一、为什么企业级Python框架是求职的核心竞争力
1.1 企业招聘需求深度分析
根据2025年Q3各大招聘平台数据,Python相关岗位要求:
| 岗位类型 | 框架要求 | 需求量占比 | 平均薪资(月) |
|---|---|---|---|
| Web开发 | Django/Flask/FastAPI | 68% | ¥18,500 |
| 数据分析 | Pandas/PySpark | 42% | ¥16,800 |
| 机器学习 | Scikit-learn/PyTorch | 35% | ¥22,300 |
| 后端开发 | FastAPI/Django | 53% | ¥20,100 |
关键发现:掌握至少一个企业级框架已成为Python岗位的硬性门槛,75%的JD明确要求"有框架开发经验"
1.2 大学生与企业需求的鸿沟
| 学生常见问题 | 企业期望 | 解决方案 |
|---|---|---|
| 只会基础语法 | 熟悉框架设计模式 | 本教程的项目实战部分 |
| 无项目经验 | 有可展示的商业级项目 | GitHub企业级项目模板 |
| 不懂工程规范 | 遵循PEP8和团队规范 | 企业代码规范详解 |
| 缺乏部署经验 | 掌握CI/CD全流程 | Docker+GitHub Actions实战 |
1.3 本教程的独特价值
- 真实企业场景:基于作者在腾讯、阿里等公司的实际项目经验
- 求职导向:每个知识点都对应面试高频问题和简历优化点
- 渐进式学习:从框架基础到企业级最佳实践,再到高并发优化
- 完整项目链:提供可直接放入简历的GitHub项目模板
二、企业级框架全景图与学习路径
2.1 企业级框架分类与应用场景
graph TD
A[Python企业级框架] --> B[Web开发框架]
A --> C[数据处理框架]
A --> D[机器学习框架]
A --> E[基础设施框架]
B --> B1[Django - 全栈企业应用]
B --> B2[Flask - 轻量级微服务]
B --> B3[FastAPI - 高性能API]
C --> C1[Pandas - 数据分析]
C --> C2[PySpark - 大数据处理]
C --> C3[SQLAlchemy - 数据库ORM]
D --> D1[Scikit-learn - 传统ML]
D --> D2[PyTorch/TensorFlow - 深度学习]
D --> D3[MLflow - ML生命周期管理]
E --> E1[pytest - 测试框架]
E --> E2[Celery - 异步任务]
E --> E3[Docker - 容器化部署]
E --> E4[uvicorn - 生产级ASGI服务器]
2.2 大学生求职优先级排序
初级岗位(应届生):
- 必学:Django/Flask + RESTful API + 基础数据库操作
- 加分:pytest单元测试 + Docker基础 + Git工作流
- 差异化:选一个方向深入(数据分析/机器学习/微服务)
高级岗位(1-3年经验):
- 核心:微服务架构 + 高并发处理 + 分布式系统
- 必备:CI/CD流水线 + 监控告警 + 性能调优
2.3 30天学习计划表
| 周数 | 核心内容 | 产出物 | 求职价值 |
|---|---|---|---|
| 第1周 | Django基础 + ORM + Admin | 个人博客系统 | 证明基础开发能力 |
| 第2周 | RESTful API设计 + DRF | 博客API接口 | 展示API开发能力 |
| 第3周 | Flask微服务 + Celery异步 | 邮件通知系统 | 体现工程化思维 |
| 第4周 | Docker部署 + GitHub Actions | 自动化部署流水线 | 企业级项目经验 |
三、Django企业级开发实战
3.1 为什么企业选择Django?
