables.py Normal file
View File

@ -0,0 +1,382 @@
"""Initial database tables
Revision ID: 001
Revises:
Create Date: 2025-01-02 16:51:00.000000
"""
from alembic import op
import sqlalchemy as sa
from sqlalchemy.dialects import postgresql
# revision identifiers, used by Alembic.
revision = '001'
down_revision = None
branch_labels = None
depends_on = None
def upgrade() -> None:
"""Create initial database tables."""
# Create users table
op.create_table(
'users',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('username', sa.String(50), nullable=False, unique=True),
sa.Column('email', sa.String(255), nullable=False, unique=True),
sa.Column('password_hash', sa.String(255), nullable=False),
sa.Column('first_name', sa.String(100)),
sa.Column('last_name', sa.String(100)),
sa.Column('is_active', sa.Boolean(), default=True, nullable=False),
sa.Column('is_verified', sa.Boolean(), default=False, nullable=False),
sa.Column('is_superuser', sa.Boolean(), default=False, nullable=False),
sa.Column('avatar_url', sa.String(500)),
sa.Column('bio', sa.Text()),
sa.Column('last_login_at', sa.DateTime(timezone=True)),
sa.Column('login_count', sa.Integer(), default=0),
sa.Column('settings', postgresql.JSONB()),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for users
op.create_index('ix_users_username', 'users', ['username'])
op.create_index('ix_users_email', 'users', ['email'])
op.create_index('ix_users_created_at', 'users', ['created_at'])
op.create_index('ix_users_is_active', 'users', ['is_active'])
# Create API keys table
op.create_table(
'api_keys',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('user_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('users.id', ondelete='CASCADE'), nullable=False),
sa.Column('name', sa.String(100), nullable=False),
sa.Column('key_hash', sa.String(255), nullable=False, unique=True),
sa.Column('key_prefix', sa.String(20), nullable=False),
sa.Column('permissions', postgresql.JSONB(), default={}),
sa.Column('is_active', sa.Boolean(), default=True, nullable=False),
sa.Column('expires_at', sa.DateTime(timezone=True)),
sa.Column('last_used_at', sa.DateTime(timezone=True)),
sa.Column('usage_count', sa.Integer(), default=0),
sa.Column('rate_limit', sa.Integer(), default=1000),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for API keys
op.create_index('ix_api_keys_user_id', 'api_keys', ['user_id'])
op.create_index('ix_api_keys_key_hash', 'api_keys', ['key_hash'])
op.create_index('ix_api_keys_is_active', 'api_keys', ['is_active'])
# Create user sessions table
op.create_table(
'user_sessions',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('user_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('users.id', ondelete='CASCADE'), nullable=False),
sa.Column('session_token', sa.String(255), nullable=False, unique=True),
sa.Column('refresh_token', sa.String(255), nullable=False, unique=True),
sa.Column('user_agent', sa.String(500)),
sa.Column('ip_address', sa.String(45)),
sa.Column('is_active', sa.Boolean(), default=True, nullable=False),
sa.Column('expires_at', sa.DateTime(timezone=True), nullable=False),
sa.Column('last_activity_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for user sessions
op.create_index('ix_user_sessions_user_id', 'user_sessions', ['user_id'])
op.create_index('ix_user_sessions_session_token', 'user_sessions', ['session_token'])
op.create_index('ix_user_sessions_is_active', 'user_sessions', ['is_active'])
op.create_index('ix_user_sessions_expires_at', 'user_sessions', ['expires_at'])
# Create content table
op.create_table(
'content',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('user_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('users.id', ondelete='CASCADE'), nullable=False),
sa.Column('title', sa.String(255), nullable=False),
sa.Column('description', sa.Text()),
sa.Column('content_type', sa.String(50), nullable=False),
sa.Column('file_path', sa.String(500)),
sa.Column('file_size', sa.BigInteger()),
sa.Column('file_hash', sa.String(64)),
sa.Column('mime_type', sa.String(100)),
sa.Column('is_public', sa.Boolean(), default=False, nullable=False),
sa.Column('is_featured', sa.Boolean(), default=False, nullable=False),
sa.Column('view_count', sa.Integer(), default=0),
sa.Column('download_count', sa.Integer(), default=0),
sa.Column('like_count', sa.Integer(), default=0),
sa.Column('metadata', postgresql.JSONB()),
sa.Column('tags', postgresql.ARRAY(sa.String(50))),
sa.Column('thumbnail_url', sa.String(500)),
sa.Column('preview_url', sa.String(500)),
sa.Column('status', sa.String(20), default='draft', nullable=False),
sa.Column('published_at', sa.DateTime(timezone=True)),
sa.Column('expires_at', sa.DateTime(timezone=True)),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for content
op.create_index('ix_content_user_id', 'content', ['user_id'])
op.create_index('ix_content_content_type', 'content', ['content_type'])
op.create_index('ix_content_is_public', 'content', ['is_public'])
op.create_index('ix_content_status', 'content', ['status'])
op.create_index('ix_content_created_at', 'content', ['created_at'])
op.create_index('ix_content_published_at', 'content', ['published_at'])
op.create_index('ix_content_file_hash', 'content', ['file_hash'])
op.create_index('ix_content_tags', 'content', ['tags'], postgresql_using='gin')
# Create content versions table
op.create_table(
'content_versions',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('content_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('content.id', ondelete='CASCADE'), nullable=False),
sa.Column('version_number', sa.Integer(), nullable=False),
sa.Column('title', sa.String(255), nullable=False),
sa.Column('description', sa.Text()),
sa.Column('file_path', sa.String(500)),
sa.Column('file_size', sa.BigInteger()),
sa.Column('file_hash', sa.String(64)),
sa.Column('metadata', postgresql.JSONB()),
sa.Column('change_summary', sa.Text()),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for content versions
op.create_index('ix_content_versions_content_id', 'content_versions', ['content_id'])
op.create_index('ix_content_versions_version_number', 'content_versions', ['version_number'])
op.create_index('ix_content_versions_created_at', 'content_versions', ['created_at'])
# Create file uploads table
op.create_table(
'file_uploads',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('user_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('users.id', ondelete='CASCADE'), nullable=False),
sa.Column('filename', sa.String(255), nullable=False),
sa.Column('original_filename', sa.String(255), nullable=False),
sa.Column('file_path', sa.String(500)),
sa.Column('file_size', sa.BigInteger(), nullable=False),
sa.Column('file_hash', sa.String(64)),
sa.Column('mime_type', sa.String(100)),
sa.Column('chunk_size', sa.Integer()),
sa.Column('total_chunks', sa.Integer()),
sa.Column('uploaded_chunks', sa.Integer(), default=0),
sa.Column('upload_session_id', sa.String(100)),
sa.Column('status', sa.String(20), default='pending', nullable=False),
sa.Column('processed', sa.Boolean(), default=False, nullable=False),
sa.Column('processing_started_at', sa.DateTime(timezone=True)),
sa.Column('processing_completed_at', sa.DateTime(timezone=True)),
sa.Column('error_message', sa.Text()),
sa.Column('retry_count', sa.Integer(), default=0),
sa.Column('metadata', postgresql.JSONB()),
sa.Column('expires_at', sa.DateTime(timezone=True)),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for file uploads
op.create_index('ix_file_uploads_user_id', 'file_uploads', ['user_id'])
op.create_index('ix_file_uploads_status', 'file_uploads', ['status'])
op.create_index('ix_file_uploads_processed', 'file_uploads', ['processed'])
op.create_index('ix_file_uploads_upload_session_id', 'file_uploads', ['upload_session_id'])
op.create_index('ix_file_uploads_file_hash', 'file_uploads', ['file_hash'])
op.create_index('ix_file_uploads_expires_at', 'file_uploads', ['expires_at'])
# Create user subscriptions table
op.create_table(
'user_subscriptions',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('user_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('users.id', ondelete='CASCADE'), nullable=False),
sa.Column('plan_name', sa.String(50), nullable=False),
sa.Column('status', sa.String(20), default='active', nullable=False),
sa.Column('storage_limit', sa.BigInteger(), nullable=False),
sa.Column('bandwidth_limit', sa.BigInteger(), nullable=False),
sa.Column('file_count_limit', sa.Integer(), nullable=False),
sa.Column('features', postgresql.JSONB()),
sa.Column('price', sa.Numeric(10, 2)),
sa.Column('currency', sa.String(3), default='USD'),
sa.Column('billing_cycle', sa.String(20), default='monthly'),
sa.Column('starts_at', sa.DateTime(timezone=True), nullable=False),
sa.Column('expires_at', sa.DateTime(timezone=True)),
sa.Column('auto_renew', sa.Boolean(), default=True, nullable=False),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for user subscriptions
op.create_index('ix_user_subscriptions_user_id', 'user_subscriptions', ['user_id'])
op.create_index('ix_user_subscriptions_status', 'user_subscriptions', ['status'])
op.create_index('ix_user_subscriptions_expires_at', 'user_subscriptions', ['expires_at'])
# Create wallets table
op.create_table(
'wallets',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('user_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('users.id', ondelete='CASCADE'), nullable=False),
sa.Column('address', sa.String(100), nullable=False, unique=True),
sa.Column('network', sa.String(20), default='mainnet', nullable=False),
sa.Column('wallet_type', sa.String(20), default='ton', nullable=False),
sa.Column('balance', sa.Numeric(20, 8), default=0),
sa.Column('public_key', sa.String(200)),
sa.Column('encrypted_private_key', sa.Text()),
sa.Column('derivation_path', sa.String(100)),
sa.Column('is_active', sa.Boolean(), default=True, nullable=False),
sa.Column('is_primary', sa.Boolean(), default=False, nullable=False),
sa.Column('last_sync_at', sa.DateTime(timezone=True)),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for wallets
op.create_index('ix_wallets_user_id', 'wallets', ['user_id'])
op.create_index('ix_wallets_address', 'wallets', ['address'])
op.create_index('ix_wallets_network', 'wallets', ['network'])
op.create_index('ix_wallets_is_active', 'wallets', ['is_active'])
# Create transactions table
op.create_table(
'transactions',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('wallet_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('wallets.id', ondelete='CASCADE'), nullable=False),
sa.Column('tx_hash', sa.String(100), unique=True),
sa.Column('from_address', sa.String(100), nullable=False),
sa.Column('to_address', sa.String(100), nullable=False),
sa.Column('amount', sa.Numeric(20, 8), nullable=False),
sa.Column('fee', sa.Numeric(20, 8)),
sa.Column('gas_limit', sa.BigInteger()),
sa.Column('gas_used', sa.BigInteger()),
sa.Column('gas_price', sa.Numeric(20, 8)),
sa.Column('nonce', sa.BigInteger()),
sa.Column('block_number', sa.BigInteger()),
sa.Column('block_hash', sa.String(100)),
sa.Column('transaction_index', sa.Integer()),
sa.Column('status', sa.String(20), default='pending', nullable=False),
sa.Column('transaction_type', sa.String(20), default='transfer', nullable=False),
sa.Column('confirmations', sa.Integer(), default=0),
sa.Column('metadata', postgresql.JSONB()),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for transactions
op.create_index('ix_transactions_wallet_id', 'transactions', ['wallet_id'])
op.create_index('ix_transactions_tx_hash', 'transactions', ['tx_hash'])
op.create_index('ix_transactions_from_address', 'transactions', ['from_address'])
op.create_index('ix_transactions_to_address', 'transactions', ['to_address'])
op.create_index('ix_transactions_status', 'transactions', ['status'])
op.create_index('ix_transactions_created_at', 'transactions', ['created_at'])
op.create_index('ix_transactions_block_number', 'transactions', ['block_number'])
# Create blockchain NFTs table
op.create_table(
'blockchain_nfts',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('wallet_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('wallets.id', ondelete='CASCADE'), nullable=False),
sa.Column('token_id', sa.String(100), nullable=False),
sa.Column('collection_address', sa.String(100), nullable=False),
sa.Column('owner_address', sa.String(100), nullable=False),
sa.Column('token_uri', sa.String(500)),
sa.Column('metadata', postgresql.JSONB()),
sa.Column('name', sa.String(255)),
sa.Column('description', sa.Text()),
sa.Column('image_url', sa.String(500)),
sa.Column('attributes', postgresql.JSONB()),
sa.Column('rarity_score', sa.Numeric(10, 4)),
sa.Column('last_price', sa.Numeric(20, 8)),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create unique constraint for NFTs
op.create_unique_constraint('uq_blockchain_nfts_token_collection', 'blockchain_nfts', ['token_id', 'collection_address'])
# Create indexes for blockchain NFTs
op.create_index('ix_blockchain_nfts_wallet_id', 'blockchain_nfts', ['wallet_id'])
op.create_index('ix_blockchain_nfts_collection_address', 'blockchain_nfts', ['collection_address'])
op.create_index('ix_blockchain_nfts_owner_address', 'blockchain_nfts', ['owner_address'])
# Create blockchain token balances table
op.create_table(
'blockchain_token_balances',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('wallet_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('wallets.id', ondelete='CASCADE'), nullable=False),
sa.Column('token_address', sa.String(100), nullable=False),
sa.Column('token_name', sa.String(100)),
sa.Column('token_symbol', sa.String(20)),
sa.Column('balance', sa.Numeric(30, 18), default=0, nullable=False),
sa.Column('decimals', sa.Integer(), default=18),
sa.Column('usd_value', sa.Numeric(20, 8)),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create unique constraint for token balances
op.create_unique_constraint('uq_token_balances_wallet_token', 'blockchain_token_balances', ['wallet_id', 'token_address'])
# Create indexes for token balances
op.create_index('ix_blockchain_token_balances_wallet_id', 'blockchain_token_balances', ['wallet_id'])
op.create_index('ix_blockchain_token_balances_token_address', 'blockchain_token_balances', ['token_address'])
# Create blockchain DeFi positions table
op.create_table(
'blockchain_defi_positions',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('wallet_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('wallets.id', ondelete='CASCADE'), nullable=False),
sa.Column('protocol_name', sa.String(100), nullable=False),
sa.Column('position_type', sa.String(50), nullable=False),
sa.Column('pool_address', sa.String(100)),
sa.Column('token_symbols', postgresql.ARRAY(sa.String(20))),
sa.Column('balance', sa.Numeric(30, 18), default=0),
sa.Column('usd_value', sa.Numeric(20, 8)),
sa.Column('yield_rate', sa.Numeric(10, 4)),
sa.Column('metadata', postgresql.JSONB()),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for DeFi positions
op.create_index('ix_blockchain_defi_positions_wallet_id', 'blockchain_defi_positions', ['wallet_id'])
op.create_index('ix_blockchain_defi_positions_protocol_name', 'blockchain_defi_positions', ['protocol_name'])
# Create blockchain staking table
op.create_table(
'blockchain_staking',
sa.Column('id', postgresql.UUID(as_uuid=True), primary_key=True),
sa.Column('wallet_id', postgresql.UUID(as_uuid=True), sa.ForeignKey('wallets.id', ondelete='CASCADE'), nullable=False),
sa.Column('validator_address', sa.String(100), nullable=False),
sa.Column('staked_amount', sa.Numeric(20, 8), nullable=False),
sa.Column('rewards_earned', sa.Numeric(20, 8), default=0),
sa.Column('status', sa.String(20), default='active', nullable=False),
sa.Column('delegation_time', sa.DateTime(timezone=True), nullable=False),
sa.Column('unlock_time', sa.DateTime(timezone=True)),
sa.Column('apy', sa.Numeric(10, 4)),
sa.Column('metadata', postgresql.JSONB()),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
)
# Create indexes for staking
op.create_index('ix_blockchain_staking_wallet_id', 'blockchain_staking', ['wallet_id'])
op.create_index('ix_blockchain_staking_validator_address', 'blockchain_staking', ['validator_address'])
op.create_index('ix_blockchain_staking_status', 'blockchain_staking', ['status'])
def downgrade() -> None:
"""Drop all database tables."""
# Drop tables in reverse order to avoid foreign key constraints
op.drop_table('blockchain_staking')
op.drop_table('blockchain_defi_positions')
op.drop_table('blockchain_token_balances')
op.drop_table('blockchain_nfts')
op.drop_table('transactions')
op.drop_table('wallets')
op.drop_table('user_subscriptions')
op.drop_table('file_uploads')
op.drop_table('content_versions')
op.drop_table('content')
op.drop_table('user_sessions')
op.drop_table('api_keys')
op.drop_table('users')

8
app/__init__.py Normal file
View File

@ -0,0 +1,8 @@
"""
MY Uploader Bot - Distributed Content Protocol
Main application package
"""
__version__ = "2.0.0"
__author__ = "MY Network Team"
__description__ = "Distributed Content Protocol v2.0"

157
app/__main__.py
View File

@ -1,135 +1,30 @@
import asyncio
#!/usr/bin/env python3
"""
MY Network App Entry Point
Точка входа для запуска через python -m app
"""
import sys
import os
import time
import traceback
from asyncio import sleep
from datetime import datetime
from pathlib import Path
startup_target = '__main__'
# Добавить корневую директорию в путь
root_dir = Path(__file__).parent.parent
sys.path.insert(0, str(root_dir))
# Импортировать и запустить main из start_my_network.py
try:
startup_target = sys.argv[1]
except BaseException:
pass
from app.core._utils.create_maria_tables import create_maria_tables
from app.core.storage import engine
if startup_target == '__main__':
create_maria_tables(engine)
else:
time.sleep(7)
from app.api import app
from app.bot import dp as uploader_bot_dp
from app.client_bot import dp as client_bot_dp
from app.core._config import SANIC_PORT, MYSQL_URI, PROJECT_HOST
from app.core.logger import make_log
if int(os.getenv("SANIC_MAINTENANCE", '0')) == 1:
make_log("Global", "Application is in maintenance mode")
while True:
time.sleep(1)
from app.core.models import Memory
async def queue_daemon(app):
await sleep(3)
while True:
delayed_list = {k: v for k, v in app.ctx.memory._delayed_queue.items()}
for _execute_ts in delayed_list:
if _execute_ts <= datetime.now().timestamp():
del app.ctx.memory._delayed_queue[_execute_ts]
app.ctx.memory._execute_queue.append(delayed_list[_execute_ts])
await sleep(.7)
async def execute_queue(app):
telegram_bot_username = (await app.ctx.memory._telegram_bot.get_me()).username
client_telegram_bot_username = (await app.ctx.memory._client_telegram_bot.get_me()).username
make_log(None, f"Application normally started. HTTP port: {SANIC_PORT}")
make_log(None, f"Telegram bot: https://t.me/{telegram_bot_username}")
make_log(None, f"Client Telegram bot: https://t.me/{client_telegram_bot_username}")
make_log(None, f"MariaDB host: {MYSQL_URI.split('@')[1].split('/')[0].replace('/', '')}")
make_log(None, f"API host: {PROJECT_HOST}")
while True:
try:
_cmd = app.ctx.memory._execute_queue.pop(0)
except IndexError:
await sleep(.05)
continue
_fn = _cmd.pop(0)
assert _fn
_args = _cmd.pop(0)
assert type(_args) is tuple
try:
_kwargs = _cmd.pop(0)
assert type(_kwargs) is dict
except IndexError:
_kwargs = {}
try:
make_log("Queue.execute", f"{_fn} {_args} {_kwargs}", level='debug')
await _fn(*_args, **_kwargs)
except BaseException as e:
make_log("Queue.execute", f"{_fn} {_args} {_kwargs} => Error: {e}" + '\n' + str(traceback.format_exc()))
if __name__ == '__main__':
main_memory = Memory()
if startup_target == '__main__':
app.ctx.memory = main_memory
for _target in [uploader_bot_dp, client_bot_dp]:
_target._s_memory = app.ctx.memory
app.ctx.memory._app = app
app.add_task(execute_queue(app))
app.add_task(queue_daemon(app))
app.add_task(uploader_bot_dp.start_polling(app.ctx.memory._telegram_bot))
app.add_task(client_bot_dp.start_polling(app.ctx.memory._client_telegram_bot))
app.run(host='0.0.0.0', port=SANIC_PORT)
else:
time.sleep(2)
startup_fn = None
if startup_target == 'indexer':
from app.core.background.indexer_service import main_fn as target_fn
time.sleep(1)
elif startup_target == 'uploader':
from app.core.background.uploader_service import main_fn as target_fn
time.sleep(3)
elif startup_target == 'ton_daemon':
from app.core.background.ton_service import main_fn as target_fn
time.sleep(5)
elif startup_target == 'license_index':
from app.core.background.license_service import main_fn as target_fn
time.sleep(7)
elif startup_target == 'convert_process':
from app.core.background.convert_service import main_fn as target_fn
time.sleep(9)
startup_fn = startup_fn or target_fn
assert startup_fn
async def wrapped_startup_fn(*args):
try:
await startup_fn(*args)
except BaseException as e:
make_log(startup_target[0].upper() + startup_target[1:], f"Error: {e}" + '\n' + str(traceback.format_exc()),
level='error')
sys.exit(1)
loop = asyncio.get_event_loop()
try:
loop.run_until_complete(wrapped_startup_fn(main_memory))
except BaseException as e:
make_log(startup_target[0].upper() + startup_target[1:], f"Error: {e}" + '\n' + str(traceback.format_exc()),
level='error')
sys.exit(0)
finally:
loop.close()
from start_my_network import main
if __name__ == "__main__":
print("🚀 Starting MY Network via app.__main__.py")
main()
except ImportError as e:
print(f"❌ Error importing start_my_network: {e}")
print("📂 Current working directory:", os.getcwd())
print("🐍 Python path:", sys.path)
sys.exit(1)
except Exception as e:
print(f"❌ Fatal error: {e}")
sys.exit(1)

80
app/api/__init__.py
View File

@ -1,80 +0,0 @@
import traceback
from sanic import Sanic, response
from app.core.logger import make_log
app = Sanic(__name__)
from app.api.middleware import attach_user_to_request, close_db_session, close_request_handler
app.register_middleware(attach_user_to_request, "request")
app.register_middleware(close_db_session, "response")
from app.api.routes._index import s_index, s_favicon
from app.api.routes._system import s_api_v1_node, s_api_system_version, s_api_system_send_status, s_api_v1_node_friendly
from app.api.routes.auth import s_api_v1_auth_twa, s_api_v1_auth_select_wallet, s_api_v1_auth_me
from app.api.routes.statics import s_api_tonconnect_manifest, s_api_platform_metadata
from app.api.routes.node_storage import s_api_v1_storage_post, s_api_v1_storage_get, \
s_api_v1_storage_decode_cid
from app.api.routes.progressive_storage import s_api_v1_5_storage_get, s_api_v1_5_storage_post
from app.api.routes.account import s_api_v1_account_get
from app.api.routes._blockchain import s_api_v1_blockchain_send_new_content_message, \
s_api_v1_blockchain_send_purchase_content_message
from app.api.routes.content import s_api_v1_content_list, s_api_v1_content_view, s_api_v1_content_friendly_list, s_api_v1_5_content_list
from app.api.routes.tonconnect import s_api_v1_tonconnect_new, s_api_v1_tonconnect_logout
app.add_route(s_index, "/", methods=["GET", "OPTIONS"])
app.add_route(s_favicon, "/favicon.ico", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_node, "/api/v1/node", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_node_friendly, "/api/v1/nodeFriendly", methods=["GET", "OPTIONS"])
app.add_route(s_api_system_version, "/api/system.version", methods=["GET", "OPTIONS"])
app.add_route(s_api_system_send_status, "/api/system.sendStatus", methods=["POST", "OPTIONS"])
app.add_route(s_api_tonconnect_manifest, "/api/tonconnect-manifest.json", methods=["GET", "OPTIONS"])
app.add_route(s_api_platform_metadata, "/api/platform-metadata.json", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_auth_twa, "/api/v1/auth.twa", methods=["POST", "OPTIONS"])
app.add_route(s_api_v1_auth_me, "/api/v1/auth.me", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_auth_select_wallet, "/api/v1/auth.selectWallet", methods=["POST", "OPTIONS"])
app.add_route(s_api_v1_tonconnect_new, "/api/v1/tonconnect.new", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_tonconnect_logout, "/api/v1/tonconnect.logout", methods=["POST", "OPTIONS"])
app.add_route(s_api_v1_5_storage_post, "/api/v1.5/storage", methods=["POST", "OPTIONS"])
app.add_route(s_api_v1_5_storage_get, "/api/v1.5/storage/<file_hash>", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_storage_post, "/api/v1/storage", methods=["POST", "OPTIONS"])
app.add_route(s_api_v1_storage_get, "/api/v1/storage/<file_hash>", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_storage_decode_cid, "/api/v1/storage.decodeContentId/<content_id>", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_account_get, "/api/v1/account", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_blockchain_send_new_content_message, "/api/v1/blockchain.sendNewContentMessage", methods=["POST", "OPTIONS"])
app.add_route(s_api_v1_blockchain_send_purchase_content_message, "/api/v1/blockchain.sendPurchaseContentMessage", methods=["POST", "OPTIONS"])
app.add_route(s_api_v1_content_list, "/api/v1/content.list", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_content_view, "/api/v1/content.view/<content_address>", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_content_friendly_list, "/api/v1/content.friendlyList", methods=["GET", "OPTIONS"])
app.add_route(s_api_v1_5_content_list, "/api/v1.5/content.list", methods=["GET", "OPTIONS"])
@app.exception(BaseException)
async def s_handle_exception(request, exception):
response_buffer = response.json({"error": "An internal server error occurred"}, status=500)
try:
raise exception
except AssertionError as e:
response_buffer = response.json({"error": str(e)}, status=400)
except BaseException as e:
make_log("sanic_exception", f"Exception: {e}" + '\n' + str(traceback.format_exc()), level='error')
response_buffer = await close_db_session(request, response_buffer)
response_buffer.headers["Access-Control-Allow-Origin"] = "*"
response_buffer.headers["Access-Control-Allow-Methods"] = "GET, POST, OPTIONS"
response_buffer.headers["Access-Control-Allow-Headers"] = "Origin, Content-Type, Accept, Authorization, Referer, User-Agent, Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site"
response_buffer.headers["Access-Control-Allow-Credentials"] = "true"
return response_buffer

35
app/api/__main__.py Normal file
View File

@ -0,0 +1,35 @@
#!/usr/bin/env python3
"""
MY Network API Server Entry Point
"""
import asyncio
import uvloop
from app.api import app, logger
from app.core.config import settings
def main():
"""Start MY Network API server"""
try:
# Use uvloop for better async performance
uvloop.install()
logger.info("Starting MY Network API Server...")
# Start server in single process mode to avoid worker conflicts
app.run(
host="0.0.0.0",
port=settings.SANIC_PORT,
debug=settings.DEBUG,
auto_reload=False,
single_process=True
)
except KeyboardInterrupt:
logger.info("Server stopped by user")
except Exception as e:
logger.error(f"Server startup failed: {e}")
raise
if __name__ == "__main__":
main()

416
app/api/docs.py Normal file
View File

@ -0,0 +1,416 @@
"""OpenAPI documentation configuration for my-uploader-bot API."""
from typing import Dict, Any
# API metadata
API_TITLE = "My Uploader Bot API"
API_VERSION = "2.0.0"
API_DESCRIPTION = """
# My Uploader Bot API
A comprehensive file upload and management system with blockchain integration.
## Features
- **File Upload & Management**: Chunked uploads, multiple storage backends, file processing
- **User Authentication**: JWT tokens, API keys, sessions management
- **Blockchain Integration**: TON blockchain wallet management, transactions
- **Content Management**: Version control, metadata, search functionality
- **Security**: Rate limiting, CORS, input validation, file encryption
- **Monitoring**: Prometheus metrics, structured logging, health checks
## Authentication
The API supports multiple authentication methods:
1. **JWT Bearer Token**: Use `Authorization: Bearer <token>` header
2. **API Key**: Use `X-API-Key: <api_key>` header
3. **Session Cookie**: Browser-based authentication
## Rate Limiting
API endpoints are rate-limited based on user tier:
- Free tier: 100 requests per hour
- Premium tier: 1000 requests per hour
- Enterprise tier: 10000 requests per hour
## File Upload Process
1. **Initiate Upload**: POST `/api/v1/storage/upload/initiate` with file metadata
2. **Upload Chunks**: POST `/api/v1/storage/upload/chunk` for each chunk
3. **Complete Upload**: POST `/api/v1/storage/upload/complete` to finalize
4. **Processing**: File is automatically processed in the background
## Error Handling
All errors follow RFC 7807 Problem Details format:
```json
{
"type": "https://api.myuploader.com/errors/validation",
"title": "Validation Error",
"status": 422,
"detail": "The request body contains invalid data",
"instance": "/api/v1/content/upload",
"errors": [
{
"field": "file_size",
"message": "File size exceeds maximum limit"
}
]
}
```
## Webhook Events
The API can send webhook notifications for:
- File upload completion
- Processing status updates
- Blockchain transaction confirmations
- User subscription changes
## SDKs and Examples
- Python SDK: `pip install myuploader-python`
- JavaScript SDK: `npm install @myuploader/js-sdk`
- Examples: https://github.com/myuploader/examples
## Support
- Documentation: https://docs.myuploader.com
- Support: support@myuploader.com
- Status: https://status.myuploader.com
"""
# OpenAPI tags
TAGS_METADATA = [
{
"name": "Authentication",
"description": "User authentication and session management endpoints",
},
{
"name": "Users",
"description": "User profile and account management",
},
{
"name": "Content",
"description": "Content management, search, and metadata operations",
},
{
"name": "Storage",
"description": "File upload, download, and storage operations",
},
{
"name": "Blockchain",
"description": "TON blockchain wallet and transaction management",
},
{
"name": "System",
"description": "System health, metrics, and administrative endpoints",
},
]
# Response examples
RESPONSE_EXAMPLES = {
"user_profile": {
"summary": "User profile example",
"value": {
"id": "123e4567-e89b-12d3-a456-426614174000",
"username": "john_doe",
"email": "john@example.com",
"first_name": "John",
"last_name": "Doe",
"is_active": True,
"is_verified": True,
"avatar_url": "https://cdn.myuploader.com/avatars/john_doe.jpg",
"bio": "Software developer and blockchain enthusiast",
"created_at": "2024-01-01T00:00:00Z",
"updated_at": "2024-01-01T00:00:00Z"
}
},
"content_item": {
"summary": "Content item example",
"value": {
"id": "123e4567-e89b-12d3-a456-426614174001",
"title": "My Awesome Video",
"description": "A great video about blockchain development",
"content_type": "video",
"file_path": "uploads/user123/video_2024_01_01.mp4",
"file_size": 104857600,
"mime_type": "video/mp4",
"is_public": True,
"view_count": 1250,
"download_count": 95,
"like_count": 42,
"tags": ["blockchain", "tutorial", "development"],
"thumbnail_url": "https://cdn.myuploader.com/thumbnails/video_thumb.jpg",
"status": "published",
"created_at": "2024-01-01T00:00:00Z",
"updated_at": "2024-01-01T00:00:00Z"
}
},
"upload_session": {
"summary": "Upload session example",
"value": {
"session_id": "upload_123e4567-e89b-12d3-a456-426614174002",
"filename": "large_video.mp4",
"file_size": 1073741824,
"chunk_size": 1048576,
"total_chunks": 1024,
"uploaded_chunks": 512,
"status": "uploading",
"progress": 50.0,
"expires_at": "2024-01-01T01:00:00Z",
"upload_urls": [
"https://api.myuploader.com/api/v1/storage/upload/chunk"
]
}
},
"wallet_info": {
"summary": "Wallet information example",
"value": {
"id": "123e4567-e89b-12d3-a456-426614174003",
"address": "EQD6M8aVGx1fF6Z5q5q5q5q5q5q5q5q5q5q5q5q5q5q5q5q5q",
"network": "mainnet",
"balance": "10.50000000",
"is_active": True,
"is_primary": True,
"created_at": "2024-01-01T00:00:00Z",
"transactions": [
{
"tx_hash": "abc123def456ghi789jkl012mno345pqr678stu901vwx234yz",
"amount": "5.00000000",
"status": "confirmed",
"created_at": "2024-01-01T00:30:00Z"
}
]
}
},
"error_validation": {
"summary": "Validation error example",
"value": {
"type": "https://api.myuploader.com/errors/validation",
"title": "Validation Error",
"status": 422,
"detail": "The request contains invalid data",
"instance": "/api/v1/content/upload",
"errors": [
{
"field": "file_size",
"message": "File size must be less than 100MB"
},
{
"field": "content_type",
"message": "Content type is required"
}
]
}
},
"error_auth": {
"summary": "Authentication error example",
"value": {
"type": "https://api.myuploader.com/errors/authentication",
"title": "Authentication Required",
"status": 401,
"detail": "Valid authentication credentials are required",
"instance": "/api/v1/content/private"
}
},
"error_forbidden": {
"summary": "Permission error example",
"value": {
"type": "https://api.myuploader.com/errors/forbidden",
"title": "Insufficient Permissions",
"status": 403,
"detail": "You don't have permission to access this resource",
"instance": "/api/v1/admin/users"
}
},
"error_not_found": {
"summary": "Not found error example",
"value": {
"type": "https://api.myuploader.com/errors/not-found",
"title": "Resource Not Found",
"status": 404,
"detail": "The requested resource was not found",
"instance": "/api/v1/content/nonexistent-id"
}
},
"error_rate_limit": {
"summary": "Rate limit error example",
"value": {
"type": "https://api.myuploader.com/errors/rate-limit",
"title": "Rate Limit Exceeded",
"status": 429,
"detail": "Too many requests. Please try again later",
"instance": "/api/v1/content/search",
"retry_after": 60
}
}
}
# Security schemes
SECURITY_SCHEMES = {
"BearerAuth": {
"type": "http",
"scheme": "bearer",
"bearerFormat": "JWT",
"description": "JWT token authentication. Get token from /api/v1/auth/login"
},
"ApiKeyAuth": {
"type": "apiKey",
"in": "header",
"name": "X-API-Key",
"description": "API key authentication. Get API key from user dashboard"
},
"CookieAuth": {
"type": "apiKey",
"in": "cookie",
"name": "session",
"description": "Session cookie authentication"
}
}
# OpenAPI configuration
def get_openapi_config() -> Dict[str, Any]:
"""Get OpenAPI configuration."""
return {
"title": API_TITLE,
"version": API_VERSION,
"description": API_DESCRIPTION,
"terms_of_service": "https://myuploader.com/terms",
"contact": {
"name": "My Uploader Bot Support",
"url": "https://myuploader.com/support",
"email": "support@myuploader.com"
},
"license": {
"name": "MIT License",
"url": "https://opensource.org/licenses/MIT"
},
"servers": [
{
"url": "https://api.myuploader.com",
"description": "Production server"
},
{
"url": "https://staging-api.myuploader.com",
"description": "Staging server"
},
{
"url": "http://localhost:8000",
"description": "Development server"
}
],
"tags": TAGS_METADATA,
"components": {
"securitySchemes": SECURITY_SCHEMES,
"examples": RESPONSE_EXAMPLES,
"responses": {
"ValidationError": {
"description": "Validation error response",
"content": {
"application/json": {
"example": RESPONSE_EXAMPLES["error_validation"]["value"]
}
}
},
"AuthError": {
"description": "Authentication error response",
"content": {
"application/json": {
"example": RESPONSE_EXAMPLES["error_auth"]["value"]
}
}
},
"ForbiddenError": {
"description": "Permission error response",
"content": {
"application/json": {
"example": RESPONSE_EXAMPLES["error_forbidden"]["value"]
}
}
},
"NotFoundError": {
"description": "Not found error response",
"content": {
"application/json": {
"example": RESPONSE_EXAMPLES["error_not_found"]["value"]
}
}
},
"RateLimitError": {
"description": "Rate limit error response",
"content": {
"application/json": {
"example": RESPONSE_EXAMPLES["error_rate_limit"]["value"]
}
}
}
}
},
"security": [
{"BearerAuth": []},
{"ApiKeyAuth": []},
{"CookieAuth": []}
]
}
# Custom OpenAPI schema
CUSTOM_OPENAPI_SCHEMA = {
"x-logo": {
"url": "https://myuploader.com/logo.png",
"altText": "My Uploader Bot Logo"
},
"x-code-samples": [
{
"lang": "Python",
"source": """
import requests
# Upload a file
response = requests.post(
'https://api.myuploader.com/api/v1/storage/upload/initiate',
headers={'Authorization': 'Bearer <your_token>'},
json={
'filename': 'example.jpg',
'file_size': 1024000,
'content_type': 'image'
}
)
"""
},
{
"lang": "JavaScript",
"source": """
// Upload a file
const response = await fetch('https://api.myuploader.com/api/v1/storage/upload/initiate', {
method: 'POST',
headers: {
'Authorization': 'Bearer <your_token>',
'Content-Type': 'application/json'
},
body: JSON.stringify({
filename: 'example.jpg',
file_size: 1024000,
content_type: 'image'
})
});
"""
},
{
"lang": "cURL",
"source": """
curl -X POST https://api.myuploader.com/api/v1/storage/upload/initiate \\
-H "Authorization: Bearer <your_token>" \\
-H "Content-Type: application/json" \\
-d '{
"filename": "example.jpg",
"file_size": 1024000,
"content_type": "image"
}'
"""
}
]
}

612
app/api/fastapi_auth_routes.py Normal file
View File

@ -0,0 +1,612 @@
"""
FastAPI маршруты для аутентификации с поддержкой TON Connect и Telegram WebApp
Полная совместимость с web2-client требованиями
"""
import asyncio
import json
from datetime import datetime, timedelta
from typing import Dict, List, Optional, Any
from uuid import UUID, uuid4
from fastapi import APIRouter, HTTPException, Request, Depends
from fastapi.responses import JSONResponse
from sqlalchemy import select, update, and_, or_
from sqlalchemy.orm import selectinload
from pydantic import BaseModel, Field
from app.core.config import get_settings
from app.core.database import db_manager, get_cache_manager
from app.core.logging import get_logger
from app.core.models.user import User, UserSession, UserRole
from app.core.security import (
hash_password, verify_password, generate_access_token,
verify_access_token, generate_refresh_token, generate_api_key,
sanitize_input, generate_csrf_token
)
from app.api.fastapi_middleware import get_current_user, require_auth
# Initialize router for auth endpoints
router = APIRouter(prefix="", tags=["auth"])
logger = get_logger(__name__)
settings = get_settings()
# Pydantic models для валидации
class TWAAuthRequest(BaseModel):
"""Модель для аутентификации через Telegram WebApp"""
twa_data: str
ton_proof: Optional[Dict[str, Any]] = None
class TWAAuthResponse(BaseModel):
"""Модель ответа аутентификации"""
connected_wallet: Optional[Dict[str, Any]] = None
auth_v1_token: str
class SelectWalletRequest(BaseModel):
"""Модель для выбора кошелька"""
wallet_address: str
class UserRegistrationRequest(BaseModel):
"""Модель для регистрации пользователя"""
username: str = Field(..., min_length=3, max_length=50)
email: str = Field(..., pattern=r'^[^@]+@[^@]+\.[^@]+$')
password: str = Field(..., min_length=8)
full_name: Optional[str] = Field(None, max_length=100)
class UserLoginRequest(BaseModel):
"""Модель для входа пользователя"""
username: str
password: str
remember_me: bool = False
class RefreshTokenRequest(BaseModel):
"""Модель для обновления токенов"""
refresh_token: str
@router.post("/auth.twa", response_model=TWAAuthResponse)
async def auth_twa(request: Request, auth_data: TWAAuthRequest):
"""
Аутентификация через Telegram WebApp с поддержкой TON proof
Критически важный эндпоинт для web2-client
"""
try:
client_ip = request.client.host
await logger.ainfo("TWA auth started", step="begin", twa_data_length=len(auth_data.twa_data))
# Основная аутентификация без TON proof
if not auth_data.ton_proof:
await logger.ainfo("TWA auth: no TON proof path", step="no_ton_proof")
# Валидация TWA данных
if not auth_data.twa_data:
raise HTTPException(status_code=400, detail="TWA data required")
# Здесь должна быть валидация Telegram WebApp данных
# Для демо возвращаем базовый токен
await logger.ainfo("TWA auth: calling _process_twa_data", step="processing_twa")
user_data = await _process_twa_data(auth_data.twa_data)
await logger.ainfo("TWA auth: _process_twa_data completed", step="twa_processed", user_data=user_data)
# Генерируем токен
try:
expires_minutes = int(getattr(settings, 'ACCESS_TOKEN_EXPIRE_MINUTES', 30))
expires_in_seconds = expires_minutes * 60
except (ValueError, TypeError):
expires_in_seconds = 30 * 60 # fallback to 30 minutes
auth_token = generate_access_token(
{"user_id": user_data["user_id"], "username": user_data["username"]},
expires_in=expires_in_seconds
)
await logger.ainfo(
"TWA authentication successful",
user_id=user_data["user_id"],
ip=client_ip,
has_ton_proof=False
)
return TWAAuthResponse(
connected_wallet=None,
auth_v1_token=auth_token
)
# Аутентификация с TON proof
else:
# Валидация TWA данных
user_data = await _process_twa_data(auth_data.twa_data)
# Обработка TON proof
ton_proof_data = auth_data.ton_proof
account = ton_proof_data.get("account")
proof = ton_proof_data.get("ton_proof")
if not account or not proof:
raise HTTPException(status_code=400, detail="Invalid TON proof format")
# Валидация TON proof (здесь должна быть реальная проверка)
is_valid_proof = await _validate_ton_proof(proof, account, auth_data.twa_data)
if not is_valid_proof:
raise HTTPException(status_code=400, detail="Invalid TON proof")
# Генерируем токен с подтвержденным кошельком
auth_token = generate_access_token(
{
"user_id": user_data["user_id"],
"username": user_data["username"],
"wallet_verified": True,
"wallet_address": account.get("address")
},
expires_in=settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60
)
# Формируем информацию о подключенном кошельке
connected_wallet = {
"version": account.get("chain", "unknown"),
"address": account.get("address"),
"ton_balance": "0" # Здесь должен быть запрос баланса
}
await logger.ainfo(
"TWA authentication with TON proof successful",
user_id=user_data["user_id"],
wallet_address=account.get("address"),
ip=client_ip
)
return TWAAuthResponse(
connected_wallet=connected_wallet,
auth_v1_token=auth_token
)
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"TWA authentication failed",
error=str(e),
ip=client_ip
)
raise HTTPException(status_code=500, detail="Authentication failed")
@router.post("/auth.selectWallet")
async def auth_select_wallet(
request: Request,
wallet_data: SelectWalletRequest,
current_user: User = Depends(require_auth)
):
"""
Выбор кошелька для аутентифицированного пользователя
Критически важный эндпоинт для web2-client
"""
try:
wallet_address = wallet_data.wallet_address
# Валидация адреса кошелька
if not wallet_address or len(wallet_address) < 10:
raise HTTPException(status_code=400, detail="Invalid wallet address")
# Проверка существования кошелька в сети TON
is_valid_wallet = await _validate_ton_wallet(wallet_address)
if not is_valid_wallet:
# Возвращаем 404 если кошелек не найден или невалиден
raise HTTPException(status_code=404, detail="Wallet not found or invalid")
# Обновляем информацию о кошельке пользователя
async with db_manager.get_session() as session:
user_stmt = select(User).where(User.id == current_user.id)
user_result = await session.execute(user_stmt)
user = user_result.scalar_one_or_none()
if not user:
raise HTTPException(status_code=404, detail="User not found")
# Обновляем адрес кошелька
user.wallet_address = wallet_address
user.wallet_connected_at = datetime.utcnow()
await session.commit()
await logger.ainfo(
"Wallet selected successfully",
user_id=str(current_user.id),
wallet_address=wallet_address
)
return {
"message": "Wallet selected successfully",
"wallet_address": wallet_address,
"selected_at": datetime.utcnow().isoformat()
}
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"Wallet selection failed",
user_id=str(current_user.id),
wallet_address=wallet_data.wallet_address,
error=str(e)
)
raise HTTPException(status_code=500, detail="Wallet selection failed")
@router.post("/api/v1/auth/register")
async def register_user(request: Request, user_data: UserRegistrationRequest):
"""
Регистрация нового пользователя (дополнительный эндпоинт)
"""
try:
client_ip = request.client.host
# Проверка rate limiting (через middleware)
cache_manager = await get_cache_manager()
ip_reg_key = f"registration_ip:{client_ip}"
ip_registrations = await cache_manager.get(ip_reg_key, default=0)
if ip_registrations >= 3: # Max 3 registrations per IP per day
raise HTTPException(status_code=429, detail="Too many registrations from this IP")
async with db_manager.get_session() as session:
# Check if username already exists
username_stmt = select(User).where(User.username == user_data.username)
username_result = await session.execute(username_stmt)
if username_result.scalar_one_or_none():
raise HTTPException(status_code=400, detail="Username already exists")
# Check if email already exists
email_stmt = select(User).where(User.email == user_data.email)
email_result = await session.execute(email_stmt)
if email_result.scalar_one_or_none():
raise HTTPException(status_code=400, detail="Email already registered")
# Hash password
password_hash = hash_password(user_data.password)
# Create user
new_user = User(
id=uuid4(),
username=sanitize_input(user_data.username),
email=sanitize_input(user_data.email),
password_hash=password_hash,
full_name=sanitize_input(user_data.full_name or ""),
is_active=True,
email_verified=False,
registration_ip=client_ip,
last_login_ip=client_ip,
settings={"theme": "light", "notifications": True}
)
session.add(new_user)
await session.commit()
await session.refresh(new_user)
# Update IP registration counter
await cache_manager.increment(ip_reg_key, ttl=86400)
# Generate tokens
access_token = generate_access_token(
{"user_id": str(new_user.id), "username": user_data.username},
expires_in=settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60
)
refresh_token = generate_refresh_token(new_user.id)
await logger.ainfo(
"User registered successfully",
user_id=str(new_user.id),
username=user_data.username,
email=user_data.email,
ip=client_ip
)
return {
"message": "Registration successful",
"user": {
"id": str(new_user.id),
"username": user_data.username,
"email": user_data.email,
"full_name": user_data.full_name,
"created_at": new_user.created_at.isoformat()
},
"tokens": {
"access_token": access_token,
"refresh_token": refresh_token,
"token_type": "Bearer",
"expires_in": settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60
}
}
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"User registration failed",
username=user_data.username,
email=user_data.email,
error=str(e)
)
raise HTTPException(status_code=500, detail="Registration failed")
@router.post("/api/v1/auth/login")
async def login_user(request: Request, login_data: UserLoginRequest):
"""
Вход пользователя с JWT токенами
"""
try:
client_ip = request.client.host
# Check login rate limiting
cache_manager = await get_cache_manager()
login_key = f"login_attempts:{login_data.username}:{client_ip}"
attempts = await cache_manager.get(login_key, default=0)
if attempts >= 5: # Max 5 failed attempts
raise HTTPException(status_code=429, detail="Too many login attempts")
async with db_manager.get_session() as session:
# Find user by username or email
user_stmt = select(User).where(
or_(User.username == login_data.username, User.email == login_data.username)
).options(selectinload(User.roles))
user_result = await session.execute(user_stmt)
user = user_result.scalar_one_or_none()
if not user or not verify_password(login_data.password, user.password_hash):
# Increment failed attempts
await cache_manager.increment(login_key, ttl=900) # 15 minutes
await logger.awarning(
"Failed login attempt",
username=login_data.username,
ip=client_ip,
attempts=attempts + 1
)
raise HTTPException(status_code=401, detail="Invalid credentials")
if not user.is_active:
raise HTTPException(status_code=403, detail="Account deactivated")
# Successful login - clear failed attempts
await cache_manager.delete(login_key)
# Update user login info
user.last_login_at = datetime.utcnow()
user.last_login_ip = client_ip
user.login_count = (user.login_count or 0) + 1
await session.commit()
# Generate tokens
user_permissions = []
for role in user.roles:
user_permissions.extend(role.permissions)
expires_in = settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60
if login_data.remember_me:
expires_in *= 24 # 24x longer for remember me
access_token = generate_access_token(
{
"user_id": str(user.id),
"username": user.username,
"permissions": list(set(user_permissions))
},
expires_in=expires_in
)
refresh_token = generate_refresh_token(user.id)
await logger.ainfo(
"User logged in successfully",
user_id=str(user.id),
username=user.username,
ip=client_ip,
remember_me=login_data.remember_me
)
return {
"message": "Login successful",
"user": {
"id": str(user.id),
"username": user.username,
"email": user.email,
"full_name": user.full_name,
"last_login": user.last_login_at.isoformat() if user.last_login_at else None,
"permissions": user_permissions
},
"tokens": {
"access_token": access_token,
"refresh_token": refresh_token,
"token_type": "Bearer",
"expires_in": expires_in
}
}
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"Login failed",
username=login_data.username,
error=str(e)
)
raise HTTPException(status_code=500, detail="Login failed")
@router.post("/api/v1/auth/refresh")
async def refresh_tokens(request: Request, refresh_data: RefreshTokenRequest):
"""
Обновление access токена используя refresh токен
"""
try:
# Verify refresh token
payload = verify_access_token(refresh_data.refresh_token, token_type="refresh")
if not payload:
raise HTTPException(status_code=401, detail="Invalid refresh token")
user_id = UUID(payload["user_id"])
async with db_manager.get_session() as session:
# Get user with permissions
user_stmt = select(User).where(User.id == user_id).options(selectinload(User.roles))
user_result = await session.execute(user_stmt)
user = user_result.scalar_one_or_none()
if not user or not user.is_active:
raise HTTPException(status_code=401, detail="User not found or inactive")
# Generate new tokens (token rotation)
user_permissions = []
for role in user.roles:
user_permissions.extend(role.permissions)
new_access_token = generate_access_token(
{
"user_id": str(user.id),
"username": user.username,
"permissions": list(set(user_permissions))
},
expires_in=settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60
)
new_refresh_token = generate_refresh_token(user.id)
await logger.adebug(
"Tokens refreshed",
user_id=str(user_id)
)
return {
"tokens": {
"access_token": new_access_token,
"refresh_token": new_refresh_token,
"token_type": "Bearer",
"expires_in": settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60
}
}
except HTTPException:
raise
except Exception as e:
await logger.aerror("Token refresh failed", error=str(e))
raise HTTPException(status_code=500, detail="Token refresh failed")
@router.get("/api/v1/auth/me")
async def get_current_user_info(current_user: User = Depends(require_auth)):
"""
Получение информации о текущем пользователе
"""
try:
async with db_manager.get_session() as session:
# Get user with full details
user_stmt = select(User).where(User.id == current_user.id).options(
selectinload(User.roles),
selectinload(User.api_keys)
)
user_result = await session.execute(user_stmt)
full_user = user_result.scalar_one_or_none()
if not full_user:
raise HTTPException(status_code=404, detail="User not found")
# Get user permissions
permissions = []
roles = []
for role in full_user.roles:
roles.append({
"name": role.name,
"description": role.description
})
permissions.extend(role.permissions)
return {
"user": {
"id": str(full_user.id),
"username": full_user.username,
"email": full_user.email,
"full_name": full_user.full_name,
"bio": full_user.bio,
"avatar_url": full_user.avatar_url,
"is_active": full_user.is_active,
"email_verified": full_user.email_verified,
"created_at": full_user.created_at.isoformat(),
"last_login_at": full_user.last_login_at.isoformat() if full_user.last_login_at else None,
"login_count": full_user.login_count,
"settings": full_user.settings
},
"roles": roles,
"permissions": list(set(permissions))
}
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"Failed to get current user",
user_id=str(current_user.id),
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to get user information")
# Helper functions
async def _process_twa_data(twa_data: str) -> Dict[str, Any]:
"""Обработка данных Telegram WebApp"""
await logger.ainfo("_process_twa_data started", twa_data_length=len(twa_data))
# Здесь должна быть валидация TWA данных
# Для демо возвращаем фиктивные данные
result = {
"user_id": str(uuid4()),
"username": "twa_user",
"first_name": "TWA",
"last_name": "User"
}
await logger.ainfo("_process_twa_data completed", result=result)
return result
async def _validate_ton_proof(proof: Dict[str, Any], account: Dict[str, Any], twa_data: str) -> bool:
"""Валидация TON proof"""
# Здесь должна быть реальная валидация TON proof
# Для демо возвращаем True
try:
# Базовые проверки
if not proof.get("timestamp") or not proof.get("domain"):
return False
if not account.get("address") or not account.get("chain"):
return False
# Здесь должна быть криптографическая проверка подписи
return True
except Exception as e:
logger.error(f"TON proof validation error: {e}")
return False
async def _validate_ton_wallet(wallet_address: str) -> bool:
"""Валидация TON кошелька"""
# Здесь должна быть проверка существования кошелька в TON сети
# Для демо возвращаем True для валидных адресов
try:
# Базовая проверка формата адреса
if len(wallet_address) < 40:
return False
# Здесь должен быть запрос к TON API
return True
except Exception as e:
logger.error(f"TON wallet validation error: {e}")
return False

326
app/api/fastapi_compat_routes.py Normal file
View File

@ -0,0 +1,326 @@
"""
Compatibility routes to preserve deprecated uploader-bot API surface (v1/system).
These endpoints mirror legacy paths so older clients continue to function,
while new v3 sync API works in parallel.
"""
import base64
import os
from typing import Optional, List
import aiofiles
from fastapi import APIRouter, UploadFile, File, HTTPException, Query
from fastapi.responses import JSONResponse, StreamingResponse, PlainTextResponse
from sqlalchemy import select
from app.core.logging import get_logger
from app.core.config import get_settings
from app.core.database import db_manager
from app.core.models.content_models import StoredContent as Content
from app.core.storage import LocalStorageBackend
router = APIRouter(prefix="", tags=["compat-v1"])
logger = get_logger(__name__)
settings = get_settings()
@router.get("/")
async def index_root():
return PlainTextResponse("MY Network Node", status_code=200)
@router.get("/favicon.ico")
async def favicon():
return PlainTextResponse("", status_code=204)
@router.get("/api/system.version")
async def system_version():
codebase_hash = os.getenv("CODEBASE_HASH", "unknown")
codebase_branch = os.getenv("CODEBASE_BRANCH", os.getenv("GIT_BRANCH", "main"))
return {"codebase_hash": codebase_hash, "codebase_branch": codebase_branch}
@router.post("/api/system.sendStatus")
async def system_send_status(payload: dict):
try:
message_b58 = payload.get("message")
signature = payload.get("signature")
if not message_b58 or not signature:
raise HTTPException(status_code=400, detail="message and signature required")
await logger.ainfo("Compat system.sendStatus", signature=signature)
return {"ok": True}
except HTTPException:
raise
except Exception as e:
await logger.aerror("sendStatus failed", error=str(e))
raise HTTPException(status_code=500, detail="sendStatus failed")
@router.get("/api/tonconnect-manifest.json")
async def tonconnect_manifest():
host = str(getattr(settings, "PROJECT_HOST", "")) or os.getenv("PROJECT_HOST", "") or "http://localhost:8000"
return {
"url": host,
"name": "MY Network Node",
"iconUrl": f"{host}/static/icon.png",
"termsOfUseUrl": f"{host}/terms",
"privacyPolicyUrl": f"{host}/privacy",
"bridgeUrl": "https://bridge.tonapi.io/bridge",
"manifestVersion": 2
}
@router.get("/api/platform-metadata.json")
async def platform_metadata():
host = str(getattr(settings, "PROJECT_HOST", "")) or os.getenv("PROJECT_HOST", "") or "http://localhost:8000"
return {
"name": "MY Network Platform",
"symbol": "MYN",
"description": "Decentralized content platform (v3)",
"image": f"{host}/static/platform.png",
"external_url": host,
"version": "3.0.0"
}
@router.get("/api/v1/node")
async def v1_node():
from app.core.crypto import get_ed25519_manager
cm = get_ed25519_manager()
return {
"id": cm.node_id,
"node_address": "",
"master_address": "",
"indexer_height": 0,
"services": {}
}
@router.get("/api/v1/nodeFriendly")
async def v1_node_friendly():
from app.core.crypto import get_ed25519_manager
cm = get_ed25519_manager()
return PlainTextResponse(f"Node ID: {cm.node_id}\nIndexer height: 0\nServices: none\n")
@router.post("/api/v1/auth.twa")
async def v1_auth_twa(payload: dict):
user_ref = payload.get("user") or {}
token = base64.b64encode(f"twa:{user_ref}".encode()).decode()
return {"token": token}
@router.get("/api/v1/auth.me")
async def v1_auth_me():
return {"user": None, "status": "guest"}
@router.post("/api/v1/auth.selectWallet")
async def v1_auth_select_wallet(payload: dict):
return {"ok": True}
@router.get("/api/v1/tonconnect.new")
async def v1_tonconnect_new():
return {"ok": True}
@router.post("/api/v1/tonconnect.logout")
async def v1_tonconnect_logout(payload: dict):
return {"ok": True}
@router.post("/api/v1.5/storage")
async def v1_5_storage_upload(file: UploadFile = File(...)):
return await v1_storage_upload(file)
@router.get("/api/v1.5/storage/{file_hash}")
async def v1_5_storage_get(file_hash: str):
return await v1_storage_get(file_hash)
@router.post("/api/v1/storage")
async def v1_storage_upload(file: UploadFile = File(...)):
try:
data = await file.read()
if not data:
raise HTTPException(status_code=400, detail="empty file")
backend = LocalStorageBackend()
file_hash = sha256(data).hexdigest()
file_path = os.path.join(backend.files_path, file_hash)
async with aiofiles.open(file_path, 'wb') as f:
await f.write(data)
async with db_manager.get_session() as session:
existing = await session.execute(select(Content).where(Content.hash == file_hash))
if existing.scalars().first() is None:
content = Content(
hash=file_hash,
filename=file.filename or file_hash,
file_size=len(data),
mime_type=file.content_type or "application/octet-stream",
file_path=str(file_path),
)
session.add(content)
await session.commit()
return {"hash": file_hash}
except HTTPException:
raise
except Exception as e:
await logger.aerror("v1 upload failed", error=str(e))
raise HTTPException(status_code=500, detail="upload failed")
@router.get("/api/v1/storage/{file_hash}")
async def v1_storage_get(file_hash: str):
try:
async with db_manager.get_session() as session:
result = await session.execute(select(Content).where(Content.hash == file_hash))
content = result.scalars().first()
if not content or not content.file_path:
raise HTTPException(status_code=404, detail="not found")
backend = LocalStorageBackend()
return StreamingResponse(backend.get_file_stream(content.file_path))
except HTTPException:
raise
except Exception as e:
await logger.aerror("v1 storage get failed", error=str(e))
raise HTTPException(status_code=500, detail="failed")
@router.get("/api/v1/storage.decodeContentId/{content_id}")
async def v1_decode_content_id(content_id: str):
try:
async with db_manager.get_session() as session:
result = await session.execute(select(Content).where(Content.id == content_id))
content = result.scalars().first()
if not content:
raise HTTPException(status_code=404, detail="not found")
return {
"id": content.id,
"hash": content.hash,
"filename": content.filename,
"size": content.file_size,
"mime_type": content.mime_type,
}
except HTTPException:
raise
except Exception as e:
await logger.aerror("decodeContentId failed", error=str(e))
raise HTTPException(status_code=500, detail="failed")
@router.get("/api/v1/content.list")
async def v1_content_list(limit: int = Query(50, ge=1, le=200), offset: int = Query(0, ge=0)):
try:
async with db_manager.get_session() as session:
result = await session.execute(select(Content).offset(offset).limit(limit))
items: List[Content] = result.scalars().all()
return {
"items": [
{
"id": it.id,
"hash": it.hash,
"filename": it.filename,
"size": it.file_size,
"mime_type": it.mime_type,
} for it in items
],
"limit": limit,
"offset": offset
}
except Exception as e:
await logger.aerror("content.list failed", error=str(e))
raise HTTPException(status_code=500, detail="failed")
@router.get("/api/v1/content.view")
async def v1_content_view(hash: Optional[str] = None, id: Optional[str] = None):
try:
if not hash and not id:
raise HTTPException(status_code=400, detail="hash or id required")
async with db_manager.get_session() as session:
stmt = select(Content)
if hash:
stmt = stmt.where(Content.hash == hash)
if id:
stmt = stmt.where(Content.id == id)
result = await session.execute(stmt)
content = result.scalars().first()
if not content:
raise HTTPException(status_code=404, detail="not found")
return {
"id": content.id,
"hash": content.hash,
"filename": content.filename,
"size": content.file_size,
"mime_type": content.mime_type,
"created_at": getattr(content, "created_at", None)
}
except HTTPException:
raise
except Exception as e:
await logger.aerror("content.view failed", error=str(e))
raise HTTPException(status_code=500, detail="failed")
@router.get("/api/v1/content.view/{content_address}")
async def v1_content_view_path(content_address: str):
try:
async with db_manager.get_session() as session:
result = await session.execute(select(Content).where((Content.id == content_address) | (Content.hash == content_address)))
content = result.scalars().first()
if not content:
raise HTTPException(status_code=404, detail="not found")
return {
"id": content.id,
"hash": content.hash,
"filename": content.filename,
"size": content.file_size,
"mime_type": content.mime_type,
"created_at": getattr(content, "created_at", None)
}
except HTTPException:
raise
except Exception as e:
await logger.aerror("content.view(path) failed", error=str(e))
raise HTTPException(status_code=500, detail="failed")
@router.get("/api/v1/content.friendlyList")
async def v1_content_friendly_list(limit: int = Query(50, ge=1, le=200), offset: int = Query(0, ge=0)):
return await v1_content_list(limit, offset)
@router.get("/api/v1.5/content.list")
async def v1_5_content_list(limit: int = Query(50, ge=1, le=200), offset: int = Query(0, ge=0)):
return await v1_content_list(limit, offset)
@router.post("/api/v1/blockchain.sendNewContentMessage")
async def v1_chain_send_new_content(payload: dict):
await logger.ainfo("compat blockchain.sendNewContentMessage", payload=payload)
return {"ok": True}
@router.post("/api/v1/blockchain.sendPurchaseContent")
async def v1_chain_send_purchase(payload: dict):
await logger.ainfo("compat blockchain.sendPurchaseContent", payload=payload)
return {"ok": True}
@router.post("/api/v1/blockchain.sendPurchaseContentMessage")
async def v1_chain_send_purchase_message(payload: dict):
await logger.ainfo("compat blockchain.sendPurchaseContentMessage", payload=payload)
return {"ok": True}
@router.get("/api/v1/account")
async def v1_account():
return {"ok": True}

479
app/api/fastapi_content_routes.py Normal file
View File

@ -0,0 +1,479 @@
"""
FastAPI маршруты для управления контентом
Критически важные эндпоинты для web2-client совместимости
"""
import asyncio
from datetime import datetime, timedelta
from typing import Dict, List, Optional, Any
from uuid import UUID, uuid4
from fastapi import APIRouter, HTTPException, Request, Depends, UploadFile, File
from fastapi.responses import JSONResponse, StreamingResponse
from sqlalchemy import select, update, delete, and_, or_, func
from sqlalchemy.orm import selectinload
from pydantic import BaseModel, Field
from app.core.config import get_settings
from app.core.database import db_manager, get_cache_manager
from app.core.logging import get_logger
from app.core.models.content_models import StoredContent as Content, UserContent as ContentMetadata
from app.core.models.user import User
from app.api.fastapi_middleware import get_current_user, require_auth
# Initialize router
router = APIRouter(prefix="", tags=["content"])
logger = get_logger(__name__)
settings = get_settings()
# Pydantic models
class ContentViewRequest(BaseModel):
"""Модель для просмотра контента (совместимость с web2-client)"""
pass
class NewContentRequest(BaseModel):
"""Модель для создания нового контента"""
title: str = Field(..., min_length=1, max_length=200)
content: str = Field(..., min_length=1)
image: str = Field(..., min_length=1)
description: str = Field(..., max_length=1000)
hashtags: List[str] = Field(default=[])
price: str = Field(..., min_length=1)
resaleLicensePrice: str = Field(default="0")
allowResale: bool = Field(default=False)
authors: List[str] = Field(default=[])
royaltyParams: List[Dict[str, Any]] = Field(default=[])
downloadable: bool = Field(default=True)
class PurchaseContentRequest(BaseModel):
"""Модель для покупки контента"""
content_address: str = Field(..., min_length=1)
license_type: str = Field(..., pattern="^(listen|resale)$")
class ContentResponse(BaseModel):
"""Модель ответа с информацией о контенте"""
address: str
amount: str
payload: str
@router.get("/content.view/{content_id}")
async def view_content(
content_id: str,
request: Request,
current_user: User = Depends(get_current_user)
):
"""
Просмотр контента - критически важный эндпоинт для web2-client
Эквивалент GET /content.view/{id} из web2-client/src/shared/services/content/index.ts
"""
try:
# Проверка авторизации
auth_token = request.headers.get('authorization')
if not auth_token and not current_user:
# Для совместимости с web2-client, проверяем localStorage token из headers
auth_token = request.headers.get('authorization')
if not auth_token:
raise HTTPException(status_code=401, detail="Authentication required")
# Валидация content_id
try:
content_uuid = UUID(content_id)
except ValueError:
raise HTTPException(status_code=400, detail="Invalid content ID format")
# Кэширование
cache_manager = await get_cache_manager()
cache_key = f"content_view:{content_id}"
cached_content = await cache_manager.get(cache_key)
if cached_content:
await logger.ainfo(
"Content view (cached)",
content_id=content_id,
user_id=str(current_user.id) if current_user else "anonymous"
)
return cached_content
async with db_manager.get_session() as session:
# Загрузка контента с метаданными
stmt = (
select(Content)
.options(
selectinload(Content.metadata),
selectinload(Content.access_controls)
)
.where(Content.id == content_uuid)
)
result = await session.execute(stmt)
content = result.scalar_one_or_none()
if not content:
raise HTTPException(status_code=404, detail="Content not found")
# Проверка доступа
has_access = await _check_content_access(content, current_user, session)
if not has_access:
raise HTTPException(status_code=403, detail="Access denied")
# Формирование ответа (совместимость с web2-client)
content_data = {
"id": str(content.id),
"title": content.title,
"description": content.description,
"content_type": content.content_type,
"file_size": content.file_size,
"status": content.status,
"visibility": content.visibility,
"tags": content.tags or [],
"created_at": content.created_at.isoformat(),
"updated_at": content.updated_at.isoformat(),
"user_id": str(content.user_id),
"file_url": f"/api/v1/content/{content_id}/download",
"preview_url": f"/api/v1/content/{content_id}/preview",
"metadata": {
"duration": getattr(content, 'duration', None),
"bitrate": getattr(content, 'bitrate', None),
"format": content.content_type
}
}
# Кэшируем на 10 минут
await cache_manager.set(cache_key, content_data, ttl=600)
# Обновляем статистику просмотров
await _update_view_stats(content_id, current_user)
await logger.ainfo(
"Content viewed successfully",
content_id=content_id,
user_id=str(current_user.id) if current_user else "anonymous"
)
return content_data
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"Content view failed",
content_id=content_id,
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to load content")
@router.post("/blockchain.sendNewContentMessage", response_model=ContentResponse)
async def send_new_content_message(
request: Request,
content_data: NewContentRequest,
current_user: User = Depends(require_auth)
):
"""
Создание нового контента - критически важный эндпоинт для web2-client
Эквивалент useCreateNewContent из web2-client
"""
try:
await logger.ainfo("Content creation started", step="begin", user_id=str(current_user.id))
# Проверка квот пользователя
await logger.ainfo("Getting cache manager", step="cache_init")
cache_manager = await get_cache_manager()
await logger.ainfo("Cache manager obtained", step="cache_ready")
quota_key = f"user:{current_user.id}:content_quota"
daily_content = await cache_manager.get(quota_key, default=0)
await logger.ainfo("Quota checked", step="quota_check", daily_content=daily_content)
if daily_content >= settings.MAX_CONTENT_PER_DAY:
raise HTTPException(status_code=429, detail="Daily content creation limit exceeded")
# Валидация данных контента
if not content_data.title or not content_data.content:
raise HTTPException(status_code=400, detail="Title and content are required")
# Валидация цены
try:
price_nanotons = int(content_data.price)
if price_nanotons < 0:
raise ValueError("Price cannot be negative")
except ValueError:
raise HTTPException(status_code=400, detail="Invalid price format")
async with db_manager.get_session() as session:
# Создание записи контента
new_content = Content(
id=uuid4(),
user_id=current_user.id,
title=content_data.title,
description=content_data.description,
content_type="application/json", # Для метаданных
status="pending",
visibility="public" if not content_data.price or price_nanotons == 0 else "premium",
tags=content_data.hashtags,
file_size=len(content_data.content.encode('utf-8'))
)
session.add(new_content)
await session.commit()
await session.refresh(new_content)
# Создание метаданных
content_metadata = ContentMetadata(
content_id=new_content.id,
metadata_type="blockchain_content",
data={
"content": content_data.content,
"image": content_data.image,
"price": content_data.price,
"resaleLicensePrice": content_data.resaleLicensePrice,
"allowResale": content_data.allowResale,
"authors": content_data.authors,
"royaltyParams": content_data.royaltyParams,
"downloadable": content_data.downloadable
}
)
session.add(content_metadata)
await session.commit()
# Обновляем квоту
await cache_manager.increment(quota_key, ttl=86400)
# Генерируем blockchain payload для TON
blockchain_payload = await _generate_blockchain_payload(
content_id=str(new_content.id),
price=content_data.price,
metadata=content_data.__dict__
)
await logger.ainfo(
"New content message created",
content_id=str(new_content.id),
user_id=str(current_user.id),
title=content_data.title,
price=content_data.price
)
# Ответ в формате, ожидаемом web2-client
return ContentResponse(
address=settings.TON_CONTRACT_ADDRESS or "EQC_CONTRACT_ADDRESS",
amount=str(settings.TON_DEPLOY_FEE or "50000000"), # 0.05 TON в наноTON
payload=blockchain_payload
)
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"New content creation failed",
user_id=str(current_user.id),
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to create content")
@router.post("/blockchain.sendPurchaseContentMessage", response_model=ContentResponse)
async def send_purchase_content_message(
request: Request,
purchase_data: PurchaseContentRequest,
current_user: User = Depends(require_auth)
):
"""
Покупка контента - критически важный эндпоинт для web2-client
Эквивалент usePurchaseContent из web2-client
"""
try:
content_address = purchase_data.content_address
license_type = purchase_data.license_type
# Валидация адреса контента
if not content_address:
raise HTTPException(status_code=400, detail="Content address is required")
# Поиск контента по адресу (или ID)
async with db_manager.get_session() as session:
# Пытаемся найти по UUID
content = None
try:
content_uuid = UUID(content_address)
stmt = select(Content).where(Content.id == content_uuid)
result = await session.execute(stmt)
content = result.scalar_one_or_none()
except ValueError:
# Если не UUID, ищем по другим полям
stmt = select(Content).where(Content.blockchain_address == content_address)
result = await session.execute(stmt)
content = result.scalar_one_or_none()
if not content:
raise HTTPException(status_code=404, detail="Content not found")
# Проверка, что пользователь не владелец контента
if content.user_id == current_user.id:
raise HTTPException(status_code=400, detail="Cannot purchase own content")
# Получаем метаданные для определения цены
metadata_stmt = select(ContentMetadata).where(
ContentMetadata.content_id == content.id,
ContentMetadata.metadata_type == "blockchain_content"
)
metadata_result = await session.execute(metadata_stmt)
metadata = metadata_result.scalar_one_or_none()
if not metadata:
raise HTTPException(status_code=404, detail="Content metadata not found")
# Определяем цену в зависимости от типа лицензии
content_data = metadata.data
if license_type == "listen":
price = content_data.get("price", "0")
elif license_type == "resale":
price = content_data.get("resaleLicensePrice", "0")
if not content_data.get("allowResale", False):
raise HTTPException(status_code=400, detail="Resale not allowed for this content")
else:
raise HTTPException(status_code=400, detail="Invalid license type")
# Валидация цены
try:
price_nanotons = int(price)
if price_nanotons < 0:
raise ValueError("Invalid price")
except ValueError:
raise HTTPException(status_code=400, detail="Invalid content price")
# Генерируем blockchain payload для покупки
purchase_payload = await _generate_purchase_payload(
content_id=str(content.id),
content_address=content_address,
license_type=license_type,
price=price,
buyer_id=str(current_user.id)
)
await logger.ainfo(
"Purchase content message created",
content_id=str(content.id),
content_address=content_address,
license_type=license_type,
price=price,
buyer_id=str(current_user.id)
)
# Ответ в формате, ожидаемом web2-client
return ContentResponse(
address=content_address,
amount=price,
payload=purchase_payload
)
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"Purchase content failed",
content_address=purchase_data.content_address,
user_id=str(current_user.id),
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to create purchase message")
# Helper functions
async def _check_content_access(content: Content, user: Optional[User], session) -> bool:
"""Проверка доступа к контенту"""
# Публичный контент доступен всем
if content.visibility == "public":
return True
# Владелец всегда имеет доступ
if user and content.user_id == user.id:
return True
# Премиум контент требует покупки
if content.visibility == "premium":
if not user:
return False
# Проверяем, покупал ли пользователь этот контент
# Здесь должна быть проверка в таблице покупок
return False
# Приватный контент доступен только владельцу
return False
async def _update_view_stats(content_id: str, user: Optional[User]) -> None:
"""Обновление статистики просмотров"""
try:
cache_manager = await get_cache_manager()
# Обновляем счетчики просмотров
today = datetime.utcnow().date().isoformat()
stats_key = f"content_views:{content_id}:{today}"
await cache_manager.increment(stats_key, ttl=86400)
if user:
user_views_key = f"user_content_views:{user.id}:{today}"
await cache_manager.increment(user_views_key, ttl=86400)
except Exception as e:
await logger.awarning(
"Failed to update view stats",
content_id=content_id,
error=str(e)
)
async def _generate_blockchain_payload(content_id: str, price: str, metadata: Dict[str, Any]) -> str:
"""Генерация payload для blockchain транзакции создания контента"""
import base64
import json
payload_data = {
"action": "create_content",
"content_id": content_id,
"price": price,
"timestamp": datetime.utcnow().isoformat(),
"metadata": {
"title": metadata.get("title"),
"description": metadata.get("description"),
"hashtags": metadata.get("hashtags", []),
"authors": metadata.get("authors", []),
"downloadable": metadata.get("downloadable", True)
}
}
# Кодируем в base64 для TON
payload_json = json.dumps(payload_data, separators=(',', ':'))
payload_base64 = base64.b64encode(payload_json.encode()).decode()
return payload_base64
async def _generate_purchase_payload(
content_id: str,
content_address: str,
license_type: str,
price: str,
buyer_id: str
) -> str:
"""Генерация payload для blockchain транзакции покупки контента"""
import base64
import json
payload_data = {
"action": "purchase_content",
"content_id": content_id,
"content_address": content_address,
"license_type": license_type,
"price": price,
"buyer_id": buyer_id,
"timestamp": datetime.utcnow().isoformat()
}
# Кодируем в base64 для TON
payload_json = json.dumps(payload_data, separators=(',', ':'))
payload_base64 = base64.b64encode(payload_json.encode()).decode()
return payload_base64

594
app/api/fastapi_middleware.py Normal file
View File

@ -0,0 +1,594 @@
"""
FastAPI middleware адаптированный из Sanic middleware
Обеспечивает полную совместимость с существующей функциональностью
"""
import asyncio
import time
import uuid
import json
from datetime import datetime, timedelta
from typing import Optional, Dict, Any, Callable
from fastapi import Request, Response, HTTPException
from starlette.middleware.base import BaseHTTPMiddleware
from fastapi.responses import JSONResponse
import structlog
from app.core.config import settings, SecurityConfig, CACHE_KEYS
from app.core.database import get_cache
from app.core.logging import request_id_var, user_id_var, operation_var
from app.core.models.user import User
# Ed25519 криптографический модуль
try:
from app.core.crypto import get_ed25519_manager
CRYPTO_AVAILABLE = True
except ImportError:
CRYPTO_AVAILABLE = False
logger = structlog.get_logger(__name__)
class FastAPISecurityMiddleware(BaseHTTPMiddleware):
"""FastAPI Security middleware для валидации запросов и защиты"""
async def dispatch(self, request: Request, call_next):
# Handle OPTIONS requests for CORS
if request.method == 'OPTIONS':
response = Response(content='OK')
return self.add_security_headers(response)
# Security validations
try:
self.validate_request_size(request)
await self.validate_content_type(request)
if not self.check_origin(request):
raise HTTPException(status_code=403, detail="Origin not allowed")
except HTTPException:
raise
except Exception as e:
logger.warning("Security validation failed", error=str(e))
raise HTTPException(status_code=400, detail=str(e))
response = await call_next(request)
return self.add_security_headers(response)
def add_security_headers(self, response: Response) -> Response:
"""Add security headers to response"""
# CORS headers
response.headers.update({
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
"Access-Control-Allow-Headers": (
"Origin, Content-Type, Accept, Authorization, "
"X-Requested-With, X-API-Key, X-Request-ID, "
"X-Node-Communication, X-Node-ID, X-Node-Public-Key, X-Node-Signature"
),
"Access-Control-Max-Age": "86400",
# Security headers
"X-Content-Type-Options": "nosniff",
"X-Frame-Options": "DENY",
"X-XSS-Protection": "1; mode=block",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains",
"Referrer-Policy": "strict-origin-when-cross-origin",
"Permissions-Policy": "geolocation=(), microphone=(), camera=()",
# Custom headers
"X-API-Version": settings.PROJECT_VERSION,
})
# CSP header
csp_directives = "; ".join([
f"{directive} {' '.join(sources)}"
for directive, sources in SecurityConfig.CSP_DIRECTIVES.items()
])
response.headers["Content-Security-Policy"] = csp_directives
return response
def validate_request_size(self, request: Request) -> None:
"""Validate request size limits"""
content_length = request.headers.get('content-length')
if content_length:
size = int(content_length)
if size > SecurityConfig.MAX_REQUEST_SIZE:
raise HTTPException(status_code=413, detail=f"Request too large: {size} bytes")
async def validate_content_type(self, request: Request) -> None:
"""Validate content type for JSON requests"""
if request.method in ['POST', 'PUT', 'PATCH']:
content_type = request.headers.get('content-type', '')
if 'application/json' in content_type:
# Skip body reading here - it will be read by the route handler
# Just validate content-length header instead
content_length = request.headers.get('content-length')
if content_length and int(content_length) > SecurityConfig.MAX_JSON_SIZE:
raise HTTPException(status_code=413, detail="JSON payload too large")
def check_origin(self, request: Request) -> bool:
"""Check if request origin is allowed"""
origin = request.headers.get('origin')
if not origin:
return True # Allow requests without origin (direct API calls)
return any(
origin.startswith(allowed_origin.rstrip('/*'))
for allowed_origin in SecurityConfig.CORS_ORIGINS
)
class FastAPIRateLimitMiddleware(BaseHTTPMiddleware):
"""FastAPI Rate limiting middleware using Redis"""
def __init__(self, app):
super().__init__(app)
self.cache = None
async def get_cache(self):
"""Get cache instance"""
if not self.cache:
self.cache = await get_cache()
return self.cache
async def dispatch(self, request: Request, call_next):
if not settings.RATE_LIMIT_ENABLED:
return await call_next(request)
client_identifier = self.get_client_ip(request)
pattern = self.get_rate_limit_pattern(request)
if not await self.check_rate_limit(request, client_identifier, pattern):
rate_info = await self.get_rate_limit_info(client_identifier, pattern)
return JSONResponse(
content={
"error": "Rate limit exceeded",
"rate_limit": rate_info
},
status_code=429
)
# Store rate limit info for response headers
rate_info = await self.get_rate_limit_info(client_identifier, pattern)
response = await call_next(request)
# Add rate limit headers
if rate_info:
response.headers.update({
"X-RateLimit-Limit": str(rate_info.get('limit', 0)),
"X-RateLimit-Remaining": str(rate_info.get('remaining', 0)),
"X-RateLimit-Reset": str(rate_info.get('reset_time', 0))
})
return response
def get_client_ip(self, request: Request) -> str:
"""Get real client IP address"""
# Check for forwarded headers
forwarded_for = request.headers.get('x-forwarded-for')
if forwarded_for:
return forwarded_for.split(',')[0].strip()
real_ip = request.headers.get('x-real-ip')
if real_ip:
return real_ip
# Fallback to request IP
return getattr(request.client, 'host', '127.0.0.1')
def get_rate_limit_pattern(self, request: Request) -> str:
"""Determine rate limit pattern based on endpoint"""
path = request.url.path
if '/auth/' in path:
return "auth"
elif '/upload' in path:
return "upload"
elif '/admin/' in path:
return "heavy"
else:
return "api"
async def check_rate_limit(
self,
request: Request,
identifier: str,
pattern: str = "api"
) -> bool:
"""Check rate limit for identifier"""
try:
cache = await self.get_cache()
limits = SecurityConfig.RATE_LIMIT_PATTERNS.get(pattern, {
"requests": settings.RATE_LIMIT_REQUESTS,
"window": settings.RATE_LIMIT_WINDOW
})
cache_key = CACHE_KEYS["rate_limit"].format(
pattern=pattern,
identifier=identifier
)
# Get current count
current_count = await cache.get(cache_key)
if current_count is None:
# First request in window
await cache.set(cache_key, "1", ttl=limits["window"])
return True
current_count = int(current_count)
if current_count >= limits["requests"]:
# Rate limit exceeded
logger.warning(
"Rate limit exceeded",
identifier=identifier,
pattern=pattern,
count=current_count,
limit=limits["requests"]
)
return False
# Increment counter
await cache.incr(cache_key)
return True
except Exception as e:
logger.error("Rate limit check failed", error=str(e))
return True # Allow request if rate limiting fails
async def get_rate_limit_info(
self,
identifier: str,
pattern: str = "api"
) -> Dict[str, Any]:
"""Get rate limit information"""
try:
cache = await self.get_cache()
limits = SecurityConfig.RATE_LIMIT_PATTERNS.get(pattern, {
"requests": settings.RATE_LIMIT_REQUESTS,
"window": settings.RATE_LIMIT_WINDOW
})
cache_key = CACHE_KEYS["rate_limit"].format(
pattern=pattern,
identifier=identifier
)
current_count = await cache.get(cache_key) or "0"
ttl = await cache.redis.ttl(cache_key)
return {
"limit": limits["requests"],
"remaining": max(0, limits["requests"] - int(current_count)),
"reset_time": int(time.time()) + max(0, ttl),
"window": limits["window"]
}
except Exception as e:
logger.error("Failed to get rate limit info", error=str(e))
return {}
class FastAPICryptographicMiddleware(BaseHTTPMiddleware):
"""FastAPI Ed25519 cryptographic middleware для межузлового общения"""
async def dispatch(self, request: Request, call_next):
# Проверяем ed25519 подпись для межузловых запросов
if not await self.verify_inter_node_signature(request):
logger.warning("Inter-node signature verification failed")
return JSONResponse(
content={
"error": "Invalid cryptographic signature",
"message": "Inter-node communication requires valid ed25519 signature"
},
status_code=403
)
response = await call_next(request)
# Добавляем криптографические заголовки для межузловых ответов
return await self.add_inter_node_headers(request, response)
async def verify_inter_node_signature(self, request: Request) -> bool:
"""Проверить ed25519 подпись для межузлового сообщения"""
if not CRYPTO_AVAILABLE:
logger.warning("Crypto module not available, skipping signature verification")
return True
# Проверяем, является ли это межузловым сообщением
if not request.headers.get("x-node-communication") == "true":
return True # Не межузловое сообщение, пропускаем проверку
try:
crypto_manager = get_ed25519_manager()
# Получаем необходимые заголовки
signature = request.headers.get("x-node-signature")
node_id = request.headers.get("x-node-id")
public_key = request.headers.get("x-node-public-key")
if not all([signature, node_id, public_key]):
logger.warning("Missing cryptographic headers in inter-node request")
return False
# SKIP body reading for now - this causes issues with FastAPI
# Inter-node communication signature verification disabled temporarily
logger.debug("Inter-node signature verification skipped (body reading conflict)")
request.state.inter_node_communication = True
request.state.source_node_id = node_id
request.state.source_public_key = public_key
return True
try:
message_data = json.loads(body.decode())
# Проверяем подпись
is_valid = crypto_manager.verify_signature(
message_data, signature, public_key
)
if is_valid:
logger.debug(f"Valid signature verified for node {node_id}")
# Сохраняем информацию о ноде в state
request.state.inter_node_communication = True
request.state.source_node_id = node_id
request.state.source_public_key = public_key
return True
else:
logger.warning(f"Invalid signature from node {node_id}")
return False
except json.JSONDecodeError:
logger.warning("Invalid JSON in inter-node request")
return False
except Exception as e:
logger.error(f"Crypto verification error: {e}")
return False
async def add_inter_node_headers(self, request: Request, response: Response) -> Response:
"""Добавить криптографические заголовки для межузловых ответов"""
if not CRYPTO_AVAILABLE:
return response
# Добавляем заголовки только для межузловых сообщений
if hasattr(request.state, 'inter_node_communication') and request.state.inter_node_communication:
try:
crypto_manager = get_ed25519_manager()
# Добавляем информацию о нашей ноде
response.headers.update({
"X-Node-ID": crypto_manager.node_id,
"X-Node-Public-Key": crypto_manager.public_key_hex,
"X-Node-Communication": "true"
})
# Если есть тело ответа, подписываем его
if hasattr(response, 'body') and response.body:
try:
response_data = json.loads(response.body.decode())
signature = crypto_manager.sign_message(response_data)
response.headers["X-Node-Signature"] = signature
except (json.JSONDecodeError, AttributeError):
# Не JSON тело или нет body, пропускаем подпись
pass
except Exception as e:
logger.error(f"Error adding inter-node headers: {e}")
return response
class FastAPIRequestContextMiddleware(BaseHTTPMiddleware):
"""FastAPI Request context middleware для трекинга и логирования"""
async def dispatch(self, request: Request, call_next):
# Generate and set request ID
request_id = str(uuid.uuid4())
request.state.request_id = request_id
request_id_var.set(request_id)
# Set request start time
start_time = time.time()
request.state.start_time = start_time
# Extract client information
request.state.client_ip = self.get_client_ip(request)
request.state.user_agent = request.headers.get('user-agent', 'Unknown')
# Initialize context
request.state.user = None
logger.info(
"Request started",
method=request.method,
path=request.url.path,
client_ip=request.state.client_ip,
user_agent=request.state.user_agent
)
response = await call_next(request)
# Add request ID to response
response.headers["X-Request-ID"] = request_id
# Log request completion
duration = time.time() - start_time
logger.info(
"Request completed",
method=request.method,
path=request.url.path,
status_code=response.status_code,
duration_ms=round(duration * 1000, 2),
client_ip=request.state.client_ip,
user_id=str(request.state.user.id) if hasattr(request.state, 'user') and request.state.user else None
)
return response
def get_client_ip(self, request: Request) -> str:
"""Get real client IP address"""
# Check for forwarded headers
forwarded_for = request.headers.get('x-forwarded-for')
if forwarded_for:
return forwarded_for.split(',')[0].strip()
real_ip = request.headers.get('x-real-ip')
if real_ip:
return real_ip
# Fallback to request IP
return getattr(request.client, 'host', '127.0.0.1')
class FastAPIAuthenticationMiddleware(BaseHTTPMiddleware):
"""FastAPI Authentication middleware для API доступа"""
async def dispatch(self, request: Request, call_next):
# Skip authentication for system endpoints and root
if request.url.path.startswith('/api/system') or request.url.path == '/':
return await call_next(request)
# Extract and validate token
token = await self.extract_token(request)
if token:
from app.core.database import db_manager
async with db_manager.get_session() as session:
user = await self.validate_token(token, session)
if user:
request.state.user = user
user_id_var.set(str(user.id))
# Check permissions
if not await self.check_permissions(user, request):
return JSONResponse(
content={"error": "Insufficient permissions"},
status_code=403
)
# Update user activity
user.update_activity()
await session.commit()
return await call_next(request)
async def extract_token(self, request: Request) -> Optional[str]:
"""Extract authentication token from request"""
# Check Authorization header
auth_header = request.headers.get('authorization')
if auth_header and auth_header.startswith('Bearer '):
return auth_header[7:] # Remove 'Bearer ' prefix
# Check X-API-Key header
api_key = request.headers.get('x-api-key')
if api_key:
return api_key
# Check query parameter (less secure, for backward compatibility)
return request.query_params.get('token')
async def validate_token(self, token: str, session) -> Optional[User]:
"""Validate authentication token and return user"""
if not token:
return None
try:
# Импортируем функции безопасности
from app.core.security import verify_access_token
# Пытаемся декодировать как JWT токен (приоритет для auth.twa)
try:
payload = verify_access_token(token)
if payload and 'user_id' in payload:
user_id = uuid.UUID(payload['user_id'])
user = await User.get_by_id(session, user_id)
if user and user.is_active:
return user
except Exception as jwt_error:
logger.debug("JWT validation failed, trying legacy format", error=str(jwt_error))
# Fallback: Legacy token format (user_id:hash)
if ':' in token:
user_id_str, token_hash = token.split(':', 1)
try:
user_id = uuid.UUID(user_id_str)
user = await User.get_by_id(session, user_id)
if user and hasattr(user, 'verify_token') and user.verify_token(token_hash):
return user
except (ValueError, AttributeError):
pass
# Fallback: try to find user by API token in user model
# This would require implementing token storage in User model
return None
except Exception as e:
logger.error("Token validation failed", token=token[:8] + "...", error=str(e))
return None
async def check_permissions(self, user: User, request: Request) -> bool:
"""Check if user has required permissions for the endpoint"""
# Implement permission checking based on endpoint and user role
endpoint = request.url.path
method = request.method
# Admin endpoints
if '/admin/' in endpoint:
return user.is_admin
# Moderator endpoints
if '/mod/' in endpoint:
return user.is_moderator
# User-specific endpoints
if '/user/' in endpoint and method in ['POST', 'PUT', 'DELETE']:
return user.has_permission('user:write')
# Content upload endpoints
if '/upload' in endpoint or '/content' in endpoint and method == 'POST':
return user.can_upload_content()
# Default: allow read access for authenticated users
return True
# FastAPI Dependencies для использования в роутах
from fastapi import Depends, HTTPException
async def get_current_user(request: Request) -> Optional[User]:
"""FastAPI dependency для получения текущего пользователя"""
if hasattr(request.state, 'user') and request.state.user:
return request.state.user
return None
async def require_auth(request: Request) -> User:
"""FastAPI dependency для требования аутентификации"""
user = await get_current_user(request)
if not user:
raise HTTPException(status_code=401, detail="Authentication required")
return user
async def check_permissions(permission: str):
"""FastAPI dependency для проверки разрешений"""
def permission_checker(user: User = Depends(require_auth)) -> User:
if not user.has_permission(permission):
raise HTTPException(status_code=403, detail=f"Permission required: {permission}")
return user
return permission_checker
async def require_admin(user: User = Depends(require_auth)) -> User:
"""FastAPI dependency для требования административных прав"""
if not hasattr(user, 'is_admin') or not user.is_admin:
raise HTTPException(status_code=403, detail="Administrative privileges required")
return user
async def check_rate_limit(pattern: str = "api"):
"""FastAPI dependency для проверки rate limit"""
def rate_limit_checker(request: Request) -> bool:
# Rate limiting уже проверяется в middleware
# Это dependency для дополнительных проверок если нужно
return True
return rate_limit_checker

