36 lines
977 B
Python
36 lines
977 B
Python
from flask import Blueprint, jsonify, request, session
|
|
|
|
from ..admin import verify_credentials, get_admin
|
|
|
|
bp = Blueprint("auth", __name__, url_prefix="/api/auth")
|
|
|
|
|
|
@bp.post("/login")
|
|
def login():
|
|
data = request.get_json(force=True, silent=True) or {}
|
|
username = (data.get("username") or "").strip()
|
|
password = data.get("password") or ""
|
|
if not username or not password:
|
|
return jsonify({"error": "用户名和密码必填"}), 400
|
|
|
|
if not verify_credentials(username, password):
|
|
return jsonify({"error": "用户名或密码错误"}), 401
|
|
|
|
session["user"] = username
|
|
return jsonify({"username": username})
|
|
|
|
|
|
@bp.post("/logout")
|
|
def logout():
|
|
session.clear()
|
|
return jsonify({"ok": True})
|
|
|
|
|
|
@bp.get("/me")
|
|
def me():
|
|
user = session.get("user")
|
|
if not user:
|
|
return jsonify({"error": "未登录"}), 401
|
|
admin = get_admin() or {}
|
|
return jsonify({"username": user, "role": "admin", "has_admin": bool(admin)})
|