2025-07-09 22:44:18 +08:00
|
|
|
from flask import Blueprint, request, jsonify
|
|
|
|
|
from flask_jwt_extended import jwt_required, get_jwt_identity
|
|
|
|
|
from models import User
|
2025-07-10 10:02:51 +08:00
|
|
|
from database import db
|
2025-07-09 22:44:18 +08:00
|
|
|
|
|
|
|
|
users_bp = Blueprint('users', __name__)
|
|
|
|
|
|
|
|
|
|
@users_bp.route('', methods=['GET'])
|
|
|
|
|
@jwt_required()
|
|
|
|
|
def get_users():
|
|
|
|
|
users = User.query.all()
|
|
|
|
|
result = []
|
|
|
|
|
|
|
|
|
|
for user in users:
|
|
|
|
|
result.append({
|
|
|
|
|
'id': user.id,
|
|
|
|
|
'username': user.username,
|
|
|
|
|
'realName': user.real_name,
|
|
|
|
|
'email': user.email,
|
|
|
|
|
'role': user.role,
|
|
|
|
|
'status': user.status,
|
|
|
|
|
'permissions': user.get_permissions(),
|
|
|
|
|
'createdAt': user.created_at.strftime('%Y-%m-%d %H:%M:%S')
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
return jsonify(result)
|
|
|
|
|
|
|
|
|
|
@users_bp.route('', methods=['POST'])
|
|
|
|
|
@jwt_required()
|
|
|
|
|
def create_user():
|
|
|
|
|
data = request.get_json()
|
|
|
|
|
|
|
|
|
|
# 检查用户名是否已存在
|
|
|
|
|
if User.query.filter_by(username=data['username']).first():
|
|
|
|
|
return jsonify({'message': '用户名已存在'}), 400
|
|
|
|
|
|
|
|
|
|
user = User(
|
|
|
|
|
username=data['username'],
|
|
|
|
|
real_name=data['realName'],
|
|
|
|
|
email=data.get('email', ''),
|
|
|
|
|
role=data['role']
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
user.set_password(data['password'])
|
|
|
|
|
user.set_permissions(data.get('permissions', []))
|
|
|
|
|
|
|
|
|
|
db.session.add(user)
|
|
|
|
|
db.session.commit()
|
|
|
|
|
|
|
|
|
|
return jsonify({'message': '用户创建成功', 'id': user.id}), 201
|
|
|
|
|
|
|
|
|
|
@users_bp.route('/<int:user_id>', methods=['GET'])
|
|
|
|
|
@jwt_required()
|
|
|
|
|
def get_user(user_id):
|
|
|
|
|
user = User.query.get_or_404(user_id)
|
|
|
|
|
|
|
|
|
|
return jsonify({
|
|
|
|
|
'id': user.id,
|
|
|
|
|
'username': user.username,
|
|
|
|
|
'realName': user.real_name,
|
|
|
|
|
'email': user.email,
|
|
|
|
|
'role': user.role,
|
|
|
|
|
'status': user.status,
|
|
|
|
|
'permissions': user.get_permissions(),
|
|
|
|
|
'createdAt': user.created_at.strftime('%Y-%m-%d %H:%M:%S')
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
@users_bp.route('/<int:user_id>', methods=['PUT'])
|
|
|
|
|
@jwt_required()
|
|
|
|
|
def update_user(user_id):
|
|
|
|
|
user = User.query.get_or_404(user_id)
|
|
|
|
|
data = request.get_json()
|
|
|
|
|
|
|
|
|
|
user.real_name = data.get('realName', user.real_name)
|
|
|
|
|
user.email = data.get('email', user.email)
|
|
|
|
|
user.role = data.get('role', user.role)
|
|
|
|
|
user.status = data.get('status', user.status)
|
|
|
|
|
|
|
|
|
|
if 'permissions' in data:
|
|
|
|
|
user.set_permissions(data['permissions'])
|
|
|
|
|
|
|
|
|
|
# 如果提供了新密码,则更新密码
|
|
|
|
|
if 'password' in data and data['password']:
|
|
|
|
|
user.set_password(data['password'])
|
|
|
|
|
|
|
|
|
|
db.session.commit()
|
|
|
|
|
|
|
|
|
|
return jsonify({'message': '用户更新成功'})
|
|
|
|
|
|
|
|
|
|
@users_bp.route('/<int:user_id>', methods=['DELETE'])
|
|
|
|
|
@jwt_required()
|
|
|
|
|
def delete_user(user_id):
|
|
|
|
|
current_user_id = get_jwt_identity()
|
|
|
|
|
|
|
|
|
|
# 不能删除自己
|
|
|
|
|
if user_id == current_user_id:
|
|
|
|
|
return jsonify({'message': '不能删除自己的账户'}), 400
|
|
|
|
|
|
|
|
|
|
user = User.query.get_or_404(user_id)
|
|
|
|
|
db.session.delete(user)
|
|
|
|
|
db.session.commit()
|
|
|
|
|
|
|
|
|
|
return jsonify({'message': '用户删除成功'})
|
|
|
|
|
|
|
|
|
|
@users_bp.route('/<int:user_id>/reset-password', methods=['POST'])
|
|
|
|
|
@jwt_required()
|
|
|
|
|
def reset_password(user_id):
|
|
|
|
|
user = User.query.get_or_404(user_id)
|
|
|
|
|
data = request.get_json()
|
|
|
|
|
|
|
|
|
|
new_password = data.get('newPassword')
|
|
|
|
|
if not new_password:
|
|
|
|
|
return jsonify({'message': '新密码不能为空'}), 400
|
|
|
|
|
|
|
|
|
|
user.set_password(new_password)
|
|
|
|
|
db.session.commit()
|
|
|
|
|
|
|
|
|
|
return jsonify({'message': '密码重置成功'})
|