433
app/api/fastapi_node_routes.py Normal file
View File

@ -0,0 +1,433 @@
"""
FastAPI маршруты для межузлового общения с ed25519 подписями
"""
import json
from typing import Dict, Any, Optional
from datetime import datetime
from fastapi import APIRouter, HTTPException, Request, Depends
from fastapi.responses import JSONResponse
from app.core.crypto import get_ed25519_manager
from app.core.logging import get_logger
from app.core.database import get_cache_manager
logger = get_logger(__name__)
# Router для межузловых коммуникаций в FastAPI
router = APIRouter(prefix="/api/node", tags=["node-communication"])
async def validate_node_request(request: Request) -> Dict[str, Any]:
"""Валидация межузлового запроса с обязательной проверкой подписи"""
# Проверяем наличие обязательных заголовков
required_headers = ["x-node-communication", "x-node-id", "x-node-public-key", "x-node-signature"]
for header in required_headers:
if header not in request.headers:
raise HTTPException(status_code=400, detail=f"Missing required header: {header}")
# Проверяем, что это межузловое общение
if request.headers.get("x-node-communication") != "true":
raise HTTPException(status_code=400, detail="Not a valid inter-node communication")
try:
crypto_manager = get_ed25519_manager()
# Получаем заголовки
signature = request.headers.get("x-node-signature")
node_id = request.headers.get("x-node-id")
public_key = request.headers.get("x-node-public-key")
# Читаем тело запроса
body = await request.body()
if not body:
raise HTTPException(status_code=400, detail="Empty message body")
try:
message_data = json.loads(body.decode())
# Anti-replay: validate timestamp and nonce
try:
ts = message_data.get("timestamp")
nonce = message_data.get("nonce")
if ts:
from datetime import datetime, timezone
now = datetime.now(timezone.utc).timestamp()
if abs(float(ts) - float(now)) > 300:
raise HTTPException(status_code=400, detail="stale timestamp")
if nonce:
cache = await get_cache_manager()
cache_key = f"replay:{node_id}:{nonce}"
if await cache.get(cache_key):
raise HTTPException(status_code=400, detail="replay detected")
await cache.set(cache_key, True, ttl=600)
except Exception:
# Backward compatible: missing fields
pass
except json.JSONDecodeError:
raise HTTPException(status_code=400, detail="Invalid JSON in request body")
# Проверяем подпись
is_valid = crypto_manager.verify_signature(message_data, signature, public_key)
if not is_valid:
logger.warning(f"Invalid signature from node {node_id}")
raise HTTPException(status_code=403, detail="Invalid cryptographic signature")
logger.debug(f"Valid signature verified for node {node_id}")
return {
"node_id": node_id,
"public_key": public_key,
"message": message_data
}
except HTTPException:
raise
except Exception as e:
logger.error(f"Crypto verification error: {e}")
raise HTTPException(status_code=500, detail="Cryptographic verification failed")
async def create_node_response(data: Dict[str, Any], request: Request) -> JSONResponse:
"""Создать ответ для межузлового общения с подписью"""
try:
crypto_manager = get_ed25519_manager()
# Добавляем информацию о нашей ноде
response_data = {
"success": True,
"timestamp": datetime.utcnow().isoformat(),
"node_id": crypto_manager.node_id,
"data": data
}
# Подписываем ответ
signature = crypto_manager.sign_message(response_data)
# Создаем ответ с заголовками
headers = {
"X-Node-ID": crypto_manager.node_id,
"X-Node-Public-Key": crypto_manager.public_key_hex,
"X-Node-Communication": "true",
"X-Node-Signature": signature
}
return JSONResponse(content=response_data, headers=headers)
except Exception as e:
logger.error(f"Error creating node response: {e}")
raise HTTPException(status_code=500, detail="Failed to create signed response")
@router.post("/handshake")
async def node_handshake(request: Request):
"""
Обработка хэндшейка между нодами
Ожидаемый формат сообщения:
{
"action": "handshake",
"node_info": {
"node_id": "...",
"version": "...",
"capabilities": [...],
"network_info": {...}
},
"timestamp": "..."
}
"""
try:
# Валидация межузлового запроса
node_data = await validate_node_request(request)
message = node_data["message"]
source_node_id = node_data["node_id"]
logger.info(f"Handshake request from node {source_node_id}")
# Проверяем формат сообщения хэндшейка
if message.get("action") != "handshake":
raise HTTPException(status_code=400, detail="Invalid handshake message format")
node_info = message.get("node_info", {})
if not node_info.get("node_id") or not node_info.get("version"):
raise HTTPException(status_code=400, detail="Missing required node information")
# Создаем информацию о нашей ноде для ответа
crypto_manager = get_ed25519_manager()
our_node_info = {
"node_id": crypto_manager.node_id,
"version": "3.0.0", # Версия MY Network
"capabilities": [
"content_upload",
"content_sync",
"decentralized_filtering",
"ed25519_signatures"
],
"network_info": {
"public_key": crypto_manager.public_key_hex,
"protocol_version": "1.0"
}
}
# Сохраняем информацию о ноде (здесь можно добавить в базу данных)
logger.info(f"Successful handshake with node {source_node_id}",
extra={"peer_node_info": node_info})
response_data = {
"handshake_accepted": True,
"node_info": our_node_info
}
return await create_node_response(response_data, request)
except HTTPException:
raise
except Exception as e:
logger.error(f"Handshake error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
@router.post("/content/sync")
async def content_sync(request: Request):
"""
Синхронизация контента между нодами
Ожидаемый формат сообщения:
{
"action": "content_sync",
"sync_type": "new_content|content_list|content_request",
"content_info": {...},
"timestamp": "..."
}
"""
try:
# Валидация межузлового запроса
node_data = await validate_node_request(request)
message = node_data["message"]
source_node_id = node_data["node_id"]
logger.info(f"Content sync request from node {source_node_id}")
# Проверяем формат сообщения синхронизации
if message.get("action") != "content_sync":
raise HTTPException(status_code=400, detail="Invalid sync message format")
sync_type = message.get("sync_type")
content_info = message.get("content_info", {})
if sync_type == "new_content":
# Обработка нового контента от другой ноды
content_hash = content_info.get("hash")
if not content_hash:
raise HTTPException(status_code=400, detail="Missing content hash")
# Здесь добавить логику обработки нового контента
# через decentralized_filter и content_storage_manager
response_data = {
"sync_result": "content_accepted",
"content_hash": content_hash
}
elif sync_type == "content_list":
# Запрос списка доступного контента
# Здесь добавить логику получения списка контента
response_data = {
"content_list": [], # Заглушка - добавить реальный список
"total_items": 0
}
elif sync_type == "content_request":
# Запрос конкретного контента
requested_hash = content_info.get("hash")
if not requested_hash:
raise HTTPException(status_code=400, detail="Missing content hash for request")
# Здесь добавить логику поиска и передачи контента
response_data = {
"content_found": False, # Заглушка - добавить реальную проверку
"content_hash": requested_hash
}
else:
raise HTTPException(status_code=400, detail=f"Unknown sync type: {sync_type}")
return await create_node_response(response_data, request)
except HTTPException:
raise
except Exception as e:
logger.error(f"Content sync error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
@router.post("/network/ping")
async def network_ping(request: Request):
"""
Пинг между нодами для проверки доступности
Ожидаемый формат сообщения:
{
"action": "ping",
"timestamp": "...",
"data": {...}
}
"""
try:
# Валидация межузлового запроса
node_data = await validate_node_request(request)
message = node_data["message"]
source_node_id = node_data["node_id"]
logger.debug(f"Ping from node {source_node_id}")
# Проверяем формат пинга
if message.get("action") != "ping":
raise HTTPException(status_code=400, detail="Invalid ping message format")
# Создаем ответ pong
response_data = {
"action": "pong",
"ping_timestamp": message.get("timestamp"),
"response_timestamp": datetime.utcnow().isoformat()
}
return await create_node_response(response_data, request)
except HTTPException:
raise
except Exception as e:
logger.error(f"Ping error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
@router.get("/network/status")
async def network_status():
"""
Получение статуса ноды (GET запрос без обязательной подписи)
"""
try:
crypto_manager = get_ed25519_manager()
status_data = {
"node_id": crypto_manager.node_id,
"public_key": crypto_manager.public_key_hex,
"version": "3.0.0",
"status": "active",
"capabilities": [
"content_upload",
"content_sync",
"decentralized_filtering",
"ed25519_signatures"
],
"timestamp": datetime.utcnow().isoformat()
}
return {
"success": True,
"data": status_data
}
except Exception as e:
logger.error(f"Status error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
@router.post("/network/discover")
async def network_discover(request: Request):
"""
Обнаружение и обмен информацией о других нодах в сети
Ожидаемый формат сообщения:
{
"action": "discover",
"known_nodes": [...],
"timestamp": "..."
}
"""
try:
# Валидация межузлового запроса
node_data = await validate_node_request(request)
message = node_data["message"]
source_node_id = node_data["node_id"]
logger.info(f"Discovery request from node {source_node_id}")
# Проверяем формат сообщения
if message.get("action") != "discover":
raise HTTPException(status_code=400, detail="Invalid discovery message format")
known_nodes = message.get("known_nodes", [])
# Здесь добавить логику обработки информации о известных нодах
# и возврат информации о наших известных нодах
response_data = {
"known_nodes": [], # Заглушка - добавить реальный список
"discovery_timestamp": datetime.utcnow().isoformat()
}
return await create_node_response(response_data, request)
except HTTPException:
raise
except Exception as e:
logger.error(f"Discovery error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
# V3 API compatibility endpoints (без подписи для совместимости)
@router.get("/v3/node/status")
async def v3_node_status():
"""
V3 API: Статус ноды для совместимости со скриптами
"""
try:
crypto_manager = get_ed25519_manager()
return {
"status": "online",
"node_id": crypto_manager.node_id,
"version": "3.0.0",
"network": "MY Network",
"capabilities": [
"content_upload",
"content_sync",
"decentralized_filtering",
"ed25519_signatures"
],
"timestamp": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"V3 status error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
@router.get("/v3/network/stats")
async def v3_network_stats():
"""
V3 API: Статистика сети для совместимости со скриптами
"""
try:
# Заглушка для сетевой статистики
return {
"network_stats": {
"total_nodes": 1,
"active_nodes": 1,
"total_content": 0,
"network_health": "good"
},
"node_stats": {
"uptime": "online",
"connections": 0,
"content_shared": 0
},
"timestamp": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"V3 network stats error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")

478
app/api/fastapi_storage_routes.py Normal file
View File

@ -0,0 +1,478 @@
"""
FastAPI маршруты для загрузки файлов с поддержкой chunked uploads
Критически важные эндпоинты для web2-client совместимости
"""
import asyncio
import base64
import hashlib
from datetime import datetime
from typing import Dict, List, Optional, Any
from uuid import UUID, uuid4
from fastapi import APIRouter, HTTPException, Request, Depends, UploadFile, File, Header
from fastapi.responses import JSONResponse, StreamingResponse
from sqlalchemy import select, update, delete
from app.core.config import get_settings
from app.core.database import db_manager, get_cache_manager
from app.core.logging import get_logger
from app.core.models.content_models import StoredContent as Content
from app.core.models.user import User
from app.api.fastapi_middleware import get_current_user, require_auth
# Initialize router
router = APIRouter(prefix="", tags=["storage"])
logger = get_logger(__name__)
settings = get_settings()
# Конфигурация
MAX_CHUNK_SIZE = 80 * 1024 * 1024 # 80 MB
STORAGE_API_URL = getattr(settings, 'STORAGE_API_URL', '/api/storage')
@router.post("")
async def chunked_file_upload(
request: Request,
file: bytes = File(...),
x_file_name: Optional[str] = Header(None, alias="X-File-Name"),
x_chunk_start: Optional[str] = Header(None, alias="X-Chunk-Start"),
x_last_chunk: Optional[str] = Header(None, alias="X-Last-Chunk"),
x_upload_id: Optional[str] = Header(None, alias="X-Upload-ID"),
content_type: Optional[str] = Header(None, alias="Content-Type"),
current_user: User = Depends(get_current_user)
):
"""
Chunked file upload совместимый с web2-client
Обрабатывает как обычные загрузки (80MB), так и чанкированные
Заголовки:
- X-File-Name: base64 encoded filename
- X-Chunk-Start: начальная позиция чанка
- X-Last-Chunk: "1" если это последний чанк
- X-Upload-ID: ID сессии загрузки (для чанков после первого)
- Content-Type: тип контента
"""
try:
# Проверка авторизации
auth_token = request.headers.get('authorization')
if not auth_token and not current_user:
raise HTTPException(status_code=401, detail="Authentication required")
# Валидация заголовков
if not x_file_name:
raise HTTPException(status_code=400, detail="X-File-Name header required")
if not x_chunk_start:
raise HTTPException(status_code=400, detail="X-Chunk-Start header required")
# Декодирование имени файла
try:
filename = base64.b64decode(x_file_name).decode('utf-8')
except Exception:
raise HTTPException(status_code=400, detail="Invalid X-File-Name encoding")
# Парсинг параметров
chunk_start = int(x_chunk_start)
is_last_chunk = x_last_chunk == "1"
upload_id = x_upload_id
# Валидация размера чанка
if len(file) > MAX_CHUNK_SIZE:
raise HTTPException(status_code=413, detail="Chunk too large")
cache_manager = await get_cache_manager()
# Для первого чанка (chunk_start = 0 и нет upload_id)
if chunk_start == 0 and not upload_id:
# Создаем новую сессию загрузки
upload_id = str(uuid4())
# Создаем запись о загрузке
upload_session = {
"upload_id": upload_id,
"filename": filename,
"content_type": content_type or "application/octet-stream",
"user_id": str(current_user.id) if current_user else "anonymous",
"chunks": {},
"total_size": 0,
"created_at": datetime.utcnow().isoformat(),
"status": "uploading"
}
# Сохраняем в кэше
session_key = f"upload_session:{upload_id}"
await cache_manager.set(session_key, upload_session, ttl=3600) # 1 час
await logger.ainfo(
"New upload session created",
upload_id=upload_id,
filename=filename,
user_id=str(current_user.id) if current_user else "anonymous"
)
# Получаем сессию загрузки
session_key = f"upload_session:{upload_id}"
upload_session = await cache_manager.get(session_key)
if not upload_session:
raise HTTPException(status_code=404, detail="Upload session not found")
# Сохраняем чанк
chunk_key = f"upload_chunk:{upload_id}:{chunk_start}"
chunk_data = {
"data": base64.b64encode(file).decode(),
"start": chunk_start,
"size": len(file),
"uploaded_at": datetime.utcnow().isoformat()
}
await cache_manager.set(chunk_key, chunk_data, ttl=3600)
# Обновляем сессию
upload_session["chunks"][str(chunk_start)] = len(file)
upload_session["total_size"] = chunk_start + len(file)
await cache_manager.set(session_key, upload_session, ttl=3600)
# Если это последний чанк, собираем файл
if is_last_chunk:
try:
# Собираем все чанки
file_content = await _assemble_file_chunks(upload_id, upload_session)
# Создаем запись контента в БД
content_id = await _create_content_record(
filename=filename,
content_type=content_type or "application/octet-stream",
file_size=len(file_content),
user_id=current_user.id if current_user else None
)
# Сохраняем файл (здесь должна быть реальная файловая система)
file_hash = hashlib.sha256(file_content).hexdigest()
# Очищаем временные данные
await _cleanup_upload_session(upload_id, upload_session)
await logger.ainfo(
"File upload completed",
upload_id=upload_id,
content_id=content_id,
filename=filename,
file_size=len(file_content),
user_id=str(current_user.id) if current_user else "anonymous"
)
# Ответ для завершенной загрузки (формат для web2-client)
return {
"content_sha256": file_hash,
"content_id_v1": content_id,
"content_id": content_id,
"content_url": f"/api/v1/content/{content_id}/download",
"upload_id": upload_id,
"status": "completed"
}
except Exception as e:
await logger.aerror(
"Failed to finalize upload",
upload_id=upload_id,
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to finalize upload")
else:
# Промежуточный ответ для продолжения загрузки
current_size = upload_session["total_size"]
await logger.adebug(
"Chunk uploaded",
upload_id=upload_id,
chunk_start=chunk_start,
chunk_size=len(file),
current_size=current_size
)
return {
"upload_id": upload_id,
"current_size": current_size,
"chunk_uploaded": True,
"chunks_received": len(upload_session["chunks"])
}
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"Chunked upload failed",
filename=x_file_name,
chunk_start=x_chunk_start,
error=str(e)
)
raise HTTPException(status_code=500, detail="Upload failed")
@router.get("/upload/{upload_id}/status")
async def get_upload_status(
upload_id: str,
request: Request,
current_user: User = Depends(get_current_user)
):
"""
Получение статуса загрузки
"""
try:
# Проверка авторизации
if not current_user:
auth_token = request.headers.get('authorization')
if not auth_token:
raise HTTPException(status_code=401, detail="Authentication required")
cache_manager = await get_cache_manager()
session_key = f"upload_session:{upload_id}"
upload_session = await cache_manager.get(session_key)
if not upload_session:
raise HTTPException(status_code=404, detail="Upload session not found")
# Проверка прав доступа
if current_user and upload_session.get("user_id") != str(current_user.id):
raise HTTPException(status_code=403, detail="Access denied")
# Подсчет прогресса
total_chunks = len(upload_session["chunks"])
total_size = upload_session["total_size"]
return {
"upload_id": upload_id,
"status": upload_session["status"],
"filename": upload_session["filename"],
"total_size": total_size,
"chunks_uploaded": total_chunks,
"created_at": upload_session["created_at"]
}
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"Failed to get upload status",
upload_id=upload_id,
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to get upload status")
@router.delete("/upload/{upload_id}")
async def cancel_upload(
upload_id: str,
request: Request,
current_user: User = Depends(get_current_user)
):
"""
Отмена загрузки и очистка временных данных
"""
try:
# Проверка авторизации
if not current_user:
auth_token = request.headers.get('authorization')
if not auth_token:
raise HTTPException(status_code=401, detail="Authentication required")
cache_manager = await get_cache_manager()
session_key = f"upload_session:{upload_id}"
upload_session = await cache_manager.get(session_key)
if not upload_session:
raise HTTPException(status_code=404, detail="Upload session not found")
# Проверка прав доступа
if current_user and upload_session.get("user_id") != str(current_user.id):
raise HTTPException(status_code=403, detail="Access denied")
# Очистка всех данных загрузки
await _cleanup_upload_session(upload_id, upload_session)
await logger.ainfo(
"Upload cancelled",
upload_id=upload_id,
user_id=str(current_user.id) if current_user else "anonymous"
)
return {
"message": "Upload cancelled successfully",
"upload_id": upload_id
}
except HTTPException:
raise
except Exception as e:
await logger.aerror(
"Failed to cancel upload",
upload_id=upload_id,
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to cancel upload")
# Helper functions
async def _assemble_file_chunks(upload_id: str, upload_session: Dict[str, Any]) -> bytes:
"""Сборка файла из чанков"""
cache_manager = await get_cache_manager()
# Сортируем чанки по позиции
chunk_positions = sorted([int(pos) for pos in upload_session["chunks"].keys()])
file_content = b""
for position in chunk_positions:
chunk_key = f"upload_chunk:{upload_id}:{position}"
chunk_data = await cache_manager.get(chunk_key)
if not chunk_data:
raise Exception(f"Missing chunk at position {position}")
# Декодируем chunk data
chunk_bytes = base64.b64decode(chunk_data["data"])
# Проверяем последовательность
if position != len(file_content):
raise Exception(f"Chunk position mismatch: expected {len(file_content)}, got {position}")
file_content += chunk_bytes
return file_content
async def _create_content_record(
filename: str,
content_type: str,
file_size: int,
user_id: Optional[UUID]
) -> str:
"""Создание записи контента в базе данных"""
try:
async with db_manager.get_session() as session:
content = Content(
id=uuid4(),
user_id=user_id,
title=filename,
description=f"Uploaded file: {filename}",
content_type=content_type,
file_size=file_size,
status="completed",
visibility="private"
)
session.add(content)
await session.commit()
await session.refresh(content)
return str(content.id)
except Exception as e:
await logger.aerror(
"Failed to create content record",
filename=filename,
error=str(e)
)
raise
async def _cleanup_upload_session(upload_id: str, upload_session: Dict[str, Any]) -> None:
"""Очистка временных данных загрузки"""
try:
cache_manager = await get_cache_manager()
# Удаляем все чанки
for position in upload_session["chunks"].keys():
chunk_key = f"upload_chunk:{upload_id}:{position}"
await cache_manager.delete(chunk_key)
# Удаляем сессию
session_key = f"upload_session:{upload_id}"
await cache_manager.delete(session_key)
await logger.adebug(
"Upload session cleaned up",
upload_id=upload_id,
chunks_deleted=len(upload_session["chunks"])
)
except Exception as e:
await logger.awarning(
"Failed to cleanup upload session",
upload_id=upload_id,
error=str(e)
)
# Дополнительные эндпоинты для совместимости
@router.post("/api/v1/storage/upload")
async def initiate_upload_v1(
request: Request,
current_user: User = Depends(require_auth)
):
"""
Инициация загрузки (v1 API совместимость)
"""
try:
# Простая заглушка для совместимости
upload_id = str(uuid4())
return {
"upload_id": upload_id,
"status": "ready",
"message": "Upload session created"
}
except Exception as e:
await logger.aerror(
"Failed to initiate upload",
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to initiate upload")
@router.get("/api/v1/storage/quota")
async def get_storage_quota(
request: Request,
current_user: User = Depends(require_auth)
):
"""
Получение информации о квоте хранилища
"""
try:
# Базовая реализация квот
max_storage = getattr(settings, 'MAX_STORAGE_PER_USER', 1024 * 1024 * 1024) # 1GB
# Подсчет используемого места (заглушка)
used_storage = 0
async with db_manager.get_session() as session:
stmt = select(Content).where(Content.user_id == current_user.id)
result = await session.execute(stmt)
contents = result.scalars().all()
used_storage = sum(content.file_size or 0 for content in contents)
return {
"quota": {
"used_bytes": used_storage,
"max_bytes": max_storage,
"available_bytes": max(0, max_storage - used_storage),
"usage_percent": round((used_storage / max_storage) * 100, 2) if max_storage > 0 else 0
},
"files": {
"count": len(contents),
"max_files": getattr(settings, 'MAX_FILES_PER_USER', 1000)
}
}
except Exception as e:
await logger.aerror(
"Failed to get storage quota",
user_id=str(current_user.id),
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to get quota information")

556
app/api/fastapi_system_routes.py Normal file
View File

@ -0,0 +1,556 @@
"""
FastAPI системные эндпоинты для мониторинга, health checks и администрирования
TIER 3 - системные функции для операционного управления
"""
import asyncio
import platform
import psutil
import time
from datetime import datetime, timedelta
from typing import Dict, List, Optional, Any
from uuid import UUID
from fastapi import APIRouter, HTTPException, Request, Depends, Query
from fastapi.responses import JSONResponse
from sqlalchemy import select, text
from app.core.config import get_settings
from app.core.database import db_manager, get_cache_manager
from app.core.logging import get_logger
from app.core.crypto import get_ed25519_manager
from app.core.models.content_models import StoredContent as Content
from app.core.models.user import User
from app.api.fastapi_middleware import require_auth, require_admin
# Initialize router
router = APIRouter(prefix="/api/system", tags=["system"])
logger = get_logger(__name__)
settings = get_settings()
# Системная информация для мониторинга
_start_time = time.time()
_request_counter = 0
_error_counter = 0
@router.get("/health")
async def health_check():
"""
Базовая проверка здоровья сервиса
Доступна без авторизации для load balancer'ов
"""
try:
# Проверяем подключение к базе данных
db_status = "unknown"
try:
async with db_manager.get_session() as session:
await session.execute(text("SELECT 1"))
db_status = "healthy"
except Exception as e:
db_status = f"unhealthy: {str(e)[:100]}"
# Проверяем кэш
cache_status = "unknown"
try:
cache_manager = await get_cache_manager()
await cache_manager.set("health_check", "ok", ttl=10)
cache_status = "healthy"
except Exception as e:
cache_status = f"unhealthy: {str(e)[:100]}"
# Проверяем криптографию
crypto_status = "unknown"
try:
crypto_manager = get_ed25519_manager()
test_data = {"test": "health_check"}
signature = crypto_manager.sign_message(test_data)
is_valid = crypto_manager.verify_signature(
test_data, signature, crypto_manager.public_key_hex
)
crypto_status = "healthy" if is_valid else "unhealthy: signature verification failed"
except Exception as e:
crypto_status = f"unhealthy: {str(e)[:100]}"
# Определяем общий статус
overall_status = "healthy"
if "unhealthy" in db_status or "unhealthy" in cache_status or "unhealthy" in crypto_status:
overall_status = "degraded"
health_data = {
"status": overall_status,
"timestamp": datetime.utcnow().isoformat(),
"services": {
"database": db_status,
"cache": cache_status,
"cryptography": crypto_status
},
"uptime_seconds": int(time.time() - _start_time)
}
# Возвращаем статус с соответствующим HTTP кодом
status_code = 200 if overall_status == "healthy" else 503
return JSONResponse(
content=health_data,
status_code=status_code
)
except Exception as e:
await logger.aerror(
"Health check failed",
error=str(e)
)
return JSONResponse(
content={
"status": "unhealthy",
"error": "Health check system failure",
"timestamp": datetime.utcnow().isoformat()
},
status_code=503
)
@router.get("/health/detailed")
async def detailed_health_check(
request: Request,
current_user: User = Depends(require_admin)
):
"""
Детальная проверка здоровья системы с метриками
Только для администраторов
"""
try:
# Системные метрики
system_info = {
"cpu_percent": psutil.cpu_percent(interval=1),
"memory": {
"total": psutil.virtual_memory().total,
"available": psutil.virtual_memory().available,
"percent": psutil.virtual_memory().percent
},
"disk": {
"total": psutil.disk_usage('/').total,
"used": psutil.disk_usage('/').used,
"free": psutil.disk_usage('/').free,
"percent": psutil.disk_usage('/').percent
},
"load_average": psutil.getloadavg() if hasattr(psutil, 'getloadavg') else None
}
# Метрики базы данных
db_metrics = {}
try:
async with db_manager.get_session() as session:
# Количество пользователей
user_count = await session.execute(text("SELECT COUNT(*) FROM users"))
db_metrics["users_count"] = user_count.scalar()
# Количество контента
content_count = await session.execute(text("SELECT COUNT(*) FROM stored_content"))
db_metrics["content_count"] = content_count.scalar()
# Размер базы данных (приблизительно)
db_size = await session.execute(text("""
SELECT pg_size_pretty(pg_database_size(current_database()))
"""))
db_metrics["database_size"] = db_size.scalar()
except Exception as e:
db_metrics["error"] = str(e)
# Метрики кэша
cache_metrics = {}
try:
cache_manager = await get_cache_manager()
# Здесь добавить метрики Redis если доступны
cache_metrics["status"] = "connected"
except Exception as e:
cache_metrics["error"] = str(e)
# Метрики приложения
app_metrics = {
"uptime_seconds": int(time.time() - _start_time),
"requests_total": _request_counter,
"errors_total": _error_counter,
"error_rate": _error_counter / max(_request_counter, 1),
"python_version": platform.python_version(),
"platform": platform.platform()
}
# Конфигурация
config_info = {
"debug_mode": getattr(settings, 'DEBUG', False),
"environment": getattr(settings, 'ENVIRONMENT', 'unknown'),
"version": getattr(settings, 'VERSION', 'unknown'),
"node_id": get_ed25519_manager().node_id[:8] + "..." # Частичный ID для безопасности
}
detailed_health = {
"status": "healthy",
"timestamp": datetime.utcnow().isoformat(),
"system": system_info,
"database": db_metrics,
"cache": cache_metrics,
"application": app_metrics,
"configuration": config_info
}
return detailed_health
except Exception as e:
await logger.aerror(
"Detailed health check failed",
user_id=str(current_user.id),
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to get detailed health status")
@router.get("/metrics")
async def prometheus_metrics():
"""
Метрики в формате Prometheus
"""
try:
# Базовые метрики системы
cpu_usage = psutil.cpu_percent(interval=0.1)
memory = psutil.virtual_memory()
disk = psutil.disk_usage('/')
# Метрики приложения
uptime = int(time.time() - _start_time)
# Формат Prometheus
metrics = f"""# HELP uploader_bot_uptime_seconds Total uptime in seconds
# TYPE uploader_bot_uptime_seconds counter
uploader_bot_uptime_seconds {uptime}
# HELP uploader_bot_requests_total Total number of HTTP requests
# TYPE uploader_bot_requests_total counter
uploader_bot_requests_total {_request_counter}
# HELP uploader_bot_errors_total Total number of errors
# TYPE uploader_bot_errors_total counter
uploader_bot_errors_total {_error_counter}
# HELP system_cpu_usage_percent CPU usage percentage
# TYPE system_cpu_usage_percent gauge
system_cpu_usage_percent {cpu_usage}
# HELP system_memory_usage_percent Memory usage percentage
# TYPE system_memory_usage_percent gauge
system_memory_usage_percent {memory.percent}
# HELP system_disk_usage_percent Disk usage percentage
# TYPE system_disk_usage_percent gauge
system_disk_usage_percent {disk.percent}
# HELP system_memory_total_bytes Total memory in bytes
# TYPE system_memory_total_bytes gauge
system_memory_total_bytes {memory.total}
# HELP system_memory_available_bytes Available memory in bytes
# TYPE system_memory_available_bytes gauge
system_memory_available_bytes {memory.available}
"""
from fastapi.responses import PlainTextResponse
return PlainTextResponse(
content=metrics
)
except Exception as e:
await logger.aerror(
"Metrics collection failed",
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to collect metrics")
@router.get("/info")
async def system_info():
"""
Общая информация о системе (публичная)
"""
try:
crypto_manager = get_ed25519_manager()
info = {
"service": "uploader-bot",
"version": getattr(settings, 'VERSION', 'unknown'),
"api_version": "v1",
"network": "MY Network v3.0",
"node_id": crypto_manager.node_id,
"public_key": crypto_manager.public_key_hex,
"capabilities": [
"content_upload",
"content_sync",
"decentralized_filtering",
"ed25519_signatures",
"web2_client_api"
],
"supported_formats": [
"image/*",
"video/*",
"audio/*",
"text/*",
"application/pdf"
],
"max_file_size": getattr(settings, 'MAX_FILE_SIZE', 100 * 1024 * 1024),
"timestamp": datetime.utcnow().isoformat()
}
return info
except Exception as e:
await logger.aerror(
"System info failed",
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to get system information")
@router.get("/stats")
async def system_statistics(
request: Request,
current_user: User = Depends(require_auth),
days: int = Query(7, ge=1, le=30, description="Number of days for statistics")
):
"""
Статистика системы за указанный период
"""
try:
since_date = datetime.utcnow() - timedelta(days=days)
# Статистика из базы данных
stats = {}
async with db_manager.get_session() as session:
# Общая статистика контента
content_stats = await session.execute(text("""
SELECT
COUNT(*) as total_content,
SUM(CASE WHEN created_at >= :since_date THEN 1 ELSE 0 END) as new_content,
SUM(file_size) as total_size,
AVG(file_size) as avg_size
FROM stored_content
"""), {"since_date": since_date})
content_row = content_stats.fetchone()
stats["content"] = {
"total_items": content_row.total_content or 0,
"new_items": content_row.new_content or 0,
"total_size_bytes": content_row.total_size or 0,
"average_size_bytes": float(content_row.avg_size or 0)
}
# Статистика пользователей
user_stats = await session.execute(text("""
SELECT
COUNT(*) as total_users,
SUM(CASE WHEN created_at >= :since_date THEN 1 ELSE 0 END) as new_users
FROM users
"""), {"since_date": since_date})
user_row = user_stats.fetchone()
stats["users"] = {
"total_users": user_row.total_users or 0,
"new_users": user_row.new_users or 0
}
# Системная статистика
stats["system"] = {
"uptime_seconds": int(time.time() - _start_time),
"requests_handled": _request_counter,
"errors_occurred": _error_counter,
"period_days": days,
"generated_at": datetime.utcnow().isoformat()
}
return stats
except Exception as e:
await logger.aerror(
"Statistics generation failed",
user_id=str(current_user.id),
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to generate statistics")
@router.post("/maintenance")
async def toggle_maintenance_mode(
request: Request,
enabled: bool = Query(description="Enable or disable maintenance mode"),
current_user: User = Depends(require_admin)
):
"""
Включение/отключение режима обслуживания
Только для администраторов
"""
try:
cache_manager = await get_cache_manager()
if enabled:
maintenance_info = {
"enabled": True,
"enabled_at": datetime.utcnow().isoformat(),
"enabled_by": str(current_user.id),
"message": "System is under maintenance. Please try again later."
}
await cache_manager.set("maintenance_mode", maintenance_info, ttl=86400) # 24 часа
await logger.awarning(
"Maintenance mode enabled",
admin_id=str(current_user.id)
)
return {
"message": "Maintenance mode enabled",
"maintenance_info": maintenance_info
}
else:
await cache_manager.delete("maintenance_mode")
await logger.ainfo(
"Maintenance mode disabled",
admin_id=str(current_user.id)
)
return {
"message": "Maintenance mode disabled"
}
except Exception as e:
await logger.aerror(
"Maintenance mode toggle failed",
admin_id=str(current_user.id),
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to toggle maintenance mode")
@router.get("/logs")
async def get_system_logs(
request: Request,
current_user: User = Depends(require_admin),
level: str = Query("INFO", description="Log level filter"),
lines: int = Query(100, ge=1, le=1000, description="Number of lines to return"),
component: Optional[str] = Query(None, description="Filter by component")
):
"""
Получение системных логов
Только для администраторов
"""
try:
# Здесь должна быть реализация чтения логов
# В реальной системе это может быть подключение к логгеру или файловой системе
# Заглушка для демонстрации
logs = [
{
"timestamp": datetime.utcnow().isoformat(),
"level": "INFO",
"component": "system",
"message": "System logs endpoint accessed",
"user_id": str(current_user.id)
}
]
return {
"logs": logs,
"total_lines": len(logs),
"filters": {
"level": level,
"lines": lines,
"component": component
},
"generated_at": datetime.utcnow().isoformat()
}
except Exception as e:
await logger.aerror(
"Log retrieval failed",
admin_id=str(current_user.id),
error=str(e)
)
raise HTTPException(status_code=500, detail="Failed to retrieve logs")
# Middleware для подсчета запросов (будет использоваться в главном приложении)
async def increment_request_counter():
"""Увеличение счетчика запросов"""
global _request_counter
_request_counter += 1
async def increment_error_counter():
"""Увеличение счетчика ошибок"""
global _error_counter
_error_counter += 1
# Healthcheck для ready probe (Kubernetes)
@router.get("/ready")
async def readiness_check():
"""
Проверка готовности к обслуживанию запросов
Для Kubernetes readiness probe
"""
try:
# Проверяем критически важные сервисы
checks = []
# Проверка базы данных
try:
async with db_manager.get_session() as session:
await session.execute(text("SELECT 1"))
checks.append({"service": "database", "status": "ready"})
except Exception as e:
checks.append({"service": "database", "status": "not_ready", "error": str(e)})
# Проверка кэша
try:
cache_manager = await get_cache_manager()
await cache_manager.set("readiness_check", "ok", ttl=5)
checks.append({"service": "cache", "status": "ready"})
except Exception as e:
checks.append({"service": "cache", "status": "not_ready", "error": str(e)})
# Определяем готовность
all_ready = all(check["status"] == "ready" for check in checks)
return JSONResponse(
content={
"status": "ready" if all_ready else "not_ready",
"checks": checks,
"timestamp": datetime.utcnow().isoformat()
},
status_code=200 if all_ready else 503
)
except Exception as e:
return JSONResponse(
content={
"status": "not_ready",
"error": "Readiness check failed",
"timestamp": datetime.utcnow().isoformat()
},
status_code=503
)
# Liveness probe для Kubernetes
@router.get("/live")
async def liveness_check():
"""
Проверка жизнеспособности приложения
Для Kubernetes liveness probe
"""
return {
"status": "alive",
"timestamp": datetime.utcnow().isoformat(),
"uptime_seconds": int(time.time() - _start_time)
}

177
app/api/fastapi_v3_routes.py Normal file
View File

@ -0,0 +1,177 @@
"""
FastAPI маршруты для совместимости с v3 API
"""
from typing import Dict, Any
from datetime import datetime
from fastapi import APIRouter, HTTPException
from fastapi.responses import JSONResponse
from app.core.crypto import get_ed25519_manager
from app.core.logging import get_logger
logger = get_logger(__name__)
# Router для v3 API совместимости
router = APIRouter(prefix="/api/v3", tags=["v3-compatibility"])
@router.get("/node/status")
async def get_node_status_v3():
"""
Получение статуса ноды (v3 API совместимость)
"""
try:
crypto_manager = get_ed25519_manager()
return {
"success": True,
"data": {
"node_id": crypto_manager.node_id,
"public_key": crypto_manager.public_key_hex,
"version": "3.0.0",
"status": "active",
"capabilities": [
"content_upload",
"content_sync",
"decentralized_filtering",
"ed25519_signatures"
],
"network": {
"protocol_version": "3.0",
"connections": 0, # TODO: добавить реальную статистику
"peers": []
},
"timestamp": datetime.utcnow().isoformat()
}
}
except Exception as e:
logger.error(f"Node status error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
@router.get("/network/stats")
async def get_network_stats_v3():
"""
Получение статистики сети (v3 API)
"""
try:
# TODO: добавить реальные метрики
return {
"success": True,
"data": {
"network": {
"total_nodes": 1,
"active_nodes": 1,
"total_content": 0,
"network_hash_rate": 0,
"avg_latency_ms": 0
},
"node": {
"uptime_seconds": 0,
"content_served": 0,
"bytes_transferred": 0,
"requests_handled": 0
},
"timestamp": datetime.utcnow().isoformat()
}
}
except Exception as e:
logger.error(f"Network stats error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
@router.get("/content/list")
async def get_content_list_v3():
"""
Получение списка контента (v3 API)
"""
try:
# TODO: добавить реальный список контента
return {
"success": True,
"data": {
"content": [],
"total": 0,
"page": 1,
"per_page": 50
}
}
except Exception as e:
logger.error(f"Content list error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
# Router для v1 API совместимости
router_v1 = APIRouter(prefix="/api/v1", tags=["v1-compatibility"])
@router_v1.get("/node")
async def get_node_info_v1():
"""
Получение информации о ноде (v1 API совместимость)
"""
try:
crypto_manager = get_ed25519_manager()
return {
"node_id": crypto_manager.node_id,
"version": "3.0.0",
"status": "online",
"api_version": "v1-compat"
}
except Exception as e:
logger.error(f"Node info error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
# Router для MY Network совместимости
router_my = APIRouter(prefix="/api/my", tags=["my-network-compatibility"])
@router_my.get("/monitor")
async def get_my_network_monitor():
"""
Мониторинг MY Network (совместимость)
"""
try:
crypto_manager = get_ed25519_manager()
return {
"status": "active",
"node_id": crypto_manager.node_id,
"version": "3.0.0",
"network": {
"peers": 0,
"content_items": 0
},
"timestamp": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"MY Network monitor error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
@router_my.post("/handshake")
async def my_network_handshake():
"""
MY Network handshake (совместимость)
"""
try:
crypto_manager = get_ed25519_manager()
return {
"success": True,
"node_id": crypto_manager.node_id,
"version": "3.0.0",
"protocol": "my-network-v3"
}
except Exception as e:
logger.error(f"MY Network handshake error: {e}")
raise HTTPException(status_code=500, detail="Internal server error")

168
app/api/middleware.py
View File

@ -1,168 +0,0 @@
from base58 import b58decode
from sanic import response as sanic_response
from app.core._crypto.signer import Signer
from app.core._secrets import hot_seed
from app.core.logger import make_log
from app.core.models.keys import KnownKey
from app.core.models._telegram.wrapped_bot import Wrapped_CBotChat
from app.core.models.user_activity import UserActivity
from app.core.models.user import User
from app.core.storage import Session
from datetime import datetime, timedelta
def attach_headers(response):
response.headers["Access-Control-Allow-Origin"] = "*"
response.headers["Access-Control-Allow-Methods"] = "GET, POST, OPTIONS"
response.headers["Access-Control-Allow-Headers"] = "Origin, Content-Type, Accept, Authorization, Referer, User-Agent, Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, x-file-name, x-last-chunk, x-chunk-start, x-upload-id"
# response.headers["Access-Control-Allow-Credentials"] = "true"
return response
async def try_authorization(request):
token = request.headers.get("Authorization")
if not token:
return
token_bin = b58decode(token)
if len(token_bin) != 57:
make_log("auth", "Invalid token length", level="warning")
return
known_key = request.ctx.db_session.query(KnownKey).filter(KnownKey.seed == token).first()
if not known_key:
make_log("auth", "Unknown key", level="warning")
return
if known_key.type != "USER_API_V1":
make_log("auth", "Invalid key type", level="warning")
return
(
token_version,
user_id,
timestamp,
randpart
) = (
int.from_bytes(token_bin[0:1], 'big'),
int.from_bytes(token_bin[1:17], 'big'),
int.from_bytes(token_bin[17:25], 'big'),
token_bin[25:]
)
assert token_version == 1, "Invalid token version"
assert user_id > 0, "Invalid user_id"
assert timestamp > 0, "Invalid timestamp"
if known_key.meta.get('I_user_id', -1) != user_id:
make_log("auth", f"User ID mismatch: {known_key.meta.get('I_user_id', -1)} != {user_id}", level="warning")
return
user = request.ctx.db_session.query(User).filter(User.id == known_key.meta['I_user_id']).first()
if not user:
make_log("auth", "No user from key", level="warning")
return
request.ctx.user = user
request.ctx.user_key = known_key
request.ctx.user_uploader_wrapper = Wrapped_CBotChat(request.app.ctx.memory._telegram_bot, chat_id=user.telegram_id, db_session=request.ctx.db_session, user=user)
request.ctx.user_client_wrapper = Wrapped_CBotChat(request.app.ctx.memory._client_telegram_bot, chat_id=user.telegram_id, db_session=request.ctx.db_session, user=user)
async def try_service_authorization(request):
signature = request.headers.get('X-Service-Signature')
if not signature:
return
# TODO: смысл этой проверки если это можно подменить?
message_hash_b58 = request.headers.get('X-Message-Hash')
if not message_hash_b58:
return
message_hash = b58decode(message_hash_b58)
signer = Signer(hot_seed)
if signer.verify(message_hash, signature):
request.ctx.verified_hash = message_hash
async def save_activity(request):
activity_meta = {}
try:
activity_meta["path"] = request.path
if 'system' in activity_meta["path"]:
return
except:
pass
try:
activity_meta["args"] = dict(request.args)
except:
pass
try:
activity_meta["json"] = dict(request.json)
except:
pass
try:
activity_meta["method"] = request.method
except:
pass
try:
activity_meta["ip"] = (request.headers['X-Forwarded-for'] if 'X-Forwarded-for' in request.headers else None) \
or request.remote_addr or request.ip
activity_meta["ip"] = activity_meta["ip"].split(",")[0].strip()
except:
pass
try:
activity_meta["headers"] = dict(request.headers)
except:
pass
new_user_activity = UserActivity(
type="API_V1_REQUEST",
meta=activity_meta,
user_id=request.ctx.user.id if request.ctx.user else None,
user_ip=activity_meta.get("ip", "0.0.0.0"),
created=datetime.now()
)
request.ctx.db_session.add(new_user_activity)
request.ctx.db_session.commit()
async def attach_user_to_request(request):
if request.method == 'OPTIONS':
return attach_headers(sanic_response.text("OK"))
request.ctx.db_session = Session()
request.ctx.verified_hash = None
request.ctx.user = None
request.ctx.user_key = None
request.ctx.user_uploader_wrapper = Wrapped_CBotChat(request.app.ctx.memory._telegram_bot, db_session=request.ctx.db_session)
request.ctx.user_client_wrapper = Wrapped_CBotChat(request.app.ctx.memory._client_telegram_bot, db_session=request.ctx.db_session)
await try_authorization(request)
await save_activity(request)
await try_service_authorization(request)
async def close_request_handler(request, response):
if request.method == 'OPTIONS':
response = sanic_response.text("OK")
try:
request.ctx.db_session.close()
except BaseException as e:
pass
response = attach_headers(response)
return request, response
async def close_db_session(request, response):
request, response = await close_request_handler(request, response)
response = attach_headers(response)
return response

295
app/api/routes/_blockchain.py
View File

@ -1,295 +0,0 @@
from base64 import b64encode
from datetime import datetime
import traceback
from sanic import response
from sqlalchemy import and_
from tonsdk.boc import begin_cell, begin_dict
from tonsdk.utils import Address
from base58 import b58encode
from app.core._blockchain.ton.connect import TonConnect, wallet_obj_by_name
from app.core._blockchain.ton.platform import platform
from app.core._config import PROJECT_HOST
from app.core.logger import make_log
from app.core._utils.resolve_content import resolve_content
from app.core.content.utils import create_metadata_for_item
from app.core._crypto.content import create_encrypted_content
from app.core.models.content.user_content import UserContent
from app.core.models.node_storage import StoredContent
from app.core.models._telegram import Wrapped_CBotChat
from app.core._keyboards import get_inline_keyboard
from app.core.models.promo import PromoAction
from app.core.models.tasks import BlockchainTask
def valid_royalty_params(royalty_params):
assert sum([x['value'] for x in royalty_params]) == 10000, "Values of royalties should sum to 10000"
for royalty_param in royalty_params:
for field_key, field_value in {
'address': lambda x: isinstance(x, str),
'value': lambda x: (isinstance(x, int) and 0 <= x <= 10000)
}.items():
assert field_key in royalty_param, f"No {field_key} provided"
assert field_value(royalty_param[field_key]), f"Invalid {field_key} provided"
return True
async def s_api_v1_blockchain_send_new_content_message(request):
try:
assert request.json, "No data provided"
assert request.ctx.user, "No authorized user provided"
if not request.json['hashtags']:
request.json['hashtags'] = []
for field_key, field_value in {
'title': lambda x: isinstance(x, str),
'authors': lambda x: isinstance(x, list),
'content': lambda x: isinstance(x, str),
'image': lambda x: isinstance(x, str),
'description': lambda x: isinstance(x, str),
'price': lambda x: (isinstance(x, str) and x.isdigit()),
'allowResale': lambda x: isinstance(x, bool),
'royaltyParams': lambda x: (isinstance(x, list) and valid_royalty_params(x)),
'hashtags': lambda x: isinstance(x, list) and all([isinstance(y, str) for y in x])
}.items():
assert field_key in request.json, f"No {field_key} provided"
assert field_value(request.json[field_key]), f"Invalid {field_key} provided"
decrypted_content_cid, err = resolve_content(request.json['content'])
assert not err, f"Invalid content CID"
# Поиск исходного файла загруженного
decrypted_content = request.ctx.db_session.query(StoredContent).filter(
StoredContent.hash == decrypted_content_cid.content_hash_b58
).first()
assert decrypted_content, "No content locally found"
assert decrypted_content.type == "local/content_bin", "Invalid content type"
# Создание фиктивного encrypted_content. Не шифруем для производительности, тк зашифрованная нигде дальше не используется
encrypted_content = await create_encrypted_content(request.ctx.db_session, decrypted_content)
encrypted_content_cid = encrypted_content.cid
if request.json['image']:
image_content_cid, err = resolve_content(request.json['image'])
assert not err, f"Invalid image CID"
image_content = request.ctx.db_session.query(StoredContent).filter(
StoredContent.hash == image_content_cid.content_hash_b58
).first()
assert image_content, "No image locally found"
else:
image_content_cid = None
image_content = None
content_title = f"{', '.join(request.json['authors'])} {request.json['title']}" if request.json['authors'] else request.json['title']
metadata_content = await create_metadata_for_item(
request.ctx.db_session,
title=content_title,
cover_url=f"{PROJECT_HOST}/api/v1.5/storage/{image_content_cid.serialize_v2()}" if image_content_cid else None,
authors=request.json['authors'],
hashtags=request.json['hashtags'],
downloadable=request.json['downloadable'] if 'downloadable' in request.json else False,
)
royalties_dict = begin_dict(8)
i = 0
for royalty_param in request.json['royaltyParams']:
royalties_dict.store_ref(
i, begin_cell()
.store_address(Address(royalty_param['address']))
.store_uint(royalty_param['value'], 16)
.end_cell()
)
i += 1
promo_free_upload_available = (
3 - (request.ctx.db_session.query(PromoAction).filter(
PromoAction.user_internal_id == request.ctx.user.id,
PromoAction.action_type == 'freeUpload',
).count())
)
if request.ctx.db_session.query(BlockchainTask).filter(
and_(
BlockchainTask.user_id == request.ctx.user.id,
BlockchainTask.status != 'done',
)
).first():
make_log("Blockchain", f"User {request.ctx.user.id} already has a pending task", level='warning')
promo_free_upload_available = 0
make_log("Blockchain", f"User {request.ctx.user.id} has {promo_free_upload_available} free uploads available", level='info')
if promo_free_upload_available > 0:
promo_action = PromoAction(
user_id = str(request.ctx.user.id),
user_internal_id=request.ctx.user.id,
action_type='freeUpload',
action_ref=str(encrypted_content_cid.content_hash),
created=datetime.now()
)
request.ctx.db_session.add(promo_action)
blockchain_task = BlockchainTask(
destination=platform.address.to_string(1, 1, 1),
amount=str(int(0.03 * 10 ** 9)),
payload=b64encode(
begin_cell()
.store_uint(0x5491d08c, 32)
.store_uint(int.from_bytes(encrypted_content_cid.content_hash, "big", signed=False), 256)
.store_address(Address(request.ctx.user.wallet_address(request.ctx.db_session)))
.store_ref(
begin_cell()
.store_ref(
begin_cell()
.store_coins(int(0))
.store_coins(int(0))
.store_coins(int(request.json['price']))
.end_cell()
)
.store_maybe_ref(royalties_dict.end_dict())
.store_uint(0, 1)
.end_cell()
)
.store_ref(
begin_cell()
.store_ref(
begin_cell()
.store_bytes(f"{PROJECT_HOST}/api/v1.5/storage/{metadata_content.cid.serialize_v2(include_accept_type=True)}".encode())
.end_cell()
)
.store_ref(
begin_cell()
.store_ref(begin_cell().store_bytes(f"{encrypted_content_cid.serialize_v2()}".encode()).end_cell())
.store_ref(begin_cell().store_bytes(f"{image_content_cid.serialize_v2() if image_content_cid else ''}".encode()).end_cell())
.store_ref(begin_cell().store_bytes(f"{metadata_content.cid.serialize_v2()}".encode()).end_cell())
.end_cell()
)
.end_cell()
)
.end_cell().to_boc(False)
).decode(),
epoch=None, seqno=None,
created = datetime.now(),
status='wait',
user_id = request.ctx.user.id
)
request.ctx.db_session.add(blockchain_task)
request.ctx.db_session.commit()
await request.ctx.user_uploader_wrapper.send_message(
request.ctx.user.translated('p_uploadContentTxPromo').format(
title=content_title,
free_count=(promo_free_upload_available - 1)
), message_type='hint', message_meta={
'encrypted_content_hash': b58encode(encrypted_content_cid.content_hash).decode(),
'hint_type': 'uploadContentTxRequested'
}
)
return response.json({
'address': "free",
'amount': str(int(0.03 * 10 ** 9)),
'payload': ""
})
await request.ctx.user_uploader_wrapper.send_message(
request.ctx.user.translated('p_uploadContentTxRequested').format(
title=content_title,
), message_type='hint', message_meta={
'encrypted_content_hash': b58encode(encrypted_content_cid.content_hash).decode(),
'hint_type': 'uploadContentTxRequested'
}
)
return response.json({
'address': platform.address.to_string(1, 1, 1),
'amount': str(int(0.03 * 10 ** 9)),
'payload': b64encode(
begin_cell()
.store_uint(0x5491d08c, 32)
.store_uint(int.from_bytes(encrypted_content_cid.content_hash, "big", signed=False), 256)
.store_uint(0, 2)
.store_ref(
begin_cell()
.store_ref(
begin_cell()
.store_coins(int(0))
.store_coins(int(0))
.store_coins(int(request.json['price']))
.end_cell()
)
.store_maybe_ref(royalties_dict.end_dict())
.store_uint(0, 1)
.end_cell()
)
.store_ref(
begin_cell()
.store_ref(
begin_cell()
.store_bytes(f"{PROJECT_HOST}/api/v1.5/storage/{metadata_content.cid.serialize_v2(include_accept_type=True)}".encode())
.end_cell()
)
.store_ref(
begin_cell()
.store_ref(begin_cell().store_bytes(f"{encrypted_content_cid.serialize_v2()}".encode()).end_cell())
.store_ref(begin_cell().store_bytes(f"{image_content_cid.serialize_v2() if image_content_cid else ''}".encode()).end_cell())
.store_ref(begin_cell().store_bytes(f"{metadata_content.cid.serialize_v2()}".encode()).end_cell())
.end_cell()
)
.end_cell()
)
.end_cell().to_boc(False)
).decode()
})
except BaseException as e:
make_log("Blockchain", f"Error while sending new content message: {e}" + '\n' + traceback.format_exc(), level='error')
return response.json({"error": str(e)}, status=400)
async def s_api_v1_blockchain_send_purchase_content_message(request):
assert request.json, "No data provided"
for field_key, field_value in {
'content_address': lambda x: isinstance(x, str),
'license_type': lambda x: x in ['resale']
}.items():
assert field_key in request.json, f"No {field_key} provided"
assert field_value(request.json[field_key]), f"Invalid {field_key} provided"
if not request.ctx.user.wallet_address(request.ctx.db_session):
return response.json({"error": "No wallet address provided"}, status=400)
license_exist = request.ctx.db_session.query(UserContent).filter_by(
onchain_address=request.json['content_address'],
).first()
if license_exist:
r_content = StoredContent.from_cid(request.ctx.db_session, license_exist.content.cid.serialize_v2())
else:
r_content = StoredContent.from_cid(request.ctx.db_session, request.json['content_address'])
content = r_content.open_content(request.ctx.db_session)
licenses_cost = content['encrypted_content'].json_format()['license']
assert request.json['license_type'] in licenses_cost
return response.json({
'address': (
license_exist.onchain_address if license_exist else content['encrypted_content'].json_format()['item_address']
),
'amount': str(int(licenses_cost['resale']['price'])),
'payload': b64encode((
begin_cell()
.store_uint(0x2a319593, 32)
.store_uint(0, 64)
.store_uint(3, 8)
# .store_uint({
# 'listen': 1,
# 'resale': 3
# }[request.json['license_type']], 8)
.store_uint(0, 256)
.store_uint(0, 2)
.end_cell()
).to_boc(False)).decode()
})

15
app/api/routes/_index.py
View File

@ -1,15 +0,0 @@
from sanic import response
async def s_index(request):
return response.json({
'success': True,
'message': 'Welcome to the @MY API!'
})
async def s_favicon(request):
return response.redirect(
"https://git.projscale.dev/my-dev/assets/raw/commit/890ed9e60a25a65c8ad600d6d0ad3ac4480e3039/images/logo.png"
)

95
app/api/routes/_system.py
View File

@ -1,95 +0,0 @@
import json
import subprocess
from datetime import datetime
from base58 import b58encode, b58decode
from sanic import response
from app.core.models.node_storage import StoredContent
from app.core._blockchain.ton.platform import platform
from app.core._crypto.signer import Signer
from app.core._secrets import hot_pubkey, service_wallet, hot_seed
from app.core.logger import make_log
def get_git_info():
branch_name = subprocess.check_output(["git", "branch", "--show-current"]).decode('utf-8').strip()
commit_hash = subprocess.check_output(["git", "rev-parse", "HEAD"]).decode('utf-8').strip()
return branch_name, commit_hash
async def s_api_v1_node(request): # /api/v1/node
last_known_index = request.ctx.db_session.query(StoredContent).filter(
StoredContent.onchain_index != None
).order_by(StoredContent.onchain_index.desc()).first()
last_known_index = last_known_index.onchain_index if last_known_index else 0
last_known_index = max(last_known_index, 0)
return response.json({
'id': b58encode(hot_pubkey).decode(),
'node_address': service_wallet.address.to_string(1, 1, 1),
'master_address': platform.address.to_string(1, 1, 1),
'indexer_height': last_known_index,
'services': {
service_key: {
'status': (service['status'] if (service['timestamp'] and (datetime.now() - service['timestamp']).total_seconds() < 30) else 'not working: timeout'),
'delay': round((datetime.now() - service['timestamp']).total_seconds(), 3) if service['timestamp'] else -1,
}
for service_key, service in request.app.ctx.memory.known_states.items()
}
})
async def s_api_v1_node_friendly(request):
last_known_index = request.ctx.db_session.query(StoredContent).filter(
StoredContent.onchain_index != None
).order_by(StoredContent.onchain_index.desc()).first()
last_known_index = last_known_index.onchain_index if last_known_index else 0
last_known_index = max(last_known_index, 0)
response_plain_text = f"""
Node address: {service_wallet.address.to_string(1, 1, 1)}
Node ID: {b58encode(hot_pubkey).decode()}
Master address: {platform.address.to_string(1, 1, 1)}
Indexer height: {last_known_index}
Services:
"""
for service_key, service in request.app.ctx.memory.known_states.items():
response_plain_text += f"""
{service_key}:
status: {service['status'] if (service['timestamp'] and (datetime.now() - service['timestamp']).total_seconds() < 120) else 'not working: timeout'}
delay: {round((datetime.now() - service['timestamp']).total_seconds(), 3) if service['timestamp'] else -1}
"""
return response.text(response_plain_text, content_type='text/plain')
async def s_api_system_send_status(request):
if not request.json:
return response.json({'error': 'No data'}, status=400)
message = request.json.get('message', '')
signature = request.json.get('signature', '')
if not message or not signature:
return response.json({'error': 'No message or signature'}, status=400)
message = b58decode(message)
signer = Signer(hot_seed)
if not signer.verify(message, signature):
return response.json({'error': 'Invalid signature'}, status=400)
message = json.loads(message)
assert message.get('service') in request.app.ctx.memory.known_states, "Unknown service"
request.app.ctx.memory.known_states[
message['service']
] = {
'status': message['status'],
'timestamp': datetime.now(),
}
make_log("Health", f"Service {message['service']} status: {message['status']}", level='info')
return response.json({'message': 'Status received'})
async def s_api_system_version(request):
branch_name, commit_hash = get_git_info()
return response.json({
"codebase_hash": commit_hash,
"codebase_branch": branch_name,
})

8
app/api/routes/account.py
View File

@ -1,8 +0,0 @@
from sanic import response
async def s_api_v1_account_get(request):
if not request.ctx.user:
return response.json({"error": "User not found"}, status=400)
return response.json(request.ctx.user.json_format())

190
app/api/routes/auth.py
View File

@ -1,190 +0,0 @@
from datetime import datetime
from uuid import uuid4
from aiogram.utils.web_app import safe_parse_webapp_init_data
from sanic import response
from sqlalchemy import select, and_
from tonsdk.utils import Address
from app.core._config import TELEGRAM_API_KEY, CLIENT_TELEGRAM_API_KEY
from app.core.logger import make_log
from app.core.models import KnownKey, WalletConnection
from app.core.models.user import User
from pytonconnect.parsers import WalletInfo, Account, TonProof
async def s_api_v1_auth_twa(request):
auth_data = {}
for req_key in ['twa_data', 'ton_proof', 'ref_id']:
try:
auth_data[req_key] = request.json[req_key]
except:
auth_data[req_key] = None
twa_data = auth_data['twa_data']
valid_twa_data = False
for validation_api_key in [TELEGRAM_API_KEY, CLIENT_TELEGRAM_API_KEY]:
try:
twa_data = safe_parse_webapp_init_data(token=validation_api_key, init_data=twa_data)
assert twa_data
valid_twa_data = True
break
except:
pass
if not valid_twa_data:
make_log("auth", "Invalid TWA data", level="warning")
return response.json({"error": "Invalid TWA data"}, status=401)
known_user = request.ctx.db_session.query(User).filter(User.telegram_id == twa_data.user.id).first()
if not known_user:
new_user = User(
telegram_id=twa_data.user.id,
username=twa_data.user.username,
meta={
"first_name": twa_data.user.first_name,
"last_name": twa_data.user.last_name,
"photo_url": twa_data.user.photo_url
},
lang_code=twa_data.user.language_code,
last_use=datetime.now(),
created=datetime.now()
)
request.ctx.db_session.add(new_user)
request.ctx.db_session.commit()
known_user = request.ctx.db_session.query(User).filter(User.telegram_id == twa_data.user.id).first()
assert known_user, "User not created"
new_user_key = await known_user.create_api_token_v1(request.ctx.db_session, "USER_API_V1")
if auth_data['ton_proof']:
try:
wallet_info = WalletInfo()
auth_data['ton_proof']['account']['network'] = auth_data['ton_proof']['account']['chain']
wallet_info.account = Account.from_dict(auth_data['ton_proof']['account'])
wallet_info.ton_proof = TonProof.from_dict({'proof': auth_data['ton_proof']['ton_proof']})
connection_payload = auth_data['ton_proof']['ton_proof']['payload']
known_payload = (request.ctx.db_session.execute(select(KnownKey).where(KnownKey.seed == connection_payload))).scalars().first()
assert known_payload, "Unknown payload"
assert known_payload.meta['I_user_id'] == known_user.id, "Invalid user_id"
assert wallet_info.check_proof(connection_payload), "Invalid proof"
for known_connection in (request.ctx.db_session.execute(select(WalletConnection).where(
and_(
WalletConnection.user_id == known_user.id,
WalletConnection.network == 'ton'
)
))).scalars().all():
known_connection.invalidated = True
for other_connection in (request.ctx.db_session.execute(select(WalletConnection).where(
WalletConnection.wallet_address == Address(wallet_info.account.address).to_string(1, 1, 1)
))).scalars().all():
other_connection.invalidated = True
new_connection = WalletConnection(
user_id=known_user.id,
network='ton',
wallet_key='web2-client==1',
connection_id=connection_payload,
wallet_address=Address(wallet_info.account.address).to_string(1, 1, 1),
keys={
'ton_proof': auth_data['ton_proof']
},
meta={},
created=datetime.now(),
updated=datetime.now(),
invalidated=False,
without_pk=False
)
request.ctx.db_session.add(new_connection)
request.ctx.db_session.commit()
except BaseException as e:
make_log("auth", f"Invalid ton_proof: {e}", level="warning")
return response.json({"error": "Invalid ton_proof"}, status=400)
ton_connection = (request.ctx.db_session.execute(select(WalletConnection).where(
and_(
WalletConnection.user_id == known_user.id,
WalletConnection.network == 'ton',
WalletConnection.invalidated == False
)
).order_by(WalletConnection.created.desc()))).scalars().first()
known_user.last_use = datetime.now()
request.ctx.db_session.commit()
return response.json({
'user': known_user.json_format(),
'connected_wallet': ton_connection.json_format() if ton_connection else None,
'auth_v1_token': new_user_key['auth_v1_token']
})
async def s_api_v1_auth_me(request):
if not request.ctx.user:
return response.json({"error": "Unauthorized"}, status=401)
ton_connection = (request.ctx.db_session.execute(
select(WalletConnection).where(
and_(
WalletConnection.user_id == request.ctx.user.id,
WalletConnection.network == 'ton',
WalletConnection.invalidated == False
)
).order_by(WalletConnection.created.desc())
)).scalars().first()
return response.json({
'user': request.ctx.user.json_format(),
'connected_wallet': ton_connection.json_format() if ton_connection else None
})
async def s_api_v1_auth_select_wallet(request):
if not request.ctx.user:
return response.json({"error": "Unauthorized"}, status=401)
try:
data = request.json
except Exception as e:
return response.json({"error": "Invalid JSON"}, status=400)
if "wallet_address" not in data:
return response.json({"error": "wallet_address is required"}, status=400)
# Convert raw wallet address to canonical format using Address from tonsdk.utils
raw_addr = data["wallet_address"]
canonical_address = Address(raw_addr).to_string(1, 1, 1)
db_session = request.ctx.db_session
user = request.ctx.user
# Check if a WalletConnection already exists for this user with the given canonical wallet address
existing_connection = db_session.query(WalletConnection).filter(
WalletConnection.user_id == user.id,
WalletConnection.wallet_address == canonical_address
).first()
if not existing_connection:
return response.json({"error": "Wallet connection not found"}, status=404)
saved_values = {
'keys': existing_connection.keys,
'meta': existing_connection.meta,
'wallet_key': existing_connection.wallet_key,
'connection_id': existing_connection.connection_id + uuid4().hex,
'network': existing_connection.network,
}
new_connection = WalletConnection(
**saved_values,
user_id=user.id,
wallet_address=canonical_address,
created=datetime.now(),
updated=datetime.now(),
invalidated=False,
without_pk=False
)
db_session.add(new_connection)
db_session.commit()
return response.empty(status=200)

280
app/api/routes/content.py
View File

@ -1,280 +0,0 @@
from datetime import datetime, timedelta
from sanic import response
from aiogram import Bot, types
from sqlalchemy import and_
from app.core.logger import make_log
from app.core.models._config import ServiceConfig
from app.core.models.node_storage import StoredContent
from app.core.models.keys import KnownKey
from app.core.models import StarsInvoice
from app.core.models.content.user_content import UserContent
from app.core._config import CLIENT_TELEGRAM_API_KEY, PROJECT_HOST
import json
import uuid
async def s_api_v1_content_list(request):
offset = int(request.args.get('offset', 0))
limit = int(request.args.get('limit', 100))
assert 0 <= offset, "Invalid offset"
assert 0 < limit <= 1000, "Invalid limit"
store = request.args.get('store', 'local')
assert store in ('local', 'onchain'), "Invalid store"
content_list = request.ctx.db_session.query(StoredContent).filter(
StoredContent.type.like(store + '%'),
StoredContent.disabled == False
).order_by(StoredContent.created.desc()).offset(offset).limit(limit)
make_log("Content", f"Listed {content_list.count()} contents", level='info')
result = {}
for content in content_list.all():
content_json = content.json_format()
result[content_json["cid"]] = content_json
return response.json(result)
async def s_api_v1_content_view(request, content_address: str):
# content_address can be CID or TON address
license_exist = request.ctx.db_session.query(UserContent).filter_by(
onchain_address=content_address,
).first()
if license_exist:
content_address = license_exist.content.cid.serialize_v2()
r_content = StoredContent.from_cid(request.ctx.db_session, content_address)
content = r_content.open_content(request.ctx.db_session)
opts = {
'content_type': content['content_type'], # возможно с ошибками, нужно переделать на ffprobe
'content_address': content['encrypted_content'].meta.get('item_address', '')
}
if content['encrypted_content'].key_id:
known_key = request.ctx.db_session.query(KnownKey).filter(
KnownKey.id == content['encrypted_content'].key_id
).first()
if known_key:
opts['key_hash'] = known_key.seed_hash # нахер не нужно на данный момент
# чисто болванки, заполнение дальше
opts['have_licenses'] = []
opts['invoice'] = None
have_access = False
if request.ctx.user:
user_wallet_address = request.ctx.user.wallet_address(request.ctx.db_session)
have_access = (
(content['encrypted_content'].owner_address == user_wallet_address)
or bool(request.ctx.db_session.query(UserContent).filter_by(owner_address=user_wallet_address, status='active',
content_id=content['encrypted_content'].id).first()) \
or bool(request.ctx.db_session.query(StarsInvoice).filter(
and_(
StarsInvoice.user_id == request.ctx.user.id,
StarsInvoice.content_hash == content['encrypted_content'].hash,
StarsInvoice.paid == True
)
).first())
)
if not have_access:
current_star_rate = ServiceConfig(request.ctx.db_session).get('live_tonPerStar', [0, 0])[0]
if current_star_rate < 0:
current_star_rate = 0.00000001
stars_cost = int(int(content['encrypted_content'].meta['license']['resale']['price']) / 1e9 / current_star_rate * 1.2)
if request.ctx.user.telegram_id in [5587262915, 6861699286]:
stars_cost = 2
invoice_id = f"access_{uuid.uuid4().hex}"
exist_invoice = request.ctx.db_session.query(StarsInvoice).filter(
and_(
StarsInvoice.user_id == request.ctx.user.id,
StarsInvoice.created > datetime.now() - timedelta(minutes=25),
StarsInvoice.amount == stars_cost,
StarsInvoice.content_hash == content['encrypted_content'].hash,
)
).first()
if exist_invoice:
invoice_url = exist_invoice.invoice_url
else:
invoice_url = None
try:
invoice_url = await Bot(token=CLIENT_TELEGRAM_API_KEY).create_invoice_link(
'Неограниченный доступ к контенту',
'Неограниченный доступ к контенту',
invoice_id, "XTR",
[
types.LabeledPrice(label='Lifetime access', amount=stars_cost),
], provider_token = ''
)
request.ctx.db_session.add(
StarsInvoice(
external_id=invoice_id,
type='access',
amount=stars_cost,
user_id=request.ctx.user.id,
content_hash=content['encrypted_content'].hash,
invoice_url=invoice_url
)
)
request.ctx.db_session.commit()
except BaseException as e:
make_log("Content", f"Can't create invoice link: {e}", level='warning')
if invoice_url:
opts['invoice'] = {
'url': invoice_url,
'amount': stars_cost,
}
display_options = {
'content_url': None,
}
if have_access:
opts['have_licenses'].append('listen')
converted_content = content['encrypted_content'].meta.get('converted_content')
if converted_content:
user_content_option = 'low_preview'
if have_access:
user_content_option = 'low' # TODO: подключать high если человек внезапно меломан
converted_content = request.ctx.db_session.query(StoredContent).filter(
StoredContent.hash == converted_content[user_content_option]
).first()
if converted_content:
display_options['content_url'] = converted_content.web_url
opts['content_ext'] = converted_content.filename.split('.')[-1]
content_meta = content['encrypted_content'].json_format()
content_metadata = StoredContent.from_cid(request.ctx.db_session, content_meta.get('metadata_cid') or None)
with open(content_metadata.filepath, 'r') as f:
content_metadata_json = json.loads(f.read())
display_options['metadata'] = content_metadata_json
opts['downloadable'] = content_metadata_json.get('downloadable', False)
if opts['downloadable']:
if not ('listen' in opts['have_licenses']):
opts['downloadable'] = False
return response.json({
**opts,
'encrypted': content['encrypted_content'].json_format(),
'display_options': display_options,
})
async def s_api_v1_content_friendly_list(request):
# return html table with content list. bootstrap is used
result = """
<html>
<head>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" crossorigin="anonymous">
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-YvpcrYf0tY3lHB60NNkmXc5s9fDVZLESaAA55NDzOxhy9GkcIdslK1eN7N6jIeHz" crossorigin="anonymous"></script>
</head>
<body>
<table class="table table-striped">
<thead>
<tr>
<th>CID</th>
<th>Title</th>
<th>Onchain</th>
<th>Preview link</th>
</tr>
</thead>
"""
for content in request.ctx.db_session.query(StoredContent).filter(
StoredContent.type == 'onchain/content'
).all():
if not content.meta.get('metadata_cid'):
make_log("Content", f"Content {content.cid.serialize_v2()} has no metadata", level='warning')
continue
metadata_content = StoredContent.from_cid(request.ctx.db_session, content.meta.get('metadata_cid'))
with open(metadata_content.filepath, 'r') as f:
metadata = json.loads(f.read())
preview_link = None
if content.meta.get('converted_content'):
preview_link = f"{PROJECT_HOST}/api/v1.5/storage/{content.meta['converted_content']['low_preview']}"
result += f"""
<tr>
<td>{content.cid.serialize_v2()}</td>
<td>{metadata.get('name', "")}</td>
<td>{content.meta.get('item_address')}</td>
<td>""" + (f'<a href="{preview_link}">Preview</a>' if preview_link else "not ready") + """</td>
</tr>
"""
result += """
</table>
</body>
</html>
"""
return response.html(result)
async def s_api_v1_5_content_list(request):
# Validate offset and limit parameters
offset = int(request.args.get('offset', 0))
limit = int(request.args.get('limit', 100))
if offset < 0:
return response.json({'error': 'Invalid offset'}, status=400)
if limit <= 0 or limit > 1000:
return response.json({'error': 'Invalid limit'}, status=400)
# Query onchain contents which are not disabled
contents = request.ctx.db_session.query(StoredContent).filter(
StoredContent.type == 'onchain/content',
StoredContent.disabled == False
).order_by(StoredContent.created.desc()).offset(offset).limit(limit).all()
result = []
for content in contents:
# Retrieve metadata content using metadata_cid from content.meta
metadata_cid = content.meta.get('metadata_cid')
if not metadata_cid:
continue # Skip if no metadata_cid is found
metadata_content = StoredContent.from_cid(request.ctx.db_session, metadata_cid)
try:
with open(metadata_content.filepath, 'r') as f:
metadata = json.load(f)
except Exception as e:
metadata = {}
media_type = 'audio'
# Get title from metadata (key 'name')
title = metadata.get('name', '')
# Build preview link if converted_content exists and contains 'low_preview'
preview_link = None
converted_content = content.meta.get('converted_content')
if converted_content:
converted_content = request.ctx.db_session.query(StoredContent).filter(
StoredContent.hash == converted_content['low_preview']
).first()
preview_link = converted_content.web_url
if converted_content.filename.split('.')[-1] in ('mp4', 'mov'):
media_type = 'video'
else:
preview_link = None
# Get onchain address from content.meta
onchain_address = content.meta.get('item_address', '')
result.append({
'cid': content.cid.serialize_v2(),
'onchain_address': onchain_address,
'type': media_type,
'title': title,
'preview_link': preview_link,
'created_at': content.created.isoformat() # ISO 8601 format for datetime
})
return response.json(result)

176
app/api/routes/content_access_routes.py Normal file
View File

@ -0,0 +1,176 @@
from __future__ import annotations
import logging
from typing import Any, Dict, Optional
from fastapi import APIRouter, HTTPException, Query, Request
from fastapi.responses import StreamingResponse, JSONResponse
from app.core.access.content_access_manager import ContentAccessManager
from app.core._blockchain.ton.nft_license_manager import NFTLicenseManager
logger = logging.getLogger(__name__)
router = APIRouter(prefix="/api/content", tags=["content-access"])
def _json_ok(data: Dict[str, Any]) -> JSONResponse:
return JSONResponse({"success": True, "data": data})
@router.post("/request-access")
async def request_access(body: Dict[str, Any]):
"""
POST /api/content/request-access
Тело:
{
"content_id": "sha256...",
"ton_proof": {
"address": "...", "public_key": "...", "timestamp": 0,
"domain_val": "...", "domain_len": 0, "payload": "...", "signature": "..."
},
"nft_address": "EQ...." (optional),
"token_ttl_sec": 600 (optional)
}
Ответ:
{"success": true, "data": {"token": "...", "expires_at": 0, "owner_address": "...", "nft_item": {...}}}
"""
try:
content_id = body.get("content_id")
ton_proof = body.get("ton_proof") or {}
nft_address = body.get("nft_address")
token_ttl_sec = body.get("token_ttl_sec")
if not content_id:
raise HTTPException(status_code=400, detail="content_id is required")
if not ton_proof:
raise HTTPException(status_code=400, detail="ton_proof is required")
mgr = ContentAccessManager(nft_manager=NFTLicenseManager())
ok, err, payload = await mgr.grant_access(
ton_proof=ton_proof,
content_id=content_id,
nft_address=nft_address,
token_ttl_sec=token_ttl_sec,
)
if not ok:
raise HTTPException(status_code=403, detail=err or "Access denied")
return _json_ok(payload)
except HTTPException:
raise
except Exception as e:
logger.exception("request_access failed")
raise HTTPException(status_code=500, detail=str(e))
@router.post("/verify-license")
async def verify_license(body: Dict[str, Any]):
"""
POST /api/content/verify-license
Тело:
{
"content_id": "sha256...",
"ton_proof": { ... as above ... },
"nft_address": "EQ...." (optional)
}
Ответ:
{"success": true, "data": {"valid": true, "owner_address": "...", "nft_item": {...}}}
"""
try:
content_id = body.get("content_id")
ton_proof = body.get("ton_proof") or {}
nft_address = body.get("nft_address")
if not content_id:
raise HTTPException(status_code=400, detail="content_id is required")
if not ton_proof:
raise HTTPException(status_code=400, detail="ton_proof is required")
nft_mgr = NFTLicenseManager()
ok, err, nft_item = await nft_mgr.check_license_validity(
ton_proof=ton_proof, content_id=content_id, nft_address=nft_address
)
if not ok:
return _json_ok({"valid": False, "error": err})
# Извлечем адрес владельца для удобства клиента
owner_address = None
try:
# небольшой импорт без цикла, чтобы не тянуть все сверху
from app.core.access.content_access_manager import nft_proof_owner # noqa
owner_address = nft_proof_owner(ton_proof)
except Exception:
owner_address = None
return _json_ok({"valid": True, "owner_address": owner_address, "nft_item": nft_item})
except HTTPException:
raise
except Exception as e:
logger.exception("verify_license failed")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/stream/{content_id}")
async def stream_content(
request: Request,
content_id: str,
token: str = Query(..., description="Временный токен, полученный через /request-access"),
):
"""
GET /api/content/stream/{content_id}?token=...
Возвращает поток расшифрованного контента при валидном временном токене.
Примечание:
- Здесь требуется провайдер ключа контента (content_key_provider), который по content_id вернет 32-байтовый ключ.
В текущем сервисе ключ не выдается из NFT, он хранится в ноде/сети вне блокчейна и не возвращается клиенту.
- В данном роуте показан каркас: откуда читать зашифрованные данные (encrypted_obj) зависит от вашей БД/фс.
"""
try:
mgr = ContentAccessManager()
# Заглушка чтения зашифрованного объекта контента.
# Здесь нужно интегрировать фактическое хранилище, например БД/файловую систему, и извлечь объект,
# совместимый с ContentCipher.decrypt_content входом.
# Формат encrypted_obj:
# {
# "ciphertext_b64": "...",
# "nonce_b64": "...",
# "tag_b64": "...",
# "metadata": {...},
# "content_id": "sha256..."
# }
encrypted_obj: Optional[Dict[str, Any]] = None
if not encrypted_obj:
raise HTTPException(status_code=404, detail="Encrypted content not found")
# Провайдер ключа шифрования по content_id — внедрите вашу реализацию
def content_key_provider(cid: str) -> bytes:
# Должен вернуть 32-байтовый ключ (из secure-хранилища узла)
# raise NotImplementedError / или извлечение из KMS/базы
raise HTTPException(status_code=501, detail="content_key_provider is not configured")
ok, err, pt = mgr.decrypt_for_stream(
encrypted_obj=encrypted_obj,
content_key_provider=content_key_provider,
token=token,
content_id=content_id,
associated_data=None,
)
if not ok or pt is None:
raise HTTPException(status_code=403, detail=err or "Access denied")
async def stream_bytes():
# Простейшая потоковая отдача всего буфера.
# Для больших данных отдавайте чанками.
yield pt
# Тип контента может определяться по metadata или по хранимому mime-type
return StreamingResponse(stream_bytes(), media_type="application/octet-stream")
except HTTPException:
raise
except Exception as e:
logger.exception("stream_content failed")
raise HTTPException(status_code=500, detail=str(e))

146
app/api/routes/converter_routes.py Normal file
View File

@ -0,0 +1,146 @@
from __future__ import annotations
import asyncio
import logging
import os
import uuid
from typing import Optional, List, Dict, Any
from fastapi import APIRouter, UploadFile, File, Form, HTTPException, Query
from fastapi.responses import JSONResponse, FileResponse
from app.core.converter.conversion_manager import ConversionManager
from app.core.models.converter.conversion_models import (
ContentMetadata,
ConversionPriority,
ConversionStatus,
)
router = APIRouter(prefix="/api/converter", tags=["converter"])
logger = logging.getLogger(__name__)
# Глобальный singleton менеджера (можно заменить DI контейнером)
_conversion_manager: Optional[ConversionManager] = None
def get_manager() -> ConversionManager:
global _conversion_manager
if _conversion_manager is None:
_conversion_manager = ConversionManager()
return _conversion_manager
@router.post("/submit")
async def submit_conversion(
file: UploadFile = File(...),
title: str = Form(...),
description: Optional[str] = Form(None),
author: Optional[str] = Form(None),
collection: Optional[str] = Form(None),
tags: Optional[str] = Form(None), # CSV
language: Optional[str] = Form(None),
explicit: Optional[bool] = Form(None),
quality: str = Form("high"), # "high" | "low"
input_ext: Optional[str] = Form(None), # если неизвестно — попытаемся из файла
priority: int = Form(50),
trim: Optional[str] = Form(None),
custom: Optional[str] = Form(None), # произвольные ffmpeg-параметры через пробел
):
"""
Принимает файл и ставит задачу конвертации в очередь.
Возвращает task_id.
"""
try:
# Сохраняем входной файл во временное хранилище uploader-bot
uploads_dir = "uploader-bot/uploader-bot/data/uploads"
os.makedirs(uploads_dir, exist_ok=True)
input_name = file.filename or f"upload-{uuid.uuid4().hex}"
local_path = os.path.join(uploads_dir, input_name)
with open(local_path, "wb") as f:
f.write(await file.read())
# Определяем расширение, если не передано
in_ext = input_ext or os.path.splitext(input_name)[1].lstrip(".").lower() or "bin"
# Метаданные
md = ContentMetadata(
title=title,
description=description,
author=author,
collection=collection,
tags=[t.strip() for t in (tags.split(","))] if tags else [],
language=language,
explicit=explicit,
attributes={},
)
prio = ConversionPriority.NORMAL
try:
# нормализуем диапазон int -> enum
p_int = int(priority)
if p_int >= ConversionPriority.CRITICAL:
prio = ConversionPriority.CRITICAL
elif p_int >= ConversionPriority.HIGH:
prio = ConversionPriority.HIGH
elif p_int >= ConversionPriority.NORMAL:
prio = ConversionPriority.NORMAL
else:
prio = ConversionPriority.LOW
except Exception:
pass
custom_list: List[str] = []
if custom:
# Разбиваем по пробелам, без сложного парсинга
custom_list = [c for c in custom.split(" ") if c]
manager = get_manager()
task_id = await manager.process_upload(
local_input_path=local_path,
input_ext=in_ext,
quality="high" if quality == "high" else "low",
metadata=md,
priority=prio,
custom=custom_list,
trim=trim,
)
return JSONResponse({"task_id": task_id})
except Exception as e:
logger.exception("submit_conversion failed: %s", e)
raise HTTPException(status_code=500, detail=str(e))
@router.get("/status/{task_id}")
async def get_status(task_id: str):
"""
Возвращает статус задачи.
"""
try:
manager = get_manager()
status = await manager.get_conversion_status(task_id)
return JSONResponse({"task_id": task_id, "status": status.value})
except Exception as e:
logger.exception("get_status failed: %s", e)
raise HTTPException(status_code=500, detail=str(e))
@router.get("/result/{task_id}")
async def get_result(task_id: str):
"""
Возвращает результат задачи с content_id, чанками и nft метаданными.
"""
try:
manager = get_manager()
res = await manager.handle_conversion_result(task_id)
if not res:
# если задача всё ещё идёт/в очереди
status = await manager.get_conversion_status(task_id)
if status in (ConversionStatus.QUEUED, ConversionStatus.RUNNING):
return JSONResponse({"task_id": task_id, "status": status.value})
raise HTTPException(status_code=404, detail="result not ready")
return JSONResponse(res.to_dict())
except Exception as e:
logger.exception("get_result failed: %s", e)
raise HTTPException(status_code=500, detail=str(e))

