from fastapi import APIRouter, Depends, HTTPException, status from sqlalchemy.orm import Session from app import models, database from pydantic import BaseModel from app.utils_jwt import create_access_token, get_current_user from passlib.context import CryptContext from typing import List, Optional # 创建路由器,设置统一的前缀和标签 router = APIRouter( prefix="/admin/api", tags=["admin"] ) pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") # 获取数据库会话 def get_db(): db = database.SessionLocal() try: yield db finally: db.close() # 管理员登录请求模型 class AdminLoginRequest(BaseModel): username: str password: str @router.post("/login") async def admin_login(req: AdminLoginRequest, db: Session = Depends(get_db)): print(f"=== Admin login attempt: {req.username} ===") # 特殊处理admin用户,确保它存在且正确设置 if req.username == "admin": admin_user = db.query(models.User).filter(models.User.username == "admin").first() if not admin_user: hashed_password = pwd_context.hash("admin123") admin_user = models.User( username="admin", hashed_password=hashed_password, is_admin=True, is_active=True, balance=100 ) db.add(admin_user) db.commit() db.refresh(admin_user) print("admin用户创建成功") user = db.query(models.User).filter(models.User.username == req.username).first() if not user: raise HTTPException(status_code=401, detail="账号或密码错误") if not pwd_context.verify(req.password, user.hashed_password): raise HTTPException(status_code=401, detail="账号或密码错误") if not user.is_admin: raise HTTPException(status_code=401, detail="该账户没有管理员权限") token = create_access_token({"sub": str(user.id), "is_admin": True}) print(f"登录成功 - 用户ID: {user.id}, 用户名: {user.username}") return { "token": token, "user": { "id": user.id, "username": user.username, "is_admin": True } } # 管理员权限依赖 async def admin_required(user=Depends(get_current_user)): if not getattr(user, "is_admin", False): raise HTTPException(status_code=403, detail="无权限") return user # 应用管理 class AppCreateRequest(BaseModel): name: str desc: str price: float status: str = "上架" @router.get("/apps") def get_apps(db: Session = Depends(get_db), _=Depends(admin_required)): apps = db.query(models.App).all() return {"code": 0, "msg": "success", "data": [ { "id": app.id, "name": app.name, "desc": app.desc, "price": app.price, "status": app.status } for app in apps ]} @router.post("/apps") def add_app(req: AppCreateRequest, db: Session = Depends(get_db), _=Depends(admin_required)): if db.query(models.App).filter(models.App.name == req.name).first(): return {"code": 1, "msg": "应用已存在"} new_app = models.App( name=req.name, desc=req.desc, price=req.price, status=req.status ) db.add(new_app) db.commit() db.refresh(new_app) # 操作日志 # db.add(models.Log(action="add_app", detail=f"添加应用 {req.name}")) # db.commit() return {"code": 0, "msg": "应用创建成功", "data": {"id": new_app.id}} @router.put("/apps/{app_id}") def edit_app(app_id: int, req: AppCreateRequest, db: Session = Depends(get_db), _=Depends(admin_required)): app = db.query(models.App).filter(models.App.id == app_id).first() if not app: return {"code": 1, "msg": "应用不存在"} app.name = req.name app.desc = req.desc app.price = req.price app.status = req.status db.commit() # db.add(models.Log(action="edit_app", detail=f"修改应用 {app_id}")) # db.commit() return {"code": 0, "msg": "应用修改成功"} @router.delete("/apps/{app_id}") def delete_app(app_id: int, db: Session = Depends(get_db), _=Depends(admin_required)): app = db.query(models.App).filter(models.App.id == app_id).first() if not app: return {"code": 1, "msg": "应用不存在"} db.delete(app) db.commit() # db.add(models.Log(action="delete_app", detail=f"删除应用 {app_id}")) # db.commit() return {"code": 0, "msg": "应用删除成功"} # 用户管理 @router.get("/users") def get_users(db: Session = Depends(get_db), _=Depends(admin_required)): users = db.query(models.User).all() return {"code": 0, "msg": "success", "data": [ { "id": u.id, "username": u.username, "email": getattr(u, "email", None), "is_admin": getattr(u, "is_admin", False), "status": "正常" if getattr(u, "is_active", True) else "禁用" } for u in users ]} @router.post("/users") def add_user(req: UserCreateRequest, db: Session = Depends(get_db), _=Depends(admin_required)): if db.query(models.User).filter(models.User.username == req.username).first(): return {"code": 1, "msg": "用户名已存在"} hashed_password = pwd_context.hash(req.password) new_user = models.User( username=req.username, hashed_password=hashed_password, email=req.email, is_active=True ) db.add(new_user) db.commit() db.refresh(new_user) # db.add(models.Log(action="add_user", detail=f"添加用户 {req.username}")) # db.commit() return {"code": 0, "msg": "用户创建成功", "data": {"id": new_user.id}} @router.put("/users/{user_id}") def edit_user(user_id: int, req: UserCreateRequest, db: Session = Depends(get_db), _=Depends(admin_required)): db_user = db.query(models.User).filter(models.User.id == user_id).first() if not db_user: return {"code": 1, "msg": "用户不存在"} db_user.username = req.username if req.password: db_user.hashed_password = pwd_context.hash(req.password) if req.email: