Kamixitong/app/web/__init__.py

# 创建Web蓝图
from flask import Blueprint, render_template, request, redirect, url_for, session, flash, jsonify
from flask_login import login_user, logout_user, login_required, current_user
from app.models.admin import Admin
from app import db

web_bp = Blueprint('web', __name__)

@web_bp.route('/')
@login_required
def index():
    """首页"""
    return redirect(url_for('web.dashboard'))

@web_bp.route('/login', methods=['GET', 'POST'])
def login():
    """登录页面"""
    if request.method == 'POST':
        username = request.form.get('username', '').strip()
        password = request.form.get('password', '')

        print(f"DEBUG: Login attempt - Username: '{username}', Password: '{password}'")
        print(f"DEBUG: Password length: {len(password) if password else 0}")
        print(f"DEBUG: Password repr: {repr(password) if password else 'None'}")

        if not username or not password:
            flash('请输入用户名和密码', 'error')
            return render_template('login.html')

        # 查找用户
        admin = Admin.query.filter_by(username=username).first()
        print(f"DEBUG: Admin found: {admin.username if admin else 'None'} (ID: {admin.admin_id if admin else 'N/A'})")
        if admin:
            print(f"DEBUG: Admin details - Role: {admin.role}, Status: {admin.status}, Deleted: {admin.is_deleted}")
            password_check_result = admin.check_password(password)
            print(f"DEBUG: Password check: {password_check_result}")
            print(f"DEBUG: Active check: {admin.is_active}")
            print(f"DEBUG: All conditions: admin={bool(admin)}, password={password_check_result}, active={admin.is_active}")
        if admin and admin.check_password(password) and admin.is_active:
            print("DEBUG: Authentication successful")
            # 登录成功
            login_user(admin, remember=True)

            # 更新最后登录信息
            admin.update_last_login(request.remote_addr)

            # 生成简单的token（实际项目中应使用JWT）
            import secrets
            token = secrets.token_urlsafe(32)

            # 如果是AJAX请求，返回JSON
            if request.headers.get('X-Requested-With') == 'XMLHttpRequest':
                return jsonify({
                    'success': True,
                    'token': token,
                    'user': {
                        'username': admin.username,
                        'role': admin.role,
                        'is_super_admin': admin.is_super_admin()
                    },
                    'redirect': url_for('web.dashboard')
                })

            # 获取next参数
            next_page = request.args.get('next')
            print(f"DEBUG: Next page: {next_page}")
            if next_page:
                return redirect(next_page)
            return redirect(url_for('web.dashboard'))
        else:
            print("DEBUG: Authentication failed")
            flash('用户名或密码错误', 'error')

    return render_template('login.html')

@web_bp.route('/logout')
@login_required
def logout():
    """退出登录"""
    logout_user()
    flash('已退出登录', 'info')
    return redirect(url_for('web.login'))

@web_bp.route('/dashboard')
@login_required
def dashboard():
    """仪表板"""
    return render_template('dashboard.html')

@web_bp.route('/favicon.ico')
def favicon():
    """Favicon 处理 - 返回空响应避免404错误"""
    from flask import Response
    return Response(status=204)  # No Content

# 导入视图函数
from . import views