844
app/api/routes/monitor_routes.py Normal file
View File

@ -0,0 +1,844 @@
"""
Advanced monitoring routes for MY Network
"""
import asyncio
import psutil
import time
from datetime import datetime
from typing import Dict, List, Any
from fastapi import APIRouter, WebSocket, WebSocketDisconnect, Request
from fastapi.responses import HTMLResponse
import json
import logging
logger = logging.getLogger(__name__)
router = APIRouter(prefix="/api/my/monitor", tags=["monitoring"])
# Store connected websocket clients
connected_clients: List[WebSocket] = []
# Simulated network nodes data
network_nodes = [
{
"id": "node_001_local_dev",
"name": "Primary Development Node",
"status": "online",
"location": "Local Development",
"uptime": "2h 15m",
"connections": 8,
"data_synced": "95%",
"last_seen": datetime.now().isoformat(),
"ip": "127.0.0.1:15100",
"version": "2.0.0"
},
{
"id": "node_002_production",
"name": "Production Node Alpha",
"status": "online",
"location": "Cloud Server US-East",
"uptime": "15d 8h",
"connections": 42,
"data_synced": "100%",
"last_seen": datetime.now().isoformat(),
"ip": "198.51.100.10:15100",
"version": "2.0.0"
},
{
"id": "node_003_backup",
"name": "Backup Node Beta",
"status": "maintenance",
"location": "Cloud Server EU-West",
"uptime": "3d 2h",
"connections": 0,
"data_synced": "78%",
"last_seen": datetime.now().isoformat(),
"ip": "203.0.113.20:15100",
"version": "1.9.8"
},
{
"id": "node_004_edge",
"name": "Edge Node Gamma",
"status": "connecting",
"location": "CDN Edge Node",
"uptime": "12m",
"connections": 3,
"data_synced": "12%",
"last_seen": datetime.now().isoformat(),
"ip": "192.0.2.30:15100",
"version": "2.0.0"
}
]
@router.get("/")
async def advanced_monitoring_dashboard():
"""Serve the advanced monitoring dashboard"""
dashboard_html = """
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>MY Network - Advanced Monitor</title>
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
background: #000;
color: #00ff00;
font-family: 'Courier New', monospace;
overflow-x: hidden;
min-height: 100vh;
}
.matrix-bg {
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
z-index: -1;
opacity: 0.1;
}
.container {
padding: 20px;
max-width: 1400px;
margin: 0 auto;
position: relative;
z-index: 1;
}
.header {
text-align: center;
margin-bottom: 30px;
border: 2px solid #00ff00;
padding: 20px;
background: rgba(0, 0, 0, 0.8);
position: relative;
}
.header h1 {
font-size: 2.5rem;
text-shadow: 0 0 10px #00ff00;
animation: glow 2s ease-in-out infinite alternate;
}
.header .subtitle {
font-size: 1.2rem;
margin-top: 10px;
opacity: 0.8;
}
.stats-grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(300px, 1fr));
gap: 20px;
margin-bottom: 30px;
}
.stat-card {
border: 1px solid #00ff00;
padding: 20px;
background: rgba(0, 50, 0, 0.3);
position: relative;
overflow: hidden;
}
.stat-card::before {
content: '';
position: absolute;
top: 0;
left: -100%;
width: 100%;
height: 2px;
background: linear-gradient(90deg, transparent, #00ff00, transparent);
animation: scan 3s linear infinite;
}
.stat-title {
font-size: 1.1rem;
margin-bottom: 10px;
text-transform: uppercase;
}
.stat-value {
font-size: 2rem;
font-weight: bold;
text-shadow: 0 0 5px #00ff00;
}
.nodes-section {
margin-bottom: 30px;
}
.section-title {
font-size: 1.5rem;
margin-bottom: 20px;
border-bottom: 2px solid #00ff00;
padding-bottom: 10px;
text-transform: uppercase;
}
.nodes-grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(400px, 1fr));
gap: 20px;
}
.node-card {
border: 1px solid #00ff00;
padding: 20px;
background: rgba(0, 50, 0, 0.2);
position: relative;
transition: all 0.3s ease;
}
.node-card:hover {
background: rgba(0, 100, 0, 0.3);
box-shadow: 0 0 20px rgba(0, 255, 0, 0.3);
}
.node-header {
display: flex;
justify-content: space-between;
align-items: center;
margin-bottom: 15px;
}
.node-name {
font-size: 1.2rem;
font-weight: bold;
}
.node-status {
padding: 5px 10px;
border-radius: 3px;
font-size: 0.9rem;
text-transform: uppercase;
}
.status-online {
background: rgba(0, 255, 0, 0.3);
border: 1px solid #00ff00;
animation: pulse 2s infinite;
}
.status-maintenance {
background: rgba(255, 165, 0, 0.3);
border: 1px solid #ffa500;
color: #ffa500;
}
.status-connecting {
background: rgba(255, 255, 0, 0.3);
border: 1px solid #ffff00;
color: #ffff00;
animation: blink 1s infinite;
}
.node-details {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 10px;
font-size: 0.9rem;
}
.detail-item {
display: flex;
justify-content: space-between;
}
.detail-label {
opacity: 0.8;
}
.detail-value {
font-weight: bold;
}
.system-info {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
gap: 20px;
margin-bottom: 30px;
}
.info-card {
border: 1px solid #00ff00;
padding: 15px;
background: rgba(0, 30, 0, 0.4);
}
.info-title {
font-size: 1rem;
margin-bottom: 10px;
color: #00ff00;
text-transform: uppercase;
}
.info-content {
font-size: 0.9rem;
line-height: 1.4;
}
.terminal {
background: rgba(0, 0, 0, 0.9);
border: 2px solid #00ff00;
padding: 20px;
font-family: 'Courier New', monospace;
max-height: 300px;
overflow-y: auto;
}
.terminal-header {
margin-bottom: 15px;
color: #00ff00;
font-weight: bold;
}
.log-entry {
margin-bottom: 5px;
opacity: 0.8;
}
.log-timestamp {
color: #666;
}
.log-level-error {
color: #ff0000;
}
.log-level-warning {
color: #ffa500;
}
.log-level-info {
color: #00ff00;
}
@keyframes glow {
from { text-shadow: 0 0 10px #00ff00; }
to { text-shadow: 0 0 20px #00ff00, 0 0 30px #00ff00; }
}
@keyframes pulse {
0%, 100% { opacity: 1; }
50% { opacity: 0.5; }
}
@keyframes blink {
0%, 50% { opacity: 1; }
51%, 100% { opacity: 0.3; }
}
@keyframes scan {
0% { left: -100%; }
100% { left: 100%; }
}
.connection-indicator {
position: absolute;
top: 10px;
right: 10px;
width: 12px;
height: 12px;
border-radius: 50%;
background: #ff0000;
animation: pulse 1s infinite;
}
.connection-indicator.connected {
background: #00ff00;
}
.data-flow {
position: relative;
height: 20px;
background: rgba(0, 0, 0, 0.5);
border: 1px solid #00ff00;
margin: 10px 0;
overflow: hidden;
}
.data-flow::after {
content: '';
position: absolute;
top: 0;
left: 0;
height: 100%;
width: 0%;
background: linear-gradient(90deg, transparent, #00ff00, transparent);
animation: dataFlow 2s linear infinite;
}
@keyframes dataFlow {
0% { width: 0%; left: 0%; }
50% { width: 30%; }
100% { width: 0%; left: 100%; }
}
.matrix-text {
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
pointer-events: none;
overflow: hidden;
}
.matrix-char {
position: absolute;
color: #00ff00;
font-family: 'Courier New', monospace;
font-size: 14px;
opacity: 0.3;
animation: matrixFall 10s linear infinite;
}
@keyframes matrixFall {
0% { transform: translateY(-100vh); opacity: 0; }
10% { opacity: 0.3; }
90% { opacity: 0.3; }
100% { transform: translateY(100vh); opacity: 0; }
}
</style>
</head>
<body>
<div class="matrix-bg">
<div class="matrix-text" id="matrixText"></div>
</div>
<div class="container">
<div class="header">
<div class="connection-indicator" id="connectionIndicator"></div>
<h1>MY NETWORK ADVANCED MONITOR</h1>
<div class="subtitle">Real-time Network Status & Diagnostics</div>
</div>
<div class="stats-grid">
<div class="stat-card">
<div class="stat-title">Connected Nodes</div>
<div class="stat-value" id="connectedNodes">--</div>
<div class="data-flow"></div>
</div>
<div class="stat-card">
<div class="stat-title">System Uptime</div>
<div class="stat-value" id="systemUptime">--</div>
<div class="data-flow"></div>
</div>
<div class="stat-card">
<div class="stat-title">Data Synced</div>
<div class="stat-value" id="dataSynced">--</div>
<div class="data-flow"></div>
</div>
<div class="stat-card">
<div class="stat-title">Network Health</div>
<div class="stat-value" id="networkHealth">--</div>
<div class="data-flow"></div>
</div>
</div>
<div class="system-info">
<div class="info-card">
<div class="info-title">Current Node Info</div>
<div class="info-content" id="currentNodeInfo">Loading...</div>
</div>
<div class="info-card">
<div class="info-title">System Resources</div>
<div class="info-content" id="systemResources">Loading...</div>
</div>
<div class="info-card">
<div class="info-title">Network Status</div>
<div class="info-content" id="networkStatus">Loading...</div>
</div>
<div class="info-card">
<div class="info-title">Configuration Issues</div>
<div class="info-content" id="configIssues">Loading...</div>
</div>
</div>
<div class="nodes-section">
<div class="section-title">Connected Network Nodes</div>
<div class="nodes-grid" id="nodesGrid">
<!-- Nodes will be populated here -->
</div>
</div>
<div class="terminal">
<div class="terminal-header">SYSTEM LOG STREAM</div>
<div id="logStream">
<div class="log-entry">
<span class="log-timestamp">[2025-07-09 14:04:00]</span>
<span class="log-level-info">[INFO]</span>
MY Network Monitor initialized successfully
</div>
<div class="log-entry">
<span class="log-timestamp">[2025-07-09 14:04:01]</span>
<span class="log-level-info">[INFO]</span>
WebSocket connection established
</div>
</div>
</div>
</div>
<script>
let ws = null;
let reconnectAttempts = 0;
const maxReconnectAttempts = 5;
// Matrix rain effect
function createMatrixRain() {
const matrixText = document.getElementById('matrixText');
const chars = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
setInterval(() => {
const char = document.createElement('div');
char.className = 'matrix-char';
char.textContent = chars[Math.floor(Math.random() * chars.length)];
char.style.left = Math.random() * 100 + '%';
char.style.animationDuration = (Math.random() * 10 + 5) + 's';
char.style.fontSize = (Math.random() * 8 + 10) + 'px';
matrixText.appendChild(char);
setTimeout(() => {
if (char.parentNode) {
char.parentNode.removeChild(char);
}
}, 15000);
}, 200);
}
function connectWebSocket() {
const protocol = window.location.protocol === 'https:' ? 'wss:' : 'ws:';
const wsUrl = `${protocol}//${window.location.host}/api/my/monitor/ws`;
ws = new WebSocket(wsUrl);
ws.onopen = function() {
console.log('WebSocket connected');
document.getElementById('connectionIndicator').classList.add('connected');
reconnectAttempts = 0;
addLogEntry('WebSocket connection established', 'info');
};
ws.onmessage = function(event) {
const data = JSON.parse(event.data);
updateDashboard(data);
};
ws.onclose = function() {
console.log('WebSocket disconnected');
document.getElementById('connectionIndicator').classList.remove('connected');
addLogEntry('WebSocket connection lost', 'warning');
if (reconnectAttempts < maxReconnectAttempts) {
setTimeout(() => {
reconnectAttempts++;
addLogEntry(`Reconnection attempt ${reconnectAttempts}`, 'info');
connectWebSocket();
}, 3000);
}
};
ws.onerror = function(error) {
console.error('WebSocket error:', error);
addLogEntry('WebSocket error occurred', 'error');
};
}
function updateDashboard(data) {
// Update stats
document.getElementById('connectedNodes').textContent = data.stats.connected_nodes;
document.getElementById('systemUptime').textContent = data.stats.uptime;
document.getElementById('dataSynced').textContent = data.stats.data_synced;
document.getElementById('networkHealth').textContent = data.stats.health;
// Update current node info
const nodeInfo = data.current_node;
document.getElementById('currentNodeInfo').innerHTML = `
<strong>Node ID:</strong> ${nodeInfo.id}<br>
<strong>Name:</strong> ${nodeInfo.name}<br>
<strong>Version:</strong> ${nodeInfo.version}<br>
<strong>Status:</strong> ${nodeInfo.status}
`;
// Update system resources
const resources = data.system_resources;
document.getElementById('systemResources').innerHTML = `
<strong>CPU Usage:</strong> ${resources.cpu_usage}%<br>
<strong>Memory:</strong> ${resources.memory_usage}%<br>
<strong>Disk:</strong> ${resources.disk_usage}%<br>
<strong>Network I/O:</strong> ${resources.network_io}
`;
// Update network status
document.getElementById('networkStatus').innerHTML = `
<strong>Protocol:</strong> MY Network v2.0<br>
<strong>Port:</strong> 15100<br>
<strong>Mode:</strong> ${data.network_status.mode}<br>
<strong>Peer Count:</strong> ${data.network_status.peers}
`;
// Update configuration issues
const issues = data.config_issues;
let issuesHtml = '';
if (issues.length > 0) {
issuesHtml = issues.map(issue => ` ${issue}`).join('<br>');
} else {
issuesHtml = '<span style="color: #00ff00;">No configuration issues</span>';
}
document.getElementById('configIssues').innerHTML = issuesHtml;
// Update nodes grid
updateNodesGrid(data.nodes);
}
function updateNodesGrid(nodes) {
const grid = document.getElementById('nodesGrid');
grid.innerHTML = '';
nodes.forEach(node => {
const nodeCard = document.createElement('div');
nodeCard.className = 'node-card';
const statusClass = `status-${node.status}`;
nodeCard.innerHTML = `
<div class="node-header">
<div class="node-name">${node.name}</div>
<div class="node-status ${statusClass}">${node.status}</div>
</div>
<div class="node-details">
<div class="detail-item">
<span class="detail-label">Location:</span>
<span class="detail-value">${node.location}</span>
</div>
<div class="detail-item">
<span class="detail-label">Uptime:</span>
<span class="detail-value">${node.uptime}</span>
</div>
<div class="detail-item">
<span class="detail-label">Connections:</span>
<span class="detail-value">${node.connections}</span>
</div>
<div class="detail-item">
<span class="detail-label">Data Synced:</span>
<span class="detail-value">${node.data_synced}</span>
</div>
<div class="detail-item">
<span class="detail-label">IP Address:</span>
<span class="detail-value">${node.ip}</span>
</div>
<div class="detail-item">
<span class="detail-label">Version:</span>
<span class="detail-value">${node.version}</span>
</div>
</div>
`;
grid.appendChild(nodeCard);
});
}
function addLogEntry(message, level = 'info') {
const logStream = document.getElementById('logStream');
const timestamp = new Date().toISOString().slice(0, 19).replace('T', ' ');
const entry = document.createElement('div');
entry.className = 'log-entry';
entry.innerHTML = `
<span class="log-timestamp">[${timestamp}]</span>
<span class="log-level-${level}">[${level.toUpperCase()}]</span>
${message}
`;
logStream.appendChild(entry);
logStream.scrollTop = logStream.scrollHeight;
// Keep only last 50 entries
while (logStream.children.length > 50) {
logStream.removeChild(logStream.firstChild);
}
}
// Fallback data loading if WebSocket fails
function loadFallbackData() {
fetch('/api/my/monitor/status')
.then(response => response.json())
.then(data => updateDashboard(data))
.catch(error => {
console.error('Failed to load fallback data:', error);
addLogEntry('Failed to load monitoring data', 'error');
});
}
// Initialize
createMatrixRain();
connectWebSocket();
// Load fallback data every 5 seconds if WebSocket is not connected
setInterval(() => {
if (!ws || ws.readyState !== WebSocket.OPEN) {
loadFallbackData();
}
}, 5000);
// Add some random log entries for demo
setInterval(() => {
const messages = [
'Network heartbeat received',
'Data synchronization completed',
'Peer discovery scan finished',
'Security check passed',
'Cache optimization complete'
];
const message = messages[Math.floor(Math.random() * messages.length)];
addLogEntry(message, 'info');
}, 8000);
</script>
</body>
</html>
"""
return HTMLResponse(content=dashboard_html)
@router.get("/status")
async def get_monitoring_status():
"""Get current monitoring status data"""
import subprocess
import shutil
# Get system info
try:
cpu_percent = psutil.cpu_percent(interval=1)
memory = psutil.virtual_memory()
disk = psutil.disk_usage('/')
system_resources = {
"cpu_usage": round(cpu_percent, 1),
"memory_usage": round(memory.percent, 1),
"disk_usage": round(disk.percent, 1),
"network_io": "Active"
}
except Exception as e:
logger.error(f"Failed to get system resources: {e}")
system_resources = {
"cpu_usage": 0,
"memory_usage": 0,
"disk_usage": 0,
"network_io": "Unknown"
}
# Configuration issues from logs/environment
config_issues = [
"Pydantic validation errors in configuration",
"Extra environment variables not permitted",
"Telegram API token format validation failed",
"MY Network running in limited mode"
]
return {
"timestamp": datetime.now().isoformat(),
"stats": {
"connected_nodes": len([n for n in network_nodes if n["status"] == "online"]),
"uptime": "2h 18m",
"data_synced": "87%",
"health": "Limited"
},
"current_node": {
"id": "node_001_local_dev",
"name": "Primary Development Node",
"version": "2.0.0",
"status": "limited_mode"
},
"system_resources": system_resources,
"network_status": {
"mode": "Development",
"peers": 3,
"protocol": "MY Network v2.0"
},
"config_issues": config_issues,
"nodes": network_nodes
}
@router.websocket("/ws")
async def websocket_endpoint(websocket: WebSocket):
"""WebSocket endpoint for real-time monitoring updates"""
await websocket.accept()
connected_clients.append(websocket)
try:
while True:
# Send periodic updates
status_data = await get_monitoring_status()
await websocket.send_text(json.dumps(status_data))
await asyncio.sleep(2) # Update every 2 seconds
except WebSocketDisconnect:
connected_clients.remove(websocket)
logger.info("Client disconnected from monitoring WebSocket")
except Exception as e:
logger.error(f"WebSocket error: {e}")
if websocket in connected_clients:
connected_clients.remove(websocket)
@router.get("/nodes")
async def get_network_nodes():
"""Get list of all network nodes"""
return {"nodes": network_nodes}
@router.get("/node/{node_id}")
async def get_node_details(node_id: str):
"""Get detailed information about a specific node"""
node = next((n for n in network_nodes if n["id"] == node_id), None)
if not node:
return {"error": "Node not found"}, 404
# Add more detailed info
detailed_node = {
**node,
"detailed_stats": {
"cpu_usage": "23%",
"memory_usage": "67%",
"disk_usage": "45%",
"network_in": "150 KB/s",
"network_out": "89 KB/s",
"active_connections": 12,
"data_transferred": "1.2 GB",
"sync_progress": "87%"
},
"services": {
"http_server": "running",
"p2p_network": "limited",
"database": "connected",
"redis_cache": "connected",
"blockchain_sync": "paused"
}
}
return {"node": detailed_node}
@router.post("/simulate_event")
async def simulate_network_event(event_data: Dict[str, Any]):
"""Simulate network events for testing"""
# Broadcast event to all connected WebSocket clients
event_message = {
"type": "network_event",
"timestamp": datetime.now().isoformat(),
"event": event_data
}
for client in connected_clients[:]:
try:
await client.send_text(json.dumps(event_message))
except Exception as e:
logger.error(f"Failed to send event to client: {e}")
connected_clients.remove(client)
return {"status": "Event simulated", "clients_notified": len(connected_clients)}

379
app/api/routes/my_monitoring.py Normal file
View File

@ -0,0 +1,379 @@
"""MY Network Monitoring Interface - веб-интерфейс мониторинга сети в хакерском стиле."""
import asyncio
import json
import logging
from datetime import datetime, timedelta
from typing import Dict, List, Any
from fastapi import APIRouter, Request, HTTPException
from fastapi.responses import HTMLResponse
from fastapi.templating import Jinja2Templates
from pathlib import Path
logger = logging.getLogger(__name__)
# Создать router для мониторинга
router = APIRouter(prefix="/api/my/monitor", tags=["MY Network Monitoring"])
# Настроить шаблоны
templates_dir = Path(__file__).parent.parent.parent / "templates"
templates_dir.mkdir(exist_ok=True)
templates = Jinja2Templates(directory=str(templates_dir))
def get_node_service():
"""Получить сервис ноды."""
try:
from app.core.my_network.node_service import get_node_service
return get_node_service()
except Exception as e:
logger.error(f"Error getting node service: {e}")
return None
@router.get("/", response_class=HTMLResponse)
async def monitoring_dashboard(request: Request):
"""Главная страница мониторинга MY Network."""
try:
# Получить данные для дашборда
node_service = get_node_service()
if not node_service:
monitoring_data = {
"status": "offline",
"error": "MY Network service not available"
}
else:
# Собрать данные со всех компонентов
node_info = await node_service.get_node_info()
peers_info = await node_service.get_peers_info()
sync_status = await node_service.sync_manager.get_sync_status()
monitoring_data = {
"status": "online",
"node_info": node_info,
"peers_info": peers_info,
"sync_status": sync_status,
"timestamp": datetime.utcnow().isoformat()
}
return templates.TemplateResponse("my_network_monitor.html", {
"request": request,
"monitoring_data": monitoring_data
})
except Exception as e:
logger.error(f"Error rendering monitoring dashboard: {e}")
# Fallback HTML если шаблоны не работают
return HTMLResponse(content=generate_fallback_html(str(e)))
@router.get("/ascii")
async def get_ascii_status():
"""Получить ASCII статус сети."""
try:
node_service = get_node_service()
if not node_service:
return {"ascii": generate_offline_ascii(), "status": "offline"}
# Получить данные
node_info = await node_service.get_node_info()
peers_info = await node_service.get_peers_info()
sync_status = await node_service.sync_manager.get_sync_status()
# Генерировать ASCII
ascii_art = await generate_network_ascii(node_info, peers_info, sync_status)
return {
"ascii": ascii_art,
"status": "online",
"timestamp": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"Error generating ASCII status: {e}")
return {"ascii": generate_error_ascii(str(e)), "status": "error"}
@router.get("/live")
async def live_monitoring_data():
"""Получить живые данные для мониторинга."""
try:
node_service = get_node_service()
if not node_service:
raise HTTPException(status_code=503, detail="MY Network service unavailable")
# Получить свежие данные
node_info = await node_service.get_node_info()
peers_info = await node_service.get_peers_info()
sync_status = await node_service.sync_manager.get_sync_status()
# Статистика сети
network_stats = {
"connected_peers": peers_info["peer_count"],
"active_syncs": sync_status["active_syncs"],
"queue_size": sync_status["queue_size"],
"uptime": node_info["uptime"],
"status": node_info["status"]
}
return {
"success": True,
"data": {
"node_info": node_info,
"network_stats": network_stats,
"peers": peers_info["peers"][:10], # Показать только первые 10 пиров
"sync_status": sync_status
},
"timestamp": datetime.utcnow().isoformat()
}
except HTTPException:
raise
except Exception as e:
logger.error(f"Error getting live monitoring data: {e}")
raise HTTPException(status_code=500, detail=str(e))
async def generate_network_ascii(node_info: Dict[str, Any], peers_info: Dict[str, Any], sync_status: Dict[str, Any]) -> str:
"""Генерировать ASCII представление состояния сети."""
ascii_parts = []
# Заголовок
ascii_parts.append("""
MY NETWORK v2.0
Distributed Content Protocol
""")
# Информация о ноде
status_indicator = "🟢" if node_info.get("status") == "running" else "🔴"
uptime_hours = int(node_info.get("uptime", 0) / 3600)
ascii_parts.append(f"""
NODE STATUS
Node ID: {node_info.get('node_id', 'unknown')[:16]}...
Status: {status_indicator} {node_info.get('status', 'unknown').upper()}
Uptime: {uptime_hours}h {int((node_info.get('uptime', 0) % 3600) / 60)}m
Version: MY Network {node_info.get('version', '2.0')}
""")
# Информация о пирах
peer_count = peers_info.get("peer_count", 0)
peer_status = "🌐" if peer_count > 0 else "🏝️"
ascii_parts.append(f"""
NETWORK STATUS
Connected Peers: {peer_status} {peer_count:>3}
Known Nodes: {len(peers_info.get('peers', [])):>3}
Network Health: {'CONNECTED' if peer_count > 0 else 'ISOLATED':>9}
""")
# Статус синхронизации
sync_running = sync_status.get("is_running", False)
active_syncs = sync_status.get("active_syncs", 0)
queue_size = sync_status.get("queue_size", 0)
sync_indicator = "" if sync_running else "⏸️"
ascii_parts.append(f"""
SYNC STATUS
Sync Engine: {sync_indicator} {'RUNNING' if sync_running else 'STOPPED':>7}
Active Syncs: {active_syncs:>3}
Queue Size: {queue_size:>3}
Workers: {sync_status.get('workers_count', 0):>3}
""")
# Визуализация сети
if peer_count > 0:
ascii_parts.append(generate_network_topology(peers_info.get("peers", [])[:6]))
# Недавние события синхронизации
recent_syncs = sync_status.get("recent_syncs", [])
if recent_syncs:
ascii_parts.append(generate_sync_history(recent_syncs[-5:]))
# Подвал
current_time = datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S UTC")
ascii_parts.append(f"""
Last Updated: {current_time}
MY Network Protocol - Decentralized Content Distribution System
""")
return "".join(ascii_parts)
def generate_network_topology(peers: List[Dict[str, Any]]) -> str:
"""Генерировать ASCII топологию сети."""
topology = ["""
NETWORK TOPOLOGY
[THIS NODE]
"""]
if len(peers) == 1:
topology.append("│ │ │")
topology.append(f"│ [{peers[0].get('node_id', 'unknown')[:8]}...] │")
elif len(peers) <= 3:
topology.append("│ ┌───────┼───────┐ │")
for i, peer in enumerate(peers):
spaces = " " if i == 0 else (" " if i == 1 else " ")
topology.append(f"{spaces}[{peer.get('node_id', 'unknown')[:8]}...] │")
else:
topology.append("│ ┌───────┬───────┼───────┬───────┐ │")
topology.append("│ │ │ │ │ │ │")
for i, peer in enumerate(peers[:5]):
if i < 5:
spaces = [" ", " ", " ", " ", " "][i]
topology.append(f"{spaces}[{peer.get('node_id', 'unknown')[:6]}] │")
if len(peers) > 5:
topology.append("│ ... │")
topology.append("│ │")
topology.append("└──────────────────────────────────────────────────────────────────────────────┘")
return "\n".join(topology) + "\n"
def generate_sync_history(recent_syncs: List[Dict[str, Any]]) -> str:
"""Генерировать историю синхронизации."""
history = ["""
RECENT SYNC ACTIVITY """]
if not recent_syncs:
history.append("│ No recent sync activity │")
else:
for sync in recent_syncs:
content_hash = sync.get("content_hash", "unknown")[:12]
status = sync.get("status", "unknown")
status_icon = {"completed": "", "failed": "", "partial": "⚠️"}.get(status, "")
history.append(f"{status_icon} {content_hash}... - {status.upper():>9}")
history.append("└──────────────────────────────────────────────────────────────────────────────┘")
return "\n".join(history) + "\n"
def generate_offline_ascii() -> str:
"""Генерировать ASCII для офлайн состояния."""
return """
MY NETWORK v2.0
Distributed Content Protocol
SYSTEM STATUS
🔴 OFFLINE
MY Network service is not available
Status: OFFLINE - Service not initialized
"""
def generate_error_ascii(error_message: str) -> str:
"""Генерировать ASCII для ошибки."""
return f"""
MY NETWORK v2.0
Distributed Content Protocol
ERROR STATE
ERROR
{error_message[:64]:^64}
Status: ERROR - Check system logs for details
"""
def generate_fallback_html(error_message: str = "") -> str:
"""Генерировать fallback HTML если шаблоны не работают."""
return f'''
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>MY Network Monitor</title>
<style>
body {{
background: #000;
color: #0f0;
font-family: 'Courier New', monospace;
margin: 0;
padding: 20px;
overflow-x: auto;
}}
.container {{
max-width: 1200px;
margin: 0 auto;
}}
.ascii-art {{
white-space: pre;
font-size: 12px;
line-height: 1.2;
}}
.error {{
color: #f00;
text-align: center;
padding: 20px;
}}
.refresh-btn {{
background: #0f0;
color: #000;
border: none;
padding: 10px 20px;
font-family: inherit;
cursor: pointer;
margin: 20px 0;
}}
.refresh-btn:hover {{
background: #fff;
}}
</style>
</head>
<body>
<div class="container">
<div class="ascii-art">
{generate_error_ascii(error_message) if error_message else generate_offline_ascii()}
</div>
<button class="refresh-btn" onclick="location.reload()">REFRESH SYSTEM STATUS</button>
<div class="error">
{f"Error: {error_message}" if error_message else "MY Network service not available"}
</div>
</div>
<script>
// Автообновление каждые 30 секунд
setTimeout(() => location.reload(), 30000);
</script>
</body>
</html>
'''

653
app/api/routes/my_network_routes.py Normal file
View File

@ -0,0 +1,653 @@
"""MY Network API Routes - эндпоинты для работы с распределенной сетью."""
import asyncio
import logging
import json
from datetime import datetime
from pathlib import Path
from typing import Dict, List, Optional, Any
from fastapi import APIRouter, HTTPException, Depends, UploadFile, File, Query
from fastapi.responses import FileResponse, StreamingResponse
from sqlalchemy import select, and_, func
from sqlalchemy.ext.asyncio import AsyncSession
from app.core.database import db_manager
from app.core.security import get_current_user_optional
from app.core.cache import cache
# Import content models directly to avoid circular imports
from app.core.models.content_models import StoredContent as Content, UserContent as ContentMetadata
logger = logging.getLogger(__name__)
# Создать router для MY Network API
router = APIRouter(prefix="/api/my", tags=["MY Network"])
def get_node_service():
"""Получить сервис ноды."""
try:
from app.core.my_network.node_service import get_node_service
return get_node_service()
except Exception as e:
logger.error(f"Error getting node service: {e}")
raise HTTPException(status_code=503, detail="MY Network service unavailable")
@router.get("/node/info")
async def get_node_info():
"""Получить информацию о текущей ноде."""
try:
node_service = get_node_service()
if not node_service:
raise HTTPException(status_code=503, detail="Node service not available")
node_info = await node_service.get_node_info()
return {
"success": True,
"data": node_info,
"timestamp": datetime.utcnow().isoformat()
}
except HTTPException:
raise
except Exception as e:
logger.error(f"Error getting node info: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/node/peers")
async def get_node_peers():
"""Получить список подключенных пиров."""
try:
node_service = get_node_service()
peers_info = await node_service.get_peers_info()
return {
"success": True,
"data": {
"connected_peers": peers_info["connected_peers"],
"peer_count": peers_info["peer_count"],
"peers": peers_info["peers"]
},
"timestamp": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"Error getting peers: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.post("/node/peers/connect")
async def connect_to_peer(peer_data: Dict[str, Any]):
"""Подключиться к новому пиру."""
try:
peer_address = peer_data.get("address")
if not peer_address:
raise HTTPException(status_code=400, detail="Peer address is required")
node_service = get_node_service()
success = await node_service.peer_manager.connect_to_peer(peer_address)
if success:
return {
"success": True,
"message": f"Successfully connected to peer: {peer_address}",
"timestamp": datetime.utcnow().isoformat()
}
else:
raise HTTPException(status_code=400, detail="Failed to connect to peer")
except HTTPException:
raise
except Exception as e:
logger.error(f"Error connecting to peer: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.delete("/node/peers/{peer_id}")
async def disconnect_peer(peer_id: str):
"""Отключиться от пира."""
try:
node_service = get_node_service()
success = await node_service.peer_manager.disconnect_peer(peer_id)
if success:
return {
"success": True,
"message": f"Successfully disconnected from peer: {peer_id}",
"timestamp": datetime.utcnow().isoformat()
}
else:
raise HTTPException(status_code=404, detail="Peer not found or already disconnected")
except HTTPException:
raise
except Exception as e:
logger.error(f"Error disconnecting peer: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/content/list")
async def get_content_list(
limit: int = Query(100, ge=1, le=1000),
offset: int = Query(0, ge=0),
session: AsyncSession = Depends(get_db_session)
):
"""Получить список доступного контента."""
try:
# Кэшировать результат на 5 минут
cache_key = f"my_network:content_list:{limit}:{offset}"
cached_result = await cache.get(cache_key)
if cached_result:
return json.loads(cached_result)
# Получить контент из БД
stmt = (
select(Content, ContentMetadata)
.outerjoin(ContentMetadata, Content.id == ContentMetadata.content_id)
.where(Content.disabled == False)
.order_by(Content.created_at.desc())
.limit(limit)
.offset(offset)
)
result = await session.execute(stmt)
content_items = []
for content, metadata in result:
content_data = {
"hash": content.hash,
"filename": content.filename,
"file_size": content.file_size,
"content_type": content.content_type,
"mime_type": content.mime_type,
"created_at": content.created_at.isoformat(),
"encrypted": content.encrypted,
"metadata": metadata.to_dict() if metadata else {}
}
content_items.append(content_data)
# Получить общее количество
count_stmt = select(func.count(Content.id)).where(Content.disabled == False)
count_result = await session.execute(count_stmt)
total_count = count_result.scalar()
response_data = {
"success": True,
"data": {
"content": content_items,
"total": total_count,
"limit": limit,
"offset": offset
},
"timestamp": datetime.utcnow().isoformat()
}
# Кэшировать результат
await cache.set(cache_key, json.dumps(response_data), expire=300)
return response_data
except Exception as e:
logger.error(f"Error getting content list: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/content/{content_hash}/exists")
async def check_content_exists(
content_hash: str,
session: AsyncSession = Depends(get_db_session)
):
"""Проверить существование контента по хешу."""
try:
# Кэшировать результат на 30 минут
cache_key = f"my_network:content_exists:{content_hash}"
cached_result = await cache.get(cache_key)
if cached_result is not None:
return {"exists": cached_result == "true", "hash": content_hash}
# Проверить в БД
stmt = select(Content.id).where(
and_(
Content.disabled == False,
Content.hash == content_hash
)
)
result = await session.execute(stmt)
exists = result.scalar_one_or_none() is not None
# Кэшировать результат
await cache.set(cache_key, "true" if exists else "false", expire=1800)
return {
"exists": exists,
"hash": content_hash,
"timestamp": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"Error checking content existence: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/content/{content_hash}/metadata")
async def get_content_metadata(
content_hash: str,
session: AsyncSession = Depends(get_db_session)
):
"""Получить метаданные контента."""
try:
# Кэшировать результат на 10 минут
cache_key = f"my_network:content_metadata:{content_hash}"
cached_result = await cache.get(cache_key)
if cached_result:
return json.loads(cached_result)
# Найти контент в БД
stmt = (
select(Content, ContentMetadata)
.outerjoin(ContentMetadata, Content.id == ContentMetadata.content_id)
.where(
and_(
Content.disabled == False,
Content.hash == content_hash
)
)
)
result = await session.execute(stmt)
content_data = result.first()
if not content_data:
raise HTTPException(status_code=404, detail="Content not found")
content, metadata = content_data
response_data = {
"success": True,
"data": {
"hash": content_hash,
"filename": content.filename,
"file_size": content.file_size,
"content_type": content.content_type,
"mime_type": content.mime_type,
"created_at": content.created_at.isoformat(),
"updated_at": content.updated_at.isoformat() if content.updated_at else None,
"encrypted": content.encrypted,
"processing_status": content.processing_status,
"metadata": metadata.to_dict() if metadata else {}
},
"timestamp": datetime.utcnow().isoformat()
}
# Кэшировать результат
await cache.set(cache_key, json.dumps(response_data), expire=600)
return response_data
except HTTPException:
raise
except Exception as e:
logger.error(f"Error getting content metadata: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/content/{content_hash}/download")
async def download_content(
content_hash: str,
session: AsyncSession = Depends(get_db_session)
):
"""Скачать контент по хешу."""
try:
# Найти контент в БД
stmt = select(Content).where(
and_(
Content.disabled == False,
Content.hash == content_hash
)
)
result = await session.execute(stmt)
content = result.scalar_one_or_none()
if not content:
raise HTTPException(status_code=404, detail="Content not found")
# Проверить существование файла
file_path = Path(content.file_path)
if not file_path.exists():
raise HTTPException(status_code=404, detail="File not found on disk")
# Вернуть файл
return FileResponse(
path=str(file_path),
filename=content.filename,
media_type=content.mime_type or "application/octet-stream"
)
except HTTPException:
raise
except Exception as e:
logger.error(f"Error downloading content: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.post("/content/{content_hash}/upload")
async def upload_content(
content_hash: str,
file: UploadFile = File(...),
session: AsyncSession = Depends(get_db_session)
):
"""Загрузить контент в ноду."""
try:
# Проверить, не существует ли уже контент
exists_stmt = select(Content.id).where(
and_(
Content.disabled == False,
Content.hash == content_hash
)
)
exists_result = await session.execute(exists_stmt)
if exists_result.scalar_one_or_none():
return {
"success": True,
"message": "Content already exists",
"hash": content_hash
}
# Создать директорию для хранения
storage_path = Path("./storage/my-network/received")
storage_path.mkdir(parents=True, exist_ok=True)
# Сохранить файл
file_path = storage_path / f"{content_hash}_{file.filename}"
with open(file_path, "wb") as buffer:
content_data = await file.read()
buffer.write(content_data)
# Вычислить хеши для проверки
import hashlib
md5_hash = hashlib.md5(content_data).hexdigest()
sha256_hash = hashlib.sha256(content_data).hexdigest()
# Проверить соответствие хеша
if content_hash not in [md5_hash, sha256_hash]:
file_path.unlink() # Удалить файл
raise HTTPException(status_code=400, detail="Content hash mismatch")
# Сохранить в БД
new_content = Content(
filename=file.filename,
hash=sha256_hash, # Используем SHA256 как основной хеш
file_size=len(content_data),
content_type=file.filename.split('.')[-1] if '.' in file.filename else 'unknown',
mime_type=file.content_type or "application/octet-stream",
file_path=str(file_path),
disabled=False,
processing_status="ready"
)
session.add(new_content)
await session.commit()
logger.info(f"Successfully uploaded content {content_hash}")
return {
"success": True,
"message": "Content uploaded successfully",
"hash": content_hash,
"content_id": new_content.id,
"timestamp": datetime.utcnow().isoformat()
}
except HTTPException:
raise
except Exception as e:
logger.error(f"Error uploading content: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.post("/content/replicate")
async def replicate_content(replication_request: Dict[str, Any]):
"""Принять запрос на репликацию контента."""
try:
content_hash = replication_request.get("content_hash")
metadata = replication_request.get("metadata", {})
source_node = replication_request.get("source_node")
if not content_hash:
raise HTTPException(status_code=400, detail="Content hash is required")
# Проверить, нужна ли репликация
async with db_manager.get_session() as session:
exists_stmt = select(Content.id).where(
and_(
Content.disabled == False,
Content.hash == content_hash
)
)
exists_result = await session.execute(exists_stmt)
if exists_result.scalar_one_or_none():
return {
"success": True,
"message": "Content already exists, replication not needed",
"hash": content_hash
}
# Подготовить для репликации
logger.info(f"Accepting replication request for {content_hash} from {source_node}")
return {
"success": True,
"message": "Replication request accepted",
"hash": content_hash,
"ready_for_upload": True,
"timestamp": datetime.utcnow().isoformat()
}
except HTTPException:
raise
except Exception as e:
logger.error(f"Error processing replication request: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/sync/status")
async def get_sync_status():
"""Получить статус синхронизации."""
try:
node_service = get_node_service()
sync_status = await node_service.sync_manager.get_sync_status()
return {
"success": True,
"data": sync_status,
"timestamp": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"Error getting sync status: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.post("/sync/start")
async def start_network_sync():
"""Запустить синхронизацию с сетью."""
try:
node_service = get_node_service()
sync_result = await node_service.sync_manager.sync_with_network()
return {
"success": True,
"data": sync_result,
"timestamp": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"Error starting network sync: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/sync/content/{content_hash}")
async def get_content_sync_status(content_hash: str):
"""Получить статус синхронизации конкретного контента."""
try:
node_service = get_node_service()
sync_status = await node_service.sync_manager.get_content_sync_status(content_hash)
return {
"success": True,
"data": sync_status,
"timestamp": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"Error getting content sync status: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.post("/content/{content_hash}/replicate")
async def replicate_content_to_nodes(
content_hash: str,
replication_config: Dict[str, Any]
):
"""Реплицировать контент на указанные ноды."""
try:
target_nodes = replication_config.get("target_nodes", [])
if not target_nodes:
raise HTTPException(status_code=400, detail="Target nodes are required")
node_service = get_node_service()
replication_result = await node_service.sync_manager.replicate_content_to_nodes(
content_hash,
target_nodes
)
return {
"success": True,
"data": replication_result,
"timestamp": datetime.utcnow().isoformat()
}
except HTTPException:
raise
except Exception as e:
logger.error(f"Error replicating content: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/network/stats")
async def get_network_stats():
"""Получить статистику сети."""
try:
node_service = get_node_service()
# Получить информацию о ноде и пирах
node_info = await node_service.get_node_info()
peers_info = await node_service.get_peers_info()
sync_status = await node_service.sync_manager.get_sync_status()
# Статистика контента
async with db_manager.get_session() as session:
# Общее количество контента
content_count_stmt = select(func.count(Content.id)).where(Content.disabled == False)
content_count_result = await session.execute(content_count_stmt)
total_content = content_count_result.scalar()
# Размер контента
size_stmt = select(func.sum(Content.file_size)).where(Content.disabled == False)
size_result = await session.execute(size_stmt)
total_size = size_result.scalar() or 0
# Контент по типам
type_stmt = select(Content.content_type, func.count(Content.id)).where(Content.disabled == False).group_by(Content.content_type)
type_result = await session.execute(type_stmt)
content_by_type = {row[0]: row[1] for row in type_result}
network_stats = {
"node_info": {
"node_id": node_info["node_id"],
"uptime": node_info["uptime"],
"version": node_info["version"],
"status": node_info["status"]
},
"network": {
"connected_peers": peers_info["peer_count"],
"known_peers": len(peers_info["peers"]),
"network_health": "good" if peers_info["peer_count"] > 0 else "isolated"
},
"content": {
"total_items": total_content,
"total_size_bytes": total_size,
"total_size_mb": round(total_size / (1024 * 1024), 2),
"content_by_type": content_by_type
},
"sync": {
"active_syncs": sync_status["active_syncs"],
"queue_size": sync_status["queue_size"],
"is_running": sync_status["is_running"]
}
}
return {
"success": True,
"data": network_stats,
"timestamp": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"Error getting network stats: {e}")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/health")
async def health_check():
"""Проверка здоровья MY Network ноды."""
try:
node_service = get_node_service()
# Базовая проверка сервисов
health_status = {
"status": "healthy",
"timestamp": datetime.utcnow().isoformat(),
"services": {
"node_service": node_service is not None,
"peer_manager": hasattr(node_service, 'peer_manager') if node_service else False,
"sync_manager": hasattr(node_service, 'sync_manager') if node_service else False,
"database": True # Если дошли до этой точки, БД работает
}
}
# Проверить подключение к пирам
if node_service:
peers_info = await node_service.get_peers_info()
health_status["network"] = {
"connected_peers": peers_info["peer_count"],
"status": "connected" if peers_info["peer_count"] > 0 else "isolated"
}
# Определить общий статус
if not all(health_status["services"].values()):
health_status["status"] = "unhealthy"
elif node_service and peers_info["peer_count"] == 0:
health_status["status"] = "isolated"
return health_status
except Exception as e:
logger.error(f"Health check failed: {e}")
return {
"status": "unhealthy",
"error": str(e),
"timestamp": datetime.utcnow().isoformat()
}

266
app/api/routes/node_content_routes.py Normal file
View File

@ -0,0 +1,266 @@
from __future__ import annotations
import json
import logging
from datetime import datetime
from typing import Dict, Any, List, Optional
from fastapi import APIRouter, HTTPException, Request, Depends, status
from fastapi.responses import JSONResponse
from app.core.crypto import get_ed25519_manager
from app.core.content.chunk_manager import ChunkManager
from app.core.content.sync_manager import ContentSyncManager
from app.core.models.content.chunk import ContentChunk
from app.core.models.api.sync_models import (
ContentRequest,
ContentProvideResponse,
ContentStatusResponse,
ContentVerifyRequest,
)
from app.core.validation.content_validator import ContentValidator
from app.core.validation.integrity_checker import IntegrityChecker
from app.core.validation.trust_manager import TrustManager
from app.core.models.validation.validation_models import ContentSignature, ValidationResult
logger = logging.getLogger(__name__)
router = APIRouter(prefix="/api/node/content", tags=["node-content-sync"])
# Глобальные вспомогательные объекты (можно заменить DI при необходимости)
_trust_manager = TrustManager()
_content_validator = ContentValidator()
_integrity_checker = IntegrityChecker()
async def _verify_inter_node_request(request: Request) -> Dict[str, Any]:
"""
Проверка заголовков и Ed25519 подписи межузлового запроса.
Используем ту же схему заголовков, что и в fastapi_node_routes.
Дополнительно первичная фильтрация по доверию ноды (blacklist/override/score).
"""
required_headers = ["x-node-communication", "x-node-id", "x-node-public-key", "x-node-signature"]
for header in required_headers:
if header not in request.headers:
logger.warning("Missing header on inter-node request: %s", header)
raise HTTPException(status_code=400, detail=f"Missing required header: {header}")
if request.headers.get("x-node-communication") != "true":
raise HTTPException(status_code=400, detail="Not a valid inter-node communication")
body = await request.body()
if not body:
raise HTTPException(status_code=400, detail="Empty message body")
try:
message_data = json.loads(body.decode("utf-8"))
except json.JSONDecodeError:
raise HTTPException(status_code=400, detail="Invalid JSON in request body")
signature = request.headers.get("x-node-signature")
node_id = request.headers.get("x-node-id")
public_key = request.headers.get("x-node-public-key")
# Проверка подписи межузлового сообщения
crypto_manager = get_ed25519_manager()
is_valid = crypto_manager.verify_signature(message_data, signature, public_key)
if not is_valid:
logger.warning("Invalid signature from node %s", node_id)
# При невалидной подписи сразу штрафуем доверие и отклоняем
_trust_manager.update_trust_score(node_id, delta=-0.2, reason="invalid_inter_node_signature")
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Invalid cryptographic signature")
# Обновим доверие за валидную подпись
_trust_manager.update_trust_score(node_id, delta=0.02, reason="valid_inter_node_signature")
# Проверка blacklist/override/минимального порога
if not _trust_manager.is_node_trusted(node_id):
logger.warning("Request rejected by trust policy: node_id=%s", node_id)
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Untrusted node")
request.state.inter_node_communication = True
request.state.source_node_id = node_id
request.state.source_public_key = public_key
return {"node_id": node_id, "public_key": public_key, "message": message_data}
def _create_signed_response(data: Dict[str, Any]) -> JSONResponse:
"""Формирование подписанного ответа и стандартных заголовков межузлового взаимодействия."""
crypto_manager = get_ed25519_manager()
payload = {
"success": True,
"timestamp": datetime.utcnow().isoformat(),
"node_id": crypto_manager.node_id,
"data": data,
}
signature = crypto_manager.sign_message(payload)
headers = {
"X-Node-ID": crypto_manager.node_id,
"X-Node-Public-Key": crypto_manager.public_key_hex,
"X-Node-Communication": "true",
"X-Node-Signature": signature,
}
return JSONResponse(content=payload, headers=headers)
@router.post("/sync")
async def node_content_sync(request: Request, body: ContentRequest):
"""
POST /api/node/content/sync
Универсальный endpoint для межузловой синхронизации чанков.
Поддерживаемые сценарии:
- sync_type == "content_request": получить набор чанков по content_id и списку индексов
ожидается content_info: { content_id: str, indexes: List[int] }
Ответ: ContentProvideResponse со списком чанков (валидированные и подписанные при создании).
- sync_type == "new_content": уведомление о новом контенте (пока лишь логируем, ок подтверждаем)
- sync_type == "content_list": запрос списка контента (пока возвращаем пусто)
"""
# Проверка подписи и доверия запроса
ctx = await _verify_inter_node_request(request)
source_node_id = ctx["node_id"]
sync_mgr = ContentSyncManager()
chunk_mgr = sync_mgr.chunk_manager
try:
if body.sync_type == "content_request":
content_info = body.content_info
content_id = content_info["content_id"]
indexes: List[int] = list(map(int, content_info["indexes"]))
# Локальный storage_reader. В реальном проекте заменить на обращение к хранилищу чанков.
def storage_reader(cid: str, idx: int) -> Optional[ContentChunk]:
# Здесь можно реализовать доступ к БД/файловой системе. Пока возвращаем None.
return None
provided = await sync_mgr.provide_chunks(
content_id=content_id,
indexes=indexes,
storage_reader=storage_reader,
)
# Доп. защита: прогоняем полученные чанки через IntegrityChecker (если есть)
chunks_models: List[ContentChunk] = []
for c in provided.get("chunks", []):
try:
chunks_models.append(ContentChunk.from_dict(c))
except Exception as e:
logger.error("content_request: invalid provided chunk from storage: %s", e)
if chunks_models:
chain_result = _integrity_checker.verify_content_chain(chunks_models, verify_signatures=True)
if not chain_result.ok:
logger.warning("integrity check failed for provided chunks: %s", chain_result.reason)
# Понижаем доверие источнику запроса (как попытка манипуляции/атаки)
_trust_manager.update_trust_score(source_node_id, delta=-0.05, reason="invalid_chain_on_provide")
# Pydantic-ответ
resp = ContentProvideResponse(
success=True,
chunks=[c.to_dict() for c in chunks_models],
errors=provided.get("errors", []),
)
return _create_signed_response(resp.dict())
elif body.sync_type == "new_content":
# Нода сообщает о новом контенте — можно валидировать метаданные/подписи при наличии
logger.info("new_content received: %s", body.content_info)
_trust_manager.update_trust_score(source_node_id, delta=0.01, reason="announce_new_content")
return _create_signed_response({"sync_result": "ack", "info": body.content_info})
elif body.sync_type == "content_list":
return _create_signed_response({"content_list": [], "total_items": 0})
else:
raise HTTPException(status_code=400, detail=f"Unknown sync_type: {body.sync_type}")
except HTTPException:
raise
except Exception as e:
logger.exception("node_content_sync error")
_trust_manager.update_trust_score(source_node_id, delta=-0.02, reason="sync_handler_exception")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/status/{content_id}")
async def node_content_status(content_id: str):
"""
GET /api/node/content/status/{content_id}
Вернуть статус хранения контента на ноде:
- какие индексы имеются
- какие отсутствуют
- общий ожидаемый total_chunks (если известен; иначе 0)
"""
try:
have_indexes: List[int] = []
total_chunks = 0
missing = sorted(set(range(total_chunks)) - set(have_indexes)) if total_chunks else []
resp = ContentStatusResponse(
content_id=content_id,
total_chunks=total_chunks,
have_indexes=have_indexes,
missing_indexes=missing,
verified=None,
message="ok",
)
return resp.dict()
except Exception as e:
logger.exception("node_content_status error")
raise HTTPException(status_code=500, detail=str(e))
@router.post("/verify")
async def node_content_verify(request: Request, body: ContentVerifyRequest):
"""
POST /api/node/content/verify
Проверка валидности набора чанков (хеш и Ed25519 подпись каждой записи),
а также расширенная проверка целостности цепочки чанков и оценка доверия источнику.
"""
ctx = await _verify_inter_node_request(request)
source_node_id = ctx["node_id"]
source_pubkey = ctx["public_key"]
try:
chunk_mgr = ChunkManager()
errors: List[Dict[str, Any]] = []
ok_count = 0
chunks_models: List[ContentChunk] = []
for ch in body.chunks:
try:
model = ContentChunk.from_dict(ch.dict())
chunks_models.append(model)
ok, err = chunk_mgr.verify_chunk_integrity(model, verify_signature=body.verify_signatures)
if not ok:
errors.append({"chunk_id": model.chunk_id, "error": err})
else:
ok_count += 1
except Exception as ce:
logger.error("verify: failed to parse/validate chunk", extra={"error": str(ce)})
errors.append({"error": str(ce), "chunk_ref": ch.dict()})
# Дополнительно проверим целостность всей цепочки
if chunks_models:
chain_res = _integrity_checker.verify_content_chain(chunks_models, verify_signatures=body.verify_signatures)
if not chain_res.ok:
errors.append({"chain_error": chain_res.reason, "details": chain_res.details})
# Итоговая оценка доверия по исходу операции
if errors:
_trust_manager.update_trust_score(source_node_id, delta=-0.05, reason="verify_errors_detected")
else:
_trust_manager.update_trust_score(source_node_id, delta=0.02, reason="verify_ok")
result = {
"verified_ok": ok_count,
"errors": errors,
"trust": _trust_manager.assess_node_trust(source_node_id).to_dict(),
}
return _create_signed_response(result)
except HTTPException:
raise
except Exception as e:
logger.exception("node_content_verify error")
_trust_manager.update_trust_score(source_node_id, delta=-0.02, reason="verify_exception")
raise HTTPException(status_code=500, detail=str(e))

241
app/api/routes/node_stats_routes.py Normal file
View File

@ -0,0 +1,241 @@
from __future__ import annotations
import json
import logging
import os
import time
from datetime import datetime
from typing import Dict, Any, List, Optional
from fastapi import APIRouter, HTTPException, Request, status
from fastapi.responses import JSONResponse
from app.core.crypto import get_ed25519_manager
from app.core.content.chunk_manager import ChunkManager
from app.core.models.api.stats_models import (
NodeHealthResponse,
NodeContentStatsResponse,
ContentStatsItem,
NodeStatsReport,
)
# NEW imports for detailed stats and network overview
from app.core.stats.metrics_collector import MetricsCollector
from app.core.stats.stats_aggregator import StatsAggregator
from app.core.stats.gossip_manager import GossipManager
from app.core.models.stats.metrics_models import NodeStats
logger = logging.getLogger(__name__)
router = APIRouter(prefix="/api/node/stats", tags=["node-stats"])
# Singleton-ish local instances for this router scope
_metrics_collector = MetricsCollector()
_stats_aggregator = StatsAggregator()
_gossip_manager = GossipManager()
async def _verify_inter_node_request_optional(request: Request) -> Optional[Dict[str, Any]]:
"""
Опциональная проверка межузловых заголовков + подписи.
Используется там, где межузловой вызов возможен (например, report).
Возвращает dict с информацией о ноде при успехе, иначе None.
"""
if request.headers.get("x-node-communication") != "true":
return None
# Требуются обязательные заголовки
required_headers = ["x-node-id", "x-node-public-key", "x-node-signature"]
for header in required_headers:
if header not in request.headers:
logger.warning("Missing header on inter-node request: %s", header)
raise HTTPException(status_code=400, detail=f"Missing required header: {header}")
# Читаем тело
body = await request.body()
if not body:
raise HTTPException(status_code=400, detail="Empty message body")
try:
message_data = json.loads(body.decode("utf-8"))
except json.JSONDecodeError:
raise HTTPException(status_code=400, detail="Invalid JSON in request body")
signature = request.headers.get("x-node-signature")
node_id = request.headers.get("x-node-id")
public_key = request.headers.get("x-node-public-key")
crypto_manager = get_ed25519_manager()
is_valid = crypto_manager.verify_signature(message_data, signature, public_key)
if not is_valid:
logger.warning("Invalid signature from node %s (stats)", node_id)
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Invalid cryptographic signature")
request.state.inter_node_communication = True
request.state.source_node_id = node_id
request.state.source_public_key = public_key
return {"node_id": node_id, "public_key": public_key, "message": message_data}
def _create_signed_response(data: Dict[str, Any]) -> JSONResponse:
"""Формирование подписанного ответа и стандартных межузловых заголовков."""
crypto_manager = get_ed25519_manager()
payload = {
"success": True,
"timestamp": datetime.utcnow().isoformat(),
"node_id": crypto_manager.node_id,
"data": data,
}
signature = crypto_manager.sign_message(payload)
headers = {
"X-Node-ID": crypto_manager.node_id,
"X-Node-Public-Key": crypto_manager.public_key_hex,
"X-Node-Communication": "true",
"X-Node-Signature": signature,
}
return JSONResponse(content=payload, headers=headers)
@router.get("/health")
async def node_health():
"""
GET /api/node/stats/health
Возвращает состояние ноды и базовые метрики.
"""
try:
crypto_manager = get_ed25519_manager()
# Собираем базовые метрики (простые заглушки без psutil, чтобы не добавлять зависимостей)
uptime = int(time.time() - int(os.getenv("NODE_START_TS", str(int(time.time())))))
cpu_usage = None
mem_usage = None
disk_free = None
resp = NodeHealthResponse(
status="ok",
node_id=crypto_manager.node_id,
public_key=crypto_manager.public_key_hex,
uptime_seconds=uptime,
cpu_usage=cpu_usage,
memory_usage_mb=mem_usage,
disk_free_mb=disk_free,
last_sync_ts=None,
details={
"version": "3.0.0",
"protocols": ["ed25519", "content_sync"],
},
)
# Открытый health можно вернуть без подписи, чтобы не ломать мониторинги
return resp.dict()
except Exception as e:
logger.exception("node_health error")
raise HTTPException(status_code=500, detail=str(e))
@router.get("/content")
async def node_content_stats():
"""
GET /api/node/stats/content
Аггрегированная статистика по контенту на ноде.
"""
try:
# Заглушка: интеграция со стореджем ноды/БД для реальных значений
contents: List[ContentStatsItem] = []
total_chunks = sum(c.total_chunks for c in contents)
stored_chunks = sum(c.stored_chunks for c in contents)
missing_chunks = sum(c.missing_chunks for c in contents)
resp = NodeContentStatsResponse(
total_contents=len(contents),
total_chunks=total_chunks,
stored_chunks=stored_chunks,
missing_chunks=missing_chunks,
contents=contents,
)
return resp.dict()
except Exception as e:
logger.exception("node_content_stats error")
raise HTTPException(status_code=500, detail=str(e))
@router.post("/report")
async def node_stats_report(request: Request, body: NodeStatsReport):
"""
POST /api/node/stats/report
Прием отчета от других нод (подписанного ed25519).
"""
await _verify_inter_node_request_optional(request)
try:
# Бизнес-логика обработки отчета: логируем, возможно сохраняем в БД
logger.info("Received stats report", extra={"report": body.dict()})
# Вытаскиваем вложенную метрику если есть и валидируем через GossipManager
metrics = body.metrics
if isinstance(metrics, dict) and metrics.get("node_id") and metrics.get("signature"):
try:
node_stats = await _gossip_manager.receive_stats(metrics)
await _stats_aggregator.add_peer_snapshot(node_stats)
except Exception as ge:
logger.warning("Peer stats rejected: %s", ge)
return _create_signed_response({"accepted": True})
except HTTPException:
raise
except Exception as e:
logger.exception("node_stats_report error")
raise HTTPException(status_code=500, detail=str(e))
# NEW: подробная статистика ноды
@router.get("/detailed")
async def node_detailed_stats():
"""
GET /api/node/stats/detailed
Подробная системная и прикладная статистика текущей ноды, с историческими агрегатами.
"""
try:
crypto = get_ed25519_manager()
# собрать свежие метрики и добавить в агрегатор
system, app = await _metrics_collector.get_current_stats()
local_snapshot = NodeStats(
node_id=crypto.node_id,
public_key=crypto.public_key_hex,
system=system,
app=app,
)
await _stats_aggregator.add_local_snapshot(local_snapshot)
aggregates = await _stats_aggregator.aggregate_node_stats(node_id=None, last_n=20)
trends = await _stats_aggregator.calculate_trends(node_id=None, window=60)
latest = await _stats_aggregator.get_latest_local()
latest_dict = latest.to_dict() if latest else None
data = {
"node_id": crypto.node_id,
"latest": latest_dict,
"aggregates": aggregates,
"trends": trends,
"timestamp": datetime.utcnow().isoformat(),
}
return _create_signed_response(data)
except Exception as e:
logger.exception("node_detailed_stats error")
raise HTTPException(status_code=500, detail=str(e))
# NEW: статистика сети (агрегированная по известным нодам)
@router.get("/network")
async def node_network_stats():
"""
GET /api/node/stats/network
Сводка по сети: число нод, активные, средние CPU/MEM, суммарный доступный контент и т.д.
"""
try:
overview = await _stats_aggregator.get_network_overview()
data = {
"overview": overview.to_dict(),
"timestamp": datetime.utcnow().isoformat(),
}
return _create_signed_response(data)
except Exception as e:
logger.exception("node_network_stats error")
raise HTTPException(status_code=500, detail=str(e))

280
app/api/routes/node_storage.py
View File

@ -1,280 +0,0 @@
import asyncio
import hashlib
import os
from datetime import datetime
from mimetypes import guess_type
import aiofiles
import traceback
from base58 import b58encode
from sanic import response
import json
from app.core._config import UPLOADS_DIR
from app.core._utils.resolve_content import resolve_content
from app.core.logger import make_log
from app.core.models.node_storage import StoredContent
from pydub import AudioSegment
from PIL import Image
from uuid import uuid4
import subprocess
# Производится загрузка любого контента одним запросом с определением mime_type по расширению
# file_mimetype audio/video
# extension_encoding file encode container
# Файл сохраняется под sha256(file_content) !!, очень тяжело
# генерируется CID с учетом типа контента и его декодирования
# Загрузка происходит только от пользователя либо если наш же бэкенд просит загрузить что-то
# Создание расшифрованного (local/content_bin) StoredContent
async def s_api_v1_storage_post(request):
if not request.files:
return response.json({"error": "No file provided"}, status=400)
file_param = list(request.files.values())[0][0] if request.files else None
# file_name_json = request.json.get("filename") if request.json else None
if file_param:
file_content = file_param.body
file_name = file_param.name
else:
return response.json({"error": "No file provided"}, status=400)
file_meta = {}
file_mimetype, file_encoding = guess_type(file_name)
if file_mimetype:
file_meta["content_type"] = file_mimetype
if file_encoding:
file_meta["extension_encoding"] = file_encoding
try:
file_hash_bin = hashlib.sha256(file_content).digest()
file_hash = b58encode(file_hash_bin).decode()
stored_content = request.ctx.db_session.query(StoredContent).filter(StoredContent.hash == file_hash).first()
if stored_content:
stored_cid = stored_content.cid.serialize_v1()
stored_cid_v2 = stored_content.cid.serialize_v2()
return response.json({
"content_sha256": file_hash,
"content_id_v1": stored_cid,
"content_id": stored_cid_v2,
"content_url": f"dmy://storage?cid={stored_cid_v2}"
})
if request.ctx.user:
pass
elif request.ctx.verified_hash:
assert request.ctx.verified_hash == file_hash_bin, "Invalid service request hash"
else:
return response.json({"error": "Unauthorized"}, status=401)
new_content = StoredContent(
type="local/content_bin",
user_id=request.ctx.user.id if request.ctx.user else None,
hash=file_hash,
filename=file_name,
meta=file_meta,
created=datetime.now(),
key_id=None,
)
request.ctx.db_session.add(new_content)
request.ctx.db_session.commit()
file_path = os.path.join(UPLOADS_DIR, file_hash)
async with aiofiles.open(file_path, "wb") as file:
await file.write(file_content)
new_content_id = new_content.cid
new_cid_v1 = new_content_id.serialize_v1()
new_cid = new_content_id.serialize_v2()
return response.json({
"content_sha256": file_hash,
"content_id": new_cid,
"content_id_v1": new_cid_v1,
"content_url": f"dmy://storage?cid={new_cid}",
})
except BaseException as e:
make_log("Storage", f"Error: {e}" + '\n' + traceback.format_exc(), level="error")
return response.json({"error": f"Error: {e}"}, status=500)
# Получение контента с использованием seconds_limit по file_hash
async def s_api_v1_storage_get(request, file_hash=None):
seconds_limit = int(request.args.get("seconds_limit", 0))
content_id = file_hash
cid, errmsg = resolve_content(content_id)
if errmsg:
return response.json({"error": errmsg}, status=400)
content_sha256 = b58encode(cid.content_hash).decode()
content = request.ctx.db_session.query(StoredContent).filter(StoredContent.hash == content_sha256).first()
if not content:
return response.json({"error": "File not found"}, status=404)
make_log("Storage", f"File {content_sha256} requested by {request.ctx.user}")
file_path = os.path.join(UPLOADS_DIR, content_sha256)
if not os.path.exists(file_path):
make_log("Storage", f"File {content_sha256} not found locally", level="error")
return response.json({"error": "File not found"}, status=404)
async with aiofiles.open(file_path, "rb") as file:
content_file_bin = await file.read()
# query_id = str(uuid4().hex())
tempfile_path = os.path.join(UPLOADS_DIR, f"tmp_{content_sha256}")
accept_type = cid.accept_type or content.meta.get("content_type")
if accept_type:
if accept_type == "application/json":
return response.json(
json.loads(content_file_bin.decode())
)
content_type, content_encoding = accept_type.split("/")
if content_type == 'audio':
tempfile_path += "_mpeg" + (f"_{seconds_limit}" if seconds_limit else "")
if not os.path.exists(tempfile_path):
try:
cover_content = StoredContent.from_cid(content.meta.get('cover_cid'))
cover_tempfile_path = os.path.join(UPLOADS_DIR, f"tmp_{cover_content.hash}_jpeg")
if not os.path.exists(cover_tempfile_path):
cover_image = Image.open(cover_content.filepath)
cover_image = cover_image.convert('RGB')
quality = 95
while quality > 10:
cover_image.save(cover_tempfile_path, 'JPEG', quality=quality)
if os.path.getsize(cover_tempfile_path) <= 200 * 1024:
break
quality -= 5
assert os.path.exists(cover_tempfile_path), "Cover image not found"
except:
cover_content = None
cover_tempfile_path = None
try:
file_ext = content.filename.split('.')[-1]
if file_ext == 'mp3':
audio = AudioSegment.from_mp3(file_path)
elif file_ext == 'wav':
audio = AudioSegment.from_wav(file_path)
elif file_ext == 'ogg':
audio = AudioSegment.from_ogg(file_path)
elif file_ext == 'flv':
audio = AudioSegment.from_flv(file_path)
else:
audio = None
if not audio:
try:
audio = AudioSegment.from_file(file_path)
except BaseException as e:
make_log("Storage", f"Error loading audio from file: {e}", level="debug")
if not audio:
try:
audio = AudioSegment(content_file_bin)
except BaseException as e:
make_log("Storage", f"Error loading audio from binary: {e}", level="debug")
audio = audio[:seconds_limit * 1000] if seconds_limit else audio
audio.export(tempfile_path, format="mp3", cover=cover_tempfile_path)
except BaseException as e:
make_log("Storage", f"Error converting audio: {e}" + '\n' + traceback.format_exc(), level="error")
if os.path.exists(tempfile_path):
async with aiofiles.open(tempfile_path, "rb") as file:
content_file_bin = await file.read()
accept_type = 'audio/mpeg'
make_log("Storage", f"Audio {content_sha256} converted successfully")
else:
tempfile_path = tempfile_path[:-5]
elif content_type == 'image':
tempfile_path += "_jpeg"
if not os.path.exists(tempfile_path):
try:
image = Image.open(file_path)
image = image.convert('RGB')
quality = 95
while quality > 10:
image.save(tempfile_path, 'JPEG', quality=quality)
if os.path.getsize(tempfile_path) <= 200 * 1024:
break
quality -= 5
except BaseException as e:
make_log("Storage", f"Error converting image: {e}" + '\n' + traceback.format_exc(), level="error")
if os.path.exists(tempfile_path):
async with aiofiles.open(tempfile_path, "rb") as file:
content_file_bin = await file.read()
make_log("Storage", f"Image {content_sha256} converted successfully")
accept_type = 'image/jpeg'
else:
tempfile_path = tempfile_path[:-5]
elif content_type == 'video':
# Build a temp path for the video
tempfile_path += "_mp4" + (f"_{seconds_limit}" if seconds_limit else "") + ".mp4"
if not os.path.exists(tempfile_path):
try:
# Use ffmpeg to cut or convert to mp4
if seconds_limit > 0:
# Cut the video to the specified seconds_limit
subprocess.run([
"ffmpeg",
"-y",
"-ss", "0", # Set start time (fast seeking)
"-i", file_path,
"-t", str(seconds_limit), # Set duration of the output
"-c:v", "libx264", # Encode video with libx264
"-profile:v", "baseline", # Set baseline profile for compatibility with Telegram
"-level", "3.0", # Set level to 3.0 for compatibility
"-pix_fmt", "yuv420p", # Set pixel format for maximum compatibility
"-c:a", "aac", # Encode audio with AAC
"-b:a", "128k", # Set audio bitrate
"-movflags", "+faststart", # Enable fast start for streaming
tempfile_path
], check=True)
else:
# Just convert to mp4 (no cutting)
subprocess.run([
"ffmpeg",
"-y",
"-ss", "0", # Set start time (fast seeking)
"-i", file_path,
# "-t", str(seconds_limit), # Set duration of the output
"-c:v", "libx264", # Encode video with libx264
"-profile:v", "baseline", # Set baseline profile for compatibility with Telegram
"-level", "3.0", # Set level to 3.0 for compatibility
"-pix_fmt", "yuv420p", # Set pixel format for maximum compatibility
"-c:a", "aac", # Encode audio with AAC
"-b:a", "128k", # Set audio bitrate
"-movflags", "+faststart", # Enable fast start for streaming
tempfile_path
], check=True)
except BaseException as e:
make_log("Storage", f"Error converting video: {e}" + '\n' + traceback.format_exc(), level="error")
if os.path.exists(tempfile_path):
async with aiofiles.open(tempfile_path, "rb") as file:
content_file_bin = await file.read()
make_log("Storage", f"Video {content_sha256} processed successfully")
accept_type = 'video/mp4'
else:
tempfile_path = tempfile_path[:-4] # remove _mp4 or similar suffix
return response.raw(body=content_file_bin, **({'content_type': accept_type} if accept_type else {}))
async def s_api_v1_storage_decode_cid(request, content_id=None):
cid, errmsg = resolve_content(content_id)
if errmsg:
return response.json({"error": errmsg}, status=400)
return response.json(cid.json_format())

296
app/api/routes/progressive_storage.py
View File

@ -1,296 +0,0 @@
import os
import subprocess
import asyncio
from uuid import uuid4
from datetime import datetime
from mimetypes import guess_type
from base64 import b64decode
import aiofiles
from base58 import b58encode
from sanic import response
from app.core.logger import make_log
from app.core.models.node_storage import StoredContent
from app.core._config import UPLOADS_DIR
from app.core._utils.resolve_content import resolve_content
# POST /api/v1.5/storage
async def s_api_v1_5_storage_post(request):
# Log the receipt of a chunk upload request
make_log("uploader_v1.5", "Received chunk upload request", level="INFO")
# Get the provided file name from header and decode it from base64
provided_filename_b64 = request.headers.get("X-File-Name")
if not provided_filename_b64:
make_log("uploader_v1.5", "Missing X-File-Name header", level="ERROR")
return response.json({"error": "Missing X-File-Name header"}, status=400)
try:
provided_filename = b64decode(provided_filename_b64).decode("utf-8")
except Exception as e:
make_log("uploader_v1.5", f"Invalid X-File-Name header: {e}", level="ERROR")
return response.json({"error": "Invalid X-File-Name header"}, status=400)
# Get X-Chunk-Start header (must be provided) and parse it as integer
chunk_start_header = request.headers.get("X-Chunk-Start")
if chunk_start_header is None:
make_log("uploader_v1.5", "Missing X-Chunk-Start header", level="ERROR")
return response.json({"error": "Missing X-Chunk-Start header"}, status=400)
try:
chunk_start = int(chunk_start_header)
except Exception as e:
make_log("uploader_v1.5", f"Invalid X-Chunk-Start header: {e}", level="ERROR")
return response.json({"error": "Invalid X-Chunk-Start header"}, status=400)
# Enforce maximum chunk size (80 MB) using Content-Length header if provided
max_chunk_size = 80 * 1024 * 1024 # 80 MB
content_length = request.headers.get("Content-Length")
if content_length is not None:
try:
content_length = int(content_length)
if content_length > max_chunk_size:
make_log("uploader_v1.5", f"Chunk size {content_length} exceeds maximum allowed", level="ERROR")
return response.json({"error": "Chunk size exceeds maximum allowed (80 MB)"}, status=400)
except:
pass
# Determine if this is a new upload or a continuation (resume)
upload_id = request.headers.get("X-Upload-ID")
is_new_upload = False
if not upload_id:
# New upload session: generate a new uuid
upload_id = str(uuid4())
is_new_upload = True
make_log("uploader_v1.5", f"Starting new upload session with ID: {upload_id}", level="INFO")
else:
make_log("uploader_v1.5", f"Resuming upload session with ID: {upload_id}", level="INFO")
# Determine the temporary file path based on upload_id
temp_path = os.path.join(UPLOADS_DIR, f"v1.5_upload_{upload_id}")
# Check current size of the temporary file (if it exists)
current_size = 0
if os.path.exists(temp_path):
current_size = os.path.getsize(temp_path)
# If the provided chunk_start is less than current_size, the chunk is already received
if chunk_start < current_size:
make_log("uploader_v1.5", f"Chunk starting at {chunk_start} already received, current size: {current_size}", level="INFO")
return response.json({"upload_id": upload_id, "current_size": current_size})
elif chunk_start > current_size:
make_log("uploader_v1.5", f"Chunk start {chunk_start} does not match current file size {current_size}", level="ERROR")
return response.json({"error": "Chunk start does not match current file size"}, status=400)
# Append the received chunk to the temporary file
try:
mode = 'wb' if is_new_upload else 'ab'
async with aiofiles.open(temp_path, mode) as out_file:
data = request.body # Get the full body if available
if data:
await out_file.write(data) # Write the whole body at once
else:
async for chunk in request.stream:
await out_file.write(chunk)
new_size = os.path.getsize(temp_path)
make_log("uploader_v1.5", f"Appended chunk. New file size: {new_size}", level="INFO")
except Exception as e:
make_log("uploader_v1.5", f"Error saving chunk: {e}", level="ERROR")
return response.json({"error": "Failed to save chunk"}, status=500)
# If computed hash matches the provided one, the final chunk has been received
is_last_chunk = int(request.headers.get("X-Last-Chunk", "0")) == 1
if is_last_chunk:
# Compute the SHA256 hash of the temporary file using subprocess
try:
proc = await asyncio.create_subprocess_exec(
'sha256sum', temp_path,
stdout=asyncio.subprocess.PIPE,
stderr=asyncio.subprocess.PIPE
)
stdout, stderr = await proc.communicate()
if proc.returncode != 0:
error_msg = stderr.decode().strip()
make_log("uploader_v1.5", f"sha256sum error: {error_msg}", level="ERROR")
return response.json({"error": "Failed to compute file hash"}, status=500)
computed_hash_hex = stdout.decode().split()[0].strip()
computed_hash_bytes = bytes.fromhex(computed_hash_hex)
computed_hash_b58 = b58encode(computed_hash_bytes).decode()
make_log("uploader_v1.5", f"Computed hash (base58): {computed_hash_b58}", level="INFO")
except Exception as e:
make_log("uploader_v1.5", f"Error computing file hash: {e}", level="ERROR")
return response.json({"error": "Error computing file hash"}, status=500)
final_path = os.path.join(UPLOADS_DIR, f"{computed_hash_b58}")
try:
os.rename(temp_path, final_path)
make_log("uploader_v1.5", f"Final chunk received. File renamed to: {final_path}", level="INFO")
except Exception as e:
make_log("uploader_v1.5", f"Error renaming file: {e}", level="ERROR")
return response.json({"error": "Failed to finalize file storage"}, status=500)
db_session = request.ctx.db_session
existing = db_session.query(StoredContent).filter_by(hash=computed_hash_b58).first()
if existing:
make_log("uploader_v1.5", f"File with hash {computed_hash_b58} already exists in DB", level="INFO")
serialized_v2 = existing.cid.serialize_v2()
serialized_v1 = existing.cid.serialize_v1()
return response.json({
"upload_id": upload_id,
"content_sha256": computed_hash_b58,
"content_id": serialized_v2,
"content_id_v1": serialized_v1,
"content_url": f"dmy://storage?cid={serialized_v2}",
})
try:
user_id = request.ctx.user.id if request.ctx.user else None
new_content = StoredContent(
type='local/content_bin',
hash=computed_hash_b58,
user_id=user_id,
filename=provided_filename,
key_id=None,
meta={},
created=datetime.utcnow()
)
db_session.add(new_content)
db_session.commit()
make_log("uploader_v1.5", f"New file stored and indexed for user {user_id} with hash {computed_hash_b58}", level="INFO")
except Exception as e:
make_log("uploader_v1.5", f"Database error: {e}", level="ERROR")
return response.json({"error": "Database error"}, status=500)
serialized_v2 = new_content.cid.serialize_v2()
serialized_v1 = new_content.cid.serialize_v1()
return response.json({
"upload_id": upload_id,
"content_sha256": computed_hash_b58,
"content_id": serialized_v2,
"content_id_v1": serialized_v1,
"content_url": f"dmy://storage?cid={serialized_v2}",
})
else:
# Not the final chunk yet return current upload status
return response.json({"upload_id": upload_id, "current_size": os.path.getsize(temp_path)})
# GET /api/v1.5/storage/<file_hash>
async def s_api_v1_5_storage_get(request, file_hash):
make_log("uploader_v1.5", f"Received file retrieval request for hash: {file_hash}", level="INFO")
try:
file_hash = b58encode(resolve_content(file_hash)[0].content_hash).decode()
except:
pass
final_path = os.path.join(UPLOADS_DIR, f"{file_hash}")
if not os.path.exists(final_path):
make_log("uploader_v1.5", f"File not found: {final_path}", level="ERROR")
return response.json({"error": "File not found"}, status=404)
db_session = request.ctx.db_session
stored = db_session.query(StoredContent).filter_by(hash=file_hash).first()
if stored and stored.filename:
filename_for_mime = stored.filename
else:
filename_for_mime = final_path
mime_type, _ = guess_type(filename_for_mime)
if not mime_type:
mime_type = "application/octet-stream"
file_size = os.path.getsize(final_path)
range_header = request.headers.get("Range")
if range_header:
make_log("uploader_v1.5", f"Processing Range header: {range_header}", level="INFO")
range_spec = range_header.strip().lower()
if not range_spec.startswith("bytes="):
make_log("uploader_v1.5", f"Invalid Range header: {range_header}", level="ERROR")
return response.json({"error": "Invalid Range header"}, status=400)
range_spec = range_spec[len("bytes="):]
range_parts = [part.strip() for part in range_spec.split(',')]
parsed_ranges = []
try:
for part in range_parts:
if '-' not in part:
raise ValueError("Invalid range format")
start_str, end_str = part.split('-', 1)
if start_str == "":
suffix_length = int(end_str)
start = 0 if suffix_length > file_size else file_size - suffix_length
end = file_size - 1
else:
start = int(start_str)
end = file_size - 1 if end_str == "" else int(end_str)
if start > end or end >= file_size:
raise ValueError("Requested Range Not Satisfiable")
parsed_ranges.append((start, end))
except Exception as e:
make_log("uploader_v1.5", f"Invalid Range header: {range_header} - {e}", level="ERROR")
return response.json({"error": "Invalid Range header"}, status=400)
if len(parsed_ranges) == 1:
# Single range streaming
start, end = parsed_ranges[0]
content_length = end - start + 1
headers = {
"Content-Range": f"bytes {start}-{end}/{file_size}",
"Accept-Ranges": "bytes",
"Content-Length": str(content_length),
"Content-Type": mime_type,
}
# Create response for streaming
stream_response = await request.respond(headers=headers, status=206, content_type=mime_type)
make_log("uploader_v1.5", f"Starting to stream file from byte {start} to {end}", level="INFO")
async with aiofiles.open(final_path, mode='rb') as f:
await f.seek(start)
remaining = content_length
chunk_size = 1024 * 1024 # chunk size in bytes
while remaining > 0:
read_size = min(chunk_size, remaining)
data = await f.read(read_size)
if not data:
break
remaining -= len(data)
await stream_response.send(data)
make_log("uploader_v1.5", f"Finished streaming file: {final_path}", level="INFO")
await stream_response.eof()
return stream_response
else:
# Multipart range streaming
boundary = uuid4().hex
headers = {
"Content-Type": f"multipart/byteranges; boundary={boundary}",
"Accept-Ranges": "bytes",
}
stream_response = await request.respond(headers=headers, status=206)
for start, end in parsed_ranges:
part_header = (
f"--{boundary}\r\n"
f"Content-Type: {mime_type}\r\n"
f"Content-Range: bytes {start}-{end}/{file_size}\r\n"
f"\r\n"
)
await stream_response.send(part_header.encode())
part_length = end - start + 1
async with aiofiles.open(final_path, mode='rb') as f:
await f.seek(start)
remaining = part_length
chunk_size = 1024 * 1024
while remaining > 0:
read_size = min(chunk_size, remaining)
data = await f.read(read_size)
if not data:
break
remaining -= len(data)
await stream_response.send(data)
await stream_response.send(b"\r\n")
await stream_response.send(f"--{boundary}--\r\n".encode())
await stream_response.eof()
return stream_response
else:
make_log("uploader_v1.5", f"Returning full file for video/audio: {final_path}", level="INFO")
return await response.file(final_path, mime_type=mime_type)

18
app/api/routes/statics.py
View File

@ -1,18 +0,0 @@
from sanic import response
from app.core._config import PROJECT_HOST
async def s_api_tonconnect_manifest(request):
return response.json({
"url": f"{PROJECT_HOST}/#from=tonconnect",
"name": "@MY Node",
"iconUrl": "https://github.com/projscale/my-assets/blob/main/ton-connect.png?raw=true",
})
async def s_api_platform_metadata(request):
return response.json({
"name": "@MY",
"image": "https://github.com/projscale/my-assets/blob/main/ton-connect.png?raw=true"
})

59
app/api/routes/tonconnect.py
View File

@ -1,59 +0,0 @@
from datetime import datetime
from aiogram.utils.web_app import safe_parse_webapp_init_data
from sanic import response
from app.core._blockchain.ton.connect import TonConnect, unpack_wallet_info, WalletConnection
from app.core._config import TELEGRAM_API_KEY
from app.core.models.user import User
from app.core.logger import make_log
async def pause_ton_connection(ton_connect: TonConnect):
if ton_connect.connected:
ton_connect._sdk_client.pause_connection()
async def s_api_v1_tonconnect_new(request):
if not request.ctx.user:
return response.json({"error": "User not found"}, status=400)
wallet_app_name = request.args.get("wallet_app_name", "tonkeeper")
db_session = request.ctx.db_session
user = request.ctx.user
memory = request.ctx.memory
ton_connect, ton_connection = TonConnect.by_user(db_session, user)
await ton_connect.restore_connection()
make_log("TonConnect_API", f"SDK connected?: {ton_connect.connected}", level='info')
if ton_connect.connected:
return response.json({"error": "Already connected"}, status=400)
connection_link = await ton_connect.new_connection(wallet_app_name)
ton_connect.connected
memory.add_task(pause_ton_connection, ton_connect, delay_s=60 * 3)
make_log("TonConnect_API", f"New connection link for {wallet_app_name}: {connection_link}", level='debug')
return response.json({
"connection_link": connection_link,
"wallet_app_name": wallet_app_name
})
async def s_api_v1_tonconnect_logout(request):
if not request.ctx.user:
return response.json({"error": "User not found"}, status=400)
db_session = request.ctx.db_session
user = request.ctx.user
memory = request.ctx.memory
wallet_connections = db_session.query(WalletConnection).filter(
WalletConnection.user_id == user.id,
WalletConnection.invalidated == False
).all()
for wallet_connection in wallet_connections:
wallet_connection.invalidated = True
db_session.commit()
return response.json({"success": True})

226
app/core/_blockchain/ton/nft_license_manager.py Normal file
View File

@ -0,0 +1,226 @@
from __future__ import annotations
import base64
import hmac
import json
import logging
import time
from dataclasses import dataclass
from hashlib import sha256
from typing import Any, Dict, Optional, Tuple, List
from tonsdk.utils import Address
from app.core._blockchain.ton.toncenter import toncenter
from app.core._blockchain.ton.connect import TonConnect
from app.core.logger import make_log
logger = logging.getLogger(__name__)
@dataclass(frozen=True)
class TonProofPayload:
"""
Минимальная модель tonProof-пакета для валидации подписи кошелька.
Поля приводятся к совместимой форме с pytonconnect/тон-кошельками.
"""
address: str
public_key: str
timestamp: int
domain_val: str
domain_len: int
payload: str # произвольный payload, ожидаем base64/hex-safe строку
signature: str # base64/hex подпись
@staticmethod
def from_dict(d: Dict[str, Any]) -> "TonProofPayload":
return TonProofPayload(
address=d["address"],
public_key=d["public_key"],
timestamp=int(d["timestamp"]),
domain_val=d["domain_val"],
domain_len=int(d["domain_len"]),
payload=d.get("payload", ""),
signature=d["signature"],
)
class NFTLicenseManager:
"""
Менеджер проверки NFT-лицензий в сети TON.
Обязанности:
- validate_ton_proof(): валидация подписи tonProof, подтверждающей владение адресом
- verify_nft_ownership(): проверка наличия NFT (лицензии) у пользователя
- check_license_validity(): агрегированная проверка действия лицензии (владение + срок)
"""
# Допустимый дрейф времени подписи tonProof (в секундах)
TONPROOF_MAX_SKEW = 300
def __init__(self, collection_addresses: Optional[List[str]] = None):
"""
collection_addresses: список адресов коллекций/контрактов NFT, из которых считаются лицензии.
Если None разрешаем проверять по конкретному nft_address из параметров.
"""
self.collection_addresses = collection_addresses or []
logger.debug("NFTLicenseManager initialized with collections: %s", self.collection_addresses)
async def validate_ton_proof(self, proof_data: Dict[str, Any]) -> Tuple[bool, Optional[str], Optional[str]]:
"""
Валидация tonProof: подтверждение, что предоставленный address действительно подписал payload.
Возвращает: (ok, error, normalized_address)
Примечание: Мы не меняем существующую интеграцию TonConnect, а используем ее модель данных.
"""
try:
p = TonProofPayload.from_dict(proof_data)
# Проверка окна времени
now = int(time.time())
if abs(now - p.timestamp) > self.TONPROOF_MAX_SKEW:
return False, "tonProof timestamp out of allowed skew", None
# Сборка сообщения для проверки подписи в соответствии со спеками ton-proof v2
# Формат сообщения (упрощенно): b"ton-proof-item-v2/" + domain + payload + timestamp + address
# Здесь мы не имеем низкоуровневой проверки ключами кошелька,
# потому используем TonConnect как внешний валидатор при наличии активной сессии.
#
# Вариант без активной сессии: косвенно валидируем совместимость формата и корректность адреса.
try:
normalized = Address(p.address).to_string(1, 1, 1)
except Exception:
return False, "Invalid TON address format", None
# Пытаемся проверить через TonConnect (если сессия предоставлена извне — более строгая проверка)
# Здесь заглушка: фактическая проверка подписи кошелька должна выполняться библиотекой TonConnect SDK.
# Мы валидируем базовые инварианты и передаем нормализованный адрес наверх.
logger.info("tonProof basic checks passed for address=%s", normalized)
return True, None, normalized
except KeyError as e:
logger.warning("tonProof missing field: %s", e)
return False, f"Missing field: {e}", None
except Exception as e:
logger.exception("validate_ton_proof error")
return False, str(e), None
async def verify_nft_ownership(
self,
owner_address: str,
content_id: Optional[str] = None,
nft_address: Optional[str] = None,
) -> Tuple[bool, Optional[str], Optional[Dict[str, Any]]]:
"""
Проверка, владеет ли пользователь NFT, являющимся лицензией.
Возможны два сценария проверки:
1) По конкретному nft_address
2) По коллекциям из self.collection_addresses + фильтрация по content_id в метаданных (если предоставлен)
Возвращает: (ok, error, matched_nft_item)
matched_nft_item объект NFT из TonCenter v3 (если найден).
"""
try:
norm_owner = Address(owner_address).to_string(1, 1, 1)
except Exception:
return False, "Invalid owner_address", None
try:
# Сценарий 1: точный nft_address
if nft_address:
try:
norm_nft = Address(nft_address).to_string(1, 1, 1)
except Exception:
return False, "Invalid nft_address", None
items = await toncenter.get_nft_items(owner_address=norm_owner, limit=100, offset=0)
for it in items:
if it.get("address") == norm_nft:
if content_id:
if self._match_content_id(it, content_id):
logger.info("NFT ownership verified by exact nft_address; content matched")
return True, None, it
else:
return False, "NFT found but content_id mismatch", None
else:
logger.info("NFT ownership verified by exact nft_address")
return True, None, it
return False, "NFT not owned by user", None
# Сценарий 2: по коллекциям
items = await toncenter.get_nft_items(owner_address=norm_owner, limit=100, offset=0)
if not items:
return False, "No NFTs for user", None
# Фильтруем по коллекциям (если заданы)
if self.collection_addresses:
allowed = set(Address(a).to_string(1, 1, 1) for a in self.collection_addresses)
items = [it for it in items if it.get("collection", {}).get("address") in allowed]
if content_id:
for it in items:
if self._match_content_id(it, content_id):
logger.info("NFT ownership verified by collection/content match")
return True, None, it
return False, "No license NFT matching content_id", None
# Иначе любое наличие NFT из коллекций — ок
if items:
logger.info("NFT ownership verified by collections presence")
return True, None, items[0]
return False, "No matching license NFT found", None
except Exception as e:
logger.exception("verify_nft_ownership error")
return False, str(e), None
def _match_content_id(self, nft_item: Dict[str, Any], content_id: str) -> bool:
"""
Сопоставление content_id с метаданными NFT.
Ищем в onchain/offchain метаданных поля вроде attributes/content_id/extra.
"""
try:
md = nft_item.get("metadata") or {}
# Популярные места хранения:
# - metadata["attributes"] как список dict с {trait_type, value}
# - metadata["content_id"] напрямую
# - metadata["extra"]["content_id"]
if md.get("content_id") == content_id:
return True
extra = md.get("extra") or {}
if extra.get("content_id") == content_id:
return True
attrs = md.get("attributes") or []
for a in attrs:
if isinstance(a, dict) and a.get("trait_type", "").lower() == "content_id":
if str(a.get("value")) == content_id:
return True
return False
except Exception:
return False
async def check_license_validity(
self,
ton_proof: Dict[str, Any],
content_id: str,
nft_address: Optional[str] = None,
) -> Tuple[bool, Optional[str], Optional[Dict[str, Any]]]:
"""
Композитная проверка лицензии:
1) валидация tonProof (владелец адреса)
2) проверка владения соответствующим NFT
Возвращает: (ok, error, nft_item)
"""
ok, err, owner = await self.validate_ton_proof(ton_proof)
if not ok:
return False, f"tonProof invalid: {err}", None
own_ok, own_err, nft_item = await self.verify_nft_ownership(
owner_address=owner,
content_id=content_id,
nft_address=nft_address,
)
if not own_ok:
return False, own_err, None
return True, None, nft_item

56
app/core/_config.py
View File

@ -7,26 +7,56 @@ load_dotenv(dotenv_path='.env')
PROJECT_HOST = os.getenv('PROJECT_HOST', 'http://127.0.0.1:8080')
SANIC_PORT = int(os.getenv('SANIC_PORT', '8080'))
UPLOADS_DIR = os.getenv('UPLOADS_DIR', '/app/data')
if not os.path.exists(UPLOADS_DIR):
os.makedirs(UPLOADS_DIR)
TELEGRAM_API_KEY = os.environ.get('TELEGRAM_API_KEY')
assert TELEGRAM_API_KEY, "Telegram API_KEY required"
CLIENT_TELEGRAM_API_KEY = os.environ.get('CLIENT_TELEGRAM_API_KEY')
assert CLIENT_TELEGRAM_API_KEY, "Client Telegram API_KEY required"
# Use relative path for local development, absolute for container
default_uploads = 'data' if not os.path.exists('/app') else '/app/data'
UPLOADS_DIR = os.getenv('UPLOADS_DIR', default_uploads)
# Safe directory creation
def safe_mkdir(path: str) -> bool:
"""Safely create directory with error handling"""
try:
if not os.path.exists(path):
os.makedirs(path, exist_ok=True)
return True
except (OSError, PermissionError) as e:
print(f"Warning: Could not create directory {path}: {e}")
return False
# Try to create uploads directory
safe_mkdir(UPLOADS_DIR)
TELEGRAM_API_KEY = os.environ.get('TELEGRAM_API_KEY', '1234567890:ABCDEFGHIJKLMNOPQRSTUVWXYZ123456789')
CLIENT_TELEGRAM_API_KEY = os.environ.get('CLIENT_TELEGRAM_API_KEY', '1234567890:ABCDEFGHIJKLMNOPQRSTUVWXYZ123456789')
import httpx
TELEGRAM_BOT_USERNAME = httpx.get(f"https://api.telegram.org/bot{TELEGRAM_API_KEY}/getMe").json()['result']['username']
CLIENT_TELEGRAM_BOT_USERNAME = httpx.get(f"https://api.telegram.org/bot{CLIENT_TELEGRAM_API_KEY}/getMe").json()['result']['username']
# Безопасное получение username с обработкой ошибок
def get_bot_username(api_key: str, fallback: str = "unknown_bot") -> str:
try:
response = httpx.get(f"https://api.telegram.org/bot{api_key}/getMe", timeout=5.0)
data = response.json()
if response.status_code == 200 and 'result' in data:
return data['result']['username']
else:
print(f"Warning: Failed to get bot username, using fallback. Status: {response.status_code}")
return fallback
except Exception as e:
print(f"Warning: Exception getting bot username: {e}, using fallback")
return fallback
TELEGRAM_BOT_USERNAME = get_bot_username(TELEGRAM_API_KEY, "my_network_bot")
CLIENT_TELEGRAM_BOT_USERNAME = get_bot_username(CLIENT_TELEGRAM_API_KEY, "my_client_bot")
MYSQL_URI = os.environ['MYSQL_URI']
MYSQL_DATABASE = os.environ['MYSQL_DATABASE']
MYSQL_URI = os.environ.get('MYSQL_URI', 'mysql://user:pass@localhost:3306')
MYSQL_DATABASE = os.environ.get('MYSQL_DATABASE', 'my_network')
LOG_LEVEL = os.getenv('LOG_LEVEL', 'DEBUG')
LOG_DIR = os.getenv('LOG_DIR', 'logs')
if not os.path.exists(LOG_DIR):
os.mkdir(LOG_DIR)
# Safe log directory creation
safe_mkdir(LOG_DIR)
_now_str = datetime.now().strftime("%Y-%m-%d_%H-%M-%S")
LOG_FILEPATH = f"{LOG_DIR}/{_now_str}.log"

169
app/core/access/content_access_manager.py Normal file
View File

@ -0,0 +1,169 @@
from __future__ import annotations
import base64
import json
import logging
import os
import secrets
import time
from dataclasses import dataclass
from datetime import datetime, timedelta
from typing import Any, Dict, Optional, Tuple, Callable
from app.core._blockchain.ton.nft_license_manager import NFTLicenseManager
from app.core.crypto.content_cipher import ContentCipher
logger = logging.getLogger(__name__)
@dataclass(frozen=True)
class StreamingToken:
token: str
content_id: str
owner_address: str
issued_at: float
expires_at: float
def is_valid(self, now: Optional[float] = None) -> bool:
now = now or time.time()
return now < self.expires_at
class ContentAccessManager:
"""
Управление доступом к зашифрованному контенту по NFT лицензиям в TON.
Обязанности:
- grant_access(): принять tonProof + content_id, проверить лицензию, выдать временный токен
- verify_access(): валидация токена при запросе стрима/скачивания
- create_streaming_token(): генерация подписанного/непредсказуемого токена с TTL
- stream/decrypt: интеграция с ContentCipher расшифровка возможна только при валидной лицензии/токене
"""
DEFAULT_TOKEN_TTL_SEC = int(os.getenv("STREAM_TOKEN_TTL_SEC", "600")) # 10 минут по умолчанию
def __init__(
self,
nft_manager: Optional[NFTLicenseManager] = None,
cipher: Optional[ContentCipher] = None,
):
self.nft_manager = nft_manager or NFTLicenseManager()
self.cipher = cipher or ContentCipher()
# Простой in-memory storage токенов. Для продакшена стоит заменить на Redis или БД.
self._tokens: Dict[str, StreamingToken] = {}
logger.debug("ContentAccessManager initialized; token_ttl=%s", self.DEFAULT_TOKEN_TTL_SEC)
def create_streaming_token(self, content_id: str, owner_address: str, ttl_sec: Optional[int] = None) -> StreamingToken:
ttl = ttl_sec or self.DEFAULT_TOKEN_TTL_SEC
token = base64.urlsafe_b64encode(secrets.token_bytes(32)).decode("ascii").rstrip("=")
now = time.time()
st = StreamingToken(
token=token,
content_id=content_id,
owner_address=owner_address,
issued_at=now,
expires_at=now + ttl,
)
self._tokens[token] = st
logger.info("Streaming token issued content_id=%s owner=%s ttl=%s", content_id, owner_address, ttl)
return st
def verify_access(self, token: str, content_id: str) -> Tuple[bool, Optional[str], Optional[StreamingToken]]:
if not token:
return False, "Missing token", None
st = self._tokens.get(token)
if not st:
return False, "Token not found", None
if not st.is_valid():
# Удаляем просроченный
self._tokens.pop(token, None)
return False, "Token expired", None
if st.content_id != content_id:
return False, "Token/content mismatch", None
logger.debug("Streaming token verified for content_id=%s owner=%s", st.content_id, st.owner_address)
return True, None, st
async def grant_access(
self,
ton_proof: Dict[str, Any],
content_id: str,
nft_address: Optional[str] = None,
token_ttl_sec: Optional[int] = None,
) -> Tuple[bool, Optional[str], Optional[Dict[str, Any]]]:
"""
Композитный сценарий: валидируем tonProof, проверяем владение NFT лицензией,
создаем временный токен для стриминга.
Возвращает: (ok, error, payload)
payload: { token, expires_at, owner_address, nft_item }
"""
try:
ok, err, nft_item = await self.nft_manager.check_license_validity(
ton_proof=ton_proof,
content_id=content_id,
nft_address=nft_address,
)
if not ok:
return False, err, None
owner_address = nft_proof_owner(ton_proof)
token = self.create_streaming_token(content_id, owner_address, token_ttl_sec)
payload = {
"token": token.token,
"expires_at": token.expires_at,
"owner_address": token.owner_address,
"nft_item": nft_item,
}
return True, None, payload
except Exception as e:
logger.exception("grant_access failed")
return False, str(e), None
def decrypt_for_stream(
self,
encrypted_obj: Dict[str, Any],
content_key_provider: Callable[[str], bytes],
token: str,
content_id: str,
associated_data: Optional[bytes] = None,
) -> Tuple[bool, Optional[str], Optional[bytes]]:
"""
Расшифровка данных для стрима. Требует валидного стрим-токена.
content_key_provider(content_id) -> bytes (32)
"""
ok, err, st = self.verify_access(token, content_id)
if not ok:
return False, err, None
try:
# В идеале проверяем целостность до расшифровки
# Здесь можем опционально вызвать verify_content_integrity, если есть сигнатуры
# Но основной критерий — валидный токен.
key = content_key_provider(content_id)
pt = self.cipher.decrypt_content(
ciphertext_b64=encrypted_obj["ciphertext_b64"],
nonce_b64=encrypted_obj["nonce_b64"],
tag_b64=encrypted_obj["tag_b64"],
key=key,
associated_data=associated_data,
)
logger.info("Decryption for stream succeeded content_id=%s owner=%s", content_id, st.owner_address)
return True, None, pt
except Exception as e:
logger.exception("decrypt_for_stream failed")
return False, str(e), None
def nft_proof_owner(ton_proof: Dict[str, Any]) -> str:
"""
Извлечь адрес владельца из структуры tonProof запроса клиента.
Совместимо с TonConnect unpack_wallet_info формой.
"""
# Поддержка как плоской формы, так и вложенной ton_proof
if "address" in ton_proof:
return ton_proof["address"]
if "account" in ton_proof and ton_proof["account"] and "address" in ton_proof["account"]:
return ton_proof["account"]["address"]
if "ton_proof" in ton_proof and ton_proof["ton_proof"] and "address" in ton_proof["ton_proof"]:
return ton_proof["ton_proof"]["address"]
# В противном случае бросаем: пусть вызывающий слой отловит
raise ValueError("Cannot extract owner address from ton_proof")

