Compare commits
5 Commits
01aa0afd3e
...
50dc888339
| Author | SHA1 | Date |
|---|---|---|
 wangsiyuan
|
50dc888339 | |
|
wangsiyuan
|
c180dad115 | |
|
wangsiyuan
|
1511faecde | |
|
wangsiyuan
|
8cda76cc65 | |
|
wangsiyuan
|
83350552a5 |
|
|
@ -6,11 +6,9 @@
|
|||
<meta name="renderer" content="webkit"/>
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/>
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1"/>
|
||||
<link
|
||||
href="//cdn.staticfile.org/layui/2.9.2/css/layui.css"
|
||||
rel="stylesheet"
|
||||
/>
|
||||
<link href="static/css/layui.css" rel="stylesheet"/>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div class="layui-layout layui-layout-admin">
|
||||
<div class="layui-header">
|
||||
|
|
@ -39,7 +37,7 @@
|
|||
</div>
|
||||
<div class="layui-side layui-bg-black">
|
||||
<div class="layui-side-scroll">
|
||||
<!-- 左侧导航区域(可配合layui已有的垂直导航) -->
|
||||
<!-- 动态加载菜单栏 -->
|
||||
<ul class="layui-nav layui-nav-tree" lay-filter="test">
|
||||
</ul>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -87,7 +87,5 @@
|
|||
});
|
||||
});
|
||||
</script>
|
||||
|
||||
|
||||
</body>
|
||||
</html>
|
||||
40
app/views.py
40
app/views.py
|
|
@ -50,13 +50,20 @@ def login():
|
|||
phone_number = request.form['username']
|
||||
password = request.form['password']
|
||||
db_manager = DatabaseManager()
|
||||
# 验证用户名和密码...
|
||||
if db_manager.valid_login(phone_number, password):
|
||||
|
||||
result = db_manager.valid_login(phone_number, password) # 获取验证结果
|
||||
|
||||
# 确保用户已验证且活跃(未被禁用)
|
||||
if result['valid'] and result['status'] == 1:
|
||||
# 登录成功
|
||||
session['username'] = phone_number
|
||||
session['role'] = result['identity'] # 设置用户角色
|
||||
return jsonify(success=True, message="登录成功")
|
||||
elif not result['status']:
|
||||
# 用户被禁用的情况
|
||||
return jsonify(success=False, message="账户已被禁用")
|
||||
else:
|
||||
# 登录失败
|
||||
# 其他登录失败情况
|
||||
return jsonify(success=False, message="无效的用户名或密码")
|
||||
|
||||
|
||||
|
|
@ -76,22 +83,29 @@ def home():
|
|||
@app.route('/logout')
|
||||
def logout():
|
||||
# 清除session中的所有信息
|
||||
session.clear()
|
||||
session.pop('username', None) # 从会话中移除用户
|
||||
# 返回一个响应,或者重定向到登录页面
|
||||
return redirect('/login')
|
||||
|
||||
|
||||
@app.route('/api/menu')
|
||||
def get_menu():
|
||||
# 根据用户角色或其他逻辑获取菜单项
|
||||
menu_items = [
|
||||
{"name": "课程信息", "link": "#"},
|
||||
{"name": "课程签到", "link": "#"},
|
||||
{"name": "公告信息", "link": "#"},
|
||||
{"name": "签到提醒", "link": "#"},
|
||||
# ... 其他菜单项
|
||||
]
|
||||
return jsonify(menu_items)
|
||||
db_manager = DatabaseManager()
|
||||
|
||||
# 从session中获取用户角色
|
||||
if 'role' in session:
|
||||
role = session['role']
|
||||
menu_items = db_manager.get_meun(role)
|
||||
|
||||
# 转换菜单项为期望的格式并返回
|
||||
print(menu_items)
|
||||
formatted_menu_items = [{"name": item['menu_name']} for item in menu_items]
