if not aid:
auth = Authority.query.filter_by(name=name).first()
if auth:
return jsonify(status_code.AUTHORITY_EXISTED)
auth = Authority()
auth.name = name
auth.add_update()
else:
auth = Authority.query.get(aid)
auth.name = name
auth.add_update()
res = status_code.SUCCESS
res['data'] = auth.to_dict()
return jsonify(res)
def delete(self, aid):
if aid:
auth = Authority.query.get(aid)
if not auth:
return jsonify(status_code.AUTHORITY_NOT_EXISTS)
auth.delete()
return jsonify(status_code.SUCCESS)
return jsonify(status_code.PARAMS_NOT_COMPLETE)
api.add_resource(AuthorityApi, '/api/authority/', '/api/authority/<int:aid>/')
if not all([args.get('username'), args.get('password')]):
return jsonify(status_code.USER_PARAMS_NOT_COMPLETE)
username = args.get('username')
password = args.get('password')
admin = Admin.query.filter_by(username=username,
password=password).first()
if not admin:
return {'code': 404, 'msg': '用户名或密码错误'}
session['admin_id'] = admin.id
session['admin_name'] = admin.name
return {'code': 200, 'msg': '认证成功', 'data': admin.to_dict()}
# 绑定url对应的Api类
api.add_resource(AuthApi, '/auth_api/authenticate/')
@auth_blueprint.route('/auth_list/')
def auth_list():
if request.method == 'GET':
return render_template('auth/permissions.html')
class AuthorityApi(Resource):
def get(self, aid=None):
if not aid:
pn = int(request.args.get('pn', 1))
ps = 10
# auths = Authority.query.all()
paginations = Authority.query.order_by('-create_time').paginate(
else:
if user.is_delete:
return jsonify(status_code.USER_DELETED)
else:
uid = user.id
appoint.start_time = sd
appoint.end_time = ed
appoint.user_id = uid
appoint.admin_id = adid
appoint.add_update()
return jsonify(status_code.SUCCESS)
except BaseException as e:
print(e)
return jsonify(status_code.DATABASE_ERROR)
def delete(self, apid=None):
if not apid:
return jsonify({'code': status_code.ERROR_CODE, 'msg': '请求参数错误'})
appoint = Appointment.query.filter(Appointment.id == apid).first()
if not appoint:
return jsonify(status_code.APPOINT_NOT_EXISTS)
try:
appoint.delete()
return jsonify(status_code.SUCCESS)
except BaseException as e:
print(e)
return jsonify(status_code.DATABASE_ERROR)
api.add_resource(AppointApi, '/api/appoint/', '/api/appoint/<int:apid>/')
except BaseException as e:
print(e)
return jsonify({'code': status_code.ERROR_CODE, 'msg': '上传图片失败'})
admin = Admin.query.filter(Admin.id == adid).first()
if not admin:
return jsonify(status_code.ADMIN_NOT_EXISTS)
try:
admin.avatar = 'avatar/' + file_name
admin.add_update()
return jsonify(status_code.SUCCESS)
except BaseException as e:
print(e)
return jsonify(status_code.DATABASE_ERROR)
def delete(self, adid=None):
if not adid:
return jsonify({'code': status_code.ERROR_CODE, 'msg': '请求参数错误'})
admin = Admin.query.filter(Admin.id == adid).first()
if not admin:
return jsonify(status_code.ADMIN_NOT_EXISTS)
try:
admin.delete()
return jsonify(status_code.SUCCESS)
except BaseException as e:
print(e)
return jsonify(status_code.DATABASE_ERROR)
api.add_resource(AdminApi, '/api/admin/', '/api/admin/<int:adid>/')
from utils import status_code
from utils.exts import api
auth_blueprint = Blueprint('auth', __name__)
@auth_blueprint.route('/login/', methods=['GET'])
def login():
return render_template('login.html')
class AuthenticateApi(Resource):
def post(self):
username = request.form.get('username')
password = request.form.get('password')
if not all([username, password]):
return jsonify(status_code.PARAMS_NOT_COMPLETE)
admin = Admin.query.filter(Admin.username == username,
Admin.password == password).first()
if not admin:
return jsonify(status_code.LOGIN_AUTHENTICATE_FAILED)
session['aid'] = admin.id
res = status_code.SUCCESS
res['data'] = admin.to_dict()
return jsonify(res)
api.add_resource(AuthenticateApi, '/api/authenticate/')
def delete(self, aid):
if not aid:
return jsonify(status_code.PARAMS_NOT_COMPLETE)
try:
auth = Authority.query.filter(Authority.id == aid).first()
if not auth:
return jsonify(status_code.AUTHORITY_NOT_EXISTS)
auth.delete()
return jsonify(status_code.SUCCESS)
except BaseException as e:
print(e)
return jsonify(status_code.DATABASE_ERROR)
api.add_resource(AuthApi, '/api/auth/', '/api/auth/<int:aid>/')
class RoleApi(Resource):
def get(self, rid=None):
if rid == 0:
roles = Role.query.order_by('-create_time')
res = status_code.SUCCESS
res['data_list'] = [role.to_base_dict() for role in roles]
return jsonify(res)
if not rid:
pn = int(request.args.get('pn', 1))
ps = int(request.args.get('ps', 10))
counter = Role.query.count()
paginations = Role.query.order_by('-create_time').paginate(pn, ps)
if not rid:
role = Role.query.filter_by(name=name).first()
if role:
return jsonify(status_code.ROLE_EXISTED)
role = Role()
role.name = name
role.add_update()
else:
role = Role.query.get(rid)
role.name = name
role.add_update()
res = status_code.SUCCESS
res['data'] = role.to_dict()
return jsonify(res)
def delete(self, rid):
if rid:
role = Role.query.get(rid)
if not role:
return jsonify(status_code.ROLE_NOT_EXISTS)
role.delete()
return jsonify(status_code.SUCCESS)
return jsonify(status_code.PARAMS_NOT_COMPLETE)
api.add_resource(RoleApi, '/api/role/', '/api/role/<int:rid>/')
return jsonify(status_code.USER_NOT_EXISTS)
if user.is_delete:
return jsonify(status_code.USER_DELETED)
try:
user.name = name
user.phone = phone
user.email = email
user.address = address
# user.reason = reason
user.add_update()
return jsonify(status_code.SUCCESS)
except BaseException as e:
print(e)
return jsonify(status_code.DATABASE_ERROR)
def delete(self, uid=None):
if not uid:
return jsonify({'code': status_code.ERROR_CODE, 'msg': '请求参数错误'})
user = User.query.filter(User.id == uid).first()
if not user:
return jsonify(status_code.USER_NOT_EXISTS)
try:
user.delete()
return jsonify(status_code.SUCCESS)
except BaseException as e:
print(e)
return jsonify(status_code.DATABASE_ERROR)
api.add_resource(UserApi, '/api/user/', '/api/user/<int:uid>/')
if not gid:
grade = Grade.query.filter_by(name=name).first()
if grade:
return jsonify(status_code.GRADE_EXISTED)
grade = Grade()
grade.name = name
grade.add_update()
else:
grade = Grade.query.get(gid)
grade.name = name
grade.add_update()
res = status_code.SUCCESS
res['data'] = grade.to_dict()
return jsonify(res)
def delete(self, gid):
if gid:
role = Grade.query.get(gid)
if not role:
return jsonify(status_code.GRADE_NOT_EXISTS)
role.delete()
return jsonify(status_code.SUCCESS)
return jsonify(status_code.PARAMS_NOT_COMPLETE)
api.add_resource(GradeApi, '/api/grade/', '/api/grade/<int:gid>/')
if request.headers.environ.get('HTTP_X_FORWARDED_FOR'):
ip = request.headers.environ['HTTP_X_FORWARDED_FOR']
else:
ip = request.headers.environ['REMOTE_ADDR'] + ':' + str(
request.headers.environ['REMOTE_PORT'])
if not all([username, password]):
return jsonify({'code': status_code.ERROR_CODE, 'msg': '请求参数错误'})
admin = Admin.query.filter(Admin.username == username).first()
if not admin:
return jsonify(status_code.ADMIN_NOT_EXISTS)
if admin.is_delete:
return jsonify(status_code.ADMIN_ACCOUNT_DELETED)
if not admin.check_pwd(password):
return jsonify(status_code.ADMIN_AUTH_PASSWORD_ERROR)
try:
lr = LoginRecord()
lr.admin_id = admin.id
lr.login_ip = ip
lr.add_update()
session['adid'] = admin.id
return jsonify(status_code.SUCCESS)
except BaseException as e:
print(e)
return jsonify(status_code.ADMIN_LOGIN_RECORD_INSERT_ERROR)
api.add_resource(AuthApi, '/api/auth/')
if not sid:
stu = Student()
stu.name = name
stu.gender = gender
stu.grade_id = gid
stu.add_update()
else:
stu = Student.query.get(sid)
stu.name = name
stu.gender = gender
stu.grade_id = gid
stu.add_update()
res = status_code.SUCCESS
res['data'] = stu.to_dict()
return jsonify(res)
def delete(self, sid):
if sid:
stu = Student.query.get(sid)
if not stu:
return jsonify(status_code.STUDENT_NOT_EXISTS)
stu.delete()
return jsonify(status_code.SUCCESS)
return jsonify(status_code.PARAMS_NOT_COMPLETE)
api.add_resource(StudentApi, '/api/student/', '/api/student/<int:sid>/')
return jsonify(status_code.SUCCESS)
def patch(self, aid):
if not aid:
return jsonify(status_code.PARAMS_NOT_COMPLETE)
old_pwd = request.form.get('oldpwd')
new_pwd = request.form.get('newpwd')
re_pwd = request.form.get('repwd')
if not all([old_pwd, new_pwd, re_pwd]):
return jsonify(status_code.PARAMS_NOT_COMPLETE)
if new_pwd != re_pwd:
return jsonify(status_code.USER_TWICE_PASSWORD_DIFFERENT)
user = Admin.query.get(aid)
if not user:
return jsonify(status_code.USER_NOT_EXISTS)
if user.password != old_pwd:
return jsonify(status_code.USER_OLD_PASSWORD_ERROR)
user.password = new_pwd
user.add_update()
return jsonify(status_code.SUCCESS)
# 绑定url对应的Api类
api.add_resource(AuthApi, '/api/auth/', '/api/auth/<int:aid>/')