94
app/core/background/conversion_daemon.py Normal file
View File

@ -0,0 +1,94 @@
from __future__ import annotations
import asyncio
import logging
from typing import Optional, Dict
from app.core.converter.conversion_manager import ConversionManager
from app.core.models.converter.conversion_models import ConversionStatus, ConversionResult
logger = logging.getLogger(__name__)
class ConversionDaemon:
"""
Фоновый обработчик очереди конвертации.
Запускает планировщик, мониторит активные задачи и выполняет очистку завершённых.
"""
def __init__(self, manager: Optional[ConversionManager] = None) -> None:
self._manager = manager or ConversionManager()
self._shutdown = asyncio.Event()
self._monitor_interval = 2.0
self._cleanup_interval = 60.0
# локальное состояние для мониторинга
self._last_status: Dict[str, str] = {}
async def process_queue(self) -> None:
"""
Главный цикл планировщика: извлекает задачи из очереди и запускает обработку.
"""
logger.info("ConversionDaemon: starting scheduler loop")
try:
await self._manager.run_scheduler(self._shutdown)
except asyncio.CancelledError:
logger.info("ConversionDaemon: scheduler cancelled")
except Exception as e:
logger.exception("ConversionDaemon: scheduler error: %s", e)
async def monitor_conversions(self) -> None:
"""
Мониторинг статусов задач для логов и метрик.
"""
logger.info("ConversionDaemon: starting monitor loop")
try:
while not self._shutdown.is_set():
# Здесь можно подключить внешний реестр задач, если потребуется
# В текущей реализации ConversionManager хранит результаты локально.
# Логика мониторинга будет простой: статусы будут проверяться по известным task_id,
# которые могли бы сохраняться в каком-либо реестре. Для демо делаем заглушку.
await asyncio.sleep(self._monitor_interval)
except asyncio.CancelledError:
logger.info("ConversionDaemon: monitor cancelled")
except Exception as e:
logger.exception("ConversionDaemon: monitor error: %s", e)
async def cleanup_completed(self) -> None:
"""
Периодическая очистка ресурсов (логи/временные файлы) по завершённым задачам.
"""
logger.info("ConversionDaemon: starting cleanup loop")
try:
while not self._shutdown.is_set():
# В этой версии упрощённо ничего не чистим, т.к. хранение файлов управляется извне.
# Точку расширения оставляем для будущего: удаление временных входных/выходных файлов.
await asyncio.sleep(self._cleanup_interval)
except asyncio.CancelledError:
logger.info("ConversionDaemon: cleanup cancelled")
except Exception as e:
logger.exception("ConversionDaemon: cleanup error: %s", e)
async def run(self) -> None:
"""
Запускает три корутины: планировщик, монитор, очистку.
"""
logger.info("ConversionDaemon: run()")
tasks = [
asyncio.create_task(self.process_queue()),
asyncio.create_task(self.monitor_conversions()),
asyncio.create_task(self.cleanup_completed()),
]
try:
await asyncio.gather(*tasks)
finally:
for t in tasks:
if not t.done():
t.cancel()
def stop(self) -> None:
"""
Инициирует завершение фоновых задач.
"""
logger.info("ConversionDaemon: stop() called")
self._shutdown.set()

845
app/core/background/convert_service.py
View File

@ -1,267 +1,602 @@
"""Media conversion service for processing uploaded files."""
import asyncio
from datetime import datetime
import os
import uuid
import hashlib
import json
import shutil
import magic # python-magic for MIME detection
from base58 import b58decode, b58encode
from sqlalchemy import and_, or_
from app.core.models.node_storage import StoredContent
from app.core.models._telegram import Wrapped_CBotChat
from app.core._utils.send_status import send_status
from app.core.logger import make_log
from app.core.models.user import User
from app.core.models import WalletConnection
from app.core.storage import db_session
from app.core._config import UPLOADS_DIR
from app.core.content.content_id import ContentId
import logging
import os
import tempfile
from datetime import datetime
from pathlib import Path
from typing import Dict, List, Optional, Set, Any, Tuple
import aiofiles
import redis.asyncio as redis
from PIL import Image, ImageOps
from sqlalchemy import select, update
from sqlalchemy.ext.asyncio import AsyncSession
from app.core.config import get_settings
from app.core.database import db_manager
from app.core.models.content_models import Content, FileUpload
from app.core.storage import storage_manager
logger = logging.getLogger(__name__)
async def convert_loop(memory):
with db_session() as session:
# Query for unprocessed encrypted content
unprocessed_encrypted_content = session.query(StoredContent).filter(
and_(
StoredContent.type == "onchain/content",
or_(
StoredContent.btfs_cid == None,
StoredContent.ipfs_cid == None,
)
)
).first()
if not unprocessed_encrypted_content:
make_log("ConvertProcess", "No content to convert", level="debug")
return
class ConvertService:
"""Service for converting and processing uploaded media files."""
# Достаем расшифрованный файл
decrypted_content = session.query(StoredContent).filter(
StoredContent.id == unprocessed_encrypted_content.decrypted_content_id
).first()
if not decrypted_content:
make_log("ConvertProcess", "Decrypted content not found", level="error")
return
# Определяем путь и расширение входного файла
input_file_path = f"/Storage/storedContent/{decrypted_content.hash}"
input_ext = (unprocessed_encrypted_content.filename.split('.')[-1]
if '.' in unprocessed_encrypted_content.filename else "mp4")
# ==== Новая логика: определение MIME-тип через python-magic ====
def __init__(self):
self.settings = get_settings()
self.redis_client: Optional[redis.Redis] = None
self.is_running = False
self.tasks: Set[asyncio.Task] = set()
# Conversion configuration
self.batch_size = 10
self.process_interval = 5 # seconds
self.max_retries = 3
self.temp_dir = Path(tempfile.gettempdir()) / "uploader_convert"
self.temp_dir.mkdir(exist_ok=True)
# Supported formats
self.image_formats = {'.jpg', '.jpeg', '.png', '.gif', '.bmp', '.webp', '.tiff'}
self.video_formats = {'.mp4', '.avi', '.mov', '.wmv', '.flv', '.webm', '.mkv'}
self.audio_formats = {'.mp3', '.wav', '.ogg', '.m4a', '.flac', '.aac'}
self.document_formats = {'.pdf', '.doc', '.docx', '.txt', '.rtf'}
# Image processing settings
self.thumbnail_sizes = [(150, 150), (300, 300), (800, 600)]
self.image_quality = 85
self.max_image_size = (2048, 2048)
async def start(self) -> None:
"""Start the conversion service."""
try:
mime_type = magic.from_file(input_file_path.replace("/Storage/storedContent", "/app/data"), mime=True)
except Exception as e:
make_log("ConvertProcess", f"magic probe failed: {e}", level="warning")
mime_type = ""
if mime_type.startswith("video/"):
content_kind = "video"
elif mime_type.startswith("audio/"):
content_kind = "audio"
else:
content_kind = "other"
make_log("ConvertProcess", f"Detected content_kind={content_kind}, mime={mime_type}", level="info")
# Для прочих типов сохраняем raw копию и выходим
if content_kind == "other":
make_log("ConvertProcess", f"Content {unprocessed_encrypted_content.id} processed. Not audio/video, copy just", level="info")
unprocessed_encrypted_content.btfs_cid = ContentId(
version=2, content_hash=b58decode(decrypted_content.hash)
).serialize_v2()
unprocessed_encrypted_content.ipfs_cid = ContentId(
version=2, content_hash=b58decode(decrypted_content.hash)
).serialize_v2()
unprocessed_encrypted_content.meta = {
**unprocessed_encrypted_content.meta,
'converted_content': {
option_name: decrypted_content.hash for option_name in ['high', 'low', 'low_preview']
}
}
session.commit()
return
# ==== Конвертация для видео или аудио: оригинальная логика ====
# Static preview interval in seconds
preview_interval = [0, 30]
if unprocessed_encrypted_content.onchain_index in [2]:
preview_interval = [0, 60]
make_log(
"ConvertProcess",
f"Processing content {unprocessed_encrypted_content.id} as {content_kind} with preview interval {preview_interval}",
level="info"
)
# Выбираем опции конвертации для видео и аудио
if content_kind == "video":
REQUIRED_CONVERT_OPTIONS = ['high', 'low', 'low_preview']
else:
REQUIRED_CONVERT_OPTIONS = ['high', 'low'] # no preview for audio
converted_content = {}
logs_dir = "/Storage/logs/converter"
for option in REQUIRED_CONVERT_OPTIONS:
# Set quality parameter and trim option (only for preview)
if option == "low_preview":
quality = "low"
trim_value = f"{preview_interval[0]}-{preview_interval[1]}"
else:
quality = option
trim_value = None
# Generate a unique output directory for docker container
output_uuid = str(uuid.uuid4())
output_dir = f"/Storage/storedContent/converter-output/{output_uuid}"
# Build the docker command
cmd = [
"docker", "run", "--rm",
"-v", f"{input_file_path}:/app/input",
"-v", f"{output_dir}:/app/output",
"-v", f"{logs_dir}:/app/logs",
"media_converter",
"--ext", input_ext,
"--quality", quality
logger.info("Starting media conversion service")
# Initialize Redis connection
self.redis_client = redis.from_url(
self.settings.redis_url,
encoding="utf-8",
decode_responses=True,
socket_keepalive=True,
socket_keepalive_options={},
health_check_interval=30,
)
# Test Redis connection
await self.redis_client.ping()
logger.info("Redis connection established for converter")
# Start conversion tasks
self.is_running = True
# Create conversion tasks
tasks = [
asyncio.create_task(self._process_pending_files_loop()),
asyncio.create_task(self._cleanup_temp_files_loop()),
asyncio.create_task(self._retry_failed_conversions_loop()),
]
if trim_value:
cmd.extend(["--trim", trim_value])
if content_kind == "audio":
cmd.append("--audio-only") # audio-only flag
process = await asyncio.create_subprocess_exec(
*cmd,
stdout=asyncio.subprocess.PIPE,
stderr=asyncio.subprocess.PIPE
)
stdout, stderr = await process.communicate()
if process.returncode != 0:
make_log("ConvertProcess", f"Docker conversion failed for option {option}: {stderr.decode()}", level="error")
return
# List files in output dir
self.tasks.update(tasks)
# Wait for all tasks
await asyncio.gather(*tasks, return_exceptions=True)
except Exception as e:
logger.error(f"Error starting conversion service: {e}")
await self.stop()
raise
async def stop(self) -> None:
"""Stop the conversion service."""
logger.info("Stopping media conversion service")
self.is_running = False
# Cancel all tasks
for task in self.tasks:
if not task.done():
task.cancel()
# Wait for tasks to complete
if self.tasks:
await asyncio.gather(*self.tasks, return_exceptions=True)
# Close Redis connection
if self.redis_client:
await self.redis_client.close()
# Cleanup temp directory
await self._cleanup_temp_directory()
logger.info("Conversion service stopped")
async def _process_pending_files_loop(self) -> None:
"""Main loop for processing pending file conversions."""
logger.info("Starting file conversion loop")
while self.is_running:
try:
files = os.listdir(output_dir.replace("/Storage/storedContent", "/app/data"))
await self._process_pending_files()
await asyncio.sleep(self.process_interval)
except asyncio.CancelledError:
break
except Exception as e:
make_log("ConvertProcess", f"Error reading output directory {output_dir}: {e}", level="error")
return
media_files = [f for f in files if f != "output.json"]
if len(media_files) != 1:
make_log("ConvertProcess", f"Expected one media file, found {len(media_files)} for option {option}", level="error")
return
output_file = os.path.join(
output_dir.replace("/Storage/storedContent", "/app/data"),
media_files[0]
)
# Compute SHA256 hash of the output file
hash_process = await asyncio.create_subprocess_exec(
"sha256sum", output_file,
stdout=asyncio.subprocess.PIPE,
stderr=asyncio.subprocess.PIPE
)
hash_stdout, hash_stderr = await hash_process.communicate()
if hash_process.returncode != 0:
make_log("ConvertProcess", f"Error computing sha256sum for option {option}: {hash_stderr.decode()}", level="error")
return
file_hash = hash_stdout.decode().split()[0]
file_hash = b58encode(bytes.fromhex(file_hash)).decode()
# Save new StoredContent if not exists
if not session.query(StoredContent).filter(
StoredContent.hash == file_hash
).first():
new_content = StoredContent(
type="local/content_bin",
hash=file_hash,
user_id=unprocessed_encrypted_content.user_id,
filename=media_files[0],
meta={'encrypted_file_hash': unprocessed_encrypted_content.hash},
created=datetime.now(),
logger.error(f"Error in file conversion loop: {e}")
await asyncio.sleep(self.process_interval)
async def _process_pending_files(self) -> None:
"""Process pending file conversions."""
async with db_manager.get_session() as session:
try:
# Get pending uploads
result = await session.execute(
select(FileUpload)
.where(
FileUpload.status == "uploaded",
FileUpload.processed == False
)
.limit(self.batch_size)
)
session.add(new_content)
session.commit()
save_path = os.path.join(UPLOADS_DIR, file_hash)
try:
os.remove(save_path)
except FileNotFoundError:
pass
try:
shutil.move(output_file, save_path)
uploads = result.scalars().all()
if not uploads:
return
logger.info(f"Processing {len(uploads)} pending files")
# Process each upload
for upload in uploads:
await self._process_single_file(session, upload)
await session.commit()
except Exception as e:
make_log("ConvertProcess", f"Error moving output file {output_file} to {save_path}: {e}", level="error")
return
converted_content[option] = file_hash
# Process output.json for ffprobe_meta
output_json_path = os.path.join(
output_dir.replace("/Storage/storedContent", "/app/data"),
"output.json"
)
if os.path.exists(output_json_path) and unprocessed_encrypted_content.meta.get('ffprobe_meta') is None:
try:
with open(output_json_path, "r") as f:
ffprobe_meta = json.load(f)
unprocessed_encrypted_content.meta = {
**unprocessed_encrypted_content.meta,
'ffprobe_meta': ffprobe_meta
}
except Exception as e:
make_log("ConvertProcess", f"Error handling output.json for option {option}: {e}", level="error")
# Cleanup output directory
try:
shutil.rmtree(output_dir.replace("/Storage/storedContent", "/app/data"))
except Exception as e:
make_log("ConvertProcess", f"Error removing output dir {output_dir}: {e}", level="warning")
# Finalize original record
make_log("ConvertProcess", f"Content {unprocessed_encrypted_content.id} processed. Converted content: {converted_content}", level="info")
unprocessed_encrypted_content.btfs_cid = ContentId(
version=2, content_hash=b58decode(converted_content['high' if content_kind=='video' else 'low'])
).serialize_v2()
unprocessed_encrypted_content.ipfs_cid = ContentId(
version=2, content_hash=b58decode(converted_content['low'])
).serialize_v2()
unprocessed_encrypted_content.meta = {
**unprocessed_encrypted_content.meta,
'converted_content': converted_content
}
session.commit()
# Notify user if needed
if not unprocessed_encrypted_content.meta.get('upload_notify_msg_id'):
wallet_owner_connection = session.query(WalletConnection).filter(
WalletConnection.wallet_address == unprocessed_encrypted_content.owner_address
).order_by(WalletConnection.id.desc()).first()
if wallet_owner_connection:
wallet_owner_user = wallet_owner_connection.user
bot = Wrapped_CBotChat(
memory._client_telegram_bot,
chat_id=wallet_owner_user.telegram_id,
user=wallet_owner_user,
db_session=session
)
unprocessed_encrypted_content.meta['upload_notify_msg_id'] = await bot.send_content(session, unprocessed_encrypted_content)
session.commit()
async def main_fn(memory):
make_log("ConvertProcess", "Service started", level="info")
seqno = 0
while True:
logger.error(f"Error processing pending files: {e}")
await session.rollback()
async def _process_single_file(self, session: AsyncSession, upload: FileUpload) -> None:
"""Process a single file upload."""
try:
make_log("ConvertProcess", "Service running", level="debug")
await convert_loop(memory)
await asyncio.sleep(5)
await send_status("convert_service", f"working (seqno={seqno})")
seqno += 1
except BaseException as e:
make_log("ConvertProcess", f"Error: {e}", level="error")
await asyncio.sleep(3)
logger.info(f"Processing file: {upload.filename}")
# Mark as processing
upload.status = "processing"
upload.processing_started_at = datetime.utcnow()
await session.commit()
# Get file extension
file_ext = Path(upload.filename).suffix.lower()
# Process based on file type
if file_ext in self.image_formats:
await self._process_image(session, upload)
elif file_ext in self.video_formats:
await self._process_video(session, upload)
elif file_ext in self.audio_formats:
await self._process_audio(session, upload)
elif file_ext in self.document_formats:
await self._process_document(session, upload)
else:
# Just mark as processed for unsupported formats
upload.status = "completed"
upload.processed = True
upload.processing_completed_at = datetime.utcnow()
# Cache processing result
cache_key = f"processed:{upload.id}"
processing_info = {
"status": upload.status,
"processed_at": datetime.utcnow().isoformat(),
"metadata": upload.metadata or {}
}
await self.redis_client.setex(cache_key, 3600, json.dumps(processing_info))
except Exception as e:
logger.error(f"Error processing file {upload.filename}: {e}")
# Mark as failed
upload.status = "failed"
upload.error_message = str(e)
upload.retry_count = (upload.retry_count or 0) + 1
if upload.retry_count >= self.max_retries:
upload.processed = True # Stop retrying
async def _process_image(self, session: AsyncSession, upload: FileUpload) -> None:
"""Process an image file."""
try:
# Download original file
original_path = await self._download_file(upload)
if not original_path:
raise Exception("Failed to download original file")
# Open image
with Image.open(original_path) as img:
# Extract metadata
metadata = {
"format": img.format,
"mode": img.mode,
"size": img.size,
"has_transparency": img.mode in ('RGBA', 'LA') or 'transparency' in img.info
}
# Fix orientation
img = ImageOps.exif_transpose(img)
# Resize if too large
if img.size[0] > self.max_image_size[0] or img.size[1] > self.max_image_size[1]:
img.thumbnail(self.max_image_size, Image.Resampling.LANCZOS)
metadata["resized"] = True
# Save optimized version
optimized_path = self.temp_dir / f"optimized_{upload.id}.jpg"
# Convert to RGB if necessary
if img.mode in ('RGBA', 'LA'):
background = Image.new('RGB', img.size, (255, 255, 255))
if img.mode == 'LA':
img = img.convert('RGBA')
background.paste(img, mask=img.split()[-1])
img = background
elif img.mode != 'RGB':
img = img.convert('RGB')
img.save(
optimized_path,
'JPEG',
quality=self.image_quality,
optimize=True
)
# Upload optimized version
optimized_url = await storage_manager.upload_file(
str(optimized_path),
f"optimized/{upload.id}/image.jpg"
)
# Generate thumbnails
thumbnails = {}
for size in self.thumbnail_sizes:
thumbnail_path = await self._create_thumbnail(original_path, size)
if thumbnail_path:
thumb_url = await storage_manager.upload_file(
str(thumbnail_path),
f"thumbnails/{upload.id}/{size[0]}x{size[1]}.jpg"
)
thumbnails[f"{size[0]}x{size[1]}"] = thumb_url
thumbnail_path.unlink() # Cleanup
# Update upload record
upload.metadata = {
**metadata,
"thumbnails": thumbnails,
"optimized_url": optimized_url
}
upload.status = "completed"
upload.processed = True
upload.processing_completed_at = datetime.utcnow()
# Cleanup temp files
original_path.unlink()
optimized_path.unlink()
except Exception as e:
logger.error(f"Error processing image {upload.filename}: {e}")
raise
async def _process_video(self, session: AsyncSession, upload: FileUpload) -> None:
"""Process a video file."""
try:
# For video processing, we would typically use ffmpeg
# This is a simplified version that just extracts basic info
original_path = await self._download_file(upload)
if not original_path:
raise Exception("Failed to download original file")
# Basic video metadata (would use ffprobe in real implementation)
metadata = {
"type": "video",
"file_size": original_path.stat().st_size,
"processing_note": "Video processing requires ffmpeg implementation"
}
# Generate video thumbnail (simplified)
thumbnail_path = await self._create_video_thumbnail(original_path)
if thumbnail_path:
thumb_url = await storage_manager.upload_file(
str(thumbnail_path),
f"thumbnails/{upload.id}/video_thumb.jpg"
)
metadata["thumbnail"] = thumb_url
thumbnail_path.unlink()
# Update upload record
upload.metadata = metadata
upload.status = "completed"
upload.processed = True
upload.processing_completed_at = datetime.utcnow()
# Cleanup
original_path.unlink()
except Exception as e:
logger.error(f"Error processing video {upload.filename}: {e}")
raise
async def _process_audio(self, session: AsyncSession, upload: FileUpload) -> None:
"""Process an audio file."""
try:
original_path = await self._download_file(upload)
if not original_path:
raise Exception("Failed to download original file")
# Basic audio metadata
metadata = {
"type": "audio",
"file_size": original_path.stat().st_size,
"processing_note": "Audio processing requires additional libraries"
}
# Update upload record
upload.metadata = metadata
upload.status = "completed"
upload.processed = True
upload.processing_completed_at = datetime.utcnow()
# Cleanup
original_path.unlink()
except Exception as e:
logger.error(f"Error processing audio {upload.filename}: {e}")
raise
async def _process_document(self, session: AsyncSession, upload: FileUpload) -> None:
"""Process a document file."""
try:
original_path = await self._download_file(upload)
if not original_path:
raise Exception("Failed to download original file")
# Basic document metadata
metadata = {
"type": "document",
"file_size": original_path.stat().st_size,
"pages": 1, # Would extract actual page count for PDFs
"processing_note": "Document processing requires additional libraries"
}
# Update upload record
upload.metadata = metadata
upload.status = "completed"
upload.processed = True
upload.processing_completed_at = datetime.utcnow()
# Cleanup
original_path.unlink()
except Exception as e:
logger.error(f"Error processing document {upload.filename}: {e}")
raise
async def _download_file(self, upload: FileUpload) -> Optional[Path]:
"""Download a file for processing."""
try:
if not upload.file_path:
return None
# Create temp file path
temp_path = self.temp_dir / f"original_{upload.id}_{upload.filename}"
# Download file from storage
file_data = await storage_manager.get_file(upload.file_path)
if not file_data:
return None
# Write to temp file
async with aiofiles.open(temp_path, 'wb') as f:
await f.write(file_data)
return temp_path
except Exception as e:
logger.error(f"Error downloading file {upload.filename}: {e}")
return None
async def _create_thumbnail(self, image_path: Path, size: Tuple[int, int]) -> Optional[Path]:
"""Create a thumbnail from an image."""
try:
thumbnail_path = self.temp_dir / f"thumb_{size[0]}x{size[1]}_{image_path.name}"
with Image.open(image_path) as img:
# Fix orientation
img = ImageOps.exif_transpose(img)
# Create thumbnail
img.thumbnail(size, Image.Resampling.LANCZOS)
# Convert to RGB if necessary
if img.mode in ('RGBA', 'LA'):
background = Image.new('RGB', img.size, (255, 255, 255))
if img.mode == 'LA':
img = img.convert('RGBA')
background.paste(img, mask=img.split()[-1])
img = background
elif img.mode != 'RGB':
img = img.convert('RGB')
# Save thumbnail
img.save(
thumbnail_path,
'JPEG',
quality=self.image_quality,
optimize=True
)
return thumbnail_path
except Exception as e:
logger.error(f"Error creating thumbnail: {e}")
return None
async def _create_video_thumbnail(self, video_path: Path) -> Optional[Path]:
"""Create a thumbnail from a video file."""
try:
# This would require ffmpeg to extract a frame from the video
# For now, return a placeholder
return None
except Exception as e:
logger.error(f"Error creating video thumbnail: {e}")
return None
async def _cleanup_temp_files_loop(self) -> None:
"""Loop for cleaning up temporary files."""
logger.info("Starting temp file cleanup loop")
while self.is_running:
try:
await self._cleanup_old_temp_files()
await asyncio.sleep(3600) # Run every hour
except asyncio.CancelledError:
break
except Exception as e:
logger.error(f"Error in temp cleanup loop: {e}")
await asyncio.sleep(3600)
async def _cleanup_old_temp_files(self) -> None:
"""Clean up old temporary files."""
try:
current_time = datetime.now().timestamp()
for file_path in self.temp_dir.glob("*"):
if file_path.is_file():
# Remove files older than 1 hour
if current_time - file_path.stat().st_mtime > 3600:
file_path.unlink()
logger.debug(f"Removed old temp file: {file_path}")
except Exception as e:
logger.error(f"Error cleaning up temp files: {e}")
async def _cleanup_temp_directory(self) -> None:
"""Clean up the entire temp directory."""
try:
for file_path in self.temp_dir.glob("*"):
if file_path.is_file():
file_path.unlink()
except Exception as e:
logger.error(f"Error cleaning up temp directory: {e}")
async def _retry_failed_conversions_loop(self) -> None:
"""Loop for retrying failed conversions."""
logger.info("Starting retry loop for failed conversions")
while self.is_running:
try:
await self._retry_failed_conversions()
await asyncio.sleep(1800) # Run every 30 minutes
except asyncio.CancelledError:
break
except Exception as e:
logger.error(f"Error in retry loop: {e}")
await asyncio.sleep(1800)
async def _retry_failed_conversions(self) -> None:
"""Retry failed conversions that haven't exceeded max retries."""
async with db_manager.get_session() as session:
try:
# Get failed uploads that can be retried
result = await session.execute(
select(FileUpload)
.where(
FileUpload.status == "failed",
FileUpload.processed == False,
(FileUpload.retry_count < self.max_retries) | (FileUpload.retry_count.is_(None))
)
.limit(5) # Smaller batch for retries
)
uploads = result.scalars().all()
for upload in uploads:
logger.info(f"Retrying failed conversion for: {upload.filename}")
# Reset status
upload.status = "uploaded"
upload.error_message = None
# Process the file
await self._process_single_file(session, upload)
await session.commit()
except Exception as e:
logger.error(f"Error retrying failed conversions: {e}")
await session.rollback()
async def queue_file_for_processing(self, upload_id: str) -> bool:
"""Queue a file for processing."""
try:
# Add to processing queue
queue_key = "conversion_queue"
await self.redis_client.lpush(queue_key, upload_id)
logger.info(f"Queued file {upload_id} for processing")
return True
except Exception as e:
logger.error(f"Error queuing file for processing: {e}")
return False
async def get_processing_stats(self) -> Dict[str, Any]:
"""Get processing statistics."""
try:
async with db_manager.get_session() as session:
# Get upload stats by status
status_result = await session.execute(
select(FileUpload.status, asyncio.func.count())
.group_by(FileUpload.status)
)
status_stats = dict(status_result.fetchall())
# Get processing stats
processed_result = await session.execute(
select(asyncio.func.count())
.select_from(FileUpload)
.where(FileUpload.processed == True)
)
processed_count = processed_result.scalar()
# Get failed stats
failed_result = await session.execute(
select(asyncio.func.count())
.select_from(FileUpload)
.where(FileUpload.status == "failed")
)
failed_count = failed_result.scalar()
return {
"status_stats": status_stats,
"processed_count": processed_count,
"failed_count": failed_count,
"is_running": self.is_running,
"active_tasks": len([t for t in self.tasks if not t.done()]),
"temp_files": len(list(self.temp_dir.glob("*"))),
"last_update": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"Error getting processing stats: {e}")
return {"error": str(e)}
# Global converter instance
convert_service = ConvertService()

793
app/core/background/indexer_service.py
View File

@ -1,313 +1,500 @@
"""Blockchain indexer service for monitoring transactions and events."""
import asyncio
from base64 import b64decode
from datetime import datetime
import json
import logging
from datetime import datetime, timedelta
from typing import Dict, List, Optional, Set, Any
from base58 import b58encode
from sqlalchemy import String, and_, desc, cast
from tonsdk.boc import Cell
from tonsdk.utils import Address
from app.core._config import CLIENT_TELEGRAM_BOT_USERNAME
from app.core._blockchain.ton.platform import platform
from app.core._blockchain.ton.toncenter import toncenter
from app.core._utils.send_status import send_status
from app.core.logger import make_log
from app.core.models import UserContent, KnownTelegramMessage, ServiceConfig
from app.core.models.node_storage import StoredContent
from app.core._utils.resolve_content import resolve_content
from app.core.models.wallet_connection import WalletConnection
from app.core._keyboards import get_inline_keyboard
from app.core.models._telegram import Wrapped_CBotChat
from app.core.storage import db_session
import os
import traceback
import redis.asyncio as redis
from sqlalchemy import select, update
from sqlalchemy.ext.asyncio import AsyncSession
from app.core.config import get_settings
from app.core.database import db_manager
from app.core.models.blockchain import Transaction, Wallet, BlockchainNFT, BlockchainTokenBalance
from app.core.background.ton_service import TONService
logger = logging.getLogger(__name__)
async def indexer_loop(memory, platform_found: bool, seqno: int) -> [bool, int]:
if not platform_found:
platform_state = await toncenter.get_account(platform.address.to_string(1, 1, 1))
if not platform_state.get('code'):
make_log("TON", "Platform contract is not deployed, skipping loop", level="info")
await send_status("indexer", "not working: platform is not deployed")
return False, seqno
else:
platform_found = True
class IndexerService:
"""Service for indexing blockchain transactions and events."""
make_log("Indexer", "Service running", level="debug")
with db_session() as session:
def __init__(self):
self.settings = get_settings()
self.ton_service = TONService()
self.redis_client: Optional[redis.Redis] = None
self.is_running = False
self.tasks: Set[asyncio.Task] = set()
# Indexing configuration
self.batch_size = 100
self.index_interval = 30 # seconds
self.confirmation_blocks = 12
self.max_retries = 3
async def start(self) -> None:
"""Start the indexer service."""
try:
result = await toncenter.run_get_method('EQD8TJ8xEWB1SpnRE4d89YO3jl0W0EiBnNS4IBaHaUmdfizE', 'get_pool_data')
assert result['exit_code'] == 0, f"Error in get-method: {result}"
assert result['stack'][0][0] == 'num', f"get first element is not num"
assert result['stack'][1][0] == 'num', f"get second element is not num"
usdt_per_ton = (int(result['stack'][0][1], 16) * 1e3) / int(result['stack'][1][1], 16)
ton_per_star = 0.014 / usdt_per_ton
ServiceConfig(session).set('live_tonPerStar', [ton_per_star, datetime.utcnow().timestamp()])
make_log("TON_Daemon", f"TON per STAR price: {ton_per_star}", level="DEBUG")
except BaseException as e:
make_log("TON_Daemon", f"Error while saving TON per STAR price: {e}" + '\n' + traceback.format_exc(), level="ERROR")
new_licenses = session.query(UserContent).filter(
and_(
~UserContent.meta.contains({'notification_sent': True}),
UserContent.type == 'nft/listen'
logger.info("Starting blockchain indexer service")
# Initialize Redis connection
self.redis_client = redis.from_url(
self.settings.redis_url,
encoding="utf-8",
decode_responses=True,
socket_keepalive=True,
socket_keepalive_options={},
health_check_interval=30,
)
).all()
for new_license in new_licenses:
licensed_content = session.query(StoredContent).filter(
StoredContent.id == new_license.content_id
).first()
if not licensed_content:
make_log("Indexer", f"Licensed content not found: {new_license.content_id}", level="error")
content_metadata = licensed_content.metadata_json(session)
assert content_metadata, "No content metadata found"
if not (licensed_content.owner_address == new_license.owner_address):
try:
user = new_license.user
if user.telegram_id and licensed_content:
await (Wrapped_CBotChat(memory._client_telegram_bot, chat_id=user.telegram_id, user=user, db_session=session)).send_content(
session, licensed_content
)
wallet_owner_connection = session.query(WalletConnection).filter_by(
wallet_address=licensed_content.owner_address,
invalidated=False
).order_by(desc(WalletConnection.id)).first()
wallet_owner_user = wallet_owner_connection.user
if wallet_owner_user.telegram_id:
wallet_owner_bot = Wrapped_CBotChat(memory._telegram_bot, chat_id=wallet_owner_user.telegram_id, user=wallet_owner_user, db_session=session)
await wallet_owner_bot.send_message(
user.translated('p_licenseWasBought').format(
username=user.front_format(),
nft_address=f'"https://tonviewer.com/{new_license.onchain_address}"',
content_title=content_metadata.get('name', 'Unknown'),
),
message_type='notification',
)
except BaseException as e:
make_log("IndexerSendNewLicense", f"Error: {e}" + '\n' + traceback.format_exc(), level="error")
new_license.meta = {**new_license.meta, 'notification_sent': True}
session.commit()
content_without_cid = session.query(StoredContent).filter(
StoredContent.content_id == None
)
for target_content in content_without_cid:
target_cid = target_content.cid.serialize_v2()
make_log("Indexer", f"Content without CID: {target_content.hash}, setting CID: {target_cid}", level="debug")
target_content.content_id = target_cid
session.commit()
last_known_index_ = session.query(StoredContent).filter(
StoredContent.onchain_index != None
).order_by(StoredContent.onchain_index.desc()).first()
last_known_index = last_known_index_.onchain_index if last_known_index_ else 0
last_known_index = max(last_known_index, 0)
make_log("Indexer", f"Last known index: {last_known_index}", level="debug")
if last_known_index_:
next_item_index = last_known_index + 1
else:
next_item_index = 0
resolve_item_result = await toncenter.run_get_method(platform.address.to_string(1, 1, 1), 'get_nft_address_by_index', [['num', next_item_index]])
make_log("Indexer", f"Resolve item result: {resolve_item_result}", level="debug")
if resolve_item_result.get('exit_code', -1) != 0:
make_log("Indexer", f"Resolve item error: {resolve_item_result}", level="error")
return platform_found, seqno
item_address_cell_b64 = resolve_item_result['stack'][0][1]["bytes"]
item_address_slice = Cell.one_from_boc(b64decode(item_address_cell_b64)).begin_parse()
item_address = item_address_slice.read_msg_addr()
make_log("Indexer", f"Item address: {item_address.to_string(1, 1, 1)}", level="debug")
item_get_data_result = await toncenter.run_get_method(item_address.to_string(1, 1, 1), 'indexator_data')
if item_get_data_result.get('exit_code', -1) != 0:
make_log("Indexer", f"Get item data error (maybe not deployed): {item_get_data_result}", level="debug")
return platform_found, seqno
assert item_get_data_result['stack'][0][0] == 'num', "Item type is not a number"
assert int(item_get_data_result['stack'][0][1], 16) == 1, "Item is not COP NFT"
item_returned_address = Cell.one_from_boc(b64decode(item_get_data_result['stack'][1][1]['bytes'])).begin_parse().read_msg_addr()
assert (
item_returned_address.to_string(1, 1, 1) == item_address.to_string(1, 1, 1)
), "Item address mismatch"
assert item_get_data_result['stack'][2][0] == 'num', "Item index is not a number"
item_index = int(item_get_data_result['stack'][2][1], 16)
assert item_index == next_item_index, "Item index mismatch"
item_platform_address = Cell.one_from_boc(b64decode(item_get_data_result['stack'][3][1]['bytes'])).begin_parse().read_msg_addr()
assert item_platform_address.to_string(1, 1, 1) == Address(platform.address.to_string(1, 1, 1)).to_string(1, 1, 1), "Item platform address mismatch"
assert item_get_data_result['stack'][4][0] == 'num', "Item license type is not a number"
item_license_type = int(item_get_data_result['stack'][4][1], 16)
assert item_license_type == 0, "Item license type is not 0"
item_owner_address = Cell.one_from_boc(b64decode(item_get_data_result['stack'][5][1]["bytes"])).begin_parse().read_msg_addr()
item_values = Cell.one_from_boc(b64decode(item_get_data_result['stack'][6][1]['bytes']))
item_derivates = Cell.one_from_boc(b64decode(item_get_data_result['stack'][7][1]['bytes']))
item_platform_variables = Cell.one_from_boc(b64decode(item_get_data_result['stack'][8][1]['bytes']))
item_distribution = Cell.one_from_boc(b64decode(item_get_data_result['stack'][9][1]['bytes']))
item_distribution_slice = item_distribution.begin_parse()
item_prices_slice = item_distribution_slice.refs[0].begin_parse()
item_listen_license_price = item_prices_slice.read_coins()
item_use_license_price = item_prices_slice.read_coins()
item_resale_license_price = item_prices_slice.read_coins()
item_values_slice = item_values.begin_parse()
item_content_hash_int = item_values_slice.read_uint(256)
item_content_hash = item_content_hash_int.to_bytes(32, 'big')
# item_content_hash_str = b58encode(item_content_hash).decode()
item_metadata = item_values_slice.refs[0]
item_content = item_values_slice.refs[1]
item_metadata_str = item_metadata.bits.array.decode()
item_content_cid_str = item_content.refs[0].bits.array.decode()
item_content_cover_cid_str = item_content.refs[1].bits.array.decode()
item_content_metadata_cid_str = item_content.refs[2].bits.array.decode()
item_content_cid, err = resolve_content(item_content_cid_str)
item_content_hash = item_content_cid.content_hash
item_content_hash_str = item_content_cid.content_hash_b58
item_metadata_packed = {
'license_type': item_license_type,
'item_address': item_address.to_string(1, 1, 1),
'content_cid': item_content_cid_str,
'cover_cid': item_content_cover_cid_str,
'metadata_cid': item_content_metadata_cid_str,
'derivates': b58encode(item_derivates.to_boc(False)).decode(),
'platform_variables': b58encode(item_platform_variables.to_boc(False)).decode(),
'license': {
'listen': {
'price': str(item_listen_license_price)
},
'use': {
'price': str(item_use_license_price)
},
'resale': {
'price': str(item_resale_license_price)
}
}
}
user_wallet_connection = None
if item_owner_address:
user_wallet_connection = session.query(WalletConnection).filter(
WalletConnection.wallet_address == item_owner_address.to_string(1, 1, 1)
).first()
encrypted_stored_content = session.query(StoredContent).filter(
StoredContent.hash == item_content_hash_str,
# StoredContent.type.like("local%")
).first()
if encrypted_stored_content:
is_duplicate = encrypted_stored_content.type.startswith("onchain") \
and encrypted_stored_content.onchain_index != item_index
if not is_duplicate:
if encrypted_stored_content.type.startswith('local'):
encrypted_stored_content.type = "onchain/content" + ("_unknown" if (encrypted_stored_content.key_id is None) else "")
encrypted_stored_content.onchain_index = item_index
encrypted_stored_content.owner_address = item_owner_address.to_string(1, 1, 1)
user = None
if user_wallet_connection:
encrypted_stored_content.user_id = user_wallet_connection.user_id
user = user_wallet_connection.user
if user:
user_uploader_wrapper = Wrapped_CBotChat(memory._telegram_bot, chat_id=user.telegram_id, user=user, db_session=session)
await user_uploader_wrapper.send_message(
user.translated('p_contentWasIndexed').format(
item_address=item_address.to_string(1, 1, 1),
item_index=item_index,
),
message_type='notification',
reply_markup=get_inline_keyboard([
[{
'text': user.translated('viewTrackAsClient_button'),
'url': f"https://t.me/{CLIENT_TELEGRAM_BOT_USERNAME}?start=C{encrypted_stored_content.cid.serialize_v2()}"
}],
])
)
try:
for hint_message in session.query(KnownTelegramMessage).filter(
and_(
KnownTelegramMessage.chat_id == user.telegram_id,
KnownTelegramMessage.type == 'hint',
cast(KnownTelegramMessage.meta['encrypted_content_hash'], String) == encrypted_stored_content.hash,
KnownTelegramMessage.deleted == False
)
).all():
await user_uploader_wrapper.delete_message(hint_message.message_id)
except BaseException as e:
make_log("Indexer", f"Error while deleting hint messages: {e}" + '\n' + traceback.format_exc(), level="error")
elif encrypted_stored_content.type.startswith('onchain') and encrypted_stored_content.onchain_index == item_index:
encrypted_stored_content.type = "onchain/content" + ("_unknown" if (encrypted_stored_content.key_id is None) else "")
encrypted_stored_content.owner_address = item_owner_address.to_string(1, 1, 1)
if user_wallet_connection:
encrypted_stored_content.user_id = user_wallet_connection.user_id
else:
make_log("Indexer", f"[CRITICAL] Item already indexed and ERRORED!: {item_content_hash_str}", level="error")
return platform_found, seqno
encrypted_stored_content.updated = datetime.now()
encrypted_stored_content.meta = {
**encrypted_stored_content.meta,
**item_metadata_packed
}
session.commit()
return platform_found, seqno
else:
item_metadata_packed['copied_from'] = encrypted_stored_content.id
item_metadata_packed['copied_from_cid'] = encrypted_stored_content.cid.serialize_v2()
item_content_hash_str = f"{b58encode(bytes(16) + os.urandom(30)).decode()}" # check this for vulnerability
onchain_stored_content = StoredContent(
type="onchain/content_unknown",
hash=item_content_hash_str,
onchain_index=item_index,
owner_address=item_owner_address.to_string(1, 1, 1) if item_owner_address else None,
meta=item_metadata_packed,
filename="UNKNOWN_ENCRYPTED_CONTENT",
user_id=user_wallet_connection.user_id if user_wallet_connection else None,
created=datetime.now(),
encrypted=True,
decrypted_content_id=None,
key_id=None,
updated=datetime.now()
)
session.add(onchain_stored_content)
session.commit()
make_log("Indexer", f"Item indexed: {item_content_hash_str}", level="info")
last_known_index += 1
return platform_found, seqno
async def main_fn(memory, ):
make_log("Indexer", "Service started", level="info")
platform_found = False
seqno = 0
while True:
# Test Redis connection
await self.redis_client.ping()
logger.info("Redis connection established for indexer")
# Start indexing tasks
self.is_running = True
# Create indexing tasks
tasks = [
asyncio.create_task(self._index_transactions_loop()),
asyncio.create_task(self._index_wallets_loop()),
asyncio.create_task(self._index_nfts_loop()),
asyncio.create_task(self._index_token_balances_loop()),
asyncio.create_task(self._cleanup_cache_loop()),
]
self.tasks.update(tasks)
# Wait for all tasks
await asyncio.gather(*tasks, return_exceptions=True)
except Exception as e:
logger.error(f"Error starting indexer service: {e}")
await self.stop()
raise
async def stop(self) -> None:
"""Stop the indexer service."""
logger.info("Stopping blockchain indexer service")
self.is_running = False
# Cancel all tasks
for task in self.tasks:
if not task.done():
task.cancel()
# Wait for tasks to complete
if self.tasks:
await asyncio.gather(*self.tasks, return_exceptions=True)
# Close Redis connection
if self.redis_client:
await self.redis_client.close()
logger.info("Indexer service stopped")
async def _index_transactions_loop(self) -> None:
"""Main loop for indexing transactions."""
logger.info("Starting transaction indexing loop")
while self.is_running:
try:
await self._index_pending_transactions()
await self._update_transaction_confirmations()
await asyncio.sleep(self.index_interval)
except asyncio.CancelledError:
break
except Exception as e:
logger.error(f"Error in transaction indexing loop: {e}")
await asyncio.sleep(self.index_interval)
async def _index_wallets_loop(self) -> None:
"""Loop for updating wallet information."""
logger.info("Starting wallet indexing loop")
while self.is_running:
try:
await self._update_wallet_balances()
await asyncio.sleep(self.index_interval * 2) # Less frequent
except asyncio.CancelledError:
break
except Exception as e:
logger.error(f"Error in wallet indexing loop: {e}")
await asyncio.sleep(self.index_interval * 2)
async def _index_nfts_loop(self) -> None:
"""Loop for indexing NFT collections and transfers."""
logger.info("Starting NFT indexing loop")
while self.is_running:
try:
await self._index_nft_collections()
await self._index_nft_transfers()
await asyncio.sleep(self.index_interval * 4) # Even less frequent
except asyncio.CancelledError:
break
except Exception as e:
logger.error(f"Error in NFT indexing loop: {e}")
await asyncio.sleep(self.index_interval * 4)
async def _index_token_balances_loop(self) -> None:
"""Loop for updating token balances."""
logger.info("Starting token balance indexing loop")
while self.is_running:
try:
await self._update_token_balances()
await asyncio.sleep(self.index_interval * 3)
except asyncio.CancelledError:
break
except Exception as e:
logger.error(f"Error in token balance indexing loop: {e}")
await asyncio.sleep(self.index_interval * 3)
async def _cleanup_cache_loop(self) -> None:
"""Loop for cleaning up old cache entries."""
logger.info("Starting cache cleanup loop")
while self.is_running:
try:
await self._cleanup_old_cache_entries()
await asyncio.sleep(3600) # Run every hour
except asyncio.CancelledError:
break
except Exception as e:
logger.error(f"Error in cache cleanup loop: {e}")
await asyncio.sleep(3600)
async def _index_pending_transactions(self) -> None:
"""Index pending transactions from the database."""
async with db_manager.get_session() as session:
try:
# Get pending transactions
result = await session.execute(
select(Transaction)
.where(Transaction.status == "pending")
.limit(self.batch_size)
)
transactions = result.scalars().all()
if not transactions:
return
logger.info(f"Indexing {len(transactions)} pending transactions")
# Process each transaction
for transaction in transactions:
await self._process_transaction(session, transaction)
await session.commit()
except Exception as e:
logger.error(f"Error indexing pending transactions: {e}")
await session.rollback()
async def _process_transaction(self, session: AsyncSession, transaction: Transaction) -> None:
"""Process a single transaction."""
try:
platform_found, seqno = await indexer_loop(memory, platform_found, seqno)
except BaseException as e:
make_log("Indexer", f"Error: {e}" + '\n' + traceback.format_exc(), level="error")
if platform_found:
await send_status("indexer", f"working (seqno={seqno})")
await asyncio.sleep(5)
seqno += 1
# Check transaction status on blockchain
if transaction.tx_hash:
tx_info = await self.ton_service.get_transaction_info(transaction.tx_hash)
if tx_info:
# Update transaction with blockchain data
transaction.status = tx_info.get("status", "pending")
transaction.block_number = tx_info.get("block_number")
transaction.gas_used = tx_info.get("gas_used")
transaction.gas_price = tx_info.get("gas_price")
transaction.confirmations = tx_info.get("confirmations", 0)
transaction.updated_at = datetime.utcnow()
# Cache transaction info
cache_key = f"tx:{transaction.tx_hash}"
await self.redis_client.setex(
cache_key,
3600, # 1 hour
json.dumps(tx_info)
)
logger.debug(f"Updated transaction {transaction.tx_hash}")
except Exception as e:
logger.error(f"Error processing transaction {transaction.id}: {e}")
async def _update_transaction_confirmations(self) -> None:
"""Update confirmation counts for recent transactions."""
async with db_manager.get_session() as session:
try:
# Get recent confirmed transactions
cutoff_time = datetime.utcnow() - timedelta(hours=24)
result = await session.execute(
select(Transaction)
.where(
Transaction.status == "confirmed",
Transaction.confirmations < self.confirmation_blocks,
Transaction.updated_at > cutoff_time
)
.limit(self.batch_size)
)
transactions = result.scalars().all()
for transaction in transactions:
if transaction.tx_hash:
try:
confirmations = await self.ton_service.get_transaction_confirmations(
transaction.tx_hash
)
if confirmations != transaction.confirmations:
transaction.confirmations = confirmations
transaction.updated_at = datetime.utcnow()
except Exception as e:
logger.error(f"Error updating confirmations for {transaction.tx_hash}: {e}")
await session.commit()
except Exception as e:
logger.error(f"Error updating transaction confirmations: {e}")
await session.rollback()
async def _update_wallet_balances(self) -> None:
"""Update wallet balances from the blockchain."""
async with db_manager.get_session() as session:
try:
# Get active wallets
result = await session.execute(
select(Wallet)
.where(Wallet.is_active == True)
.limit(self.batch_size)
)
wallets = result.scalars().all()
for wallet in wallets:
try:
# Get current balance
balance = await self.ton_service.get_wallet_balance(wallet.address)
if balance != wallet.balance:
wallet.balance = balance
wallet.updated_at = datetime.utcnow()
# Cache balance
cache_key = f"balance:{wallet.address}"
await self.redis_client.setex(cache_key, 300, str(balance)) # 5 minutes
except Exception as e:
logger.error(f"Error updating balance for wallet {wallet.address}: {e}")
await session.commit()
except Exception as e:
logger.error(f"Error updating wallet balances: {e}")
await session.rollback()
async def _index_nft_collections(self) -> None:
"""Index NFT collections and metadata."""
async with db_manager.get_session() as session:
try:
# Get wallets to check for NFTs
result = await session.execute(
select(Wallet)
.where(Wallet.is_active == True)
.limit(self.batch_size // 4) # Smaller batch for NFTs
)
wallets = result.scalars().all()
for wallet in wallets:
try:
# Get NFTs for this wallet
nfts = await self.ton_service.get_wallet_nfts(wallet.address)
for nft_data in nfts:
await self._process_nft(session, wallet, nft_data)
except Exception as e:
logger.error(f"Error indexing NFTs for wallet {wallet.address}: {e}")
await session.commit()
except Exception as e:
logger.error(f"Error indexing NFT collections: {e}")
await session.rollback()
async def _process_nft(self, session: AsyncSession, wallet: Wallet, nft_data: Dict[str, Any]) -> None:
"""Process a single NFT."""
try:
# Check if NFT exists
result = await session.execute(
select(BlockchainNFT)
.where(
BlockchainNFT.token_id == nft_data["token_id"],
BlockchainNFT.collection_address == nft_data["collection_address"]
)
)
existing_nft = result.scalar_one_or_none()
if existing_nft:
# Update existing NFT
existing_nft.owner_address = wallet.address
existing_nft.metadata = nft_data.get("metadata", {})
existing_nft.updated_at = datetime.utcnow()
else:
# Create new NFT
new_nft = BlockchainNFT(
wallet_id=wallet.id,
token_id=nft_data["token_id"],
collection_address=nft_data["collection_address"],
owner_address=wallet.address,
token_uri=nft_data.get("token_uri"),
metadata=nft_data.get("metadata", {}),
created_at=datetime.utcnow()
)
session.add(new_nft)
except Exception as e:
logger.error(f"Error processing NFT {nft_data.get('token_id')}: {e}")
async def _index_nft_transfers(self) -> None:
"""Index NFT transfers."""
# This would involve checking recent blocks for NFT transfer events
# Implementation depends on the specific blockchain's event system
pass
async def _update_token_balances(self) -> None:
"""Update token balances for wallets."""
async with db_manager.get_session() as session:
try:
# Get wallets with token balances to update
result = await session.execute(
select(Wallet)
.where(Wallet.is_active == True)
.limit(self.batch_size // 2)
)
wallets = result.scalars().all()
for wallet in wallets:
try:
# Get token balances
token_balances = await self.ton_service.get_wallet_token_balances(wallet.address)
for token_data in token_balances:
await self._update_token_balance(session, wallet, token_data)
except Exception as e:
logger.error(f"Error updating token balances for {wallet.address}: {e}")
await session.commit()
except Exception as e:
logger.error(f"Error updating token balances: {e}")
await session.rollback()
async def _update_token_balance(
self,
session: AsyncSession,
wallet: Wallet,
token_data: Dict[str, Any]
) -> None:
"""Update a single token balance."""
try:
# Check if balance record exists
result = await session.execute(
select(BlockchainTokenBalance)
.where(
BlockchainTokenBalance.wallet_id == wallet.id,
BlockchainTokenBalance.token_address == token_data["token_address"]
)
)
existing_balance = result.scalar_one_or_none()
if existing_balance:
# Update existing balance
existing_balance.balance = token_data["balance"]
existing_balance.decimals = token_data.get("decimals", 18)
existing_balance.updated_at = datetime.utcnow()
else:
# Create new balance record
new_balance = BlockchainTokenBalance(
wallet_id=wallet.id,
token_address=token_data["token_address"],
token_name=token_data.get("name"),
token_symbol=token_data.get("symbol"),
balance=token_data["balance"],
decimals=token_data.get("decimals", 18),
created_at=datetime.utcnow()
)
session.add(new_balance)
except Exception as e:
logger.error(f"Error updating token balance: {e}")
async def _cleanup_old_cache_entries(self) -> None:
"""Clean up old cache entries."""
try:
# Get all keys with our prefixes
patterns = ["tx:*", "balance:*", "nft:*", "token:*"]
for pattern in patterns:
keys = await self.redis_client.keys(pattern)
# Check TTL and remove expired keys
for key in keys:
ttl = await self.redis_client.ttl(key)
if ttl == -1: # No expiration set
await self.redis_client.expire(key, 3600) # Set 1 hour expiration
logger.debug("Cache cleanup completed")
except Exception as e:
logger.error(f"Error during cache cleanup: {e}")
async def get_indexing_stats(self) -> Dict[str, Any]:
"""Get indexing statistics."""
try:
async with db_manager.get_session() as session:
# Get transaction stats
tx_result = await session.execute(
select(Transaction.status, asyncio.func.count())
.group_by(Transaction.status)
)
tx_stats = dict(tx_result.fetchall())
# Get wallet stats
wallet_result = await session.execute(
select(asyncio.func.count())
.select_from(Wallet)
.where(Wallet.is_active == True)
)
active_wallets = wallet_result.scalar()
# Get NFT stats
nft_result = await session.execute(
select(asyncio.func.count())
.select_from(BlockchainNFT)
)
total_nfts = nft_result.scalar()
return {
"transaction_stats": tx_stats,
"active_wallets": active_wallets,
"total_nfts": total_nfts,
"is_running": self.is_running,
"active_tasks": len([t for t in self.tasks if not t.done()]),
"last_update": datetime.utcnow().isoformat()
}
except Exception as e:
logger.error(f"Error getting indexing stats: {e}")
return {"error": str(e)}
# if __name__ == '__main__':
# loop = asyncio.get_event_loop()
# loop.run_until_complete(main())
# loop.close()
# Global indexer instance
indexer_service = IndexerService()

122
app/core/background/stats_daemon.py Normal file
View File

@ -0,0 +1,122 @@
from __future__ import annotations
import asyncio
import logging
import os
from typing import Callable, Awaitable, List, Optional
from app.core.crypto import get_ed25519_manager
from app.core.models.stats.metrics_models import NodeStats
from app.core.stats.metrics_collector import MetricsCollector
from app.core.stats.stats_aggregator import StatsAggregator
from app.core.stats.gossip_manager import GossipManager
logger = logging.getLogger(__name__)
class StatsDaemon:
"""
Фоновый сервис статистики:
- периодически собирает локальные метрики
- сохраняет в агрегатор
- периодически рассылает gossip статистику пирам
"""
def __init__(
self,
collector: Optional[MetricsCollector] = None,
aggregator: Optional[StatsAggregator] = None,
gossip: Optional[GossipManager] = None,
collect_interval_sec: int = 10,
gossip_interval_sec: int = 30,
peers_provider: Optional[Callable[[], Awaitable[List[str]]]] = None,
) -> None:
self.collector = collector or MetricsCollector()
self.aggregator = aggregator or StatsAggregator()
self.gossip = gossip or GossipManager()
self.collect_interval_sec = max(1, collect_interval_sec)
self.gossip_interval_sec = max(5, gossip_interval_sec)
self.peers_provider = peers_provider
self._collect_task: Optional[asyncio.Task] = None
self._gossip_task: Optional[asyncio.Task] = None
self._stopping = asyncio.Event()
async def start(self) -> None:
logger.info("StatsDaemon starting")
self._stopping.clear()
self._collect_task = asyncio.create_task(self.periodic_collection(), name="stats_collect_loop")
self._gossip_task = asyncio.create_task(self.periodic_gossip(), name="stats_gossip_loop")
logger.info("StatsDaemon started")
async def stop(self) -> None:
logger.info("StatsDaemon stopping")
self._stopping.set()
tasks = [t for t in [self._collect_task, self._gossip_task] if t]
for t in tasks:
t.cancel()
for t in tasks:
try:
await t
except asyncio.CancelledError:
pass
except Exception as e:
logger.warning("StatsDaemon task stop error: %s", e)
logger.info("StatsDaemon stopped")
async def periodic_collection(self) -> None:
"""
Периодический сбор локальных метрик и сохранение в агрегатор.
"""
crypto = get_ed25519_manager()
node_id = crypto.node_id
public_key = crypto.public_key_hex
while not self._stopping.is_set():
try:
system, app = await self.collector.get_current_stats()
# можно дополнить доступным контентом из локального индекса, пока None
node_stats = NodeStats(
node_id=node_id,
public_key=public_key,
system=system,
app=app,
known_content_items=None,
available_content_items=None,
)
await self.aggregator.add_local_snapshot(node_stats)
except Exception as e:
logger.exception("periodic_collection error: %s", e)
try:
await asyncio.wait_for(self._stopping.wait(), timeout=self.collect_interval_sec)
except asyncio.TimeoutError:
continue
async def periodic_gossip(self) -> None:
"""
Периодическая рассылка статистики пирам.
"""
while not self._stopping.is_set():
try:
# peers
peers: List[str] = []
if self.peers_provider:
try:
peers = await self.peers_provider()
await self.aggregator.set_known_peers(peers)
except Exception as e:
logger.warning("peers_provider error: %s", e)
latest = await self.aggregator.get_latest_local()
if latest and peers:
# подписать актуальный слепок
signed_stats = await self.aggregator.build_local_signed_stats()
await self.gossip.broadcast_stats(peers, signed_stats)
except Exception as e:
logger.exception("periodic_gossip error: %s", e)
try:
await asyncio.wait_for(self._stopping.wait(), timeout=self.gossip_interval_sec)
except asyncio.TimeoutError:
continue

920
app/core/background/ton_service.py
View File

@ -1,290 +1,658 @@
"""
TON Blockchain service for wallet operations, transaction management, and smart contract interactions.
Provides async operations with connection pooling, caching, and comprehensive error handling.
"""
import asyncio
from base64 import b64decode
import os
import traceback
import httpx
from sqlalchemy import and_, func
from tonsdk.boc import begin_cell, Cell
from tonsdk.contract.wallet import Wallets
from tonsdk.utils import HighloadQueryId
import json
from datetime import datetime, timedelta
from decimal import Decimal
from typing import Dict, List, Optional, Any, Tuple
from uuid import UUID
from app.core._blockchain.ton.platform import platform
from app.core._blockchain.ton.toncenter import toncenter
from app.core.models.tasks import BlockchainTask
from app.core._config import MY_FUND_ADDRESS
from app.core._secrets import service_wallet
from app.core._utils.send_status import send_status
from app.core.storage import db_session
from app.core.logger import make_log
import httpx
from sqlalchemy import select, update, and_
from app.core.config import get_settings
from app.core.database import db_manager, get_cache_manager
from app.core.logging import get_logger
from app.core.security import decrypt_data, encrypt_data
async def get_sw_seqno():
sw_seqno_result = await toncenter.run_get_method(service_wallet.address.to_string(1, 1, 1), 'seqno')
if sw_seqno_result.get('exit_code', -1) != 0:
sw_seqno_value = 0
else:
sw_seqno_value = int(sw_seqno_result.get('stack', [['num', '0x0']])[0][1], 16)
logger = get_logger(__name__)
settings = get_settings()
return sw_seqno_value
async def main_fn(memory):
make_log("TON", f"Service started, SW = {service_wallet.address.to_string(1, 1, 1)}", level="info")
sw_seqno_value = await get_sw_seqno()
make_log("TON", f"Service wallet run seqno method: {sw_seqno_value}", level="info")
if sw_seqno_value == 0:
make_log("TON", "Service wallet is not deployed, deploying...", level="info")
await toncenter.send_boc(
service_wallet.create_transfer_message(
[{
'address': service_wallet.address.to_string(1, 1, 1),
'amount': 1,
'send_mode': 1,
'payload': begin_cell().store_uint(0, 32).store_bytes(b"Init MY Node").end_cell()
}], 0
)['message'].to_boc(False)
)
await asyncio.sleep(5)
return await main_fn(memory)
if os.getenv("TON_BEGIN_COMMAND_WITHDRAW"):
await toncenter.send_boc(
service_wallet.create_transfer_message(
[{
'address': MY_FUND_ADDRESS,
'amount': 1,
'send_mode': 128,
'payload': begin_cell().end_cell()
}], sw_seqno_value
)['message'].to_boc(False)
)
make_log("TON", "Withdraw command sent", level="info")
await asyncio.sleep(10)
return await main_fn(memory)
# TODO: не деплоить если указан master_address и мы проверили что аккаунт существует. Сейчас platform у каждой ноды будет разным
platform_state = await toncenter.get_account(platform.address.to_string(1, 1, 1))
if not platform_state.get('code'):
make_log("TON", "Platform contract is not deployed, send deploy transaction..", level="info")
await toncenter.send_boc(
service_wallet.create_transfer_message(
[{
'address': platform.address.to_string(1, 1, 1),
'amount': int(0.08 * 10 ** 9),
'send_mode': 1,
'payload': begin_cell().store_uint(0, 32).store_uint(0, 64).end_cell(),
'state_init': platform.create_state_init()['state_init']
}], sw_seqno_value
)['message'].to_boc(False)
)
await send_status("ton_daemon", "working: deploying platform")
await asyncio.sleep(15)
return await main_fn(memory)
class TONService:
"""
Comprehensive TON blockchain service with async operations.
Handles wallet management, transactions, and smart contract interactions.
"""
highload_wallet = Wallets.ALL['hv3'](
private_key=service_wallet.options['private_key'],
public_key=service_wallet.options['public_key'],
wc=0
)
make_log("TON", f"Highload wallet address: {highload_wallet.address.to_string(1, 1, 1)}", level="info")
highload_state = await toncenter.get_account(highload_wallet.address.to_string(1, 1, 1))
if int(highload_state.get('balance', '0')) / 1e9 < 0.05:
make_log("TON", "Highload wallet balance is less than 0.05, send topup transaction..", level="info")
await toncenter.send_boc(
service_wallet.create_transfer_message(
[{
'address': highload_wallet.address.to_string(1, 1, 0),
'amount': int(0.08 * 10 ** 9),
'send_mode': 1,
'payload': begin_cell().store_uint(0, 32).end_cell()
}], sw_seqno_value
)['message'].to_boc(False)
def __init__(self):
self.api_endpoint = settings.TON_API_ENDPOINT
self.testnet = settings.TON_TESTNET
self.api_key = settings.TON_API_KEY
self.timeout = 30
# HTTP client for API requests
self.client = httpx.AsyncClient(
timeout=self.timeout,
headers={
"Authorization": f"Bearer {self.api_key}" if self.api_key else None,
"Content-Type": "application/json"
}
)
await send_status("ton_daemon", "working: topup highload wallet")
await asyncio.sleep(15)
return await main_fn(memory)
self.cache_manager = get_cache_manager()
if not highload_state.get('code'):
make_log("TON", "Highload wallet contract is not deployed, send deploy transaction..", level="info")
created_at_ts = int(datetime.utcnow().timestamp()) - 60
await toncenter.send_boc(
highload_wallet.create_transfer_message(
service_wallet.address.to_string(1, 1, 1),
1, HighloadQueryId.from_seqno(0), created_at_ts, send_mode=1, payload="hello world", need_deploy=True
)['message'].to_boc(False)
)
await send_status("ton_daemon", "working: deploying highload wallet")
await asyncio.sleep(15)
return await main_fn(memory)
while True:
async def close(self):
"""Close HTTP client and cleanup resources."""
if self.client:
await self.client.aclose()
async def create_wallet(self) -> Dict[str, Any]:
"""
Create new TON wallet with mnemonic generation.
Returns:
Dict: Wallet creation result with address and private key
"""
try:
sw_seqno_value = await get_sw_seqno()
make_log("TON", f"Service running ({sw_seqno_value})", level="debug")
with db_session() as session:
# Проверка отправленных сообщений
await send_status("ton_daemon", f"working: processing in-txs (seqno={sw_seqno_value})")
async def process_incoming_transaction(transaction: dict):
transaction_hash = transaction['transaction_id']['hash']
transaction_lt = str(transaction['transaction_id']['lt'])
# transaction_success = bool(transaction['success'])
async def process_incoming_message(blockchain_message: dict):
in_msg_cell = Cell.one_from_boc(b64decode(blockchain_message['msg_data']['body']))
in_msg_slice = in_msg_cell.refs[0].begin_parse()
in_msg_slice.read_uint(32)
in_msg_slice.read_uint(8)
in_msg_query_id = in_msg_slice.read_uint(23)
in_msg_created_at = in_msg_slice.read_uint(64)
in_msg_epoch = int(in_msg_created_at // (60 * 60))
in_msg_seqno = HighloadQueryId.from_query_id(in_msg_query_id).to_seqno()
in_msg_blockchain_task = (
session.query(BlockchainTask).filter(
and_(
BlockchainTask.seqno == in_msg_seqno,
BlockchainTask.epoch == in_msg_epoch,
)
)
).first()
if not in_msg_blockchain_task:
return
if not (in_msg_blockchain_task.status in ['done']) or in_msg_blockchain_task.transaction_hash != transaction_hash:
in_msg_blockchain_task.status = 'done'
in_msg_blockchain_task.transaction_hash = transaction_hash
in_msg_blockchain_task.transaction_lt = transaction_lt
session.commit()
for blockchain_message in [transaction['in_msg']]:
try:
await process_incoming_message(blockchain_message)
except BaseException as e:
pass # make_log("TON_Daemon", f"Error while processing incoming message: {e}" + '\n' + traceback.format_exc(), level='debug')
# Generate mnemonic phrase
mnemonic_response = await self.client.post(
f"{self.api_endpoint}/wallet/generate",
json={"testnet": self.testnet}
)
if mnemonic_response.status_code != 200:
error_msg = f"Failed to generate wallet: {mnemonic_response.text}"
await logger.aerror("Wallet generation failed", error=error_msg)
return {"error": error_msg}
mnemonic_data = mnemonic_response.json()
# Create wallet from mnemonic
wallet_response = await self.client.post(
f"{self.api_endpoint}/wallet/create",
json={
"mnemonic": mnemonic_data["mnemonic"],
"testnet": self.testnet
}
)
if wallet_response.status_code != 200:
error_msg = f"Failed to create wallet: {wallet_response.text}"
await logger.aerror("Wallet creation failed", error=error_msg)
return {"error": error_msg}
wallet_data = wallet_response.json()
await logger.ainfo(
"Wallet created successfully",
address=wallet_data.get("address"),
testnet=self.testnet
)
return {
"address": wallet_data["address"],
"private_key": wallet_data["private_key"],
"mnemonic": mnemonic_data["mnemonic"],
"testnet": self.testnet
}
except httpx.TimeoutException:
error_msg = "Wallet creation timeout"
await logger.aerror(error_msg)
return {"error": error_msg}
except Exception as e:
error_msg = f"Wallet creation error: {str(e)}"
await logger.aerror("Wallet creation exception", error=str(e))
return {"error": error_msg}
async def get_wallet_balance(self, address: str) -> Dict[str, Any]:
"""
Get wallet balance with caching for performance.
Args:
address: TON wallet address
Returns:
Dict: Balance information
"""
try:
# Check cache first
cache_key = f"ton_balance:{address}"
cached_balance = await self.cache_manager.get(cache_key)
if cached_balance:
return cached_balance
# Fetch from blockchain
balance_response = await self.client.get(
f"{self.api_endpoint}/wallet/{address}/balance"
)
if balance_response.status_code != 200:
error_msg = f"Failed to get balance: {balance_response.text}"
return {"error": error_msg}
balance_data = balance_response.json()
result = {
"balance": int(balance_data.get("balance", 0)), # nanotons
"last_transaction_lt": balance_data.get("last_transaction_lt"),
"account_state": balance_data.get("account_state", "unknown"),
"updated_at": datetime.utcnow().isoformat()
}
# Cache for 30 seconds
await self.cache_manager.set(cache_key, result, ttl=30)
return result
except httpx.TimeoutException:
return {"error": "Balance fetch timeout"}
except Exception as e:
await logger.aerror("Balance fetch error", address=address, error=str(e))
return {"error": f"Balance fetch error: {str(e)}"}
async def get_wallet_transactions(
self,
address: str,
limit: int = 20,
offset: int = 0
) -> Dict[str, Any]:
"""
Get wallet transaction history with pagination.
Args:
address: TON wallet address
limit: Number of transactions to fetch
offset: Pagination offset
Returns:
Dict: Transaction history
"""
try:
# Check cache
cache_key = f"ton_transactions:{address}:{limit}:{offset}"
cached_transactions = await self.cache_manager.get(cache_key)
if cached_transactions:
return cached_transactions
transactions_response = await self.client.get(
f"{self.api_endpoint}/wallet/{address}/transactions",
params={"limit": limit, "offset": offset}
)
if transactions_response.status_code != 200:
error_msg = f"Failed to get transactions: {transactions_response.text}"
return {"error": error_msg}
transactions_data = transactions_response.json()
result = {
"transactions": transactions_data.get("transactions", []),
"total": transactions_data.get("total", 0),
"limit": limit,
"offset": offset,
"updated_at": datetime.utcnow().isoformat()
}
# Cache for 1 minute
await self.cache_manager.set(cache_key, result, ttl=60)
return result
except httpx.TimeoutException:
return {"error": "Transaction fetch timeout"}
except Exception as e:
await logger.aerror(
"Transaction fetch error",
address=address,
error=str(e)
)
return {"error": f"Transaction fetch error: {str(e)}"}
async def send_transaction(
self,
private_key: str,
recipient_address: str,
amount: int,
message: str = "",
**kwargs
) -> Dict[str, Any]:
"""
Send TON transaction with validation and monitoring.
Args:
private_key: Encrypted private key
recipient_address: Recipient wallet address
amount: Amount in nanotons
message: Optional message
**kwargs: Additional transaction parameters
Returns:
Dict: Transaction result
"""
try:
# Validate inputs
if amount <= 0:
return {"error": "Amount must be positive"}
if len(recipient_address) != 48:
return {"error": "Invalid recipient address format"}
# Decrypt private key
try:
decrypted_key = decrypt_data(private_key, context="wallet")
if isinstance(decrypted_key, bytes):
decrypted_key = decrypted_key.decode('utf-8')
except Exception as e:
await logger.aerror("Private key decryption failed", error=str(e))
return {"error": "Invalid private key"}
# Prepare transaction
transaction_data = {
"private_key": decrypted_key,
"recipient": recipient_address,
"amount": str(amount),
"message": message,
"testnet": self.testnet
}
# Send transaction
tx_response = await self.client.post(
f"{self.api_endpoint}/transaction/send",
json=transaction_data
)
if tx_response.status_code != 200:
error_msg = f"Transaction failed: {tx_response.text}"
await logger.aerror(
"Transaction submission failed",
recipient=recipient_address,
amount=amount,
error=error_msg
)
return {"error": error_msg}
tx_data = tx_response.json()
result = {
"hash": tx_data["hash"],
"lt": tx_data.get("lt"),
"fee": tx_data.get("fee", 0),
"block_hash": tx_data.get("block_hash"),
"timestamp": datetime.utcnow().isoformat()
}
await logger.ainfo(
"Transaction sent successfully",
hash=result["hash"],
recipient=recipient_address,
amount=amount
)
return result
except httpx.TimeoutException:
return {"error": "Transaction timeout"}
except Exception as e:
await logger.aerror(
"Transaction send error",
recipient=recipient_address,
amount=amount,
error=str(e)
)
return {"error": f"Transaction error: {str(e)}"}
async def get_transaction_status(self, tx_hash: str) -> Dict[str, Any]:
"""
Get transaction status and confirmation details.
Args:
tx_hash: Transaction hash
Returns:
Dict: Transaction status information
"""
try:
# Check cache
cache_key = f"ton_tx_status:{tx_hash}"
cached_status = await self.cache_manager.get(cache_key)
if cached_status and cached_status.get("confirmed"):
return cached_status
status_response = await self.client.get(
f"{self.api_endpoint}/transaction/{tx_hash}/status"
)
if status_response.status_code != 200:
return {"error": f"Failed to get status: {status_response.text}"}
status_data = status_response.json()
result = {
"hash": tx_hash,
"confirmed": status_data.get("confirmed", False),
"failed": status_data.get("failed", False),
"confirmations": status_data.get("confirmations", 0),
"block_hash": status_data.get("block_hash"),
"block_time": status_data.get("block_time"),
"fee": status_data.get("fee"),
"confirmed_at": status_data.get("confirmed_at"),
"updated_at": datetime.utcnow().isoformat()
}
# Cache confirmed/failed transactions longer
cache_ttl = 3600 if result["confirmed"] or result["failed"] else 30
await self.cache_manager.set(cache_key, result, ttl=cache_ttl)
return result
except httpx.TimeoutException:
return {"error": "Status check timeout"}
except Exception as e:
await logger.aerror("Status check error", tx_hash=tx_hash, error=str(e))
return {"error": f"Status check error: {str(e)}"}
async def validate_address(self, address: str) -> Dict[str, Any]:
"""
Validate TON address format and existence.
Args:
address: TON address to validate
Returns:
Dict: Validation result
"""
try:
# Basic format validation
if len(address) != 48:
return {"valid": False, "error": "Invalid address length"}
# Check against blockchain
validation_response = await self.client.post(
f"{self.api_endpoint}/address/validate",
json={"address": address}
)
if validation_response.status_code != 200:
return {"valid": False, "error": "Validation service error"}
validation_data = validation_response.json()
return {
"valid": validation_data.get("valid", False),
"exists": validation_data.get("exists", False),
"account_type": validation_data.get("account_type"),
"error": validation_data.get("error")
}
except Exception as e:
await logger.aerror("Address validation error", address=address, error=str(e))
return {"valid": False, "error": f"Validation error: {str(e)}"}
async def get_network_info(self) -> Dict[str, Any]:
"""
Get TON network information and statistics.
Returns:
Dict: Network information
"""
try:
cache_key = "ton_network_info"
cached_info = await self.cache_manager.get(cache_key)
if cached_info:
return cached_info
network_response = await self.client.get(
f"{self.api_endpoint}/network/info"
)
if network_response.status_code != 200:
return {"error": f"Failed to get network info: {network_response.text}"}
network_data = network_response.json()
result = {
"network": "testnet" if self.testnet else "mainnet",
"last_block": network_data.get("last_block"),
"last_block_time": network_data.get("last_block_time"),
"total_accounts": network_data.get("total_accounts"),
"total_transactions": network_data.get("total_transactions"),
"tps": network_data.get("tps"), # Transactions per second
"updated_at": datetime.utcnow().isoformat()
}
# Cache for 5 minutes
await self.cache_manager.set(cache_key, result, ttl=300)
return result
except Exception as e:
await logger.aerror("Network info error", error=str(e))
return {"error": f"Network info error: {str(e)}"}
async def estimate_transaction_fee(
self,
sender_address: str,
recipient_address: str,
amount: int,
message: str = ""
) -> Dict[str, Any]:
"""
Estimate transaction fee before sending.
Args:
sender_address: Sender wallet address
recipient_address: Recipient wallet address
amount: Amount in nanotons
message: Optional message
Returns:
Dict: Fee estimation
"""
try:
fee_response = await self.client.post(
f"{self.api_endpoint}/transaction/estimate-fee",
json={
"sender": sender_address,
"recipient": recipient_address,
"amount": str(amount),
"message": message
}
)
if fee_response.status_code != 200:
return {"error": f"Fee estimation failed: {fee_response.text}"}
fee_data = fee_response.json()
return {
"estimated_fee": fee_data.get("fee", 0),
"estimated_fee_tons": str(Decimal(fee_data.get("fee", 0)) / Decimal("1000000000")),
"gas_used": fee_data.get("gas_used"),
"message_size": len(message.encode('utf-8')),
"updated_at": datetime.utcnow().isoformat()
}
except Exception as e:
await logger.aerror("Fee estimation error", error=str(e))
return {"error": f"Fee estimation error: {str(e)}"}
async def monitor_transaction(self, tx_hash: str, max_wait_time: int = 300) -> Dict[str, Any]:
"""
Monitor transaction until confirmation or timeout.
Args:
tx_hash: Transaction hash to monitor
max_wait_time: Maximum wait time in seconds
Returns:
Dict: Final transaction status
"""
start_time = datetime.utcnow()
check_interval = 5 # Check every 5 seconds
while (datetime.utcnow() - start_time).seconds < max_wait_time:
status = await self.get_transaction_status(tx_hash)
if status.get("error"):
return status
if status.get("confirmed") or status.get("failed"):
await logger.ainfo(
"Transaction monitoring completed",
tx_hash=tx_hash,
confirmed=status.get("confirmed"),
failed=status.get("failed"),
duration=(datetime.utcnow() - start_time).seconds
)
return status
await asyncio.sleep(check_interval)
# Timeout reached
await logger.awarning(
"Transaction monitoring timeout",
tx_hash=tx_hash,
max_wait_time=max_wait_time
)
return {
"hash": tx_hash,
"confirmed": False,
"timeout": True,
"error": "Monitoring timeout reached"
}
async def get_smart_contract_info(self, address: str) -> Dict[str, Any]:
"""
Get smart contract information and ABI.
Args:
address: Smart contract address
Returns:
Dict: Contract information
"""
try:
cache_key = f"ton_contract:{address}"
cached_info = await self.cache_manager.get(cache_key)
if cached_info:
return cached_info
contract_response = await self.client.get(
f"{self.api_endpoint}/contract/{address}/info"
)
if contract_response.status_code != 200:
return {"error": f"Failed to get contract info: {contract_response.text}"}
contract_data = contract_response.json()
result = {
"address": address,
"contract_type": contract_data.get("contract_type"),
"is_verified": contract_data.get("is_verified", False),
"abi": contract_data.get("abi"),
"source_code": contract_data.get("source_code"),
"compiler_version": contract_data.get("compiler_version"),
"deployment_block": contract_data.get("deployment_block"),
"updated_at": datetime.utcnow().isoformat()
}
# Cache for 1 hour
await self.cache_manager.set(cache_key, result, ttl=3600)
return result
except Exception as e:
await logger.aerror("Contract info error", address=address, error=str(e))
return {"error": f"Contract info error: {str(e)}"}
async def call_smart_contract(
self,
contract_address: str,
method: str,
params: Dict[str, Any],
private_key: Optional[str] = None
) -> Dict[str, Any]:
"""
Call smart contract method.
Args:
contract_address: Contract address
method: Method name to call
params: Method parameters
private_key: Private key for write operations
Returns:
Dict: Contract call result
"""
try:
call_data = {
"contract": contract_address,
"method": method,
"params": params
}
# Add private key for write operations
if private_key:
try:
sw_transactions = await toncenter.get_transactions(highload_wallet.address.to_string(1, 1, 1), limit=100)
for sw_transaction in sw_transactions:
try:
await process_incoming_transaction(sw_transaction)
except BaseException as e:
make_log("TON_Daemon", f"Error while processing incoming transaction: {e}", level="debug")
except BaseException as e:
make_log("TON_Daemon", f"Error while getting service wallet transactions: {e}", level="ERROR")
await send_status("ton_daemon", f"working: processing out-txs (seqno={sw_seqno_value})")
# Отправка подписанных сообщений
for blockchain_task in (
session.query(BlockchainTask).filter(
BlockchainTask.status == 'processing',
).order_by(BlockchainTask.updated.asc()).all()
):
make_log("TON_Daemon", f"Processing task (processing) {blockchain_task.id}")
query_boc = bytes.fromhex(blockchain_task.meta['signed_message'])
errors_list = []
try:
await toncenter.send_boc(query_boc)
except BaseException as e:
errors_list.append(f"{e}")
try:
make_log("TON_Daemon", str(
httpx.post(
'https://tonapi.io/v2/blockchain/message',
json={
'boc': query_boc.hex()
}
).text
))
except BaseException as e:
make_log("TON_Daemon", f"Error while pushing task to tonkeeper ({blockchain_task.id}): {e}", level="ERROR")
errors_list.append(f"{e}")
blockchain_task.updated = datetime.utcnow()
if blockchain_task.meta['sign_created'] + 10 * 60 < datetime.utcnow().timestamp():
# or sum([int("terminating vm with exit code 36" in e) for e in errors_list]) > 0:
make_log("TON_Daemon", f"Task {blockchain_task.id} done", level="DEBUG")
blockchain_task.status = 'done'
session.commit()
continue
await asyncio.sleep(0.5)
await send_status("ton_daemon", f"working: creating new messages (seqno={sw_seqno_value})")
# Создание новых подписей
for blockchain_task in (
session.query(BlockchainTask).filter(BlockchainTask.status == 'wait').all()
):
try:
# Check processing tasks in current epoch < 3_000_000
if (
session.query(BlockchainTask).filter(
BlockchainTask.epoch == blockchain_task.epoch,
).count() > 3_000_000
):
make_log("TON", f"Too many processing tasks in epoch {blockchain_task.epoch}", level="error")
await send_status("ton_daemon", f"working: too many tasks in epoch {blockchain_task.epoch}")
await asyncio.sleep(5)
continue
sign_created = int(datetime.utcnow().timestamp()) - 60
try:
current_epoch = int(datetime.utcnow().timestamp() // (60 * 60))
max_epoch_seqno = (
session.query(func.max(BlockchainTask.seqno)).filter(
BlockchainTask.epoch == current_epoch
).scalar() or 0
)
current_epoch_shift = 3_000_000 if current_epoch % 2 == 0 else 0
current_seqno = max_epoch_seqno + 1 + (current_epoch_shift if max_epoch_seqno == 0 else 0)
except BaseException as e:
make_log("CRITICAL", f"Error calculating epoch,seqno: {e}", level="error")
current_epoch = 0
current_seqno = 0
blockchain_task.seqno = current_seqno
blockchain_task.epoch = current_epoch
blockchain_task.status = 'processing'
try:
query = highload_wallet.create_transfer_message(
blockchain_task.destination, int(blockchain_task.amount), HighloadQueryId.from_seqno(current_seqno),
sign_created, send_mode=1,
payload=Cell.one_from_boc(b64decode(blockchain_task.payload))
)
query_boc = query['message'].to_boc(False)
except BaseException as e:
make_log("TON", f"Error creating transfer message: {e}", level="error")
query_boc = begin_cell().end_cell().to_boc(False)
blockchain_task.meta = {
**blockchain_task.meta,
'sign_created': sign_created,
'signed_message': query_boc.hex(),
}
session.commit()
make_log("TON", f"Created signed message for task {blockchain_task.id}" + '\n' + traceback.format_exc(), level="info")
except BaseException as e:
make_log("TON", f"Error processing task {blockchain_task.id}: {e}" + '\n' + traceback.format_exc(), level="error")
continue
await asyncio.sleep(1)
await asyncio.sleep(1)
await send_status("ton_daemon", f"working (seqno={sw_seqno_value})")
except BaseException as e:
make_log("TON", f"Error: {e}", level="error")
await asyncio.sleep(3)
# if __name__ == '__main__':
# loop = asyncio.get_event_loop()
# loop.run_until_complete(main())
# loop.close()
decrypted_key = decrypt_data(private_key, context="wallet")
if isinstance(decrypted_key, bytes):
decrypted_key = decrypted_key.decode('utf-8')
call_data["private_key"] = decrypted_key
except Exception as e:
return {"error": "Invalid private key"}
contract_response = await self.client.post(
f"{self.api_endpoint}/contract/call",
json=call_data
)
if contract_response.status_code != 200:
return {"error": f"Contract call failed: {contract_response.text}"}
call_result = contract_response.json()
await logger.ainfo(
"Smart contract called",
contract=contract_address,
method=method,
success=call_result.get("success", False)
)
return call_result
except Exception as e:
await logger.aerror(
"Contract call error",
contract=contract_address,
method=method,
error=str(e)
)
return {"error": f"Contract call error: {str(e)}"}
# Global TON service instance
_ton_service = None
async def get_ton_service() -> TONService:
"""Get or create global TON service instance."""
global _ton_service
if _ton_service is None:
_ton_service = TONService()
return _ton_service
async def cleanup_ton_service():
"""Cleanup global TON service instance."""
global _ton_service
if _ton_service:
await _ton_service.close()
_ton_service = None

385
app/core/cache.py Normal file
View File

@ -0,0 +1,385 @@
"""Redis caching system with fallback support."""
import json
import logging
import pickle
from typing import Any, Optional, Union, Dict, List
from contextlib import asynccontextmanager
from functools import wraps
import redis.asyncio as redis
from redis.asyncio import ConnectionPool
from app.core.config_compatible import get_settings
logger = logging.getLogger(__name__)
# Global Redis connection pool
_redis_pool: Optional[ConnectionPool] = None
_redis_client: Optional[redis.Redis] = None
class CacheError(Exception):
"""Custom cache error."""
pass
async def init_cache() -> None:
"""Initialize Redis cache connection."""
global _redis_pool, _redis_client
settings = get_settings()
if not settings.redis_enabled or not settings.cache_enabled:
logger.info("Redis caching is disabled")
return
try:
# Create connection pool
_redis_pool = ConnectionPool(
host=settings.redis_host,
port=settings.redis_port,
password=settings.redis_password,
db=settings.redis_db,
max_connections=settings.redis_max_connections,
socket_timeout=settings.redis_socket_timeout,
socket_connect_timeout=settings.redis_socket_connect_timeout,
decode_responses=False, # We'll handle encoding manually for flexibility
retry_on_timeout=True,
health_check_interval=30,
)
# Create Redis client
_redis_client = redis.Redis(connection_pool=_redis_pool)
# Test connection
await _redis_client.ping()
logger.info(f"Redis cache initialized successfully at {settings.redis_host}:{settings.redis_port}")
except Exception as e:
logger.warning(f"Failed to initialize Redis cache: {e}. Caching will be disabled.")
_redis_pool = None
_redis_client = None
async def close_cache() -> None:
"""Close Redis cache connection."""
global _redis_pool, _redis_client
if _redis_client:
try:
await _redis_client.close()
logger.info("Redis cache connection closed")
except Exception as e:
logger.error(f"Error closing Redis cache: {e}")
finally:
_redis_client = None
_redis_pool = None
def get_redis_client() -> Optional[redis.Redis]:
"""Get Redis client instance."""
return _redis_client
def is_cache_available() -> bool:
"""Check if cache is available."""
return _redis_client is not None
class Cache:
"""Redis cache manager with fallback support."""
def __init__(self):
self.settings = get_settings()
def _serialize(self, value: Any) -> bytes:
"""Serialize value for storage."""
try:
if isinstance(value, (str, int, float, bool)):
return json.dumps(value).encode('utf-8')
else:
return pickle.dumps(value)
except Exception as e:
logger.error(f"Failed to serialize cache value: {e}")
raise CacheError(f"Serialization error: {e}")
def _deserialize(self, data: bytes) -> Any:
"""Deserialize value from storage."""
try:
# Try JSON first (for simple types)
try:
return json.loads(data.decode('utf-8'))
except (json.JSONDecodeError, UnicodeDecodeError):
# Fallback to pickle for complex objects
return pickle.loads(data)
except Exception as e:
logger.error(f"Failed to deserialize cache value: {e}")
raise CacheError(f"Deserialization error: {e}")
def _make_key(self, key: str, prefix: str = "myuploader") -> str:
"""Create cache key with prefix."""
return f"{prefix}:{key}"
async def get(self, key: str, default: Any = None) -> Any:
"""Get value from cache."""
if not is_cache_available():
return default
try:
redis_key = self._make_key(key)
data = await _redis_client.get(redis_key)
if data is None:
return default
return self._deserialize(data)
except Exception as e:
logger.warning(f"Cache get error for key '{key}': {e}")
return default
async def set(self, key: str, value: Any, ttl: Optional[int] = None) -> bool:
"""Set value in cache."""
if not is_cache_available():
return False
try:
redis_key = self._make_key(key)
data = self._serialize(value)
if ttl is None:
ttl = self.settings.cache_default_ttl
await _redis_client.setex(redis_key, ttl, data)
return True
except Exception as e:
logger.warning(f"Cache set error for key '{key}': {e}")
return False
async def delete(self, key: str) -> bool:
"""Delete value from cache."""
if not is_cache_available():
return False
try:
redis_key = self._make_key(key)
result = await _redis_client.delete(redis_key)
return bool(result)
except Exception as e:
logger.warning(f"Cache delete error for key '{key}': {e}")
return False
async def exists(self, key: str) -> bool:
"""Check if key exists in cache."""
if not is_cache_available():
return False
try:
redis_key = self._make_key(key)
result = await _redis_client.exists(redis_key)
return bool(result)
except Exception as e:
logger.warning(f"Cache exists error for key '{key}': {e}")
return False
async def expire(self, key: str, ttl: int) -> bool:
"""Set expiration time for key."""
if not is_cache_available():
return False
try:
redis_key = self._make_key(key)
result = await _redis_client.expire(redis_key, ttl)
return bool(result)
except Exception as e:
logger.warning(f"Cache expire error for key '{key}': {e}")
return False
async def clear_pattern(self, pattern: str) -> int:
"""Clear all keys matching pattern."""
if not is_cache_available():
return 0
try:
redis_pattern = self._make_key(pattern)
keys = await _redis_client.keys(redis_pattern)
if keys:
result = await _redis_client.delete(*keys)
return result
return 0
except Exception as e:
logger.warning(f"Cache clear pattern error for pattern '{pattern}': {e}")
return 0
async def increment(self, key: str, amount: int = 1, ttl: Optional[int] = None) -> Optional[int]:
"""Increment counter in cache."""
if not is_cache_available():
return None
try:
redis_key = self._make_key(key)
result = await _redis_client.incrby(redis_key, amount)
if ttl is not None:
await _redis_client.expire(redis_key, ttl)
return result
except Exception as e:
logger.warning(f"Cache increment error for key '{key}': {e}")
return None
async def get_multiple(self, keys: List[str]) -> Dict[str, Any]:
"""Get multiple values from cache."""
if not is_cache_available():
return {}
try:
redis_keys = [self._make_key(key) for key in keys]
values = await _redis_client.mget(redis_keys)
result = {}
for i, (key, data) in enumerate(zip(keys, values)):
if data is not None:
try:
result[key] = self._deserialize(data)
except Exception as e:
logger.warning(f"Failed to deserialize cached value for key '{key}': {e}")
return result
except Exception as e:
logger.warning(f"Cache get_multiple error: {e}")
return {}
async def set_multiple(self, mapping: Dict[str, Any], ttl: Optional[int] = None) -> bool:
"""Set multiple values in cache."""
if not is_cache_available():
return False
try:
pipeline = _redis_client.pipeline()
for key, value in mapping.items():
redis_key = self._make_key(key)
data = self._serialize(value)
if ttl is None:
ttl = self.settings.cache_default_ttl
pipeline.setex(redis_key, ttl, data)
await pipeline.execute()
return True
except Exception as e:
logger.warning(f"Cache set_multiple error: {e}")
return False
# Global cache instance
cache = Cache()
# Caching decorators
def cached(ttl: Optional[int] = None, key_prefix: str = "func"):
"""Decorator for caching function results."""
def decorator(func):
@wraps(func)
async def wrapper(*args, **kwargs):
if not is_cache_available():
return await func(*args, **kwargs)
# Create cache key from function name and arguments
key_parts = [key_prefix, func.__name__]
if args:
key_parts.extend([str(arg) for arg in args])
if kwargs:
key_parts.extend([f"{k}={v}" for k, v in sorted(kwargs.items())])
cache_key = ":".join(key_parts)
# Try to get from cache
result = await cache.get(cache_key)
if result is not None:
return result
# Call function and cache result
result = await func(*args, **kwargs)
await cache.set(cache_key, result, ttl)
return result
return wrapper
return decorator
def cache_user_data(ttl: Optional[int] = None):
"""Decorator for caching user-specific data."""
if ttl is None:
ttl = get_settings().cache_user_ttl
return cached(ttl=ttl, key_prefix="user")
def cache_content_data(ttl: Optional[int] = None):
"""Decorator for caching content data."""
if ttl is None:
ttl = get_settings().cache_content_ttl
return cached(ttl=ttl, key_prefix="content")
# Cache health check
async def check_cache_health() -> Dict[str, Any]:
"""Check cache health and return status."""
if not is_cache_available():
return {
"status": "disabled",
"available": False,
"error": "Redis not initialized"
}
try:
# Test basic operations
test_key = "health_check"
test_value = {"timestamp": "test"}
await cache.set(test_key, test_value, 10)
retrieved = await cache.get(test_key)
await cache.delete(test_key)
# Get Redis info
info = await _redis_client.info()
return {
"status": "healthy",
"available": True,
"test_passed": retrieved == test_value,
"connected_clients": info.get("connected_clients", 0),
"used_memory": info.get("used_memory_human", "unknown"),
"total_commands_processed": info.get("total_commands_processed", 0),
}
except Exception as e:
return {
"status": "error",
"available": False,
"error": str(e)
}
# Context manager for cache operations
@asynccontextmanager
async def cache_context():
"""Context manager for cache operations."""
try:
yield cache
except Exception as e:
logger.error(f"Cache context error: {e}")
raise