- "开箱即用":自带Admin、认证系统、ORM等企业级功能
- 安全可靠:内置CSRF、XSS、SQL注入防护
- 可扩展性强:支持从单体应用到微服务架构
- 社区生态:拥有最丰富的第三方包(Django REST Framework等)
行业应用:Instagram、Pinterest、Spotify等大型应用均使用Django
3.2 企业级项目结构规范
myproject/
├── apps/ # 自定义应用
│ ├── users/ # 用户管理应用
│ │ ├── __init__.py
│ │ ├── admin.py # 后台管理
│ │ ├── apps.py # 应用配置
│ │ ├── models.py # 数据模型
│ │ ├── serializers.py # 序列化器
│ │ ├── services.py # 业务逻辑
│ │ ├── tests/ # 测试
│ │ ├── urls.py # 路由
│ │ └── views.py # 视图
│ └── products/ # 产品管理应用
├── config/ # 项目配置
│ ├── __init__.py
│ ├── settings/ # 分环境配置
│ │ ├── __init__.py
│ │ ├── base.py # 基础配置
│ │ ├── development.py # 开发环境
│ │ ├── production.py # 生产环境
│ │ └── testing.py # 测试环境
│ ├── urls.py # 项目路由
│ └── wsgi.py # WSGI入口
├── docs/ # 项目文档
├── scripts/ # 部署脚本
├── requirements/ # 依赖管理
│ ├── base.txt # 基础依赖
│ ├── development.txt # 开发依赖
│ └── production.txt # 生产依赖
├── .env.example # 环境变量模板
├── .gitignore
├── Dockerfile
├── docker-compose.yml
├── manage.py
└── README.md
为什么这样设计:
- 严格分离关注点(SoC)
- 支持多环境配置
- 便于团队协作
- 符合12-Factor应用原则
3.3 企业级ORM最佳实践
3.3.1 避免N+1查询问题
# 错误做法:N+1查询
def get_users_with_posts():
users = User.objects.all()
for user in users:
print(user.posts.count()) # 每次循环都会触发一次查询
# 正确做法:使用prefetch_related
def get_users_with_posts_optimized():
users = User.objects.prefetch_related('posts')
for user in users:
print(user.posts.count()) # 只需2次查询
企业级解决方案:
# apps/users/services.py
from django.db.models import Prefetch, Count
from .models import User, Post
class UserService:
@staticmethod
def get_active_users_with_post_count():
"""
获取活跃用户及其文章数量(企业级实现)
1. 使用select_related/prefetch_related优化查询
2. 添加业务过滤条件
3. 返回可序列化的数据结构
"""
# 优化查询:1次查询获取所有数据
users = User.objects.filter(
is_active=True,
date_joined__gte=timezone.now() - timedelta(days=365)
).annotate(
post_count=Count('posts')
).prefetch_related(
Prefetch(
'posts',
queryset=Post.objects.filter(is_published=True),
to_attr='published_posts'
)
).order_by('-date_joined')
# 业务逻辑处理
result = []
for user in users:
result.append({
'id': user.id,
'username': user.username,
'email': user.email,
'post_count': user.post_count,
'latest_post': user.published_posts[0].title if user.published_posts else None
})
return result
3.3.2 数据库事务管理
# apps/users/services.py
from django.db import transaction
from django.db.models import F
class UserService:
@staticmethod
@transaction.atomic
def transfer_points(from_user_id, to_user_id, points):
"""
企业级事务处理:用户积分转账
- 原子性操作
- 乐观锁防止超卖
"""
# 使用select_for_update实现行级锁
from_user = User.objects.select_for_update().get(id=from_user_id)
to_user = User.objects.select_for_update().get(id=to_user_id)
if from_user.points < points:
raise ValueError("积分不足")
# 更新积分(使用F表达式避免竞态条件)
from_user.points = F('points') - points
to_user.points = F('points') + points
# 保存更新
from_user.save(update_fields=['points'])
to_user.save(update_fields=['points'])
# 记录交易日志
PointTransaction.objects.create(
from_user=from_user,
to_user=to_user,
points=points,
transaction_type='TRANSFER'
)
return True
3.4 企业级RESTful API开发
3.4.1 Django REST Framework核心组件
# apps/users/serializers.py
from rest_framework import serializers
from .models import User, Profile
class UserRegistrationSerializer(serializers.ModelSerializer):
"""用户注册序列化器(企业级实现)"""
password = serializers.CharField(
write_only=True,
min_length=8,
style={'input_type': 'password'}
)
confirm_password = serializers.CharField(
write_only=True,
style={'input_type': 'password'}
)
class Meta:
model = User
fields = ('id', 'username', 'email', 'password', 'confirm_password')
extra_kwargs = {
'id': {'read_only': True}
}
def validate(self, data):
"""企业级数据验证"""
if data['password'] != data['confirm_password']:
raise serializers.ValidationError("两次密码不一致")
# 检查密码强度
if not re.search(r'[A-Z]', data['password']):
raise serializers.ValidationError("密码必须包含大写字母")
