Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
H
hunter-ht.cn
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
刘莹莹
hunter-ht.cn
Commits
b451c0a0
Commit
b451c0a0
authored
May 15, 2020
by
Xu Zhou
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
管理员页面简单的用户管理功能及简单认证,采用Django的csrf_token机制防止跨域。
parent
2d2a8539
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
74 additions
and
51 deletions
+74
-51
admin.html
hunter/templates/hunter/admin.html
+31
-41
index.html
hunter/templates/hunter/index.html
+6
-5
user.html
hunter/templates/hunter/user.html
+15
-4
views.py
hunter/views.py
+22
-1
No files found.
hunter/templates/hunter/admin.html
View file @
b451c0a0
...
...
@@ -28,33 +28,8 @@
<li
id=
"scoreLi"
onclick=
"change(this)"
>
积分管理
</li>
</ul>
</div>
<div
class=
"rightCnt"
>
<div
id=
"paperadmin"
class=
"userlist"
>
<table
class=
"table tableList"
>
<thead>
</thead>
<tbody>
{% for publication in publications %}
<tr>
<td
class=
"col-sm-2 col-md-2"
>
{{ publication.date }}
</td>
<td
class=
"col-sm-8 col-md-8 col-md-offset-2"
>
<p><a
href=
{{
publication
.
link
}}
target=
"_blank"
>
{{ publication.title }}
</a></p>
<p>
{{ publication.authors }}
</p>
<p>
{{ publication.journalname }}
</p>
</td>
<td
class=
"col-sm-2 col-md-2 col-md-offset-2"
>
<button
class=
"delpubbtn"
onclick=
"delPub(this)"
>
<?xml version="1.0" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svg
t=
"1539054739914"
class=
"icon"
style=
""
height=
"20"
width=
"20"
viewBox=
"0 0 1024 1024"
version=
"1.1"
xmlns=
"http://www.w3.org/2000/svg"
p-id=
"2718"
xmlns:xlink=
"http://www.w3.org/1999/xlink"
><defs><style
type=
"text/css"
></style></defs><path
d=
"M861.012317 164.091494C765.809507 68.885661 639.229448 16.455901 504.590713 16.455901S243.372927 68.885661 148.170117 164.091494C52.965291 259.293296 0.534525 385.874363 0.534525 520.51209c0 134.639743 52.430767 261.217786 147.635592 356.422612 95.20281 95.20281 221.782869 147.633577 356.420596 147.633577s261.217786-52.430767 356.420596-147.633577c95.204825-95.204825 147.635592-221.783877 147.635592-356.422612C1008.646902 385.874363 956.217143 259.293296 861.012317 164.091494zM791.219829 810.54584c-4.394084 4.393077-10.152441 6.590623-15.910797 6.590623-5.759364 0-11.518728-2.197546-15.911805-6.590623L504.590713 555.740334 249.785207 810.54584c-4.394084 4.393077-10.152441 6.590623-15.911805 6.590623-5.758356 0-11.516713-2.197546-15.910797-6.590623-8.788169-8.788169-8.788169-23.036448 0-31.824617L472.767104 523.916725 219.336953 270.485566c-8.788169-8.788169-8.788169-23.036448 0-31.824617 8.788169-8.785146 23.035441-8.785146 31.823609 0l253.431158 253.431158 253.431158-253.431158c8.788169-8.785146 23.035441-8.785146 31.823609 0 8.788169 8.788169 8.788169 23.036448 0 31.824617L536.41533 523.916725l254.804499 254.805506C800.007998 787.509392 800.007998 801.757672 791.219829 810.54584z"
p-id=
"2719"
fill=
"#ff9800"
></path></svg>
</button>
</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
<div
class=
"rightCnt"
>
<!--用户列表-->
<div
id=
"useradmin"
class=
"userlist"
style=
"border:1px solid #000;"
>
...
...
