mxl_citu
/
DataOps-platform


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238
							from flask import Flask, jsonify
from flask_sqlalchemy import SQLAlchemy
from flask_cors import CORS
import logging
from app.config.config import config, current_env
from app.config.cors import CORS_OPTIONS


db = SQLAlchemy()


def create_app():
    """Create and configure the Flask application"""
    app = Flask(__name__)

    # 加载配置
    app.config.from_object(config[current_env])

    # 初始化扩展
    # 配置CORS以解决跨域问题
    CORS(app, **CORS_OPTIONS)
    db.init_app(app)

    # 注册蓝图
    from app.api.meta_data import bp as meta_bp
    from app.api.data_interface import bp as data_interface_bp
    from app.api.graph import bp as graph_bp
    from app.api.system import bp as system_bp
    from app.api.data_source import bp as data_source_bp
    from app.api.data_flow import bp as data_flow_bp
    from app.api.business_domain import bp as business_domain_bp

    app.register_blueprint(meta_bp, url_prefix='/api/meta')
    app.register_blueprint(data_interface_bp, url_prefix='/api/interface')
    app.register_blueprint(graph_bp, url_prefix='/api/graph')
    app.register_blueprint(system_bp, url_prefix='/api/system')
    app.register_blueprint(data_source_bp, url_prefix='/api/datasource')
    app.register_blueprint(data_flow_bp, url_prefix='/api/dataflow')
    app.register_blueprint(business_domain_bp, url_prefix='/api/bd')

    # Configure global response headers
    configure_response_headers(app)

    # Configure logging
    configure_logging(app)

    # 添加全局异常处理器
    configure_error_handlers(app)

    # 输出启动信息
    port = app.config['PORT']
    app.logger.info(f"Starting server in {current_env} mode on port {port}")

    return app


def configure_response_headers(app):
    """Configure global response headers for JSON content"""

    @app.after_request
    def after_request(response):
        from flask import request

        # 检查是否是API路径
        if request.path.startswith('/api/'):
            # 排除文件下载和特殊响应类型
            excluded_types = [
                'application/octet-stream',
                'application/pdf',
                'image/',
                'text/csv',
                'application/vnd.ms-excel',
                'application/vnd.openxmlformats-officedocument'
            ]
            if (response.content_type and
                    any(ct in response.content_type for ct in excluded_types)):
                # 保持原有的文件类型不变
                pass
            elif (response.content_type and
                    'application/json' in response.content_type):
                # 确保JSON响应设置正确的Content-Type和charset
                ct = 'application/json; charset=utf-8'
                response.headers['Content-Type'] = ct
            elif (not response.content_type or
                    response.content_type == 'text/html; charset=utf-8' or
                    response.content_type == 'text/plain'):
                # 对于API路由，默认设置为JSON
                ct = 'application/json; charset=utf-8'
                response.headers['Content-Type'] = ct

            # 确保CORS头部不被覆盖
            if 'Access-Control-Allow-Origin' not in response.headers:
                # 动态设置Origin，支持任意前端地址
                origin = request.headers.get('Origin')
                if origin:
                    # 允许任意Origin（最灵活的配置）
                    response.headers['Access-Control-Allow-Origin'] = origin
                else:
                    # 如果没有Origin头部，设置为通配符
                    response.headers['Access-Control-Allow-Origin'] = '*'

            # 专门处理预检请求（OPTIONS方法）
            if request.method == 'OPTIONS':
                origin = request.headers.get('Origin', '*')
                response.headers['Access-Control-Allow-Origin'] = origin
                methods = 'GET, POST, PUT, DELETE, OPTIONS'
                response.headers['Access-Control-Allow-Methods'] = methods
                headers = (
                    'Content-Type, Authorization, X-Requested-With, '
                    'Accept, Origin, Cache-Control, X-File-Name'
                )
                response.headers['Access-Control-Allow-Headers'] = headers
                response.headers['Access-Control-Max-Age'] = '86400'
                return response

