from flask import Flask, request, redirect, url_for, render_template, session, jsonify from db.connection import MySQLPool from config import SECRET_KEY from db.database_manager import DatabaseManager from models.User import User app = Flask(__name__, static_folder='static') app.secret_key = SECRET_KEY # 从配置文件设置 # 一个全局MySQLPool对象,用于管理数据库连接 mysql_pool = MySQLPool() @app.route('/') def index(): # 如果用户已登录,则重定向到主页;否则,重定向到登录页面 if 'username' in session: return redirect(url_for('home')) else: return render_template('login.html') @app.route('/register', methods=['GET', 'POST']) def register(): if request.method == 'POST': data = request.get_json() # print(data) user = User( nickname=data.get('nickname'), phone_number=data.get('cellphone'), # 确保JSON中的键和这里匹配 password=data.get('password'), identity=data.get('identity'), is_active=True # 或者根据你的逻辑设置 ) db_manager = DatabaseManager() if not db_manager.user_exists(user.phone_number): db_manager.insert_user(user) return jsonify({"success": True, "message": "注册成功"}) else: return jsonify({"success": False, "message": "用户已存在"}) else: return render_template('register.html') @app.route('/login', methods=['GET', 'POST']) def login(): if request.method == 'GET': return render_template('login.html') else: phone_number = request.form['username'] password = request.form['password'] db_manager = DatabaseManager() result = db_manager.valid_login(phone_number, password) # 获取验证结果 # 确保用户已验证且活跃(未被禁用) if result['valid'] and result['status'] == 1: # 登录成功 session['username'] = phone_number session['role'] = result['identity'] # 设置用户角色 session['nickname'] = result['nickname'] return jsonify(success=True, message="登录成功") elif not result['status']: # 用户被禁用的情况 return jsonify(success=False, message="账户已被禁用") else: # 其他登录失败情况 return jsonify(success=False, message="无效的用户名或密码") @app.route('/forget', methods=['GET', 'POST']) def forget_page(): return render_template('forget.html') @app.route('/home') def home(): if 'username' in session: return render_template('home.html') else: return redirect("login") @app.route('/logout') def logout(): # 清除session中的所有信息 session.pop('username', None) # 从会话中移除用户 # 返回一个响应,或者重定向到登录页面 return redirect('/login') @app.route('/api/menu') def get_menu(): db_manager = DatabaseManager() # 从session中获取用户角色 if 'role' in session: role = session['role'] menu_items = db_manager.get_meun(role) # 转换菜单项为期望的格式并返回 print(menu_items) formatted_menu_items = [{"name": item['menu_name']} for item in menu_items] return jsonify(formatted_menu_items) # 如果没有角色信息,可能用户未登录或session过期 return jsonify([]), 401 # 未授权状态码 @app.route('/profile', methods=['GET', 'POST']) def profile(): if request.method == 'POST': # 从表单获取数据 nickname = request.form['nickname'] avatar = request.files['avatar'] # 处理头像和昵称更新逻辑 # ... return "资料更新成功" # 或者重定向到其他页面 # 如果是GET请求,显示表单页面 return render_template('profile.html') # 确保这里渲染的是包含上面表单的HTML页面 if __name__ == '__main__': app.run(debug=True)