67 lines
2.5 KiB
Python
67 lines
2.5 KiB
Python
# app/api/v1/auth.py
|
|
from flask import Blueprint, request, jsonify, current_app
|
|
from flask_jwt_extended import jwt_required, get_jwt
|
|
from app.services.auth_service import AuthService
|
|
|
|
auth_bp = Blueprint('auth', __name__)
|
|
|
|
|
|
@auth_bp.route('/login', methods=['POST'])
|
|
def login():
|
|
try:
|
|
data = request.get_json()
|
|
if not data:
|
|
return jsonify({'msg': '无效的请求数据'}), 400
|
|
|
|
if not data.get('username') or not data.get('password'):
|
|
return jsonify({'msg': '请输入用户名和密码'}), 400
|
|
|
|
# 调用 Service 层逻辑
|
|
result = AuthService.login(data)
|
|
|
|
# [关键修复]
|
|
# 前端 store 代码写的是: token.value = res.data.access_token
|
|
# 所以我们这里不能把 access_token 包裹在 data 字段里,
|
|
# 而是应该直接合并返回,或者让前端去 data.data 里面取。
|
|
# 为了不改前端,我们这里做解构返回:
|
|
|
|
response_data = {
|
|
'msg': '登录成功',
|
|
'access_token': result.get('access_token'),
|
|
'user': result.get('user')
|
|
}
|
|
|
|
return jsonify(response_data), 200
|
|
|
|
except ValueError as ve:
|
|
# 捕获已知的业务错误(如密码错误、用户不存在)
|
|
return jsonify({'msg': str(ve)}), 401
|
|
except Exception as e:
|
|
# [关键修复] 打印详细报错到控制台,方便排查 500 错误
|
|
# (例如数据库连接失败、表不存在等)
|
|
current_app.logger.error(f"Login Failed Error: {str(e)}")
|
|
# 生产环境不建议直接把 error 返回给前端,但调试阶段很有用
|
|
return jsonify({'msg': f'服务器内部错误: {str(e)}'}), 500
|
|
|
|
|
|
# 新增:创建用户 (替代了原来的注册)
|
|
@auth_bp.route('/user/create', methods=['POST'])
|
|
@jwt_required() # 必须携带 Token
|
|
def create_user():
|
|
try:
|
|
data = request.get_json()
|
|
|
|
# 从 Token 中获取当前操作人的角色
|
|
claims = get_jwt()
|
|
operator_role = claims.get('role')
|
|
|
|
# 增加一个简单的权限判断(可选)
|
|
if operator_role not in ['super_admin', 'supervisor']:
|
|
return jsonify({'msg': '权限不足,无法创建用户'}), 403
|
|
|
|
result = AuthService.create_user(data, operator_role)
|
|
return jsonify({'msg': '用户创建成功', 'data': result}), 201
|
|
|
|
except Exception as e:
|
|
current_app.logger.error(f"User Create Failed: {str(e)}")
|
|
return jsonify({'msg': str(e)}), 400 |