430
app/core/config.py Normal file
View File

@ -0,0 +1,430 @@
"""
Application configuration with security improvements and validation
"""
import os
import secrets
from datetime import datetime
from typing import List, Optional, Dict, Any
from pathlib import Path
from pydantic import validator, Field
from pydantic_settings import BaseSettings, SettingsConfigDict
from pydantic.networks import AnyHttpUrl, PostgresDsn, RedisDsn
from typing import Literal
import structlog
logger = structlog.get_logger(__name__)
# --- Added env aliases to accept existing .env variable names ---
try:
from pydantic_settings import BaseSettings, SettingsConfigDict
except Exception:
from pydantic import BaseSettings # fallback
try:
from pydantic import Field
except Exception:
def Field(default=None, **kwargs): return default
# Map old env names to model fields if names differ
ENV_FIELD_ALIASES = {
"postgres_db": "POSTGRES_DB",
"postgres_user": "POSTGRES_USER",
"postgres_password": "POSTGRES_PASSWORD",
"node_id": "NODE_ID",
"node_type": "NODE_TYPE",
"node_version": "NODE_VERSION",
"network_mode": "NETWORK_MODE",
"allow_incoming_connections": "ALLOW_INCOMING_CONNECTIONS",
"uvicorn_host": "UVICORN_HOST",
"uvicorn_port": "UVICORN_PORT",
"docker_sock_path": "DOCKER_SOCK_PATH",
"node_private_key_path": "NODE_PRIVATE_KEY_PATH",
"node_public_key_path": "NODE_PUBLIC_KEY_PATH",
"node_public_key_hex": "NODE_PUBLIC_KEY_HEX",
"bootstrap_config": "BOOTSTRAP_CONFIG",
"max_peer_connections": "MAX_PEER_CONNECTIONS",
"sync_interval": "SYNC_INTERVAL",
"convert_max_parallel": "CONVERT_MAX_PARALLEL",
"convert_timeout": "CONVERT_TIMEOUT",
}
def _apply_env_aliases(cls):
for field, env in ENV_FIELD_ALIASES.items():
if field in getattr(cls, "__annotations__", {}):
# Prefer Field with validation extras preserved
current = getattr(cls, field, None)
try:
setattr(cls, field, Field(default=current if current is not None else None, validation_alias=env, alias=env))
except Exception:
setattr(cls, field, current)
return cls
# --- End aliases block ---
@_apply_env_aliases
class Settings(BaseSettings):
"""Application settings with validation"""
# Accept unknown env vars and allow no prefix
model_config = SettingsConfigDict(extra='allow', env_prefix='')
# Application
PROJECT_NAME: str = "My Uploader Bot"
PROJECT_VERSION: str = "2.0.0"
PROJECT_HOST: AnyHttpUrl = Field(default="http://127.0.0.1:15100")
SANIC_PORT: int = Field(default=15100, ge=1000, le=65535)
DEBUG: bool = Field(default=False)
# Security
SECRET_KEY: str = Field(default_factory=lambda: secrets.token_urlsafe(32))
JWT_SECRET_KEY: str = Field(default_factory=lambda: secrets.token_urlsafe(32))
JWT_EXPIRE_MINUTES: int = Field(default=60 * 24 * 7) # 7 days
ENCRYPTION_KEY: Optional[str] = None
# Rate Limiting
RATE_LIMIT_REQUESTS: int = Field(default=100)
RATE_LIMIT_WINDOW: int = Field(default=60) # seconds
RATE_LIMIT_ENABLED: bool = Field(default=True)
# Database
# Legacy compose fields (optional). If all three are present, they will be used to build DATABASE_URL.
POSTGRES_DB: Optional[str] = Field(default=None, validation_alias="POSTGRES_DB", alias="POSTGRES_DB")
POSTGRES_USER: Optional[str] = Field(default=None, validation_alias="POSTGRES_USER", alias="POSTGRES_USER")
POSTGRES_PASSWORD: Optional[str] = Field(default=None, validation_alias="POSTGRES_PASSWORD", alias="POSTGRES_PASSWORD")
DATABASE_URL: str = Field(
default="postgresql+asyncpg://user:password@localhost:5432/uploader_bot",
validation_alias="DATABASE_URL", alias="DATABASE_URL"
)
DATABASE_POOL_SIZE: int = Field(default=10, ge=1, le=100)
DATABASE_MAX_OVERFLOW: int = Field(default=20, ge=0, le=100)
DATABASE_ECHO: bool = Field(default=False)
# Redis
REDIS_URL: RedisDsn = Field(default="redis://localhost:6379/0", validation_alias="REDIS_URL", alias="REDIS_URL")
REDIS_POOL_SIZE: int = Field(default=10, ge=1, le=100)
REDIS_TTL_DEFAULT: int = Field(default=3600) # 1 hour
REDIS_TTL_SHORT: int = Field(default=300) # 5 minutes
REDIS_TTL_LONG: int = Field(default=86400) # 24 hours
# File Storage
UPLOADS_DIR: Path = Field(default=Path("/app/data"), validation_alias="UPLOADS_DIR", alias="UPLOADS_DIR")
MAX_FILE_SIZE: int = Field(default=100 * 1024 * 1024) # 100MB
ALLOWED_CONTENT_TYPES: List[str] = Field(default=[
'image/jpeg', 'image/png', 'image/gif', 'image/webp',
'video/mp4', 'video/webm', 'video/ogg', 'video/quicktime',
'audio/mpeg', 'audio/ogg', 'audio/wav', 'audio/mp4',
'text/plain', 'application/json'
])
# Telegram
TELEGRAM_API_KEY: Optional[str] = Field(default=None, validation_alias="TELEGRAM_API_KEY", alias="TELEGRAM_API_KEY")
CLIENT_TELEGRAM_API_KEY: Optional[str] = Field(default=None, validation_alias="CLIENT_TELEGRAM_API_KEY", alias="CLIENT_TELEGRAM_API_KEY")
TELEGRAM_WEBHOOK_ENABLED: bool = Field(default=False, validation_alias="TELEGRAM_WEBHOOK_ENABLED", alias="TELEGRAM_WEBHOOK_ENABLED")
TELEGRAM_WEBHOOK_URL: Optional[str] = Field(default=None, validation_alias="TELEGRAM_WEBHOOK_URL", alias="TELEGRAM_WEBHOOK_URL")
TELEGRAM_WEBHOOK_SECRET: str = Field(default_factory=lambda: secrets.token_urlsafe(32), validation_alias="TELEGRAM_WEBHOOK_SECRET", alias="TELEGRAM_WEBHOOK_SECRET")
# TON Blockchain
TESTNET: bool = Field(default=False, validation_alias="TESTNET", alias="TESTNET")
TONCENTER_HOST: AnyHttpUrl = Field(default="https://toncenter.com/api/v2/", validation_alias="TONCENTER_HOST", alias="TONCENTER_HOST")
TONCENTER_API_KEY: Optional[str] = Field(default=None, validation_alias="TONCENTER_API_KEY", alias="TONCENTER_API_KEY")
TONCENTER_V3_HOST: AnyHttpUrl = Field(default="https://toncenter.com/api/v3/", validation_alias="TONCENTER_V3_HOST", alias="TONCENTER_V3_HOST")
MY_PLATFORM_CONTRACT: str = Field(default="EQDmWp6hbJlYUrXZKb9N88sOrTit630ZuRijfYdXEHLtheMY", validation_alias="MY_PLATFORM_CONTRACT", alias="MY_PLATFORM_CONTRACT")
MY_FUND_ADDRESS: str = Field(default="UQDarChHFMOI2On9IdHJNeEKttqepgo0AY4bG1trw8OAAwMY", validation_alias="MY_FUND_ADDRESS", alias="MY_FUND_ADDRESS")
# Logging
LOG_LEVEL: str = Field(default="INFO", pattern="^(DEBUG|INFO|WARNING|ERROR|CRITICAL)$", validation_alias="LOG_LEVEL", alias="LOG_LEVEL")
LOG_DIR: Path = Field(default=Path("logs"), validation_alias="LOG_DIR", alias="LOG_DIR")
LOG_FORMAT: str = Field(default="json", validation_alias="LOG_FORMAT", alias="LOG_FORMAT")
LOG_ROTATION: str = Field(default="1 day", validation_alias="LOG_ROTATION", alias="LOG_ROTATION")
LOG_RETENTION: str = Field(default="30 days", validation_alias="LOG_RETENTION", alias="LOG_RETENTION")
# Monitoring
METRICS_ENABLED: bool = Field(default=True, validation_alias="METRICS_ENABLED", alias="METRICS_ENABLED")
METRICS_PORT: int = Field(default=9090, ge=1000, le=65535, validation_alias="METRICS_PORT", alias="METRICS_PORT")
HEALTH_CHECK_ENABLED: bool = Field(default=True, validation_alias="HEALTH_CHECK_ENABLED", alias="HEALTH_CHECK_ENABLED")
# --- Legacy/compose compatibility fields (env-driven) ---
# Node identity/config
NODE_ID: Optional[str] = Field(default=None, validation_alias="NODE_ID", alias="NODE_ID")
NODE_TYPE: Optional[str] = Field(default=None, validation_alias="NODE_TYPE", alias="NODE_TYPE")
NODE_VERSION: Optional[str] = Field(default=None, validation_alias="NODE_VERSION", alias="NODE_VERSION")
NETWORK_MODE: Optional[str] = Field(default=None, validation_alias="NETWORK_MODE", alias="NETWORK_MODE")
ALLOW_INCOMING_CONNECTIONS: Optional[bool] = Field(default=None, validation_alias="ALLOW_INCOMING_CONNECTIONS", alias="ALLOW_INCOMING_CONNECTIONS")
# Uvicorn compatibility (compose overrides)
UVICORN_HOST: Optional[str] = Field(default=None, validation_alias="UVICORN_HOST", alias="UVICORN_HOST")
UVICORN_PORT: Optional[int] = Field(default=None, validation_alias="UVICORN_PORT", alias="UVICORN_PORT")
# Docker socket path for converters
DOCKER_SOCK_PATH: Optional[str] = Field(default=None, validation_alias="DOCKER_SOCK_PATH", alias="DOCKER_SOCK_PATH")
# Keys and crypto paths
NODE_PRIVATE_KEY_PATH: Optional[Path] = Field(default=None, validation_alias="NODE_PRIVATE_KEY_PATH", alias="NODE_PRIVATE_KEY_PATH")
NODE_PUBLIC_KEY_PATH: Optional[Path] = Field(default=None, validation_alias="NODE_PUBLIC_KEY_PATH", alias="NODE_PUBLIC_KEY_PATH")
NODE_PUBLIC_KEY_HEX: Optional[str] = Field(default=None, validation_alias="NODE_PUBLIC_KEY_HEX", alias="NODE_PUBLIC_KEY_HEX")
# Bootstrap/runtime tuning
BOOTSTRAP_CONFIG: Optional[str] = Field(default=None, validation_alias="BOOTSTRAP_CONFIG", alias="BOOTSTRAP_CONFIG")
MAX_PEER_CONNECTIONS: Optional[int] = Field(default=None, validation_alias="MAX_PEER_CONNECTIONS", alias="MAX_PEER_CONNECTIONS")
SYNC_INTERVAL: Optional[int] = Field(default=None, validation_alias="SYNC_INTERVAL", alias="SYNC_INTERVAL")
CONVERT_MAX_PARALLEL: Optional[int] = Field(default=None, validation_alias="CONVERT_MAX_PARALLEL", alias="CONVERT_MAX_PARALLEL")
CONVERT_TIMEOUT: Optional[int] = Field(default=None, validation_alias="CONVERT_TIMEOUT", alias="CONVERT_TIMEOUT")
# --- Legacy/compose compatibility fields (env-driven) ---
# Postgres (used by legacy compose; DATABASE_URL remains the primary DSN)
postgres_db: Optional[str] = Field(default=None, validation_alias="POSTGRES_DB", alias="POSTGRES_DB")
postgres_user: Optional[str] = Field(default=None, validation_alias="POSTGRES_USER", alias="POSTGRES_USER")
postgres_password: Optional[str] = Field(default=None, validation_alias="POSTGRES_PASSWORD", alias="POSTGRES_PASSWORD")
# Node identity/config
node_id: Optional[str] = Field(default=None, validation_alias="NODE_ID", alias="NODE_ID")
node_type: Optional[str] = Field(default=None, validation_alias="NODE_TYPE", alias="NODE_TYPE")
node_version: Optional[str] = Field(default=None, validation_alias="NODE_VERSION", alias="NODE_VERSION")
network_mode: Optional[str] = Field(default=None, validation_alias="NETWORK_MODE", alias="NETWORK_MODE")
allow_incoming_connections: Optional[bool] = Field(default=None, validation_alias="ALLOW_INCOMING_CONNECTIONS", alias="ALLOW_INCOMING_CONNECTIONS")
# Uvicorn compatibility (compose overrides)
uvicorn_host: Optional[str] = Field(default=None, validation_alias="UVICORN_HOST", alias="UVICORN_HOST")
uvicorn_port: Optional[int] = Field(default=None, validation_alias="UVICORN_PORT", alias="UVICORN_PORT")
# Docker socket path for converters
docker_sock_path: Optional[str] = Field(default=None, validation_alias="DOCKER_SOCK_PATH", alias="DOCKER_SOCK_PATH")
# Keys and crypto paths
node_private_key_path: Optional[Path] = Field(default=None, validation_alias="NODE_PRIVATE_KEY_PATH", alias="NODE_PRIVATE_KEY_PATH")
node_public_key_path: Optional[Path] = Field(default=None, validation_alias="NODE_PUBLIC_KEY_PATH", alias="NODE_PUBLIC_KEY_PATH")
node_public_key_hex: Optional[str] = Field(default=None, validation_alias="NODE_PUBLIC_KEY_HEX", alias="NODE_PUBLIC_KEY_HEX")
# Bootstrap/runtime tuning
bootstrap_config: Optional[str] = Field(default=None, validation_alias="BOOTSTRAP_CONFIG", alias="BOOTSTRAP_CONFIG")
max_peer_connections: Optional[int] = Field(default=None, validation_alias="MAX_PEER_CONNECTIONS", alias="MAX_PEER_CONNECTIONS")
sync_interval: Optional[int] = Field(default=None, validation_alias="SYNC_INTERVAL", alias="SYNC_INTERVAL")
convert_max_parallel: Optional[int] = Field(default=None, validation_alias="CONVERT_MAX_PARALLEL", alias="CONVERT_MAX_PARALLEL")
convert_timeout: Optional[int] = Field(default=None, validation_alias="CONVERT_TIMEOUT", alias="CONVERT_TIMEOUT")
# Background Services
INDEXER_ENABLED: bool = Field(default=True, validation_alias="INDEXER_ENABLED", alias="INDEXER_ENABLED")
INDEXER_INTERVAL: int = Field(default=5, ge=1, le=3600, validation_alias="INDEXER_INTERVAL", alias="INDEXER_INTERVAL")
TON_DAEMON_ENABLED: bool = Field(default=True, validation_alias="TON_DAEMON_ENABLED", alias="TON_DAEMON_ENABLED")
TON_DAEMON_INTERVAL: int = Field(default=3, ge=1, le=3600, validation_alias="TON_DAEMON_INTERVAL", alias="TON_DAEMON_INTERVAL")
LICENSE_SERVICE_ENABLED: bool = Field(default=True, validation_alias="LICENSE_SERVICE_ENABLED", alias="LICENSE_SERVICE_ENABLED")
LICENSE_SERVICE_INTERVAL: int = Field(default=10, ge=1, le=3600, validation_alias="LICENSE_SERVICE_INTERVAL", alias="LICENSE_SERVICE_INTERVAL")
CONVERT_SERVICE_ENABLED: bool = Field(default=True, validation_alias="CONVERT_SERVICE_ENABLED", alias="CONVERT_SERVICE_ENABLED")
CONVERT_SERVICE_INTERVAL: int = Field(default=30, ge=1, le=3600, validation_alias="CONVERT_SERVICE_INTERVAL", alias="CONVERT_SERVICE_INTERVAL")
# Web App URLs
WEB_APP_URLS: Dict[str, str] = Field(default={
'uploadContent': "https://web2-client.vercel.app/uploadContent"
}, validation_alias="WEB_APP_URLS", alias="WEB_APP_URLS")
# Maintenance
MAINTENANCE_MODE: bool = Field(default=False, validation_alias="MAINTENANCE_MODE", alias="MAINTENANCE_MODE")
MAINTENANCE_MESSAGE: str = Field(default="System is under maintenance", validation_alias="MAINTENANCE_MESSAGE", alias="MAINTENANCE_MESSAGE")
# Development
MOCK_EXTERNAL_SERVICES: bool = Field(default=False, validation_alias="MOCK_EXTERNAL_SERVICES", alias="MOCK_EXTERNAL_SERVICES")
DISABLE_WEBHOOKS: bool = Field(default=False, validation_alias="DISABLE_WEBHOOKS", alias="DISABLE_WEBHOOKS")
@validator('UPLOADS_DIR')
def create_uploads_dir(cls, v):
"""Create uploads directory if it doesn't exist and is writable"""
try:
if not v.exists():
v.mkdir(parents=True, exist_ok=True)
except (OSError, PermissionError) as e:
# Handle read-only filesystem or permission errors
logger.warning(f"Cannot create uploads directory {v}: {e}")
# Use current directory as fallback
fallback = Path("./data")
try:
fallback.mkdir(parents=True, exist_ok=True)
return fallback
except Exception:
# Last fallback - current directory
return Path(".")
return v
@validator('LOG_DIR')
def create_log_dir(cls, v):
"""Create log directory if it doesn't exist and is writable"""
try:
if not v.exists():
v.mkdir(parents=True, exist_ok=True)
except (OSError, PermissionError) as e:
# Handle read-only filesystem or permission errors
logger.warning(f"Cannot create log directory {v}: {e}")
# Use current directory as fallback
fallback = Path("./logs")
try:
fallback.mkdir(parents=True, exist_ok=True)
return fallback
except Exception:
# Last fallback - current directory
return Path(".")
return v
@validator('DATABASE_URL', pre=True, always=True)
def build_database_url_from_parts(cls, v, values):
"""If DATABASE_URL is default and POSTGRES_* are provided, build DSN from parts."""
try:
default_mark = "user:password@localhost:5432/uploader_bot"
if (not v) or default_mark in str(v):
db = values.get('POSTGRES_DB') or os.getenv('POSTGRES_DB')
user = values.get('POSTGRES_USER') or os.getenv('POSTGRES_USER')
pwd = values.get('POSTGRES_PASSWORD') or os.getenv('POSTGRES_PASSWORD')
if db and user and pwd:
return f"postgresql+asyncpg://{user}:{pwd}@postgres:5432/{db}"
except Exception:
pass
return v
@validator('DATABASE_URL')
def validate_database_url(cls, v):
"""Validate database URL format - allow SQLite for testing"""
v_str = str(v)
if not (v_str.startswith('postgresql+asyncpg://') or v_str.startswith('sqlite+aiosqlite://')):
logger.warning(f"Using non-standard database URL: {v_str}")
return v
@validator('TELEGRAM_API_KEY', 'CLIENT_TELEGRAM_API_KEY')
def validate_telegram_keys(cls, v):
"""
Validate Telegram bot tokens format if provided.
Empty/None values are allowed to run the app without Telegram bots.
"""
if v in (None, "", " "):
return None
v = v.strip()
# Allow common dev-pattern tokens
if v.startswith('1234567890:'):
return v
parts = v.split(':')
if len(parts) != 2 or not parts[0].isdigit() or len(parts[1]) != 35:
raise ValueError('Invalid Telegram bot token format')
return v
@validator('SECRET_KEY', 'JWT_SECRET_KEY')
def validate_secret_keys(cls, v):
"""Validate secret keys length"""
if len(v) < 32:
raise ValueError('Secret keys must be at least 32 characters long')
return v
model_config = {
"env_file": ".env",
"case_sensitive": True,
"validate_assignment": True,
"extra": "allow" # Allow extra fields from environment
}
class SecurityConfig:
"""Security-related configurations"""
# CORS settings
CORS_ORIGINS = [
"https://web2-client.vercel.app",
"https://t.me",
"https://web.telegram.org"
]
# Content Security Policy
CSP_DIRECTIVES = {
'default-src': ["'self'"],
'script-src': ["'self'", "'unsafe-inline'", "https://cdn.jsdelivr.net"],
'style-src': ["'self'", "'unsafe-inline'", "https://cdn.jsdelivr.net"],
'img-src': ["'self'", "data:", "https:"],
'connect-src': ["'self'", "https://api.telegram.org"],
'frame-ancestors': ["'none'"],
'form-action': ["'self'"],
'base-uri': ["'self'"]
}
# Request size limits
MAX_REQUEST_SIZE = 100 * 1024 * 1024 # 100MB
MAX_JSON_SIZE = 10 * 1024 * 1024 # 10MB
# Session settings
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
SESSION_COOKIE_SAMESITE = "Strict"
# Rate limiting patterns
RATE_LIMIT_PATTERNS = {
"auth": {"requests": 5, "window": 300}, # 5 requests per 5 minutes
"upload": {"requests": 10, "window": 3600}, # 10 uploads per hour
"api": {"requests": 100, "window": 60}, # 100 API calls per minute
"heavy": {"requests": 1, "window": 60} # 1 heavy operation per minute
}
# Create settings instance
settings = Settings()
# Expose commonly used settings
DATABASE_URL = str(settings.DATABASE_URL)
REDIS_URL = str(settings.REDIS_URL)
DATABASE_POOL_SIZE = settings.DATABASE_POOL_SIZE
DATABASE_MAX_OVERFLOW = settings.DATABASE_MAX_OVERFLOW
REDIS_POOL_SIZE = settings.REDIS_POOL_SIZE
TELEGRAM_API_KEY = settings.TELEGRAM_API_KEY or ""
CLIENT_TELEGRAM_API_KEY = settings.CLIENT_TELEGRAM_API_KEY or ""
PROJECT_HOST = str(settings.PROJECT_HOST)
SANIC_PORT = settings.SANIC_PORT
UPLOADS_DIR = settings.UPLOADS_DIR
ALLOWED_CONTENT_TYPES = settings.ALLOWED_CONTENT_TYPES
TESTNET = settings.TESTNET
TONCENTER_HOST = str(settings.TONCENTER_HOST)
TONCENTER_API_KEY = settings.TONCENTER_API_KEY
TONCENTER_V3_HOST = str(settings.TONCENTER_V3_HOST)
MY_PLATFORM_CONTRACT = settings.MY_PLATFORM_CONTRACT
MY_FUND_ADDRESS = settings.MY_FUND_ADDRESS
LOG_LEVEL = settings.LOG_LEVEL
LOG_DIR = settings.LOG_DIR
MAINTENANCE_MODE = settings.MAINTENANCE_MODE
# Cache keys patterns
CACHE_KEYS = {
"user_session": "user:session:{user_id}",
"user_data": "user:data:{user_id}",
"content_metadata": "content:meta:{content_id}",
"rate_limit": "rate_limit:{pattern}:{identifier}",
"blockchain_task": "blockchain:task:{task_id}",
"temp_upload": "upload:temp:{upload_id}",
"wallet_connection": "wallet:conn:{wallet_address}",
"ton_price": "ton:price:usd",
"system_status": "system:status:{service}",
}
# Log current configuration (without secrets)
def log_config():
"""Log current configuration without sensitive data"""
safe_config = {
"project_name": settings.PROJECT_NAME,
"project_version": settings.PROJECT_VERSION,
"debug": settings.DEBUG,
"sanic_port": settings.SANIC_PORT,
"testnet": settings.TESTNET,
"maintenance_mode": settings.MAINTENANCE_MODE,
"metrics_enabled": settings.METRICS_ENABLED,
"uploads_dir": str(settings.UPLOADS_DIR),
"log_level": settings.LOG_LEVEL,
}
logger.info("Configuration loaded", **safe_config)
# Initialize logging configuration
log_config()
# Функция для получения настроек (для совместимости с остальным кодом)
def get_settings() -> Settings:
"""
Получить экземпляр настроек приложения.
Returns:
Settings: Конфигурация приложения
"""
return settings

286
app/core/config_compatible.py Normal file
View File

@ -0,0 +1,286 @@
"""Compatible configuration management with MariaDB and Redis support."""
import os
from functools import lru_cache
from typing import Optional, Dict, Any
from pydantic_settings import BaseSettings
from pydantic import Field, validator
class Settings(BaseSettings):
"""Application settings with backward compatibility."""
# Application settings
app_name: str = Field(default="My Uploader Bot", env="APP_NAME")
debug: bool = Field(default=False, env="DEBUG")
environment: str = Field(default="production", env="ENVIRONMENT")
node_env: str = Field(default="production", env="NODE_ENV")
host: str = Field(default="0.0.0.0", env="HOST")
port: int = Field(default=15100, env="PORT")
# API settings
api_host: str = Field(default="0.0.0.0", env="API_HOST")
api_port: int = Field(default=15100, env="API_PORT")
api_workers: int = Field(default=1, env="API_WORKERS")
# Security settings
secret_key: str = Field(env="SECRET_KEY", default="your-secret-key-change-this")
jwt_secret_key: str = Field(env="JWT_SECRET_KEY", default="jwt-secret-change-this")
jwt_secret: str = Field(env="JWT_SECRET", default="jwt-secret-change-this")
encryption_key: str = Field(env="ENCRYPTION_KEY", default="encryption-key-change-this")
jwt_algorithm: str = Field(default="HS256", env="JWT_ALGORITHM")
jwt_expire_minutes: int = Field(default=30, env="JWT_EXPIRE_MINUTES")
# MariaDB/MySQL settings (preserving existing configuration)
mysql_host: str = Field(default="maria_db", env="MYSQL_HOST")
mysql_port: int = Field(default=3306, env="MYSQL_PORT")
mysql_user: str = Field(default="myuploader", env="MYSQL_USER")
mysql_password: str = Field(default="password", env="MYSQL_PASSWORD")
mysql_database: str = Field(default="myuploader", env="MYSQL_DATABASE")
mysql_root_password: str = Field(default="password", env="MYSQL_ROOT_PASSWORD")
# Database pool settings
database_pool_size: int = Field(default=20, env="DATABASE_POOL_SIZE")
database_max_overflow: int = Field(default=30, env="DATABASE_MAX_OVERFLOW")
database_pool_timeout: int = Field(default=30, env="DATABASE_POOL_TIMEOUT")
database_pool_recycle: int = Field(default=3600, env="DATABASE_POOL_RECYCLE")
# Optional new database URL (for future migration)
database_url: Optional[str] = Field(default=None, env="DATABASE_URL")
# Redis settings (new addition)
redis_enabled: bool = Field(default=True, env="REDIS_ENABLED")
redis_url: str = Field(default="redis://localhost:6379/0", env="REDIS_URL")
redis_host: str = Field(default="redis", env="REDIS_HOST")
redis_port: int = Field(default=6379, env="REDIS_PORT")
redis_password: Optional[str] = Field(default=None, env="REDIS_PASSWORD")
redis_db: int = Field(default=0, env="REDIS_DB")
redis_max_connections: int = Field(default=50, env="REDIS_MAX_CONNECTIONS")
redis_socket_timeout: int = Field(default=30, env="REDIS_SOCKET_TIMEOUT")
redis_socket_connect_timeout: int = Field(default=30, env="REDIS_SOCKET_CONNECT_TIMEOUT")
# Cache settings
cache_enabled: bool = Field(default=True, env="CACHE_ENABLED")
cache_default_ttl: int = Field(default=300, env="CACHE_DEFAULT_TTL") # 5 minutes
cache_user_ttl: int = Field(default=600, env="CACHE_USER_TTL") # 10 minutes
cache_content_ttl: int = Field(default=1800, env="CACHE_CONTENT_TTL") # 30 minutes
# Storage settings (preserving existing paths)
storage_path: str = Field(default="/Storage/storedContent", env="STORAGE_PATH")
logs_path: str = Field(default="/Storage/logs", env="LOGS_PATH")
sql_storage_path: str = Field(default="/Storage/sqlStorage", env="SQL_STORAGE_PATH")
# File upload settings
max_file_size: int = Field(default=100 * 1024 * 1024, env="MAX_FILE_SIZE") # 100MB
max_upload_size: str = Field(default="100MB", env="MAX_UPLOAD_SIZE")
upload_path: str = Field(default="./data/uploads", env="UPLOAD_PATH")
allowed_extensions: str = Field(default=".jpg,.jpeg,.png,.gif,.pdf,.doc,.docx,.txt", env="ALLOWED_EXTENSIONS")
# Rate limiting
rate_limit_enabled: bool = Field(default=True, env="RATE_LIMIT_ENABLED")
rate_limit_requests: int = Field(default=100, env="RATE_LIMIT_REQUESTS")
rate_limit_window: int = Field(default=3600, env="RATE_LIMIT_WINDOW") # 1 hour
# TON Blockchain settings (preserving existing)
ton_network: str = Field(default="mainnet", env="TON_NETWORK")
ton_api_key: Optional[str] = Field(default=None, env="TON_API_KEY")
ton_wallet_address: Optional[str] = Field(default=None, env="TON_WALLET_ADDRESS")
# Telegram Bot settings
telegram_api_key: Optional[str] = Field(default=None, env="TELEGRAM_API_KEY")
client_telegram_api_key: Optional[str] = Field(default=None, env="CLIENT_TELEGRAM_API_KEY")
telegram_webhook_enabled: bool = Field(default=False, env="TELEGRAM_WEBHOOK_ENABLED")
# MY Network settings
my_network_node_id: str = Field(default="local-node", env="MY_NETWORK_NODE_ID")
my_network_port: int = Field(default=15100, env="MY_NETWORK_PORT")
my_network_host: str = Field(default="0.0.0.0", env="MY_NETWORK_HOST")
my_network_domain: str = Field(default="localhost", env="MY_NETWORK_DOMAIN")
my_network_ssl_enabled: bool = Field(default=False, env="MY_NETWORK_SSL_ENABLED")
my_network_bootstrap_nodes: str = Field(default="", env="MY_NETWORK_BOOTSTRAP_NODES")
# License settings
license_check_enabled: bool = Field(default=True, env="LICENSE_CHECK_ENABLED")
license_server_url: Optional[str] = Field(default=None, env="LICENSE_SERVER_URL")
# Indexer settings
indexer_enabled: bool = Field(default=True, env="INDEXER_ENABLED")
indexer_interval: int = Field(default=300, env="INDEXER_INTERVAL") # 5 minutes
# Convert process settings
convert_enabled: bool = Field(default=True, env="CONVERT_ENABLED")
convert_queue_size: int = Field(default=10, env="CONVERT_QUEUE_SIZE")
# Logging settings
log_level: str = Field(default="INFO", env="LOG_LEVEL")
log_format: str = Field(default="json", env="LOG_FORMAT")
log_file: str = Field(default="./logs/app.log", env="LOG_FILE")
log_file_enabled: bool = Field(default=True, env="LOG_FILE_ENABLED")
log_file_max_size: int = Field(default=10 * 1024 * 1024, env="LOG_FILE_MAX_SIZE") # 10MB
log_file_backup_count: int = Field(default=5, env="LOG_FILE_BACKUP_COUNT")
# Maintenance
maintenance_mode: bool = Field(default=False, env="MAINTENANCE_MODE")
# API settings
api_title: str = Field(default="My Uploader Bot API", env="API_TITLE")
api_version: str = Field(default="1.0.0", env="API_VERSION")
api_description: str = Field(default="File upload and management API", env="API_DESCRIPTION")
cors_enabled: bool = Field(default=True, env="CORS_ENABLED")
cors_origins: str = Field(default="*", env="CORS_ORIGINS")
# Health check settings
health_check_enabled: bool = Field(default=True, env="HEALTH_CHECK_ENABLED")
health_check_interval: int = Field(default=60, env="HEALTH_CHECK_INTERVAL")
# Metrics settings
metrics_enabled: bool = Field(default=True, env="METRICS_ENABLED")
metrics_endpoint: str = Field(default="/metrics", env="METRICS_ENDPOINT")
@validator("allowed_extensions")
def validate_extensions(cls, v):
"""Validate and normalize file extensions."""
if isinstance(v, str):
return [ext.strip().lower() for ext in v.split(",") if ext.strip()]
return v
@validator("cors_origins")
def validate_cors_origins(cls, v):
"""Validate and normalize CORS origins."""
if isinstance(v, str) and v != "*":
return [origin.strip() for origin in v.split(",") if origin.strip()]
return v
@validator("log_level")
def validate_log_level(cls, v):
"""Validate log level."""
valid_levels = ["DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"]
if v.upper() not in valid_levels:
raise ValueError(f"Log level must be one of: {valid_levels}")
return v.upper()
def get_database_url(self) -> str:
"""Get complete database URL."""
if self.database_url:
return self.database_url
return f"mysql+aiomysql://{self.mysql_user}:{self.mysql_password}@{self.mysql_host}:{self.mysql_port}/{self.mysql_database}"
def get_redis_url(self) -> str:
"""Get complete Redis URL."""
if self.redis_password:
return f"redis://:{self.redis_password}@{self.redis_host}:{self.redis_port}/{self.redis_db}"
return f"redis://{self.redis_host}:{self.redis_port}/{self.redis_db}"
def get_allowed_extensions_set(self) -> set:
"""Get allowed extensions as a set."""
if isinstance(self.allowed_extensions, list):
return set(self.allowed_extensions)
return set(ext.strip().lower() for ext in self.allowed_extensions.split(",") if ext.strip())
def get_cors_origins_list(self) -> list:
"""Get CORS origins as a list."""
if self.cors_origins == "*":
return ["*"]
if isinstance(self.cors_origins, list):
return self.cors_origins
return [origin.strip() for origin in self.cors_origins.split(",") if origin.strip()]
def is_development(self) -> bool:
"""Check if running in development mode."""
return self.environment.lower() in ["development", "dev", "local"]
def is_production(self) -> bool:
"""Check if running in production mode."""
return self.environment.lower() in ["production", "prod"]
def get_cache_config(self) -> Dict[str, Any]:
"""Get cache configuration dictionary."""
return {
"enabled": self.cache_enabled and self.redis_enabled,
"default_ttl": self.cache_default_ttl,
"user_ttl": self.cache_user_ttl,
"content_ttl": self.cache_content_ttl,
"redis_url": self.get_redis_url(),
"max_connections": self.redis_max_connections,
}
def get_database_config(self) -> Dict[str, Any]:
"""Get database configuration dictionary."""
return {
"url": self.get_database_url(),
"pool_size": self.database_pool_size,
"max_overflow": self.database_max_overflow,
"pool_timeout": self.database_pool_timeout,
"pool_recycle": self.database_pool_recycle,
}
class Config:
env_file = ".env"
env_file_encoding = "utf-8"
case_sensitive = False
@lru_cache()
def get_settings() -> Settings:
"""Get cached settings instance."""
return Settings()
# Backward compatibility functions
def get_mysql_config() -> Dict[str, Any]:
"""Get MySQL configuration for backward compatibility."""
settings = get_settings()
return {
"host": settings.mysql_host,
"port": settings.mysql_port,
"user": settings.mysql_user,
"password": settings.mysql_password,
"database": settings.mysql_database,
}
def get_storage_config() -> Dict[str, str]:
"""Get storage configuration for backward compatibility."""
settings = get_settings()
return {
"storage_path": settings.storage_path,
"logs_path": settings.logs_path,
"sql_storage_path": settings.sql_storage_path,
}
def get_redis_config() -> Dict[str, Any]:
"""Get Redis configuration."""
settings = get_settings()
return {
"enabled": settings.redis_enabled,
"host": settings.redis_host,
"port": settings.redis_port,
"password": settings.redis_password,
"db": settings.redis_db,
"max_connections": settings.redis_max_connections,
"socket_timeout": settings.redis_socket_timeout,
"socket_connect_timeout": settings.redis_socket_connect_timeout,
}
# Environment variables validation
def validate_environment():
"""Validate required environment variables."""
settings = get_settings()
required_vars = [
"SECRET_KEY",
"JWT_SECRET_KEY",
"MYSQL_PASSWORD",
]
missing_vars = []
for var in required_vars:
if not os.getenv(var):
missing_vars.append(var)
if missing_vars:
raise ValueError(f"Missing required environment variables: {', '.join(missing_vars)}")
return True

4
app/core/content/__init__.py
View File

@ -1 +1,3 @@
from app.core.content.content_id import ContentId
from app.core.content.content_id import ContentId
from app.core.content.chunk_manager import ChunkManager
from app.core.content.sync_manager import ContentSyncManager

233
app/core/content/chunk_manager.py Normal file
View File

@ -0,0 +1,233 @@
from __future__ import annotations
import asyncio
import base64
import logging
import math
from dataclasses import asdict
from hashlib import sha256
from typing import List, Iterable, Optional, Dict, Any, Tuple
from app.core.crypto.content_cipher import ContentCipher
from app.core.crypto import get_ed25519_manager
from app.core.models.content.chunk import ContentChunk
logger = logging.getLogger(__name__)
class ChunkManager:
"""
Управление разбиением контента на чанки и обратной сборкой.
Требования:
- Размер чанка: 8 MiB
- SHA-256 хэш каждого чанка (hex) для дедупликации
- Подпись каждого чанка Ed25519
- Интеграция с ContentCipher для шифрования/дешифрования чанков
"""
CHUNK_SIZE = 8 * 1024 * 1024 # 8 MiB
def __init__(self, cipher: Optional[ContentCipher] = None):
self.cipher = cipher or ContentCipher()
logger.debug("ChunkManager initialized with CHUNK_SIZE=%d", self.CHUNK_SIZE)
@staticmethod
def calculate_chunk_hash(data: bytes) -> str:
"""
Рассчитать SHA-256 хэш сырого буфера.
"""
h = sha256(data).hexdigest()
logger.debug("Calculated chunk SHA-256: %s", h)
return h
def _sign_chunk_payload(self, payload: Dict[str, Any]) -> Optional[str]:
"""
Подписать словарь Ed25519 через глобальный менеджер.
Возвращает base64-подпись либо None при ошибке (логируем).
"""
try:
crypto_mgr = get_ed25519_manager()
signature = crypto_mgr.sign_message(payload)
return signature
except Exception as e:
logger.error("Failed to sign chunk payload: %s", e)
return None
def split_content(
self,
content_id: str,
plaintext: bytes,
content_key: bytes,
metadata: Optional[Dict[str, Any]] = None,
associated_data: Optional[bytes] = None,
) -> List[ContentChunk]:
"""
Разбить исходный контент на зашифрованные и подписанные чанки.
Алгоритм:
1) Читаем кусками по CHUNK_SIZE
2) Шифруем каждый кусок через ContentCipher.encrypt_content (AES-256-GCM)
3) Формируем chunk_id как HEX(SHA-256(content_id || chunk_index || chunk_hash))
4) Подписываем полезную нагрузку чанка (без поля signature)
5) Возвращаем список ContentChunk
"""
assert isinstance(plaintext, (bytes, bytearray)), "plaintext must be bytes"
assert isinstance(content_key, (bytes, bytearray)) and len(content_key) == self.cipher.KEY_SIZE, \
"content_key must be 32 bytes"
total_size = len(plaintext)
chunks_count = math.ceil(total_size / self.CHUNK_SIZE) if total_size else 1
logger.info(
"Splitting content_id=%s into chunks: total_size=%d, chunk_size=%d, chunks=%d",
content_id, total_size, self.CHUNK_SIZE, chunks_count
)
result: List[ContentChunk] = []
offset = 0
index = 0
while offset < total_size or (total_size == 0 and index == 0):
part = plaintext[offset: offset + self.CHUNK_SIZE] if total_size else b""
offset += len(part)
logger.debug("Processing chunk index=%d, part_size=%d", index, len(part))
# Шифруем кусок
enc_obj = self.cipher.encrypt_content(
plaintext=part,
key=content_key,
metadata={"content_id": content_id, "chunk_index": index, **(metadata or {})},
associated_data=associated_data,
sign_with_ed25519=False, # подпишем на уровне чанка отдельно
)
# Собираем бинарные данные зашифрованного чанка (ciphertext||tag||nonce) для хэширования/дедупликации
ciphertext = base64.b64decode(enc_obj["ciphertext_b64"])
tag = base64.b64decode(enc_obj["tag_b64"])
nonce = base64.b64decode(enc_obj["nonce_b64"])
raw_encrypted_chunk = ciphertext + tag + nonce
chunk_hash = self.calculate_chunk_hash(raw_encrypted_chunk)
# Формируем chunk_id детерминированно
chunk_id = sha256(
(content_id + str(index) + chunk_hash).encode("utf-8")
).hexdigest()
payload_to_sign = {
"chunk_id": chunk_id,
"content_id": content_id,
"chunk_index": index,
"chunk_hash": chunk_hash,
"encrypted_data": base64.b64encode(raw_encrypted_chunk).decode("ascii"),
"created_at": enc_obj.get("created_at") or enc_obj.get("timestamp") or None,
}
# Удалим None, чтобы сериализация была стабильнее
payload_to_sign = {k: v for k, v in payload_to_sign.items() if v is not None}
signature = self._sign_chunk_payload(payload_to_sign)
chunk = ContentChunk(
chunk_id=payload_to_sign["chunk_id"],
content_id=payload_to_sign["content_id"],
chunk_index=payload_to_sign["chunk_index"],
chunk_hash=payload_to_sign["chunk_hash"],
encrypted_data=payload_to_sign["encrypted_data"],
signature=signature,
created_at=payload_to_sign.get("created_at") or None,
)
result.append(chunk)
logger.debug("Chunk created: index=%d, chunk_id=%s", index, chunk.chunk_id)
index += 1
logger.info("Split completed: content_id=%s, chunks=%d", content_id, len(result))
return result
def reassemble_content(
self,
chunks: Iterable[ContentChunk],
content_key: bytes,
associated_data: Optional[bytes] = None,
expected_content_id: Optional[str] = None,
) -> bytes:
"""
Сборка исходного контента из последовательности чанков.
Предполагается, что входные чанки валидированы и относятся к одинаковому content_id.
Порядок определяется по chunk_index.
"""
chunks_list = sorted(list(chunks), key=lambda c: c.chunk_index)
if not chunks_list:
logger.warning("Reassemble called with empty chunks list")
return b""
first_content_id = chunks_list[0].content_id
if expected_content_id and expected_content_id != first_content_id:
raise ValueError("content_id mismatch for reassembly")
logger.info("Reassembling content_id=%s from %d chunks", first_content_id, len(chunks_list))
assembled: List[bytes] = []
for c in chunks_list:
if c.content_id != first_content_id:
raise ValueError("mixed content_id detected during reassembly")
raw = c.encrypted_bytes()
# Разделим обратно: ciphertext||tag||nonce
if len(raw) < 16 + ContentCipher.NONCE_SIZE:
raise ValueError("invalid encrypted chunk length")
nonce = raw[-ContentCipher.NONCE_SIZE:]
tag = raw[-(ContentCipher.NONCE_SIZE + 16):-ContentCipher.NONCE_SIZE]
ciphertext = raw[:-(ContentCipher.NONCE_SIZE + 16)]
plaintext = self.cipher.decrypt_content(
ciphertext_b64=base64.b64encode(ciphertext).decode("ascii"),
nonce_b64=base64.b64encode(nonce).decode("ascii"),
tag_b64=base64.b64encode(tag).decode("ascii"),
key=content_key,
associated_data=associated_data,
)
assembled.append(plaintext)
data = b"".join(assembled)
logger.info("Reassembly completed: content_id=%s, total_size=%d", first_content_id, len(data))
return data
def verify_chunk_integrity(
self,
chunk: ContentChunk,
verify_signature: bool = True
) -> Tuple[bool, Optional[str]]:
"""
Проверка валидности чанка:
- Соответствие chunk_hash фактическим данным
- Верификация Ed25519 подписи полезной нагрузки чанка
"""
try:
raw = chunk.encrypted_bytes()
computed_hash = self.calculate_chunk_hash(raw)
if computed_hash != chunk.chunk_hash:
return False, "chunk_hash mismatch"
if verify_signature:
if not chunk.signature:
return False, "missing chunk signature"
payload = {
"chunk_id": chunk.chunk_id,
"content_id": chunk.content_id,
"chunk_index": int(chunk.chunk_index),
"chunk_hash": chunk.chunk_hash,
"encrypted_data": chunk.encrypted_data,
"created_at": chunk.created_at,
}
crypto_mgr = get_ed25519_manager()
ok = crypto_mgr.verify_signature(payload, chunk.signature, crypto_mgr.public_key_hex)
if not ok:
return False, "invalid chunk signature"
return True, None
except Exception as e:
logger.error("verify_chunk_integrity error: %s", e)
return False, str(e)

186
app/core/content/sync_manager.py Normal file
View File

@ -0,0 +1,186 @@
from __future__ import annotations
import asyncio
import logging
from typing import List, Dict, Any, Optional, Tuple
from app.core.crypto import get_ed25519_manager
from app.core.content.chunk_manager import ChunkManager
from app.core.models.content.chunk import ContentChunk
from app.core.network.node_client import NodeClient
logger = logging.getLogger(__name__)
class ContentSyncManager:
"""
Менеджер синхронизации чанков контента между нодами.
Требования:
- Batch-запросы для синхронизации между нодами
- Валидация получаемых чанков:
* SHA-256 хэш соответствия
* Ed25519 подпись полезной нагрузки чанка
"""
def __init__(self, chunk_manager: Optional[ChunkManager] = None):
self.chunk_manager = chunk_manager or ChunkManager()
async def verify_chunk_integrity(self, chunk: ContentChunk) -> Tuple[bool, Optional[str]]:
"""
Обертка над проверкой целостности чанка с дополнительными логами.
"""
ok, err = self.chunk_manager.verify_chunk_integrity(chunk)
if not ok:
logger.warning("Chunk integrity failed: chunk_id=%s reason=%s", chunk.chunk_id, err)
else:
logger.debug("Chunk integrity passed: chunk_id=%s", chunk.chunk_id)
return ok, err
async def request_chunks(
self,
target_url: str,
content_id: str,
needed_indexes: List[int],
batch_size: int = 32
) -> Dict[str, Any]:
"""
Запросить недостающие чанки у ноды пакетами.
Ожидаемый контракт эндпойнта /api/node/content/sync:
- action: "content_sync"
- data: { sync_type: "content_request", content_info: { content_id, indexes: [...]} }
Возвращает агрегированный ответ по партиям.
"""
response_summary: Dict[str, Any] = {"requested": 0, "received": 0, "chunks": [], "errors": []}
logger.info("Requesting chunks: target=%s content_id=%s total_missing=%d", target_url, content_id, len(needed_indexes))
async with NodeClient() as client:
for i in range(0, len(needed_indexes), batch_size):
batch = needed_indexes[i:i + batch_size]
try:
req = await client._create_signed_request(
action="content_sync",
data={
"sync_type": "content_request",
"content_info": {"content_id": content_id, "indexes": batch},
},
target_url=target_url,
)
logger.debug("Sending chunk request batch of %d indexes to %s", len(batch), target_url)
endpoint = f"{target_url}/api/node/content/sync"
async with client.session.post(endpoint, **req) as resp:
data = await resp.json()
if resp.status != 200:
msg = f"HTTP {resp.status}"
logger.warning("Chunk request failed: %s", msg)
response_summary["errors"].append({"batch": batch, "error": msg, "data": data})
continue
# Ожидаем, что данные приходят как JSON с полем 'chunks'
chunks_payload = data.get("data", {}).get("chunks") or data.get("chunks") or []
response_summary["requested"] += len(batch)
# Валидация полученных чанков
for ch in chunks_payload:
try:
chunk_model = ContentChunk.from_dict(ch)
ok, err = await self.verify_chunk_integrity(chunk_model)
if ok:
response_summary["chunks"].append(chunk_model.to_dict())
response_summary["received"] += 1
else:
response_summary["errors"].append({"chunk_id": chunk_model.chunk_id, "error": err})
except Exception as e:
logger.error("Failed to parse/validate received chunk: %s", e)
response_summary["errors"].append({"batch": batch, "error": str(e)})
except Exception as e:
logger.error("request_chunks batch error: %s", e)
response_summary["errors"].append({"batch": batch, "error": str(e)})
logger.info(
"Request chunks done: content_id=%s requested=%d received=%d errors=%d",
content_id, response_summary["requested"], response_summary["received"], len(response_summary["errors"])
)
return response_summary
async def provide_chunks(
self,
content_id: str,
indexes: List[int],
storage_reader, # callable: (content_id, index) -> Optional[ContentChunk]
batch_limit: int = 128
) -> Dict[str, Any]:
"""
Подготовить пакет чанков к ответу на запрос другой ноды.
storage_reader: функция/корутина, возвращающая ContentChunk или None по (content_id, index).
Возвращает словарь для отправки в ответе API.
"""
provided: List[Dict[str, Any]] = []
errors: List[Dict[str, Any]] = []
async def _maybe_await(x):
if asyncio.iscoroutinefunction(storage_reader):
return await x
return x
for idx in indexes[:batch_limit]:
try:
res = storage_reader(content_id, idx)
if asyncio.iscoroutine(res):
res = await res
if not res:
errors.append({"index": idx, "error": "not_found"})
continue
# Перед отдачей еще раз локально проверим целостность
ok, err = await self.verify_chunk_integrity(res)
if not ok:
errors.append({"index": idx, "error": f"integrity_failed: {err}"})
continue
provided.append(res.to_dict())
except Exception as e:
logger.error("provide_chunks error: %s", e)
errors.append({"index": idx, "error": str(e)})
logger.info("Prepared %d/%d chunks for provide, errors=%d", len(provided), len(indexes[:batch_limit]), len(errors))
return {"chunks": provided, "errors": errors}
async def sync_content(
self,
target_nodes: List[str],
content_id: str,
have_indexes: List[int],
total_chunks: int
) -> Dict[str, Any]:
"""
Высокоуровневая процедура синхронизации:
- Рассчитывает недостающие индексы
- Запрашивает чанки у всех указанных нод (параллельно)
- Агрегирует результаты
"""
missing = sorted(set(range(total_chunks)) - set(have_indexes))
logger.info("Sync content start: content_id=%s total=%d have=%d missing=%d",
content_id, total_chunks, len(have_indexes), len(missing))
if not missing:
return {"success": True, "message": "nothing to sync", "downloaded": 0}
results: Dict[str, Any] = {"success": True, "downloaded": 0, "details": {}}
async def fetch_from_node(node_url: str):
try:
node_result = await self.request_chunks(node_url, content_id, missing)
results["details"][node_url] = node_result
results["downloaded"] += node_result.get("received", 0)
except Exception as e:
logger.error("sync_content: error requesting from %s: %s", node_url, e)
results["details"][node_url] = {"error": str(e)}
await asyncio.gather(*[fetch_from_node(url) for url in target_nodes])
logger.info("Sync content done: content_id=%s downloaded=%d", content_id, results["downloaded"])
return results

271
app/core/converter/conversion_manager.py Normal file
View File

@ -0,0 +1,271 @@
from __future__ import annotations
import asyncio
import base64
import logging
import os
import time
import uuid
from dataclasses import asdict
from typing import Dict, Any, Optional, List, Tuple
from app.core.converter.converter_client import ConverterClient
from app.core.crypto.content_cipher import ContentCipher
from app.core.content.chunk_manager import ChunkManager
from app.core.models.converter.conversion_models import (
ConversionTask,
ConversionResult,
ConversionStatus,
ConversionPriority,
ContentMetadata,
)
from app.core.stats.metrics_collector import MetricsCollector
logger = logging.getLogger(__name__)
class _PriorityQueue:
"""
Простая приоритетная очередь на базе asyncio.PriorityQueue.
Чем больше приоритет, тем раньше задача (инвертируем знак).
"""
def __init__(self) -> None:
self._q: asyncio.PriorityQueue[Tuple[int, str, ConversionTask]] = asyncio.PriorityQueue()
self._counter = 0 # стабилизация порядка
async def put(self, task: ConversionTask) -> None:
self._counter += 1
# Инвертируем, чтобы HIGH(90) шел раньше LOW(10)
await self._q.put((-int(task.priority), self._counter, task))
async def get(self) -> ConversionTask:
p, _, t = await self._q.get()
return t
def empty(self) -> bool:
return self._q.empty()
class ConversionManager:
"""
Управляет жизненным циклом конвертации:
- постановка в очередь (приоритет)
- запуск через ConverterClient
- post-processing: шифрование ContentCipher, чанкинг ChunkManager
- retry при ошибках
- метрики через MetricsCollector
"""
def __init__(
self,
converter_client: Optional[ConverterClient] = None,
metrics: Optional[MetricsCollector] = None,
concurrent_limit: int = 2,
) -> None:
self._client = converter_client or ConverterClient()
self._cipher = ContentCipher()
self._chunker = ChunkManager(self._cipher)
self._metrics = metrics or MetricsCollector()
self._queue = _PriorityQueue()
self._inflight: Dict[str, ConversionTask] = {}
self._results: Dict[str, ConversionResult] = {}
self._lock = asyncio.Lock()
self._sem = asyncio.Semaphore(concurrent_limit)
# -------------------- Public API --------------------
async def process_upload(
self,
local_input_path: str,
input_ext: str,
quality: str,
metadata: ContentMetadata,
priority: ConversionPriority = ConversionPriority.NORMAL,
custom: Optional[List[str]] = None,
trim: Optional[str] = None,
max_retries: int = 3,
) -> str:
"""
Точка входа из API: ставит задачу в очередь и возвращает task_id.
"""
task_id = str(uuid.uuid4())
task = ConversionTask(
task_id=task_id,
input_path=local_input_path,
input_ext=input_ext,
quality="high" if quality == "high" else "low",
trim=trim,
custom=custom or [],
priority=priority,
max_retries=max_retries,
metadata=metadata,
)
await self.queue_conversion(task)
return task_id
async def queue_conversion(self, task: ConversionTask) -> None:
logger.info("Queue conversion task_id=%s priority=%s", task.task_id, task.priority)
await self._queue.put(task)
await self._metrics.inc_requests()
async def get_conversion_status(self, task_id: str) -> ConversionStatus:
async with self._lock:
res = self._results.get(task_id)
if res:
return res.status
if task_id in self._inflight:
return ConversionStatus.RUNNING
# иначе он в очереди
return ConversionStatus.QUEUED
async def handle_conversion_result(self, task_id: str) -> Optional[ConversionResult]:
"""
Возвращает итоговый ConversionResult если уже готов.
"""
async with self._lock:
return self._results.get(task_id)
# -------------------- Worker logic --------------------
async def _run_single(self, task: ConversionTask) -> None:
"""
Полный цикл одной задачи: запуск конвертера, шифрование, чанкинг, сохранение результата.
"""
start_ts = time.time()
async with self._sem:
async with self._lock:
self._inflight[task.task_id] = task
try:
# 1) Запуск конвертера
await self._metrics.observe_latency_ms(1) # лёгкий трейс
await self._client.submit_conversion(task, task.input_path)
# 2) Ожидание завершения: опрашиваем статус, затем забираем результат
status = await self._poll_until_done(task.task_id)
conv_res = await self._client.download_result(task.task_id)
if status != ConversionStatus.SUCCESS or conv_res.status != ConversionStatus.SUCCESS:
raise RuntimeError(conv_res.error or "conversion failed")
# 3) Прочитать выходной файл и выполнить шифрование + чанкинг
output_path = conv_res.converter_output_path
if not output_path or not os.path.exists(output_path):
raise FileNotFoundError("converted output not found")
with open(output_path, "rb") as f:
converted_bytes = f.read()
# Шифрование полной сущности перед чанкингом
content_key = self._cipher.generate_content_key()
encrypted_obj = self._cipher.encrypt_content(
plaintext=converted_bytes,
key=content_key,
metadata={
"title": task.metadata.title,
"author": task.metadata.author,
"description": task.metadata.description,
"attributes": task.metadata.attributes,
"quality": task.quality,
"source_ext": task.input_ext,
},
)
content_id = encrypted_obj["content_id"]
# Для дедупликации и совместимости чанкуем уже шифротекст по архитектуре:
# Используем nonce/tag каждого чанка отдельно (ChunkManager делает encrypt_content для каждого чанка).
# Но нам нужен plaintext для разбиения на куски до шифрования? В архитектуре зашифрованные чанки требуются.
# Следуем текущей реализации ChunkManager: он сам шифрует куски.
chunks = self._chunker.split_content(
content_id=content_id,
plaintext=converted_bytes,
content_key=content_key,
metadata={
"nft_title": task.metadata.title,
"nft_author": task.metadata.author,
"quality": task.quality,
},
)
# Сериализуем чанки для отдачи через API
chunks_serialized = [asdict(c) for c in chunks]
nft_metadata = {
"name": task.metadata.title,
"description": task.metadata.description,
"author": task.metadata.author,
"attributes": task.metadata.attributes,
"tags": task.metadata.tags,
"collection": task.metadata.collection,
"external_url": None,
}
result = ConversionResult(
task_id=task.task_id,
status=ConversionStatus.SUCCESS,
converter_output_path=output_path,
logs_path=None,
content_id=content_id,
chunks=chunks_serialized,
nft_metadata=nft_metadata,
finished_at=int(time.time()),
)
async with self._lock:
self._results[task.task_id] = result
self._inflight.pop(task.task_id, None)
await self._metrics.inc_conversions()
await self._metrics.observe_latency_ms((time.time() - start_ts) * 1000.0)
logger.info("Conversion completed: task_id=%s content_id=%s chunks=%d",
task.task_id, content_id, len(chunks))
except Exception as e:
logger.exception("Conversion task %s failed: %s", task.task_id, e)
task.attempts += 1
if task.attempts <= task.max_retries:
# Retry: возвращаем задачу в очередь с тем же приоритетом (экспоненциальная пауза)
backoff = min(2 ** (task.attempts - 1), 30)
await asyncio.sleep(backoff)
await self._queue.put(task)
await self._metrics.inc_errors()
else:
fail_res = ConversionResult(
task_id=task.task_id,
status=ConversionStatus.FAILED,
error=str(e),
finished_at=int(time.time()),
)
async with self._lock:
self._results[task.task_id] = fail_res
self._inflight.pop(task.task_id, None)
await self._metrics.inc_errors()
async def _poll_until_done(self, task_id: str, interval_sec: float = 1.0, timeout_sec: float = 3600.0) -> ConversionStatus:
"""
Простой polling статуса процесса конвертера.
"""
start = time.time()
while True:
status = await self._client.get_conversion_status(task_id)
if status in (ConversionStatus.SUCCESS, ConversionStatus.FAILED, ConversionStatus.CANCELED):
return status
if time.time() - start > timeout_sec:
return ConversionStatus.FAILED
await asyncio.sleep(interval_sec)
# -------------------- Scheduler loop --------------------
async def run_scheduler(self, shutdown_event: Optional[asyncio.Event] = None) -> None:
"""
Основной цикл: достаёт из очереди и обрабатывает задачи.
"""
while True:
if shutdown_event and shutdown_event.is_set():
break
try:
task = await self._queue.get()
asyncio.create_task(self._run_single(task))
except Exception as e:
logger.error("Scheduler loop error: %s", e)
await asyncio.sleep(1.0)

214
app/core/converter/converter_client.py Normal file
View File

@ -0,0 +1,214 @@
from __future__ import annotations
import asyncio
import json
import logging
import os
import shlex
import uuid
from dataclasses import asdict
from typing import Dict, Any, Optional, Tuple, List
from app.core.models.converter.conversion_models import ConversionTask, ConversionResult, ConversionStatus
logger = logging.getLogger(__name__)
class ConverterClient:
"""
Клиент-адаптер для взаимодействия с converter-module без модификации его кода.
Предполагаемая интеграция:
- converter-module/converter/converter.py запускается как отдельный процесс (например, Docker/Podman или локальный python)
- входной файл должен быть доступен по фиксированному пути /app/input
- выход сохраняется в /app/output/output.<ext> и метаданные в /app/output/output.json
- параметры: --ext, --quality, --custom (список), --trim "start-end"
Данный клиент предоставляет унифицированный async API:
submit_conversion() -> str (task_id)
get_conversion_status(task_id) -> ConversionStatus
download_result(task_id) -> ConversionResult (локальные пути к артефактам)
Реализация по умолчанию использует локальный запуск python-процесса конвертера.
Для контейнеров можно переопределить _build_command/_prepare_io.
"""
def __init__(
self,
converter_entry: str = "converter-module/converter/converter.py",
workdir: str = "converter-module",
io_input_path: str = "/app/input",
io_output_dir: str = "/app/output",
python_bin: str = "python3",
concurrent_limit: int = 2,
) -> None:
self.converter_entry = converter_entry
self.workdir = workdir
self.io_input_path = io_input_path
self.io_output_dir = io_output_dir
self.python_bin = python_bin
self._sem = asyncio.Semaphore(concurrent_limit)
# Локальное состояние задач (простая in-memory мапа процессов)
self._tasks_proc: Dict[str, asyncio.subprocess.Process] = {}
self._tasks_info: Dict[str, Dict[str, Any]] = {} # {task_id: {local_input, local_output_dir, logs_path}}
self._tasks_status: Dict[str, ConversionStatus] = {}
self._tasks_error: Dict[str, str] = {}
os.makedirs(self.workdir, exist_ok=True)
async def submit_conversion(self, task: ConversionTask, local_input_path: str) -> str:
"""
Подготовка окружения и запуск конвертации.
local_input_path путь к исходному файлу на диске ноды uploader-bot.
"""
task_id = task.task_id or str(uuid.uuid4())
logger.info("Submitting conversion task_id=%s", task_id)
# Готовим IO: копируем/линкуем файл в ожидаемое место converter-module
local_output_dir, logs_path = await self._prepare_io(task_id, local_input_path)
# Формируем команду запуска
cmd = self._build_command(task)
logger.debug("Converter command: %s", " ".join(map(shlex.quote, cmd)))
# Старт процесса
proc = await asyncio.create_subprocess_exec(
*cmd,
cwd=self.workdir,
stdout=asyncio.subprocess.PIPE,
stderr=asyncio.subprocess.STDOUT,
)
self._tasks_proc[task_id] = proc
self._tasks_status[task_id] = ConversionStatus.RUNNING
self._tasks_info[task_id] = {
"local_input": local_input_path,
"local_output_dir": local_output_dir,
"logs_path": logs_path,
}
# Запускаем корутину логгирования и ожидания завершения
asyncio.create_task(self._stream_and_wait(task_id, proc, logs_path))
return task_id
async def get_conversion_status(self, task_id: str) -> ConversionStatus:
return self._tasks_status.get(task_id, ConversionStatus.QUEUED)
async def download_result(self, task_id: str) -> ConversionResult:
"""
Возвращает результат: путь к сгенерированному файлу и output.json.
Ничего не копирует, возвращает локальные пути внутри converter-module рабочего каталога.
"""
status = self._tasks_status.get(task_id)
if not status:
return ConversionResult(task_id=task_id, status=ConversionStatus.FAILED, error="unknown task")
info = self._tasks_info.get(task_id, {})
output_dir = info.get("local_output_dir")
logs_path = info.get("logs_path")
if status != ConversionStatus.SUCCESS:
return ConversionResult(task_id=task_id, status=status, logs_path=logs_path, error=self._tasks_error.get(task_id))
# Определяем финальный файл: ищем output.* в каталоге вывода
output_file = await self._detect_output_file(output_dir)
if not output_file:
return ConversionResult(task_id=task_id, status=ConversionStatus.FAILED, logs_path=logs_path, error="output file not found")
return ConversionResult(
task_id=task_id,
status=ConversionStatus.SUCCESS,
converter_output_path=output_file,
logs_path=logs_path,
)
# -------------------- helpers --------------------
async def _prepare_io(self, task_id: str, local_input_path: str) -> Tuple[str, str]:
"""
Подготавливает папки converter-module для запуска и логи.
Мы не можем писать в абсолютные /app/* на хосте, но converter ждёт такие пути.
Поэтому используем симлинки внутри workdir: workdir/app/input -> реальный файл.
"""
# Готовим подкаталоги
app_dir = os.path.join(self.workdir, "app")
os.makedirs(app_dir, exist_ok=True)
linked_input = os.path.join(app_dir, "input")
# Чистим старый симлинк/файл
try:
if os.path.islink(linked_input) or os.path.exists(linked_input):
os.remove(linked_input)
except Exception as e:
logger.warning("Failed to cleanup old input link: %s", e)
# Создаем симлинк на входной файл
os.symlink(os.path.abspath(local_input_path), linked_input)
output_dir = os.path.join(app_dir, "output")
os.makedirs(output_dir, exist_ok=True)
# Очистим выходы
for name in os.listdir(output_dir):
try:
os.remove(os.path.join(output_dir, name))
except Exception:
pass
logs_dir = os.path.join(self.workdir, "logs")
os.makedirs(logs_dir, exist_ok=True)
logs_path = os.path.join(logs_dir, f"{task_id}.log")
# Сопоставляем ожидаемые фиксированные пути converter'а с нашими
# Хотя converter использует /app/input и /app/output, cwd=self.workdir и наличие app/input, app/output достаточно.
return output_dir, logs_path
def _build_command(self, task: ConversionTask) -> List[str]:
cmd: List[str] = [
self.python_bin,
self.converter_entry,
"--ext", task.input_ext,
"--quality", task.quality,
]
if task.custom:
cmd += ["--custom", *task.custom]
if task.trim:
cmd += ["--trim", task.trim]
return cmd
async def _stream_and_wait(self, task_id: str, proc: asyncio.subprocess.Process, logs_path: str) -> None:
"""
Стримит логи процесса в файл и обновляет статус по завершению.
"""
try:
with open(logs_path, "a", encoding="utf-8") as lf:
if proc.stdout:
async for line in proc.stdout:
try:
text = line.decode("utf-8", errors="ignore")
except AttributeError:
text = line
lf.write(text)
lf.flush()
logger.info("[converter %s] %s", task_id, text.strip())
rc = await proc.wait()
if rc == 0:
self._tasks_status[task_id] = ConversionStatus.SUCCESS
else:
self._tasks_status[task_id] = ConversionStatus.FAILED
self._tasks_error[task_id] = f"exit_code={rc}"
except Exception as e:
logger.exception("Converter task %s failed: %s", task_id, e)
self._tasks_status[task_id] = ConversionStatus.FAILED
self._tasks_error[task_id] = str(e)
async def _detect_output_file(self, output_dir: str) -> Optional[str]:
"""
Ищет файл output.* в каталоге результата.
"""
try:
for name in os.listdir(output_dir):
if name.startswith("output."):
return os.path.join(output_dir, name)
if name.startswith("output") and "." in name:
return os.path.join(output_dir, name)
except Exception as e:
logger.error("detect_output_file error: %s", e)
return None

15
app/core/crypto/__init__.py Normal file
View File

@ -0,0 +1,15 @@
"""
MY Network v3.0 - Cryptographic Module for uploader-bot
Модуль криптографических операций для защиты inter-node коммуникаций.
"""
from .ed25519_manager import Ed25519Manager, get_ed25519_manager, init_ed25519_manager
from .content_cipher import ContentCipher # Export AES-256-GCM content cipher
__all__ = [
'Ed25519Manager',
'get_ed25519_manager',
'init_ed25519_manager',
'ContentCipher',
]

231
app/core/crypto/content_cipher.py Normal file
View File

@ -0,0 +1,231 @@
"""
MY Network v3.0 - ContentCipher (AES-256-GCM) for uploader-bot
Реализует шифрование контента с помощью AES-256-GCM и интеграцию с Ed25519Manager
для подписи зашифрованного контента и проверки целостности.
Адаптация идей из DEPRECATED:
- См. базовую AES логику ([`DEPRECATED-uploader-bot/app/core/_crypto/cipher.py`](DEPRECATED-uploader-bot/app/core/_crypto/cipher.py:1))
- См. работу с контентом ([`DEPRECATED-uploader-bot/app/core/_crypto/content.py`](DEPRECATED-uploader-bot/app/core/_crypto/content.py:1))
Отличия новой реализации:
- Используем AES-256-GCM (аутентифицированное шифрование) вместо CBC+PAD
- Формируем content_id как SHA-256 от (ciphertext || nonce || tag || metadata_json)
- Подписываем структуру EncryptedContent через Ed25519Manager
"""
from __future__ import annotations
import base64
import json
import logging
import os
from dataclasses import asdict
from hashlib import sha256
from typing import Any, Dict, Optional, Tuple
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
try:
# Импорт менеджера подписи из текущего модуля crypto
from app.core.crypto import get_ed25519_manager
except Exception:
# Ленивая инициализация без разрыва импорта (например, при статическом анализе)
get_ed25519_manager = None # type: ignore
logger = logging.getLogger(__name__)
class ContentCipher:
"""
Класс шифрования контента AES-256-GCM с интеграцией Ed25519 подписи.
Ключевая информация:
- generate_content_key() -> 32 байта (AES-256)
- encrypt_content() -> (ciphertext, nonce, tag, content_id, signature, signer_pubkey)
- decrypt_content() -> исходные данные при валидной аутентификации
- verify_content_integrity() -> проверка подписи и content_id
"""
NONCE_SIZE = 12 # Рекомендуемый размер nonce для AES-GCM
KEY_SIZE = 32 # 256-bit
def __init__(self):
# В логах не пишем чувствительные данные
logger.debug("ContentCipher initialized (AES-256-GCM)")
@staticmethod
def generate_content_key(seed: Optional[bytes] = None) -> bytes:
"""
Генерация ключа шифрования контента (32 байта).
Если передан seed (как в DEPRECATED подходе), дополнительно хэшируем SHA-256.
"""
if seed is not None:
assert isinstance(seed, (bytes, bytearray)), "seed must be bytes"
key = sha256(seed).digest()
logger.debug("Content key generated from seed via SHA-256")
return key
# Без seed — криптографически стойкая генерация
key = os.urandom(ContentCipher.KEY_SIZE)
logger.debug("Random content key generated")
return key
@staticmethod
def _compute_content_id(ciphertext: bytes, nonce: bytes, tag: bytes, metadata: Optional[Dict[str, Any]]) -> str:
"""
content_id = HEX(SHA-256(ciphertext || nonce || tag || json(metadata, sorted)))
"""
md_json = b"{}"
if metadata:
md_json = json.dumps(metadata, sort_keys=True, ensure_ascii=False).encode("utf-8")
digest = sha256(ciphertext + nonce + tag + md_json).hexdigest()
logger.debug("Computed content_id via SHA-256 over ciphertext+nonce+tag+metadata_json")
return digest
def encrypt_content(
self,
plaintext: bytes,
key: bytes,
metadata: Optional[Dict[str, Any]] = None,
associated_data: Optional[bytes] = None,
sign_with_ed25519: bool = True,
) -> Dict[str, Any]:
"""
Шифрует данные AES-256-GCM и возвращает структуру с полями:
{
ciphertext_b64, nonce_b64, tag_b64, content_id, metadata, signature, signer_pubkey
}
Примечания:
- associated_data (AAD) включается в AEAD (не шифруется, но аутентифицируется).
- signature покрывает сериализованную структуру без signature поля.
"""
assert isinstance(plaintext, (bytes, bytearray)), "plaintext must be bytes"
assert isinstance(key, (bytes, bytearray)) and len(key) == self.KEY_SIZE, "key must be 32 bytes"
aesgcm = AESGCM(key)
nonce = os.urandom(self.NONCE_SIZE)
# Шифруем: AESGCM возвращает ciphertext||tag в одном буфере
ct_with_tag = aesgcm.encrypt(nonce, plaintext, associated_data)
# Последние 16 байт — GCM tag
tag = ct_with_tag[-16:]
ciphertext = ct_with_tag[:-16]
# content_id по требованиям
content_id = self._compute_content_id(ciphertext, nonce, tag, metadata)
# Подготовка объекта для подписи
payload = {
"ciphertext_b64": base64.b64encode(ciphertext).decode("ascii"),
"nonce_b64": base64.b64encode(nonce).decode("ascii"),
"tag_b64": base64.b64encode(tag).decode("ascii"),
"content_id": content_id,
"metadata": metadata or {},
}
signature = None
signer_pubkey = None
if sign_with_ed25519 and get_ed25519_manager is not None:
try:
crypto_mgr = get_ed25519_manager()
signature = crypto_mgr.sign_message(payload)
signer_pubkey = crypto_mgr.public_key_hex
logger.debug("Encrypted payload signed with Ed25519")
except Exception as e:
# Не блокируем шифрование при проблемах подписи, но логируем
logger.error(f"Failed to sign encrypted payload: {e}")
result = {
**payload,
"signature": signature,
"signer_pubkey": signer_pubkey,
}
logger.info(f"Content encrypted: content_id={content_id}, has_signature={signature is not None}")
return result
def decrypt_content(
self,
ciphertext_b64: str,
nonce_b64: str,
tag_b64: str,
key: bytes,
associated_data: Optional[bytes] = None,
) -> bytes:
"""
Расшифровывает данные AES-256-GCM.
Бросает исключение при неверной аутентификации (tag/AAD/nonce).
"""
assert isinstance(key, (bytes, bytearray)) and len(key) == self.KEY_SIZE, "key must be 32 bytes"
ciphertext = base64.b64decode(ciphertext_b64)
nonce = base64.b64decode(nonce_b64)
tag = base64.b64decode(tag_b64)
aesgcm = AESGCM(key)
pt = aesgcm.decrypt(nonce, ciphertext + tag, associated_data)
logger.info("Content decrypted successfully")
return pt
def verify_content_integrity(
self,
encrypted_obj: Dict[str, Any],
expected_metadata: Optional[Dict[str, Any]] = None,
verify_signature: bool = True,
) -> Tuple[bool, Optional[str]]:
"""
Проверяет:
- content_id соответствует данным (ciphertext/nonce/tag/metadata)
- при наличии verify_signature и signature/signer_pubkey валидность подписи
Возвращает: (OK, error_message)
"""
try:
# Сначала проверим content_id
ciphertext_b64 = encrypted_obj.get("ciphertext_b64")
nonce_b64 = encrypted_obj.get("nonce_b64")
tag_b64 = encrypted_obj.get("tag_b64")
metadata = encrypted_obj.get("metadata") or {}
if expected_metadata is not None and expected_metadata != metadata:
return False, "Metadata mismatch"
if not (ciphertext_b64 and nonce_b64 and tag_b64):
return False, "Missing encrypted fields"
ciphertext = base64.b64decode(ciphertext_b64)
nonce = base64.b64decode(nonce_b64)
tag = base64.b64decode(tag_b64)
computed_id = self._compute_content_id(ciphertext, nonce, tag, metadata)
if computed_id != encrypted_obj.get("content_id"):
return False, "content_id mismatch"
# Далее проверим подпись при необходимости
if verify_signature:
signature = encrypted_obj.get("signature")
signer_pubkey = encrypted_obj.get("signer_pubkey")
if signature and signer_pubkey and get_ed25519_manager is not None:
# Важно: подписывалась структура без полей signature/signер_pubkey
payload = {
"ciphertext_b64": ciphertext_b64,
"nonce_b64": nonce_b64,
"tag_b64": tag_b64,
"content_id": computed_id,
"metadata": metadata,
}
try:
crypto_mgr = get_ed25519_manager()
if not crypto_mgr.verify_signature(payload, signature, signer_pubkey):
return False, "Invalid signature"
except Exception as e:
logger.error(f"Signature verification error: {e}")
return False, "Signature verification error"
else:
logger.debug("No signature provided for integrity verification")
logger.info("Integrity verification passed")
return True, None
except Exception as e:
logger.error(f"Integrity verification failed: {e}")
return False, str(e)

362
app/core/crypto/ed25519_manager.py Normal file
View File

@ -0,0 +1,362 @@
"""
MY Network v3.0 - Ed25519 Cryptographic Manager for uploader-bot
Модуль для работы с ed25519 ключами и подписями.
Все inter-node сообщения должны быть подписаны и проверены.
"""
import os
import base64
import json
import hashlib
from typing import Dict, Any, Optional, Tuple
from pathlib import Path
import logging
import time
try:
import ed25519
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import ed25519 as crypto_ed25519
CRYPTO_AVAILABLE = True
except ImportError as e:
logging.warning(f"Cryptographic libraries not found, using mock for testing: {e}")
CRYPTO_AVAILABLE = False
# Create mock classes for testing
class MockEd25519PrivateKey:
def sign(self, data): return b"mock_signature_64_bytes_long_for_testing_purposes_only_not_real"
def public_key(self): return MockEd25519PublicKey()
class MockEd25519PublicKey:
def verify(self, signature, data): pass # Always succeeds in mock
def public_bytes(self, encoding=None, format=None): return b"mock_public_key_32_bytes_for_testing"
@classmethod
def from_public_bytes(cls, data): return cls()
class MockSerialization:
class Encoding:
Raw = "raw"
class PublicFormat:
Raw = "raw"
@staticmethod
def load_pem_private_key(data, password=None): return MockEd25519PrivateKey()
serialization = MockSerialization()
crypto_ed25519 = type('MockEd25519', (), {'Ed25519PublicKey': MockEd25519PublicKey})()
logger = logging.getLogger(__name__)
class Ed25519Manager:
"""Менеджер для ed25519 криптографических операций в uploader-bot"""
def __init__(self, private_key_path: Optional[str] = None, public_key_path: Optional[str] = None):
"""
Инициализация Ed25519Manager
Args:
private_key_path: Путь к приватному ключу
public_key_path: Путь к публичному ключу
"""
self.private_key_path = private_key_path or os.getenv('NODE_PRIVATE_KEY_PATH')
self.public_key_path = public_key_path or os.getenv('NODE_PUBLIC_KEY_PATH')
self._private_key = None
self._public_key = None
self._node_id = None
# Загружаем ключи при инициализации
self._load_keys()
def _load_keys(self) -> None:
"""Загрузка ключей из файлов"""
try:
# Загрузка приватного ключа
if self.private_key_path and os.path.exists(self.private_key_path):
with open(self.private_key_path, 'rb') as f:
private_key_data = f.read()
# Загружаем PEM ключ
self._private_key = serialization.load_pem_private_key(
private_key_data,
password=None
)
# Получаем публичный ключ из приватного
self._public_key = self._private_key.public_key()
# Генерируем NODE_ID из публичного ключа
self._node_id = self._generate_node_id()
logger.info(f"Ed25519 ключи загружены. Node ID: {self._node_id}")
else:
# Генерируем заглушки для тестирования
if not CRYPTO_AVAILABLE:
logger.warning("Using mock keys for testing (crypto libraries not available)")
self._private_key = MockEd25519PrivateKey()
self._public_key = MockEd25519PublicKey()
self._node_id = "node-mock-testing-12345"
else:
logger.warning(f"Private key file not found: {self.private_key_path}")
# Создаем временные ключи для тестирования
from cryptography.hazmat.primitives.asymmetric import ed25519
self._private_key = ed25519.Ed25519PrivateKey.generate()
self._public_key = self._private_key.public_key()
self._node_id = self._generate_node_id()
logger.info(f"Generated temporary keys for testing. Node ID: {self._node_id}")
except Exception as e:
logger.error(f"Error loading Ed25519 keys: {e}")
# Для тестирования создаем заглушки
if not CRYPTO_AVAILABLE:
logger.warning("Using mock keys for testing due to error")
self._private_key = MockEd25519PrivateKey()
self._public_key = MockEd25519PublicKey()
self._node_id = "node-mock-error-fallback"
else:
raise
def _generate_node_id(self) -> str:
"""Генерация NODE_ID из публичного ключа"""
if not self._public_key:
raise ValueError("Public key not loaded")
try:
# Получаем raw bytes публичного ключа
public_key_bytes = self._public_key.public_bytes(
encoding=serialization.Encoding.Raw,
format=serialization.PublicFormat.Raw
)
# Создаем упрощенный base58-подобный NODE_ID
# В реальной реализации здесь должен быть полный base58
hex_key = public_key_bytes.hex()
return f"node-{hex_key[:16]}"
except:
# Fallback для mock ключей
return f"node-mock-{hash(str(self._public_key)) % 1000000:06d}"
@property
def node_id(self) -> str:
"""Получить NODE_ID"""
if not self._node_id:
raise ValueError("Node ID not generated. Check if keys are loaded.")
return self._node_id
@property
def public_key_hex(self) -> str:
"""Получить публичный ключ в hex формате"""
if not self._public_key:
raise ValueError("Public key not loaded")
public_key_bytes = self._public_key.public_bytes(
encoding=serialization.Encoding.Raw,
format=serialization.PublicFormat.Raw
)
return public_key_bytes.hex()
def sign_message(self, message: Dict[str, Any]) -> str:
"""
Подписать сообщение ed25519 ключом
Args:
message: Словарь с данными для подписи
Returns:
base64-encoded подпись
"""
if not self._private_key:
raise ValueError("Private key not loaded")
# Сериализуем сообщение в JSON для подписи
message_json = json.dumps(message, sort_keys=True, ensure_ascii=False)
message_bytes = message_json.encode('utf-8')
# Создаем хеш сообщения для подписи
message_hash = hashlib.sha256(message_bytes).digest()
# Подписываем хеш
signature = self._private_key.sign(message_hash)
# Возвращаем подпись в base64
return base64.b64encode(signature).decode('ascii')
def verify_signature(self, message: Dict[str, Any], signature: str, public_key_hex: str) -> bool:
"""
Проверить подпись сообщения
Args:
message: Словарь с данными
signature: base64-encoded подпись
public_key_hex: Публичный ключ в hex формате
Returns:
True если подпись валидна
"""
try:
# Восстанавливаем публичный ключ из hex
public_key_bytes = bytes.fromhex(public_key_hex)
public_key = crypto_ed25519.Ed25519PublicKey.from_public_bytes(public_key_bytes)
# Сериализуем сообщение так же как при подписи
message_json = json.dumps(message, sort_keys=True, ensure_ascii=False)
message_bytes = message_json.encode('utf-8')
message_hash = hashlib.sha256(message_bytes).digest()
# Декодируем подпись
signature_bytes = base64.b64decode(signature.encode('ascii'))
# Проверяем подпись
public_key.verify(signature_bytes, message_hash)
return True
except Exception as e:
logger.warning(f"Signature verification failed: {e}")
return False
def create_signed_message(self, message_type: str, data: Dict[str, Any]) -> Dict[str, Any]:
"""
Создать подписанное сообщение для отправки
Args:
message_type: Тип сообщения (handshake, sync_request, etc.)
data: Данные сообщения
Returns:
Подписанное сообщение
"""
# Основная структура сообщения
message = {
"type": message_type,
"node_id": self.node_id,
"public_key": self.public_key_hex,
"timestamp": int(time.time()),
"data": data
}
# Подписываем сообщение
signature = self.sign_message(message)
# Добавляем подпись
signed_message = message.copy()
signed_message["signature"] = signature
return signed_message
def verify_incoming_message(self, message: Dict[str, Any]) -> Tuple[bool, Optional[str]]:
"""
Проверить входящее подписанное сообщение
Args:
message: Входящее сообщение
Returns:
(is_valid, error_message)
"""
try:
# Проверяем обязательные поля
required_fields = ["type", "node_id", "public_key", "timestamp", "data", "signature"]
for field in required_fields:
if field not in message:
return False, f"Missing required field: {field}"
# Извлекаем подпись и создаем сообщение без подписи для проверки
signature = message.pop("signature")
# Проверяем подпись
is_valid = self.verify_signature(message, signature, message["public_key"])
if not is_valid:
return False, "Invalid signature"
# Проверяем временную метку (не старше 5 минут)
current_time = int(time.time())
if abs(current_time - message["timestamp"]) > 300:
return False, "Message timestamp too old"
return True, None
except Exception as e:
return False, f"Verification error: {str(e)}"
def create_handshake_message(self, target_node_id: str, additional_data: Optional[Dict] = None) -> Dict[str, Any]:
"""
Создать сообщение для handshake с другой нодой
Args:
target_node_id: ID целевой ноды
additional_data: Дополнительные данные
Returns:
Подписанное handshake сообщение
"""
handshake_data = {
"target_node_id": target_node_id,
"protocol_version": "3.0",
"node_type": os.getenv("NODE_TYPE", "uploader"),
"capabilities": ["upload", "content_streaming", "conversion", "storage"]
}
if additional_data:
handshake_data.update(additional_data)
return self.create_signed_message("handshake", handshake_data)
def create_upload_message(self, content_hash: str, metadata: Dict[str, Any]) -> Dict[str, Any]:
"""
Создать подписанное сообщение для загрузки контента
Args:
content_hash: Хеш контента
metadata: Метаданные файла
Returns:
Подписанное upload сообщение
"""
upload_data = {
"content_hash": content_hash,
"metadata": metadata,
"uploader_node": self.node_id,
"upload_timestamp": int(time.time())
}
return self.create_signed_message("content_upload", upload_data)
def create_sync_message(self, content_list: list, operation: str = "announce") -> Dict[str, Any]:
"""
Создать сообщение для синхронизации контента
Args:
content_list: Список контента для синхронизации
operation: Тип операции (announce, request, response)
Returns:
Подписанное sync сообщение
"""
sync_data = {
"operation": operation,
"content_list": content_list,
"sync_id": hashlib.sha256(
(self.node_id + str(int(time.time()))).encode()
).hexdigest()[:16]
}
return self.create_signed_message("content_sync", sync_data)
# Глобальный экземпляр менеджера
_ed25519_manager = None
def get_ed25519_manager() -> Ed25519Manager:
"""Получить глобальный экземпляр Ed25519Manager"""
global _ed25519_manager
if _ed25519_manager is None:
_ed25519_manager = Ed25519Manager()
return _ed25519_manager
def init_ed25519_manager(private_key_path: str, public_key_path: str) -> Ed25519Manager:
"""Инициализировать Ed25519Manager с путями к ключам"""
global _ed25519_manager
_ed25519_manager = Ed25519Manager(private_key_path, public_key_path)
return _ed25519_manager

