238 lines
7.8 KiB
Python
238 lines
7.8 KiB
Python
#!/usr/bin/env python
|
|
# -*- coding: utf-8 -*-
|
|
"""
|
|
认证接口
|
|
"""
|
|
|
|
from flask import Blueprint, request, jsonify
|
|
import logging
|
|
from datetime import datetime
|
|
from auth_utils import AuthUtils
|
|
from database_config import get_db_manager
|
|
from log_utils import log_create, log_update, log_delete, log_error, log_operation
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
# 创建蓝图
|
|
auth_bp = Blueprint('auth', __name__, url_prefix='/api/auth')
|
|
|
|
@auth_bp.route('/login', methods=['POST'])
|
|
def login():
|
|
"""企业管理员登录"""
|
|
try:
|
|
data = request.get_json()
|
|
if not data:
|
|
return jsonify({
|
|
'code': 400,
|
|
'message': '请求参数错误',
|
|
'data': None
|
|
}), 400
|
|
|
|
phone = data.get('phone')
|
|
password = data.get('password')
|
|
|
|
if not phone or not password:
|
|
return jsonify({
|
|
'code': 400,
|
|
'message': '手机号和密码不能为空',
|
|
'data': None
|
|
}), 400
|
|
|
|
# 查询企业
|
|
db_manager = get_db_manager()
|
|
sql = """
|
|
SELECT id, enterprise_ID, name, phone, password, status
|
|
FROM ai_enterprises
|
|
WHERE phone = %s
|
|
"""
|
|
result = db_manager.execute_query(sql, (phone,))
|
|
|
|
if not result:
|
|
logger.warning(f"[企业登录失败] 企业不存在: {phone}")
|
|
return jsonify({
|
|
'code': 401,
|
|
'message': '手机号或密码错误',
|
|
'data': None
|
|
}), 401
|
|
|
|
enterprise = result[0]
|
|
|
|
# 检查企业状态
|
|
if enterprise['status'] != 'active':
|
|
logger.warning(f"[企业登录失败] 企业状态异常: {phone}, 状态: {enterprise['status']}")
|
|
return jsonify({
|
|
'code': 403,
|
|
'message': '企业已被禁用',
|
|
'data': None
|
|
}), 403
|
|
|
|
# 验证密码
|
|
if not AuthUtils.verify_password(password, enterprise['password']):
|
|
logger.warning(f"[企业登录失败] 密码错误: {phone}")
|
|
return jsonify({
|
|
'code': 401,
|
|
'message': '手机号或密码错误',
|
|
'data': None
|
|
}), 401
|
|
|
|
# 生成token
|
|
token = AuthUtils.generate_token(
|
|
enterprise['id'],
|
|
phone,
|
|
'enterprise_admin',
|
|
enterprise['id']
|
|
)
|
|
|
|
client_ip = request.environ.get('HTTP_X_FORWARDED_FOR', request.environ.get('REMOTE_ADDR', '未知'))
|
|
logger.info(f"[企业登录成功] 企业: {enterprise['name']}, IP: {client_ip}")
|
|
|
|
# 返回用户信息和token
|
|
return jsonify({
|
|
'code': 200,
|
|
'message': '登录成功',
|
|
'data': {
|
|
'token': token,
|
|
'userInfo': {
|
|
'name': enterprise['name'],
|
|
'phone': enterprise['phone'],
|
|
'role': 'enterprise_admin',
|
|
'enterpriseId': enterprise['enterprise_ID'],
|
|
'enterpriseName': enterprise['name']
|
|
}
|
|
},
|
|
'timestamp': int(datetime.now().timestamp() * 1000)
|
|
})
|
|
|
|
except Exception as e:
|
|
logger.error(f"[企业登录处理] 处理请求时发生错误: {str(e)}", exc_info=True)
|
|
return jsonify({
|
|
'code': 500,
|
|
'message': '服务器内部错误',
|
|
'data': None
|
|
}), 500
|
|
|
|
@auth_bp.route('/employee/login', methods=['POST'])
|
|
def employee_login():
|
|
"""员工登录"""
|
|
try:
|
|
data = request.get_json()
|
|
if not data:
|
|
return jsonify({
|
|
'code': 400,
|
|