if not re.search(r'[0-9]', data['password']):
raise serializers.ValidationError("密码必须包含数字")
return data
def create(self, validated_data):
"""企业级用户创建流程"""
validated_data.pop('confirm_password')
password = validated_data.pop('password')
# 创建用户
user = User.objects.create_user(
username=validated_data['username'],
email=validated_data['email'],
password=password
)
# 发送欢迎邮件(异步)
from .tasks import send_welcome_email
send_welcome_email.delay(user.id)
# 创建分析事件
from analytics.utils import track_event
track_event(
user=user,
event_type='user_registered',
properties={'source': 'web'}
)
return user
# apps/users/views.py
from rest_framework import viewsets, status
from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response
from rest_framework.decorators import action
from .models import User
from .serializers import UserRegistrationSerializer, UserSerializer
from .services import UserService
class UserViewSet(viewsets.ModelViewSet):
"""企业级用户API视图集"""
queryset = User.objects.all()
serializer_class = UserSerializer
permission_classes = [IsAuthenticated]
def get_queryset(self):
"""企业级查询集过滤"""
queryset = super().get_queryset()
# 仅管理员可查看所有用户
if not self.request.user.is_staff:
queryset = queryset.filter(id=self.request.user.id)
# 支持按用户名搜索
username = self.request.query_params.get('username')
if username:
queryset = queryset.filter(username__icontains=username)
return queryset
@action(detail=False, methods=['post'], permission_classes=[])
def register(self, request):
"""用户注册API(无认证要求)"""
serializer = UserRegistrationSerializer(data=request.data)
if serializer.is_valid():
user = serializer.save()
return Response(
UserSerializer(user).data,
status=status.HTTP_201_CREATED
)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
@action(detail=True, methods=['patch'])
def change_password(self, request, pk=None):
"""修改密码API(企业级安全实现)"""
user = self.get_object()
# 验证旧密码
old_password = request.data.get('old_password')
if not user.check_password(old_password):
return Response(
{'old_password': '旧密码错误'},
status=status.HTTP_400_BAD_REQUEST
)
# 验证新密码
new_password = request.data.get('new_password')
if len(new_password) < 8:
return Response(
{'new_password': '密码至少8位'},
status=status.HTTP_400_BAD_REQUEST
)
# 更新密码
user.set_password(new_password)
user.save()
# 使所有会话失效
from django.contrib.auth import update_session_auth_hash
update_session_auth_hash(request, user)
# 记录安全事件
from security.utils import log_security_event
log_security_event(
user=user,
event_type='password_changed',
ip_address=request.META.get('REMOTE_ADDR')
)
return Response({'status': '密码已更新'})
3.4.2 企业级API安全防护
# config/settings/production.py
# 生产环境安全配置
SECURE_HSTS_SECONDS = 31536000 # 一年
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True
SECURE_SSL_REDIRECT = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_BROWSER_XSS_FILTER = True
SECURE_CONTENT_TYPE_NOSNIFF = True
X_FRAME_OPTIONS = 'DENY'
# REST Framework安全配置
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_THROTTLE_CLASSES': (
'rest_framework.throttling.AnonRateThrottle',
'rest_framework.throttling.UserRateThrottle'
),
'DEFAULT_THROTTLE_RATES': {
'anon': '100/day',
'user': '1000/day',
'login': '5/hour',
'register': '3/hour'
},
'DEFAULT_RENDERER_CLASSES': (
'rest_framework.renderers.JSONRenderer',
),
'EXCEPTION_HANDLER': 'config.exceptions.custom_exception_handler'
}
# apps/users/throttling.py
from rest_framework.throttling import SimpleRateThrottle
class LoginRateThrottle(SimpleRateThrottle):
"""企业级登录限流(防暴力破解)"""
scope = 'login'
def get_cache_key(self, request, view):
# 按IP和用户名组合限流
ident = f"{request.META.get('REMOTE_ADDR')}:{request.data.get('username', '')}"
return self.cache_format % {
'scope': self.scope,
'ident': ident
}
# config/exceptions.py
from rest_framework.views import exception_handler