@@ -102,7 +77,35 @@
{% endfor %}
</tbody>
</table>
</div>
</div>
<!--Publication列表-->
<div
id=
"paperadmin"
class=
"userlist"
>
<table
class=
"table tableList"
>
<thead>
</thead>
<tbody>
{% for publication in publications %}
<tr>
<td
class=
"col-sm-2 col-md-2"
>
{{ publication.date }}
</td>
<td
class=
"col-sm-8 col-md-8 col-md-offset-2"
>
<p><a
href=
{{
publication
.
link
}}
target=
"_blank"
>
{{ publication.title }}
</a></p>
<p>
{{ publication.authors }}
</p>
<p>
{{ publication.journalname }}
</p>
</td>
<td
class=
"col-sm-2 col-md-2 col-md-offset-2"
>
<button
class=
"delpubbtn"
onclick=
"delPub(this)"
>
<?xml version="1.0" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svg
t=
"1539054739914"
class=
"icon"
style=
""
height=
"20"
width=
"20"
viewBox=
"0 0 1024 1024"
version=
"1.1"
xmlns=
"http://www.w3.org/2000/svg"
p-id=
"2718"
xmlns:xlink=
"http://www.w3.org/1999/xlink"
><defs><style
type=
"text/css"
></style></defs><path
d=
"M861.012317 164.091494C765.809507 68.885661 639.229448 16.455901 504.590713 16.455901S243.372927 68.885661 148.170117 164.091494C52.965291 259.293296 0.534525 385.874363 0.534525 520.51209c0 134.639743 52.430767 261.217786 147.635592 356.422612 95.20281 95.20281 221.782869 147.633577 356.420596 147.633577s261.217786-52.430767 356.420596-147.633577c95.204825-95.204825 147.635592-221.783877 147.635592-356.422612C1008.646902 385.874363 956.217143 259.293296 861.012317 164.091494zM791.219829 810.54584c-4.394084 4.393077-10.152441 6.590623-15.910797 6.590623-5.759364 0-11.518728-2.197546-15.911805-6.590623L504.590713 555.740334 249.785207 810.54584c-4.394084 4.393077-10.152441 6.590623-15.911805 6.590623-5.758356 0-11.516713-2.197546-15.910797-6.590623-8.788169-8.788169-8.788169-23.036448 0-31.824617L472.767104 523.916725 219.336953 270.485566c-8.788169-8.788169-8.788169-23.036448 0-31.824617 8.788169-8.785146 23.035441-8.785146 31.823609 0l253.431158 253.431158 253.431158-253.431158c8.788169-8.785146 23.035441-8.785146 31.823609 0 8.788169 8.788169 8.788169 23.036448 0 31.824617L536.41533 523.916725l254.804499 254.805506C800.007998 787.509392 800.007998 801.757672 791.219829 810.54584z"
p-id=
"2719"
fill=
"#ff9800"
></path></svg>
</button>
</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
<div
id=
"privateArtadmin"
class=
"userlist"
>
<ul
id=
"articleList"
class=
"node-list"
>
...
...
@@ -217,20 +220,7 @@
encryptSend
(
'/operator/'
,
data
);
// Jsencrypt.do对应服务端处理地址
console
.
log
(
"add user: username = "
+
username
);
});
var
storage
=
window
.
sessionStorage
;
var
username
=
storage
.
username
;
var
identity
=
storage
.
identity
;
if
(
username
!=
null
&&
username
.
toString
().
length
>
0
){
if
(
identity
==
'0'
){
alert
(
"请以管理员身份登录"
);
{
#
window
.
location
.
href
=
"/signin/"
;
#
}
}
else
{
$
(
"#adminname"
).
text
(
username
);
}
}
else
{
alert
(
"请先登录"
);
{
#
window
.
location
.
href
=
"/signin/"
;
#
}
}
});
function
returnToList
()
{
$
(
"#articleList"
).
removeClass
(
"hide"
);
...
...
hunter/templates/hunter/index.html
View file @
b451c0a0
...
...
@@ -378,11 +378,12 @@
success
:
function
(
response
){
console
.
log
(
response
);
if
(
response
[
'message'
]
===
"success"
){
let
user_id
=
response
[
'userid'
];
console
.
log
(
"login OK, ret: "
);
console
.
log
(
response
);
let
user_id
=
response
[
'userid'
];
let
storage
=
window
.
localStorage
;
storage
[
'username'
]
=
username
;
storage
[
'userID'
]
=
user_id
;
console
.
log
(
storage
);
login_success
(
username
,
user_id
);
}
else
{
login_fail
(
response
[
'message'
]);
...
...
