This commit is contained in:
jeremygan2021
2026-03-20 16:18:58 +08:00
parent 3bdb055b83
commit 7caff4d72d
6 changed files with 312 additions and 31 deletions

43
main.py
View File

@@ -1234,6 +1234,49 @@ def add_user_api(user_data: AddUserRequest):
release_db_connection(conn)
return JSONResponse(content={"success": False, "message": f"添加失败: {str(e)}"}, status_code=500)
@app.post("/api/admin/login")
async def admin_login(request: Request):
"""
管理后台登录验证接口。
"""
try:
body = await request.json()
password = body.get('password', '')
secret = os.getenv("ADD_USER_SECRET", "123quant-speed")
if password == secret:
response = JSONResponse(content={"success": True, "message": "登录成功"})
response.set_cookie(
key="admin_auth",
value="true",
httponly=True,
max_age=60*60*24*7,
samesite="lax"
)
return response
else:
return JSONResponse(content={"success": False, "message": "密码错误"}, status_code=401)
except Exception as e:
return JSONResponse(content={"success": False, "message": str(e)}, status_code=500)
@app.get("/api/admin/check-auth")
async def check_admin_auth(request: Request):
"""
检查管理员是否已登录。
"""
auth_cookie = request.cookies.get("admin_auth")
return {"success": auth_cookie == "true", "authenticated": auth_cookie == "true"}
@app.post("/api/admin/logout")
async def admin_logout():
"""
管理员退出登录。
"""
response = JSONResponse(content={"success": True, "message": "已退出登录"})
response.delete_cookie("admin_auth")
return response
@app.get("/admin", response_class=HTMLResponse)
async def admin_page(request: Request):
"""