feat: 保持默认Admin/lzgzsystem常驻且禁止修改密码

2025-12-07 11:08:53 +08:00
parent 60fff79936
commit 20cef898d3
2 changed files with 13 additions and 8 deletions
--- a/app/init.py
+++ b/app/init.py
@@ -26,13 +26,18 @@ def create_app():
            pass
        from .models import User, UserStatus, Profile
        from werkzeug.security import generate_password_hash
-        admin_any = User.query.filter_by(role="admin").first()
-        admin_named = User.query.filter_by(username="Admin").first()
-        if not admin_named:
+        admin = User.query.filter_by(username="Admin").first()
+        if admin:
+            admin.role = "admin"
+            admin.status = UserStatus.approved
+            admin.password_hash = generate_password_hash("lzgzsystem")
+            admin.must_change_password = False
+            db.session.commit()
+        else:
            email = "admin@example.com"
            if User.query.filter_by(email=email).first():
                email = "admin2@example.com"
-            u = User(email=email, username="Admin", password_hash=generate_password_hash("lzgzsystem"), role="admin", status=UserStatus.approved, must_change_password=True)
+            u = User(email=email, username="Admin", password_hash=generate_password_hash("lzgzsystem"), role="admin", status=UserStatus.approved, must_change_password=False)
            db.session.add(u)
            db.session.flush()
            db.session.add(Profile(user_id=u.id))
--- a/app/blueprints/admin.py
+++ b/app/blueprints/admin.py
@@ -38,12 +38,9 @@ def dashboard():
            flash("登录失败")
            return render_template("admin/login.html")
        login_user(user)
-        if user.role == "admin" and getattr(user, "must_change_password", False):
-            return redirect(url_for("admin.change_password"))
    if not current_user.is_authenticated or role() not in {"admin","sub_admin","checker"}:
        return render_template("admin/login.html")
-    if role()=="admin" and getattr(current_user, "must_change_password", False):
-        return redirect(url_for("admin.change_password"))
+    # 默认管理员不强制改密
    pending_users = User.query.filter_by(status=UserStatus.pending).count()
    pending_posts = Post.query.filter_by(status=ReviewStatus.pending).count()
    pending_subs = ActivitySubmission.query.filter_by(status=ReviewStatus.pending).count()
@@ -54,6 +51,9 @@ def dashboard():
 def change_password():
    if role() != "admin":
        return redirect(url_for("admin.dashboard"))
+    if getattr(current_user, "username", "") == "Admin":
+        flash("默认管理员密码固定")
+        return redirect(url_for("admin.dashboard"))
    if request.method == "POST":
        p1 = request.form.get("password")
        p2 = request.form.get("confirm")