@@ -395,11 +396,11 @@
})
}
}
function
login_success
(
name
,
userid
){
function
login_success
(
name
,
userid
){
$
(
'#top_bar'
).
empty
();
$
(
'#top_bar'
).
append
(
"<ul><li><button onclick='logout()'>退出</button></li><li title='点击进入个人中心'><a href='/user/"
+
userid
+
"/'
target='_blank'
>"
+
name
+
"</a></li></ul>"
);
$
(
'#top_bar'
).
append
(
"<ul><li><button onclick='logout()'>退出</button></li><li title='点击进入个人中心'><a href='/user/"
+
userid
+
"/'>"
+
name
+
"</a></li></ul>"
);
hide_log
();
window
.
open
(
"/user/"
+
userid
);
window
.
location
=
(
"/user/"
+
userid
);
//do not use window.open as it will open a new tab.
}
function
login_fail
(
message
){
$
(
'#error_log'
).
empty
();
...
...
hunter/templates/hunter/user.html
View file @
b451c0a0
...
...
@@ -10,6 +10,7 @@
<script
src=
"{% static 'hunter/jquery.form.js' %}"
></script>
</head>
<body>
<div
id=
"edit_div"
class=
""
>
<div
id=
"edit_wrap"
>
<div
id=
"edit_title"
>
修改
</div>
...
...
@@ -45,13 +46,17 @@
<a
href=
""
class=
"main_bar"
onclick=
"exit()"
>
退出登录
</a>
<a
href=
"../../"
class=
"main_bar"
>
返回首页
</a>
<a
href=
"{% url 'hunter:profile_edit' user.userID %}"
target=
"_blank"
class=
"main_bar userID"
id=
""
>
修改个人信息
</a>
<a
href=
"{% url 'hunter:profile_edit' user.userID %}"
class=
"main_bar userID"
id=
""
>
修改个人信息
</a>
<a
href=
"{% url 'hunter:detail' user.userID %}"
class=
"main_bar"
target=
"_blank"
>
查看个人详情页
</a>
<a
href=
"{% url 'hunter:detail' user.userID %}"
class=
"main_bar"
>
查看个人详情页
</a>
{% if user.identity == '1' %}
<a
href=
"../../ht/admin"
class=
"main_bar"
target=
"_blank"
>
管理员
</a>
<a
href=
"javascript:;"
class=
"main_bar"
onclick=
"document.getElementById('form_post_admin').submit();"
>
管理员
</a>
<form
id=
"form_post_admin"
action=
"../../ht/admin/"
method=
"post"
>
{% csrf_token %}
<input
type=
"hidden"
name=
"user_id"
value=
"{{ user.userID }}"
/>
</form>
{% endif %}
<a
href=
"{% url 'hunter:detail' user.userID %}"
id=
"username"
class=
"main_bar"
target=
"_blank"
>
{{ usr.name }}
</a>
<a
href=
"{% url 'hunter:detail' user.userID %}"
id=
"username"
class=
"main_bar"
>
{{ usr.name }}
</a>
</div>
</div>
</div>
...
...
@@ -213,6 +218,12 @@
</script>
<script
type=
"text/javascript"
>
function
postAdminPage
(){
console
.
log
(
"call function postAdminPage"
);
$
.
post
(
"../../ht/admin/"
,
{
username
:
"John"
,
time
:
"2pm"
}
);
//Your values here..
}
window
.
onload
=
function
(){
let
storage
=
window
.
localStorage
;
let
url
=
window
.
location
.
pathname
;
...
...
hunter/views.py
View file @
b451c0a0
...
...
@@ -712,9 +712,30 @@ def edit_art(request, article_id):
return
render
(
request
,
'hunter/editArticle.html'
,
{
'article'
:
art
})
def
check_admin_privilage
(
user_id
):
try
:
user_id
=
int
(
user_id
)
except
:
return
False
user
=
User
.
objects
.
get
(
userID
=
user_id
)
if
user
!=
None
or
user
.
is_admin
():
return
True
else
:
return
False
# 管理员
@ensure_csrf_cookie
def
admin
(
request
):
if
request
.
method
!=
'POST'
:
return
HttpResponse
(
status
=
404
)
user_id
=
request
.
POST
.
get
(
'user_id'
,
''
)
if
user_id
==
''
:
return
HttpResponse
(
status
=
404
)
print
(
"admin user_id = "
,
user_id
)
if
not
check_admin_privilage
(
user_id
):
return
HttpResponse
(
status
=
404
)
if
User
.
objects
.
last
():
if
User
.
objects
.
last
()
.
userID
>
0
:
users
=
User
.
objects
.
all
()
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment