flask POOL,websocket握手

一.POOL

Pool就是为了多线程访问数据库,减少数据库压力

回顾pymysql

import pymysql
#建立连接
mysql_conn = pymysql.connect(host="127.0.0.1",
                             port=3306,
                             user="root",
                             password="",
                             charset="utf8",
                             db="day115")
#创建游标
c = mysql_conn.cursor(cursor=pymysql.cursors.DictCursor)

sql = "select * from users WHERE name='jwb' and age=73 "
# 光标执行sql
# res为生成几行
res = c.execute(sql)

#获取结果
print(c.fetchall())

c.close()
mysql_conn.close()

创建POOL

import pymysql
from DBUtils.PooledDB import PooledDB
POOL = PooledDB(
    creator=pymysql,  # 使用链接数据库的模块
    maxconnections=6,  # 连接池允许的最大连接数，0和None表示不限制连接数
    mincached=2,  # 初始化时，链接池中至少创建的空闲的链接，0表示不创建
    maxcached=5,  # 链接池中最多闲置的链接，0和None不限制
    maxshared=3,  # 链接池中最多共享的链接数量，0和None表示全部共享。PS: 无用，因为pymysql和MySQLdb等模块的 threadsafety都为1，所有值无论设置为多少，_maxcached永远为0，所以永远是所有链接都共享。
    blocking=True,  # 连接池中如果没有可用连接后，是否阻塞等待。True，等待；False，不等待然后报错
    maxusage=None,  # 一个链接最多被重复使用的次数，None表示无限制
    setsession=[],  # 开始会话前执行的命令列表。如：["set datestyle to ...", "set time zone ..."]
    ping=0,
    # ping MySQL服务端，检查是否服务可用。
    #  如：0 = None = never,
    # 1 = default = whenever it is requested,
    # 2 = when a cursor is created,
    # 4 = when a query is executed,
    # 7 = always
    host="127.0.0.1",
    port=3306,
    user="root",
    password="",
    charset="utf8",
    db="day115"
)

#
# conn = POOL.connection() # pymysql - conn
# cur = conn.cursor(cursor=pymysql.cursors.DictCursor)
#
# sql = "select * from users WHERE name='jwb' and age=73 "
#
# res = cur.execute(sql)
#
#
# print(cur.fetchall())
#
# conn.close()

执行线程池

from dbpool import POOL
import pymysql

def create_conn():
    conn = POOL.connection()
    cursor = conn.cursor(cursor=pymysql.cursors.DictCursor)

    return conn,cursor


def close_conn(conn,cursor):
    cursor.close()
    conn.close()


def insert(sql,args):
    conn,cursor = create_conn()
    res = cursor.execute(sql,args)
    conn.commit()
    close_conn(conn,cursor)
    return res

def fetch_one(sql,args):
    conn,cursor = create_conn()
    cursor.execute(sql,args)
    res = cursor.fetchone()
    close_conn(conn,cursor)
    return res

def fetch_all(sql,args):
    conn,cursor = create_conn()
    cursor.execute(sql,args)
    res = cursor.fetchall()
    close_conn(conn,cursor)
    return res


# sql = "insert into users(name,age) VALUES (%s, %s)"

# insert(sql,("mjj",9))

sql = "select * from users where name=%s and age=%s"

print(fetch_one(sql,("mjj",9)))

二.socket握手

就是在客户端请求头中获取Sec-WebSocket-Key与宝藏magic_string = '258EAFA5-E914-47DA-95CA-C5AB0DC85B11'进行匹配

当与客户端验证成功后就已经进行了握手

import socket, base64, hashlib

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind(('127.0.0.1', 9527))
sock.listen(5)
# 获取客户端socket对象
conn, address = sock.accept()
# 获取客户端的【握手】信息
data = conn.recv(1024)
print(data)
"""
GET /ws HTTP/1.1