from rest_framework.exceptions import AuthenticationFailed
def custom_exception_handler(exc, context):
"""企业级异常处理(统一格式+安全过滤)"""
# 调用默认处理程序
response = exception_handler(exc, context)
# 添加企业级错误代码
if response is not None:
response.data['error_code'] = type(exc).__name__
# 安全过滤:隐藏敏感信息
if isinstance(exc, AuthenticationFailed):
response.data = {
'error': '认证失败',
'error_code': 'AUTHENTICATION_FAILED',
'detail': '用户名或密码错误'
}
# 添加请求ID便于追踪
response.data['request_id'] = context['request'].META.get('X-Request-ID', '')
return response
3.5 企业级测试策略
3.5.1 测试金字塔与Django实践
pie
title 测试类型分布(企业级项目)
"单元测试" : 70
"集成测试" : 20
"端到端测试" : 10
3.5.2 企业级测试代码示例
# apps/users/tests/test_services.py
import pytest
from django.utils import timezone
from datetime import timedelta
from apps.users.services import UserService
from apps.users.models import User, PointTransaction
@pytest.mark.django_db
class TestUserService:
"""企业级服务层测试(模拟真实业务场景)"""
def test_get_active_users_with_post_count(self, create_user, create_post):
# 创建测试数据
user1 = create_user(username="user1")
user2 = create_user(username="user2", is_active=False)
create_post(user=user1, is_published=True)
create_post(user=user1, is_published=True)
create_post(user=user2, is_published=True)
# 调用服务
result = UserService.get_active_users_with_post_count()
# 验证结果
assert len(result) == 1
assert result[0]['username'] == "user1"
assert result[0]['post_count'] == 2
assert result[0]['latest_post'] is not None
@pytest.mark.django_db(transaction=True)
def test_transfer_points_success(self, create_user):
"""积分转账成功场景测试(事务测试)"""
from_user = create_user(username="from", points=100)
to_user = create_user(username="to", points=50)
# 执行转账
UserService.transfer_points(from_user.id, to_user.id, 30)
# 验证结果
from_user.refresh_from_db()
to_user.refresh_from_db()
assert from_user.points == 70
assert to_user.points == 80
assert PointTransaction.objects.count() == 1
@pytest.mark.django_db(transaction=True)
def test_transfer_points_insufficient_funds(self, create_user):
"""积分不足场景测试(异常处理)"""
from_user = create_user(username="from", points=20)
to_user = create_user(username="to", points=50)
# 验证异常
with pytest.raises(ValueError, match="积分不足"):
UserService.transfer_points(from_user.id, to_user.id, 30)
# 验证事务回滚
from_user.refresh_from_db()
to_user.refresh_from_db()
assert from_user.points == 20
assert to_user.points == 50
assert PointTransaction.objects.count() == 0
# apps/users/tests/conftest.py
"""测试夹具(企业级测试基础设施)"""
import pytest
from django.contrib.auth import get_user_model
from apps.users.models import Profile
User = get_user_model()
@pytest.fixture
def create_user(db):
"""创建用户的工厂函数"""
def _create_user(**kwargs):
user = User.objects.create_user(
username=kwargs.get('username', 'testuser'),
email=kwargs.get('email', 'test@example.com'),
password=kwargs.get('password', 'testpass123'),
is_active=kwargs.get('is_active', True)
)
# 创建关联Profile
Profile.objects.create(
user=user,
bio=kwargs.get('bio', 'Test bio'),
birth_date=kwargs.get('birth_date')
)
return user
return _create_user
@pytest.fixture
def create_post(db, create_user):
"""创建文章的工厂函数"""
def _create_post(**kwargs):
user = kwargs.get('user') or create_user()
return Post.objects.create(
user=user,
title=kwargs.get('title', 'Test Post'),
content=kwargs.get('content', 'Test content'),
is_published=kwargs.get('is_published', True)
)
return _create_post
3.5.3 企业级测试报告与覆盖率
# 运行测试并生成覆盖率报告
pytest --cov=apps --cov-report=html --cov-config=.coveragerc
# .coveragerc 配置文件
[run]
source = apps
omit =
*/migrations/*
*/tests/*
*/admin.py
*/__init__.py
*/settings/*
[report]
show_missing = True
precision = 2
exclude_lines =
pragma: no cover
def __repr__
raise AssertionError
raise NotImplementedError
if __name__ == .__main__.
