From 20cef898d30dcea064d66549d9fa73375e872676 Mon Sep 17 00:00:00 2001 From: AnthonyDuan Date: Sun, 7 Dec 2025 11:08:53 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E4=BF=9D=E6=8C=81=E9=BB=98=E8=AE=A4Adm?= =?UTF-8?q?in/lzgzsystem=E5=B8=B8=E9=A9=BB=E4=B8=94=E7=A6=81=E6=AD=A2?= =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=AF=86=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/__init__.py | 13 +++++++++---- app/blueprints/admin.py | 8 ++++---- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/app/__init__.py b/app/__init__.py index 0131b59..b57991f 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -26,13 +26,18 @@ def create_app(): pass from .models import User, UserStatus, Profile from werkzeug.security import generate_password_hash - admin_any = User.query.filter_by(role="admin").first() - admin_named = User.query.filter_by(username="Admin").first() - if not admin_named: + admin = User.query.filter_by(username="Admin").first() + if admin: + admin.role = "admin" + admin.status = UserStatus.approved + admin.password_hash = generate_password_hash("lzgzsystem") + admin.must_change_password = False + db.session.commit() + else: email = "admin@example.com" if User.query.filter_by(email=email).first(): email = "admin2@example.com" - u = User(email=email, username="Admin", password_hash=generate_password_hash("lzgzsystem"), role="admin", status=UserStatus.approved, must_change_password=True) + u = User(email=email, username="Admin", password_hash=generate_password_hash("lzgzsystem"), role="admin", status=UserStatus.approved, must_change_password=False) db.session.add(u) db.session.flush() db.session.add(Profile(user_id=u.id)) diff --git a/app/blueprints/admin.py b/app/blueprints/admin.py index a2d0049..35fba04 100644 --- a/app/blueprints/admin.py +++ b/app/blueprints/admin.py @@ -38,12 +38,9 @@ def dashboard(): flash("登录失败") return render_template("admin/login.html") login_user(user) - if user.role == "admin" and getattr(user, "must_change_password", False): - return redirect(url_for("admin.change_password")) if not current_user.is_authenticated or role() not in {"admin","sub_admin","checker"}: return render_template("admin/login.html") - if role()=="admin" and getattr(current_user, "must_change_password", False): - return redirect(url_for("admin.change_password")) + # 默认管理员不强制改密 pending_users = User.query.filter_by(status=UserStatus.pending).count() pending_posts = Post.query.filter_by(status=ReviewStatus.pending).count() pending_subs = ActivitySubmission.query.filter_by(status=ReviewStatus.pending).count() @@ -54,6 +51,9 @@ def dashboard(): def change_password(): if role() != "admin": return redirect(url_for("admin.dashboard")) + if getattr(current_user, "username", "") == "Admin": + flash("默认管理员密码固定") + return redirect(url_for("admin.dashboard")) if request.method == "POST": p1 = request.form.get("password") p2 = request.form.get("confirm")