Host: 127.0.0.1:9527

Connection: Upgrade

Pragma: no-cache

Cache-Control: no-cache

User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36

Upgrade: websocket

Origin: http://localhost:63342

Sec-WebSocket-Version: 13

Accept-Encoding: gzip, deflate, br

Accept-Language: zh-CN,zh;q=0.9

Cookie: session=a6f96c20-c59e-4f33-84d9-c664a2f29dfc

Sec-WebSocket-Key: MAZZU5DPIxWmhk/UWL2+BA==
  #这个就是那把钥匙
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits


"""
# 以下动作是有websockethandler完成的
# magic string为：258EAFA5-E914-47DA-95CA-C5AB0DC85B11


def get_headers(data): #在获取的data列表中通过分割获取Sec-WebSocket-Key
    header_dict = {}
    header_str = data.decode("utf8")
    for i in header_str.split("
"):
        if str(i).startswith("Sec-WebSocket-Key"):
            header_dict["Sec-WebSocket-Key"] = i.split(":")[1].strip()

    return header_dict


headers = get_headers(data)  # 提取请求头信息
#
magic_string = '258EAFA5-E914-47DA-95CA-C5AB0DC85B11'
#Sec-WebSocket-Key: MAZZU5DPIxWmhk/UWL2+BA==
value = headers['Sec-WebSocket-Key'] + magic_string
print(value)
#将钥匙Sec-WebSocket-Key和宝藏magic_string进行加密
ac = base64.b64encode(hashlib.sha1(value.encode('utf-8')).digest())

# 对请求头中的sec-websocket-key进行加密
response_tpl = "HTTP/1.1 101 Switching Protocols
" 
               "Upgrade:websocket
" 
               "Connection: Upgrade
" 
               "Sec-WebSocket-Accept: %s
" 
               "WebSocket-Location: ws://127.0.0.1:9527

"
print(ac.decode('utf-8'))
response_str = response_tpl % (ac.decode('utf-8'))
# 响应【握手】信息
conn.send(response_str.encode("utf8"))
#
while True:
    msg = conn.recv(8096)
    print(msg)

需要在前端中访问

<!DOCTYPE html>
<html lang="zh-CN">
<head>
  <meta charset="UTF-8">
  <title>Title</title>
  <meta name="viewport" content="width=device-width, initial-scale=1">
</head>
<body>

</body>
<script type="application/javascript">
  var ws = new WebSocket("ws://127.0.0.1:9527/ws");
  
</script>
</html>

发现,在前端发送的数据vm.send("abc)发到后端的数据是加密的,需要进行解密

解密方法

比如发送到服务端的是

b'x81x83Hxc0xxa6yxf2K'


第一个为统一的的x81,用它的后一位与127求^,结果分三种 小于等于125,126,127
然后根据后面的数据长度/密码/数据/进行解密

#b'x81x89xf3x99x81-x15x05x01xcbOx1bex97]'
#b'x81x85sx92ax10x1bxf7
|x1c'
#b'x81x83Hxc0xxa6yxf2K'

hashstr = b'x81x85sx92ax10x1bxf7
|x1c'
# b'x81 x85s x92ax10x1bxf7  
|x1c' <126
# x85s = 5
hashstr = b'x81xfex02xdcx8dxe8-xb2hmxa5W5uxc8:x16x0cx95(ktx87Wx00bxc52x01x0cx95x1fdixbeW9Axcbx1cx0fx07x91>iSxa7W)Axc9
x06x0cx95;h`xab]1dxca)x07
x9a,j~x9fW1bxc2x0ex01x0ex80x16eGxb7Wx00Yxcb2(
x80*iRx8cV4cxcax15x06x0cx94-nhxafU	^xc9x0cx00
xa0x19iQxa6Z
Kxc9
x00x0exaa:iRxa3Wx0bmxc2x0ex01
x92x12hWxbaV4cxc8x11&
x92*eRx86V7fxc8x16x1bx00xad7bTxa1Ux16~xc5
0
xa8:hPxb0V4cxcbx1cx07x01xac5bTxa1T!Zxcb8(x0cx949iRxa3[x14sxc9
x06x0cx94-nhxafZ"rxc8x1cx11
x912hTx8dWx11Kxc8"!x07x91>iSx88Wx08axc87x05
x95/dixbaW3_xc2x0ex01x0exacx10hTxb5W2x7fxc8x11&x0cx949kXxb9]1dxc9
x00
x83.hNxa9Z
Bxc5=?x00xbb6bTxa1W1}xc8$6
x89x03iQxa4]1dxc9	(
x8c,hWx8dZ=gxc9x0bx06x00x9ax1diQxb2Q
jxc8x1c&x0cx95x1fhRxb1V5Exc2x0ex01x0cx92x03iPx97V5hxc9x0fx1ex07x91>dqxb2U0rxc55*
xbdx14bTxa1V5exc8x1cx11
x910hxxa1Q
jxc59(x0exb1;iUxb1W(Pxca8"x0fx8a#hgxa7V5Rxc8
-
xbb6ehxa8]1dxc8x1cx11x0cx96*ktxa4Wx02Pxc5x1c7
xa8x04h`xbcZ8gxc2x0ex01x0cx96x17kpx80[x14sxc9
x06
x94x01kpxa3V4cxca"x0bx07x91>iPxa0W#txc83x02x0fx8a3bTxa1V0Wxc84x08
x89$hTxafT>}xc9x0bx12x0bxad0iVxa0V5Exce2x0cx0cx93?dkxa3[x0eExcb&5x0cx949nhxacZ9Qxcax17x03x0bxad3eyx8eWx08ixcax1fx04x07x91>kEx89Ux17nxc5;"
x83,bTxa1W2x7fxc5+x1c
x92x12jRx82]1dxcb*"x0cx96x17hmxa5W5uxcax1c
x0exa6&iSx88[x0cx7fxc4+x16x0cx959nhxafT	rxc9	(x0cx95x08hFx86V5Exc9x0bx06x0cx979bTxa1V7cxcb%-
x89x15hXxa2]1dxcb0x04x0cx96x17hzx85V4cxc2x0ex01x0fxa9x04hxxa3Tx1bUxc5x13x01x07x91>hWxa8Zx0eUxc5x11%x00x8cx17dpxb4T1gxc2x0ex01x0exb1;kaxadW4Wxca)x07x0bxad0'
# print(chushibiao[1],chushibiao[1]&127)
# print(chushibiao[2:4],chushibiao[4:8])
# 将第二个字节也就是 x83 第9-16位 进行与127进行位运算
payload = hashstr[1] & 127
print(payload)
if payload == 127:
    extend_payload_len = hashstr[2:10]
    mask = hashstr[10:14]
    decoded = hashstr[14:]
# 当位运算结果等于127时,则第3-10个字节为数据长度
# 第11-14字节为mask 解密所需字符串
# 则数据为第15字节至结尾

if payload == 126:
    extend_payload_len = hashstr[2:4]
    mask = hashstr[4:8]
    decoded = hashstr[8:]
# 当位运算结果等于126时,则第3-4个字节为数据长度
# 第5-8字节为mask 解密所需字符串
# 则数据为第9字节至结尾


if payload <= 125:
    extend_payload_len = None
    mask = hashstr[2:6]
    decoded = hashstr[6:]

# 当位运算结果小于等于125时,则这个数字就是数据的长度
# 第3-6字节为mask 解密所需字符串
# 则数据为第7字节至结尾

str_byte = bytearray()
# b'x81 x85s x92ax10x1b xf7
|x1c' <126
for i in range(len(decoded)): # 0  xf7 ^ x92a 1 
 ^ x10 x1c ^ x1b
    byte = decoded[i] ^ mask[i % 4]
    str_byte.append(byte)

print(str_byte.decode("utf8"))

加密方法:

import struct
msg_bytes = "the emperor has not been half-baked in the early days of the collapse of the road, today down three points, yizhou weakness, this serious crisis autumn".encode("utf8")
token = b"x81" # + 数据长度/运算位 + mask/数据长度 + mask/数据 + 数据
length = len(msg_bytes)

if length < 126:
    token += struct.pack("B", length)
elif length == 126:
    token += struct.pack("!BH", 126, length)
else:
    token += struct.pack("!BQ", 127, length)

msg = token + msg_bytes

print(msg)