Flask - 日誌記錄
目標
- 配置 Python 的
logging模塊 - 在 API 中記錄關鍵事件
- 將日誌輸出到文件和控制台
步驟
準備環境
- 繼續使用
flask_api/項目結構,激活虛擬環境:1 2
# Windows: flask_api_env\Scripts\activate # macOS/Linux: source flask_api_env/bin/activate
- 繼續使用
配置日誌
修改 app/init.py,設置日誌:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
from flask import Flask, jsonify, g from flask_sqlalchemy import SQLAlchemy from flask_marshmallow import Marshmallow from flask_bcrypt import Bcrypt import jwt from functools import wraps from .routes.v1.todos import todos_bp as todos_v1_bp from .routes.v1.users import users_bp as users_v1_bp from .routes.v1.posts import posts_bp as posts_v1_bp from .routes.v2.todos import todos_bp as todos_v2_bp from .routes.v2.posts import posts_bp as posts_v2_bp from .config import config_map import os import logging from logging.handlers import RotatingFileHandler db = SQLAlchemy() ma = Marshmallow() bcrypt = Bcrypt() def setup_logging(app): # 配置日誌 if not app.debug: # 僅在非調試模式下使用文件日誌 handler = RotatingFileHandler('app.log', maxBytes=10000, backupCount=3) handler.setLevel(logging.INFO) formatter = logging.Formatter( '%(asctime)s %(levelname)s: %(message)s [in %(pathname)s:%(lineno)d]' ) handler.setFormatter(formatter) app.logger.addHandler(handler) # 添加控制台輸出 console_handler = logging.StreamHandler() console_handler.setLevel(logging.DEBUG) console_handler.setFormatter(logging.Formatter('%(asctime)s %(levelname)s: %(message)s')) app.logger.addHandler(console_handler) app.logger.setLevel(logging.DEBUG) def create_app(): app = Flask(__name__) env = os.getenv('FLASK_ENV', 'development') app.config.from_object(config_map[env]) db.init_app(app) ma.init_app(app) bcrypt.init_app(app) setup_logging(app) # 初始化日誌 app.register_blueprint(todos_v1_bp, url_prefix='/api/v1') app.register_blueprint(users_v1_bp, url_prefix='/api/v1') app.register_blueprint(posts_v1_bp, url_prefix='/api/v1') app.register_blueprint(todos_v2_bp, url_prefix='/api/v2') app.register_blueprint(posts_v2_bp, url_prefix='/api/v2') @app.errorhandler(404) def not_found(error): app.logger.error(f'404 error: {str(error)}') return jsonify({'error': 'Not Found', 'message': str(error)}), 404 @app.errorhandler(400) def bad_request(error): app.logger.warning(f'400 error: {str(error)}') return jsonify({'error': 'Bad Request', 'message': str(error)}), 400 @app.errorhandler(500) def internal_error(error): app.logger.critical(f'500 error: {str(error)}') return jsonify({'error': 'Internal Server Error', 'message': 'Something went wrong on our end'}), 500 with app.app_context(): db.create_all() return app def login_required(f): @wraps(f) def decorated_function(*args, **kwargs): from .models import User token = request.headers.get('Authorization') if not token: abort(401, description='Missing token') try: if token.startswith('Bearer '): token = token[7:] data = jwt.decode(token, app.config['SECRET_KEY'], algorithms=['HS256']) user = User.query.get(data['user_id']) if not user: abort(401, description='Invalid token') g.current_user = user except jwt.ExpiredSignatureError: abort(401, description='Token has expired') except jwt.InvalidTokenError: abort(401, description='Invalid token') return f(*args, **kwargs) return decorated_function def admin_required(f): @wraps(f) @login_required def decorated_function(*args, **kwargs): if not g.current_user.is_admin: abort(403, description='Admin access required') return f(*args, **kwargs) return decorated_function
代碼解釋:
RotatingFileHandler:將日誌寫入文件,限制大小並保留備份。app.logger:Flask 內置的日誌對象,可直接使用。- 日誌級別:DEBUG < INFO < WARNING < ERROR < CRITICAL。
在路由中添加日誌
修改 app/routes/v1/users.py:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59
from flask import Blueprint, jsonify, request, abort from ...models import User from ... import db, admin_required from ...schemas import user_schema, users_schema import jwt import datetime users_bp = Blueprint('users_v1', __name__) @users_bp.route('/users', methods=['GET']) def get_users(): users = User.query.all() users_bp.app.logger.info('Fetched all users') return jsonify({'users': users_schema.dump(users)}) @users_bp.route('/users', methods=['POST']) def create_user(): if not request.is_json: abort(400, description='Request must be JSON') data = request.get_json() if 'username' not in data or 'password' not in data: abort(400, description='Missing username or password') if User.query.filter_by(username=data['username']).first(): abort(400, description='Username already exists') user = User(username=data['username']) user.set_password(data['password']) if data.get('role') in ['user', 'admin']: user.role = data['role'] db.session.add(user) db.session.commit() users_bp.app.logger.info(f'User created: {user.username}') return jsonify(user_schema.dump(user)), 201 @users_bp.route('/login', methods=['POST']) def login(): if not request.is_json: abort(400, description='Request must be JSON') data = request.get_json() if 'username' not in data or 'password' not in data: abort(400, description='Missing username or password') user = User.query.filter_by(username=data['username']).first() if not user or not user.check_password(data['password']): users_bp.app.logger.warning(f'Failed login attempt for {data["username"]}') abort(401, description='Invalid credentials') token = jwt.encode({ 'user_id': user.id, 'exp': datetime.datetime.utcnow() + datetime.timedelta(hours=24) }, users_bp.app.config['SECRET_KEY'], algorithm='HS256') users_bp.app.logger.info(f'User logged in: {user.username}') return jsonify({'token': token}) @users_bp.route('/users/<int:user_id>', methods=['DELETE']) @admin_required def delete_user(user_id): user = User.query.get_or_404(user_id, description='User not found') db.session.delete(user) db.session.commit() users_bp.app.logger.info(f'User deleted: {user.username} by admin {g.current_user.username}') return jsonify({'message': 'User deleted'}), 200
修改 app/routes/v1/posts.py:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75
from flask import Blueprint, jsonify, request, abort, g from ...models import Post, User from ... import db, login_required, admin_required from ...schemas import post_schema, posts_schema posts_bp = Blueprint('posts_v1', __name__) @posts_bp.route('/posts', methods=['GET']) def get_posts(): user_id = request.args.get('user_id', type=int) query = Post.query if user_id: query = query.filter_by(user_id=user_id) posts = query.all() posts_bp.app.logger.debug('Fetched posts') return jsonify({'posts': posts_schema.dump(posts)}) @posts_bp.route('/posts/<int:post_id>', methods=['GET']) def get_post(post_id): post = Post.query.get_or_404(post_id, description='Post not found') return jsonify(post_schema.dump(post)) @posts_bp.route('/posts', methods=['POST']) @login_required def create_post(): if not request.is_json: abort(400, description='Request must be JSON') data = request.get_json() if 'title' not in data or 'content' not in data: abort(400, description='Missing title or content') post = Post( title=data['title'], content=data['content'], user_id=g.current_user.id ) db.session.add(post) db.session.commit() posts_bp.app.logger.info(f'Post created: {post.title} by {g.current_user.username}') return jsonify(post_schema.dump(post)), 201 @posts_bp.route('/posts/<int:post_id>', methods=['PUT']) @login_required def update_post(post_id): post = Post.query.get_or_404(post_id, description='Post not found') if post.user_id != g.current_user.id and not g.current_user.is_admin: abort(403, description='You can only edit your own posts unless you are an admin') if not request.is_json: abort(400, description='Request must be JSON') data = request.get_json() if 'title' in data: post.title = data['title'] if 'content' in data: post.content = data['content'] db.session.commit() posts_bp.app.logger.info(f'Post updated: {post.title} by {g.current_user.username}') return jsonify(post_schema.dump(post)), 200 @posts_bp.route('/posts/<int:post_id>', methods=['DELETE']) @login_required def delete_post(post_id): post = Post.query.get_or_404(post_id, description='Post not found') if post.user_id != g.current_user.id and not g.current_user.is_admin: abort(403, description='You can only delete your own posts unless you are an admin') db.session.delete(post) db.session.commit() posts_bp.app.logger.info(f'Post deleted: {post.title} by {g.current_user.username}') return jsonify({'message': 'Post deleted'}), 200 @posts_bp.route('/posts/all', methods=['DELETE']) @admin_required def delete_all_posts(): Post.query.delete() db.session.commit() posts_bp.app.logger.warning(f'All posts deleted by admin {g.current_user.username}') return jsonify({'message': 'All posts deleted'}), 200
運行應用
- 運行:
1
python run.py
- 檢查控制台輸出,並在項目根目錄查看
app.log文件(非 debug 模式下生成)。
- 運行:
測試 API
- 使用 Postman 測試:
- POST /api/v1/users:
- Body:
{"username": "alice", "password": "1234"} - 日誌:
INFO: User created: alice
- Body:
- POST /api/v1/login(失敗):
- Body:
{"username": "alice", "password": "wrong"} - 日誌:
WARNING: Failed login attempt for alice
- Body:
- POST /api/v1/posts:
- Headers:
Authorization: Bearer <token> - Body:
{"title": "My Post", "content": "Hello"} - 日誌:
INFO: Post created: My Post by alice
- Headers:
- DELETE /api/v1/posts/all(用 admin token):
- 日誌:
WARNING: All posts deleted by admin <admin_username>
- 日誌:
- POST /api/v1/users:
- 使用 Postman 測試:
作業
- 在 v2 的路由中添加類似的日誌記錄。
- 修改日誌格式,添加當前請求的 URL(提示:使用
request.url)。
注意事項
RotatingFileHandler只在DEBUG=False時生效,開發時主要看控制台。- 日誌級別應根據事件重要性選擇,例如錯誤用
ERROR,普通操作用INFO。 - 生產環境應考慮日誌存儲位置和輪轉策略。
本文章以 CC BY 4.0 授權