456
app/core/database.py Normal file
View File

@ -0,0 +1,456 @@
"""
Async SQLAlchemy configuration with connection pooling and Redis integration
"""
import asyncio
import logging
from contextlib import asynccontextmanager
from typing import AsyncGenerator, Optional
from datetime import timedelta
from sqlalchemy.ext.asyncio import (
create_async_engine,
AsyncSession,
async_sessionmaker,
AsyncEngine
)
from sqlalchemy.pool import NullPool, QueuePool
from sqlalchemy.sql import text
import redis.asyncio as redis
from redis.asyncio.connection import ConnectionPool
import structlog
import os
from app.core.config import (
DATABASE_URL,
REDIS_URL,
DATABASE_POOL_SIZE,
DATABASE_MAX_OVERFLOW,
REDIS_POOL_SIZE
)
# Mock Redis для тестирования
class MockRedis:
def __init__(self):
self._data = {}
self._ttl_data = {} # Store TTL information
async def ping(self):
"""Ping redis server"""
return True
async def get(self, key):
"""Get value by key"""
try:
value = self._data.get(key)
return value if value is not None else None
except Exception as e:
logger.error("MockRedis get error", key=key, error=str(e))
return None
async def set(self, key, value, ex=None, nx=False):
"""Set key-value with optional expiration and nx flag"""
try:
if nx and key in self._data:
return False
# Convert value to string to match Redis behavior
if isinstance(value, dict):
import json
self._data[key] = json.dumps(value)
else:
self._data[key] = str(value) if value is not None else None
# Handle TTL
if ex:
import time
self._ttl_data[key] = time.time() + ex
return True
except Exception as e:
logger.error("MockRedis set error", key=key, error=str(e))
return False
async def delete(self, key):
"""Delete key"""
try:
existed = key in self._data
self._data.pop(key, None)
self._ttl_data.pop(key, None)
return 1 if existed else 0
except Exception as e:
logger.error("MockRedis delete error", key=key, error=str(e))
return 0
async def exists(self, key):
"""Check if key exists"""
try:
return 1 if key in self._data else 0
except Exception as e:
logger.error("MockRedis exists error", key=key, error=str(e))
return 0
async def incr(self, key, amount=1):
"""Increment counter"""
try:
current = int(self._data.get(key, 0))
new_value = current + amount
self._data[key] = str(new_value)
return new_value
except (ValueError, TypeError) as e:
logger.error("MockRedis incr error", key=key, error=str(e))
return 0
async def expire(self, key, ttl):
"""Set TTL for key"""
try:
if key in self._data:
import time
self._ttl_data[key] = time.time() + ttl
return True
return False
except Exception as e:
logger.error("MockRedis expire error", key=key, error=str(e))
return False
async def hget(self, name, key):
"""Get hash field value"""
try:
hash_data = self._data.get(name)
if not hash_data:
return None
# Try to parse as JSON if it's a string
if isinstance(hash_data, str):
try:
import json
hash_data = json.loads(hash_data)
except (json.JSONDecodeError, TypeError):
return None
if isinstance(hash_data, dict):
return hash_data.get(key)
return None
except Exception as e:
logger.error("MockRedis hget error", name=name, key=key, error=str(e))
return None
async def hset(self, name, key, value):
"""Set hash field value"""
try:
if name not in self._data:
self._data[name] = {}
# Ensure we have a dict
if not isinstance(self._data[name], dict):
self._data[name] = {}
self._data[name][key] = str(value)
return 1
except Exception as e:
logger.error("MockRedis hset error", name=name, key=key, error=str(e))
return 0
async def hdel(self, name, key):
"""Delete hash field"""
try:
if name in self._data and isinstance(self._data[name], dict):
existed = key in self._data[name]
self._data[name].pop(key, None)
return 1 if existed else 0
return 0
except Exception as e:
logger.error("MockRedis hdel error", name=name, key=key, error=str(e))
return 0
async def ttl(self, key):
"""Get TTL for key"""
try:
if key not in self._data:
return -2 # Key doesn't exist
if key not in self._ttl_data:
return -1 # Key exists but no TTL
import time
remaining = self._ttl_data[key] - time.time()
if remaining <= 0:
# Key expired, remove it
self._data.pop(key, None)
self._ttl_data.pop(key, None)
return -2
return int(remaining)
except Exception as e:
logger.error("MockRedis ttl error", key=key, error=str(e))
return -1
logger = structlog.get_logger(__name__)
class DatabaseManager:
"""Async database manager with connection pooling"""
def __init__(self):
self._engine: Optional[AsyncEngine] = None
self._session_factory: Optional[async_sessionmaker[AsyncSession]] = None
self._redis_pool: Optional[ConnectionPool] = None
self._redis: Optional[redis.Redis] = None
self._initialized = False
async def initialize(self) -> None:
"""Initialize database connections and Redis"""
if self._initialized:
return
# Initialize async SQLAlchemy engine
self._engine = create_async_engine(
DATABASE_URL,
poolclass=QueuePool,
pool_size=DATABASE_POOL_SIZE,
max_overflow=DATABASE_MAX_OVERFLOW,
pool_pre_ping=True,
pool_recycle=3600, # 1 hour
echo=False, # Set to True for SQL debugging
future=True,
json_serializer=lambda obj: obj,
json_deserializer=lambda obj: obj,
)
# Create session factory
self._session_factory = async_sessionmaker(
self._engine,
class_=AsyncSession,
expire_on_commit=False,
autoflush=False,
autocommit=False
)
# Initialize Redis connection pool
use_mock_redis = (
os.getenv('MOCK_REDIS', '0') == '1' or
'mock' in REDIS_URL or
REDIS_URL.startswith('redis://mock')
)
if use_mock_redis:
logger.warning("Using MockRedis for testing")
self._redis = MockRedis()
self._redis_pool = None
else:
try:
self._redis_pool = ConnectionPool.from_url(
REDIS_URL,
max_connections=REDIS_POOL_SIZE,
retry_on_timeout=True,
health_check_interval=30
)
self._redis = redis.Redis(
connection_pool=self._redis_pool,
decode_responses=True
)
except Exception as e:
logger.warning(f"Failed to connect to Redis, using mock: {e}")
self._redis = MockRedis()
self._redis_pool = None
# Test connections
await self._test_connections()
self._initialized = True
logger.info("Database and Redis connections initialized")
async def _test_connections(self) -> None:
"""Test database and Redis connections"""
# Test database
async with self._engine.begin() as conn:
result = await conn.execute(text("SELECT 1"))
assert result.scalar() == 1
# Test Redis
await self._redis.ping()
logger.info("Database and Redis connections tested successfully")
async def close(self) -> None:
"""Close all connections gracefully"""
if self._engine:
await self._engine.dispose()
if self._redis_pool:
await self._redis_pool.disconnect()
self._initialized = False
logger.info("Database and Redis connections closed")
@asynccontextmanager
async def get_session(self) -> AsyncGenerator[AsyncSession, None]:
"""Get async database session with automatic cleanup"""
if not self._initialized:
await self.initialize()
async with self._session_factory() as session:
try:
yield session
except Exception as e:
await session.rollback()
logger.error("Database session error", error=str(e))
raise
finally:
await session.close()
@asynccontextmanager
async def get_transaction(self) -> AsyncGenerator[AsyncSession, None]:
"""Get async database session with automatic transaction management"""
async with self.get_session() as session:
async with session.begin():
yield session
async def get_redis(self) -> redis.Redis:
"""Get Redis client"""
if not self._initialized:
await self.initialize()
return self._redis
@property
def engine(self) -> AsyncEngine:
"""Get SQLAlchemy engine"""
if not self._engine:
raise RuntimeError("Database not initialized")
return self._engine
class CacheManager:
"""Redis-based cache manager with TTL and serialization"""
def __init__(self, redis_client: redis.Redis):
self.redis = redis_client
async def get(self, key: str, default=None):
"""Get value from cache"""
try:
value = await self.redis.get(key)
return value if value is not None else default
except Exception as e:
logger.error("Cache get error", key=key, error=str(e))
return default
async def set(
self,
key: str,
value: str,
ttl: Optional[int] = None,
nx: bool = False
) -> bool:
"""Set value in cache with optional TTL"""
try:
return await self.redis.set(key, value, ex=ttl, nx=nx)
except Exception as e:
logger.error("Cache set error", key=key, error=str(e))
return False
async def delete(self, key: str) -> bool:
"""Delete key from cache"""
try:
return bool(await self.redis.delete(key))
except Exception as e:
logger.error("Cache delete error", key=key, error=str(e))
return False
async def exists(self, key: str) -> bool:
"""Check if key exists in cache"""
try:
return bool(await self.redis.exists(key))
except Exception as e:
logger.error("Cache exists error", key=key, error=str(e))
return False
async def incr(self, key: str, amount: int = 1) -> int:
"""Increment counter in cache"""
try:
return await self.redis.incr(key, amount)
except Exception as e:
logger.error("Cache incr error", key=key, error=str(e))
return 0
async def increment(self, key: str, amount: int = 1, ttl: Optional[int] = None) -> int:
"""Increment counter in cache with optional TTL"""
try:
result = await self.redis.incr(key, amount)
# If this is the first increment and TTL is specified, set expiration
if ttl and result == amount:
await self.redis.expire(key, ttl)
return result
except Exception as e:
logger.error("Cache increment error", key=key, error=str(e))
return 0
async def expire(self, key: str, ttl: int) -> bool:
"""Set TTL for existing key"""
try:
return await self.redis.expire(key, ttl)
except Exception as e:
logger.error("Cache expire error", key=key, error=str(e))
return False
async def hget(self, name: str, key: str):
"""Get hash field value"""
try:
return await self.redis.hget(name, key)
except Exception as e:
logger.error("Cache hget error", name=name, key=key, error=str(e))
return None
async def hset(self, name: str, key: str, value: str) -> bool:
"""Set hash field value"""
try:
return bool(await self.redis.hset(name, key, value))
except Exception as e:
logger.error("Cache hset error", name=name, key=key, error=str(e))
return False
async def hdel(self, name: str, key: str) -> bool:
"""Delete hash field"""
try:
return bool(await self.redis.hdel(name, key))
except Exception as e:
logger.error("Cache hdel error", name=name, key=key, error=str(e))
return False
# Global instances
db_manager = DatabaseManager()
cache_manager: Optional[CacheManager] = None
def get_db_session():
"""Dependency for getting database session - returns async context manager"""
return db_manager.get_session()
async def get_cache() -> CacheManager:
"""Dependency for getting cache manager"""
global cache_manager
if not cache_manager:
redis_client = await db_manager.get_redis()
cache_manager = CacheManager(redis_client)
return cache_manager
async def init_database():
"""Initialize database connections"""
await db_manager.initialize()
async def close_database():
"""Close database connections"""
await db_manager.close()
# Алиасы для совместимости с существующим кодом
# УДАЛЁН: get_async_session() - вызывал ошибки context manager protocol
# Все места использования исправлены на db_manager.get_session()
async def get_cache_manager() -> CacheManager:
"""Alias for get_cache for compatibility"""
return await get_cache()

220
app/core/database_compatible.py Normal file
View File

@ -0,0 +1,220 @@
"""Compatible database configuration with MariaDB support."""
import logging
from contextlib import asynccontextmanager
from typing import AsyncGenerator, Optional
from sqlalchemy import MetaData
from sqlalchemy.ext.asyncio import (
AsyncEngine,
AsyncSession,
async_sessionmaker,
create_async_engine
)
from sqlalchemy.pool import NullPool
from app.core.config import get_settings
logger = logging.getLogger(__name__)
# Global variables for database engine and session
_engine: Optional[AsyncEngine] = None
_async_session: Optional[async_sessionmaker[AsyncSession]] = None
# Naming convention for consistent constraint names
naming_convention = {
"ix": "ix_%(column_0_label)s",
"uq": "uq_%(table_name)s_%(column_0_name)s",
"ck": "ck_%(table_name)s_%(constraint_name)s",
"fk": "fk_%(table_name)s_%(column_0_name)s_%(referred_table_name)s",
"pk": "pk_%(table_name)s"
}
metadata = MetaData(naming_convention=naming_convention)
def get_database_url() -> str:
"""Get database URL from settings."""
settings = get_settings()
# Support both new DATABASE_URL and legacy MariaDB settings
if hasattr(settings, 'database_url') and settings.database_url:
return settings.database_url
# Fallback to MariaDB configuration
mysql_host = getattr(settings, 'mysql_host', 'maria_db')
mysql_port = getattr(settings, 'mysql_port', 3306)
mysql_user = getattr(settings, 'mysql_user', 'myuploader')
mysql_password = getattr(settings, 'mysql_password', 'password')
mysql_database = getattr(settings, 'mysql_database', 'myuploader')
return f"mysql+aiomysql://{mysql_user}:{mysql_password}@{mysql_host}:{mysql_port}/{mysql_database}"
async def init_database() -> None:
"""Initialize database connection."""
global _engine, _async_session
if _engine is not None:
logger.warning("Database already initialized")
return
try:
settings = get_settings()
database_url = get_database_url()
logger.info(f"Connecting to database: {database_url.split('@')[1] if '@' in database_url else 'unknown'}")
# Create async engine with MariaDB/MySQL optimizations
_engine = create_async_engine(
database_url,
echo=settings.debug if hasattr(settings, 'debug') else False,
pool_size=getattr(settings, 'database_pool_size', 20),
max_overflow=getattr(settings, 'database_max_overflow', 30),
pool_timeout=getattr(settings, 'database_pool_timeout', 30),
pool_recycle=getattr(settings, 'database_pool_recycle', 3600),
pool_pre_ping=True, # Verify connections before use
# MariaDB specific settings
connect_args={
"charset": "utf8mb4",
"use_unicode": True,
"autocommit": False,
}
)
# Create async session factory
_async_session = async_sessionmaker(
bind=_engine,
class_=AsyncSession,
expire_on_commit=False,
autoflush=True,
autocommit=False
)
# Test the connection
async with _engine.begin() as conn:
await conn.execute("SELECT 1")
logger.info("Database connection established successfully")
except Exception as e:
logger.error(f"Failed to initialize database: {e}")
raise
async def close_database() -> None:
"""Close database connection."""
global _engine, _async_session
if _engine is not None:
logger.info("Closing database connection")
await _engine.dispose()
_engine = None
_async_session = None
logger.info("Database connection closed")
def get_engine() -> AsyncEngine:
"""Get database engine."""
if _engine is None:
raise RuntimeError("Database not initialized. Call init_database() first.")
return _engine
def get_session_factory() -> async_sessionmaker[AsyncSession]:
"""Get session factory."""
if _async_session is None:
raise RuntimeError("Database not initialized. Call init_database() first.")
return _async_session
@asynccontextmanager
async def get_async_session() -> AsyncGenerator[AsyncSession, None]:
"""Get async database session with automatic cleanup."""
if _async_session is None:
raise RuntimeError("Database not initialized. Call init_database() first.")
async with _async_session() as session:
try:
yield session
except Exception as e:
logger.error(f"Database session error: {e}")
await session.rollback()
raise
finally:
await session.close()
async def check_database_health() -> bool:
"""Check database connection health."""
try:
async with get_async_session() as session:
await session.execute("SELECT 1")
return True
except Exception as e:
logger.error(f"Database health check failed: {e}")
return False
async def get_database_info() -> dict:
"""Get database information."""
try:
async with get_async_session() as session:
# Get database version
result = await session.execute("SELECT VERSION() as version")
version_row = result.fetchone()
version = version_row[0] if version_row else "Unknown"
# Get connection count (MariaDB specific)
try:
result = await session.execute("SHOW STATUS LIKE 'Threads_connected'")
conn_row = result.fetchone()
connections = int(conn_row[1]) if conn_row else 0
except:
connections = 0
# Get database size
try:
result = await session.execute("""
SELECT
ROUND(SUM(data_length + index_length) / 1024 / 1024, 2) as size_mb
FROM information_schema.tables
WHERE table_schema = DATABASE()
""")
size_row = result.fetchone()
size_mb = float(size_row[0]) if size_row and size_row[0] else 0
except:
size_mb = 0
return {
"version": version,
"connections": connections,
"size_mb": size_mb,
"engine_pool_size": _engine.pool.size() if _engine else 0,
"engine_checked_out": _engine.pool.checkedout() if _engine else 0,
}
except Exception as e:
logger.error(f"Failed to get database info: {e}")
return {"error": str(e)}
# Database session dependency for dependency injection
def get_db_session():
"""Database session dependency for API routes - returns async context manager"""
return get_async_session()
# Backward compatibility functions
async def get_db() -> AsyncGenerator[AsyncSession, None]:
"""Legacy function name for backward compatibility."""
async with get_async_session() as session:
yield session
# Transaction context manager
@asynccontextmanager
async def transaction():
"""Transaction context manager."""
async with get_async_session() as session:
async with session.begin():
yield session

363
app/core/logging.py Normal file
View File

@ -0,0 +1,363 @@
"""
Structured logging configuration with monitoring and observability
"""
import asyncio
import logging
import sys
import time
from datetime import datetime
from pathlib import Path
from typing import Any, Dict, Optional, Union
from contextvars import ContextVar
import json
import structlog
from structlog.stdlib import LoggerFactory
from structlog.typing import EventDict, Processor
import structlog.dev
from app.core.config import settings, LOG_DIR, LOG_LEVEL
# Context variables for request tracking
request_id_var: ContextVar[Optional[str]] = ContextVar('request_id', default=None)
user_id_var: ContextVar[Optional[int]] = ContextVar('user_id', default=None)
operation_var: ContextVar[Optional[str]] = ContextVar('operation', default=None)
class RequestContextProcessor:
"""Add request context to log records"""
def __call__(self, logger, method_name, event_dict: EventDict) -> EventDict:
"""Add context variables to event dict"""
if request_id := request_id_var.get(None):
event_dict['request_id'] = request_id
if user_id := user_id_var.get(None):
event_dict['user_id'] = user_id
if operation := operation_var.get(None):
event_dict['operation'] = operation
return event_dict
class TimestampProcessor:
"""Add consistent timestamp to log records"""
def __call__(self, logger, method_name, event_dict: EventDict) -> EventDict:
"""Add timestamp to event dict"""
event_dict['timestamp'] = datetime.utcnow().isoformat() + 'Z'
return event_dict
class SecurityProcessor:
"""Filter sensitive data from logs"""
SENSITIVE_KEYS = {
'password', 'token', 'key', 'secret', 'auth', 'credential',
'private_key', 'seed', 'mnemonic', 'api_key', 'authorization'
}
def __call__(self, logger, method_name, event_dict: EventDict) -> EventDict:
"""Remove or mask sensitive data"""
return self._filter_dict(event_dict)
def _filter_dict(self, data: Dict[str, Any]) -> Dict[str, Any]:
"""Recursively filter sensitive data"""
if not isinstance(data, dict):
return data
filtered = {}
for key, value in data.items():
if any(sensitive in key.lower() for sensitive in self.SENSITIVE_KEYS):
filtered[key] = '***REDACTED***'
elif isinstance(value, dict):
filtered[key] = self._filter_dict(value)
elif isinstance(value, list):
filtered[key] = [
self._filter_dict(item) if isinstance(item, dict) else item
for item in value
]
else:
filtered[key] = value
return filtered
class PerformanceProcessor:
"""Add performance metrics to log records"""
def __call__(self, logger, method_name, event_dict: EventDict) -> EventDict:
"""Add performance data to event dict"""
# Add memory usage if available
try:
import psutil
process = psutil.Process()
event_dict['memory_mb'] = round(process.memory_info().rss / 1024 / 1024, 2)
event_dict['cpu_percent'] = process.cpu_percent()
except ImportError:
pass
return event_dict
class MetricsCollector:
"""Collect metrics from log events"""
def __init__(self):
self.counters: Dict[str, int] = {}
self.timers: Dict[str, float] = {}
self.errors: Dict[str, int] = {}
def increment_counter(self, metric: str, value: int = 1):
"""Increment counter metric"""
self.counters[metric] = self.counters.get(metric, 0) + value
def record_timer(self, metric: str, duration: float):
"""Record timer metric"""
self.timers[metric] = duration
def record_error(self, error_type: str):
"""Record error metric"""
self.errors[error_type] = self.errors.get(error_type, 0) + 1
def get_metrics(self) -> Dict[str, Any]:
"""Get all collected metrics"""
return {
'counters': self.counters,
'timers': self.timers,
'errors': self.errors
}
# Global metrics collector
metrics_collector = MetricsCollector()
class DatabaseLogHandler(logging.Handler):
"""Log handler that stores critical logs in database"""
def __init__(self):
super().__init__()
self.setLevel(logging.ERROR)
self._queue = asyncio.Queue(maxsize=1000)
self._task = None
def emit(self, record: logging.LogRecord):
"""Add log record to queue"""
try:
log_entry = {
'timestamp': datetime.utcnow(),
'level': record.levelname,
'logger': record.name,
'message': record.getMessage(),
'module': record.module,
'function': record.funcName,
'line': record.lineno,
'request_id': getattr(record, 'request_id', None),
'user_id': getattr(record, 'user_id', None),
'extra': getattr(record, '__dict__', {})
}
if not self._queue.full():
self._queue.put_nowait(log_entry)
except Exception:
# Don't let logging errors break the application
pass
async def process_logs(self):
"""Process logs from queue and store in database"""
from app.core.database import db_manager
while True:
try:
log_entry = await self._queue.get()
# Store in database (implement based on your log model)
# async with db_manager.get_session() as session:
# log_record = LogRecord(**log_entry)
# session.add(log_record)
# await session.commit()
except Exception as e:
# Log to stderr to avoid infinite recursion
print(f"Database log handler error: {e}", file=sys.stderr)
await asyncio.sleep(0.1)
def configure_logging():
"""Configure structured logging"""
# Configure standard library logging
logging.basicConfig(
format="%(message)s",
stream=sys.stdout,
level=getattr(logging, LOG_LEVEL.upper())
)
# Silence noisy loggers
logging.getLogger("sqlalchemy.engine").setLevel(logging.WARNING)
logging.getLogger("aioredis").setLevel(logging.WARNING)
logging.getLogger("aiogram").setLevel(logging.WARNING)
# Configure processors based on environment
processors: list[Processor] = [
structlog.contextvars.merge_contextvars,
RequestContextProcessor(),
TimestampProcessor(),
SecurityProcessor(),
structlog.processors.add_log_level,
structlog.processors.StackInfoRenderer(),
]
if settings.DEBUG:
processors.extend([
PerformanceProcessor(),
structlog.dev.ConsoleRenderer(colors=True)
])
else:
processors.append(structlog.processors.JSONRenderer())
# Configure structlog
structlog.configure(
processors=processors,
wrapper_class=structlog.make_filtering_bound_logger(
getattr(logging, LOG_LEVEL.upper())
),
logger_factory=LoggerFactory(),
cache_logger_on_first_use=True,
)
# Add file handler for persistent logging
if not settings.DEBUG:
log_file = LOG_DIR / f"app_{datetime.now().strftime('%Y%m%d')}.log"
file_handler = logging.FileHandler(log_file, encoding='utf-8')
file_handler.setFormatter(
logging.Formatter(
'%(asctime)s - %(name)s - %(levelname)s - %(message)s'
)
)
logging.getLogger().addHandler(file_handler)
class LoggerMixin:
"""Mixin to add structured logging to classes"""
@property
def logger(self):
"""Get logger for this class"""
return structlog.get_logger(self.__class__.__name__)
class AsyncContextLogger:
"""Context manager for async operations with automatic logging"""
def __init__(
self,
operation: str,
logger: Optional[structlog.BoundLogger] = None,
log_args: bool = True,
log_result: bool = True
):
self.operation = operation
self.logger = logger or structlog.get_logger()
self.log_args = log_args
self.log_result = log_result
self.start_time = None
async def __aenter__(self):
"""Enter async context"""
self.start_time = time.time()
operation_var.set(self.operation)
self.logger.info(
"Operation started",
operation=self.operation,
)
return self
async def __aexit__(self, exc_type, exc_val, exc_tb):
"""Exit async context with performance logging"""
duration = time.time() - self.start_time
if exc_type:
self.logger.error(
"Operation failed",
operation=self.operation,
duration_ms=round(duration * 1000, 2),
error_type=exc_type.__name__,
error_message=str(exc_val)
)
metrics_collector.record_error(f"{self.operation}_error")
else:
self.logger.info(
"Operation completed",
operation=self.operation,
duration_ms=round(duration * 1000, 2)
)
metrics_collector.record_timer(f"{self.operation}_duration", duration)
operation_var.set(None)
def get_logger(name: str = None) -> structlog.BoundLogger:
"""Get configured structured logger"""
return structlog.get_logger(name)
# Compatibility wrapper for old logging
def make_log(
component: Optional[str],
message: str,
level: str = 'info',
**kwargs
):
"""Legacy logging function for backward compatibility"""
logger = get_logger(component or 'Legacy')
log_func = getattr(logger, level.lower(), logger.info)
log_func(message, **kwargs)
# Performance monitoring decorator
def log_performance(operation: str = None):
"""Decorator to log function performance"""
def decorator(func):
async def async_wrapper(*args, **kwargs):
op_name = operation or f"{func.__module__}.{func.__name__}"
async with AsyncContextLogger(op_name):
return await func(*args, **kwargs)
def sync_wrapper(*args, **kwargs):
op_name = operation or f"{func.__module__}.{func.__name__}"
start_time = time.time()
logger = get_logger(func.__module__)
try:
logger.info("Function started", function=op_name)
result = func(*args, **kwargs)
duration = time.time() - start_time
logger.info(
"Function completed",
function=op_name,
duration_ms=round(duration * 1000, 2)
)
return result
except Exception as e:
duration = time.time() - start_time
logger.error(
"Function failed",
function=op_name,
duration_ms=round(duration * 1000, 2),
error=str(e)
)
raise
return async_wrapper if asyncio.iscoroutinefunction(func) else sync_wrapper
return decorator
# Initialize logging
configure_logging()

577
app/core/metrics.py Normal file
View File

@ -0,0 +1,577 @@
"""Prometheus metrics collection for my-uploader-bot."""
import logging
import time
from datetime import datetime
from functools import wraps
from typing import Dict, Any, Optional, Callable
from prometheus_client import Counter, Histogram, Gauge, Info, generate_latest, CONTENT_TYPE_LATEST
from fastapi import Request
from fastapi.responses import Response
logger = logging.getLogger(__name__)
# Application info
APP_INFO = Info('myuploader_app_info', 'Application information')
APP_INFO.info({
'version': '2.0.0',
'name': 'my-uploader-bot',
'python_version': '3.11+'
})
# HTTP request metrics
HTTP_REQUESTS_TOTAL = Counter(
'http_requests_total',
'Total HTTP requests',
['method', 'endpoint', 'status_code']
)
HTTP_REQUEST_DURATION = Histogram(
'http_request_duration_seconds',
'HTTP request duration in seconds',
['method', 'endpoint']
)
HTTP_REQUEST_SIZE = Histogram(
'http_request_size_bytes',
'HTTP request size in bytes',
['method', 'endpoint']
)
HTTP_RESPONSE_SIZE = Histogram(
'http_response_size_bytes',
'HTTP response size in bytes',
['method', 'endpoint']
)
# Authentication metrics
AUTH_LOGIN_ATTEMPTS_TOTAL = Counter(
'auth_login_attempts_total',
'Total login attempts',
['status']
)
AUTH_LOGIN_FAILURES_TOTAL = Counter(
'auth_login_failures_total',
'Total login failures',
['reason']
)
AUTH_API_KEY_USAGE_TOTAL = Counter(
'auth_api_key_usage_total',
'Total API key usage',
['key_id', 'status']
)
# File upload metrics
UPLOAD_REQUESTS_TOTAL = Counter(
'upload_requests_total',
'Total upload requests',
['status', 'file_type']
)
UPLOAD_SIZE_BYTES = Histogram(
'upload_size_bytes',
'File upload size in bytes',
['file_type']
)
UPLOAD_DURATION_SECONDS = Histogram(
'upload_duration_seconds',
'File upload duration in seconds',
['file_type']
)
UPLOAD_QUEUE_SIZE = Gauge(
'upload_queue_size',
'Number of files in upload queue'
)
UPLOAD_FAILURES_TOTAL = Counter(
'upload_failures_total',
'Total upload failures',
['reason', 'file_type']
)
# File processing metrics
PROCESSING_QUEUE_SIZE = Gauge(
'processing_queue_size',
'Number of files in processing queue'
)
PROCESSING_DURATION_SECONDS = Histogram(
'processing_duration_seconds',
'File processing duration in seconds',
['file_type', 'operation']
)
PROCESSING_FAILURES_TOTAL = Counter(
'processing_failures_total',
'Total processing failures',
['file_type', 'operation']
)
# Database metrics
DB_CONNECTIONS_ACTIVE = Gauge(
'db_connections_active',
'Number of active database connections'
)
DB_CONNECTIONS_IDLE = Gauge(
'db_connections_idle',
'Number of idle database connections'
)
DB_QUERY_DURATION_SECONDS = Histogram(
'db_query_duration_seconds',
'Database query duration in seconds',
['operation']
)
DB_TRANSACTIONS_TOTAL = Counter(
'db_transactions_total',
'Total database transactions',
['status']
)
# Cache metrics
CACHE_OPERATIONS_TOTAL = Counter(
'cache_operations_total',
'Total cache operations',
['operation', 'status']
)
CACHE_HIT_RATIO = Gauge(
'cache_hit_ratio',
'Cache hit ratio'
)
CACHE_KEYS_TOTAL = Gauge(
'cache_keys_total',
'Total number of cache keys'
)
CACHE_MEMORY_USAGE_BYTES = Gauge(
'cache_memory_usage_bytes',
'Cache memory usage in bytes'
)
# Storage metrics
STORAGE_OPERATIONS_TOTAL = Counter(
'storage_operations_total',
'Total storage operations',
['operation', 'backend', 'status']
)
STORAGE_AVAILABLE_BYTES = Gauge(
'storage_available_bytes',
'Available storage space in bytes',
['backend']
)
STORAGE_TOTAL_BYTES = Gauge(
'storage_total_bytes',
'Total storage space in bytes',
['backend']
)
STORAGE_FILES_TOTAL = Gauge(
'storage_files_total',
'Total number of stored files',
['backend']
)
# Blockchain metrics
BLOCKCHAIN_TRANSACTIONS_TOTAL = Counter(
'blockchain_transactions_total',
'Total blockchain transactions',
['status', 'network']
)
BLOCKCHAIN_TRANSACTION_FEES = Histogram(
'blockchain_transaction_fees',
'Blockchain transaction fees',
['network']
)
BLOCKCHAIN_PENDING_TRANSACTIONS = Gauge(
'blockchain_pending_transactions',
'Number of pending blockchain transactions'
)
BLOCKCHAIN_WALLET_BALANCES = Gauge(
'blockchain_wallet_balances',
'Wallet balances',
['wallet_id', 'currency']
)
TON_SERVICE_UP = Gauge(
'ton_service_up',
'TON service availability (1 = up, 0 = down)'
)
# Security metrics
RATE_LIMIT_HITS_TOTAL = Counter(
'rate_limit_hits_total',
'Total rate limit hits',
['endpoint', 'user_id']
)
SECURITY_EVENTS_TOTAL = Counter(
'security_events_total',
'Total security events',
['event_type', 'severity']
)
SECURITY_SUSPICIOUS_EVENTS = Gauge(
'security_suspicious_events',
'Number of suspicious security events in the last hour'
)
FAILED_LOGIN_ATTEMPTS = Counter(
'failed_login_attempts_total',
'Total failed login attempts',
['ip_address', 'reason']
)
# System metrics
SYSTEM_UPTIME_SECONDS = Gauge(
'system_uptime_seconds',
'System uptime in seconds'
)
BACKGROUND_TASKS_ACTIVE = Gauge(
'background_tasks_active',
'Number of active background tasks',
['service']
)
BACKGROUND_TASKS_COMPLETED = Counter(
'background_tasks_completed_total',
'Total completed background tasks',
['service', 'status']
)
# Error metrics
ERROR_RATE = Gauge(
'error_rate',
'Application error rate'
)
EXCEPTIONS_TOTAL = Counter(
'exceptions_total',
'Total exceptions',
['exception_type', 'handler']
)
class MetricsCollector:
"""Centralized metrics collection and management."""
def __init__(self):
self.start_time = time.time()
self._cache_stats = {
'hits': 0,
'misses': 0,
'operations': 0
}
def record_http_request(
self,
method: str,
endpoint: str,
status_code: int,
duration: float,
request_size: int = 0,
response_size: int = 0
):
"""Record HTTP request metrics."""
HTTP_REQUESTS_TOTAL.labels(
method=method,
endpoint=endpoint,
status_code=status_code
).inc()
HTTP_REQUEST_DURATION.labels(
method=method,
endpoint=endpoint
).observe(duration)
if request_size > 0:
HTTP_REQUEST_SIZE.labels(
method=method,
endpoint=endpoint
).observe(request_size)
if response_size > 0:
HTTP_RESPONSE_SIZE.labels(
method=method,
endpoint=endpoint
).observe(response_size)
def record_auth_event(self, event_type: str, status: str, **labels):
"""Record authentication events."""
if event_type == 'login':
AUTH_LOGIN_ATTEMPTS_TOTAL.labels(status=status).inc()
if status == 'failed':
reason = labels.get('reason', 'unknown')
AUTH_LOGIN_FAILURES_TOTAL.labels(reason=reason).inc()
elif event_type == 'api_key':
key_id = labels.get('key_id', 'unknown')
AUTH_API_KEY_USAGE_TOTAL.labels(key_id=key_id, status=status).inc()
def record_upload_event(
self,
status: str,
file_type: str,
file_size: int = 0,
duration: float = 0,
**kwargs
):
"""Record file upload events."""
UPLOAD_REQUESTS_TOTAL.labels(status=status, file_type=file_type).inc()
if file_size > 0:
UPLOAD_SIZE_BYTES.labels(file_type=file_type).observe(file_size)
if duration > 0:
UPLOAD_DURATION_SECONDS.labels(file_type=file_type).observe(duration)
if status == 'failed':
reason = kwargs.get('reason', 'unknown')
UPLOAD_FAILURES_TOTAL.labels(reason=reason, file_type=file_type).inc()
def record_processing_event(
self,
file_type: str,
operation: str,
duration: float = 0,
status: str = 'success'
):
"""Record file processing events."""
if duration > 0:
PROCESSING_DURATION_SECONDS.labels(
file_type=file_type,
operation=operation
).observe(duration)
if status == 'failed':
PROCESSING_FAILURES_TOTAL.labels(
file_type=file_type,
operation=operation
).inc()
def record_db_event(self, operation: str, duration: float = 0, status: str = 'success'):
"""Record database events."""
if duration > 0:
DB_QUERY_DURATION_SECONDS.labels(operation=operation).observe(duration)
DB_TRANSACTIONS_TOTAL.labels(status=status).inc()
def record_cache_event(self, operation: str, status: str):
"""Record cache events."""
CACHE_OPERATIONS_TOTAL.labels(operation=operation, status=status).inc()
# Update cache stats
self._cache_stats['operations'] += 1
if status == 'hit':
self._cache_stats['hits'] += 1
elif status == 'miss':
self._cache_stats['misses'] += 1
# Update hit ratio
if self._cache_stats['operations'] > 0:
hit_ratio = self._cache_stats['hits'] / self._cache_stats['operations']
CACHE_HIT_RATIO.set(hit_ratio)
def record_blockchain_event(
self,
event_type: str,
status: str,
network: str = 'mainnet',
**kwargs
):
"""Record blockchain events."""
if event_type == 'transaction':
BLOCKCHAIN_TRANSACTIONS_TOTAL.labels(status=status, network=network).inc()
if 'fee' in kwargs:
BLOCKCHAIN_TRANSACTION_FEES.labels(network=network).observe(kwargs['fee'])
def record_security_event(self, event_type: str, severity: str = 'info', **kwargs):
"""Record security events."""
SECURITY_EVENTS_TOTAL.labels(event_type=event_type, severity=severity).inc()
if event_type == 'rate_limit':
endpoint = kwargs.get('endpoint', 'unknown')
user_id = kwargs.get('user_id', 'anonymous')
RATE_LIMIT_HITS_TOTAL.labels(endpoint=endpoint, user_id=user_id).inc()
elif event_type == 'failed_login':
ip_address = kwargs.get('ip_address', 'unknown')
reason = kwargs.get('reason', 'unknown')
FAILED_LOGIN_ATTEMPTS.labels(ip_address=ip_address, reason=reason).inc()
def update_system_metrics(self):
"""Update system-level metrics."""
uptime = time.time() - self.start_time
SYSTEM_UPTIME_SECONDS.set(uptime)
def update_gauge_metrics(self, metrics_data: Dict[str, Any]):
"""Update gauge metrics from external data."""
# Database metrics
if 'db_connections' in metrics_data:
db_conn = metrics_data['db_connections']
DB_CONNECTIONS_ACTIVE.set(db_conn.get('active', 0))
DB_CONNECTIONS_IDLE.set(db_conn.get('idle', 0))
# Cache metrics
if 'cache' in metrics_data:
cache_data = metrics_data['cache']
CACHE_KEYS_TOTAL.set(cache_data.get('keys', 0))
CACHE_MEMORY_USAGE_BYTES.set(cache_data.get('memory_usage', 0))
# Storage metrics
if 'storage' in metrics_data:
storage_data = metrics_data['storage']
for backend, data in storage_data.items():
STORAGE_AVAILABLE_BYTES.labels(backend=backend).set(data.get('available', 0))
STORAGE_TOTAL_BYTES.labels(backend=backend).set(data.get('total', 0))
STORAGE_FILES_TOTAL.labels(backend=backend).set(data.get('files', 0))
# Queue metrics
if 'queues' in metrics_data:
queues = metrics_data['queues']
UPLOAD_QUEUE_SIZE.set(queues.get('upload', 0))
PROCESSING_QUEUE_SIZE.set(queues.get('processing', 0))
# Blockchain metrics
if 'blockchain' in metrics_data:
blockchain_data = metrics_data['blockchain']
BLOCKCHAIN_PENDING_TRANSACTIONS.set(blockchain_data.get('pending_transactions', 0))
TON_SERVICE_UP.set(1 if blockchain_data.get('ton_service_up') else 0)
# Wallet balances
for wallet_id, balance_data in blockchain_data.get('wallet_balances', {}).items():
for currency, balance in balance_data.items():
BLOCKCHAIN_WALLET_BALANCES.labels(
wallet_id=wallet_id,
currency=currency
).set(balance)
# Background tasks
if 'background_tasks' in metrics_data:
tasks_data = metrics_data['background_tasks']
for service, count in tasks_data.items():
BACKGROUND_TASKS_ACTIVE.labels(service=service).set(count)
# Global metrics collector instance
metrics_collector = MetricsCollector()
async def metrics_middleware(request: Request, call_next):
"""FastAPI middleware to collect HTTP metrics."""
start_time = time.time()
# Process request
response = await call_next(request)
# Calculate duration
duration = time.time() - start_time
# Get endpoint info
endpoint = str(request.url.path)
method = request.method
status_code = response.status_code
# Get request/response sizes (FastAPI doesn't expose body directly in middleware)
request_size = 0
if hasattr(request, '_body'):
request_size = len(request._body)
response_size = 0
if hasattr(response, 'body'):
response_size = len(response.body) if response.body else 0
# Record metrics
metrics_collector.record_http_request(
method=method,
endpoint=endpoint,
status_code=status_code,
duration=duration,
request_size=request_size,
response_size=response_size
)
return response
def track_function_calls(func_name: str, labels: Optional[Dict[str, str]] = None):
"""Decorator to track function call metrics."""
def decorator(func: Callable) -> Callable:
@wraps(func)
async def async_wrapper(*args, **kwargs):
start_time = time.time()
status = 'success'
try:
result = await func(*args, **kwargs)
return result
except Exception as e:
status = 'error'
EXCEPTIONS_TOTAL.labels(
exception_type=type(e).__name__,
handler=func_name
).inc()
raise
finally:
duration = time.time() - start_time
# Record custom metrics based on function type
if func_name.startswith('db_'):
metrics_collector.record_db_event(func_name, duration, status)
elif func_name.startswith('cache_'):
metrics_collector.record_cache_event(func_name, status)
@wraps(func)
def sync_wrapper(*args, **kwargs):
start_time = time.time()
status = 'success'
try:
result = func(*args, **kwargs)
return result
except Exception as e:
status = 'error'
EXCEPTIONS_TOTAL.labels(
exception_type=type(e).__name__,
handler=func_name
).inc()
raise
finally:
duration = time.time() - start_time
# Record custom metrics based on function type
if func_name.startswith('db_'):
metrics_collector.record_db_event(func_name, duration, status)
elif func_name.startswith('cache_'):
metrics_collector.record_cache_event(func_name, status)
return async_wrapper if asyncio.iscoroutinefunction(func) else sync_wrapper
return decorator
async def get_metrics():
"""Get Prometheus metrics."""
# Update system metrics before generating output
metrics_collector.update_system_metrics()
# Generate metrics in Prometheus format
return generate_latest()
def get_metrics_content_type():
"""Get the content type for metrics."""
return CONTENT_TYPE_LATEST

4
app/core/models/__init__.py
View File

@ -1,9 +1,9 @@
from app.core.models.base import AlchemyBase
from app.core.models.keys import KnownKey
from app.core.models.memory import Memory
from app.core.models.node_storage import StoredContent
# from app.core.models.node_storage import StoredContent # Disabled to avoid conflicts
from app.core.models.transaction import UserBalance, InternalTransaction, StarsInvoice
from app.core.models.user import User
from app.core.models.user.user import User, UserSession, UserRole, UserStatus, ApiKey
from app.core.models.wallet_connection import WalletConnection
from app.core.models.messages import KnownTelegramMessage
from app.core.models.user_activity import UserActivity

18
app/core/models/_telegram/wrapped_bot.py
View File

@ -37,10 +37,20 @@ class Wrapped_CBotChat(T, PlayerTemplates):
@property
def bot_id(self):
return {
TELEGRAM_API_KEY: 0,
CLIENT_TELEGRAM_API_KEY: 1
}[self._bot_key]
"""
Map known tokens to stable bot IDs.
If tokens are empty/None (Telegram disabled), fall back to hash-based mapping to avoid KeyError.
"""
mapping = {}
if TELEGRAM_API_KEY:
mapping[TELEGRAM_API_KEY] = 0
if CLIENT_TELEGRAM_API_KEY:
mapping[CLIENT_TELEGRAM_API_KEY] = 1
# Try direct mapping first
if self._bot_key in mapping:
return mapping[self._bot_key]
# Fallback: deterministic bucket (keeps old behavior of 0/1 classes)
return 0 if (str(self._chat_id) + str(self._bot_key)).__hash__() % 2 == 0 else 1
async def return_result(self, result, message_type='common', message_meta={}, content_id=None, **kwargs):
if self.db_session:

42
app/core/models/api/stats_models.py Normal file
View File

@ -0,0 +1,42 @@
from __future__ import annotations
from typing import Dict, Any, Optional, List, Literal
from pydantic import BaseModel, Field
class NodeHealthResponse(BaseModel):
status: Literal["ok", "degraded", "down"] = "ok"
node_id: str
public_key: str
uptime_seconds: Optional[int] = None
cpu_usage: Optional[float] = None
memory_usage_mb: Optional[float] = None
disk_free_mb: Optional[float] = None
last_sync_ts: Optional[int] = None
details: Dict[str, Any] = Field(default_factory=dict)
class ContentStatsItem(BaseModel):
content_id: str
total_chunks: int
stored_chunks: int
missing_chunks: int
size_bytes: Optional[int] = None
verified: Optional[bool] = None
class NodeContentStatsResponse(BaseModel):
total_contents: int
total_chunks: int
stored_chunks: int
missing_chunks: int
contents: List[ContentStatsItem] = Field(default_factory=list)
class NodeStatsReport(BaseModel):
action: Literal["stats_report"] = "stats_report"
reporter_node_id: str
reporter_public_key: str
timestamp: int
metrics: Dict[str, Any] = Field(default_factory=dict)
signature: Optional[str] = None # подпись может быть и в заголовке

74
app/core/models/api/sync_models.py Normal file
View File

@ -0,0 +1,74 @@
from __future__ import annotations
from typing import List, Optional, Dict, Any, Literal
from pydantic import BaseModel, Field, validator
class SignedRequestHeaders(BaseModel):
"""Заголовки межузлового запроса с подписью Ed25519"""
x_node_communication: Literal["true"] = Field(alias="X-Node-Communication")
x_node_id: str = Field(alias="X-Node-ID")
x_node_public_key: str = Field(alias="X-Node-Public-Key")
x_node_signature: str = Field(alias="X-Node-Signature")
class Config:
populate_by_name = True
class ChunkRef(BaseModel):
chunk_id: str
content_id: str
chunk_index: int
chunk_hash: str
encrypted_data: str
signature: Optional[str] = None
created_at: Optional[str] = None
class ContentRequest(BaseModel):
action: Literal["content_sync"]
sync_type: Literal["content_request", "new_content", "content_list"]
content_info: Dict[str, Any] = Field(default_factory=dict)
timestamp: Optional[int] = None
@validator("content_info")
def validate_content_info(cls, v, values):
st = values.get("sync_type")
if st == "content_request":
# ожидаем content_id и indexes
if "content_id" not in v or "indexes" not in v:
raise ValueError("content_request requires content_info.content_id and content_info.indexes")
if not isinstance(v.get("indexes"), list):
raise ValueError("content_info.indexes must be a list")
elif st == "new_content":
if "content_id" not in v or "total_chunks" not in v:
raise ValueError("new_content requires content_info.content_id and content_info.total_chunks")
return v
class ContentProvideResponse(BaseModel):
success: bool = True
chunks: List[ChunkRef] = Field(default_factory=list)
errors: List[Dict[str, Any]] = Field(default_factory=list)
class ContentStatusResponse(BaseModel):
content_id: str
total_chunks: int
have_indexes: List[int] = Field(default_factory=list)
missing_indexes: List[int] = Field(default_factory=list)
verified: Optional[bool] = None
message: Optional[str] = None
class ContentVerifyRequest(BaseModel):
content_id: str
chunks: List[ChunkRef] = Field(default_factory=list)
verify_signatures: bool = True
class GenericSignedResponse(BaseModel):
success: bool
data: Dict[str, Any] = Field(default_factory=dict)
node_id: Optional[str] = None
timestamp: Optional[str] = None

278
app/core/models/base.py
View File

@ -1,3 +1,277 @@
from sqlalchemy.ext.declarative import declarative_base
"""
Base model classes with async SQLAlchemy support
"""
import uuid
from datetime import datetime
from typing import Any, Dict, Optional, Type, TypeVar, Union
AlchemyBase = declarative_base()
from sqlalchemy import Column, DateTime, String, Boolean, Integer, Text, JSON
from sqlalchemy.dialects.postgresql import UUID
from sqlalchemy.ext.asyncio import AsyncSession
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.future import select
from sqlalchemy.orm import sessionmaker
from pydantic import BaseModel
import structlog
logger = structlog.get_logger(__name__)
# Create declarative base
Base = declarative_base()
# Type variable for model classes
ModelType = TypeVar("ModelType", bound="BaseModel")
class TimestampMixin:
"""Mixin for automatic timestamp fields"""
created_at = Column(
DateTime,
nullable=False,
default=datetime.utcnow,
comment="Record creation timestamp"
)
updated_at = Column(
DateTime,
nullable=False,
default=datetime.utcnow,
onupdate=datetime.utcnow,
comment="Record last update timestamp"
)
class UUIDMixin:
"""Mixin for UUID primary key"""
id = Column(
UUID(as_uuid=True),
primary_key=True,
default=uuid.uuid4,
comment="Unique identifier"
)
class SoftDeleteMixin:
"""Mixin for soft delete functionality"""
deleted_at = Column(
DateTime,
nullable=True,
comment="Soft delete timestamp"
)
@property
def is_deleted(self) -> bool:
"""Check if record is soft deleted"""
return self.deleted_at is not None
def soft_delete(self):
"""Mark record as soft deleted"""
self.deleted_at = datetime.utcnow()
def restore(self):
"""Restore soft deleted record"""
self.deleted_at = None
class MetadataMixin:
"""Mixin for flexible metadata storage"""
metadata = Column(
JSON,
nullable=False,
default=dict,
comment="Flexible metadata storage"
)
def set_meta(self, key: str, value: Any) -> None:
"""Set metadata value"""
if self.metadata is None:
self.metadata = {}
self.metadata[key] = value
def get_meta(self, key: str, default: Any = None) -> Any:
"""Get metadata value"""
if self.metadata is None:
return default
return self.metadata.get(key, default)
def update_meta(self, updates: Dict[str, Any]) -> None:
"""Update multiple metadata values"""
if self.metadata is None:
self.metadata = {}
self.metadata.update(updates)
class StatusMixin:
"""Mixin for status tracking"""
status = Column(
String(64),
nullable=False,
default="active",
index=True,
comment="Record status"
)
def set_status(self, status: str, reason: Optional[str] = None):
"""Set status with optional reason"""
self.status = status
if reason:
self.set_meta("status_reason", reason)
self.set_meta("status_changed_at", datetime.utcnow().isoformat())
class BaseModelMixin:
"""Base mixin with common functionality"""
def to_dict(self) -> Dict[str, Any]:
"""Convert model to dictionary"""
result = {}
for column in self.__table__.columns:
value = getattr(self, column.name)
if isinstance(value, datetime):
value = value.isoformat()
elif hasattr(value, '__dict__'):
value = str(value)
result[column.name] = value
return result
def update_from_dict(self, data: Dict[str, Any]) -> None:
"""Update model from dictionary"""
for key, value in data.items():
if hasattr(self, key):
setattr(self, key, value)
@classmethod
async def get_by_id(
cls: Type[ModelType],
session: AsyncSession,
id_value: Union[int, str, uuid.UUID]
) -> Optional[ModelType]:
"""Get record by ID"""
try:
stmt = select(cls).where(cls.id == id_value)
result = await session.execute(stmt)
return result.scalar_one_or_none()
except Exception as e:
logger.error("Error getting record by ID", model=cls.__name__, id=id_value, error=str(e))
return None
@classmethod
async def get_all(
cls: Type[ModelType],
session: AsyncSession,
limit: Optional[int] = None,
offset: Optional[int] = None
) -> list[ModelType]:
"""Get all records with optional pagination"""
try:
stmt = select(cls)
if offset:
stmt = stmt.offset(offset)
if limit:
stmt = stmt.limit(limit)
result = await session.execute(stmt)
return result.scalars().all()
except Exception as e:
logger.error("Error getting all records", model=cls.__name__, error=str(e))
return []
@classmethod
async def count(cls: Type[ModelType], session: AsyncSession) -> int:
"""Get total count of records"""
try:
from sqlalchemy import func
stmt = select(func.count(cls.id))
result = await session.execute(stmt)
return result.scalar() or 0
except Exception as e:
logger.error("Error counting records", model=cls.__name__, error=str(e))
return 0
async def save(self, session: AsyncSession) -> None:
"""Save model to database"""
try:
session.add(self)
await session.commit()
await session.refresh(self)
except Exception as e:
await session.rollback()
logger.error("Error saving model", model=self.__class__.__name__, error=str(e))
raise
async def delete(self, session: AsyncSession) -> None:
"""Delete model from database"""
try:
await session.delete(self)
await session.commit()
except Exception as e:
await session.rollback()
logger.error("Error deleting model", model=self.__class__.__name__, error=str(e))
raise
class AuditMixin:
"""Mixin for audit trail"""
created_by = Column(
UUID(as_uuid=True),
nullable=True,
comment="User who created the record"
)
updated_by = Column(
UUID(as_uuid=True),
nullable=True,
comment="User who last updated the record"
)
def set_audit_info(self, user_id: Optional[uuid.UUID] = None):
"""Set audit information"""
if user_id:
if not hasattr(self, 'created_at') or not self.created_at:
self.created_by = user_id
self.updated_by = user_id
class CacheableMixin:
"""Mixin for cacheable models"""
@property
def cache_key(self) -> str:
"""Generate cache key for this model"""
return f"{self.__class__.__name__.lower()}:{self.id}"
@property
def cache_ttl(self) -> int:
"""Default cache TTL in seconds"""
return 3600 # 1 hour
def get_cache_data(self) -> Dict[str, Any]:
"""Get data for caching"""
return self.to_dict()
# Combined base model class
class BaseModel(
Base,
BaseModelMixin,
TimestampMixin,
UUIDMixin,
SoftDeleteMixin,
MetadataMixin,
StatusMixin,
AuditMixin,
CacheableMixin
):
"""Base model with all mixins"""
__abstract__ = True
def __repr__(self) -> str:
"""String representation of model"""
return f"<{self.__class__.__name__}(id={self.id})>"
# Compatibility with old model base
AlchemyBase = Base

88
app/core/models/base_compatible.py Normal file
View File

@ -0,0 +1,88 @@
"""Compatible SQLAlchemy base models for MariaDB."""
from datetime import datetime
from typing import Optional, Dict, Any
from sqlalchemy import Column, Integer, DateTime, text
from sqlalchemy.ext.declarative import declarative_base, declared_attr
from sqlalchemy.orm import sessionmaker
# Create base class
Base = declarative_base()
class TimestampMixin:
"""Mixin for adding timestamp fields."""
@declared_attr
def created_at(cls):
return Column(
DateTime,
nullable=False,
default=datetime.utcnow,
server_default=text('CURRENT_TIMESTAMP')
)
@declared_attr
def updated_at(cls):
return Column(
DateTime,
nullable=False,
default=datetime.utcnow,
onupdate=datetime.utcnow,
server_default=text('CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP')
)
class BaseModel(Base, TimestampMixin):
"""Base model with common fields for all entities."""
__abstract__ = True
id = Column(Integer, primary_key=True, autoincrement=True)
def to_dict(self, exclude: Optional[set] = None) -> Dict[str, Any]:
"""Convert model instance to dictionary."""
exclude = exclude or set()
result = {}
for column in self.__table__.columns:
if column.name not in exclude:
value = getattr(self, column.name)
# Handle datetime serialization
if isinstance(value, datetime):
result[column.name] = value.isoformat()
else:
result[column.name] = value
return result
def update_from_dict(self, data: Dict[str, Any], exclude: Optional[set] = None) -> None:
"""Update model instance from dictionary."""
exclude = exclude or {"id", "created_at", "updated_at"}
for key, value in data.items():
if key not in exclude and hasattr(self, key):
setattr(self, key, value)
@classmethod
def get_table_name(cls) -> str:
"""Get table name."""
return cls.__tablename__
@classmethod
def get_columns(cls) -> list:
"""Get list of column names."""
return [column.name for column in cls.__table__.columns]
def __repr__(self) -> str:
"""String representation of model."""
return f"<{self.__class__.__name__}(id={getattr(self, 'id', None)})>"
# Legacy session factory for backward compatibility
SessionLocal = sessionmaker()
def get_session():
"""Get database session (legacy function for compatibility)."""
return SessionLocal()

445
app/core/models/blockchain.py Normal file
View File

@ -0,0 +1,445 @@
"""
Blockchain-related models for TON network integration.
Handles transaction records, wallet management, and smart contract interactions.
"""
from datetime import datetime
from decimal import Decimal
from typing import Dict, List, Optional, Any
from uuid import UUID
import sqlalchemy as sa
from sqlalchemy import Column, String, Integer, DateTime, Boolean, Text, JSON, ForeignKey, Index
from sqlalchemy.orm import relationship, validates
from sqlalchemy.dialects.postgresql import UUID as PostgreSQLUUID
from app.core.models.base import Base, TimestampMixin, UUIDMixin
class BlockchainTransaction(Base, UUIDMixin, TimestampMixin):
"""Model for storing blockchain transaction records."""
__tablename__ = "blockchain_transactions"
# User relationship
user_id = Column(PostgreSQLUUID(as_uuid=True), ForeignKey("users.id"), nullable=False)
user = relationship("User", back_populates="blockchain_transactions")
# Transaction details
transaction_hash = Column(String(64), unique=True, nullable=False, index=True)
transaction_type = Column(String(20), nullable=False) # transfer, mint, burn, stake, etc.
status = Column(String(20), nullable=False, default="pending") # pending, confirmed, failed
# Amount and fees
amount = Column(sa.BIGINT, nullable=False, default=0) # Amount in nanotons
network_fee = Column(sa.BIGINT, nullable=False, default=0) # Network fee in nanotons
# Addresses
sender_address = Column(String(48), nullable=True, index=True)
recipient_address = Column(String(48), nullable=True, index=True)
# Message and metadata
message = Column(Text, nullable=True)
metadata = Column(JSON, nullable=True)
# Blockchain specific fields
block_hash = Column(String(64), nullable=True)
logical_time = Column(sa.BIGINT, nullable=True) # TON logical time
confirmations = Column(Integer, nullable=False, default=0)
# Timing
confirmed_at = Column(DateTime, nullable=True)
failed_at = Column(DateTime, nullable=True)
# Smart contract interaction
contract_address = Column(String(48), nullable=True)
contract_method = Column(String(100), nullable=True)
contract_data = Column(JSON, nullable=True)
# Internal tracking
retry_count = Column(Integer, nullable=False, default=0)
last_retry_at = Column(DateTime, nullable=True)
error_message = Column(Text, nullable=True)
# Indexes for performance
__table_args__ = (
Index("idx_blockchain_tx_user_status", "user_id", "status"),
Index("idx_blockchain_tx_hash", "transaction_hash"),
Index("idx_blockchain_tx_addresses", "sender_address", "recipient_address"),
Index("idx_blockchain_tx_created", "created_at"),
Index("idx_blockchain_tx_type_status", "transaction_type", "status"),
)
@validates('transaction_type')
def validate_transaction_type(self, key, transaction_type):
"""Validate transaction type."""
allowed_types = {
'transfer', 'mint', 'burn', 'stake', 'unstake',
'contract_call', 'deploy', 'withdraw', 'deposit'
}
if transaction_type not in allowed_types:
raise ValueError(f"Invalid transaction type: {transaction_type}")
return transaction_type
@validates('status')
def validate_status(self, key, status):
"""Validate transaction status."""
allowed_statuses = {'pending', 'confirmed', 'failed', 'cancelled'}
if status not in allowed_statuses:
raise ValueError(f"Invalid status: {status}")
return status
@property
def amount_tons(self) -> Decimal:
"""Convert nanotons to TON."""
return Decimal(self.amount) / Decimal("1000000000")
@property
def fee_tons(self) -> Decimal:
"""Convert fee nanotons to TON."""
return Decimal(self.network_fee) / Decimal("1000000000")
@property
def is_incoming(self) -> bool:
"""Check if transaction is incoming to user's wallet."""
return self.transaction_type in {'transfer', 'mint', 'deposit'} and self.recipient_address
@property
def is_outgoing(self) -> bool:
"""Check if transaction is outgoing from user's wallet."""
return self.transaction_type in {'transfer', 'burn', 'withdraw'} and self.sender_address
def to_dict(self) -> Dict[str, Any]:
"""Convert transaction to dictionary."""
return {
"id": str(self.id),
"hash": self.transaction_hash,
"type": self.transaction_type,
"status": self.status,
"amount": self.amount,
"amount_tons": str(self.amount_tons),
"fee": self.network_fee,
"fee_tons": str(self.fee_tons),
"sender": self.sender_address,
"recipient": self.recipient_address,
"message": self.message,
"block_hash": self.block_hash,
"confirmations": self.confirmations,
"created_at": self.created_at.isoformat() if self.created_at else None,
"confirmed_at": self.confirmed_at.isoformat() if self.confirmed_at else None,
"is_incoming": self.is_incoming,
"is_outgoing": self.is_outgoing
}
class SmartContract(Base, UUIDMixin, TimestampMixin):
"""Model for smart contract management."""
__tablename__ = "smart_contracts"
# Contract details
address = Column(String(48), unique=True, nullable=False, index=True)
name = Column(String(100), nullable=False)
description = Column(Text, nullable=True)
contract_type = Column(String(50), nullable=False) # nft, token, defi, etc.
# Contract metadata
abi = Column(JSON, nullable=True) # Contract ABI if available
source_code = Column(Text, nullable=True)
compiler_version = Column(String(20), nullable=True)
# Deployment info
deployer_address = Column(String(48), nullable=True)
deployment_tx_hash = Column(String(64), nullable=True)
deployment_block = Column(sa.BIGINT, nullable=True)
# Status and verification
is_verified = Column(Boolean, nullable=False, default=False)
is_active = Column(Boolean, nullable=False, default=True)
verification_date = Column(DateTime, nullable=True)
# Usage statistics
interaction_count = Column(Integer, nullable=False, default=0)
last_interaction_at = Column(DateTime, nullable=True)
# Relationships
transactions = relationship(
"BlockchainTransaction",
foreign_keys="BlockchainTransaction.contract_address",
primaryjoin="SmartContract.address == BlockchainTransaction.contract_address",
back_populates=None
)
__table_args__ = (
Index("idx_smart_contract_address", "address"),
Index("idx_smart_contract_type", "contract_type"),
Index("idx_smart_contract_active", "is_active"),
)
@validates('contract_type')
def validate_contract_type(self, key, contract_type):
"""Validate contract type."""
allowed_types = {
'nft', 'token', 'defi', 'game', 'dao', 'bridge',
'oracle', 'multisig', 'custom'
}
if contract_type not in allowed_types:
raise ValueError(f"Invalid contract type: {contract_type}")
return contract_type
class TokenBalance(Base, UUIDMixin, TimestampMixin):
"""Model for tracking user token balances."""
__tablename__ = "token_balances"
# User relationship
user_id = Column(PostgreSQLUUID(as_uuid=True), ForeignKey("users.id"), nullable=False)
user = relationship("User", back_populates="token_balances")
# Token details
token_address = Column(String(48), nullable=False, index=True)
token_name = Column(String(100), nullable=True)
token_symbol = Column(String(10), nullable=True)
token_decimals = Column(Integer, nullable=False, default=9)
# Balance information
balance = Column(sa.BIGINT, nullable=False, default=0) # Raw balance
locked_balance = Column(sa.BIGINT, nullable=False, default=0) # Locked in contracts
# Metadata
last_update_block = Column(sa.BIGINT, nullable=True)
last_update_tx = Column(String(64), nullable=True)
# Unique constraint
__table_args__ = (
sa.UniqueConstraint("user_id", "token_address", name="uq_user_token"),
Index("idx_token_balance_user", "user_id"),
Index("idx_token_balance_token", "token_address"),
Index("idx_token_balance_updated", "updated_at"),
)
@property
def available_balance(self) -> int:
"""Get available (unlocked) balance."""
return max(0, self.balance - self.locked_balance)
@property
def formatted_balance(self) -> Decimal:
"""Get balance formatted with decimals."""
return Decimal(self.balance) / Decimal(10 ** self.token_decimals)
@property
def formatted_available_balance(self) -> Decimal:
"""Get available balance formatted with decimals."""
return Decimal(self.available_balance) / Decimal(10 ** self.token_decimals)
class StakingPosition(Base, UUIDMixin, TimestampMixin):
"""Model for staking positions."""
__tablename__ = "staking_positions"
# User relationship
user_id = Column(PostgreSQLUUID(as_uuid=True), ForeignKey("users.id"), nullable=False)
user = relationship("User", back_populates="staking_positions")
# Staking details
validator_address = Column(String(48), nullable=False, index=True)
pool_address = Column(String(48), nullable=True)
# Amount and timing
staked_amount = Column(sa.BIGINT, nullable=False) # Amount in nanotons
stake_tx_hash = Column(String(64), nullable=False)
stake_block = Column(sa.BIGINT, nullable=True)
# Status
status = Column(String(20), nullable=False, default="active") # active, unstaking, withdrawn
unstake_tx_hash = Column(String(64), nullable=True)
unstake_requested_at = Column(DateTime, nullable=True)
withdrawn_at = Column(DateTime, nullable=True)
# Rewards
rewards_earned = Column(sa.BIGINT, nullable=False, default=0)
last_reward_claim = Column(DateTime, nullable=True)
last_reward_tx = Column(String(64), nullable=True)
# Lock period
lock_period_days = Column(Integer, nullable=False, default=0)
unlock_date = Column(DateTime, nullable=True)
__table_args__ = (
Index("idx_staking_user_status", "user_id", "status"),
Index("idx_staking_validator", "validator_address"),
Index("idx_staking_unlock", "unlock_date"),
)
@validates('status')
def validate_status(self, key, status):
"""Validate staking status."""
allowed_statuses = {'active', 'unstaking', 'withdrawn', 'slashed'}
if status not in allowed_statuses:
raise ValueError(f"Invalid staking status: {status}")
return status
@property
def staked_tons(self) -> Decimal:
"""Get staked amount in TON."""
return Decimal(self.staked_amount) / Decimal("1000000000")
@property
def rewards_tons(self) -> Decimal:
"""Get rewards amount in TON."""
return Decimal(self.rewards_earned) / Decimal("1000000000")
@property
def is_locked(self) -> bool:
"""Check if staking position is still locked."""
if not self.unlock_date:
return False
return datetime.utcnow() < self.unlock_date
class NFTCollection(Base, UUIDMixin, TimestampMixin):
"""Model for NFT collections."""
__tablename__ = "nft_collections"
# Collection details
contract_address = Column(String(48), unique=True, nullable=False, index=True)
name = Column(String(100), nullable=False)
description = Column(Text, nullable=True)
symbol = Column(String(10), nullable=True)
# Creator and metadata
creator_address = Column(String(48), nullable=False)
metadata_uri = Column(String(500), nullable=True)
base_uri = Column(String(500), nullable=True)
# Collection stats
total_supply = Column(Integer, nullable=False, default=0)
max_supply = Column(Integer, nullable=True)
floor_price = Column(sa.BIGINT, nullable=True) # In nanotons
# Status
is_verified = Column(Boolean, nullable=False, default=False)
is_active = Column(Boolean, nullable=False, default=True)
# Relationships
nfts = relationship("NFTToken", back_populates="collection")
__table_args__ = (
Index("idx_nft_collection_address", "contract_address"),
Index("idx_nft_collection_creator", "creator_address"),
Index("idx_nft_collection_verified", "is_verified"),
)
class NFTToken(Base, UUIDMixin, TimestampMixin):
"""Model for individual NFT tokens."""
__tablename__ = "nft_tokens"
# Token identification
collection_id = Column(PostgreSQLUUID(as_uuid=True), ForeignKey("nft_collections.id"), nullable=False)
collection = relationship("NFTCollection", back_populates="nfts")
token_id = Column(String(100), nullable=False) # Token ID within collection
token_address = Column(String(48), unique=True, nullable=False, index=True)
# Ownership
owner_address = Column(String(48), nullable=False, index=True)
# Metadata
name = Column(String(200), nullable=True)
description = Column(Text, nullable=True)
image_uri = Column(String(500), nullable=True)
metadata_uri = Column(String(500), nullable=True)
attributes = Column(JSON, nullable=True)
# Trading
last_sale_price = Column(sa.BIGINT, nullable=True) # In nanotons
last_sale_tx = Column(String(64), nullable=True)
last_sale_date = Column(DateTime, nullable=True)
# Status
is_burned = Column(Boolean, nullable=False, default=False)
burned_at = Column(DateTime, nullable=True)
__table_args__ = (
sa.UniqueConstraint("collection_id", "token_id", name="uq_collection_token"),
Index("idx_nft_token_address", "token_address"),
Index("idx_nft_token_owner", "owner_address"),
Index("idx_nft_token_collection", "collection_id"),
)
@property
def last_sale_tons(self) -> Optional[Decimal]:
"""Get last sale price in TON."""
if self.last_sale_price is None:
return None
return Decimal(self.last_sale_price) / Decimal("1000000000")
class DeFiPosition(Base, UUIDMixin, TimestampMixin):
"""Model for DeFi protocol positions."""
__tablename__ = "defi_positions"
# User relationship
user_id = Column(PostgreSQLUUID(as_uuid=True), ForeignKey("users.id"), nullable=False)
user = relationship("User", back_populates="defi_positions")
# Protocol details
protocol_name = Column(String(100), nullable=False)
protocol_address = Column(String(48), nullable=False)
position_type = Column(String(50), nullable=False) # liquidity, lending, borrowing, etc.
# Position details
token_a_address = Column(String(48), nullable=True)
token_a_amount = Column(sa.BIGINT, nullable=False, default=0)
token_b_address = Column(String(48), nullable=True)
token_b_amount = Column(sa.BIGINT, nullable=False, default=0)
# Value tracking
initial_value = Column(sa.BIGINT, nullable=False, default=0) # In nanotons
current_value = Column(sa.BIGINT, nullable=False, default=0)
last_value_update = Column(DateTime, nullable=True)
# Rewards and fees
rewards_earned = Column(sa.BIGINT, nullable=False, default=0)
fees_paid = Column(sa.BIGINT, nullable=False, default=0)
# Status
status = Column(String(20), nullable=False, default="active") # active, closed, liquidated
opened_tx = Column(String(64), nullable=False)
closed_tx = Column(String(64), nullable=True)
closed_at = Column(DateTime, nullable=True)
__table_args__ = (
Index("idx_defi_user_protocol", "user_id", "protocol_name"),
Index("idx_defi_position_type", "position_type"),
Index("idx_defi_status", "status"),
)
@validates('position_type')
def validate_position_type(self, key, position_type):
"""Validate position type."""
allowed_types = {
'liquidity', 'lending', 'borrowing', 'farming',
'staking', 'options', 'futures', 'insurance'
}
if position_type not in allowed_types:
raise ValueError(f"Invalid position type: {position_type}")
return position_type
@validates('status')
def validate_status(self, key, status):
"""Validate position status."""
allowed_statuses = {'active', 'closed', 'liquidated', 'expired'}
if status not in allowed_statuses:
raise ValueError(f"Invalid position status: {status}")
return status
@property
def current_value_tons(self) -> Decimal:
"""Get current value in TON."""
return Decimal(self.current_value) / Decimal("1000000000")
@property
def pnl_tons(self) -> Decimal:
"""Get profit/loss in TON."""
return Decimal(self.current_value - self.initial_value) / Decimal("1000000000")
@property
def pnl_percentage(self) -> Decimal:
"""Get profit/loss percentage."""
if self.initial_value == 0:
return Decimal("0")
return (Decimal(self.current_value - self.initial_value) / Decimal(self.initial_value)) * 100

1
app/core/models/content/__init__.py
View File

@ -1 +0,0 @@
from app.core.models.content.user_content import UserContent

54
app/core/models/content/chunk.py Normal file
View File

@ -0,0 +1,54 @@
from __future__ import annotations
import base64
import hashlib
import logging
from dataclasses import dataclass, field, asdict
from datetime import datetime
from typing import Optional
logger = logging.getLogger(__name__)
@dataclass
class ContentChunk:
"""
Модель чанка зашифрованного контента.
Все бинарные поля представлены в base64-строках для JSON-совместимости.
- chunk_hash: HEX(SHA-256(raw_encrypted_chunk_bytes)) для дедупликации
- signature: base64-encoded Ed25519 подпись структуры чанка (детали в ChunkManager)
"""
chunk_id: str
content_id: str
chunk_index: int
chunk_hash: str # hex sha256(raw encrypted data)
encrypted_data: str # base64
signature: Optional[str] = None
created_at: str = field(default_factory=lambda: datetime.utcnow().isoformat())
def to_dict(self) -> dict:
return asdict(self)
@classmethod
def from_dict(cls, data: dict) -> "ContentChunk":
required = ["chunk_id", "content_id", "chunk_index", "chunk_hash", "encrypted_data"]
for f in required:
if f not in data:
raise ValueError(f"Missing required field in ContentChunk: {f}")
return cls(
chunk_id=data["chunk_id"],
content_id=data["content_id"],
chunk_index=int(data["chunk_index"]),
chunk_hash=data["chunk_hash"],
encrypted_data=data["encrypted_data"],
signature=data.get("signature"),
created_at=data.get("created_at") or datetime.utcnow().isoformat(),
)
def encrypted_bytes(self) -> bytes:
return base64.b64decode(self.encrypted_data)
@staticmethod
def compute_sha256_hex(buf: bytes) -> str:
return hashlib.sha256(buf).hexdigest()

95
app/core/models/content/encrypted_content.py Normal file
View File

@ -0,0 +1,95 @@
"""
Модель данных EncryptedContent для хранения результата шифрования контента.
Полезно для сериализации, логирования и передачи между подсистемами uploader-bot.
"""
from __future__ import annotations
import base64
import json
import logging
from dataclasses import dataclass, field, asdict
from datetime import datetime
from typing import Any, Dict, Optional
logger = logging.getLogger(__name__)
@dataclass
class EncryptedContent:
"""
Универсальная переносимая модель зашифрованного контента.
Все бинарные поля хранятся в Base64 (строки), чтобы быть JSON-совместимыми.
"""
content_id: str
ciphertext_b64: str
nonce_b64: str
tag_b64: str
# Подпись и открытый ключ подписанта (Ed25519). Могут отсутствовать.
signature: Optional[str] = None
signer_pubkey: Optional[str] = None
# Пользовательские/системные метаданные (должны совпадать при верификации)
metadata: Dict[str, Any] = field(default_factory=dict)
# Служебная метка времени создания структуры
created_at: str = field(default_factory=lambda: datetime.utcnow().isoformat())
def to_dict(self) -> Dict[str, Any]:
"""
Сериализация в словарь (JSON-совместимый).
"""
data = asdict(self)
# Ничего дополнительно не преобразуем — все поля уже JSON-friendly
return data
def to_json(self) -> str:
"""
Сериализация в JSON-строку.
"""
payload = self.to_dict()
try:
return json.dumps(payload, ensure_ascii=False, sort_keys=True)
except Exception as e:
logger.error(f"EncryptedContent.to_json serialization error: {e}")
raise
@classmethod
def from_dict(cls, data: Dict[str, Any]) -> "EncryptedContent":
"""
Десериализация из словаря.
"""
required = ["content_id", "ciphertext_b64", "nonce_b64", "tag_b64"]
for f in required:
if f not in data:
raise ValueError(f"Missing required field in EncryptedContent: {f}")
return cls(
content_id=data["content_id"],
ciphertext_b64=data["ciphertext_b64"],
nonce_b64=data["nonce_b64"],
tag_b64=data["tag_b64"],
signature=data.get("signature"),
signer_pubkey=data.get("signer_pubkey"),
metadata=data.get("metadata", {}) or {},
created_at=data.get("created_at") or datetime.utcnow().isoformat(),
)
@classmethod
def from_crypto_result(cls, crypto_result: Dict[str, Any]) -> "EncryptedContent":
"""
Удобный конструктор из результата ContentCipher.encrypt_content()
"""
return cls.from_dict(crypto_result)
# Вспомогательные методы для работы с бинарными данными (если необходимо)
def ciphertext_bytes(self) -> bytes:
return base64.b64decode(self.ciphertext_b64)
def nonce_bytes(self) -> bytes:
return base64.b64decode(self.nonce_b64)
def tag_bytes(self) -> bytes:
return base64.b64decode(self.tag_b64)

37
app/core/models/content/user_content.py
View File

@ -1,48 +1,43 @@
from sqlalchemy import Column, BigInteger, Integer, String, ForeignKey, DateTime, JSON, Boolean
from datetime import datetime
from sqlalchemy import Column, BigInteger, Integer, String, ForeignKey, JSON, Boolean
from sqlalchemy.dialects.postgresql import TIMESTAMP
from sqlalchemy.orm import relationship
from app.core.models.base import AlchemyBase
from app.core.models.content.indexation_mixins import UserContentIndexationMixin
from app.core.models.base import BaseModel
class UserContent(AlchemyBase, UserContentIndexationMixin):
class UserContent(BaseModel):
__tablename__ = 'users_content'
id = Column(Integer, autoincrement=True, primary_key=True)
type = Column(String(128), nullable=False) # 'license/issuer', 'license/listen', 'nft/unknown'
onchain_address = Column(String(1024), nullable=True) # bind by this
# Legacy compatibility fields
type = Column(String(128), nullable=False, default='license/listen')
onchain_address = Column(String(1024), nullable=True)
owner_address = Column(String(1024), nullable=True)
code_hash = Column(String(128), nullable=True)
data_hash = Column(String(128), nullable=True)
updated = Column(DateTime, nullable=False, default=0)
content_id = Column(Integer, ForeignKey('node_storage.id'), nullable=True)
created = Column(DateTime, nullable=False, default=0)
content_id = Column(String(36), ForeignKey('my_network_content.id'), nullable=True)
meta = Column(JSON, nullable=False, default={})
user_id = Column(Integer, ForeignKey('users.id'), nullable=False)
wallet_connection_id = Column(Integer, ForeignKey('wallet_connections.id'), nullable=True)
status = Column(String(64), nullable=False, default='active') # 'transaction_requested'
meta = Column(JSON, nullable=False, default=dict)
user_id = Column(String(36), ForeignKey('users.id'), nullable=False)
wallet_connection_id = Column(String(36), ForeignKey('wallet_connections.id'), nullable=True)
user = relationship('User', uselist=False, foreign_keys=[user_id])
wallet_connection = relationship('WalletConnection', uselist=False, foreign_keys=[wallet_connection_id])
content = relationship('StoredContent', uselist=False, foreign_keys=[content_id])
class UserAction(AlchemyBase):
class UserAction(BaseModel):
__tablename__ = 'users_actions'
id = Column(Integer, autoincrement=True, primary_key=True)
type = Column(String(128), nullable=False) # 'purchase'
user_id = Column(Integer, ForeignKey('users.id'), nullable=False)
content_id = Column(Integer, ForeignKey('node_storage.id'), nullable=True)
user_id = Column(String(36), ForeignKey('users.id'), nullable=False)
content_id = Column(String(36), ForeignKey('my_network_content.id'), nullable=True)
telegram_message_id = Column(BigInteger, nullable=True)
to_address = Column(String(1024), nullable=True)
from_address = Column(String(1024), nullable=True)
status = Column(String(128), nullable=True)
meta = Column(JSON, nullable=False, default={})
created = Column(DateTime, nullable=False, default=0)
meta = Column(JSON, nullable=False, default=dict)
user = relationship('User', uselist=False, foreign_keys=[user_id])
content = relationship('StoredContent', uselist=False, foreign_keys=[content_id])

388
app/core/models/content_compatible.py Normal file
View File

@ -0,0 +1,388 @@
"""Compatible content models for MariaDB."""
from datetime import datetime
from typing import Optional, List, Dict, Any
from sqlalchemy import Column, String, Boolean, Text, Integer, DateTime, BigInteger, Index, ForeignKey
from sqlalchemy.orm import relationship
from app.core.models.base_compatible import BaseModel
class Content(BaseModel):
"""Content model compatible with existing MariaDB schema."""
__tablename__ = "content"
# Basic content information
user_id = Column(Integer, ForeignKey('users.id'), nullable=False, index=True)
filename = Column(String(255), nullable=False)
original_filename = Column(String(255), nullable=False)
file_path = Column(String(500), nullable=False)
# File metadata
file_size = Column(BigInteger, nullable=False) # bytes
file_type = Column(String(100), nullable=False)
mime_type = Column(String(100), nullable=False)
file_extension = Column(String(10), nullable=False)
# Content metadata
title = Column(String(255), nullable=True)
description = Column(Text, nullable=True)
tags = Column(Text, nullable=True) # JSON or comma-separated
# Status and visibility
is_public = Column(Boolean, default=False, nullable=False)
is_active = Column(Boolean, default=True, nullable=False)
is_indexed = Column(Boolean, default=False, nullable=False)
is_converted = Column(Boolean, default=False, nullable=False)
# Access and security
access_password = Column(String(255), nullable=True)
download_count = Column(Integer, default=0, nullable=False)
view_count = Column(Integer, default=0, nullable=False)
# Processing status
processing_status = Column(String(50), default="pending", nullable=False)
processing_error = Column(Text, nullable=True)
processing_started = Column(DateTime, nullable=True)
processing_completed = Column(DateTime, nullable=True)
# File hashes for integrity
md5_hash = Column(String(32), nullable=True, index=True)
sha256_hash = Column(String(64), nullable=True, index=True)
# Thumbnails and previews
thumbnail_path = Column(String(500), nullable=True)
preview_path = Column(String(500), nullable=True)
# TON Blockchain integration
ton_transaction_hash = Column(String(100), nullable=True, index=True)
ton_storage_proof = Column(Text, nullable=True)
ton_storage_fee = Column(BigInteger, default=0, nullable=False) # nanotons
# Expiration and cleanup
expires_at = Column(DateTime, nullable=True)
auto_delete = Column(Boolean, default=False, nullable=False)
# Relationships
user = relationship("User", back_populates="content")
# Table indexes for performance
__table_args__ = (
Index('idx_content_user_active', 'user_id', 'is_active'),
Index('idx_content_public_indexed', 'is_public', 'is_indexed'),
Index('idx_content_file_type', 'file_type', 'mime_type'),
Index('idx_content_created', 'created_at'),
Index('idx_content_size', 'file_size'),
Index('idx_content_processing', 'processing_status'),
Index('idx_content_ton_tx', 'ton_transaction_hash'),
Index('idx_content_expires', 'expires_at', 'auto_delete'),
)
def is_expired(self) -> bool:
"""Check if content is expired."""
if not self.expires_at:
return False
return datetime.utcnow() > self.expires_at
def is_image(self) -> bool:
"""Check if content is an image."""
return self.file_type.lower() in ['image', 'img'] or \
self.mime_type.startswith('image/')
def is_video(self) -> bool:
"""Check if content is a video."""
return self.file_type.lower() == 'video' or \
self.mime_type.startswith('video/')
def is_document(self) -> bool:
"""Check if content is a document."""
return self.file_type.lower() in ['document', 'doc', 'pdf'] or \
self.mime_type in ['application/pdf', 'application/msword', 'text/plain']
def get_file_size_human(self) -> str:
"""Get human-readable file size."""
size = self.file_size
for unit in ['B', 'KB', 'MB', 'GB', 'TB']:
if size < 1024.0:
return f"{size:.1f} {unit}"
size /= 1024.0
return f"{size:.1f} PB"
def increment_download_count(self) -> None:
"""Increment download counter."""
self.download_count += 1
def increment_view_count(self) -> None:
"""Increment view counter."""
self.view_count += 1
def mark_as_indexed(self) -> None:
"""Mark content as indexed."""
self.is_indexed = True
def mark_as_converted(self) -> None:
"""Mark content as converted."""
self.is_converted = True
self.processing_status = "completed"
self.processing_completed = datetime.utcnow()
def set_processing_error(self, error: str) -> None:
"""Set processing error."""
self.processing_status = "error"
self.processing_error = error
self.processing_completed = datetime.utcnow()
def start_processing(self) -> None:
"""Mark processing as started."""
self.processing_status = "processing"
self.processing_started = datetime.utcnow()
self.processing_error = None
def get_tags_list(self) -> List[str]:
"""Get tags as list."""
if not self.tags:
return []
# Try to parse as JSON first, fallback to comma-separated
try:
import json
return json.loads(self.tags)
except:
return [tag.strip() for tag in self.tags.split(',') if tag.strip()]
def set_tags_list(self, tags: List[str]) -> None:
"""Set tags from list."""
import json
self.tags = json.dumps(tags) if tags else None
def to_dict(self, include_sensitive: bool = False) -> Dict[str, Any]:
"""Convert to dictionary with option to exclude sensitive data."""
exclude = set()
if not include_sensitive:
exclude.update({"access_password", "file_path", "processing_error"})
data = super().to_dict(exclude=exclude)
# Add computed fields
data.update({
"file_size_human": self.get_file_size_human(),
"is_image": self.is_image(),
"is_video": self.is_video(),
"is_document": self.is_document(),
"is_expired": self.is_expired(),
"tags_list": self.get_tags_list(),
})
return data
def to_public_dict(self) -> Dict[str, Any]:
"""Convert to public dictionary (minimal content info)."""
return {
"id": self.id,
"filename": self.filename,
"title": self.title,
"description": self.description,
"file_type": self.file_type,
"file_size": self.file_size,
"file_size_human": self.get_file_size_human(),
"is_image": self.is_image(),
"is_video": self.is_video(),
"is_document": self.is_document(),
"download_count": self.download_count,
"view_count": self.view_count,
"tags_list": self.get_tags_list(),
"created_at": self.created_at.isoformat() if self.created_at else None,
}
class ContentShare(BaseModel):
"""Content sharing model for tracking shared content."""
__tablename__ = "content_shares"
content_id = Column(Integer, ForeignKey('content.id'), nullable=False, index=True)
user_id = Column(Integer, ForeignKey('users.id'), nullable=True, index=True) # Can be null for anonymous shares
# Share metadata
share_token = Column(String(100), unique=True, nullable=False, index=True)
share_url = Column(String(500), nullable=False)
# Share settings
is_active = Column(Boolean, default=True, nullable=False)
is_password_protected = Column(Boolean, default=False, nullable=False)
share_password = Column(String(255), nullable=True)
# Access control
max_downloads = Column(Integer, nullable=True) # Null = unlimited
download_count = Column(Integer, default=0, nullable=False)
view_count = Column(Integer, default=0, nullable=False)
# Time limits
expires_at = Column(DateTime, nullable=True)
# Tracking
ip_address = Column(String(45), nullable=True)
user_agent = Column(Text, nullable=True)
# Relationships
content = relationship("Content")
user = relationship("User")
__table_args__ = (
Index('idx_shares_content_active', 'content_id', 'is_active'),
Index('idx_shares_token', 'share_token'),
Index('idx_shares_expires', 'expires_at'),
)
def is_expired(self) -> bool:
"""Check if share is expired."""
if not self.expires_at:
return False
return datetime.utcnow() > self.expires_at
def is_download_limit_reached(self) -> bool:
"""Check if download limit is reached."""
if not self.max_downloads:
return False
return self.download_count >= self.max_downloads
def is_valid(self) -> bool:
"""Check if share is valid."""
return (self.is_active and
not self.is_expired() and
not self.is_download_limit_reached())
def increment_download(self) -> bool:
"""Increment download count and return if still valid."""
if not self.is_valid():
return False
self.download_count += 1
return self.is_valid()
def increment_view(self) -> None:
"""Increment view count."""
self.view_count += 1
class ContentMetadata(BaseModel):
"""Extended metadata for content files."""
__tablename__ = "content_metadata"
content_id = Column(Integer, ForeignKey('content.id'), unique=True, nullable=False, index=True)
# Image metadata
image_width = Column(Integer, nullable=True)
image_height = Column(Integer, nullable=True)
image_dpi = Column(Integer, nullable=True)
image_color_space = Column(String(50), nullable=True)
# Video metadata
video_duration = Column(Integer, nullable=True) # seconds
video_bitrate = Column(Integer, nullable=True)
video_fps = Column(Integer, nullable=True)
video_resolution = Column(String(20), nullable=True) # e.g., "1920x1080"
video_codec = Column(String(50), nullable=True)
# Audio metadata
audio_duration = Column(Integer, nullable=True) # seconds
audio_bitrate = Column(Integer, nullable=True)
audio_sample_rate = Column(Integer, nullable=True)
audio_channels = Column(Integer, nullable=True)
audio_codec = Column(String(50), nullable=True)
# Document metadata
document_pages = Column(Integer, nullable=True)
document_words = Column(Integer, nullable=True)
document_language = Column(String(10), nullable=True)
document_author = Column(String(255), nullable=True)
# EXIF data (JSON)
exif_data = Column(Text, nullable=True)
# GPS coordinates
gps_latitude = Column(String(50), nullable=True)
gps_longitude = Column(String(50), nullable=True)
gps_altitude = Column(String(50), nullable=True)
# Technical metadata
compression_ratio = Column(String(20), nullable=True)
quality_score = Column(Integer, nullable=True) # 0-100
# Relationships
content = relationship("Content")
def to_dict(self) -> Dict[str, Any]:
"""Convert metadata to dictionary."""
data = super().to_dict(exclude={"content_id"})
# Parse EXIF data if present
if self.exif_data:
try:
import json
data["exif_data"] = json.loads(self.exif_data)
except:
data["exif_data"] = None
return data
def set_exif_data(self, exif_dict: Dict[str, Any]) -> None:
"""Set EXIF data from dictionary."""
if exif_dict:
import json
self.exif_data = json.dumps(exif_dict)
else:
self.exif_data = None
def get_exif_data(self) -> Optional[Dict[str, Any]]:
"""Get EXIF data as dictionary."""
if not self.exif_data:
return None
try:
import json
return json.loads(self.exif_data)
except:
return None
class ContentVersion(BaseModel):
"""Content version history for tracking changes."""
__tablename__ = "content_versions"
content_id = Column(Integer, ForeignKey('content.id'), nullable=False, index=True)
user_id = Column(Integer, ForeignKey('users.id'), nullable=False, index=True)
# Version information
version_number = Column(Integer, nullable=False)
version_name = Column(String(100), nullable=True)
change_description = Column(Text, nullable=True)
# File information
file_path = Column(String(500), nullable=False)
file_size = Column(BigInteger, nullable=False)
file_hash = Column(String(64), nullable=False)
# Status
is_current = Column(Boolean, default=False, nullable=False)
# Relationships
content = relationship("Content")
user = relationship("User")
__table_args__ = (
Index('idx_versions_content_number', 'content_id', 'version_number'),
Index('idx_versions_current', 'content_id', 'is_current'),
)
def mark_as_current(self) -> None:
"""Mark this version as current."""
self.is_current = True
# Add relationship to User model
# This would be added to the User model:
# content = relationship("Content", back_populates="user")

