SQLer是一個微型http服務器,用Go語言編寫,將舊的CGI概念應用於SQL查詢。SQLer允許編寫端點並分配一個SQL查詢,以便任何人點擊它時能執行查詢。此外SQLer還允許自定義驗證規則,可驗證請求正文或查詢參數。SQLer使用nginx樣式配置語言(HCL)。
SQLer功能
- 無需依賴,可獨立使用;
- 支持多種數據可類型,包括:SQL Server, MYSQL, SQLITE, PostgreSQL, Cockroachdb等;
- 內置RESTful服務器;
- 內置RESP Redis協議,可以使用任何redis客戶端連接到SQLer;
- 內置Javascript解釋器,可輕鬆轉換結果;
- 內置驗證器;
- 自動使用預備語句;
- 使用(HCL)配置語言;
- 可基於unix glob模式加載多個配置文件;
- 每條SQL查詢可被命名爲宏;
- 在每個宏內可使用
Go
text/template
; - 每個宏都有自己的Context(查詢參數+正文參數)作爲
.Input
(map [string] interface{}),而.Utils
是輔助函數列表,目前它只包含SQLEscape; - 可自定義授權程序,授權程序只是一個簡單的webhook,sqler使用這個webhook驗證是否應該完成某請求。
下載
配置概況
// create a macro/endpoint called "_boot",
// this macro is private "used within other macros"
// because it starts with "_".
// this rule only used within `RESTful` context.
_boot {
// the query we want to execute
exec = <<SQL
CREATE TABLE IF NOT EXISTS `users` (
`ID` INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
`name` VARCHAR(30) DEFAULT "@anonymous",
`email` VARCHAR(30) DEFAULT "@anonymous",
`password` VARCHAR(200) DEFAULT "",
`time` INT UNSIGNED
);
SQL
}
// adduser macro/endpoint, just hit `/adduser` with
// a `?user_name=&user_email=` or json `POST` request
// with the same fields.
adduser {
// what request method will this macro be called
// default: ["ANY"]
// this only used within `RESTful` context.
methods = ["POST"]
// authorizers,
// sqler will attempt to send the incoming authorization header
// to the provided endpoint(s) as `Authorization`,
// each endpoint MUST return `200 OK` so sqler can continue, other wise,
// sqler will break the request and return back the client with the error occurred.
// each authorizer has a method and a url.
// this only used within `RESTful` context.
authorizers = ["GET http://web.hook/api/authorize", "GET http://web.hook/api/allowed?roles=admin,root,super_admin"]
// the validation rules
// you can specify separated rules for each request method!
rules {
user_name = ["required"]
user_email = ["required", "email"]
user_password = ["required", "stringlength: 5,50"]
}
// the query to be executed
exec = <<SQL
{{ template "_boot" }}
/* let's bind a vars to be used within our internal prepared statement */
{{ .BindVar "name" .Input.user_name }}
{{ .BindVar "email" .Input.user_email }}
{{ .BindVar "emailx" .Input.user_email }}
INSERT INTO users(name, email, password, time) VALUES(
/* we added it above */
:name,
/* we added it above */
:email,
/* it will be secured anyway because it is encoded */
'{{ .Input.user_password | .Hash "bcrypt" }}',
/* generate a unix timestamp "seconds" */
{{ .UnixTime }}
);
SELECT * FROM users WHERE id = LAST_INSERT_ID();
SQL
}
// list all databases, and run a transformer function
databases {
exec = "SHOW DATABASES"
transformer = <<JS
// there is a global variable called `$result`,
// `$result` holds the result of the sql execution.
(function(){
newResult = []
for ( i in $result ) {
newResult.push($result[i].Database)
}
return newResult
})()
JS
}
支持的SQL引擎
- sqlite3
- mysql
- postgresql
- cockroachdb
- sqlserver
支持的 Util
.Hash <method>
- 使用指定的方法[md5,sha1,sha256,sha512,bcrypt]散列指定的輸入,{{ "data" | .Hash "md5" }}
;·.UnixTime
- 以秒爲單位返回unit時間,{{ .UnixTime }}
;.UnixNanoTime
- 以納秒爲單位返回unix時間,{{ .UnixNanoTime }}
;.Uniqid
- 返回唯一ID,{{ .Uniqid }}
。
協議
SQLer遵循 Apache 2.0協議。