初始提交：企业级日报系统完整代码

功能特性：
-  JWT用户认证系统
-  日报CRUD管理
-  三级权限控制
-  多维度搜索过滤
-  统计分析功能
-  评论互动系统
-  响应式Cool Admin界面
-  暗色主题支持

 技术栈：
- 后端：Django 4.2.7 + DRF + SimpleJWT
- 前端：Vue 3 + Element Plus + Pinia
- 数据库：SQLite/PostgreSQL
- 部署：Docker + Nginx

 包含内容：
- 完整的后端API代码
- 现代化前端界面
- 数据库迁移文件
- 部署脚本和文档
- 演示页面和测试工具

backend/accounts/views.py

@@ -0,0 +1,88 @@
+from rest_framework import status, generics
+from rest_framework.decorators import api_view, permission_classes
+from rest_framework.permissions import AllowAny, IsAuthenticated
+from rest_framework.response import Response
+from rest_framework_simplejwt.tokens import RefreshToken
+from django.contrib.auth import get_user_model
+from .serializers import (
+    UserRegistrationSerializer,
+    UserLoginSerializer, 
+    UserProfileSerializer,
+    UserListSerializer
+)
+
+User = get_user_model()
+
+
+@api_view(['POST'])
+@permission_classes([AllowAny])
+def register(request):
+    """用户注册"""
+    serializer = UserRegistrationSerializer(data=request.data)
+    if serializer.is_valid():
+        user = serializer.save()
+        refresh = RefreshToken.for_user(user)
+        return Response({
+            'message': '注册成功',
+            'user': UserProfileSerializer(user).data,
+            'tokens': {
+                'refresh': str(refresh),
+                'access': str(refresh.access_token),
+            }
+        }, status=status.HTTP_201_CREATED)
+    return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+
+@api_view(['POST'])
+@permission_classes([AllowAny])
+def login(request):
+    """用户登录"""
+    serializer = UserLoginSerializer(data=request.data)
+    if serializer.is_valid():
+        user = serializer.validated_data['user']
+        refresh = RefreshToken.for_user(user)
+        return Response({
+            'message': '登录成功',
+            'user': UserProfileSerializer(user).data,
+            'tokens': {
+                'refresh': str(refresh),
+                'access': str(refresh.access_token),
+            }
+        })
+    return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+
+@api_view(['POST'])
+@permission_classes([IsAuthenticated])
+def logout(request):
+    """用户登出"""
+    try:
+        refresh_token = request.data.get('refresh_token')
+        if refresh_token:
+            token = RefreshToken(refresh_token)
+            token.blacklist()
+        return Response({'message': '登出成功'})
+    except Exception as e:
+        return Response({'error': '登出失败'}, status=status.HTTP_400_BAD_REQUEST)
+
+
+class UserProfileView(generics.RetrieveUpdateAPIView):
+    """用户信息查看和更新"""
+    serializer_class = UserProfileSerializer
+    permission_classes = [IsAuthenticated]
+    
+    def get_object(self):
+        return self.request.user
+
+
+class UserListView(generics.ListAPIView):
+    """用户列表（仅管理员可访问）"""
+    queryset = User.objects.filter(is_active=True)
+    serializer_class = UserListSerializer
+    permission_classes = [IsAuthenticated]
+    
+    def get_queryset(self):
+        # 只有管理员可以查看所有用户列表
+        if self.request.user.is_staff:
+            return super().get_queryset()
+        return User.objects.filter(id=self.request.user.id)