new
This commit is contained in:
43
main.py
43
main.py
@@ -1234,6 +1234,49 @@ def add_user_api(user_data: AddUserRequest):
|
||||
release_db_connection(conn)
|
||||
return JSONResponse(content={"success": False, "message": f"添加失败: {str(e)}"}, status_code=500)
|
||||
|
||||
@app.post("/api/admin/login")
|
||||
async def admin_login(request: Request):
|
||||
"""
|
||||
管理后台登录验证接口。
|
||||
"""
|
||||
try:
|
||||
body = await request.json()
|
||||
password = body.get('password', '')
|
||||
|
||||
secret = os.getenv("ADD_USER_SECRET", "123quant-speed")
|
||||
|
||||
if password == secret:
|
||||
response = JSONResponse(content={"success": True, "message": "登录成功"})
|
||||
response.set_cookie(
|
||||
key="admin_auth",
|
||||
value="true",
|
||||
httponly=True,
|
||||
max_age=60*60*24*7,
|
||||
samesite="lax"
|
||||
)
|
||||
return response
|
||||
else:
|
||||
return JSONResponse(content={"success": False, "message": "密码错误"}, status_code=401)
|
||||
except Exception as e:
|
||||
return JSONResponse(content={"success": False, "message": str(e)}, status_code=500)
|
||||
|
||||
@app.get("/api/admin/check-auth")
|
||||
async def check_admin_auth(request: Request):
|
||||
"""
|
||||
检查管理员是否已登录。
|
||||
"""
|
||||
auth_cookie = request.cookies.get("admin_auth")
|
||||
return {"success": auth_cookie == "true", "authenticated": auth_cookie == "true"}
|
||||
|
||||
@app.post("/api/admin/logout")
|
||||
async def admin_logout():
|
||||
"""
|
||||
管理员退出登录。
|
||||
"""
|
||||
response = JSONResponse(content={"success": True, "message": "已退出登录"})
|
||||
response.delete_cookie("admin_auth")
|
||||
return response
|
||||
|
||||
@app.get("/admin", response_class=HTMLResponse)
|
||||
async def admin_page(request: Request):
|
||||
"""
|
||||
|
||||
Reference in New Issue
Block a user