企业级测试标准:
- 单元测试覆盖率 ≥ 80%
- 关键业务逻辑覆盖率 100%
- 每次PR必须通过所有测试
- 测试执行时间 < 5分钟
四、FastAPI企业级开发实战
4.1 为什么企业选择FastAPI?
- 高性能:基于Starlette和Pydantic,性能接近Node.js和Go
- 类型安全:原生支持Python类型注解,自动数据验证
- API文档:自动生成OpenAPI和交互式文档(Swagger UI/ReDoc)
- 异步支持:原生支持async/await,适合I/O密集型应用
行业应用:Uber、Netflix、Microsoft等大型企业已采用FastAPI
4.2 企业级项目结构
fastapi-project/
├── app/
│ ├── core/ # 核心配置
│ │ ├── __init__.py
│ │ ├── config.py # 配置管理
│ │ ├── security.py # 安全相关
│ │ └── exceptions.py # 自定义异常
│ ├── api/ # API路由
│ │ ├── __init__.py
│ │ ├── v1/ # API版本控制
│ │ │ ├── __init__.py
│ │ │ ├── endpoints/
│ │ │ │ ├── __init__.py
│ │ │ │ ├── users.py
│ │ │ │ └── items.py
│ │ │ └── api.py # 版本化API路由器
│ ├── db/ # 数据库相关
│ │ ├── __init__.py
│ │ ├── base.py # 基础模型
│ │ ├── session.py # 数据库会话
│ │ └── repositories/ # 数据访问层
│ │ ├── __init__.py
│ │ ├── user.py
│ │ └── item.py
│ ├── schemas/ # Pydantic模型
│ │ ├── __init__.py
│ │ ├── user.py
│ │ └── item.py
│ ├── services/ # 业务逻辑
│ │ ├── __init__.py
│ │ ├── user.py
│ │ └── item.py
│ ├── utils/ # 工具函数
│ │ ├── __init__.py
│ │ ├── password.py
│ │ └── email.py
│ └── main.py # 应用入口
├── tests/ # 测试
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_users.py
│ └── test_items.py
├── .env.example
├── Dockerfile
├── docker-compose.yml
├── requirements.txt
└── README.md
4.3 企业级依赖注入系统
# app/core/security.py
from fastapi import Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer
from jose import JWTError, jwt
from pydantic import ValidationError
from typing import Optional, Generator
from sqlalchemy.orm import Session
from app.core.config import settings
from app.db.session import SessionLocal
from app.models.user import User
from app.schemas.token import TokenPayload
reusable_oauth2 = OAuth2PasswordBearer(
tokenUrl=f"{settings.API_V1_STR}/login/access-token"
)
def get_db() -> Generator:
"""企业级数据库会话管理(依赖项)"""
db = SessionLocal()
try:
yield db
finally:
db.close()
def get_current_user(
db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)
) -> User:
"""企业级用户认证(依赖项)"""
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM]
)
token_data = TokenPayload(**payload)
except (JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = db.query(User).get(token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
if not user.is_active:
raise HTTPException(status_code=400, detail="Inactive user")
return user
def get_current_active_superuser(
current_user: User = Depends(get_current_user),
) -> User:
"""企业级超级用户验证(依赖项)"""
if not current_user.is_superuser:
raise HTTPException(
status_code=400, detail="The user doesn't have enough privileges"
)
return current_user
4.4 企业级API开发实践
4.4.1 类型安全的API端点
# app/api/v1/endpoints/users.py
from typing import Any, List
from fastapi import APIRouter, Depends, HTTPException, status
from sqlalchemy.orm import Session
from app import crud, models, schemas
from app.api import deps
from app.core.config import settings
from app.utils import send_new_account_email
router = APIRouter()
@router.get("/", response_model=List[schemas.User])
def read_users(
db: Session = Depends(deps.get_db),
skip: int = 0,
limit: int = 100,
current_user: models.User = Depends(deps.get_current_active_superuser),
