From 1511faecdeaa5f4fb266b05065c0ff3967012c90 Mon Sep 17 00:00:00 2001 From: wangsiyuan <2392948297@qq.com> Date: Mon, 25 Dec 2023 20:40:39 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=20views.py?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/views.py | 40 +++++++++++++++++++++++++++------------- 1 file changed, 27 insertions(+), 13 deletions(-) diff --git a/app/views.py b/app/views.py index 35fd0f3..8ed06bc 100644 --- a/app/views.py +++ b/app/views.py @@ -50,13 +50,20 @@ def login(): phone_number = request.form['username'] password = request.form['password'] db_manager = DatabaseManager() - # 验证用户名和密码... - if db_manager.valid_login(phone_number, password): + + result = db_manager.valid_login(phone_number, password) # 获取验证结果 + + # 确保用户已验证且活跃(未被禁用) + if result['valid'] and result['status'] == 1: # 登录成功 session['username'] = phone_number + session['role'] = result['identity'] # 设置用户角色 return jsonify(success=True, message="登录成功") + elif not result['status']: + # 用户被禁用的情况 + return jsonify(success=False, message="账户已被禁用") else: - # 登录失败 + # 其他登录失败情况 return jsonify(success=False, message="无效的用户名或密码") @@ -76,22 +83,29 @@ def home(): @app.route('/logout') def logout(): # 清除session中的所有信息 - session.clear() + session.pop('username', None) # 从会话中移除用户 # 返回一个响应,或者重定向到登录页面 return redirect('/login') @app.route('/api/menu') def get_menu(): - # 根据用户角色或其他逻辑获取菜单项 - menu_items = [ - {"name": "课程信息", "link": "#"}, - {"name": "课程签到", "link": "#"}, - {"name": "公告信息", "link": "#"}, - {"name": "签到提醒", "link": "#"}, - # ... 其他菜单项 - ] - return jsonify(menu_items) + db_manager = DatabaseManager() + + # 从session中获取用户角色 + if 'role' in session: + role = session['role'] + menu_items = db_manager.get_meun(role) + + # 转换菜单项为期望的格式并返回 + print(menu_items) + formatted_menu_items = [{"name": item['menu_name']} for item in menu_items] + return jsonify(formatted_menu_items) + + # 如果没有角色信息,可能用户未登录或session过期 + return jsonify([]), 401 # 未授权状态码 + + if __name__ == '__main__':