db_user.email = req.email db.commit() # db.add(models.Log(action="edit_user", detail=f"修改用户 {user_id}")) # db.commit() return {"code": 0, "msg": "用户修改成功"} @router.delete("/users/{user_id}") def delete_user(user_id: int, db: Session = Depends(get_db), _=Depends(admin_required)): db_user = db.query(models.User).filter(models.User.id == user_id).first() if not db_user: return {"code": 1, "msg": "用户不存在"} db.delete(db_user) db.commit() # db.add(models.Log(action="delete_user", detail=f"删除用户 {user_id}")) # db.commit() return {"code": 0, "msg": "用户删除成功"} @router.put("/users/{user_id}/status") def update_user_status(user_id: int, status: str, db: Session = Depends(get_db), _=Depends(admin_required)): db_user = db.query(models.User).filter(models.User.id == user_id).first() if not db_user: return {"code": 1, "msg": "用户不存在"} db_user.is_active = (status == "正常") db.commit() # db.add(models.Log(action="update_user_status", detail=f"设置用户 {user_id} 状态为 {status}")) # db.commit() return {"code": 0, "msg": "状态更新成功"} class UserCreateRequest(BaseModel): username: str password: str email: Optional[str] = None @router.post("/users") # 修改路径,移除重复的admin async def add_user(req: UserCreateRequest, db: Session = Depends(get_db), _=Depends(admin_required)): if db.query(models.User).filter(models.User.username == req.username).first(): raise HTTPException(status_code=400, detail="用户名已存在") hashed_password = pwd_context.hash(req.password) new_user = models.User( username=req.username, hashed_password=hashed_password, email=req.email, is_active=True ) db.add(new_user) db.commit() db.refresh(new_user) return {"user": {"id": new_user.id, "username": new_user.username}} @router.put("/users/{user_id}") # 修改路径,移除重复的admin async def edit_user( user_id: int, req: UserCreateRequest, db: Session = Depends(get_db), _=Depends(admin_required) ): db_user = db.query(models.User).filter(models.User.id == user_id).first() if not db_user: raise HTTPException(status_code=404, detail="用户不存在") db_user.username = req.username if req.password: db_user.hashed_password = pwd_context.hash(req.password) if req.email: db_user.email = req.email db.commit() return {"msg": "修改成功"} @router.delete("/users/{user_id}") # 修改路径,移除重复的admin async def delete_user(user_id: int, db: Session = Depends(get_db), _=Depends(admin_required)): db_user = db.query(models.User).filter(models.User.id == user_id).first() if not db_user: raise HTTPException(status_code=404, detail="用户不存在") db.delete(db_user) db.commit() return {"msg": "删除成功"} # 订单管理 @router.get("/orders") def get_orders(db: Session = Depends(get_db), _=Depends(admin_required)): orders = db.query(models.Order).all() return {"code": 0, "msg": "success", "data": [ { "id": order.id, "user_id": order.user.username if order.user else None, "type": order.type, "amount": order.amount, "description": order.description, "created_at": order.created_at.strftime("%Y-%m-%d %H:%M:%S") if order.created_at else None, "status": order.status } for order in orders ]} @router.get("/orders/{order_id}") def order_detail(order_id: int, db: Session = Depends(get_db), _=Depends(admin_required)): order = db.query(models.Order).filter(models.Order.id == order_id).first() if not order: return {"code": 1, "msg": "订单不存在"} return {"code": 0, "msg": "success", "data": { "id": order.id, "user_id": order.user.username if order.user else None, "type": order.type, "amount": order.amount, "description": order.description, "created_at": order.created_at.strftime("%Y-%m-%d %H:%M:%S") if order.created_at else None, "status": order.status }} # 充值记录 @router.get("/finance") def get_finance(db: Session = Depends(get_db), _=Depends(admin_required)): finance_records = db.query(models.Finance).all() user_map = {} user_ids = set(record.user_id for record in finance_records) users = db.query(models.User).filter(models.User.id.in_(user_ids)).all() for user in users: user_map[user.id] = user.username return {"code": 0, "msg": "success", "data": [ { "id": record.id, "user_id": record.user_id, "username": user_map.get(record.user_id, "未知用户"), "amount": record.amount, "description": record.desc, "created_at": record.created_at.strftime("%Y-%m-%d %H:%M:%S") if record.created_at else None } for record in finance_records ]} # 添加查询历史记录接口(包括充值记录) @router.get("/history") async def get_history(db: Session = Depends(get_db), _=Depends(admin_required)): """获取所有历史记录,包括充值和消费""" history_records = db.query(models.History).all() # 查询用户信息,用于显示用户名 user_map = {} user_ids = set(record.user_id for record in history_records) users = db.query(models.User).filter(models.User.id.in_(user_ids)).all() for user in users: user_map[user.id] = user.username return { "history": [ { "id": record.id, "user_id": record.user_id, "username": user_map.get(record.user_id, "未知用户"), "type": "充值" if record.type == "recharge" else "消费", "amount": record.amount, "description": record.desc, "created_at": record.created_at.strftime("%Y-%m-%d %H:%M:%S") if record.created_at else None } for record in history_records ] }