#!/usr/bin/env python # -*- coding: utf-8 -*- """ 认证接口 """ from flask import Blueprint, request, jsonify import logging from datetime import datetime from auth_utils import AuthUtils from database_config import get_db_manager from log_utils import log_create, log_update, log_delete, log_error, log_operation logger = logging.getLogger(__name__) # 创建蓝图 auth_bp = Blueprint('auth', __name__, url_prefix='/api/auth') @auth_bp.route('/login', methods=['POST']) def login(): """企业管理员登录""" try: data = request.get_json() if not data: return jsonify({ 'code': 400, 'message': '请求参数错误', 'data': None }), 400 phone = data.get('phone') password = data.get('password') if not phone or not password: return jsonify({ 'code': 400, 'message': '手机号和密码不能为空', 'data': None }), 400 # 查询企业 db_manager = get_db_manager() sql = """ SELECT id, enterprise_ID, name, phone, password, status FROM ai_enterprises WHERE phone = %s """ result = db_manager.execute_query(sql, (phone,)) if not result: logger.warning(f"[企业登录失败] 企业不存在: {phone}") return jsonify({ 'code': 401, 'message': '手机号或密码错误', 'data': None }), 401 enterprise = result[0] # 检查企业状态 if enterprise['status'] != 'active': logger.warning(f"[企业登录失败] 企业状态异常: {phone}, 状态: {enterprise['status']}") return jsonify({ 'code': 403, 'message': '企业已被禁用', 'data': None }), 403 # 验证密码 if not AuthUtils.verify_password(password, enterprise['password']): logger.warning(f"[企业登录失败] 密码错误: {phone}") return jsonify({ 'code': 401, 'message': '手机号或密码错误', 'data': None }), 401 # 生成token token = AuthUtils.generate_token( enterprise['id'], phone, 'enterprise_admin', enterprise['id'] ) client_ip = request.environ.get('HTTP_X_FORWARDED_FOR', request.environ.get('REMOTE_ADDR', '未知')) logger.info(f"[企业登录成功] 企业: {enterprise['name']}, IP: {client_ip}") # 返回用户信息和token return jsonify({ 'code': 200, 'message': '登录成功', 'data': { 'token': token, 'userInfo': { 'name': enterprise['name'], 'phone': enterprise['phone'], 'role': 'enterprise_admin', 'enterpriseId': enterprise['enterprise_ID'], 'enterpriseName': enterprise['name'] } }, 'timestamp': int(datetime.now().timestamp() * 1000) }) except Exception as e: logger.error(f"[企业登录处理] 处理请求时发生错误: {str(e)}", exc_info=True) return jsonify({ 'code': 500, 'message': '服务器内部错误', 'data': None }), 500 @auth_bp.route('/employee/login', methods=['POST']) def employee_login(): """员工登录""" try: data = request.get_json() if not data: return jsonify({ 'code': 400, 'message': '请求参数错误', 'data': None }), 400 phone = data.get('phone') password = data.get('password') if not phone or not password: return jsonify({ 'code': 400, 'message': '手机号和密码不能为空', 'data': None }), 400 # 查询员工用户 db_manager = get_db_manager() sql = """ SELECT u.id, u.enterprise_id, u.real_name, u.phone, u.password, u.role, u.status, u.is_bound_xhs, u.xhs_account, e.name as enterprise_name FROM ai_users u LEFT JOIN ai_enterprises e ON u.enterprise_id = e.id WHERE u.phone = %s """ result = db_manager.execute_query(sql, (phone,)) if not result: logger.warning(f"[员工登录失败] 用户不存在: {phone}") return jsonify({ 'code': 401, 'message': '手机号或密码错误', 'data': None }), 401 user = result[0] # 检查用户状态 if user['status'] != 'active': logger.warning(f"[员工登录失败] 用户状态异常: {phone}, 状态: {user['status']}") return jsonify({ 'code': 403, 'message': '用户已被禁用', 'data': None }), 403 # 验证密码 if not AuthUtils.verify_password(password, user['password']): logger.warning(f"[员工登录失败] 密码错误: {phone}") return jsonify({ 'code': 401, 'message': '手机号或密码错误', 'data': None }), 401 # 生成token token = AuthUtils.generate_token(user['id'], phone, user['role'], user['enterprise_id']) client_ip = request.environ.get('HTTP_X_FORWARDED_FOR', request.environ.get('REMOTE_ADDR', '未知')) logger.info(f"[员工登录成功] 用户: {user['real_name']}, IP: {client_ip}") # 返回用户信息和token return jsonify({ 'code': 200, 'message': '登录成功', 'data': { 'token': token, 'userInfo': { 'id': user['id'], 'name': user['real_name'], 'phone': user['phone'], 'role': user['role'], 'enterpriseId': user['enterprise_id'], 'enterpriseName': user['enterprise_name'], 'isBoundXHS': bool(user.get('is_bound_xhs', 0)), 'xhsAccount': user.get('xhs_account', '') } }, 'timestamp': int(datetime.now().timestamp() * 1000) }) except Exception as e: logger.error(f"[员工登录处理] 处理请求时发生错误: {str(e)}", exc_info=True) return jsonify({ 'code': 500, 'message': '服务器内部错误', 'data': None }), 500 @auth_bp.route('/logout', methods=['POST']) def logout(): """用户登出""" try: # 记录登出日志 auth_header = request.headers.get('Authorization') if auth_header: parts = auth_header.split() if len(parts) == 2: token = parts[1] payload = AuthUtils.verify_token(token) if payload: logger.info(f"[登出成功] 用户ID: {payload.get('user_id')}") return jsonify({ 'code': 200, 'message': '退出成功', 'data': None, 'timestamp': int(datetime.now().timestamp() * 1000) }) except Exception as e: logger.error(f"[登出处理] 处理请求时发生错误: {str(e)}", exc_info=True) return jsonify({ 'code': 500, 'message': '服务器内部错误', 'data': None }), 500