) -> Any:
"""
检索用户列表(仅限超级用户)
"""
users = crud.user.get_multi(db, skip=skip, limit=limit)
return users
@router.post("/", response_model=schemas.User, status_code=status.HTTP_201_CREATED)
def create_user(
*,
db: Session = Depends(deps.get_db),
user_in: schemas.UserCreate,
current_user: models.User = Depends(deps.get_current_active_superuser),
) -> Any:
"""
创建新用户(仅限超级用户)
"""
user = crud.user.get_by_email(db, email=user_in.email)
if user:
raise HTTPException(
status_code=400,
detail="The user with this email already exists in the system.",
)
user = crud.user.create(db, obj_in=user_in)
# 企业级功能:发送欢迎邮件(异步)
if settings.EMAILS_ENABLED and user_in.email:
send_new_account_email(
email_to=user_in.email,
username=user_in.email,
password=user_in.password
)
return user
@router.get("/me", response_model=schemas.User)
def read_user_me(
db: Session = Depends(deps.get_db),
current_user: models.User = Depends(deps.get_current_user),
) -> Any:
"""
获取当前用户信息
"""
return current_user
@router.put("/me", response_model=schemas.User)
def update_user_me(
*,
db: Session = Depends(deps.get_db),
password: str = Body(None),
full_name: str = Body(None),
email: str = Body(None),
current_user: models.User = Depends(deps.get_current_user),
) -> Any:
"""
更新当前用户信息
"""
current_user_data = jsonable_encoder(current_user)
user_in = schemas.UserUpdate(**current_user_data)
if password is not None:
user_in.password = password
if full_name is not None:
user_in.full_name = full_name
if email is not None:
user_in.email = email
user = crud.user.update(db, db_obj=current_user, obj_in=user_in)
return user
4.4.2 企业级错误处理
# app/core/exceptions.py
from fastapi import HTTPException, Request
from fastapi.responses import JSONResponse
from starlette.exceptions import HTTPException as StarletteHTTPException
from loguru import logger
async def http_error_handler(request: Request, exc: StarletteHTTPException):
"""企业级HTTP异常处理"""
logger.error(f"HTTP错误: {exc.status_code} - {exc.detail}")
return JSONResponse(
status_code=exc.status_code,
content={
"error": {
"code": exc.status_code,
"message": exc.detail,
"request_id": request.state.request_id
}
}
)
class APIError(Exception):
"""企业级API自定义异常基类"""
def __init__(self, message: str, code: int = 4000, status_code: int = 400):
self.message = message
self.code = code
self.status_code = status_code
super().__init__(self.message)
async def api_error_handler(request: Request, exc: APIError):
"""企业级API异常处理"""
logger.error(f"API错误: {exc.code} - {exc.message}")
return JSONResponse(
status_code=exc.status_code,
content={
"error": {
"code": exc.code,
"message": exc.message,
"request_id": request.state.request_id
}
}
)
# app/api/deps.py
def get_current_user(
db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)
) -> models.User:
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM]
)
token_data = TokenPayload(**payload)
except (JWTError, ValidationError):
# 企业级错误代码
raise APIError(
message="无法验证凭据",
code=4001,
status_code=status.HTTP_403_FORBIDDEN
)
user = crud.user.get(db, id=token_data.sub)
if not user:
raise APIError(
message="用户不存在",
code=4002,