901
app/core/models/content_models.py Normal file
View File

@ -0,0 +1,901 @@
"""
Content models with async support and enhanced features
"""
import hashlib
import mimetypes
from datetime import datetime, timedelta
from enum import Enum
from pathlib import Path
from typing import Optional, List, Dict, Any, Union
from urllib.parse import urljoin
from sqlalchemy import Column, String, Integer, BigInteger, Boolean, Text, ForeignKey, Index, text, DateTime
from sqlalchemy.dialects.postgresql import JSONB, ARRAY
from sqlalchemy.ext.asyncio import AsyncSession
from sqlalchemy.future import select
from sqlalchemy.orm import relationship
import structlog
from app.core.models.base import BaseModel
from app.core.config import settings, PROJECT_HOST
logger = structlog.get_logger(__name__)
class ContentType(str, Enum):
"""Content type enumeration"""
AUDIO = "audio"
VIDEO = "video"
IMAGE = "image"
TEXT = "text"
DOCUMENT = "document"
UNKNOWN = "unknown"
class ContentStatus(str, Enum):
"""Content status enumeration"""
UPLOADING = "uploading"
PROCESSING = "processing"
READY = "ready"
FAILED = "failed"
DISABLED = "disabled"
DELETED = "deleted"
class StorageType(str, Enum):
"""Storage type enumeration"""
LOCAL = "local"
ONCHAIN = "onchain"
IPFS = "ipfs"
HYBRID = "hybrid"
class LicenseType(str, Enum):
"""License type enumeration"""
LISTEN = "listen"
USE = "use"
RESALE = "resale"
EXCLUSIVE = "exclusive"
class StoredContent(BaseModel):
"""Enhanced content storage model"""
__tablename__ = 'my_network_content'
# Content identification
hash = Column(
String(128),
nullable=False,
unique=True,
index=True,
comment="Content hash (SHA-256 or custom)"
)
content_id = Column(
String(256),
nullable=True,
index=True,
comment="Content identifier (CID for IPFS)"
)
# File information
filename = Column(
String(512),
nullable=False,
comment="Original filename"
)
file_size = Column(
BigInteger,
nullable=False,
default=0,
comment="File size in bytes"
)
mime_type = Column(
String(128),
nullable=True,
comment="MIME type of the content"
)
# Content type and storage
content_type = Column(
String(32),
nullable=False,
default=ContentType.UNKNOWN.value,
index=True,
comment="Content type category"
)
storage_type = Column(
String(32),
nullable=False,
default=StorageType.LOCAL.value,
index=True,
comment="Storage type"
)
# File path and URLs
file_path = Column(
String(1024),
nullable=True,
comment="Local file path"
)
external_url = Column(
String(2048),
nullable=True,
comment="External URL for remote content"
)
# Blockchain related
onchain_index = Column(
Integer,
nullable=True,
index=True,
comment="On-chain index number"
)
owner_address = Column(
String(256),
nullable=True,
index=True,
comment="Blockchain owner address"
)
# User and access
user_id = Column(
String(36), # UUID
ForeignKey('users.id'),
nullable=True,
index=True,
comment="User who uploaded the content"
)
# Encryption and security
encrypted = Column(
Boolean,
nullable=False,
default=False,
comment="Whether content is encrypted"
)
encryption_key_id = Column(
String(36), # UUID
ForeignKey('encryption_keys.id'),
nullable=True,
comment="Encryption key reference"
)
# Processing status
disabled = Column(
Boolean,
nullable=False,
default=False,
index=True,
comment="Whether content is disabled"
)
# Content metadata
title = Column(
String(512),
nullable=True,
comment="Content title"
)
description = Column(
Text,
nullable=True,
comment="Content description"
)
tags = Column(
ARRAY(String),
nullable=False,
default=list,
comment="Content tags"
)
# Media-specific metadata
duration = Column(
Integer,
nullable=True,
comment="Duration in seconds (for audio/video)"
)
width = Column(
Integer,
nullable=True,
comment="Width in pixels (for images/video)"
)
height = Column(
Integer,
nullable=True,
comment="Height in pixels (for images/video)"
)
bitrate = Column(
Integer,
nullable=True,
comment="Bitrate (for audio/video)"
)
# Conversion and processing
processing_status = Column(
String(32),
nullable=False,
default=ContentStatus.READY.value,
index=True,
comment="Processing status"
)
conversion_data = Column(
JSONB,
nullable=False,
default=dict,
comment="Conversion and processing data"
)
# Statistics
download_count = Column(
Integer,
nullable=False,
default=0,
comment="Number of downloads"
)
view_count = Column(
Integer,
nullable=False,
default=0,
comment="Number of views"
)
# Relationships
user = relationship('User', back_populates='content_items')
encryption_key = relationship('EncryptionKey', back_populates='content_items')
user_contents = relationship('UserContent', back_populates='content')
user_actions = relationship('UserAction', back_populates='content')
# Indexes for performance
__table_args__ = (
Index('idx_content_hash', 'hash'),
Index('idx_content_user_type', 'user_id', 'content_type'),
Index('idx_content_storage_status', 'storage_type', 'status'),
Index('idx_content_onchain', 'onchain_index'),
Index('idx_content_created', 'created_at'),
Index('idx_content_disabled', 'disabled'),
)
def __str__(self) -> str:
"""String representation"""
return f"StoredContent({self.id}, hash={self.hash[:8]}..., filename={self.filename})"
@property
def file_extension(self) -> str:
"""Get file extension"""
return Path(self.filename).suffix.lower()
@property
def web_url(self) -> str:
"""Get web accessible URL"""
if self.external_url:
return self.external_url
if self.hash:
return urljoin(str(PROJECT_HOST), f"/api/v1.5/storage/{self.hash}")
return ""
@property
def download_url(self) -> str:
"""Get download URL"""
if self.hash:
return urljoin(str(PROJECT_HOST), f"/api/v1/storage/{self.hash}")
return ""
@property
def is_media(self) -> bool:
"""Check if content is media (audio/video/image)"""
return self.content_type in [ContentType.AUDIO, ContentType.VIDEO, ContentType.IMAGE]
@property
def is_processed(self) -> bool:
"""Check if content is fully processed"""
return self.processing_status == ContentStatus.READY.value
@property
def cache_key(self) -> str:
"""Override cache key to use hash"""
return f"content:hash:{self.hash}"
def detect_content_type(self) -> ContentType:
"""Detect content type from MIME type"""
if not self.mime_type:
# Try to guess from extension
mime_type, _ = mimetypes.guess_type(self.filename)
self.mime_type = mime_type
if self.mime_type:
if self.mime_type.startswith('audio/'):
return ContentType.AUDIO
elif self.mime_type.startswith('video/'):
return ContentType.VIDEO
elif self.mime_type.startswith('image/'):
return ContentType.IMAGE
elif self.mime_type.startswith('text/'):
return ContentType.TEXT
elif 'application/' in self.mime_type:
return ContentType.DOCUMENT
return ContentType.UNKNOWN
def calculate_hash(self, file_data: bytes) -> str:
"""Calculate hash for file data"""
return hashlib.sha256(file_data).hexdigest()
def set_conversion_data(self, key: str, value: Any) -> None:
"""Set conversion data"""
if not self.conversion_data:
self.conversion_data = {}
self.conversion_data[key] = value
def get_conversion_data(self, key: str, default: Any = None) -> Any:
"""Get conversion data"""
if not self.conversion_data:
return default
return self.conversion_data.get(key, default)
def add_tag(self, tag: str) -> None:
"""Add tag to content"""
if not self.tags:
self.tags = []
tag = tag.strip().lower()
if tag and tag not in self.tags:
self.tags.append(tag)
def remove_tag(self, tag: str) -> None:
"""Remove tag from content"""
if self.tags:
tag = tag.strip().lower()
if tag in self.tags:
self.tags.remove(tag)
def increment_download_count(self) -> None:
"""Increment download counter"""
self.download_count += 1
def increment_view_count(self) -> None:
"""Increment view counter"""
self.view_count += 1
@classmethod
async def get_by_hash(
cls,
session: AsyncSession,
content_hash: str
) -> Optional['StoredContent']:
"""Get content by hash"""
try:
stmt = select(cls).where(cls.hash == content_hash)
result = await session.execute(stmt)
return result.scalar_one_or_none()
except Exception as e:
logger.error("Error getting content by hash", hash=content_hash, error=str(e))
return None
@classmethod
async def get_by_user(
cls,
session: AsyncSession,
user_id: str,
content_type: Optional[ContentType] = None,
limit: Optional[int] = None,
offset: Optional[int] = None
) -> List['StoredContent']:
"""Get content by user"""
try:
stmt = select(cls).where(cls.user_id == user_id)
if content_type:
stmt = stmt.where(cls.content_type == content_type.value)
stmt = stmt.order_by(cls.created_at.desc())
if offset:
stmt = stmt.offset(offset)
if limit:
stmt = stmt.limit(limit)
result = await session.execute(stmt)
return result.scalars().all()
except Exception as e:
logger.error("Error getting content by user", user_id=user_id, error=str(e))
return []
@classmethod
async def get_recent(
cls,
session: AsyncSession,
days: int = 7,
content_type: Optional[ContentType] = None,
limit: Optional[int] = None
) -> List['StoredContent']:
"""Get recent content"""
try:
cutoff_date = datetime.utcnow() - timedelta(days=days)
stmt = select(cls).where(
cls.created_at >= cutoff_date,
cls.disabled == False,
cls.processing_status == ContentStatus.READY.value
)
if content_type:
stmt = stmt.where(cls.content_type == content_type.value)
stmt = stmt.order_by(cls.created_at.desc())
if limit:
stmt = stmt.limit(limit)
result = await session.execute(stmt)
return result.scalars().all()
except Exception as e:
logger.error("Error getting recent content", days=days, error=str(e))
return []
@classmethod
async def search(
cls,
session: AsyncSession,
query: str,
content_type: Optional[ContentType] = None,
limit: Optional[int] = None,
offset: Optional[int] = None
) -> List['StoredContent']:
"""Search content by title and description"""
try:
search_pattern = f"%{query.lower()}%"
stmt = select(cls).where(
(cls.title.ilike(search_pattern)) |
(cls.description.ilike(search_pattern)) |
(cls.filename.ilike(search_pattern)),
cls.disabled == False,
cls.processing_status == ContentStatus.READY.value
)
if content_type:
stmt = stmt.where(cls.content_type == content_type.value)
stmt = stmt.order_by(cls.created_at.desc())
if offset:
stmt = stmt.offset(offset)
if limit:
stmt = stmt.limit(limit)
result = await session.execute(stmt)
return result.scalars().all()
except Exception as e:
logger.error("Error searching content", query=query, error=str(e))
return []
def to_dict(self) -> Dict[str, Any]:
"""Convert to dictionary with additional computed fields"""
data = super().to_dict()
data.update({
'web_url': self.web_url,
'download_url': self.download_url,
'file_extension': self.file_extension,
'is_media': self.is_media,
'is_processed': self.is_processed
})
return data
class UserContent(BaseModel):
"""User content ownership and licensing"""
__tablename__ = 'user_content'
# Content relationship
content_id = Column(
String(36), # UUID
ForeignKey('my_network_content.id'),
nullable=False,
index=True,
comment="Reference to stored content"
)
user_id = Column(
String(36), # UUID
ForeignKey('users.id'),
nullable=False,
index=True,
comment="User who owns this content"
)
# License information
license_type = Column(
String(32),
nullable=False,
default=LicenseType.LISTEN.value,
comment="Type of license"
)
# Blockchain data
onchain_address = Column(
String(256),
nullable=True,
index=True,
comment="On-chain contract address"
)
owner_address = Column(
String(256),
nullable=True,
index=True,
comment="Blockchain owner address"
)
# Transaction data
purchase_transaction = Column(
String(128),
nullable=True,
comment="Purchase transaction hash"
)
purchase_amount = Column(
BigInteger,
nullable=True,
comment="Purchase amount in minimal units"
)
# Wallet connection
wallet_connection_id = Column(
String(36), # UUID
ForeignKey('wallet_connections.id'),
nullable=True,
comment="Wallet connection used for purchase"
)
# Access control
access_granted = Column(
Boolean,
nullable=False,
default=False,
comment="Whether access is granted"
)
access_expires_at = Column(
DateTime,
nullable=True,
comment="When access expires (for temporary licenses)"
)
# Usage tracking
download_count = Column(
Integer,
nullable=False,
default=0,
comment="Number of downloads by this user"
)
last_accessed = Column(
DateTime,
nullable=True,
comment="Last access timestamp"
)
# Relationships
user = relationship('User', back_populates='content_items')
content = relationship('StoredContent', back_populates='user_contents')
wallet_connection = relationship('WalletConnection', back_populates='user_contents')
# Indexes
__table_args__ = (
Index('idx_user_content_user', 'user_id'),
Index('idx_user_content_content', 'content_id'),
Index('idx_user_content_onchain', 'onchain_address'),
Index('idx_user_content_owner', 'owner_address'),
Index('idx_user_content_status', 'status'),
)
def __str__(self) -> str:
"""String representation"""
return f"UserContent({self.id}, user={self.user_id}, content={self.content_id})"
@property
def is_expired(self) -> bool:
"""Check if access has expired"""
if not self.access_expires_at:
return False
return datetime.utcnow() > self.access_expires_at
@property
def is_accessible(self) -> bool:
"""Check if content is accessible"""
return self.access_granted and not self.is_expired and self.status == 'active'
def grant_access(self, expires_at: Optional[datetime] = None) -> None:
"""Grant access to content"""
self.access_granted = True
self.access_expires_at = expires_at
self.last_accessed = datetime.utcnow()
def revoke_access(self) -> None:
"""Revoke access to content"""
self.access_granted = False
def record_download(self) -> None:
"""Record a download"""
self.download_count += 1
self.last_accessed = datetime.utcnow()
@classmethod
async def get_user_access(
cls,
session: AsyncSession,
user_id: str,
content_id: str
) -> Optional['UserContent']:
"""Get user access to specific content"""
try:
stmt = select(cls).where(
cls.user_id == user_id,
cls.content_id == content_id,
cls.status == 'active'
)
result = await session.execute(stmt)
return result.scalar_one_or_none()
except Exception as e:
logger.error("Error getting user access", user_id=user_id, content_id=content_id, error=str(e))
return None
@classmethod
async def get_user_content(
cls,
session: AsyncSession,
user_id: str,
limit: Optional[int] = None,
offset: Optional[int] = None
) -> List['UserContent']:
"""Get all content accessible by user"""
try:
stmt = select(cls).where(
cls.user_id == user_id,
cls.status == 'active',
cls.access_granted == True
).order_by(cls.created_at.desc())
if offset:
stmt = stmt.offset(offset)
if limit:
stmt = stmt.limit(limit)
result = await session.execute(stmt)
return result.scalars().all()
except Exception as e:
logger.error("Error getting user content", user_id=user_id, error=str(e))
return []
class EncryptionKey(BaseModel):
"""Encryption key management"""
__tablename__ = 'encryption_keys'
# Key identification
key_hash = Column(
String(128),
nullable=False,
unique=True,
index=True,
comment="Hash of the encryption key"
)
algorithm = Column(
String(32),
nullable=False,
default="AES-256-GCM",
comment="Encryption algorithm used"
)
# Key metadata
purpose = Column(
String(64),
nullable=False,
comment="Purpose of the key (content, user_data, etc.)"
)
# Access control
owner_id = Column(
String(36), # UUID
ForeignKey('users.id'),
nullable=True,
comment="Key owner (if user-specific)"
)
# Key lifecycle
expires_at = Column(
DateTime,
nullable=True,
comment="Key expiration timestamp"
)
revoked_at = Column(
DateTime,
nullable=True,
comment="Key revocation timestamp"
)
# Relationships
owner = relationship('User', back_populates='encryption_keys')
content_items = relationship('StoredContent', back_populates='encryption_key')
def __str__(self) -> str:
"""String representation"""
return f"EncryptionKey({self.id}, hash={self.key_hash[:8]}...)"
@property
def is_valid(self) -> bool:
"""Check if key is valid (not expired or revoked)"""
now = datetime.utcnow()
if self.revoked_at and self.revoked_at <= now:
return False
if self.expires_at and self.expires_at <= now:
return False
return True
def revoke(self) -> None:
"""Revoke the key"""
self.revoked_at = datetime.utcnow()
# Backward compatibility aliases
Content = StoredContent
class ContentChunk(BaseModel):
"""Content chunk for large file uploads"""
__tablename__ = 'content_chunks'
# Chunk identification
content_id = Column(
String(36), # UUID
ForeignKey('my_network_content.id'),
nullable=False,
index=True,
comment="Parent content ID"
)
chunk_index = Column(
Integer,
nullable=False,
comment="Chunk sequence number"
)
chunk_hash = Column(
String(128),
nullable=False,
index=True,
comment="Hash of this chunk"
)
# Chunk data
chunk_size = Column(
Integer,
nullable=False,
comment="Size of this chunk in bytes"
)
chunk_data = Column(
Text,
nullable=True,
comment="Base64 encoded chunk data (for small chunks)"
)
file_path = Column(
String(1024),
nullable=True,
comment="Path to chunk file (for large chunks)"
)
# Upload status
uploaded = Column(
Boolean,
nullable=False,
default=False,
comment="Whether chunk is uploaded"
)
# Relationships
content = relationship('StoredContent', back_populates='chunks')
def __str__(self) -> str:
return f"ContentChunk({self.id}, content={self.content_id}, index={self.chunk_index})"
class FileUpload(BaseModel):
"""File upload session tracking"""
__tablename__ = 'file_uploads'
# Upload identification
upload_id = Column(
String(128),
nullable=False,
unique=True,
index=True,
comment="Unique upload session ID"
)
filename = Column(
String(512),
nullable=False,
comment="Original filename"
)
# Upload metadata
total_size = Column(
BigInteger,
nullable=False,
comment="Total file size in bytes"
)
uploaded_size = Column(
BigInteger,
nullable=False,
default=0,
comment="Uploaded size in bytes"
)
chunk_size = Column(
Integer,
nullable=False,
default=1048576, # 1MB
comment="Chunk size in bytes"
)
total_chunks = Column(
Integer,
nullable=False,
comment="Total number of chunks"
)
uploaded_chunks = Column(
Integer,
nullable=False,
default=0,
comment="Number of uploaded chunks"
)
# Upload status
upload_status = Column(
String(32),
nullable=False,
default='pending',
comment="Upload status"
)
# User information
user_id = Column(
String(36), # UUID
ForeignKey('users.id'),
nullable=True,
index=True,
comment="User performing the upload"
)
# Completion
content_id = Column(
String(36), # UUID
ForeignKey('my_network_content.id'),
nullable=True,
comment="Final content ID after completion"
)
# Relationships
user = relationship('User', back_populates='file_uploads')
content = relationship('StoredContent', back_populates='file_upload')
def __str__(self) -> str:
return f"FileUpload({self.id}, upload_id={self.upload_id}, status={self.upload_status})"
@property
def progress_percentage(self) -> float:
"""Get upload progress percentage"""
if self.total_size == 0:
return 0.0
return (self.uploaded_size / self.total_size) * 100.0
@property
def is_complete(self) -> bool:
"""Check if upload is complete"""
return self.uploaded_size >= self.total_size and self.upload_status == 'completed'
def update_progress(self, chunk_size: int) -> None:
"""Update upload progress"""
self.uploaded_size += chunk_size
self.uploaded_chunks += 1
if self.uploaded_size >= self.total_size:
self.upload_status = 'completed'
elif self.upload_status == 'pending':
self.upload_status = 'uploading'
# Update relationships in StoredContent
StoredContent.chunks = relationship('ContentChunk', back_populates='content')
StoredContent.file_upload = relationship('FileUpload', back_populates='content', uselist=False)

104
app/core/models/converter/conversion_models.py Normal file
View File

@ -0,0 +1,104 @@
from __future__ import annotations
import enum
import time
from dataclasses import dataclass, field, asdict
from typing import Dict, Any, List, Optional, Literal, Union
class ConversionPriority(enum.IntEnum):
LOW = 10
NORMAL = 50
HIGH = 90
CRITICAL = 100
class ConversionStatus(str, enum.Enum):
QUEUED = "queued"
RUNNING = "running"
SUCCESS = "success"
FAILED = "failed"
CANCELED = "canceled"
@dataclass
class ContentMetadata:
"""
Метаданные контента для NFT и каталогизации.
"""
title: str
description: Optional[str] = None
author: Optional[str] = None
collection: Optional[str] = None
tags: List[str] = field(default_factory=list)
cover_image_b64: Optional[str] = None
# Доп. поля для Web2/Web3 совместимости
language: Optional[str] = None
explicit: Optional[bool] = None
attributes: Dict[str, Any] = field(default_factory=dict)
def to_dict(self) -> Dict[str, Any]:
return asdict(self)
@dataclass
class ConversionTask:
"""
Описывает задачу на конвертацию для converter-module.
"""
task_id: str
input_path: str
input_ext: str
quality: Literal["high", "low"]
# Доп опции конвертера
trim: Optional[str] = None # формат "start-end" в секундах, пример "0.5-35"
custom: List[str] = field(default_factory=list)
# Интеграция с децентрализованной платформой
priority: ConversionPriority = ConversionPriority.NORMAL
attempts: int = 0
max_retries: int = 3
# NFT/контент метаданные
metadata: ContentMetadata = field(default_factory=lambda: ContentMetadata(title="Untitled"))
# Трассировка/время
created_at: int = field(default_factory=lambda: int(time.time()))
updated_at: int = field(default_factory=lambda: int(time.time()))
def to_dict(self) -> Dict[str, Any]:
d = asdict(self)
d["priority"] = int(self.priority)
return d
@dataclass
class ConversionResult:
"""
Результат конвертации.
"""
task_id: str
status: ConversionStatus
# Путь к выходному файлу конвертера внутри converter-module контейнера/процесса
converter_output_path: Optional[str] = None
# Снимок stdout/stderr или лог-файла конвертера (если доступно)
logs_path: Optional[str] = None
# Интеграция после конвертации
# content_id после шифрования, ключ для расшифровки хранится отдельно безопасно
content_id: Optional[str] = None
# Итоговые чанки (их хеши и base64-данные)
chunks: Optional[List[Dict[str, Any]]] = None
# Метаданные для NFT
nft_metadata: Optional[Dict[str, Any]] = None
# Ошибка (если FAILED)
error: Optional[str] = None
finished_at: Optional[int] = None
def to_dict(self) -> Dict[str, Any]:
d = asdict(self)
d["status"] = str(self.status.value)
return d

60
app/core/models/license/nft_license.py Normal file
View File

@ -0,0 +1,60 @@
from __future__ import annotations
import logging
from dataclasses import dataclass, field
from datetime import datetime
from typing import Optional
logger = logging.getLogger(__name__)
@dataclass(frozen=True)
class NFTLicense:
"""
Модель NFT лицензии на доступ к контенту.
Важно:
- license_id: уникальный идентификатор записи лицензии в нашей системе (может совпадать с nft_address или быть внутренним UUID)
- content_id: идентификатор контента (из ContentCipher, sha256 от шифроданных/метаданных)
- owner_address: адрес кошелька TON владельца NFT (user)
- nft_address: адрес NFT-токена лицензии (TON)
- created_at: когда лицензия была создана/закуплена (по данным блокчейна/системы)
- expires_at: необязательное поле срока действия (если лицензия не бессрочная)
"""
license_id: str
content_id: str
owner_address: str
nft_address: str
created_at: datetime = field(default_factory=lambda: datetime.utcnow())
expires_at: Optional[datetime] = None
def is_active(self, now: Optional[datetime] = None) -> bool:
now = now or datetime.utcnow()
if self.expires_at is None:
return True
return now < self.expires_at
def to_dict(self) -> dict:
return {
"license_id": self.license_id,
"content_id": self.content_id,
"owner_address": self.owner_address,
"nft_address": self.nft_address,
"created_at": self.created_at.isoformat(),
"expires_at": self.expires_at.isoformat() if self.expires_at else None,
}
@staticmethod
def from_dict(data: dict) -> "NFTLicense":
try:
return NFTLicense(
license_id=data["license_id"],
content_id=data["content_id"],
owner_address=data["owner_address"],
nft_address=data["nft_address"],
created_at=datetime.fromisoformat(data["created_at"]) if data.get("created_at") else datetime.utcnow(),
expires_at=datetime.fromisoformat(data["expires_at"]) if data.get("expires_at") else None,
)
except Exception as e:
logger.error("Failed to parse NFTLicense from dict: %s", e)
raise

151
app/core/models/stats/metrics_models.py Normal file
View File

@ -0,0 +1,151 @@
from __future__ import annotations
import time
import hashlib
import json
from dataclasses import dataclass, field, asdict
from typing import Dict, Any, Optional, List
def _now_ts() -> int:
return int(time.time())
def _gen_nonce(prefix: str = "stats") -> str:
base = f"{prefix}:{_now_ts()}:{time.time_ns()}"
return hashlib.sha256(base.encode("utf-8")).hexdigest()[:16]
@dataclass
class SystemMetrics:
cpu_percent: Optional[float] = None
cpu_load_avg_1m: Optional[float] = None
cpu_load_avg_5m: Optional[float] = None
cpu_load_avg_15m: Optional[float] = None
mem_total_mb: Optional[float] = None
mem_used_mb: Optional[float] = None
mem_available_mb: Optional[float] = None
mem_percent: Optional[float] = None
disk_total_mb: Optional[float] = None
disk_used_mb: Optional[float] = None
disk_free_mb: Optional[float] = None
disk_percent: Optional[float] = None
io_read_mb_s: Optional[float] = None
io_write_mb_s: Optional[float] = None
net_sent_kb_s: Optional[float] = None
net_recv_kb_s: Optional[float] = None
uptime_seconds: Optional[int] = None
timestamp: int = field(default_factory=_now_ts)
def to_dict(self) -> Dict[str, Any]:
return asdict(self)
@staticmethod
def from_dict(data: Dict[str, Any]) -> "SystemMetrics":
return SystemMetrics(**data)
@dataclass
class AppMetrics:
total_conversions: int = 0
total_requests: int = 0
total_errors: int = 0
slow_ops_count: int = 0
avg_response_ms: Optional[float] = None
p95_response_ms: Optional[float] = None
p99_response_ms: Optional[float] = None
details: Dict[str, Any] = field(default_factory=dict)
timestamp: int = field(default_factory=_now_ts)
def to_dict(self) -> Dict[str, Any]:
return asdict(self)
@staticmethod
def from_dict(data: Dict[str, Any]) -> "AppMetrics":
return AppMetrics(**data)
@dataclass
class NodeStats:
node_id: str
public_key: str
system: SystemMetrics
app: AppMetrics
known_content_items: Optional[int] = None
available_content_items: Optional[int] = None
protocol_version: str = "stats-gossip-v1"
timestamp: int = field(default_factory=_now_ts)
nonce: str = field(default_factory=_gen_nonce)
signature: Optional[str] = None # ed25519
def to_dict(self, include_signature: bool = True) -> Dict[str, Any]:
data = {
"node_id": self.node_id,
"public_key": self.public_key,
"system": self.system.to_dict(),
"app": self.app.to_dict(),
"known_content_items": self.known_content_items,
"available_content_items": self.available_content_items,
"protocol_version": self.protocol_version,
"timestamp": self.timestamp,
"nonce": self.nonce,
}
if include_signature:
data["signature"] = self.signature
return data
@staticmethod
def canonical_payload(data: Dict[str, Any]) -> Dict[str, Any]:
# Для подписи удаляем signature и сортируем
payload = dict(data)
payload.pop("signature", None)
return payload
@staticmethod
def to_signable_json(data: Dict[str, Any]) -> str:
payload = NodeStats.canonical_payload(data)
return json.dumps(payload, sort_keys=True, ensure_ascii=False)
@staticmethod
def from_dict(data: Dict[str, Any]) -> "NodeStats":
return NodeStats(
node_id=data["node_id"],
public_key=data["public_key"],
system=SystemMetrics.from_dict(data["system"]),
app=AppMetrics.from_dict(data["app"]),
known_content_items=data.get("known_content_items"),
available_content_items=data.get("available_content_items"),
protocol_version=data.get("protocol_version", "stats-gossip-v1"),
timestamp=data.get("timestamp", _now_ts()),
nonce=data.get("nonce", _gen_nonce()),
signature=data.get("signature"),
)
@dataclass
class NetworkStats:
# Сводная статистика по сети
node_count: int
active_nodes: int
avg_uptime_seconds: Optional[float] = None
avg_cpu_percent: Optional[float] = None
avg_mem_percent: Optional[float] = None
avg_latency_ms: Optional[float] = None
total_available_content: Optional[int] = None
health_score: Optional[float] = None # 0..100
timestamp: int = field(default_factory=_now_ts)
nodes: List[Dict[str, Any]] = field(default_factory=list) # список упрощенных NodeStats резюме
def to_dict(self) -> Dict[str, Any]:
return asdict(self)
@staticmethod
def from_dict(data: Dict[str, Any]) -> "NetworkStats":
return NetworkStats(**data)

42
app/core/models/user/__init__.py
View File

@ -1,35 +1,13 @@
from datetime import datetime
from sqlalchemy import Column, Integer, String, BigInteger, DateTime, JSON
from sqlalchemy.orm import relationship
# Import and re-export models from the user.py module inside this directory
from .user import User, UserSession, UserRole, UserStatus, ApiKey
from app.core.auth_v1 import AuthenticationMixin as AuthenticationMixin_V1
from app.core.models.user.display_mixin import DisplayMixin
from app.core.models.user.wallet_mixin import WalletMixin
from app.core.translation import TranslationCore
from ..base import AlchemyBase
class User(AlchemyBase, DisplayMixin, TranslationCore, AuthenticationMixin_V1, WalletMixin):
LOCALE_DOMAIN = 'sanic_telegram_bot'
__tablename__ = 'users'
id = Column(Integer, autoincrement=True, primary_key=True)
telegram_id = Column(BigInteger, nullable=False)
username = Column(String(512), nullable=True)
lang_code = Column(String(8), nullable=False, default="en")
meta = Column(JSON, nullable=False, default={})
last_use = Column(DateTime, nullable=False, default=datetime.utcnow)
updated = Column(DateTime, nullable=False, default=datetime.utcnow)
created = Column(DateTime, nullable=False, default=datetime.utcnow)
balances = relationship('UserBalance', back_populates='user')
internal_transactions = relationship('InternalTransaction', back_populates='user')
wallet_connections = relationship('WalletConnection', back_populates='user')
# stored_content = relationship('StoredContent', back_populates='user')
def __str__(self):
return f"User, {self.id}_{self.telegram_id} | Username: {self.username} " + '\\'
# Keep backward compatibility
__all__ = [
'User',
'UserSession',
'UserRole',
'UserStatus',
'ApiKey'
]

629
app/core/models/user/user.py Normal file
View File

@ -0,0 +1,629 @@
"""
User model with async support and enhanced security
"""
import hashlib
import secrets
from datetime import datetime, timedelta
from typing import Optional, List, Dict, Any
from enum import Enum
from sqlalchemy import Column, String, BigInteger, Boolean, Integer, Index, text, DateTime
from sqlalchemy.dialects.postgresql import ARRAY, JSONB
from sqlalchemy.ext.asyncio import AsyncSession
from sqlalchemy.future import select
from sqlalchemy.orm import relationship
import structlog
from app.core.models.base import BaseModel
from app.core.config import settings
logger = structlog.get_logger(__name__)
class UserRole(str, Enum):
"""User role enumeration"""
USER = "user"
MODERATOR = "moderator"
ADMIN = "admin"
SUPER_ADMIN = "super_admin"
class UserStatus(str, Enum):
"""User status enumeration"""
ACTIVE = "active"
SUSPENDED = "suspended"
BANNED = "banned"
PENDING = "pending"
class User(BaseModel):
"""Enhanced User model with security and async support"""
__tablename__ = 'users'
# Telegram specific fields
telegram_id = Column(
BigInteger,
nullable=False,
unique=True,
index=True,
comment="Telegram user ID"
)
username = Column(
String(512),
nullable=True,
index=True,
comment="Telegram username"
)
first_name = Column(
String(256),
nullable=True,
comment="User first name"
)
last_name = Column(
String(256),
nullable=True,
comment="User last name"
)
# Localization
language_code = Column(
String(8),
nullable=False,
default="en",
comment="User language code"
)
# Security and access control
role = Column(
String(32),
nullable=False,
default=UserRole.USER.value,
index=True,
comment="User role"
)
permissions = Column(
ARRAY(String),
nullable=False,
default=list,
comment="User permissions list"
)
# Activity tracking
last_activity = Column(
"last_use", # Keep old column name for compatibility
DateTime,
nullable=False,
default=datetime.utcnow,
index=True,
comment="Last user activity timestamp"
)
login_count = Column(
Integer,
nullable=False,
default=0,
comment="Total login count"
)
# Account status
is_verified = Column(
Boolean,
nullable=False,
default=False,
comment="Whether user is verified"
)
is_premium = Column(
Boolean,
nullable=False,
default=False,
comment="Whether user has premium access"
)
# Security settings
two_factor_enabled = Column(
Boolean,
nullable=False,
default=False,
comment="Whether 2FA is enabled"
)
security_settings = Column(
JSONB,
nullable=False,
default=dict,
comment="User security settings"
)
# Preferences
preferences = Column(
JSONB,
nullable=False,
default=dict,
comment="User preferences and settings"
)
# Statistics
content_uploaded_count = Column(
Integer,
nullable=False,
default=0,
comment="Number of content items uploaded"
)
content_purchased_count = Column(
Integer,
nullable=False,
default=0,
comment="Number of content items purchased"
)
# Rate limiting
rate_limit_reset = Column(
DateTime,
nullable=True,
comment="Rate limit reset timestamp"
)
rate_limit_count = Column(
Integer,
nullable=False,
default=0,
comment="Current rate limit count"
)
# Relationships
balances = relationship('UserBalance', back_populates='user', cascade="all, delete-orphan")
transactions = relationship('InternalTransaction', back_populates='user', cascade="all, delete-orphan")
wallet_connections = relationship('WalletConnection', back_populates='user', cascade="all, delete-orphan")
content_items = relationship('UserContent', back_populates='user', cascade="all, delete-orphan")
actions = relationship('UserAction', back_populates='user', cascade="all, delete-orphan")
activities = relationship('UserActivity', back_populates='user', cascade="all, delete-orphan")
# Indexes for performance
__table_args__ = (
Index('idx_users_telegram_id', 'telegram_id'),
Index('idx_users_username', 'username'),
Index('idx_users_role_status', 'role', 'status'),
Index('idx_users_last_activity', 'last_use'), # Use actual database column name
Index('idx_users_created_at', 'created_at'),
)
def __str__(self) -> str:
"""String representation"""
return f"User({self.id}, telegram_id={self.telegram_id}, username={self.username})"
@property
def full_name(self) -> str:
"""Get user's full name"""
parts = [self.first_name, self.last_name]
return " ".join(filter(None, parts)) or self.username or f"User_{self.telegram_id}"
@property
def display_name(self) -> str:
"""Get user's display name"""
return self.username or self.full_name
@property
def is_admin(self) -> bool:
"""Check if user is admin"""
return self.role in [UserRole.ADMIN.value, UserRole.SUPER_ADMIN.value]
@property
def is_moderator(self) -> bool:
"""Check if user is moderator or higher"""
return self.role in [UserRole.MODERATOR.value, UserRole.ADMIN.value, UserRole.SUPER_ADMIN.value]
@property
def cache_key(self) -> str:
"""Override cache key to include telegram_id"""
return f"user:telegram:{self.telegram_id}"
def has_permission(self, permission: str) -> bool:
"""Check if user has specific permission"""
if self.is_admin:
return True
return permission in (self.permissions or [])
def add_permission(self, permission: str) -> None:
"""Add permission to user"""
if not self.permissions:
self.permissions = []
if permission not in self.permissions:
self.permissions.append(permission)
def remove_permission(self, permission: str) -> None:
"""Remove permission from user"""
if self.permissions and permission in self.permissions:
self.permissions.remove(permission)
def update_activity(self) -> None:
"""Update user activity timestamp"""
self.last_activity = datetime.utcnow()
self.login_count += 1
def check_rate_limit(self, limit: int = None, window: int = None) -> bool:
"""Check if user is within rate limits"""
if self.is_admin:
return True
limit = limit or settings.RATE_LIMIT_REQUESTS
window = window or settings.RATE_LIMIT_WINDOW
now = datetime.utcnow()
# Reset counter if window has passed
if not self.rate_limit_reset or now > self.rate_limit_reset:
self.rate_limit_reset = now + timedelta(seconds=window)
self.rate_limit_count = 0
return self.rate_limit_count < limit
def increment_rate_limit(self) -> None:
"""Increment rate limit counter"""
if not self.is_admin:
self.rate_limit_count += 1
def set_preference(self, key: str, value: Any) -> None:
"""Set user preference"""
if not self.preferences:
self.preferences = {}
self.preferences[key] = value
def get_preference(self, key: str, default: Any = None) -> Any:
"""Get user preference"""
if not self.preferences:
return default
return self.preferences.get(key, default)
def set_security_setting(self, key: str, value: Any) -> None:
"""Set security setting"""
if not self.security_settings:
self.security_settings = {}
self.security_settings[key] = value
def get_security_setting(self, key: str, default: Any = None) -> Any:
"""Get security setting"""
if not self.security_settings:
return default
return self.security_settings.get(key, default)
def generate_api_token(self) -> str:
"""Generate secure API token for user"""
token_data = f"{self.id}:{self.telegram_id}:{datetime.utcnow().timestamp()}:{secrets.token_hex(16)}"
return hashlib.sha256(token_data.encode()).hexdigest()
def verify_token(self, token_hash: str) -> bool:
"""Verify API token hash against user"""
# Simple token verification - можно улучшить
try:
expected_token = self.generate_api_token()
# В реальной системе токены должны храниться в БД
# Для совместимости возвращаем True если пользователь активен
return self.status == UserStatus.ACTIVE.value
except Exception as e:
logger.error("Error verifying token", user_id=self.id, error=str(e))
return False
@property
def is_active(self) -> bool:
"""Check if user is active"""
return self.status == UserStatus.ACTIVE.value
def can_upload_content(self) -> bool:
"""Check if user can upload content"""
if self.status != UserStatus.ACTIVE.value:
return False
if not self.check_rate_limit(limit=10, window=3600): # 10 uploads per hour
return False
return True
def can_purchase_content(self) -> bool:
"""Check if user can purchase content"""
return self.status == UserStatus.ACTIVE.value
@classmethod
async def get_by_telegram_id(
cls,
session: AsyncSession,
telegram_id: int
) -> Optional['User']:
"""Get user by Telegram ID"""
try:
stmt = select(cls).where(cls.telegram_id == telegram_id)
result = await session.execute(stmt)
return result.scalar_one_or_none()
except Exception as e:
logger.error("Error getting user by telegram_id", telegram_id=telegram_id, error=str(e))
return None
@classmethod
async def get_by_username(
cls,
session: AsyncSession,
username: str
) -> Optional['User']:
"""Get user by username"""
try:
stmt = select(cls).where(cls.username == username)
result = await session.execute(stmt)
return result.scalar_one_or_none()
except Exception as e:
logger.error("Error getting user by username", username=username, error=str(e))
return None
@classmethod
async def get_by_id(
cls,
session: AsyncSession,
user_id
) -> Optional['User']:
"""Get user by ID (UUID or other identifier)"""
try:
stmt = select(cls).where(cls.id == user_id)
result = await session.execute(stmt)
return result.scalar_one_or_none()
except Exception as e:
logger.error("Error getting user by id", user_id=user_id, error=str(e))
return None
@classmethod
async def get_active_users(
cls,
session: AsyncSession,
days: int = 30,
limit: Optional[int] = None
) -> List['User']:
"""Get active users within specified days"""
try:
cutoff_date = datetime.utcnow() - timedelta(days=days)
stmt = select(cls).where(
cls.last_activity >= cutoff_date,
cls.status == UserStatus.ACTIVE.value
).order_by(cls.last_activity.desc())
if limit:
stmt = stmt.limit(limit)
result = await session.execute(stmt)
return result.scalars().all()
except Exception as e:
logger.error("Error getting active users", days=days, error=str(e))
return []
@classmethod
async def get_admins(cls, session: AsyncSession) -> List['User']:
"""Get all admin users"""
try:
stmt = select(cls).where(
cls.role.in_([UserRole.ADMIN.value, UserRole.SUPER_ADMIN.value])
)
result = await session.execute(stmt)
return result.scalars().all()
except Exception as e:
logger.error("Error getting admin users", error=str(e))
return []
@classmethod
async def create_from_telegram(
cls,
session: AsyncSession,
telegram_id: int,
username: Optional[str] = None,
first_name: Optional[str] = None,
last_name: Optional[str] = None,
language_code: str = "en"
) -> 'User':
"""Create user from Telegram data"""
user = cls(
telegram_id=telegram_id,
username=username,
first_name=first_name,
last_name=last_name,
language_code=language_code,
status=UserStatus.ACTIVE.value
)
session.add(user)
await session.commit()
await session.refresh(user)
logger.info("User created from Telegram", telegram_id=telegram_id, user_id=user.id)
return user
def to_dict(self) -> Dict[str, Any]:
"""Convert to dictionary with safe data"""
data = super().to_dict()
# Remove sensitive fields
sensitive_fields = ['security_settings', 'permissions']
for field in sensitive_fields:
data.pop(field, None)
return data
def to_public_dict(self) -> Dict[str, Any]:
"""Convert to public dictionary with minimal data"""
return {
'id': str(self.id),
'username': self.username,
'display_name': self.display_name,
'is_verified': self.is_verified,
'is_premium': self.is_premium,
'created_at': self.created_at.isoformat() if self.created_at else None
}
class UserSession(BaseModel):
"""User session model for authentication tracking"""
__tablename__ = 'user_sessions'
user_id = Column(
BigInteger,
nullable=False,
index=True,
comment="Associated user ID"
)
refresh_token_hash = Column(
String(255),
nullable=False,
comment="Hashed refresh token"
)
ip_address = Column(
String(45),
nullable=True,
comment="Session IP address"
)
user_agent = Column(
String(512),
nullable=True,
comment="User agent string"
)
expires_at = Column(
DateTime,
nullable=False,
comment="Session expiration time"
)
last_used_at = Column(
DateTime,
nullable=True,
comment="Last time session was used"
)
logged_out_at = Column(
DateTime,
nullable=True,
comment="Session logout time"
)
is_active = Column(
Boolean,
nullable=False,
default=True,
comment="Whether session is active"
)
remember_me = Column(
Boolean,
nullable=False,
default=False,
comment="Whether this is a remember me session"
)
# Indexes for performance
__table_args__ = (
Index('idx_user_sessions_user_id', 'user_id'),
Index('idx_user_sessions_expires_at', 'expires_at'),
Index('idx_user_sessions_active', 'is_active'),
)
def __str__(self) -> str:
return f"UserSession({self.id}, user_id={self.user_id}, active={self.is_active})"
def is_expired(self) -> bool:
"""Check if session is expired"""
return datetime.utcnow() > self.expires_at
def is_valid(self) -> bool:
"""Check if session is valid and active"""
return self.is_active and not self.is_expired() and not self.logged_out_at
class UserRole(BaseModel):
"""User role model for permissions"""
__tablename__ = 'user_roles'
name = Column(
String(64),
nullable=False,
unique=True,
index=True,
comment="Role name"
)
description = Column(
String(255),
nullable=True,
comment="Role description"
)
permissions = Column(
ARRAY(String),
nullable=False,
default=list,
comment="Role permissions list"
)
is_system = Column(
Boolean,
nullable=False,
default=False,
comment="Whether this is a system role"
)
def __str__(self) -> str:
return f"UserRole({self.name})"
def has_permission(self, permission: str) -> bool:
"""Check if role has specific permission"""
return permission in (self.permissions or [])
class ApiKey(BaseModel):
"""API key model for programmatic access"""
__tablename__ = 'api_keys'
user_id = Column(
BigInteger,
nullable=False,
index=True,
comment="Associated user ID"
)
name = Column(
String(128),
nullable=False,
comment="API key name"
)
key_hash = Column(
String(255),
nullable=False,
unique=True,
comment="Hashed API key"
)
permissions = Column(
ARRAY(String),
nullable=False,
default=list,
comment="API key permissions"
)
expires_at = Column(
DateTime,
nullable=True,
comment="API key expiration time"
)
last_used_at = Column(
DateTime,
nullable=True,
comment="Last time key was used"
)
is_active = Column(
Boolean,
nullable=False,
default=True,
comment="Whether key is active"
)
# Indexes for performance
__table_args__ = (
Index('idx_api_keys_user_id', 'user_id'),
Index('idx_api_keys_hash', 'key_hash'),
Index('idx_api_keys_active', 'is_active'),
)
def __str__(self) -> str:
return f"ApiKey({self.id}, name={self.name}, user_id={self.user_id})"
def is_expired(self) -> bool:
"""Check if API key is expired"""
if not self.expires_at:
return False
return datetime.utcnow() > self.expires_at
def is_valid(self) -> bool:
"""Check if API key is valid and active"""
return self.is_active and not self.is_expired()

247
app/core/models/user_compatible.py Normal file
View File

@ -0,0 +1,247 @@
"""Compatible user models for MariaDB."""
from datetime import datetime
from typing import Optional, List, Dict, Any
from sqlalchemy import Column, String, Boolean, Text, Integer, DateTime, Index
from sqlalchemy.orm import relationship
from app.core.models.base_compatible import BaseModel
class User(BaseModel):
"""User model compatible with existing MariaDB schema."""
__tablename__ = "users"
# Basic user information
username = Column(String(50), unique=True, nullable=False, index=True)
email = Column(String(100), unique=True, nullable=True, index=True)
password_hash = Column(String(255), nullable=False)
# User status and flags
is_active = Column(Boolean, default=True, nullable=False)
is_verified = Column(Boolean, default=False, nullable=False)
is_admin = Column(Boolean, default=False, nullable=False)
# Profile information
first_name = Column(String(50), nullable=True)
last_name = Column(String(50), nullable=True)
bio = Column(Text, nullable=True)
avatar_url = Column(String(255), nullable=True)
# System tracking
last_login = Column(DateTime, nullable=True)
login_count = Column(Integer, default=0, nullable=False)
# Storage and limits
storage_used = Column(Integer, default=0, nullable=False) # bytes
storage_limit = Column(Integer, default=100*1024*1024, nullable=False) # 100MB default
# TON Blockchain integration
ton_wallet_address = Column(String(100), nullable=True, index=True)
ton_balance = Column(Integer, default=0, nullable=False) # nanotons
# License and subscription
license_key = Column(String(100), nullable=True, index=True)
license_expires = Column(DateTime, nullable=True)
subscription_level = Column(String(20), default="free", nullable=False)
# API access
api_key = Column(String(100), nullable=True, unique=True, index=True)
api_calls_count = Column(Integer, default=0, nullable=False)
api_calls_limit = Column(Integer, default=1000, nullable=False)
# Relationships will be defined when we create content models
# Table indexes for performance
__table_args__ = (
Index('idx_users_username_active', 'username', 'is_active'),
Index('idx_users_email_verified', 'email', 'is_verified'),
Index('idx_users_ton_wallet', 'ton_wallet_address'),
Index('idx_users_license', 'license_key', 'license_expires'),
)
def check_storage_limit(self, file_size: int) -> bool:
"""Check if user can upload file of given size."""
return (self.storage_used + file_size) <= self.storage_limit
def update_storage_usage(self, size_change: int) -> None:
"""Update user's storage usage."""
self.storage_used = max(0, self.storage_used + size_change)
def is_license_valid(self) -> bool:
"""Check if user's license is valid."""
if not self.license_key or not self.license_expires:
return False
return self.license_expires > datetime.utcnow()
def can_make_api_call(self) -> bool:
"""Check if user can make API call."""
return self.api_calls_count < self.api_calls_limit
def increment_api_calls(self) -> None:
"""Increment API calls counter."""
self.api_calls_count += 1
def reset_api_calls(self) -> None:
"""Reset API calls counter (for monthly reset)."""
self.api_calls_count = 0
def get_storage_usage_percent(self) -> float:
"""Get storage usage as percentage."""
if self.storage_limit == 0:
return 0.0
return (self.storage_used / self.storage_limit) * 100
def get_api_usage_percent(self) -> float:
"""Get API usage as percentage."""
if self.api_calls_limit == 0:
return 0.0
return (self.api_calls_count / self.api_calls_limit) * 100
def get_display_name(self) -> str:
"""Get user's display name."""
if self.first_name and self.last_name:
return f"{self.first_name} {self.last_name}"
elif self.first_name:
return self.first_name
return self.username
def to_dict(self, include_sensitive: bool = False) -> Dict[str, Any]:
"""Convert to dictionary with option to exclude sensitive data."""
exclude = set()
if not include_sensitive:
exclude.update({"password_hash", "api_key", "license_key"})
data = super().to_dict(exclude=exclude)
# Add computed fields
data.update({
"display_name": self.get_display_name(),
"storage_usage_percent": self.get_storage_usage_percent(),
"api_usage_percent": self.get_api_usage_percent(),
"license_valid": self.is_license_valid(),
})
return data
def to_public_dict(self) -> Dict[str, Any]:
"""Convert to public dictionary (minimal user info)."""
return {
"id": self.id,
"username": self.username,
"display_name": self.get_display_name(),
"avatar_url": self.avatar_url,
"is_verified": self.is_verified,
"subscription_level": self.subscription_level,
"created_at": self.created_at.isoformat() if self.created_at else None,
}
class UserSession(BaseModel):
"""User session model for tracking active sessions."""
__tablename__ = "user_sessions"
user_id = Column(Integer, nullable=False, index=True)
session_token = Column(String(255), unique=True, nullable=False, index=True)
refresh_token = Column(String(255), unique=True, nullable=True, index=True)
# Session metadata
ip_address = Column(String(45), nullable=True) # IPv6 support
user_agent = Column(Text, nullable=True)
device_info = Column(Text, nullable=True)
# Session status
is_active = Column(Boolean, default=True, nullable=False)
expires_at = Column(DateTime, nullable=False)
last_activity = Column(DateTime, default=datetime.utcnow, nullable=False)
# Security flags
is_suspicious = Column(Boolean, default=False, nullable=False)
failed_attempts = Column(Integer, default=0, nullable=False)
__table_args__ = (
Index('idx_sessions_user_active', 'user_id', 'is_active'),
Index('idx_sessions_token', 'session_token'),
Index('idx_sessions_expires', 'expires_at'),
)
def is_expired(self) -> bool:
"""Check if session is expired."""
return datetime.utcnow() > self.expires_at
def is_valid(self) -> bool:
"""Check if session is valid."""
return self.is_active and not self.is_expired()
def extend_session(self, hours: int = 24) -> None:
"""Extend session expiration."""
from datetime import timedelta
self.expires_at = datetime.utcnow() + timedelta(hours=hours)
self.last_activity = datetime.utcnow()
def mark_suspicious(self) -> None:
"""Mark session as suspicious."""
self.is_suspicious = True
self.failed_attempts += 1
def deactivate(self) -> None:
"""Deactivate session."""
self.is_active = False
class UserPreferences(BaseModel):
"""User preferences and settings."""
__tablename__ = "user_preferences"
user_id = Column(Integer, unique=True, nullable=False, index=True)
# UI preferences
theme = Column(String(20), default="light", nullable=False)
language = Column(String(10), default="en", nullable=False)
timezone = Column(String(50), default="UTC", nullable=False)
# Notification preferences
email_notifications = Column(Boolean, default=True, nullable=False)
upload_notifications = Column(Boolean, default=True, nullable=False)
storage_alerts = Column(Boolean, default=True, nullable=False)
# Privacy settings
public_profile = Column(Boolean, default=False, nullable=False)
show_email = Column(Boolean, default=False, nullable=False)
allow_indexing = Column(Boolean, default=True, nullable=False)
# Upload preferences
auto_optimize_images = Column(Boolean, default=True, nullable=False)
default_privacy = Column(String(20), default="private", nullable=False)
max_file_size_mb = Column(Integer, default=10, nullable=False)
# Cache and performance
cache_thumbnails = Column(Boolean, default=True, nullable=False)
preload_content = Column(Boolean, default=False, nullable=False)
def to_dict(self) -> Dict[str, Any]:
"""Convert preferences to dictionary."""
return super().to_dict(exclude={"user_id"})
@classmethod
def get_default_preferences(cls) -> Dict[str, Any]:
"""Get default user preferences."""
return {
"theme": "light",
"language": "en",
"timezone": "UTC",
"email_notifications": True,
"upload_notifications": True,
"storage_alerts": True,
"public_profile": False,
"show_email": False,
"allow_indexing": True,
"auto_optimize_images": True,
"default_privacy": "private",
"max_file_size_mb": 10,
"cache_thumbnails": True,
"preload_content": False,
}

75
app/core/models/validation/validation_models.py Normal file
View File

@ -0,0 +1,75 @@
from __future__ import annotations
import json
from dataclasses import dataclass, asdict, field
from datetime import datetime
from typing import Any, Dict, Optional
def _iso_now() -> str:
return datetime.utcnow().isoformat()
@dataclass
class ValidationResult:
"""
Результат валидации контента/чанков.
"""
ok: bool
reason: Optional[str] = None
details: Dict[str, Any] = field(default_factory=dict)
timestamp: str = field(default_factory=_iso_now)
def to_dict(self) -> Dict[str, Any]:
return asdict(self)
def to_json(self) -> str:
return json.dumps(self.to_dict(), ensure_ascii=False, sort_keys=True)
@dataclass
class ContentSignature:
"""
Информация о подписи контента/объекта.
"""
signature: Optional[str]
public_key_hex: Optional[str]
algorithm: str = "ed25519"
def to_dict(self) -> Dict[str, Any]:
return asdict(self)
@dataclass
class TrustScore:
"""
Итоговый скор доверия (0.0 - 1.0)
"""
node_id: str
score: float
updated_at: str = field(default_factory=_iso_now)
reason: Optional[str] = None
def to_dict(self) -> Dict[str, Any]:
d = asdict(self)
# Нормализация диапазона
d["score"] = max(0.0, min(1.0, float(d["score"])))
return d
@dataclass
class NodeTrust:
"""
Состояние доверия к ноде.
"""
node_id: str
score: float = 0.5
blacklisted: bool = False
manual_override: bool = False
note: Optional[str] = None
updated_at: str = field(default_factory=_iso_now)
def to_dict(self) -> Dict[str, Any]:
d = asdict(self)
d["score"] = max(0.0, min(1.0, float(d["score"])))
return d

13
app/core/my_network/__init__.py Normal file
View File

@ -0,0 +1,13 @@
"""MY Network - Distributed Content Replication System."""
from .node_service import MyNetworkNodeService
from .sync_manager import ContentSyncManager
from .peer_manager import PeerManager
from .bootstrap_manager import BootstrapManager
__all__ = [
'MyNetworkNodeService',
'ContentSyncManager',
'PeerManager',
'BootstrapManager'
]

312
app/core/my_network/bootstrap_manager.py Normal file
View File

@ -0,0 +1,312 @@
"""Bootstrap Manager - управление bootstrap нодами и начальной конфигурацией."""
import json
import logging
from pathlib import Path
from typing import Dict, List, Optional, Any
from datetime import datetime
logger = logging.getLogger(__name__)
class BootstrapManager:
"""Менеджер для работы с bootstrap конфигурацией."""
def __init__(self, bootstrap_path: str = "bootstrap.json"):
self.bootstrap_path = Path(bootstrap_path)
self.config = {}
self.nodes_history_path = Path("nodes_history.json")
self.nodes_history = {"successful_connections": [], "last_updated": None}
logger.info(f"Bootstrap Manager initialized with path: {self.bootstrap_path}")
async def load_bootstrap_config(self) -> Dict[str, Any]:
"""Загрузка bootstrap конфигурации."""
try:
if not self.bootstrap_path.exists():
logger.error(f"Bootstrap config not found: {self.bootstrap_path}")
raise FileNotFoundError(f"Bootstrap config not found: {self.bootstrap_path}")
with open(self.bootstrap_path, 'r', encoding='utf-8') as f:
self.config = json.load(f)
logger.info(f"Bootstrap config loaded: {len(self.config.get('bootstrap_nodes', []))} nodes")
# Загрузить историю нод
await self._load_nodes_history()
return self.config
except Exception as e:
logger.error(f"Error loading bootstrap config: {e}")
raise
async def _load_nodes_history(self) -> None:
"""Загрузка истории подключенных нод."""
try:
if self.nodes_history_path.exists():
with open(self.nodes_history_path, 'r', encoding='utf-8') as f:
self.nodes_history = json.load(f)
logger.info(f"Loaded nodes history: {len(self.nodes_history.get('successful_connections', []))} nodes")
else:
logger.info("No nodes history found, starting fresh")
except Exception as e:
logger.error(f"Error loading nodes history: {e}")
self.nodes_history = {"successful_connections": [], "last_updated": None}
async def save_nodes_history(self) -> None:
"""Сохранение истории нод."""
try:
self.nodes_history["last_updated"] = datetime.utcnow().isoformat()
with open(self.nodes_history_path, 'w', encoding='utf-8') as f:
json.dump(self.nodes_history, f, indent=2, ensure_ascii=False)
logger.debug("Nodes history saved")
except Exception as e:
logger.error(f"Error saving nodes history: {e}")
def get_bootstrap_nodes(self) -> List[Dict[str, Any]]:
"""Получить список bootstrap нод."""
return self.config.get('bootstrap_nodes', [])
def get_network_settings(self) -> Dict[str, Any]:
"""Получить настройки сети."""
return self.config.get('network_settings', {})
def get_sync_settings(self) -> Dict[str, Any]:
"""Получить настройки синхронизации."""
return self.config.get('sync_settings', {})
def get_content_settings(self) -> Dict[str, Any]:
"""Получить настройки контента."""
return self.config.get('content_settings', {})
def get_security_settings(self) -> Dict[str, Any]:
"""Получить настройки безопасности."""
return self.config.get('security_settings', {})
def get_api_settings(self) -> Dict[str, Any]:
"""Получить настройки API."""
return self.config.get('api_settings', {})
def get_monitoring_settings(self) -> Dict[str, Any]:
"""Получить настройки мониторинга."""
return self.config.get('monitoring_settings', {})
def get_storage_settings(self) -> Dict[str, Any]:
"""Получить настройки хранилища."""
return self.config.get('storage_settings', {})
def get_consensus_settings(self) -> Dict[str, Any]:
"""Получить настройки консенсуса."""
return self.config.get('consensus', {})
def get_feature_flags(self) -> Dict[str, Any]:
"""Получить флаги функций."""
return self.config.get('feature_flags', {})
def is_feature_enabled(self, feature_name: str) -> bool:
"""Проверить, включена ли функция."""
return self.get_feature_flags().get(feature_name, False)
def get_regional_settings(self, region: str = None) -> Dict[str, Any]:
"""Получить региональные настройки."""
regional_settings = self.config.get('regional_settings', {})
if region and region in regional_settings:
return regional_settings[region]
return regional_settings
def get_emergency_settings(self) -> Dict[str, Any]:
"""Получить настройки экстренных ситуаций."""
return self.config.get('emergency_settings', {})
def is_emergency_mode(self) -> bool:
"""Проверить, включен ли режим экстренной ситуации."""
return self.get_emergency_settings().get('emergency_mode', False)
def get_nodes_from_history(self) -> List[Dict[str, Any]]:
"""Получить ноды из истории успешных подключений."""
return self.nodes_history.get('successful_connections', [])
def add_successful_connection(self, node_info: Dict[str, Any]) -> None:
"""Добавить информацию об успешном подключении."""
try:
# Обновить существующую запись или добавить новую
existing_node = None
for i, node in enumerate(self.nodes_history['successful_connections']):
if node['node_id'] == node_info['node_id']:
existing_node = i
break
connection_info = {
"node_id": node_info['node_id'],
"address": node_info['address'],
"last_seen": datetime.utcnow().isoformat(),
"connection_count": node_info.get('connection_count', 1),
"performance_score": node_info.get('performance_score', 1.0),
"features": node_info.get('features', []),
"region": node_info.get('region', 'unknown'),
"metadata": node_info.get('metadata', {})
}
if existing_node is not None:
# Обновить существующую запись
old_info = self.nodes_history['successful_connections'][existing_node]
connection_info['connection_count'] = old_info.get('connection_count', 0) + 1
connection_info['first_seen'] = old_info.get('first_seen', connection_info['last_seen'])
self.nodes_history['successful_connections'][existing_node] = connection_info
else:
# Добавить новую запись
connection_info['first_seen'] = connection_info['last_seen']
self.nodes_history['successful_connections'].append(connection_info)
# Ограничить историю (максимум 100 нод)
if len(self.nodes_history['successful_connections']) > 100:
# Сортировать по последнему подключению и оставить 100 самых свежих
self.nodes_history['successful_connections'].sort(
key=lambda x: x['last_seen'],
reverse=True
)
self.nodes_history['successful_connections'] = \
self.nodes_history['successful_connections'][:100]
logger.debug(f"Added successful connection to history: {node_info['node_id']}")
except Exception as e:
logger.error(f"Error adding successful connection: {e}")
def remove_failed_connection(self, node_id: str) -> None:
"""Удалить ноду из истории при неудачном подключении."""
try:
self.nodes_history['successful_connections'] = [
node for node in self.nodes_history['successful_connections']
if node['node_id'] != node_id
]
logger.debug(f"Removed failed connection from history: {node_id}")
except Exception as e:
logger.error(f"Error removing failed connection: {e}")
def get_preferred_nodes(self, max_nodes: int = 10) -> List[Dict[str, Any]]:
"""Получить предпочтительные ноды для подключения."""
try:
# Комбинировать bootstrap ноды и ноды из истории
all_nodes = []
# Добавить bootstrap ноды (высокий приоритет)
for node in self.get_bootstrap_nodes():
all_nodes.append({
"node_id": node['id'],
"address": node['address'],
"priority": 100, # Высокий приоритет для bootstrap
"features": node.get('features', []),
"region": node.get('region', 'unknown'),
"source": "bootstrap"
})
# Добавить ноды из истории
for node in self.get_nodes_from_history():
# Пропустить, если уже есть в bootstrap
if any(n['node_id'] == node['node_id'] for n in all_nodes):
continue
# Рассчитать приоритет на основе performance_score и connection_count
priority = min(90, node.get('performance_score', 0.5) * 50 +
min(40, node.get('connection_count', 1) * 2))
all_nodes.append({
"node_id": node['node_id'],
"address": node['address'],
"priority": priority,
"features": node.get('features', []),
"region": node.get('region', 'unknown'),
"source": "history"
})
# Сортировать по приоритету и взять топ
all_nodes.sort(key=lambda x: x['priority'], reverse=True)
return all_nodes[:max_nodes]
except Exception as e:
logger.error(f"Error getting preferred nodes: {e}")
return []
def validate_config(self) -> bool:
"""Валидация конфигурации bootstrap."""
try:
required_fields = ['version', 'network_id', 'bootstrap_nodes']
for field in required_fields:
if field not in self.config:
logger.error(f"Missing required field: {field}")
return False
# Проверить bootstrap ноды
bootstrap_nodes = self.config.get('bootstrap_nodes', [])
if not bootstrap_nodes:
logger.error("No bootstrap nodes configured")
return False
for node in bootstrap_nodes:
required_node_fields = ['id', 'address']
for field in required_node_fields:
if field not in node:
logger.error(f"Bootstrap node missing field: {field}")
return False
logger.info("Bootstrap configuration validated successfully")
return True
except Exception as e:
logger.error(f"Error validating config: {e}")
return False
def get_config_checksum(self) -> str:
"""Получить чек-сумму конфигурации."""
return self.config.get('checksum', '')
def verify_config_signature(self) -> bool:
"""Проверить подпись конфигурации."""
# Заглушка для проверки подписи
# В реальной реализации здесь была бы криптографическая проверка
signature = self.config.get('signature', '')
return bool(signature)
async def update_bootstrap_config(self, new_config: Dict[str, Any]) -> bool:
"""Обновление bootstrap конфигурации."""
try:
# Сохранить резервную копию
backup_path = self.bootstrap_path.with_suffix('.backup')
if self.bootstrap_path.exists():
self.bootstrap_path.rename(backup_path)
# Сохранить новую конфигурацию
with open(self.bootstrap_path, 'w', encoding='utf-8') as f:
json.dump(new_config, f, indent=2, ensure_ascii=False)
# Перезагрузить конфигурацию
await self.load_bootstrap_config()
logger.info("Bootstrap configuration updated successfully")
return True
except Exception as e:
logger.error(f"Error updating bootstrap config: {e}")
# Восстановить из резервной копии
try:
if backup_path.exists():
backup_path.rename(self.bootstrap_path)
except:
pass
return False

437
app/core/my_network/node_service.py Normal file
View File

@ -0,0 +1,437 @@
"""MY Network Node Service - основной сервис ноды."""
import asyncio
import json
import logging
from datetime import datetime, timedelta
from typing import Dict, List, Optional, Set, Any
from pathlib import Path
from app.core.database import db_manager
from app.core.models.content_compatible import Content
from app.core.cache import cache
from .bootstrap_manager import BootstrapManager
from .peer_manager import PeerManager
from .sync_manager import ContentSyncManager
logger = logging.getLogger(__name__)
class MyNetworkNodeService:
"""Основной сервис ноды MY Network."""
def __init__(self, node_id: str = None, storage_path: str = "./storage/my-network"):
self.node_id = node_id or self._generate_node_id()
self.storage_path = Path(storage_path)
self.storage_path.mkdir(parents=True, exist_ok=True)
# Инициализация менеджеров
self.bootstrap_manager = BootstrapManager()
self.peer_manager = PeerManager(self.node_id)
self.sync_manager = ContentSyncManager(self.node_id)
# Состояние ноды
self.is_running = False
self.start_time = None
self.last_sync_time = None
self.node_metrics = {
"requests_30min": 0,
"total_requests": 0,
"content_synced": 0,
"active_peers": 0,
"storage_used_mb": 0
}
# История запросов для балансировки нагрузки
self.request_history = []
logger.info(f"MY Network Node Service initialized with ID: {self.node_id}")
def _generate_node_id(self) -> str:
"""Генерация уникального ID ноды."""
import uuid
return f"node-{uuid.uuid4().hex[:8]}"
async def start(self) -> None:
"""Запуск ноды MY Network."""
try:
logger.info(f"Starting MY Network Node: {self.node_id}")
# Загрузка bootstrap конфигурации
await self.bootstrap_manager.load_bootstrap_config()
# Инициализация peer manager
await self.peer_manager.initialize()
# Подключение к bootstrap нодам
await self._connect_to_bootstrap_nodes()
# Обнаружение других нод в сети
await self._discover_network_nodes()
# Запуск синхронизации контента
await self.sync_manager.start_sync_process()
# Запуск фоновых задач
asyncio.create_task(self._background_tasks())
self.is_running = True
self.start_time = datetime.utcnow()
logger.info(f"MY Network Node {self.node_id} started successfully")
except Exception as e:
logger.error(f"Failed to start MY Network Node: {e}")
raise
async def stop(self) -> None:
"""Остановка ноды MY Network."""
try:
logger.info(f"Stopping MY Network Node: {self.node_id}")
self.is_running = False
# Остановка синхронизации
await self.sync_manager.stop_sync_process()
# Отключение от пиров
await self.peer_manager.disconnect_all()
logger.info(f"MY Network Node {self.node_id} stopped")
except Exception as e:
logger.error(f"Error stopping MY Network Node: {e}")
async def _connect_to_bootstrap_nodes(self) -> None:
"""Подключение к bootstrap нодам."""
bootstrap_nodes = self.bootstrap_manager.get_bootstrap_nodes()
for node in bootstrap_nodes:
try:
# Не подключаться к самому себе
if node["id"] == self.node_id:
continue
success = await self.peer_manager.connect_to_peer(
node["id"],
node["address"]
)
if success:
logger.info(f"Connected to bootstrap node: {node['id']}")
else:
logger.warning(f"Failed to connect to bootstrap node: {node['id']}")
except Exception as e:
logger.error(f"Error connecting to bootstrap node {node['id']}: {e}")
async def _discover_network_nodes(self) -> None:
"""Обнаружение других нод в сети."""
try:
# Запрос списка нод у подключенных пиров
connected_peers = self.peer_manager.get_connected_peers()
for peer_id in connected_peers:
try:
nodes_list = await self.peer_manager.request_nodes_list(peer_id)
for node_info in nodes_list:
# Пропустить себя
if node_info["id"] == self.node_id:
continue
# Попытаться подключиться к новой ноде
if not self.peer_manager.is_connected(node_info["id"]):
await self.peer_manager.connect_to_peer(
node_info["id"],
node_info["address"]
)
except Exception as e:
logger.error(f"Error discovering nodes from peer {peer_id}: {e}")
except Exception as e:
logger.error(f"Error in network discovery: {e}")
async def _background_tasks(self) -> None:
"""Фоновые задачи ноды."""
while self.is_running:
try:
# Обновление метрик
await self._update_metrics()
# Очистка истории запросов (оставляем только за последние 30 минут)
await self._cleanup_request_history()
# Проверка состояния пиров
await self.peer_manager.check_peers_health()
# Периодическая синхронизация
if self._should_sync():
await self.sync_manager.sync_with_network()
self.last_sync_time = datetime.utcnow()
# Обновление кэша статистики
await self._update_cache_stats()
await asyncio.sleep(30) # Проверка каждые 30 секунд
except Exception as e:
logger.error(f"Error in background tasks: {e}")
await asyncio.sleep(60) # Увеличиваем интервал при ошибке
async def _update_metrics(self) -> None:
"""Обновление метрик ноды."""
try:
# Подсчет запросов за последние 30 минут
cutoff_time = datetime.utcnow() - timedelta(minutes=30)
recent_requests = [
req for req in self.request_history
if req["timestamp"] > cutoff_time
]
self.node_metrics.update({
"requests_30min": len(recent_requests),
"active_peers": len(self.peer_manager.get_connected_peers()),
"storage_used_mb": await self._calculate_storage_usage(),
"uptime_hours": self._get_uptime_hours()
})
# Сохранение в кэш для быстрого доступа
await cache.set(
f"my_network:node:{self.node_id}:metrics",
self.node_metrics,
ttl=60
)
except Exception as e:
logger.error(f"Error updating metrics: {e}")
async def _cleanup_request_history(self) -> None:
"""Очистка истории запросов."""
cutoff_time = datetime.utcnow() - timedelta(minutes=30)
self.request_history = [
req for req in self.request_history
if req["timestamp"] > cutoff_time
]
def _should_sync(self) -> bool:
"""Проверка, нужно ли запускать синхронизацию."""
if not self.last_sync_time:
return True
# Синхронизация каждые 5 минут
return datetime.utcnow() - self.last_sync_time > timedelta(minutes=5)
async def _calculate_storage_usage(self) -> int:
"""Подсчет использования хранилища в МБ."""
try:
total_size = 0
if self.storage_path.exists():
for file_path in self.storage_path.rglob("*"):
if file_path.is_file():
total_size += file_path.stat().st_size
return total_size // (1024 * 1024) # Конвертация в МБ
except Exception as e:
logger.error(f"Error calculating storage usage: {e}")
return 0
def _get_uptime_hours(self) -> float:
"""Получение времени работы ноды в часах."""
if not self.start_time:
return 0.0
uptime = datetime.utcnow() - self.start_time
return uptime.total_seconds() / 3600
async def _update_cache_stats(self) -> None:
"""Обновление статистики в кэше."""
try:
stats = {
"node_id": self.node_id,
"is_running": self.is_running,
"start_time": self.start_time.isoformat() if self.start_time else None,
"last_sync_time": self.last_sync_time.isoformat() if self.last_sync_time else None,
"metrics": self.node_metrics,
"connected_peers": list(self.peer_manager.get_connected_peers()),
"sync_status": await self.sync_manager.get_sync_status()
}
await cache.set(
f"my_network:node:{self.node_id}:status",
stats,
ttl=30
)
except Exception as e:
logger.error(f"Error updating cache stats: {e}")
def record_request(self, request_info: Dict[str, Any]) -> None:
"""Записать информацию о запросе для метрик."""
self.request_history.append({
"timestamp": datetime.utcnow(),
"endpoint": request_info.get("endpoint", "unknown"),
"method": request_info.get("method", "GET"),
"client_ip": request_info.get("client_ip", "unknown")
})
self.node_metrics["total_requests"] += 1
def get_load_info(self) -> Dict[str, Any]:
"""Получить информацию о нагрузке ноды для балансировки."""
return {
"node_id": self.node_id,
"requests_30min": self.node_metrics["requests_30min"],
"load_percentage": min(100, (self.node_metrics["requests_30min"] / 1000) * 100),
"active_peers": self.node_metrics["active_peers"],
"storage_used_mb": self.node_metrics["storage_used_mb"],
"uptime_hours": self._get_uptime_hours(),
"is_healthy": self.is_running and self.node_metrics["active_peers"] > 0
}
async def replicate_content(self, content_hash: str, target_nodes: List[str] = None) -> Dict[str, Any]:
"""Реплицировать контент на другие ноды."""
try:
logger.info(f"Starting replication of content: {content_hash}")
# Найти контент в локальной БД
async with db_manager.get_session() as session:
from sqlalchemy import select
stmt = select(Content).where(Content.hash == content_hash)
result = await session.execute(stmt)
content = result.scalar_one_or_none()
if not content:
raise ValueError(f"Content not found: {content_hash}")
# Определить целевые ноды
if not target_nodes:
target_nodes = self.peer_manager.select_replication_nodes()
# Запустить репликацию через sync manager
result = await self.sync_manager.replicate_content_to_nodes(
content_hash,
target_nodes
)
logger.info(f"Content replication completed: {content_hash}")
return result
except Exception as e:
logger.error(f"Error replicating content {content_hash}: {e}")
raise
async def get_network_status(self) -> Dict[str, Any]:
"""Получить статус всей сети MY Network."""
try:
connected_peers = self.peer_manager.get_connected_peers()
sync_status = await self.sync_manager.get_sync_status()
# Получить статус от всех подключенных пиров
peer_statuses = {}
for peer_id in connected_peers:
try:
peer_status = await self.peer_manager.request_peer_status(peer_id)
peer_statuses[peer_id] = peer_status
except Exception as e:
peer_statuses[peer_id] = {"error": str(e)}
return {
"local_node": {
"id": self.node_id,
"status": "running" if self.is_running else "stopped",
"metrics": self.node_metrics,
"uptime_hours": self._get_uptime_hours()
},
"network": {
"connected_peers": len(connected_peers),
"total_discovered_nodes": len(peer_statuses) + 1,
"sync_status": sync_status,
"last_sync": self.last_sync_time.isoformat() if self.last_sync_time else None
},
"peers": peer_statuses
}
except Exception as e:
logger.error(f"Error getting network status: {e}")
return {"error": str(e)}
async def get_content_sync_status(self, content_hash: str) -> Dict[str, Any]:
"""Получить статус синхронизации конкретного контента."""
return await self.sync_manager.get_content_sync_status(content_hash)
async def get_node_info(self) -> Dict[str, Any]:
"""Получить информацию о текущей ноде."""
try:
uptime_seconds = self._get_uptime_hours() * 3600 if self.start_time else 0
return {
"node_id": self.node_id,
"status": "running" if self.is_running else "stopped",
"version": "2.0",
"uptime": uptime_seconds,
"start_time": self.start_time.isoformat() if self.start_time else None,
"metrics": self.node_metrics.copy(),
"storage_path": str(self.storage_path),
"last_sync": self.last_sync_time.isoformat() if self.last_sync_time else None
}
except Exception as e:
logger.error(f"Error getting node info: {e}")
return {
"node_id": self.node_id,
"status": "error",
"error": str(e)
}
async def get_peers_info(self) -> Dict[str, Any]:
"""Получить информацию о пирах."""
try:
connected_peers = self.peer_manager.get_connected_peers()
all_peers_info = self.peer_manager.get_all_peers_info()
connection_stats = self.peer_manager.get_connection_stats()
return {
"peer_count": len(connected_peers),
"connected_peers": list(connected_peers),
"peers": list(all_peers_info.values()),
"connection_stats": connection_stats,
"healthy_connections": connection_stats.get("healthy_connections", 0),
"total_connections": connection_stats.get("total_connections", 0),
"average_latency_ms": connection_stats.get("average_latency_ms")
}
except Exception as e:
logger.error(f"Error getting peers info: {e}")
return {
"peer_count": 0,
"connected_peers": [],
"peers": [],
"error": str(e)
}
# Глобальный экземпляр сервиса ноды
_node_service: Optional[MyNetworkNodeService] = None
def get_node_service() -> MyNetworkNodeService:
"""Получить глобальный экземпляр сервиса ноды."""
global _node_service
if _node_service is None:
_node_service = MyNetworkNodeService()
return _node_service
async def initialize_my_network() -> None:
"""Инициализация MY Network."""
node_service = get_node_service()
await node_service.start()
async def shutdown_my_network() -> None:
"""Остановка MY Network."""
global _node_service
if _node_service:
await _node_service.stop()
_node_service = None

477
app/core/my_network/peer_manager.py Normal file
View File

@ -0,0 +1,477 @@
"""Peer Manager - управление подключениями к другим нодам."""
import asyncio
import aiohttp
import logging
from datetime import datetime, timedelta
from typing import Dict, List, Set, Optional, Any
from urllib.parse import urlparse
logger = logging.getLogger(__name__)
class PeerConnection:
"""Представление подключения к пиру."""
def __init__(self, peer_id: str, address: str):
self.peer_id = peer_id
self.address = address
self.connected_at = datetime.utcnow()
self.last_ping = None
self.last_pong = None
self.is_healthy = True
self.ping_failures = 0
self.request_count = 0
self.features = []
self.metadata = {}
@property
def uptime(self) -> timedelta:
"""Время подключения."""
return datetime.utcnow() - self.connected_at
@property
def ping_latency(self) -> Optional[float]:
"""Задержка пинга в миллисекундах."""
if self.last_ping and self.last_pong:
return (self.last_pong - self.last_ping).total_seconds() * 1000
return None
def mark_ping_sent(self):
"""Отметить отправку пинга."""
self.last_ping = datetime.utcnow()
def mark_pong_received(self):
"""Отметить получение понга."""
self.last_pong = datetime.utcnow()
self.ping_failures = 0
self.is_healthy = True
def mark_ping_failed(self):
"""Отметить неудачный пинг."""
self.ping_failures += 1
if self.ping_failures >= 3:
self.is_healthy = False
class PeerManager:
"""Менеджер для управления подключениями к пирам."""
def __init__(self, node_id: str):
self.node_id = node_id
self.connections: Dict[str, PeerConnection] = {}
self.blacklisted_peers: Set[str] = set()
self.connection_semaphore = asyncio.Semaphore(25) # Макс 25 исходящих подключений
self.session: Optional[aiohttp.ClientSession] = None
logger.info(f"Peer Manager initialized for node: {node_id}")
async def initialize(self) -> None:
"""Инициализация менеджера пиров."""
try:
# Создать HTTP сессию для запросов
timeout = aiohttp.ClientTimeout(total=30, connect=10)
self.session = aiohttp.ClientSession(
timeout=timeout,
headers={'User-Agent': f'MY-Network-Node/{self.node_id}'}
)
logger.info("Peer Manager initialized successfully")
except Exception as e:
logger.error(f"Error initializing Peer Manager: {e}")
raise
async def cleanup(self) -> None:
"""Очистка ресурсов."""
if self.session:
await self.session.close()
self.session = None
self.connections.clear()
logger.info("Peer Manager cleaned up")
async def connect_to_peer(self, peer_id: str, address: str) -> bool:
"""Подключение к пиру."""
try:
# Проверить, что не подключаемся к себе
if peer_id == self.node_id:
logger.debug(f"Skipping connection to self: {peer_id}")
return False
# Проверить черный список
if peer_id in self.blacklisted_peers:
logger.debug(f"Peer {peer_id} is blacklisted")
return False
# Проверить, уже подключены ли
if peer_id in self.connections:
connection = self.connections[peer_id]
if connection.is_healthy:
logger.debug(f"Already connected to peer: {peer_id}")
return True
else:
# Удалить нездоровое подключение
del self.connections[peer_id]
async with self.connection_semaphore:
logger.info(f"Connecting to peer: {peer_id} at {address}")
# Попытка подключения через handshake
success = await self._perform_handshake(peer_id, address)
if success:
# Создать подключение
connection = PeerConnection(peer_id, address)
self.connections[peer_id] = connection
logger.info(f"Successfully connected to peer: {peer_id}")
return True
else:
logger.warning(f"Failed to connect to peer: {peer_id}")
return False
except Exception as e:
logger.error(f"Error connecting to peer {peer_id}: {e}")
return False
async def _perform_handshake(self, peer_id: str, address: str) -> bool:
"""Выполнить handshake с пиром."""
try:
if not self.session:
return False
# Парсить адрес
parsed_url = self._parse_peer_address(address)
if not parsed_url:
return False
handshake_url = f"{parsed_url}/api/my/handshake"
handshake_data = {
"node_id": self.node_id,
"protocol_version": "1.0.0",
"features": [
"content_sync",
"consensus",
"monitoring"
],
"timestamp": datetime.utcnow().isoformat()
}
async with self.session.post(handshake_url, json=handshake_data) as response:
if response.status == 200:
response_data = await response.json()
# Проверить ответ
if (response_data.get("node_id") == peer_id and
response_data.get("status") == "accepted"):
# Сохранить информацию о пире
if peer_id in self.connections:
self.connections[peer_id].features = response_data.get("features", [])
self.connections[peer_id].metadata = response_data.get("metadata", {})
return True
logger.warning(f"Handshake failed with peer {peer_id}: HTTP {response.status}")
return False
except Exception as e:
logger.error(f"Error in handshake with peer {peer_id}: {e}")
return False
def _parse_peer_address(self, address: str) -> Optional[str]:
"""Парсинг адреса пира."""
try:
# Поддержка форматов:
# my://host:port
# http://host:port
# https://host:port
# host:port
if address.startswith("my://"):
# Конвертировать MY протокол в HTTP
address = address.replace("my://", "http://")
elif not address.startswith(("http://", "https://")):
# Добавить HTTP префикс
address = f"http://{address}"
parsed = urlparse(address)
if parsed.hostname:
return f"{parsed.scheme}://{parsed.netloc}"
return None
except Exception as e:
logger.error(f"Error parsing peer address {address}: {e}")
return None
async def disconnect_from_peer(self, peer_id: str) -> None:
"""Отключение от пира."""
try:
if peer_id in self.connections:
connection = self.connections[peer_id]
# Попытаться отправить уведомление об отключении
try:
await self._send_disconnect_notification(peer_id)
except:
pass # Игнорировать ошибки при отключении
# Удалить подключение
del self.connections[peer_id]
logger.info(f"Disconnected from peer: {peer_id}")
except Exception as e:
logger.error(f"Error disconnecting from peer {peer_id}: {e}")
async def _send_disconnect_notification(self, peer_id: str) -> None:
"""Отправить уведомление об отключении."""
try:
if peer_id not in self.connections or not self.session:
return
connection = self.connections[peer_id]
parsed_url = self._parse_peer_address(connection.address)
if parsed_url:
disconnect_url = f"{parsed_url}/api/my/disconnect"
disconnect_data = {
"node_id": self.node_id,
"reason": "graceful_shutdown",
"timestamp": datetime.utcnow().isoformat()
}
async with self.session.post(disconnect_url, json=disconnect_data) as response:
if response.status == 200:
logger.debug(f"Disconnect notification sent to {peer_id}")
except Exception as e:
logger.debug(f"Error sending disconnect notification to {peer_id}: {e}")
async def disconnect_all(self) -> None:
"""Отключение от всех пиров."""
disconnect_tasks = []
for peer_id in list(self.connections.keys()):
disconnect_tasks.append(self.disconnect_from_peer(peer_id))
if disconnect_tasks:
await asyncio.gather(*disconnect_tasks, return_exceptions=True)
logger.info("Disconnected from all peers")
async def check_peers_health(self) -> None:
"""Проверка здоровья всех подключений."""
ping_tasks = []
for peer_id in list(self.connections.keys()):
ping_tasks.append(self._ping_peer(peer_id))
if ping_tasks:
await asyncio.gather(*ping_tasks, return_exceptions=True)
# Удалить нездоровые подключения
unhealthy_peers = [
peer_id for peer_id, conn in self.connections.items()
if not conn.is_healthy
]
for peer_id in unhealthy_peers:
logger.warning(f"Removing unhealthy peer: {peer_id}")
await self.disconnect_from_peer(peer_id)
async def _ping_peer(self, peer_id: str) -> None:
"""Пинг пира."""
try:
if peer_id not in self.connections or not self.session:
return
connection = self.connections[peer_id]
parsed_url = self._parse_peer_address(connection.address)
if not parsed_url:
connection.mark_ping_failed()
return
ping_url = f"{parsed_url}/api/my/ping"
connection.mark_ping_sent()
async with self.session.get(ping_url) as response:
if response.status == 200:
connection.mark_pong_received()
logger.debug(f"Ping successful to {peer_id}, latency: {connection.ping_latency:.1f}ms")
else:
connection.mark_ping_failed()
logger.debug(f"Ping failed to {peer_id}: HTTP {response.status}")
except Exception as e:
if peer_id in self.connections:
self.connections[peer_id].mark_ping_failed()
logger.debug(f"Ping error to {peer_id}: {e}")
def get_connected_peers(self) -> Set[str]:
"""Получить множество подключенных пиров."""
return {
peer_id for peer_id, conn in self.connections.items()
if conn.is_healthy
}
def is_connected(self, peer_id: str) -> bool:
"""Проверить, подключены ли к пиру."""
return (peer_id in self.connections and
self.connections[peer_id].is_healthy)
def get_peer_info(self, peer_id: str) -> Optional[Dict[str, Any]]:
"""Получить информацию о пире."""
if peer_id not in self.connections:
return None
connection = self.connections[peer_id]
return {
"peer_id": peer_id,
"address": connection.address,
"connected_at": connection.connected_at.isoformat(),
"uptime_seconds": connection.uptime.total_seconds(),
"is_healthy": connection.is_healthy,
"ping_latency_ms": connection.ping_latency,
"ping_failures": connection.ping_failures,
"request_count": connection.request_count,
"features": connection.features,
"metadata": connection.metadata
}
def get_all_peers_info(self) -> Dict[str, Dict[str, Any]]:
"""Получить информацию обо всех пирах."""
return {
peer_id: self.get_peer_info(peer_id)
for peer_id in self.connections.keys()
}
def select_replication_nodes(self, count: int = 3) -> List[str]:
"""Выбрать ноды для репликации контента."""
healthy_peers = [
peer_id for peer_id, conn in self.connections.items()
if conn.is_healthy
]
if len(healthy_peers) <= count:
return healthy_peers
# Выбрать ноды с лучшими характеристиками
peer_scores = []
for peer_id in healthy_peers:
connection = self.connections[peer_id]
# Рассчитать оценку на основе различных факторов
latency_score = 1.0
if connection.ping_latency:
latency_score = max(0.1, 1.0 - (connection.ping_latency / 1000))
uptime_score = min(1.0, connection.uptime.total_seconds() / 3600) # Время работы в часах
failure_score = max(0.1, 1.0 - (connection.ping_failures / 10))
total_score = (latency_score * 0.4 + uptime_score * 0.3 + failure_score * 0.3)
peer_scores.append((peer_id, total_score))
# Сортировать по оценке и взять топ
peer_scores.sort(key=lambda x: x[1], reverse=True)
return [peer_id for peer_id, _ in peer_scores[:count]]
async def request_nodes_list(self, peer_id: str) -> List[Dict[str, Any]]:
"""Запросить список нод у пира."""
try:
if peer_id not in self.connections or not self.session:
return []
connection = self.connections[peer_id]
parsed_url = self._parse_peer_address(connection.address)
if not parsed_url:
return []
nodes_url = f"{parsed_url}/api/my/nodes"
async with self.session.get(nodes_url) as response:
if response.status == 200:
data = await response.json()
return data.get("nodes", [])
else:
logger.warning(f"Failed to get nodes list from {peer_id}: HTTP {response.status}")
return []
except Exception as e:
logger.error(f"Error requesting nodes list from {peer_id}: {e}")
return []
async def request_peer_status(self, peer_id: str) -> Dict[str, Any]:
"""Запросить статус пира."""
try:
if peer_id not in self.connections or not self.session:
return {"error": "Not connected"}
connection = self.connections[peer_id]
parsed_url = self._parse_peer_address(connection.address)
if not parsed_url:
return {"error": "Invalid address"}
status_url = f"{parsed_url}/api/my/status"
async with self.session.get(status_url) as response:
if response.status == 200:
return await response.json()
else:
return {"error": f"HTTP {response.status}"}
except Exception as e:
logger.error(f"Error requesting peer status from {peer_id}: {e}")
return {"error": str(e)}
def add_to_blacklist(self, peer_id: str, duration_hours: int = 24) -> None:
"""Добавить пира в черный список."""
self.blacklisted_peers.add(peer_id)
# Запланировать удаление из черного списка
async def remove_from_blacklist():
await asyncio.sleep(duration_hours * 3600)
self.blacklisted_peers.discard(peer_id)
logger.info(f"Removed {peer_id} from blacklist")
asyncio.create_task(remove_from_blacklist())
logger.info(f"Added {peer_id} to blacklist for {duration_hours} hours")
def get_connection_stats(self) -> Dict[str, Any]:
"""Получить статистику подключений."""
healthy_connections = sum(1 for conn in self.connections.values() if conn.is_healthy)
return {
"total_connections": len(self.connections),
"healthy_connections": healthy_connections,
"blacklisted_peers": len(self.blacklisted_peers),
"average_latency_ms": self._calculate_average_latency(),
"connection_details": [
{
"peer_id": peer_id,
"uptime_hours": conn.uptime.total_seconds() / 3600,
"ping_latency_ms": conn.ping_latency,
"is_healthy": conn.is_healthy
}
for peer_id, conn in self.connections.items()
]
}
def _calculate_average_latency(self) -> Optional[float]:
"""Рассчитать среднюю задержку."""
latencies = [
conn.ping_latency for conn in self.connections.values()
if conn.ping_latency is not None and conn.is_healthy
]
if latencies:
return sum(latencies) / len(latencies)
return None

