fix: csrf_token

2025-11-24 16:32:34 +08:00
parent e656487d6d
commit 91a9be0868
6 changed files with 34 additions and 12 deletions
--- a/app/init.py
+++ b/app/init.py
@@ -3,6 +3,7 @@ from flask_sqlalchemy import SQLAlchemy
 from flask_migrate import Migrate
 from flask_login import LoginManager
 from flask_session import Session
+from flask_wtf.csrf import CSRFProtect
 from config import config
 from flask_bootstrap import Bootstrap

@@ -11,6 +12,7 @@ db = SQLAlchemy()
 migrate = Migrate()
 login_manager = LoginManager()
 sess = Session()
+csrf = CSRFProtect()
 bootstrap = Bootstrap()
 # login_manager 的基本配置
 login_manager.login_view = 'auth.login' # 后面我们会创建一个叫 'auth' 的蓝图
@@ -31,11 +33,13 @@ def create_app(config_name='default'):
    migrate.init_app(app, db)
    login_manager.init_app(app)
    sess.init_app(app)
+    csrf.init_app(app)
    bootstrap.init_app(app)

    # 注册自定义过滤器
-    from .filters import translate_status
+    from .filters import translate_status, translate_reason
    app.jinja_env.filters['translate_status'] = translate_status
+    app.jinja_env.filters['translate_reason'] = translate_reason

    # 3. 注册蓝图 (Blueprint)
    # 后面我们会在这里添加蓝图
--- a/app/filters.py
+++ b/app/filters.py
@@ -22,6 +22,26 @@ STATUS_TRANSLATIONS = {
    'expired': '已过期'
 }

+REASON_TRANSLATIONS = {
+    'cheating': '作弊 (刷上传/下载)',
+    'trading': '账号交易/共享',
+    'spam': '发布垃圾/违禁信息',
+    'abusive': '辱骂/人身攻击',
+    'low_ratio': '分享率过低',
+    'hit_and_run': 'H&R (下载不做种)',
+    'fake_seeding': '假做种',
+    'multiple_accounts': '多账号/小号',
+    'account_sharing': '账号共享',
+    'reselling': '倒卖邀请',
+    'harassment': '骚扰他人',
+    'scamming': '诈骗行为',
+    'other': '其他 (请在描述中详述)'
+}
+
 def translate_status(status):
    """将英文状态翻译为中文"""
    return STATUS_TRANSLATIONS.get(status, status)
+
+def translate_reason(reason):
+    """将英文违规原因翻译为中文"""
+    return REASON_TRANSLATIONS.get(reason, reason)
--- a/app/forms.py
+++ b/app/forms.py
@@ -3,6 +3,7 @@ from wtforms import StringField, SubmitField, PasswordField, BooleanField, TextA
 from wtforms.validators import DataRequired, Length, Email, EqualTo, ValidationError, Optional, URL
 from .models import User
 from wtforms_sqlalchemy.fields import QuerySelectField
+from .filters import REASON_TRANSLATIONS

 def get_active_partner_sites():
    return PartnerSite.query.filter_by(is_active=True).order_by(PartnerSite.name)
@@ -56,14 +57,7 @@ class ReportForm(FlaskForm):
    )
    reason_category = SelectField(
        '举报原因分类',
-        choices=[
-            ('cheating', '作弊 (刷上传/下载)'),
-            ('trading', '账号交易/共享'),
-            ('spam', '发布垃圾/违禁信息'),
-            ('abusive', '辱骂/人身攻击'),
-            ('radio', '分享率过低'),
-            ('other', '其他 (请在描述中详述)')
-        ],
+        choices=[(k, v) for k, v in REASON_TRANSLATIONS.items()],
        validators=[DataRequired()]
    )
    description = TextAreaField(
--- a/app/templates/admin/report_detail.html
+++ b/app/templates/admin/report_detail.html
@@ -13,7 +13,7 @@
                    <li class="list-group-item"><strong>被举报邮箱:</strong> {{ report.reported_email }}</li>
                    <li class="list-group-item"><strong>被举报用户名:</strong> {{ report.reported_username or 'N/A' }}</li>
                    <li class="list-group-item"><strong>所属站点:</strong> {{ report.reported_pt_site }}</li>
-                    <li class="list-group-item"><strong>举报理由:</strong> {{ report.reason_category }}</li>
+                    <li class="list-group-item"><strong>举报理由:</strong> {{ report.reason_category | translate_reason }}</li>
                    <li class="list-group-item"><strong>举报人:</strong> {{ report.reporter.username }}</li>
                    <li class="list-group-item"><strong>状态:</strong> <strong class="text-capitalize">{{ report.status | translate_status }}</strong></li>
                    <li class="list-group-item"><strong>详细描述:</strong><br><span style="white-space: pre-wrap;">{{ report.description }}</span></li>
--- a/app/templates/index.html
+++ b/app/templates/index.html
@@ -46,7 +46,7 @@
                        <ul class="list-group list-group-flush">
                            <li class="list-group-item"><strong>违规站点:</strong> {{ search_result.pt_site }}</li>
                            {% if search_result.report %}
-                            <li class="list-group-item"><strong>违规原因:</strong> {{ search_result.report.reason_category }}</li>
+                            <li class="list-group-item"><strong>违规原因:</strong> {{ search_result.report.reason_category | translate_reason }}</li>
                            {% endif %}
                            <li class="list-group-item"><strong>记录时间:</strong> {{ search_result.created_at.strftime('%Y-%m-%d') }}</li>
                        </ul>