status_code=404
)
if not user.is_active:
raise APIError(
message="用户已停用",
code=4003,
status_code=400
)
return user
4.5 企业级异步任务处理
4.5.1 Celery集成
# app/core/celery_app.py
from celery import Celery
from app.core.config import settings
celery_app = Celery(
"worker",
broker=settings.CELERY_BROKER_URL,
backend=settings.CELERY_RESULT_BACKEND
)
celery_app.conf.task_routes = {
"app.tasks.user.*": {"queue": "user"},
"app.tasks.email.*": {"queue": "email"},
"app.tasks.analytics.*": {"queue": "analytics"},
}
celery_app.conf.update(task_track_started=True)
if __name__ == "__main__":
celery_app.start()
4.5.2 企业级任务示例
# app/tasks/email.py
from celery import shared_task
from loguru import logger
from app.core.email import send_email
from app.core.config import settings
@shared_task(bind=True, max_retries=3, default_retry_delay=60)
def send_email_task(
self,
email_to: str,
subject: str,
html_content: str
):
"""
企业级邮件发送任务(带重试机制)
"""
try:
logger.info(f"发送邮件到 {email_to}")
return send_email(
email_to=email_to,
subject=subject,
html_content=html_content
)
except Exception as e:
logger.error(f"邮件发送失败: {str(e)}")
self.retry(exc=e)
@shared_task
def send_password_reset_email(email_to: str, token: str):
"""发送密码重置邮件"""
subject = f"{settings.PROJECT_NAME} - 密码重置"
server_host = settings.SERVER_HOST
link = f"{server_host}/reset-password?token={token}"
html_content = f"""
<p>请点击以下链接重置密码:</p>
<p><a href='{link}'>{link}</a></p>
<p>该链接有效期为 {settings.EMAIL_RESET_TOKEN_EXPIRE_HOURS} 小时</p>
"""
send_email_task.delay(
email_to=email_to,
subject=subject,
html_content=html_content
)
# app/api/v1/endpoints/password.py
from fastapi import APIRouter, Body, Depends, HTTPException
from starlette import status
from app import crud
from app.api import deps
from app.core.config import settings
from app.core.security import generate_password_reset_token
from app.tasks.email import send_password_reset_email
from app.models.user import User
router = APIRouter()
@router.post("/recover-password/{email}", status_code=status.HTTP_202_ACCEPTED)
def recover_password(
email: str,
db: Session = Depends(deps.get_db)
) -> Any:
"""
恢复密码(企业级实现)
- 验证邮箱存在
- 生成安全令牌
- 异步发送邮件
- 记录安全事件
"""
user = crud.user.get_by_email(db, email=email)
if not user:
# 为避免用户枚举,返回成功响应
return {"message": "如果该邮箱存在,我们将发送密码重置邮件"}
if not user.is_active:
raise HTTPException(
status_code=400,
detail="该用户已被停用"
)
# 生成密码重置令牌
password_reset_token = generate_password_reset_token(email=email)
# 异步发送邮件
send_password_reset_email(email_to=user.email, token=password_reset_token)
# 记录安全事件
logger.info(f"用户请求重置密码: {user.id}")
return {"message": "如果该邮箱存在,我们将发送密码重置邮件"}
五、企业级部署与DevOps实践
5.1 生产环境Docker化
5.1.1 企业级Dockerfile
# Dockerfile
# 多阶段构建 - 构建阶段
FROM python:3.10-slim as builder
# 设置工作目录
WORKDIR /app
# 复制依赖文件
COPY requirements.txt .
# 安装构建依赖
RUN apt-get update && apt-get install -y build-essential
# 安装生产依赖
RUN pip install --user --no-cache-dir -r requirements.txt
# 生产阶段
FROM python:3.10-slim
# 设置环境变量
ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1
ENV PYTHONPATH /app
# 创建非root用户
RUN useradd -m
扫一扫
71万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
