init

2025-11-24 10:10:00 +08:00
commit aa516a8d71
37 changed files with 2426 additions and 0 deletions
--- a/app/auth/routes.py
+++ b/app/auth/routes.py
@@ -0,0 +1,53 @@
+from flask import render_template, redirect, url_for, flash, request
+from flask_login import login_user, logout_user, login_required, current_user
+from . import auth
+from .. import db
+from ..models import User, PartnerSite
+from ..forms import LoginForm, RegistrationForm
+
+@auth.route('/register', methods=['GET', 'POST'])
+def register():
+    if current_user.is_authenticated:
+        return redirect(url_for('main.index'))
+    form = RegistrationForm()
+    active_sites = PartnerSite.query.filter_by(is_active=True).order_by(PartnerSite.name).all()
+    form.pt_site.choices = [(site.name, site.name) for site in active_sites]
+    if form.validate_on_submit():
+        user = User(
+            email=form.email.data.lower(),
+            username=form.username.data,
+            pt_site=form.pt_site.data,
+            uid=form.uid.data,
+            status='pending' # 新用户需要管理员审核
+        )
+        user.set_password(form.password.data)
+        db.session.add(user)
+        db.session.commit()
+        flash('注册申请已提交，请等待管理员审核。', 'info')
+        return redirect(url_for('auth.login'))
+    return render_template('auth/register.html', form=form)
+
+@auth.route('/login', methods=['GET', 'POST'])
+def login():
+    if current_user.is_authenticated:
+        return redirect(url_for('main.index'))
+    form = LoginForm()
+    if form.validate_on_submit():
+        user = User.query.filter_by(email=form.email.data).first()
+        if user is None or not user.check_password(form.password.data):
+            flash('无效的邮箱或密码。', 'danger')
+            return redirect(url_for('auth.login'))
+            
+        if user.status != 'active':
+            flash(f'您的账户当前状态为 "{user.status}"，无法登录。请联系管理员。', 'warning')
+            return redirect(url_for('auth.login'))
+        login_user(user, remember=form.remember_me.data)
+        return redirect(url_for('main.index'))
+    return render_template('auth/login.html', form=form)
+
+@auth.route('/logout')
+@login_required
+def logout():
+    logout_user()
+    flash('您已成功登出。')
+    return redirect(url_for('main.index'))