jiangmingzhao/jiangmingzhao-daily-report
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9b9ee273fcd68a875bcb31d6e05883ea7b8c57e2
jiangmingzhao-daily-report/backend/accounts/views.py
jiangmingzhao 9b9ee273fc 初始提交:企业级日报系统完整代码 
功能特性:
-  JWT用户认证系统
-  日报CRUD管理
-  三级权限控制
-  多维度搜索过滤
-  统计分析功能
-  评论互动系统
-  响应式Cool Admin界面
-  暗色主题支持

 技术栈:
- 后端:Django 4.2.7 + DRF + SimpleJWT
- 前端:Vue 3 + Element Plus + Pinia
- 数据库:SQLite/PostgreSQL
- 部署:Docker + Nginx

 包含内容:
- 完整的后端API代码
- 现代化前端界面
- 数据库迁移文件
- 部署脚本和文档
- 演示页面和测试工具
2025-09-13 14:35:15 +08:00

89 lines
2.8 KiB
Python
Raw Blame History

from rest_framework import status, generics
from rest_framework.decorators import api_view, permission_classes
from rest_framework.permissions import AllowAny, IsAuthenticated
from rest_framework.response import Response
from rest_framework_simplejwt.tokens import RefreshToken
from django.contrib.auth import get_user_model
from .serializers import (
UserRegistrationSerializer,
UserLoginSerializer,
UserProfileSerializer,
UserListSerializer
)
User = get_user_model()
@api_view(['POST'])
@permission_classes([AllowAny])
def register(request):
"""用户注册"""
serializer = UserRegistrationSerializer(data=request.data)
if serializer.is_valid():
user = serializer.save()
refresh = RefreshToken.for_user(user)
return Response({
'message': '注册成功',
'user': UserProfileSerializer(user).data,
'tokens': {
'refresh': str(refresh),
'access': str(refresh.access_token),
}
}, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
@api_view(['POST'])
@permission_classes([AllowAny])
def login(request):
"""用户登录"""
serializer = UserLoginSerializer(data=request.data)
if serializer.is_valid():
user = serializer.validated_data['user']
refresh = RefreshToken.for_user(user)
return Response({
'message': '登录成功',
'user': UserProfileSerializer(user).data,
'tokens': {
'refresh': str(refresh),
'access': str(refresh.access_token),
}
})
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
@api_view(['POST'])
@permission_classes([IsAuthenticated])
def logout(request):
"""用户登出"""
try:
refresh_token = request.data.get('refresh_token')
if refresh_token:
token = RefreshToken(refresh_token)
token.blacklist()
return Response({'message': '登出成功'})
except Exception as e:
return Response({'error': '登出失败'}, status=status.HTTP_400_BAD_REQUEST)
class UserProfileView(generics.RetrieveUpdateAPIView):
"""用户信息查看和更新"""
serializer_class = UserProfileSerializer
permission_classes = [IsAuthenticated]
def get_object(self):
return self.request.user
class UserListView(generics.ListAPIView):
"""用户列表(仅管理员可访问)"""
queryset = User.objects.filter(is_active=True)
serializer_class = UserListSerializer
permission_classes = [IsAuthenticated]
def get_queryset(self):
# 只有管理员可以查看所有用户列表
if self.request.user.is_staff:
return super().get_queryset()
return User.objects.filter(id=self.request.user.id)
Reference in New Issue View Git Blame Copy Permalink