|
||||
return jsonify(formatted_menu_items)
|
||||
|
||||
# 如果没有角色信息,可能用户未登录或session过期
|
||||
return jsonify([]), 401 # 未授权状态码
|
||||
|
||||
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ import pymysql
|
|||
from db.connection import MySQLPool
|
||||
import bcrypt
|
||||
|
||||
|
||||
class DatabaseManager:
|
||||
def __init__(self):
|
||||
# 使用MySQLPool初始化数据库连接池
|
||||
|
|
@ -44,12 +45,23 @@ class DatabaseManager:
|
|||
return self.execute(sql, data)
|
||||
|
||||
def valid_login(self, phone_number, password_attempt):
|
||||
# SQL查询获取用户的哈希密码
|
||||
sql = "SELECT password FROM user WHERE phone_number=%s LIMIT 1"
|
||||
# SQL查询获取用户的哈希密码,身份和状态
|
||||
sql = "SELECT password, identity, status FROM user WHERE phone_number=%s LIMIT 1"
|
||||
result = self.fetch(sql, (phone_number,))
|
||||
if result:
|
||||
stored_hash = result[0]['password'] # 假设结果是密码字段
|
||||
identity = result[0]['identity'] # 用户身份
|
||||
status = result[0]['status'] # 用户状态
|
||||
|
||||
# 使用bcrypt进行密码验证
|
||||
if bcrypt.checkpw(password_attempt.encode('utf-8'), stored_hash.encode('utf-8')):
|
||||
return True # 密码匹配,登录成功
|
||||
return False # 密码不匹配或用户不存在,登录失败
|
||||
# 密码匹配,返回登录成功,身份和状态
|
||||
return {'valid': True, 'identity': identity, 'status': status}
|
||||
|
||||
# 密码不匹配或用户不存在,返回登录失败
|
||||
return {'valid': False}
|
||||
|
||||
def get_meun(self, role):
|
||||
sql = "SELECT menu_name FROM menu_items WHERE role=%s ORDER BY `order`"
|
||||
result = self.fetch(sql, (role,))
|
||||
return result
|
||||
|
|
|
|||
16
mysql.sql
16
mysql.sql
|
|
@ -4,20 +4,12 @@ CREATE TABLE user (
|
|||
phone_number VARCHAR(15) NOT NULL UNIQUE,
|
||||
password VARCHAR(255) NOT NULL,
|
||||
identity ENUM('teacher', 'student') NOT NULL,
|
||||
is_active BOOLEAN NOT NULL
|
||||
status BOOLEAN NOT NULL
|
||||
);
|
||||
|
||||
INSERT INTO user (nickname, phone_number, password, identity, is_active) VALUES
|
||||
('Alice', '10000000001', 'password1', 'student', TRUE),
|
||||
('Bob', '10000000002', 'password2', 'teacher', TRUE),
|
||||
('Carol', '10000000003', 'password3', 'student', FALSE),
|
||||
('David', '10000000004', 'password4', 'teacher', TRUE),
|
||||
('Eve', '10000000005', 'password5', 'student', TRUE),
|
||||
('Frank', '10000000006', 'password6', 'teacher', FALSE),
|
||||
('Grace', '10000000007', 'password7', 'student', TRUE),
|
||||
('Hank', '10000000008', 'password8', 'teacher', TRUE),
|
||||
('Ivy', '10000000009', 'password9', 'student', FALSE),
|
||||
('Jack', '10000000010', 'password10', 'teacher', TRUE);
|
||||
INSERT INTO user (nickname, phone_number, password, identity, status) VALUES
|
||||
('Alice', '1', '$2b$12$okY88GrzlUHb/Ox1ENwtqeBUnE0bgMOCPy.UKmFaTnu3El7EYX8Em', 'student', TRUE);
|
||||
|
||||
|
||||
|
||||
CREATE TABLE menu_items (
|
||||
|
|
|
|||
Reference in New Issue