'message': '请求参数错误',
|
|
'data': None
|
|
}), 400
|
|
|
|
phone = data.get('phone')
|
|
password = data.get('password')
|
|
|
|
if not phone or not password:
|
|
return jsonify({
|
|
'code': 400,
|
|
'message': '手机号和密码不能为空',
|
|
'data': None
|
|
}), 400
|
|
|
|
# 查询员工用户
|
|
db_manager = get_db_manager()
|
|
sql = """
|
|
SELECT u.id, u.enterprise_id, u.real_name, u.phone, u.password, u.role, u.status,
|
|
u.is_bound_xhs, u.xhs_account,
|
|
e.name as enterprise_name
|
|
FROM ai_users u
|
|
LEFT JOIN ai_enterprises e ON u.enterprise_id = e.id
|
|
WHERE u.phone = %s
|
|
"""
|
|
result = db_manager.execute_query(sql, (phone,))
|
|
|
|
if not result:
|
|
logger.warning(f"[员工登录失败] 用户不存在: {phone}")
|
|
return jsonify({
|
|
'code': 401,
|
|
'message': '手机号或密码错误',
|
|
'data': None
|
|
}), 401
|
|
|
|
user = result[0]
|
|
|
|
# 检查用户状态
|
|
if user['status'] != 'active':
|
|
logger.warning(f"[员工登录失败] 用户状态异常: {phone}, 状态: {user['status']}")
|
|
return jsonify({
|
|
'code': 403,
|
|
'message': '用户已被禁用',
|
|
'data': None
|
|
}), 403
|
|
|
|
# 验证密码
|
|
if not AuthUtils.verify_password(password, user['password']):
|
|
logger.warning(f"[员工登录失败] 密码错误: {phone}")
|
|
return jsonify({
|
|
'code': 401,
|
|
'message': '手机号或密码错误',
|
|
'data': None
|
|
}), 401
|
|
|
|
# 生成token
|
|
token = AuthUtils.generate_token(user['id'], phone, user['role'], user['enterprise_id'])
|
|
|
|
client_ip = request.environ.get('HTTP_X_FORWARDED_FOR', request.environ.get('REMOTE_ADDR', '未知'))
|
|
logger.info(f"[员工登录成功] 用户: {user['real_name']}, IP: {client_ip}")
|
|
|
|
# 返回用户信息和token
|
|
return jsonify({
|
|
'code': 200,
|
|
'message': '登录成功',
|
|
'data': {
|
|
'token': token,
|
|
'userInfo': {
|
|
'id': user['id'],
|
|
'name': user['real_name'],
|
|
'phone': user['phone'],
|
|
'role': user['role'],
|
|
'enterpriseId': user['enterprise_id'],
|
|
'enterpriseName': user['enterprise_name'],
|
|
'isBoundXHS': bool(user.get('is_bound_xhs', 0)),
|
|
'xhsAccount': user.get('xhs_account', '')
|
|
}
|
|
},
|
|
'timestamp': int(datetime.now().timestamp() * 1000)
|
|
})
|
|
|
|
except Exception as e:
|
|
logger.error(f"[员工登录处理] 处理请求时发生错误: {str(e)}", exc_info=True)
|
|
return jsonify({
|
|
'code': 500,
|
|
'message': '服务器内部错误',
|
|
'data': None
|
|
}), 500
|
|
|
|
@auth_bp.route('/logout', methods=['POST'])
|
|
def logout():
|
|
"""用户登出"""
|
|
try:
|
|
# 记录登出日志
|
|
auth_header = request.headers.get('Authorization')
|
|
if auth_header:
|
|
parts = auth_header.split()
|
|
if len(parts) == 2:
|
|
token = parts[1]
|
|
payload = AuthUtils.verify_token(token)
|
|
if payload:
|
|
logger.info(f"[登出成功] 用户ID: {payload.get('user_id')}")
|
|
|
|
return jsonify({
|
|
'code': 200,
|
|
'message': '退出成功',
|
|
'data': None,
|
|
'timestamp': int(datetime.now().timestamp() * 1000)
|
|
})
|
|
|
|
except Exception as e:
|
|
logger.error(f"[登出处理] 处理请求时发生错误: {str(e)}", exc_info=True)
|
|
return jsonify({
|
|
'code': 500,
|
|
'message': '服务器内部错误',
|
|
'data': None
|
|
}), 500
|