更新 mysql.sql

更新 database_manager.py
更新 views.py
2023-12-25 20:40:43 +08:00 · 2023-12-25 20:40:41 +08:00 · 2023-12-25 20:40:39 +08:00 · 2023-12-25 20:40:37 +08:00 · 2023-12-25 20:40:34 +08:00
5 changed files with 50 additions and 36 deletions
--- a/app/templates/home.html
+++ b/app/templates/home.html
@ -6,11 +6,9 @@
    <meta name="renderer" content="webkit"/>
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/>
    <meta name="viewport" content="width=device-width, initial-scale=1"/>
-    <link
+    <link href="static/css/layui.css" rel="stylesheet"/>
            href="//cdn.staticfile.org/layui/2.9.2/css/layui.css"
            rel="stylesheet"
    />
 </head>
 <body>
 <div class="layui-layout layui-layout-admin">
    <div class="layui-header">
@ -39,7 +37,7 @@
    </div>
    <div class="layui-side layui-bg-black">
        <div class="layui-side-scroll">
-            <!-- 左侧导航区域（可配合layui已有的垂直导航） -->
+            <!-- 动态加载菜单栏 -->
            <ul class="layui-nav layui-nav-tree" lay-filter="test">
            </ul>
        </div>
--- a/app/templates/login.html
+++ b/app/templates/login.html
@ -87,7 +87,5 @@
        });
    });
 </script>
 </body>
 </html>
--- a/app/views.py
+++ b/app/views.py
@ -50,13 +50,20 @@ def login():
        phone_number = request.form['username']
        password = request.form['password']
        db_manager = DatabaseManager()
-        # 验证用户名和密码...
+
-        if db_manager.valid_login(phone_number, password):
+        result = db_manager.valid_login(phone_number, password)  # 获取验证结果
        # 确保用户已验证且活跃（未被禁用）
        if result['valid'] and result['status'] == 1:
            # 登录成功
            session['username'] = phone_number
            session['role'] = result['identity']  # 设置用户角色
            return jsonify(success=True, message="登录成功")
        elif not result['status']:
            # 用户被禁用的情况
            return jsonify(success=False, message="账户已被禁用")
        else:
-            # 登录失败
+            # 其他登录失败情况
            return jsonify(success=False, message="无效的用户名或密码")
@ -76,22 +83,29 @@ def home():
@app.route('/logout')
 def logout():
    # 清除session中的所有信息
-    session.clear()
+    session.pop('username', None)  # 从会话中移除用户
    # 返回一个响应，或者重定向到登录页面
    return redirect('/login')
@app.route('/api/menu')
 def get_menu():
-    # 根据用户角色或其他逻辑获取菜单项
+    db_manager = DatabaseManager()
-    menu_items = [
+
-        {"name": "课程信息", "link": "#"},
+    # 从session中获取用户角色
-        {"name": "课程签到", "link": "#"},
+    if 'role' in session:
-        {"name": "公告信息", "link": "#"},
+        role = session['role']
-        {"name": "签到提醒", "link": "#"},
+        menu_items = db_manager.get_meun(role)
-        # ... 其他菜单项
+
-    ]
+        # 转换菜单项为期望的格式并返回
-    return jsonify(menu_items)
+        print(menu_items)
        formatted_menu_items = [{"name": item['menu_name']} for item in menu_items]
        return jsonify(formatted_menu_items)
    # 如果没有角色信息，可能用户未登录或session过期
    return jsonify([]), 401  # 未授权状态码
 if __name__ == '__main__':
--- a/db/database_manager.py
+++ b/db/database_manager.py
@ -2,6 +2,7 @@ import pymysql
 from db.connection import MySQLPool
 import bcrypt
 class DatabaseManager:
    def __init__(self):
        # 使用MySQLPool初始化数据库连接池
@ -44,12 +45,23 @@ class DatabaseManager:
        return self.execute(sql, data)
    def valid_login(self, phone_number, password_attempt):
-        # SQL查询获取用户的哈希密码
+        # SQL查询获取用户的哈希密码，身份和状态
-        sql = "SELECT password FROM user WHERE phone_number=%s LIMIT 1"
+        sql = "SELECT password, identity, status FROM user WHERE phone_number=%s LIMIT 1"
        result = self.fetch(sql, (phone_number,))
        if result:
            stored_hash = result[0]['password']  # 假设结果是密码字段
            identity = result[0]['identity']  # 用户身份
            status = result[0]['status']  # 用户状态
            # 使用bcrypt进行密码验证
            if bcrypt.checkpw(password_attempt.encode('utf-8'), stored_hash.encode('utf-8')):
-                return True  # 密码匹配，登录成功
+                # 密码匹配，返回登录成功，身份和状态
-        return False  # 密码不匹配或用户不存在，登录失败
+                return {'valid': True, 'identity': identity, 'status': status}
        # 密码不匹配或用户不存在，返回登录失败
        return {'valid': False}
    def get_meun(self, role):
        sql = "SELECT menu_name FROM menu_items WHERE role=%s ORDER BY `order`"
        result = self.fetch(sql, (role,))
        return result
--- a/mysql.sql
+++ b/mysql.sql
@ -4,20 +4,12 @@ CREATE TABLE user (
    phone_number VARCHAR(15) NOT NULL UNIQUE,
    password VARCHAR(255) NOT NULL,
    identity ENUM('teacher', 'student') NOT NULL,
-    is_active BOOLEAN NOT NULL
+    status BOOLEAN NOT NULL
 );
-INSERT INTO user (nickname, phone_number, password, identity, is_active) VALUES
+INSERT INTO user (nickname, phone_number, password, identity, status) VALUES
-('Alice', '10000000001', 'password1', 'student', TRUE),
+('Alice', '1', '$2b$12$okY88GrzlUHb/Ox1ENwtqeBUnE0bgMOCPy.UKmFaTnu3El7EYX8Em', 'student', TRUE);
-('Bob', '10000000002', 'password2', 'teacher', TRUE),
+
 ('Carol', '10000000003', 'password3', 'student', FALSE),
 ('David', '10000000004', 'password4', 'teacher', TRUE),
 ('Eve', '10000000005', 'password5', 'student', TRUE),
 ('Frank', '10000000006', 'password6', 'teacher', FALSE),
 ('Grace', '10000000007', 'password7', 'student', TRUE),
 ('Hank', '10000000008', 'password8', 'teacher', TRUE),
 ('Ivy', '10000000009', 'password9', 'student', FALSE),
 ('Jack', '10000000010', 'password10', 'teacher', TRUE);
 CREATE TABLE menu_items (
Author	SHA1	Message	Date
wangsiyuan	50dc888339	更新 mysql.sql	2023-12-25 20:40:43 +08:00
wangsiyuan	c180dad115	更新 database_manager.py	2023-12-25 20:40:41 +08:00
wangsiyuan	1511faecde	更新 views.py	2023-12-25 20:40:39 +08:00
wangsiyuan	8cda76cc65	更新 login.html	2023-12-25 20:40:37 +08:00
wangsiyuan	83350552a5	更新 home.html	2023-12-25 20:40:34 +08:00