From 4d821f2de7bb06e193573cd519d4b13fa9359f3b Mon Sep 17 00:00:00 2001
From: DXC <duxingchen@iris-rs.cn>
Date: Tue, 24 Mar 2026 11:01:39 +0800
Subject: [PATCH] feat: cleanly add user preferences api and rollback wrong
 auth routes

---
 inventory-backend/app/__init__.py      | 10 ++++++++
 inventory-backend/app/api/v1/user.py   | 35 ++++++++++++++++++++++++++
 inventory-backend/app/models/system.py |  4 ++-
 3 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 inventory-backend/app/api/v1/user.py

diff --git a/inventory-backend/app/__init__.py b/inventory-backend/app/__init__.py
index 461b127..63f40fc 100644
--- a/inventory-backend/app/__init__.py
+++ b/inventory-backend/app/__init__.py
@@ -42,6 +42,16 @@ def create_app():
     except ImportError as e:
         print(f"❌ 错误: Auth 模块导入失败: {e}")
 
+    # -----------------------------------------------------
+    # 2.0.1 注册用户偏好模块 (User Preferences)
+    # -----------------------------------------------------
+    try:
+        from app.api.v1.user import user_prefs_bp
+        app.register_blueprint(user_prefs_bp, url_prefix='/api/v1/user')
+        print("✅ User Preferences 模块注册成功")
+    except ImportError as e:
+        print(f"❌ 错误: User Preferences 模块导入失败: {e}")
+
     # -----------------------------------------------------
     # 2.1 注册入库聚合模块 (Inbound)
     # -----------------------------------------------------
diff --git a/inventory-backend/app/api/v1/user.py b/inventory-backend/app/api/v1/user.py
new file mode 100644
index 0000000..68c5e20
--- /dev/null
+++ b/inventory-backend/app/api/v1/user.py
@@ -0,0 +1,35 @@
+from flask import Blueprint, jsonify, request, current_app
+from flask_jwt_extended import jwt_required, get_jwt_identity
+from app.models.system import SysUser
+from app.extensions import db
+
+user_prefs_bp = Blueprint('user_preferences', __name__)
+
+
+@user_prefs_bp.route('/preferences', methods=['GET'])
+@jwt_required()
+def get_prefs():
+    identity = get_jwt_identity()
+    user_id = identity.get('id') if isinstance(identity, dict) else identity
+    if not user_id:
+        return jsonify({'code': 401, 'msg': '无效身份'}), 401
+    user = SysUser.query.get(user_id)
+    if not user:
+        return jsonify({'code': 404, 'msg': '用户不存在'}), 404
+    return jsonify({'code': 200, 'msg': 'success', 'data': user.preferences or {}})
+
+
+@user_prefs_bp.route('/preferences', methods=['PUT'])
+@jwt_required()
+def update_prefs():
+    identity = get_jwt_identity()
+    user_id = identity.get('id') if isinstance(identity, dict) else identity
+    if not user_id:
+        return jsonify({'code': 401, 'msg': '无效身份'}), 401
+    user = SysUser.query.get(user_id)
+    if not user:
+        return jsonify({'code': 404, 'msg': '用户不存在'}), 404
+    data = request.get_json() or {}
+    user.preferences = data
+    db.session.commit()
+    return jsonify({'code': 200, 'msg': 'success', 'data': user.preferences})
diff --git a/inventory-backend/app/models/system.py b/inventory-backend/app/models/system.py
index d1901e8..7a59640 100644
--- a/inventory-backend/app/models/system.py
+++ b/inventory-backend/app/models/system.py
@@ -23,6 +23,7 @@ class SysUser(db.Model):
     status = db.Column(db.String(20), default='active')
     password_hash = db.Column(db.Text)
     created_at = db.Column(db.DateTime, default=beijing_time)
+    preferences = db.Column(db.JSON, nullable=True)
 
     def set_password(self, password):
         """生成加密密码"""
@@ -61,7 +62,8 @@ class SysUser(db.Model):
             'department': self.department,
             'role': self.role,
             'status': self.status,
-            'created_at': self.created_at.isoformat() if self.created_at else None
+            'created_at': self.created_at.isoformat() if self.created_at else None,
+            'preferences': self.preferences or {}
         }