            # 根据配置设置凭据支持
            from app.config.cors import ALLOW_ALL_ORIGINS
            if 'Access-Control-Allow-Credentials' not in response.headers:
                if ALLOW_ALL_ORIGINS:
                    # 通配符时不支持凭据
                    response.headers['Access-Control-Allow-Credentials'] = (
                        'false'
                    )
                else:
                    response.headers['Access-Control-Allow-Credentials'] = (
                        'true'
                    )

            if 'Access-Control-Allow-Methods' not in response.headers:
                methods = 'GET, POST, PUT, DELETE, OPTIONS'
                response.headers['Access-Control-Allow-Methods'] = methods
            if 'Access-Control-Allow-Headers' not in response.headers:
                headers = (
                    'Content-Type, Authorization, X-Requested-With, '
                    'Accept, Origin'
                )
                response.headers['Access-Control-Allow-Headers'] = headers

            # 添加安全头部
            if 'X-Content-Type-Options' not in response.headers:
                response.headers['X-Content-Type-Options'] = 'nosniff'
            if 'X-Frame-Options' not in response.headers:
                response.headers['X-Frame-Options'] = 'DENY'
            if 'X-XSS-Protection' not in response.headers:
                response.headers['X-XSS-Protection'] = '1; mode=block'

        return response


def configure_logging(app):
    """Configure logging for the application"""
    if not app.config.get('LOG_ENABLED', True):
        return None

    log_file = app.config.get(
        'LOG_FILE', f'flask_{app.config["FLASK_ENV"]}.log'
    )
    log_level_name = app.config.get('LOG_LEVEL', 'INFO')
    log_level = getattr(logging, log_level_name)
    log_format = app.config.get(
        'LOG_FORMAT',
        '%(asctime)s - %(levelname)s - %(filename)s - '
        '%(funcName)s - %(lineno)s - %(message)s'
    )
    log_encoding = app.config.get('LOG_ENCODING', 'UTF-8')
    log_to_console = app.config.get('LOG_TO_CONSOLE', True)

    # 配置根日志器
    root_logger = logging.getLogger()
    root_logger.setLevel(log_level)

    # 清除所有现有处理器
    root_logger.handlers.clear()

    # 文件处理器 - 只添加到根日志器
    file_handler = logging.FileHandler(log_file, encoding=log_encoding)
    file_handler.setLevel(log_level)
    logging_format = logging.Formatter(log_format)
    file_handler.setFormatter(logging_format)
    root_logger.addHandler(file_handler)

    # 控制台处理器 - 只添加到根日志器
    if log_to_console:
        console = logging.StreamHandler()
        console.setLevel(log_level)
        console.setFormatter(logging_format)
        root_logger.addHandler(console)

    # 确保Flask内部日志器使用我们的配置
    app.logger.handlers.clear()  # 移除Flask默认处理器

    # 配置app日志器，但禁止传播到根日志器
    logger = logging.getLogger("app")
    logger.setLevel(log_level)
    logger.handlers.clear()  # 清除现有处理器
    logger.propagate = True  # 通过根日志器处理

    app.logger.info(f"日志配置完成: 级别={log_level_name}, 文件={log_file}")
    return logger


def configure_error_handlers(app):
    """Configure global error handlers for the application"""

    @app.errorhandler(Exception)
    def handle_exception(e):
        """全局异常处理器，捕获所有未处理的异常"""
        # 记录详细的错误信息
        app.logger.error(f"未处理的异常: {str(e)}", exc_info=True)

        # 返回标准化的错误响应
        error_response = {
            'success': False,
            'message': f'服务器内部错误: {str(e)}',
            'data': None
        }

        return jsonify(error_response), 500

    @app.errorhandler(404)
    def handle_not_found(e):
        """处理404错误"""
        app.logger.warning(f"404错误: {str(e)}")
        return jsonify({
            'success': False,
            'message': '请求的资源不存在',
            'data': None
        }), 404

    @app.errorhandler(500)
    def handle_internal_error(e):
        """处理500错误"""
        app.logger.error(f"500错误: {str(e)}", exc_info=True)
        return jsonify({
            'success': False,
            'message': '服务器内部错误',
            'data': None
        }), 500