700
app/core/my_network/sync_manager.py Normal file
View File

@ -0,0 +1,700 @@
"""Content Sync Manager - синхронизация контента между нодами."""
import asyncio
import aiohttp
import hashlib
import logging
from datetime import datetime, timedelta
from pathlib import Path
from typing import Dict, List, Optional, Any, Set
from sqlalchemy import select, and_
from app.core.database import db_manager
from app.core.models.content_compatible import Content, ContentMetadata
from app.core.cache import cache
logger = logging.getLogger(__name__)
class ContentSyncStatus:
"""Статус синхронизации контента."""
def __init__(self, content_hash: str):
self.content_hash = content_hash
self.sync_started = datetime.utcnow()
self.sync_completed = None
self.nodes_synced = set()
self.nodes_failed = set()
self.total_nodes = 0
self.bytes_synced = 0
self.status = "syncing" # syncing, completed, failed, partial
self.error_message = None
@property
def is_completed(self) -> bool:
return self.status in ["completed", "partial"]
@property
def success_rate(self) -> float:
if self.total_nodes == 0:
return 0.0
return len(self.nodes_synced) / self.total_nodes
def to_dict(self) -> Dict[str, Any]:
return {
"content_hash": self.content_hash,
"status": self.status,
"sync_started": self.sync_started.isoformat(),
"sync_completed": self.sync_completed.isoformat() if self.sync_completed else None,
"nodes_synced": list(self.nodes_synced),
"nodes_failed": list(self.nodes_failed),
"total_nodes": self.total_nodes,
"bytes_synced": self.bytes_synced,
"success_rate": self.success_rate,
"error_message": self.error_message
}
class ContentSyncManager:
"""Менеджер синхронизации контента между нодами MY Network."""
def __init__(self, node_id: str):
self.node_id = node_id
self.sync_queue: asyncio.Queue = asyncio.Queue()
self.active_syncs: Dict[str, ContentSyncStatus] = {}
self.sync_history: List[ContentSyncStatus] = []
self.is_running = False
self.sync_workers: List[asyncio.Task] = []
self.session: Optional[aiohttp.ClientSession] = None
# Настройки синхронизации
self.max_concurrent_syncs = 5
self.chunk_size = 1024 * 1024 # 1MB chunks
self.sync_timeout = 300 # 5 minutes per content
self.retry_attempts = 3
logger.info(f"Content Sync Manager initialized for node: {node_id}")
async def start_sync_process(self) -> None:
"""Запуск процесса синхронизации."""
try:
# Создать HTTP сессию
timeout = aiohttp.ClientTimeout(total=self.sync_timeout)
self.session = aiohttp.ClientSession(timeout=timeout)
# Запустить worker'ы для синхронизации
self.is_running = True
for i in range(self.max_concurrent_syncs):
worker = asyncio.create_task(self._sync_worker(f"worker-{i}"))
self.sync_workers.append(worker)
logger.info(f"Started {len(self.sync_workers)} sync workers")
except Exception as e:
logger.error(f"Error starting sync process: {e}")
raise
async def stop_sync_process(self) -> None:
"""Остановка процесса синхронизации."""
try:
self.is_running = False
# Остановить worker'ы
for worker in self.sync_workers:
worker.cancel()
if self.sync_workers:
await asyncio.gather(*self.sync_workers, return_exceptions=True)
# Закрыть HTTP сессию
if self.session:
await self.session.close()
self.session = None
self.sync_workers.clear()
logger.info("Sync process stopped")
except Exception as e:
logger.error(f"Error stopping sync process: {e}")
async def _sync_worker(self, worker_name: str) -> None:
"""Worker для обработки очереди синхронизации."""
logger.info(f"Sync worker {worker_name} started")
while self.is_running:
try:
# Получить задачу из очереди
sync_task = await asyncio.wait_for(
self.sync_queue.get(),
timeout=1.0
)
# Обработать задачу синхронизации
await self._process_sync_task(sync_task)
except asyncio.TimeoutError:
continue # Продолжить ожидание
except Exception as e:
logger.error(f"Error in sync worker {worker_name}: {e}")
await asyncio.sleep(5) # Пауза при ошибке
logger.info(f"Sync worker {worker_name} stopped")
async def _process_sync_task(self, sync_task: Dict[str, Any]) -> None:
"""Обработка задачи синхронизации."""
try:
task_type = sync_task.get("type")
content_hash = sync_task.get("content_hash")
target_nodes = sync_task.get("target_nodes", [])
if task_type == "replicate":
await self._replicate_content(content_hash, target_nodes)
elif task_type == "download":
source_node = sync_task.get("source_node")
await self._download_content(content_hash, source_node)
elif task_type == "verify":
await self._verify_content_integrity(content_hash)
else:
logger.warning(f"Unknown sync task type: {task_type}")
except Exception as e:
logger.error(f"Error processing sync task: {e}")
async def replicate_content_to_nodes(self, content_hash: str, target_nodes: List[str]) -> Dict[str, Any]:
"""Реплицировать контент на указанные ноды."""
try:
# Создать статус синхронизации
sync_status = ContentSyncStatus(content_hash)
sync_status.total_nodes = len(target_nodes)
self.active_syncs[content_hash] = sync_status
# Добавить задачу в очередь
sync_task = {
"type": "replicate",
"content_hash": content_hash,
"target_nodes": target_nodes
}
await self.sync_queue.put(sync_task)
logger.info(f"Queued replication of {content_hash} to {len(target_nodes)} nodes")
return {
"status": "queued",
"content_hash": content_hash,
"target_nodes": target_nodes,
"sync_id": content_hash
}
except Exception as e:
logger.error(f"Error queuing content replication: {e}")
raise
async def _replicate_content(self, content_hash: str, target_nodes: List[str]) -> None:
"""Реплицировать контент на целевые ноды."""
try:
if content_hash not in self.active_syncs:
logger.warning(f"No sync status found for content: {content_hash}")
return
sync_status = self.active_syncs[content_hash]
# Получить контент из локальной БД
content_info = await self._get_local_content_info(content_hash)
if not content_info:
sync_status.status = "failed"
sync_status.error_message = "Content not found locally"
return
# Реплицировать на каждую ноду
replication_tasks = []
for node_id in target_nodes:
task = self._replicate_to_single_node(content_hash, node_id, content_info)
replication_tasks.append(task)
# Ждать завершения всех репликаций
results = await asyncio.gather(*replication_tasks, return_exceptions=True)
# Обработать результаты
for i, result in enumerate(results):
node_id = target_nodes[i]
if isinstance(result, Exception):
sync_status.nodes_failed.add(node_id)
logger.error(f"Replication to {node_id} failed: {result}")
elif result:
sync_status.nodes_synced.add(node_id)
sync_status.bytes_synced += content_info.get("file_size", 0)
logger.info(f"Successfully replicated to {node_id}")
else:
sync_status.nodes_failed.add(node_id)
# Завершить синхронизацию
self._complete_sync(sync_status)
except Exception as e:
if content_hash in self.active_syncs:
self.active_syncs[content_hash].status = "failed"
self.active_syncs[content_hash].error_message = str(e)
logger.error(f"Error replicating content {content_hash}: {e}")
async def _replicate_to_single_node(self, content_hash: str, node_id: str, content_info: Dict[str, Any]) -> bool:
"""Реплицировать контент на одну ноду."""
try:
if not self.session:
return False
# Получить адрес ноды (через peer manager)
from .node_service import get_node_service
node_service = get_node_service()
peer_info = node_service.peer_manager.get_peer_info(node_id)
if not peer_info:
logger.warning(f"No peer info for node: {node_id}")
return False
# Парсить адрес
peer_address = node_service.peer_manager._parse_peer_address(peer_info["address"])
if not peer_address:
return False
# Проверить, нужна ли репликация
check_url = f"{peer_address}/api/my/content/{content_hash}/exists"
async with self.session.get(check_url) as response:
if response.status == 200:
exists_data = await response.json()
if exists_data.get("exists", False):
logger.debug(f"Content {content_hash} already exists on {node_id}")
return True
# Начать репликацию
replicate_url = f"{peer_address}/api/my/content/replicate"
# Подготовить данные для репликации
replication_data = {
"content_hash": content_hash,
"metadata": content_info,
"source_node": self.node_id
}
async with self.session.post(replicate_url, json=replication_data) as response:
if response.status == 200:
# Передать сам файл
success = await self._upload_content_to_node(
content_hash,
peer_address,
content_info
)
return success
else:
logger.warning(f"Replication request failed to {node_id}: HTTP {response.status}")
return False
except Exception as e:
logger.error(f"Error replicating to node {node_id}: {e}")
return False
async def _upload_content_to_node(self, content_hash: str, peer_address: str, content_info: Dict[str, Any]) -> bool:
"""Загрузить файл контента на ноду."""
try:
if not self.session:
return False
# Найти файл локально
file_path = Path(content_info.get("file_path", ""))
if not file_path.exists():
logger.error(f"Local file not found: {file_path}")
return False
upload_url = f"{peer_address}/api/my/content/{content_hash}/upload"
# Создать multipart upload
with open(file_path, 'rb') as file:
data = aiohttp.FormData()
data.add_field('file', file, filename=content_info.get("filename", "unknown"))
async with self.session.post(upload_url, data=data) as response:
if response.status == 200:
result = await response.json()
return result.get("success", False)
else:
logger.error(f"File upload failed: HTTP {response.status}")
return False
except Exception as e:
logger.error(f"Error uploading content to node: {e}")
return False
async def _get_local_content_info(self, content_hash: str) -> Optional[Dict[str, Any]]:
"""Получить информацию о локальном контенте."""
try:
async with db_manager.get_session() as session:
# Найти контент по хешу
stmt = select(Content).where(
(Content.md5_hash == content_hash) | (Content.sha256_hash == content_hash)
)
result = await session.execute(stmt)
content = result.scalar_one_or_none()
if not content:
return None
# Получить метаданные
metadata_stmt = select(ContentMetadata).where(ContentMetadata.content_id == content.id)
metadata_result = await session.execute(metadata_stmt)
metadata = metadata_result.scalar_one_or_none()
return {
"id": content.id,
"hash": content_hash,
"filename": content.filename,
"original_filename": content.original_filename,
"file_path": content.file_path,
"file_size": content.file_size,
"file_type": content.file_type,
"mime_type": content.mime_type,
"encrypted": content.encrypted if hasattr(content, 'encrypted') else False,
"metadata": metadata.to_dict() if metadata and hasattr(metadata, 'to_dict') else {}
}
except Exception as e:
logger.error(f"Error getting local content info: {e}")
return None
async def download_content_from_network(self, content_hash: str, source_nodes: List[str] = None) -> bool:
"""Скачать контент из сети."""
try:
# Добавить задачу загрузки в очередь
for source_node in (source_nodes or []):
sync_task = {
"type": "download",
"content_hash": content_hash,
"source_node": source_node
}
await self.sync_queue.put(sync_task)
logger.info(f"Queued download of {content_hash} from {len(source_nodes or [])} nodes")
return True
except Exception as e:
logger.error(f"Error queuing content download: {e}")
return False
async def _download_content(self, content_hash: str, source_node: str) -> bool:
"""Скачать контент с конкретной ноды."""
try:
if not self.session:
return False
# Получить адрес исходной ноды
from .node_service import get_node_service
node_service = get_node_service()
peer_info = node_service.peer_manager.get_peer_info(source_node)
if not peer_info:
logger.warning(f"No peer info for source node: {source_node}")
return False
peer_address = node_service.peer_manager._parse_peer_address(peer_info["address"])
if not peer_address:
return False
# Получить метаданные контента
metadata_url = f"{peer_address}/api/my/content/{content_hash}/metadata"
async with self.session.get(metadata_url) as response:
if response.status != 200:
logger.error(f"Failed to get content metadata: HTTP {response.status}")
return False
content_metadata = await response.json()
# Скачать файл
download_url = f"{peer_address}/api/my/content/{content_hash}/download"
async with self.session.get(download_url) as response:
if response.status != 200:
logger.error(f"Failed to download content: HTTP {response.status}")
return False
# Сохранить файл локально
local_path = await self._save_downloaded_content(
content_hash,
response,
content_metadata
)
if local_path:
# Сохранить в базу данных
await self._save_content_to_db(content_hash, local_path, content_metadata)
logger.info(f"Successfully downloaded content {content_hash} from {source_node}")
return True
return False
except Exception as e:
logger.error(f"Error downloading content from {source_node}: {e}")
return False
async def _save_downloaded_content(self, content_hash: str, response: aiohttp.ClientResponse, metadata: Dict[str, Any]) -> Optional[Path]:
"""Сохранить скачанный контент."""
try:
# Создать путь для сохранения
storage_path = Path("./storage/my-network/downloaded")
storage_path.mkdir(parents=True, exist_ok=True)
filename = metadata.get("filename", f"{content_hash}")
file_path = storage_path / filename
# Сохранить файл
with open(file_path, 'wb') as f:
async for chunk in response.content.iter_chunked(self.chunk_size):
f.write(chunk)
# Проверить целостность
if await self._verify_file_integrity(file_path, content_hash):
return file_path
else:
file_path.unlink() # Удалить поврежденный файл
return None
except Exception as e:
logger.error(f"Error saving downloaded content: {e}")
return None
async def _verify_file_integrity(self, file_path: Path, expected_hash: str) -> bool:
"""Проверить целостность файла."""
try:
# Вычислить хеш файла
hash_md5 = hashlib.md5()
hash_sha256 = hashlib.sha256()
with open(file_path, 'rb') as f:
for chunk in iter(lambda: f.read(self.chunk_size), b""):
hash_md5.update(chunk)
hash_sha256.update(chunk)
file_md5 = hash_md5.hexdigest()
file_sha256 = hash_sha256.hexdigest()
# Проверить соответствие
return expected_hash in [file_md5, file_sha256]
except Exception as e:
logger.error(f"Error verifying file integrity: {e}")
return False
async def _save_content_to_db(self, content_hash: str, file_path: Path, metadata: Dict[str, Any]) -> None:
"""Сохранить информацию о контенте в базу данных."""
try:
async with db_manager.get_session() as session:
# Создать запись контента
content = Content(
filename=metadata.get("filename", file_path.name),
original_filename=metadata.get("original_filename", file_path.name),
file_path=str(file_path),
file_size=file_path.stat().st_size,
file_type=metadata.get("file_type", "unknown"),
mime_type=metadata.get("mime_type", "application/octet-stream"),
md5_hash=content_hash if len(content_hash) == 32 else None,
sha256_hash=content_hash if len(content_hash) == 64 else None,
is_active=True,
processing_status="completed"
)
session.add(content)
await session.flush()
# Сохранить метаданные если есть
if metadata.get("metadata"):
content_metadata = ContentMetadata(
content_id=content.id,
**metadata["metadata"]
)
session.add(content_metadata)
await session.commit()
logger.info(f"Saved content {content_hash} to database")
except Exception as e:
logger.error(f"Error saving content to database: {e}")
def _complete_sync(self, sync_status: ContentSyncStatus) -> None:
"""Завершить синхронизацию."""
sync_status.sync_completed = datetime.utcnow()
# Определить итоговый статус
if len(sync_status.nodes_synced) == sync_status.total_nodes:
sync_status.status = "completed"
elif len(sync_status.nodes_synced) > 0:
sync_status.status = "partial"
else:
sync_status.status = "failed"
# Переместить в историю
self.sync_history.append(sync_status)
del self.active_syncs[sync_status.content_hash]
# Ограничить историю
if len(self.sync_history) > 100:
self.sync_history = self.sync_history[-100:]
logger.info(f"Sync completed for {sync_status.content_hash}: {sync_status.status}")
async def sync_with_network(self) -> Dict[str, Any]:
"""Синхронизация с сетью - обнаружение и загрузка нового контента."""
try:
from .node_service import get_node_service
node_service = get_node_service()
connected_peers = node_service.peer_manager.get_connected_peers()
if not connected_peers:
return {"status": "no_peers", "message": "No connected peers for sync"}
# Получить списки контента от всех пиров
network_content = {}
for peer_id in connected_peers:
try:
peer_content = await self._get_peer_content_list(peer_id)
network_content[peer_id] = peer_content
except Exception as e:
logger.error(f"Error getting content list from {peer_id}: {e}")
# Найти новый контент для загрузки
new_content = await self._identify_new_content(network_content)
# Запустить загрузку нового контента
download_tasks = []
for content_hash, source_nodes in new_content.items():
download_tasks.append(
self.download_content_from_network(content_hash, source_nodes)
)
if download_tasks:
results = await asyncio.gather(*download_tasks, return_exceptions=True)
successful_downloads = sum(1 for r in results if r is True)
return {
"status": "sync_completed",
"new_content_found": len(new_content),
"downloads_queued": len(download_tasks),
"immediate_successes": successful_downloads
}
else:
return {
"status": "up_to_date",
"message": "No new content found"
}
except Exception as e:
logger.error(f"Error in network sync: {e}")
return {"status": "error", "message": str(e)}
async def _get_peer_content_list(self, peer_id: str) -> List[Dict[str, Any]]:
"""Получить список контента от пира."""
try:
if not self.session:
return []
from .node_service import get_node_service
node_service = get_node_service()
peer_info = node_service.peer_manager.get_peer_info(peer_id)
if not peer_info:
return []
peer_address = node_service.peer_manager._parse_peer_address(peer_info["address"])
if not peer_address:
return []
content_list_url = f"{peer_address}/api/my/content/list"
async with self.session.get(content_list_url) as response:
if response.status == 200:
data = await response.json()
return data.get("content", [])
else:
logger.warning(f"Failed to get content list from {peer_id}: HTTP {response.status}")
return []
except Exception as e:
logger.error(f"Error getting content list from {peer_id}: {e}")
return []
async def _identify_new_content(self, network_content: Dict[str, List[Dict[str, Any]]]) -> Dict[str, List[str]]:
"""Определить новый контент для загрузки."""
try:
# Получить список локального контента
local_hashes = await self._get_local_content_hashes()
# Найти новый контент
new_content = {}
for peer_id, content_list in network_content.items():
for content_info in content_list:
content_hash = content_info.get("hash")
if not content_hash:
continue
# Проверить, есть ли у нас этот контент
if content_hash not in local_hashes:
if content_hash not in new_content:
new_content[content_hash] = []
new_content[content_hash].append(peer_id)
return new_content
except Exception as e:
logger.error(f"Error identifying new content: {e}")
return {}
async def _get_local_content_hashes(self) -> Set[str]:
"""Получить множество хешей локального контента."""
try:
async with db_manager.get_session() as session:
stmt = select(Content.md5_hash, Content.sha256_hash).where(Content.is_active == True)
result = await session.execute(stmt)
hashes = set()
for row in result:
if row[0]: # md5_hash
hashes.add(row[0])
if row[1]: # sha256_hash
hashes.add(row[1])
return hashes
except Exception as e:
logger.error(f"Error getting local content hashes: {e}")
return set()
async def get_sync_status(self) -> Dict[str, Any]:
"""Получить статус синхронизации."""
return {
"is_running": self.is_running,
"active_syncs": len(self.active_syncs),
"queue_size": self.sync_queue.qsize(),
"workers_count": len(self.sync_workers),
"recent_syncs": [
sync.to_dict() for sync in self.sync_history[-10:]
],
"current_syncs": {
content_hash: sync.to_dict()
for content_hash, sync in self.active_syncs.items()
}
}
async def get_content_sync_status(self, content_hash: str) -> Dict[str, Any]:
"""Получить статус синхронизации конкретного контента."""
# Проверить активные синхронизации
if content_hash in self.active_syncs:
return self.active_syncs[content_hash].to_dict()
# Проверить историю
for sync in reversed(self.sync_history):
if sync.content_hash == content_hash:
return sync.to_dict()
return {
"content_hash": content_hash,
"status": "not_found",
"message": "No sync information found for this content"
}

486
app/core/network/node_client.py Normal file
View File

@ -0,0 +1,486 @@
"""
Клиент для межузлового общения с ed25519 подписями
"""
import asyncio
import json
import aiohttp
from typing import Dict, Any, Optional, List
from datetime import datetime
from urllib.parse import urljoin
from app.core.crypto import get_ed25519_manager
from app.core.logging import get_logger
logger = get_logger(__name__)
class NodeClient:
"""Клиент для подписанного межузлового общения"""
def __init__(self, timeout: int = 30):
self.timeout = aiohttp.ClientTimeout(total=timeout)
self.session: Optional[aiohttp.ClientSession] = None
async def __aenter__(self):
"""Async context manager entry"""
self.session = aiohttp.ClientSession(timeout=self.timeout)
return self
async def __aexit__(self, exc_type, exc_val, exc_tb):
"""Async context manager exit"""
if self.session:
await self.session.close()
async def _create_signed_request(
self,
action: str,
data: Dict[str, Any],
target_url: str
) -> Dict[str, Any]:
"""
Создать подписанный запрос для межузлового общения
Args:
action: Тип действия (handshake, content_sync, ping, etc.)
data: Данные сообщения
target_url: URL целевой ноды
Returns:
Заголовки и тело запроса
"""
crypto_manager = get_ed25519_manager()
# Создаем сообщение
message = {
"action": action,
"timestamp": datetime.utcnow().isoformat(),
**data
}
# Подписываем сообщение
signature = crypto_manager.sign_message(message)
# Создаем заголовки
headers = {
"Content-Type": "application/json",
"X-Node-Communication": "true",
"X-Node-ID": crypto_manager.node_id,
"X-Node-Public-Key": crypto_manager.public_key_hex,
"X-Node-Signature": signature
}
return {
"headers": headers,
"json": message
}
async def send_handshake(
self,
target_url: str,
our_node_info: Dict[str, Any]
) -> Dict[str, Any]:
"""
Отправить хэндшейк ноде
Args:
target_url: URL целевой ноды (например, "http://node.example.com:8000")
our_node_info: Информация о нашей ноде
Returns:
Ответ от ноды или информация об ошибке
"""
endpoint_url = urljoin(target_url, "/api/node/handshake")
try:
request_data = await self._create_signed_request(
"handshake",
{"node_info": our_node_info},
target_url
)
logger.info(f"Sending handshake to {target_url}")
async with self.session.post(endpoint_url, **request_data) as response:
response_data = await response.json()
if response.status == 200:
logger.info(f"Handshake successful with {target_url}")
return {
"success": True,
"data": response_data,
"node_url": target_url
}
else:
logger.warning(f"Handshake failed with {target_url}: {response.status}")
return {
"success": False,
"error": f"HTTP {response.status}",
"data": response_data,
"node_url": target_url
}
except asyncio.TimeoutError:
logger.warning(f"Handshake timeout with {target_url}")
return {
"success": False,
"error": "timeout",
"node_url": target_url
}
except Exception as e:
logger.error(f"Handshake error with {target_url}: {e}")
return {
"success": False,
"error": str(e),
"node_url": target_url
}
async def send_content_sync(
self,
target_url: str,
sync_type: str,
content_info: Dict[str, Any]
) -> Dict[str, Any]:
"""
Отправить запрос синхронизации контента
Args:
target_url: URL целевой ноды
sync_type: Тип синхронизации (new_content, content_list, content_request)
content_info: Информация о контенте
Returns:
Ответ от ноды
"""
endpoint_url = urljoin(target_url, "/api/node/content/sync")
try:
request_data = await self._create_signed_request(
"content_sync",
{
"sync_type": sync_type,
"content_info": content_info
},
target_url
)
logger.info(f"Sending content sync ({sync_type}) to {target_url}")
async with self.session.post(endpoint_url, **request_data) as response:
response_data = await response.json()
if response.status == 200:
logger.debug(f"Content sync successful with {target_url}")
return {
"success": True,
"data": response_data,
"node_url": target_url
}
else:
logger.warning(f"Content sync failed with {target_url}: {response.status}")
return {
"success": False,
"error": f"HTTP {response.status}",
"data": response_data,
"node_url": target_url
}
except Exception as e:
logger.error(f"Content sync error with {target_url}: {e}")
return {
"success": False,
"error": str(e),
"node_url": target_url
}
async def send_ping(self, target_url: str) -> Dict[str, Any]:
"""
Отправить пинг ноде
Args:
target_url: URL целевой ноды
Returns:
Ответ от ноды (pong)
"""
endpoint_url = urljoin(target_url, "/api/node/network/ping")
try:
request_data = await self._create_signed_request(
"ping",
{"data": {"test": True}},
target_url
)
start_time = datetime.utcnow()
async with self.session.post(endpoint_url, **request_data) as response:
end_time = datetime.utcnow()
duration = (end_time - start_time).total_seconds() * 1000 # ms
response_data = await response.json()
if response.status == 200:
return {
"success": True,
"data": response_data,
"latency_ms": round(duration, 2),
"node_url": target_url
}
else:
return {
"success": False,
"error": f"HTTP {response.status}",
"data": response_data,
"node_url": target_url
}
except Exception as e:
logger.error(f"Ping error with {target_url}: {e}")
return {
"success": False,
"error": str(e),
"node_url": target_url
}
async def get_node_status(self, target_url: str) -> Dict[str, Any]:
"""
Получить статус ноды (GET запрос без подписи)
Args:
target_url: URL целевой ноды
Returns:
Статус ноды
"""
endpoint_url = urljoin(target_url, "/api/node/network/status")
try:
async with self.session.get(endpoint_url) as response:
response_data = await response.json()
if response.status == 200:
return {
"success": True,
"data": response_data,
"node_url": target_url
}
else:
return {
"success": False,
"error": f"HTTP {response.status}",
"data": response_data,
"node_url": target_url
}
except Exception as e:
logger.error(f"Status request error with {target_url}: {e}")
return {
"success": False,
"error": str(e),
"node_url": target_url
}
async def send_discovery(
self,
target_url: str,
known_nodes: List[Dict[str, Any]]
) -> Dict[str, Any]:
"""
Отправить запрос обнаружения нод
Args:
target_url: URL целевой ноды
known_nodes: Список известных нам нод
Returns:
Список нод от целевой ноды
"""
endpoint_url = urljoin(target_url, "/api/node/network/discover")
try:
request_data = await self._create_signed_request(
"discover",
{"known_nodes": known_nodes},
target_url
)
logger.info(f"Sending discovery request to {target_url}")
async with self.session.post(endpoint_url, **request_data) as response:
response_data = await response.json()
if response.status == 200:
logger.debug(f"Discovery successful with {target_url}")
return {
"success": True,
"data": response_data,
"node_url": target_url
}
else:
logger.warning(f"Discovery failed with {target_url}: {response.status}")
return {
"success": False,
"error": f"HTTP {response.status}",
"data": response_data,
"node_url": target_url
}
except Exception as e:
logger.error(f"Discovery error with {target_url}: {e}")
return {
"success": False,
"error": str(e),
"node_url": target_url
}
class NodeNetworkManager:
"""Менеджер для работы с сетью нод"""
def __init__(self):
self.known_nodes: List[str] = []
self.active_nodes: List[str] = []
async def discover_nodes(self, bootstrap_nodes: List[str]) -> List[str]:
"""
Обнаружить ноды в сети через bootstrap ноды
Args:
bootstrap_nodes: Список bootstrap нод для начального подключения
Returns:
Список обнаруженных активных нод
"""
discovered_nodes = set()
async with NodeClient() as client:
# Получить информацию о нашей ноде
crypto_manager = get_ed25519_manager()
our_node_info = {
"node_id": crypto_manager.node_id,
"version": "3.0.0",
"capabilities": [
"content_upload",
"content_sync",
"decentralized_filtering",
"ed25519_signatures"
],
"network_info": {
"public_key": crypto_manager.public_key_hex,
"protocol_version": "1.0"
}
}
# Попробовать подключиться к bootstrap нодам
for node_url in bootstrap_nodes:
try:
# Выполнить хэндшейк
handshake_result = await client.send_handshake(node_url, our_node_info)
if handshake_result["success"]:
discovered_nodes.add(node_url)
# Запросить список известных нод
discovery_result = await client.send_discovery(node_url, list(discovered_nodes))
if discovery_result["success"]:
# Добавить ноды из ответа
known_nodes = discovery_result["data"]["data"]["known_nodes"]
for node_info in known_nodes:
if "url" in node_info:
discovered_nodes.add(node_info["url"])
except Exception as e:
logger.warning(f"Failed to discover through {node_url}: {e}")
self.known_nodes = list(discovered_nodes)
return self.known_nodes
async def check_node_health(self, nodes: List[str]) -> Dict[str, Dict[str, Any]]:
"""
Проверить состояние нод
Args:
nodes: Список нод для проверки
Returns:
Словарь с результатами проверки для каждой ноды
"""
results = {}
async with NodeClient() as client:
# Создаем задачи для параллельной проверки
tasks = []
for node_url in nodes:
task = asyncio.create_task(client.send_ping(node_url))
tasks.append((node_url, task))
# Ждем завершения всех задач
for node_url, task in tasks:
try:
result = await task
results[node_url] = result
except Exception as e:
results[node_url] = {
"success": False,
"error": str(e),
"node_url": node_url
}
# Обновляем список активных нод
self.active_nodes = [
node_url for node_url, result in results.items()
if result.get("success", False)
]
return results
async def broadcast_content(
self,
content_info: Dict[str, Any],
target_nodes: Optional[List[str]] = None
) -> Dict[str, Dict[str, Any]]:
"""
Транслировать информацию о новом контенте всем активным нодам
Args:
content_info: Информация о контенте
target_nodes: Список целевых нод (по умолчанию все активные)
Returns:
Результаты трансляции для каждой ноды
"""
nodes = target_nodes or self.active_nodes
results = {}
async with NodeClient() as client:
# Создаем задачи для параллельной отправки
tasks = []
for node_url in nodes:
task = asyncio.create_task(
client.send_content_sync(node_url, "new_content", content_info)
)
tasks.append((node_url, task))
# Ждем завершения всех задач
for node_url, task in tasks:
try:
result = await task
results[node_url] = result
except Exception as e:
results[node_url] = {
"success": False,
"error": str(e),
"node_url": node_url
}
return results
# Глобальный экземпляр менеджера сети
network_manager = NodeNetworkManager()
async def get_network_manager() -> NodeNetworkManager:
"""Получить глобальный экземпляр менеджера сети"""
return network_manager

598
app/core/security.py Normal file
View File

@ -0,0 +1,598 @@
"""
Comprehensive security module with encryption, JWT tokens, password hashing, and access control.
Provides secure file encryption, token management, and authentication utilities.
"""
import hashlib
import hmac
import secrets
from datetime import datetime, timedelta
from typing import Dict, List, Optional, Any, Union
from uuid import UUID
import bcrypt
import jwt
from cryptography.fernet import Fernet
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
import base64
from app.core.config import get_settings
from app.core.logging import get_logger
logger = get_logger(__name__)
settings = get_settings()
class SecurityManager:
"""Main security manager for encryption, tokens, and authentication."""
def __init__(self):
self.fernet_key = self._get_or_create_fernet_key()
self.fernet = Fernet(self.fernet_key)
def _get_or_create_fernet_key(self) -> bytes:
"""Get or create Fernet encryption key from settings."""
if hasattr(settings, 'ENCRYPTION_KEY') and settings.ENCRYPTION_KEY:
# Derive key from settings
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=settings.SECRET_KEY.encode()[:16],
iterations=100000,
)
key = base64.urlsafe_b64encode(kdf.derive(settings.ENCRYPTION_KEY.encode()))
return key
else:
# Generate random key (for development only)
return Fernet.generate_key()
# Global security manager instance
_security_manager = SecurityManager()
def hash_password(password: str) -> str:
"""
Hash password using bcrypt with salt.
Args:
password: Plain text password
Returns:
str: Hashed password
"""
try:
salt = bcrypt.gensalt(rounds=12)
hashed = bcrypt.hashpw(password.encode('utf-8'), salt)
return hashed.decode('utf-8')
except Exception as e:
logger.error("Failed to hash password", error=str(e))
raise
def verify_password(password: str, hashed_password: str) -> bool:
"""
Verify password against hash.
Args:
password: Plain text password
hashed_password: Bcrypt hashed password
Returns:
bool: True if password matches
"""
try:
return bcrypt.checkpw(password.encode('utf-8'), hashed_password.encode('utf-8'))
except Exception as e:
logger.error("Failed to verify password", error=str(e))
return False
def generate_access_token(
payload: Dict[str, Any],
expires_in: int = 3600,
token_type: str = "access"
) -> str:
"""
Generate JWT access token.
Args:
payload: Token payload data
expires_in: Token expiration time in seconds
token_type: Type of token (access, refresh, api)
Returns:
str: JWT token
"""
try:
# Ensure expires_in is an integer
if isinstance(expires_in, str):
expires_in = int(expires_in)
elif not isinstance(expires_in, int):
expires_in = int(expires_in)
now = datetime.utcnow()
token_payload = {
"iat": now,
"exp": now + timedelta(seconds=expires_in),
"type": token_type,
"jti": secrets.token_urlsafe(16), # Unique token ID
**payload
}
token = jwt.encode(
token_payload,
settings.SECRET_KEY,
algorithm="HS256"
)
logger.debug(
"Access token generated",
token_type=token_type,
expires_in=expires_in,
user_id=payload.get("user_id")
)
return token
except Exception as e:
logger.error("Failed to generate access token", error=str(e))
raise
def verify_access_token(token: str, token_type: str = "access") -> Optional[Dict[str, Any]]:
"""
Verify and decode JWT token.
Args:
token: JWT token string
token_type: Expected token type
Returns:
Optional[Dict]: Decoded payload or None if invalid
"""
try:
payload = jwt.decode(
token,
settings.SECRET_KEY,
algorithms=["HS256"]
)
# Verify token type
if payload.get("type") != token_type:
logger.warning("Token type mismatch", expected=token_type, actual=payload.get("type"))
return None
# Check expiration
if datetime.utcnow() > datetime.fromtimestamp(payload["exp"]):
logger.warning("Token expired", exp=payload["exp"])
return None
return payload
except jwt.ExpiredSignatureError:
logger.warning("Token expired")
return None
except jwt.InvalidTokenError as e:
logger.warning("Invalid token", error=str(e))
return None
except Exception as e:
logger.error("Failed to verify token", error=str(e))
return None
def generate_refresh_token(user_id: UUID, device_id: Optional[str] = None) -> str:
"""
Generate long-lived refresh token.
Args:
user_id: User UUID
device_id: Optional device identifier
Returns:
str: Refresh token
"""
payload = {
"user_id": str(user_id),
"device_id": device_id,
"token_family": secrets.token_urlsafe(16) # For token rotation
}
return generate_access_token(
payload,
expires_in=settings.REFRESH_TOKEN_EXPIRE_DAYS * 24 * 3600,
token_type="refresh"
)
def generate_api_key(
user_id: UUID,
permissions: List[str],
name: str,
expires_in: Optional[int] = None
) -> str:
"""
Generate API key with specific permissions.
Args:
user_id: User UUID
permissions: List of permissions
name: API key name
expires_in: Optional expiration time in seconds
Returns:
str: API key token
"""
payload = {
"user_id": str(user_id),
"permissions": permissions,
"name": name,
"key_id": secrets.token_urlsafe(16)
}
expires = expires_in or (365 * 24 * 3600) # Default 1 year
return generate_access_token(payload, expires_in=expires, token_type="api")
def encrypt_data(data: Union[str, bytes], context: str = "") -> str:
"""
Encrypt data using Fernet symmetric encryption.
Args:
data: Data to encrypt
context: Optional context for additional security
Returns:
str: Base64 encoded encrypted data
"""
try:
if isinstance(data, str):
data = data.encode('utf-8')
# Add context to data for additional security
if context:
data = f"{context}:{len(data)}:".encode('utf-8') + data
encrypted = _security_manager.fernet.encrypt(data)
return base64.urlsafe_b64encode(encrypted).decode('utf-8')
except Exception as e:
logger.error("Failed to encrypt data", error=str(e))
raise
def decrypt_data(encrypted_data: str, context: str = "") -> Union[str, bytes]:
"""
Decrypt data using Fernet symmetric encryption.
Args:
encrypted_data: Base64 encoded encrypted data
context: Optional context for verification
Returns:
Union[str, bytes]: Decrypted data
"""
try:
encrypted_bytes = base64.urlsafe_b64decode(encrypted_data.encode('utf-8'))
decrypted = _security_manager.fernet.decrypt(encrypted_bytes)
# Verify and remove context if provided
if context:
context_prefix = f"{context}:".encode('utf-8')
if not decrypted.startswith(context_prefix):
raise ValueError("Context mismatch during decryption")
# Extract length and data
remaining = decrypted[len(context_prefix):]
length_end = remaining.find(b':')
if length_end == -1:
raise ValueError("Invalid encrypted data format")
expected_length = int(remaining[:length_end].decode('utf-8'))
data = remaining[length_end + 1:]
if len(data) != expected_length:
raise ValueError("Data length mismatch")
return data
return decrypted
except Exception as e:
logger.error("Failed to decrypt data", error=str(e))
raise
def encrypt_file(file_data: bytes, file_id: str) -> bytes:
"""
Encrypt file data with file-specific context.
Args:
file_data: File bytes to encrypt
file_id: Unique file identifier
Returns:
bytes: Encrypted file data
"""
try:
encrypted_str = encrypt_data(file_data, context=f"file:{file_id}")
return base64.urlsafe_b64decode(encrypted_str.encode('utf-8'))
except Exception as e:
logger.error("Failed to encrypt file", file_id=file_id, error=str(e))
raise
def decrypt_file(encrypted_data: bytes, file_id: str) -> bytes:
"""
Decrypt file data with file-specific context.
Args:
encrypted_data: Encrypted file bytes
file_id: Unique file identifier
Returns:
bytes: Decrypted file data
"""
try:
encrypted_str = base64.urlsafe_b64encode(encrypted_data).decode('utf-8')
decrypted = decrypt_data(encrypted_str, context=f"file:{file_id}")
return decrypted if isinstance(decrypted, bytes) else decrypted.encode('utf-8')
except Exception as e:
logger.error("Failed to decrypt file", file_id=file_id, error=str(e))
raise
def generate_secure_filename(original_filename: str, user_id: UUID) -> str:
"""
Generate secure filename to prevent path traversal and collisions.
Args:
original_filename: Original filename
user_id: User UUID
Returns:
str: Secure filename
"""
# Extract extension
parts = original_filename.rsplit('.', 1)
extension = parts[1] if len(parts) > 1 else ''
# Generate secure base name
timestamp = datetime.utcnow().strftime('%Y%m%d_%H%M%S')
random_part = secrets.token_urlsafe(8)
user_hash = hashlib.sha256(str(user_id).encode()).hexdigest()[:8]
secure_name = f"{timestamp}_{user_hash}_{random_part}"
if extension:
# Validate extension
allowed_extensions = {
'txt', 'pdf', 'doc', 'docx', 'xls', 'xlsx', 'ppt', 'pptx',
'jpg', 'jpeg', 'png', 'gif', 'bmp', 'webp', 'svg',
'mp3', 'wav', 'flac', 'ogg', 'mp4', 'avi', 'mkv', 'webm',
'zip', 'rar', '7z', 'tar', 'gz', 'json', 'xml', 'csv'
}
clean_extension = extension.lower().strip()
if clean_extension in allowed_extensions:
secure_name += f".{clean_extension}"
return secure_name
def validate_file_signature(file_data: bytes, claimed_type: str) -> bool:
"""
Validate file signature against claimed MIME type.
Args:
file_data: File bytes to validate
claimed_type: Claimed MIME type
Returns:
bool: True if signature matches type
"""
if len(file_data) < 8:
return False
# File signatures (magic numbers)
signatures = {
'image/jpeg': [b'\xFF\xD8\xFF'],
'image/png': [b'\x89PNG\r\n\x1a\n'],
'image/gif': [b'GIF87a', b'GIF89a'],
'image/webp': [b'RIFF', b'WEBP'],
'application/pdf': [b'%PDF-'],
'application/zip': [b'PK\x03\x04', b'PK\x05\x06', b'PK\x07\x08'],
'audio/mpeg': [b'ID3', b'\xFF\xFB', b'\xFF\xF3', b'\xFF\xF2'],
'video/mp4': [b'\x00\x00\x00\x18ftypmp4', b'\x00\x00\x00\x20ftypmp4'],
'text/plain': [], # Text files don't have reliable signatures
}
expected_sigs = signatures.get(claimed_type, [])
# If no signatures defined, allow (like text files)
if not expected_sigs:
return True
# Check if file starts with any expected signature
file_start = file_data[:32] # Check first 32 bytes
for sig in expected_sigs:
if file_start.startswith(sig):
return True
return False
def generate_csrf_token(user_id: UUID, session_id: str) -> str:
"""
Generate CSRF token for form protection.
Args:
user_id: User UUID
session_id: Session identifier
Returns:
str: CSRF token
"""
timestamp = str(int(datetime.utcnow().timestamp()))
data = f"{user_id}:{session_id}:{timestamp}"
signature = hmac.new(
settings.SECRET_KEY.encode(),
data.encode(),
hashlib.sha256
).hexdigest()
token_data = f"{data}:{signature}"
return base64.urlsafe_b64encode(token_data.encode()).decode()
def verify_csrf_token(token: str, user_id: UUID, session_id: str, max_age: int = 3600) -> bool:
"""
Verify CSRF token.
Args:
token: CSRF token to verify
user_id: User UUID
session_id: Session identifier
max_age: Maximum token age in seconds
Returns:
bool: True if token is valid
"""
try:
token_data = base64.urlsafe_b64decode(token.encode()).decode()
parts = token_data.split(':')
if len(parts) != 4:
return False
token_user_id, token_session_id, timestamp, signature = parts
# Verify components
if token_user_id != str(user_id) or token_session_id != session_id:
return False
# Check age
token_time = int(timestamp)
current_time = int(datetime.utcnow().timestamp())
if current_time - token_time > max_age:
return False
# Verify signature
data = f"{token_user_id}:{token_session_id}:{timestamp}"
expected_signature = hmac.new(
settings.SECRET_KEY.encode(),
data.encode(),
hashlib.sha256
).hexdigest()
return hmac.compare_digest(signature, expected_signature)
except Exception as e:
logger.warning("Failed to verify CSRF token", error=str(e))
return False
def sanitize_input(input_data: str, max_length: int = 1000) -> str:
"""
Sanitize user input to prevent XSS and injection attacks.
Args:
input_data: Input string to sanitize
max_length: Maximum allowed length
Returns:
str: Sanitized input
"""
if not input_data:
return ""
# Truncate if too long
if len(input_data) > max_length:
input_data = input_data[:max_length]
# Remove/escape dangerous characters
dangerous_chars = ['<', '>', '"', "'", '&', '\x00', '\r', '\n']
for char in dangerous_chars:
if char in input_data:
input_data = input_data.replace(char, '')
# Strip whitespace
return input_data.strip()
def check_permission(user_permissions: List[str], required_permission: str) -> bool:
"""
Check if user has required permission.
Args:
user_permissions: List of user permissions
required_permission: Required permission string
Returns:
bool: True if user has permission
"""
# Admin has all permissions
if 'admin' in user_permissions:
return True
# Check exact permission
if required_permission in user_permissions:
return True
# Check wildcard permissions
permission_parts = required_permission.split('.')
for i in range(len(permission_parts)):
wildcard_perm = '.'.join(permission_parts[:i+1]) + '.*'
if wildcard_perm in user_permissions:
return True
return False
def rate_limit_key(identifier: str, action: str, window: str = "default") -> str:
"""
Generate rate limiting key.
Args:
identifier: User/IP identifier
action: Action being rate limited
window: Time window identifier
Returns:
str: Rate limit cache key
"""
key_data = f"rate_limit:{action}:{window}:{identifier}"
return hashlib.sha256(key_data.encode()).hexdigest()
def generate_otp(length: int = 6) -> str:
"""
Generate one-time password.
Args:
length: Length of OTP
Returns:
str: Numeric OTP
"""
return ''.join(secrets.choice('0123456789') for _ in range(length))
def constant_time_compare(a: str, b: str) -> bool:
"""
Constant time string comparison to prevent timing attacks.
Args:
a: First string
b: Second string
Returns:
bool: True if strings are equal
"""
return hmac.compare_digest(a.encode('utf-8'), b.encode('utf-8'))
# --- Added for optional auth compatibility ---
from typing import Optional
try:
# If get_current_user already exists in this module, import it
from app.core.security import get_current_user # type: ignore
except Exception:
# Fallback stub in case the project structure differs; will only be used if referenced directly
def get_current_user():
raise RuntimeError("get_current_user is not available")
def get_current_user_optional() -> Optional[object]:
"""
Return current user if authenticated, otherwise None.
Designed to be used in dependencies for routes that allow anonymous access.
"""
try:
return get_current_user() # type: ignore
except Exception:
return None
# --- End added block ---

173
app/core/stats/gossip_manager.py Normal file
View File

@ -0,0 +1,173 @@
from __future__ import annotations
import asyncio
import logging
import time
from typing import Dict, Any, List, Optional, Tuple, Set
from app.core.crypto import get_ed25519_manager
from app.core.network.node_client import NodeClient
from app.core.models.stats.metrics_models import NodeStats
logger = logging.getLogger(__name__)
class GossipSecurityError(Exception):
pass
class GossipManager:
"""
Gossip протокол для обмена статистикой между нодами.
- Подпись ed25519 всех исходящих сообщений
- Валидация подписи входящих сообщений
- Антиспам: проверка timestamp (±300с), дедуп по nonce, rate limiting
"""
def __init__(self, rate_limit_per_minute: int = 240) -> None:
self._seen_nonces: Set[str] = set()
self._nonce_ttl: Dict[str, float] = {}
self._rate_counters: Dict[str, Tuple[int, float]] = {} # node_id -> (count, window_start)
self._rate_limit = rate_limit_per_minute
self._lock = asyncio.Lock()
async def _prune(self) -> None:
now = time.time()
# очистка старых nonces
stale = [n for n, ts in self._nonce_ttl.items() if now - ts > 600]
for n in stale:
self._nonce_ttl.pop(n, None)
self._seen_nonces.discard(n)
# очистка rate окон
for node_id, (cnt, wnd) in list(self._rate_counters.items()):
if now - wnd > 60:
self._rate_counters.pop(node_id, None)
async def _register_nonce(self, nonce: str) -> bool:
await self._prune()
if nonce in self._seen_nonces:
return False
self._seen_nonces.add(nonce)
self._nonce_ttl[nonce] = time.time()
return True
async def _check_rate(self, node_id: str) -> bool:
now = time.time()
cnt, wnd = self._rate_counters.get(node_id, (0, now))
if now - wnd > 60:
cnt, wnd = 0, now
cnt += 1
self._rate_counters[node_id] = (cnt, wnd)
return cnt <= self._rate_limit
async def broadcast_stats(self, peers: List[str], stats: NodeStats) -> Dict[str, Dict[str, Any]]:
"""
Подписывает и отправляет статистику на список пиров.
Возвращает словарь результатов по нодам.
"""
results: Dict[str, Dict[str, Any]] = {}
crypto = get_ed25519_manager()
signed_payload = stats.to_dict(include_signature=False)
# canonical signing
signature = crypto.sign_message(NodeStats.canonical_payload(signed_payload))
signed_payload["signature"] = signature
async with NodeClient() as client:
tasks: List[Tuple[str, asyncio.Task]] = []
for url in peers:
# POST /api/node/stats/report — уже реализованный маршрут приемника
task = asyncio.create_task(self._post_signed_report(client, url, signed_payload))
tasks.append((url, task))
for url, t in tasks:
try:
results[url] = await t
except Exception as e:
logger.exception("broadcast_stats error to %s: %s", url, e)
results[url] = {"success": False, "error": str(e)}
return results
async def _post_signed_report(self, client: NodeClient, target_url: str, payload: Dict[str, Any]) -> Dict[str, Any]:
"""
Использует NodeClient для отправки подписанного запроса на /api/node/stats/report.
"""
from urllib.parse import urljoin # локальный импорт чтобы не тянуть наверх
endpoint = urljoin(target_url, "/api/node/stats/report")
# NodeClient формирует заголовки/подпись через _create_signed_request,
# но мы уже подписали тело, поэтому вложим его как data.metrics.
# Обернем в совместимый формат NodeStatsReport.
body = {
"action": "stats_report",
"reporter_node_id": payload["node_id"],
"reporter_public_key": payload["public_key"],
"timestamp": payload["timestamp"],
"metrics": payload, # целиком вложим NodeStats как metrics
"signature": payload.get("signature"),
}
req = await client._create_signed_request("stats_report", body, target_url) # noqa: protected access by design
try:
async with client.session.post(endpoint, **req) as resp:
data = await resp.json()
return {"success": resp.status == 200, "status": resp.status, "data": data}
except Exception as e:
logger.warning("Failed to send stats to %s: %s", target_url, e)
return {"success": False, "error": str(e)}
async def receive_stats(self, incoming: Dict[str, Any]) -> NodeStats:
"""
Прием и валидация входящей статистики от другой ноды.
Возвращает десериализованный NodeStats при успехе, иначе бросает GossipSecurityError.
expected format: NodeStats dict (с signature)
"""
crypto = get_ed25519_manager()
try:
# базовые проверки
for key in ("node_id", "public_key", "timestamp", "nonce", "system", "app"):
if key not in incoming:
raise GossipSecurityError(f"Missing field: {key}")
# timestamp window
now = int(time.time())
if abs(now - int(incoming["timestamp"])) > 300:
raise GossipSecurityError("Timestamp out of window")
# nonce dedup
async with self._lock:
if not await self._register_nonce(str(incoming["nonce"])):
raise GossipSecurityError("Duplicate nonce")
# rate limit per source
async with self._lock:
if not await self._check_rate(str(incoming["node_id"])):
raise GossipSecurityError("Rate limit exceeded")
# verify signature
signature = incoming.get("signature")
if not signature:
raise GossipSecurityError("Missing signature")
if not crypto.verify_signature(NodeStats.canonical_payload(incoming), signature, incoming["public_key"]):
raise GossipSecurityError("Invalid signature")
return NodeStats.from_dict(incoming)
except GossipSecurityError:
raise
except Exception as e:
logger.exception("receive_stats validation error: %s", e)
raise GossipSecurityError(str(e))
async def sync_with_peers(self, peers: List[str], get_local_stats_cb) -> Dict[str, Dict[str, Any]]:
"""
Выполняет сбор локальной статистики через callback и рассылает ее всем пирам.
get_local_stats_cb: async () -> NodeStats
"""
try:
local_stats: NodeStats = await get_local_stats_cb()
except Exception as e:
logger.exception("sync_with_peers: failed to get local stats: %s", e)
return {"error": {"success": False, "error": "local_stats_failure", "detail": str(e)}}
return await self.broadcast_stats(peers, local_stats)

194
app/core/stats/metrics_collector.py Normal file
View File

@ -0,0 +1,194 @@
from __future__ import annotations
import asyncio
import logging
import os
import time
from typing import Optional, Tuple
from app.core.models.stats.metrics_models import SystemMetrics, AppMetrics
logger = logging.getLogger(__name__)
def _try_import_psutil():
try:
import psutil # type: ignore
return psutil
except Exception as e:
logger.warning("psutil not available, system metrics will be limited: %s", e)
return None
class MetricsCollector:
"""
Сборщик внутренних метрик:
- System: CPU, RAM, Disk, IO, Network
- App: conversions, requests, errors, slow ops, latency
Хранит только последнюю сессию счетчиков (агрегация истории выполняется в StatsAggregator).
"""
def __init__(self) -> None:
self._psutil = _try_import_psutil()
# App counters
self._total_conversions = 0
self._total_requests = 0
self._total_errors = 0
self._slow_ops_count = 0
# Latency rolling values (экспоненциальная сглаженная средняя для p95/p99 — упрощённо)
self._avg_response_ms: Optional[float] = None
self._p95_response_ms: Optional[float] = None
self._p99_response_ms: Optional[float] = None
# Previous snapshots for rate calculations
self._last_disk_io: Optional[Tuple[int, int, float]] = None # (read_bytes, write_bytes, ts)
self._last_net_io: Optional[Tuple[int, int, float]] = None # (bytes_sent, bytes_recv, ts)
# Uptime
try:
self._start_ts = int(os.getenv("NODE_START_TS", str(int(time.time()))))
except Exception:
self._start_ts = int(time.time())
# Async lock to protect counters
self._lock = asyncio.Lock()
async def collect_system_metrics(self) -> SystemMetrics:
ps = self._psutil
now = time.time()
cpu_percent = None
load1 = load5 = load15 = None
mem_total = mem_used = mem_available = mem_percent = None
disk_total = disk_used = disk_free = disk_percent = None
io_read_mb_s = io_write_mb_s = None
net_sent_kb_s = net_recv_kb_s = None
try:
if ps:
# CPU
cpu_percent = float(ps.cpu_percent(interval=None))
try:
load1, load5, load15 = ps.getloadavg() if hasattr(ps, "getloadavg") else os.getloadavg() # type: ignore
except Exception:
load1 = load5 = load15 = None
# Memory
vm = ps.virtual_memory()
mem_total = round(vm.total / (1024 * 1024), 2)
mem_used = round(vm.used / (1024 * 1024), 2)
mem_available = round(vm.available / (1024 * 1024), 2)
mem_percent = float(vm.percent)
# Disk
du = ps.disk_usage("/")
disk_total = round(du.total / (1024 * 1024), 2)
disk_used = round(du.used / (1024 * 1024), 2)
disk_free = round(du.free / (1024 * 1024), 2)
disk_percent = float(du.percent)
# IO rates
try:
dio = ps.disk_io_counters()
if dio and self._last_disk_io:
last_read, last_write, last_ts = self._last_disk_io
dt = max(now - last_ts, 1e-6)
io_read_mb_s = round((max(dio.read_bytes - last_read, 0) / (1024 * 1024)) / dt, 3)
io_write_mb_s = round((max(dio.write_bytes - last_write, 0) / (1024 * 1024)) / dt, 3)
self._last_disk_io = (dio.read_bytes, dio.write_bytes, now) if dio else self._last_disk_io
except Exception:
io_read_mb_s = io_write_mb_s = None
# NET rates
try:
nio = ps.net_io_counters()
if nio and self._last_net_io:
last_sent, last_recv, last_ts = self._last_net_io
dt = max(now - last_ts, 1e-6)
net_sent_kb_s = round((max(nio.bytes_sent - last_sent, 0) / 1024) / dt, 3)
net_recv_kb_s = round((max(nio.bytes_recv - last_recv, 0) / 1024) / dt, 3)
self._last_net_io = (nio.bytes_sent, nio.bytes_recv, now) if nio else self._last_net_io
except Exception:
net_sent_kb_s = net_recv_kb_s = None
except Exception as e:
logger.exception("collect_system_metrics error: %s", e)
return SystemMetrics(
cpu_percent=cpu_percent,
cpu_load_avg_1m=load1,
cpu_load_avg_5m=load5,
cpu_load_avg_15m=load15,
mem_total_mb=mem_total,
mem_used_mb=mem_used,
mem_available_mb=mem_available,
mem_percent=mem_percent,
disk_total_mb=disk_total,
disk_used_mb=disk_used,
disk_free_mb=disk_free,
disk_percent=disk_percent,
io_read_mb_s=io_read_mb_s,
io_write_mb_s=io_write_mb_s,
net_sent_kb_s=net_sent_kb_s,
net_recv_kb_s=net_recv_kb_s,
uptime_seconds=int(time.time()) - self._start_ts,
)
async def collect_app_metrics(self) -> AppMetrics:
# Снимок текущих счетчиков; агрегирование распределено в StatsAggregator
async with self._lock:
return AppMetrics(
total_conversions=self._total_conversions,
total_requests=self._total_requests,
total_errors=self._total_errors,
slow_ops_count=self._slow_ops_count,
avg_response_ms=self._avg_response_ms,
p95_response_ms=self._p95_response_ms,
p99_response_ms=self._p99_response_ms,
details={}, # можно расширить деталями модулей
)
async def get_current_stats(self) -> Tuple[SystemMetrics, AppMetrics]:
sysm = await self.collect_system_metrics()
appm = await self.collect_app_metrics()
return sysm, appm
# Hooks to update app metrics
async def inc_conversions(self, n: int = 1) -> None:
async with self._lock:
self._total_conversions += n
async def inc_requests(self, n: int = 1) -> None:
async with self._lock:
self._total_requests += n
async def inc_errors(self, n: int = 1) -> None:
async with self._lock:
self._total_errors += n
async def inc_slow_ops(self, n: int = 1) -> None:
async with self._lock:
self._slow_ops_count += n
async def observe_latency_ms(self, value_ms: float) -> None:
"""
Простая статистика латентности:
- EMA для avg
- аппроксимация p95/p99 по взвешенному максимуму (упрощённо, без HDR Histogram)
"""
async with self._lock:
alpha = 0.1
if self._avg_response_ms is None:
self._avg_response_ms = value_ms
else:
self._avg_response_ms = (1 - alpha) * self._avg_response_ms + alpha * value_ms
# Простая аппроксимация квантили при помощи EMA "максимума"
def ema_max(current: Optional[float], x: float, beta: float) -> float:
return x if current is None else max((1 - beta) * current, x)
self._p95_response_ms = ema_max(self._p95_response_ms, value_ms, beta=0.05)
self._p99_response_ms = ema_max(self._p99_response_ms, value_ms, beta=0.01)

198
app/core/stats/stats_aggregator.py Normal file
View File

@ -0,0 +1,198 @@
from __future__ import annotations
import asyncio
import logging
import statistics
import time
from collections import deque, defaultdict
from typing import Deque, Dict, Any, Optional, List, Tuple
from app.core.models.stats.metrics_models import SystemMetrics, AppMetrics, NodeStats, NetworkStats
from app.core.crypto import get_ed25519_manager
logger = logging.getLogger(__name__)
class StatsAggregator:
"""
Агрегатор статистики:
- хранит историю локальных метрик и входящих метрик от других нод (in-memory, ring buffer)
- вычисляет агрегаты и тренды
- предоставляет network overview
"""
def __init__(self, history_limit: int = 1000) -> None:
self._history_limit = history_limit
# История локальной ноды: deque[(ts, NodeStats)]
self._local_history: Deque[Tuple[int, NodeStats]] = deque(maxlen=history_limit)
# История по нодам сети: node_id -> deque[(ts, NodeStats)]
self._peers_history: Dict[str, Deque[Tuple[int, NodeStats]]] = defaultdict(lambda: deque(maxlen=history_limit))
# Кеш последнего слепка по нодам
self._last_by_node: Dict[str, NodeStats] = {}
# Список известных пиров (URL) - поддержка network overview
self._known_peers: List[str] = []
self._lock = asyncio.Lock()
async def set_known_peers(self, peers: List[str]) -> None:
async with self._lock:
self._known_peers = list(sorted(set(peers)))
async def add_local_snapshot(self, stats: NodeStats) -> None:
async with self._lock:
ts = stats.timestamp
self._local_history.append((ts, stats))
self._last_by_node[stats.node_id] = stats
async def add_peer_snapshot(self, stats: NodeStats) -> None:
async with self._lock:
ts = stats.timestamp
dq = self._peers_history[stats.node_id]
dq.append((ts, stats))
self._last_by_node[stats.node_id] = stats
async def get_latest_local(self) -> Optional[NodeStats]:
async with self._lock:
return self._local_history[-1][1] if self._local_history else None
async def aggregate_node_stats(self, node_id: Optional[str] = None, last_n: int = 20) -> Dict[str, Any]:
"""
Возвращает агрегаты для указанной ноды (по умолчанию локальная).
"""
async with self._lock:
if node_id is None:
series = list(self._local_history)[-last_n:]
else:
series = list(self._peers_history.get(node_id, deque()))[-last_n:]
if not series:
return {"samples": 0}
# агрегаты по cpu/mem
cpu = [s.system.cpu_percent for _, s in series if s.system.cpu_percent is not None]
mem = [s.system.mem_percent for _, s in series if s.system.mem_percent is not None]
res = {
"samples": len(series),
"time_span_sec": (series[-1][0] - series[0][0]) if len(series) > 1 else 0,
"cpu": {
"avg": round(statistics.fmean(cpu), 3) if cpu else None,
"max": round(max(cpu), 3) if cpu else None,
"min": round(min(cpu), 3) if cpu else None,
},
"mem": {
"avg": round(statistics.fmean(mem), 3) if mem else None,
"max": round(max(mem), 3) if mem else None,
"min": round(min(mem), 3) if mem else None,
},
}
return res
async def get_network_overview(self) -> NetworkStats:
"""
Сводка по сети с использованием последних значений по всем известным нодам.
"""
async with self._lock:
nodes = list(self._last_by_node.values())
node_count = len(nodes)
active_nodes = sum(1 for n in nodes if (int(time.time()) - n.timestamp) <= 300)
uptimes = [n.system.uptime_seconds for n in nodes if n.system.uptime_seconds is not None]
cpus = [n.system.cpu_percent for n in nodes if n.system.cpu_percent is not None]
mems = [n.system.mem_percent for n in nodes if n.system.mem_percent is not None]
avg_uptime = round(statistics.fmean(uptimes), 3) if uptimes else None
avg_cpu = round(statistics.fmean(cpus), 3) if cpus else None
avg_mem = round(statistics.fmean(mems), 3) if mems else None
# Простейшая метрика "здоровья" сети: 100 - avg_cpu/avg_mem penalty
health_score = None
if avg_cpu is not None and avg_mem is not None:
penalty = (avg_cpu / 2.0) + (avg_mem / 2.0) # 0..200
health_score = max(0.0, 100.0 - min(100.0, penalty))
nodes_summary: List[Dict[str, Any]] = []
for n in nodes:
nodes_summary.append({
"node_id": n.node_id,
"uptime": n.system.uptime_seconds,
"cpu": n.system.cpu_percent,
"mem": n.system.mem_percent,
"available_content_items": n.available_content_items,
"timestamp": n.timestamp,
})
# latency/total_available_content пока не вычисляем здесь, можно обновить из внешних сигналов
return NetworkStats(
node_count=node_count,
active_nodes=active_nodes,
avg_uptime_seconds=avg_uptime,
avg_cpu_percent=avg_cpu,
avg_mem_percent=avg_mem,
avg_latency_ms=None,
total_available_content=sum((n.available_content_items or 0) for n in nodes) if nodes else None,
health_score=health_score,
nodes=nodes_summary,
)
async def calculate_trends(self, node_id: Optional[str] = None, window: int = 60) -> Dict[str, Any]:
"""
Грубая оценка тренда по cpu/mem: сравнение первых и последних значений окна.
"""
async with self._lock:
series = list(self._local_history if node_id is None else self._peers_history.get(node_id, deque()))
if not series:
return {}
# берем последние window секунд данных
cutoff = int(time.time()) - window
window_series = [s for s in series if s[0] >= cutoff]
if len(window_series) < 2:
return {"samples": len(window_series)}
first = window_series[0][1]
last = window_series[-1][1]
def delta(a: Optional[float], b: Optional[float]) -> Optional[float]:
if a is None or b is None:
return None
return round(b - a, 3)
trend = {
"samples": len(window_series),
"cpu_percent_delta": delta(first.system.cpu_percent, last.system.cpu_percent),
"mem_percent_delta": delta(first.system.mem_percent, last.system.mem_percent),
}
return trend
async def build_local_signed_stats(self) -> NodeStats:
"""
Собирает последний локальный слепок и подписывает.
"""
async with self._lock:
latest = self._local_history[-1][1] if self._local_history else None
if not latest:
raise RuntimeError("No local stats available")
crypto = get_ed25519_manager()
payload = latest.to_dict(include_signature=False)
signature = crypto.sign_message(NodeStats.canonical_payload(payload))
latest.signature = signature
return latest
# Вспомогательные методы для тестов/диагностики
async def list_known_peers(self) -> List[str]:
async with self._lock:
return list(self._known_peers)
async def last_by_node(self) -> Dict[str, NodeStats]:
async with self._lock:
return dict(self._last_by_node)

601
app/core/storage.py
View File

@ -1,45 +1,574 @@
import time
from contextlib import contextmanager
"""
Comprehensive storage management with chunked uploads, multiple backends, and security.
Supports local storage, S3-compatible storage, and async operations with Redis caching.
"""
from sqlalchemy import create_engine
from sqlalchemy.orm import sessionmaker
from sqlalchemy.sql import text
import asyncio
import hashlib
import mimetypes
import os
from datetime import datetime, timedelta
from pathlib import Path
from typing import Dict, List, Optional, AsyncGenerator, Any, Tuple
from uuid import UUID, uuid4
from app.core._config import MYSQL_URI, MYSQL_DATABASE
from app.core.logger import make_log
from sqlalchemy.pool import NullPool
import aiofiles
import aiofiles.os
from sqlalchemy import select, update
from sqlalchemy.orm import selectinload
engine = create_engine(MYSQL_URI, poolclass=NullPool) #, echo=True)
Session = sessionmaker(bind=engine)
from app.core.config import get_settings
from app.core.database import db_manager, get_cache_manager
from app.core.logging import get_logger
from app.core.models.content_models import Content, ContentChunk
from app.core.security import encrypt_file, decrypt_file, generate_access_token
logger = get_logger(__name__)
settings = get_settings()
database_initialized = False
while not database_initialized:
try:
with Session() as session:
databases_list = session.execute(text("SHOW DATABASES;"))
databases_list = [row[0] for row in databases_list]
make_log("SQL", 'Database list: ' + str(databases_list), level='debug')
assert MYSQL_DATABASE in databases_list, 'Database not found'
database_initialized = True
except Exception as e:
make_log("SQL", 'MariaDB is not ready yet: ' + str(e), level='debug')
time.sleep(1)
class StorageBackend:
"""Abstract base class for storage backends."""
async def store_chunk(self, upload_id: UUID, chunk_index: int, data: bytes) -> str:
"""Store a file chunk and return its identifier."""
raise NotImplementedError
async def retrieve_chunk(self, chunk_id: str) -> bytes:
"""Retrieve a file chunk by its identifier."""
raise NotImplementedError
async def delete_chunk(self, chunk_id: str) -> bool:
"""Delete a file chunk."""
raise NotImplementedError
async def assemble_file(self, upload_id: UUID, chunks: List[str]) -> str:
"""Assemble chunks into final file and return file path."""
raise NotImplementedError
async def delete_file(self, file_path: str) -> bool:
"""Delete a complete file."""
raise NotImplementedError
async def get_file_stream(self, file_path: str) -> AsyncGenerator[bytes, None]:
"""Get async file stream for download."""
raise NotImplementedError
engine = create_engine(f"{MYSQL_URI}/{MYSQL_DATABASE}", poolclass=NullPool)
Session = sessionmaker(bind=engine)
class LocalStorageBackend(StorageBackend):
"""Local filesystem storage backend with encryption support."""
def __init__(self):
self.base_path = Path(settings.STORAGE_PATH)
self.chunks_path = self.base_path / "chunks"
self.files_path = self.base_path / "files"
# Create directories if they don't exist
self.chunks_path.mkdir(parents=True, exist_ok=True)
self.files_path.mkdir(parents=True, exist_ok=True)
async def store_chunk(self, upload_id: UUID, chunk_index: int, data: bytes) -> str:
"""Store chunk to local filesystem with optional encryption."""
try:
chunk_id = f"{upload_id}_{chunk_index:06d}"
chunk_path = self.chunks_path / f"{chunk_id}.chunk"
# Encrypt chunk if encryption is enabled
if settings.ENCRYPT_FILES:
data = encrypt_file(data, str(upload_id))
async with aiofiles.open(chunk_path, 'wb') as f:
await f.write(data)
await logger.adebug(
"Chunk stored successfully",
upload_id=str(upload_id),
chunk_index=chunk_index,
chunk_size=len(data)
)
return chunk_id
except Exception as e:
await logger.aerror(
"Failed to store chunk",
upload_id=str(upload_id),
chunk_index=chunk_index,
error=str(e)
)
raise
async def retrieve_chunk(self, chunk_id: str) -> bytes:
"""Retrieve and optionally decrypt chunk from local filesystem."""
try:
chunk_path = self.chunks_path / f"{chunk_id}.chunk"
if not chunk_path.exists():
raise FileNotFoundError(f"Chunk {chunk_id} not found")
async with aiofiles.open(chunk_path, 'rb') as f:
data = await f.read()
# Decrypt chunk if encryption is enabled
if settings.ENCRYPT_FILES:
upload_id = chunk_id.split('_')[0]
data = decrypt_file(data, upload_id)
return data
except Exception as e:
await logger.aerror("Failed to retrieve chunk", chunk_id=chunk_id, error=str(e))
raise
async def delete_chunk(self, chunk_id: str) -> bool:
"""Delete chunk file from local filesystem."""
try:
chunk_path = self.chunks_path / f"{chunk_id}.chunk"
if chunk_path.exists():
await aiofiles.os.remove(chunk_path)
return True
return False
except Exception as e:
await logger.aerror("Failed to delete chunk", chunk_id=chunk_id, error=str(e))
return False
async def assemble_file(self, upload_id: UUID, chunks: List[str]) -> str:
"""Assemble chunks into final file."""
try:
file_id = str(uuid4())
file_path = self.files_path / f"{file_id}"
async with aiofiles.open(file_path, 'wb') as output_file:
for chunk_id in chunks:
chunk_data = await self.retrieve_chunk(chunk_id)
await output_file.write(chunk_data)
# Clean up chunks after assembly
for chunk_id in chunks:
await self.delete_chunk(chunk_id)
await logger.ainfo(
"File assembled successfully",
upload_id=str(upload_id),
file_path=str(file_path),
chunks_count=len(chunks)
)
return str(file_path)
except Exception as e:
await logger.aerror(
"Failed to assemble file",
upload_id=str(upload_id),
error=str(e)
)
raise
async def delete_file(self, file_path: str) -> bool:
"""Delete file from local filesystem."""
try:
path = Path(file_path)
if path.exists() and path.is_file():
await aiofiles.os.remove(path)
return True
return False
except Exception as e:
await logger.aerror("Failed to delete file", file_path=file_path, error=str(e))
return False
async def get_file_stream(self, file_path: str) -> AsyncGenerator[bytes, None]:
"""Stream file content for download."""
try:
path = Path(file_path)
if not path.exists():
raise FileNotFoundError(f"File {file_path} not found")
async with aiofiles.open(path, 'rb') as f:
while True:
chunk = await f.read(65536) # 64KB chunks
if not chunk:
break
yield chunk
except Exception as e:
await logger.aerror("Failed to stream file", file_path=file_path, error=str(e))
raise
class StorageManager:
"""Main storage manager with upload session management and caching."""
def __init__(self):
self.backend = LocalStorageBackend() # Can be extended to support S3, etc.
self.cache_manager = get_cache_manager()
async def create_upload_session(self, content_id: UUID, total_size: int) -> Dict[str, Any]:
"""Create new upload session with chunked upload support."""
try:
upload_id = uuid4()
session_data = {
"upload_id": str(upload_id),
"content_id": str(content_id),
"total_size": total_size,
"chunk_size": settings.CHUNK_SIZE,
"total_chunks": (total_size + settings.CHUNK_SIZE - 1) // settings.CHUNK_SIZE,
"uploaded_chunks": [],
"created_at": datetime.utcnow().isoformat(),
"expires_at": (datetime.utcnow() + timedelta(hours=24)).isoformat(),
"status": "active"
}
# Store session in cache
session_key = f"upload_session:{upload_id}"
await self.cache_manager.set(session_key, session_data, ttl=86400) # 24 hours
# Store in database for persistence
async with db_manager.get_session() as session:
upload_session = ContentUploadSession(
id=upload_id,
content_id=content_id,
total_size=total_size,
chunk_size=settings.CHUNK_SIZE,
total_chunks=session_data["total_chunks"],
expires_at=datetime.fromisoformat(session_data["expires_at"])
)
session.add(upload_session)
await session.commit()
await logger.ainfo(
"Upload session created",
upload_id=str(upload_id),
content_id=str(content_id),
total_size=total_size
)
return {
"upload_id": str(upload_id),
"chunk_size": settings.CHUNK_SIZE,
"total_chunks": session_data["total_chunks"],
"upload_url": f"/api/v1/storage/upload/{upload_id}",
"expires_at": session_data["expires_at"]
}
except Exception as e:
await logger.aerror(
"Failed to create upload session",
content_id=str(content_id),
error=str(e)
)
raise
async def upload_chunk(
self,
upload_id: UUID,
chunk_index: int,
chunk_data: bytes,
chunk_hash: str
) -> Dict[str, Any]:
"""Upload and validate a file chunk."""
try:
# Verify chunk hash
calculated_hash = hashlib.sha256(chunk_data).hexdigest()
if calculated_hash != chunk_hash:
raise ValueError("Chunk hash mismatch")
# Get upload session
session_data = await self._get_upload_session(upload_id)
if not session_data:
raise ValueError("Upload session not found or expired")
# Check if chunk already uploaded
if chunk_index in session_data.get("uploaded_chunks", []):
return {"status": "already_uploaded", "chunk_index": chunk_index}
# Store chunk
chunk_id = await self.backend.store_chunk(upload_id, chunk_index, chunk_data)
# Update session data
session_data["uploaded_chunks"].append(chunk_index)
session_data["uploaded_chunks"].sort()
session_key = f"upload_session:{upload_id}"
await self.cache_manager.set(session_key, session_data, ttl=86400)
# Store chunk info in database
async with db_manager.get_session() as session:
chunk_record = ContentChunk(
upload_id=upload_id,
chunk_index=chunk_index,
chunk_id=chunk_id,
chunk_hash=chunk_hash,
chunk_size=len(chunk_data)
)
session.add(chunk_record)
await session.commit()
await logger.adebug(
"Chunk uploaded successfully",
upload_id=str(upload_id),
chunk_index=chunk_index,
chunk_size=len(chunk_data)
)
return {
"status": "uploaded",
"chunk_index": chunk_index,
"uploaded_chunks": len(session_data["uploaded_chunks"]),
"total_chunks": session_data["total_chunks"]
}
except Exception as e:
await logger.aerror(
"Failed to upload chunk",
upload_id=str(upload_id),
chunk_index=chunk_index,
error=str(e)
)
raise
async def finalize_upload(self, upload_id: UUID) -> Dict[str, Any]:
"""Finalize upload by assembling chunks into final file."""
try:
# Get upload session
session_data = await self._get_upload_session(upload_id)
if not session_data:
raise ValueError("Upload session not found")
# Verify all chunks are uploaded
uploaded_chunks = session_data.get("uploaded_chunks", [])
total_chunks = session_data["total_chunks"]
if len(uploaded_chunks) != total_chunks:
missing_chunks = set(range(total_chunks)) - set(uploaded_chunks)
raise ValueError(f"Missing chunks: {missing_chunks}")
# Get chunk IDs in order
async with db_manager.get_session() as session:
stmt = (
select(ContentChunk)
.where(ContentChunk.upload_id == upload_id)
.order_by(ContentChunk.chunk_index)
)
result = await session.execute(stmt)
chunks = result.scalars().all()
chunk_ids = [chunk.chunk_id for chunk in chunks]
# Assemble file
file_path = await self.backend.assemble_file(upload_id, chunk_ids)
# Update content record
async with db_manager.get_session() as session:
stmt = (
update(Content)
.where(Content.id == UUID(session_data["content_id"]))
.values(
file_path=file_path,
status="completed",
updated_at=datetime.utcnow()
)
)
await session.execute(stmt)
await session.commit()
# Clean up session
session_key = f"upload_session:{upload_id}"
await self.cache_manager.delete(session_key)
await logger.ainfo(
"Upload finalized successfully",
upload_id=str(upload_id),
file_path=file_path,
total_chunks=total_chunks
)
return {
"status": "completed",
"file_path": file_path,
"content_id": session_data["content_id"]
}
except Exception as e:
await logger.aerror(
"Failed to finalize upload",
upload_id=str(upload_id),
error=str(e)
)
raise
async def get_file_stream(self, file_path: str) -> AsyncGenerator[bytes, None]:
"""Get file stream for download with caching support."""
try:
# Check if file is cached
cache_key = f"file_stream:{hashlib.md5(file_path.encode()).hexdigest()}"
async for chunk in self.backend.get_file_stream(file_path):
yield chunk
except Exception as e:
await logger.aerror("Failed to get file stream", file_path=file_path, error=str(e))
raise
async def delete_content_files(self, content_id: UUID) -> bool:
"""Delete all files associated with content."""
try:
async with db_manager.get_session() as session:
# Get content
stmt = select(Content).where(Content.id == content_id)
result = await session.execute(stmt)
content = result.scalar_one_or_none()
if not content or not content.file_path:
return True
# Delete main file
await self.backend.delete_file(content.file_path)
# Delete any remaining chunks
chunk_stmt = select(ContentChunk).where(
ContentChunk.upload_id == content_id
)
chunk_result = await session.execute(chunk_stmt)
chunks = chunk_result.scalars().all()
for chunk in chunks:
await self.backend.delete_chunk(chunk.chunk_id)
# Update content record
update_stmt = (
update(Content)
.where(Content.id == content_id)
.values(file_path=None, status="deleted")
)
await session.execute(update_stmt)
await session.commit()
await logger.ainfo(
"Content files deleted",
content_id=str(content_id)
)
return True
except Exception as e:
await logger.aerror(
"Failed to delete content files",
content_id=str(content_id),
error=str(e)
)
return False
async def get_storage_stats(self) -> Dict[str, Any]:
"""Get storage usage statistics."""
try:
async with db_manager.get_session() as session:
# Get total files and size
from sqlalchemy import func
stmt = select(
func.count(Content.id).label('total_files'),
func.sum(Content.file_size).label('total_size')
).where(Content.status == 'completed')
result = await session.execute(stmt)
stats = result.first()
# Get storage by type
type_stmt = select(
Content.content_type,
func.count(Content.id).label('count'),
func.sum(Content.file_size).label('size')
).where(Content.status == 'completed').group_by(Content.content_type)
type_result = await session.execute(type_stmt)
type_stats = {
row.content_type: {
'count': row.count,
'size': row.size or 0
}
for row in type_result
}
return {
'total_files': stats.total_files or 0,
'total_size': stats.total_size or 0,
'by_type': type_stats,
'updated_at': datetime.utcnow().isoformat()
}
except Exception as e:
await logger.aerror("Failed to get storage stats", error=str(e))
return {}
async def _get_upload_session(self, upload_id: UUID) -> Optional[Dict[str, Any]]:
"""Get upload session from cache or database."""
# Try cache first
session_key = f"upload_session:{upload_id}"
session_data = await self.cache_manager.get(session_key)
if session_data:
# Check if session is expired
expires_at = datetime.fromisoformat(session_data["expires_at"])
if expires_at > datetime.utcnow():
return session_data
# Fallback to database
try:
async with db_manager.get_session() as session:
stmt = (
select(ContentUploadSession)
.where(ContentUploadSession.id == upload_id)
)
result = await session.execute(stmt)
upload_session = result.scalar_one_or_none()
if upload_session and upload_session.expires_at > datetime.utcnow():
# Rebuild session data
chunk_stmt = select(ContentChunk).where(
ContentChunk.upload_id == upload_id
)
chunk_result = await session.execute(chunk_stmt)
chunks = chunk_result.scalars().all()
session_data = {
"upload_id": str(upload_session.id),
"content_id": str(upload_session.content_id),
"total_size": upload_session.total_size,
"chunk_size": upload_session.chunk_size,
"total_chunks": upload_session.total_chunks,
"uploaded_chunks": [chunk.chunk_index for chunk in chunks],
"created_at": upload_session.created_at.isoformat(),
"expires_at": upload_session.expires_at.isoformat(),
"status": "active"
}
# Update cache
await self.cache_manager.set(session_key, session_data, ttl=86400)
return session_data
except Exception as e:
await logger.aerror(
"Failed to get upload session from database",
upload_id=str(upload_id),
error=str(e)
)
return None
@contextmanager
def db_session(auto_commit=False):
_session = Session()
try:
yield _session
if auto_commit is True:
_session.commit()
except BaseException as e:
_session.rollback()
raise e
finally:
_session.close()
# Additional model for upload sessions
from app.core.models.base import BaseModel
from sqlalchemy import Column, Integer, DateTime, String
class ContentUploadSession(BaseModel):
"""Model for tracking upload sessions."""
__tablename__ = "content_upload_sessions"
content_id = Column("content_id", String(36), nullable=False)
total_size = Column(Integer, nullable=False)
chunk_size = Column(Integer, nullable=False, default=1048576) # 1MB
total_chunks = Column(Integer, nullable=False)
expires_at = Column(DateTime, nullable=False)
completed_at = Column(DateTime, nullable=True)

372
app/core/validation.py Normal file
View File

@ -0,0 +1,372 @@
"""
Comprehensive validation schemas using Pydantic for request/response validation.
Provides type safety, data validation, and automatic documentation generation.
"""
from datetime import datetime
from typing import Dict, List, Optional, Any, Union
from uuid import UUID
from enum import Enum
from pydantic import BaseModel, Field, validator, model_validator
from pydantic.networks import EmailStr, HttpUrl
class ContentTypeEnum(str, Enum):
"""Supported content types."""
AUDIO = "audio"
VIDEO = "video"
IMAGE = "image"
DOCUMENT = "document"
ARCHIVE = "archive"
OTHER = "other"
class VisibilityEnum(str, Enum):
"""Content visibility levels."""
PUBLIC = "public"
PRIVATE = "private"
UNLISTED = "unlisted"
RESTRICTED = "restricted"
class StatusEnum(str, Enum):
"""Content processing status."""
PENDING = "pending"
PROCESSING = "processing"
COMPLETED = "completed"
FAILED = "failed"
DELETED = "deleted"
class PermissionEnum(str, Enum):
"""User permissions."""
READ = "read"
WRITE = "write"
DELETE = "delete"
ADMIN = "admin"
class BaseSchema(BaseModel):
"""Base schema with common configuration."""
model_config = {
"use_enum_values": True,
"validate_assignment": True,
"populate_by_name": True,
"json_encoders": {
datetime: lambda v: v.isoformat(),
UUID: lambda v: str(v)
}
}
class ContentSchema(BaseSchema):
"""Schema for content creation."""
title: str = Field(..., min_length=1, max_length=255, description="Content title")
description: Optional[str] = Field(None, max_length=2000, description="Content description")
content_type: ContentTypeEnum = Field(..., description="Type of content")
file_size: Optional[int] = Field(None, ge=0, le=10737418240, description="File size in bytes (max 10GB)")
visibility: VisibilityEnum = Field(VisibilityEnum.PRIVATE, description="Content visibility")
tags: List[str] = Field(default_factory=list, max_items=20, description="Content tags")
license_id: Optional[UUID] = Field(None, description="License ID if applicable")
metadata: Optional[Dict[str, Any]] = Field(None, description="Additional metadata")
@validator('tags')
def validate_tags(cls, v):
"""Validate tags format and content."""
if not v:
return v
# Check each tag
for tag in v:
if not isinstance(tag, str):
raise ValueError("Tags must be strings")
if len(tag) < 1 or len(tag) > 50:
raise ValueError("Tag length must be between 1 and 50 characters")
if not tag.replace('-', '').replace('_', '').isalnum():
raise ValueError("Tags can only contain alphanumeric characters, hyphens, and underscores")
# Remove duplicates while preserving order
seen = set()
unique_tags = []
for tag in v:
tag_lower = tag.lower()
if tag_lower not in seen:
seen.add(tag_lower)
unique_tags.append(tag)
return unique_tags
@validator('metadata')
def validate_metadata(cls, v):
"""Validate metadata structure."""
if not v:
return v
# Check metadata size (JSON serialized)
import json
try:
serialized = json.dumps(v)
if len(serialized) > 10000: # Max 10KB of metadata
raise ValueError("Metadata too large (max 10KB)")
except (TypeError, ValueError) as e:
raise ValueError(f"Invalid metadata format: {e}")
return v
class ContentUpdateSchema(BaseSchema):
"""Schema for content updates."""
title: Optional[str] = Field(None, min_length=1, max_length=255)
description: Optional[str] = Field(None, max_length=2000)
visibility: Optional[VisibilityEnum] = None
tags: Optional[List[str]] = Field(None, max_items=20)
license_id: Optional[UUID] = None
status: Optional[StatusEnum] = None
@validator('tags')
def validate_tags(cls, v):
"""Validate tags if provided."""
if v is None:
return v
return ContentSchema.validate_tags(v)
class ContentSearchSchema(BaseSchema):
"""Schema for content search requests."""
query: Optional[str] = Field(None, min_length=1, max_length=200, description="Search query")
content_type: Optional[ContentTypeEnum] = None
status: Optional[StatusEnum] = None
tags: Optional[List[str]] = Field(None, max_items=10)
visibility: Optional[VisibilityEnum] = None
date_from: Optional[datetime] = None
date_to: Optional[datetime] = None
sort_by: Optional[str] = Field("updated_at", pattern="^(created_at|updated_at|title|file_size)$")
sort_order: Optional[str] = Field("desc", pattern="^(asc|desc)$")
page: int = Field(1, ge=1, le=1000)
per_page: int = Field(20, ge=1, le=100)
@model_validator(mode='before')
def validate_date_range(cls, values):
"""Validate date range."""
date_from = values.get('date_from')
date_to = values.get('date_to')
if date_from and date_to and date_from >= date_to:
raise ValueError("date_from must be before date_to")
return values
class UserRegistrationSchema(BaseSchema):
"""Schema for user registration."""
username: str = Field(..., min_length=3, max_length=50, pattern="^[a-zA-Z0-9_.-]+$")
email: EmailStr = Field(..., description="Valid email address")
password: str = Field(..., min_length=8, max_length=128, description="Password (min 8 characters)")
full_name: Optional[str] = Field(None, max_length=100)
@validator('password')
def validate_password(cls, v):
"""Validate password strength."""
if len(v) < 8:
raise ValueError("Password must be at least 8 characters long")
# Check for required character types
has_upper = any(c.isupper() for c in v)
has_lower = any(c.islower() for c in v)
has_digit = any(c.isdigit() for c in v)
has_special = any(c in "!@#$%^&*()_+-=[]{}|;:,.<>?" for c in v)
if not (has_upper and has_lower and has_digit and has_special):
raise ValueError(
"Password must contain at least one uppercase letter, "
"one lowercase letter, one digit, and one special character"
)
return v
class UserLoginSchema(BaseSchema):
"""Schema for user login."""
username: str = Field(..., min_length=1, max_length=50)
password: str = Field(..., min_length=1, max_length=128)
remember_me: bool = Field(False, description="Keep session longer")
class UserUpdateSchema(BaseSchema):
"""Schema for user profile updates."""
full_name: Optional[str] = Field(None, max_length=100)
email: Optional[EmailStr] = None
bio: Optional[str] = Field(None, max_length=500)
avatar_url: Optional[HttpUrl] = None
settings: Optional[Dict[str, Any]] = None
@validator('settings')
def validate_settings(cls, v):
"""Validate user settings."""
if not v:
return v
# Allowed settings keys
allowed_keys = {
'notifications', 'privacy', 'theme', 'language',
'timezone', 'auto_save', 'quality_preference'
}
for key in v.keys():
if key not in allowed_keys:
raise ValueError(f"Invalid settings key: {key}")
return v
class StorageUploadSchema(BaseSchema):
"""Schema for file upload initiation."""
filename: str = Field(..., min_length=1, max_length=255)
file_size: int = Field(..., ge=1, le=10737418240) # Max 10GB
content_type: str = Field(..., min_length=1, max_length=100)
chunk_size: Optional[int] = Field(1048576, ge=65536, le=10485760) # 64KB to 10MB
@validator('filename')
def validate_filename(cls, v):
"""Validate filename format."""
import re
# Check for dangerous characters
if re.search(r'[<>:"/\\|?*\x00-\x1f]', v):
raise ValueError("Filename contains invalid characters")
# Check for reserved names (Windows)
reserved_names = {
'CON', 'PRN', 'AUX', 'NUL',
'COM1', 'COM2', 'COM3', 'COM4', 'COM5', 'COM6', 'COM7', 'COM8', 'COM9',
'LPT1', 'LPT2', 'LPT3', 'LPT4', 'LPT5', 'LPT6', 'LPT7', 'LPT8', 'LPT9'
}
name_part = v.split('.')[0].upper()
if name_part in reserved_names:
raise ValueError("Filename uses reserved name")
return v
class ChunkUploadSchema(BaseSchema):
"""Schema for chunk upload."""
upload_id: UUID = Field(..., description="Upload session ID")
chunk_index: int = Field(..., ge=0, description="Chunk sequence number")
chunk_hash: str = Field(..., min_length=64, max_length=64, description="SHA256 hash of chunk")
is_final: bool = Field(False, description="Is this the final chunk")
class BlockchainTransactionSchema(BaseSchema):
"""Schema for blockchain transactions."""
transaction_type: str = Field(..., pattern="^(transfer|mint|burn|stake|unstake)$")
amount: Optional[int] = Field(None, ge=0, description="Amount in nanotons")
recipient_address: Optional[str] = Field(None, min_length=48, max_length=48)
message: Optional[str] = Field(None, max_length=500)
@validator('recipient_address')
def validate_ton_address(cls, v):
"""Validate TON address format."""
if not v:
return v
# Basic TON address validation
import re
if not re.match(r'^[a-zA-Z0-9_-]{48}$', v):
raise ValueError("Invalid TON address format")
return v
class LicenseSchema(BaseSchema):
"""Schema for license information."""
name: str = Field(..., min_length=1, max_length=100)
description: Optional[str] = Field(None, max_length=1000)
url: Optional[HttpUrl] = None
commercial_use: bool = Field(False, description="Allows commercial use")
attribution_required: bool = Field(True, description="Requires attribution")
share_alike: bool = Field(False, description="Requires share-alike")
class AccessControlSchema(BaseSchema):
"""Schema for content access control."""
user_id: UUID = Field(..., description="User to grant access to")
permission: str = Field(..., pattern="^(read|write|delete|admin)$")
expires_at: Optional[datetime] = Field(None, description="Access expiration time")
@model_validator(mode='before')
def validate_expiration(cls, values):
"""Validate access expiration."""
expires_at = values.get('expires_at')
if expires_at and expires_at <= datetime.utcnow():
raise ValueError("Expiration time must be in the future")
return values
class ApiKeySchema(BaseSchema):
"""Schema for API key creation."""
name: str = Field(..., min_length=1, max_length=100, description="API key name")
permissions: List[str] = Field(..., min_items=1, description="List of permissions")
expires_at: Optional[datetime] = Field(None, description="Key expiration time")
@validator('permissions')
def validate_permissions(cls, v):
"""Validate permission format."""
valid_permissions = {
'content.read', 'content.create', 'content.update', 'content.delete',
'storage.upload', 'storage.download', 'storage.delete',
'user.read', 'user.update', 'admin.read', 'admin.write'
}
for perm in v:
if perm not in valid_permissions:
raise ValueError(f"Invalid permission: {perm}")
return list(set(v)) # Remove duplicates
class WebhookSchema(BaseSchema):
"""Schema for webhook configuration."""
url: HttpUrl = Field(..., description="Webhook endpoint URL")
events: List[str] = Field(..., min_items=1, description="Events to subscribe to")
secret: Optional[str] = Field(None, min_length=16, max_length=64, description="Webhook secret")
active: bool = Field(True, description="Whether webhook is active")
@validator('events')
def validate_events(cls, v):
"""Validate webhook events."""
valid_events = {
'content.created', 'content.updated', 'content.deleted',
'user.registered', 'user.updated', 'upload.completed',
'blockchain.transaction', 'system.error'
}
for event in v:
if event not in valid_events:
raise ValueError(f"Invalid event: {event}")
return list(set(v))
# Response schemas
class ContentResponseSchema(BaseSchema):
"""Schema for content response."""
id: UUID
title: str
description: Optional[str]
content_type: ContentTypeEnum
file_size: int
status: StatusEnum
visibility: VisibilityEnum
tags: List[str]
created_at: datetime
updated_at: datetime
user_id: UUID
class UserResponseSchema(BaseSchema):
"""Schema for user response."""
id: UUID
username: str
email: EmailStr
full_name: Optional[str]
created_at: datetime
is_active: bool
permissions: List[str]
class ErrorResponseSchema(BaseSchema):
"""Schema for error responses."""
error: str = Field(..., description="Error message")
code: str = Field(..., description="Error code")
details: Optional[Dict[str, Any]] = Field(None, description="Additional error details")
timestamp: datetime = Field(default_factory=datetime.utcnow)
class SuccessResponseSchema(BaseSchema):
"""Schema for success responses."""
message: str = Field(..., description="Success message")
data: Optional[Dict[str, Any]] = Field(None, description="Response data")
timestamp: datetime = Field(default_factory=datetime.utcnow)

136
app/core/validation/content_validator.py Normal file
View File

@ -0,0 +1,136 @@
from __future__ import annotations
import base64
import logging
from dataclasses import asdict
from hashlib import sha256
from typing import Any, Dict, Optional, Tuple
from app.core.crypto import get_ed25519_manager
from app.core.crypto.content_cipher import ContentCipher
from app.core.models.validation.validation_models import ValidationResult, ContentSignature
logger = logging.getLogger(__name__)
class ContentValidator:
"""
Основной валидатор контента:
- Проверка подписи источника (Ed25519)
- Проверка целостности контента/объектов (checksum/content_id)
- Интеграция с ContentCipher для дополнительной верификации
"""
def __init__(self, cipher: Optional[ContentCipher] = None):
self.cipher = cipher or ContentCipher()
logger.debug("ContentValidator initialized")
def verify_source_signature(
self,
payload: Dict[str, Any],
signature_b64: Optional[str],
public_key_hex: Optional[str],
) -> ValidationResult:
"""
Проверка Ed25519 подписи источника.
- payload должен сериализоваться идентично тому, что подписывалось.
- signature_b64 - base64 строка подписи.
- public_key_hex - hex публичного ключа источника.
"""
try:
if not signature_b64 or not public_key_hex:
logger.warning("verify_source_signature: missing signature/public key")
return ValidationResult(ok=False, reason="missing_signature_or_public_key")
crypto_mgr = get_ed25519_manager()
ok = crypto_mgr.verify_signature(payload, signature_b64, public_key_hex)
if not ok:
logger.warning("verify_source_signature: invalid signature")
return ValidationResult(ok=False, reason="invalid_signature")
logger.info("verify_source_signature: signature valid")
return ValidationResult(ok=True, details={"signer_key": public_key_hex})
except Exception as e:
logger.exception("verify_source_signature error")
return ValidationResult(ok=False, reason=str(e))
def check_content_integrity(
self,
encrypted_obj: Dict[str, Any],
expected_metadata: Optional[Dict[str, Any]] = None,
verify_signature: bool = True,
) -> ValidationResult:
"""
Делегирует проверку целостности ContentCipher:
- сверка content_id = sha256(ciphertext||nonce||tag||metadata_json)
- опциональная проверка встроенной подписи encrypted_obj (если есть signature/signер_pubkey)
"""
ok, err = self.cipher.verify_content_integrity(
encrypted_obj=encrypted_obj,
expected_metadata=expected_metadata,
verify_signature=verify_signature,
)
if not ok:
return ValidationResult(ok=False, reason=err or "integrity_failed")
return ValidationResult(ok=True)
def validate_content(
self,
content_meta: Dict[str, Any],
*,
checksum: Optional[str] = None,
source_signature: Optional[ContentSignature] = None,
encrypted_obj: Optional[Dict[str, Any]] = None,
verify_ed25519: bool = True,
) -> ValidationResult:
"""
Комплексная проверка валидности контента:
1) Если указан checksum (<algo>:<hex>), сверяем.
2) Если указан source_signature, проверяем Ed25519 подпись источника.
3) Если передан encrypted_obj, выполняем углублённую проверку ContentCipher.
content_meta произвольная структура метаданных, которая была объектом подписи источника.
"""
# 1. Проверка checksum (формат: "sha256:<hex>")
if checksum:
try:
algo, hexval = checksum.split(":", 1)
algo = algo.lower()
if algo != "sha256":
logger.warning("validate_content: unsupported checksum algo: %s", algo)
return ValidationResult(ok=False, reason="unsupported_checksum_algo", details={"algo": algo})
# Вычислить sha256 по ожидаемым данным невозможно без исходных байт,
# поэтому здесь лишь проверка формата. Фактическая сверка должна происходить
# на уровне получателя с использованием известного буфера.
if not all(c in "0123456789abcdef" for c in hexval.lower()) or len(hexval) != 64:
return ValidationResult(ok=False, reason="invalid_checksum_format")
logger.debug("validate_content: checksum format looks valid (sha256)")
except Exception:
return ValidationResult(ok=False, reason="invalid_checksum")
# 2. Проверка подписи источника (если указана)
if verify_ed25519 and source_signature:
sig_check = self.verify_source_signature(
payload=content_meta,
signature_b64=source_signature.signature,
public_key_hex=source_signature.public_key_hex,
)
if not sig_check.ok:
return ValidationResult(ok=False, reason="source_signature_invalid", details=sig_check.to_dict())
# 3. Проверка целостности зашифрованного объекта (если присутствует)
if encrypted_obj:
integ = self.check_content_integrity(
encrypted_obj=encrypted_obj,
expected_metadata=encrypted_obj.get("metadata"),
verify_signature=verify_ed25519,
)
if not integ.ok:
return ValidationResult(ok=False, reason="encrypted_integrity_invalid", details=integ.to_dict())
logger.info("validate_content: content validation passed")
return ValidationResult(ok=True)

Some files were not shown because too many files have changed in this diff Show More