管理员页面使用session保持认证。

hunter/static/hunter/admin.css

@@ -291,6 +291,11 @@ svg{
     height:45px;
     line-height: 45px;
 }
+.list_private_art {
+    width:100%;
+    height:50px;
+    line-height: 50px;
+}
 .user_score_List>.list_head >ul> li,.list_score_body > li{
     width:25%;
     float: left;

hunter/views.py

 from django.shortcuts import render, get_object_or_404
-from django.http import HttpResponse, Http404
+from django.http import HttpResponse, Http404, HttpResponseNotFound
 from .models import *
 from django.core.exceptions import ObjectDoesNotExist
 from django.http import JsonResponse
@@ -725,16 +725,19 @@ def check_admin_privilage(user_id):
 
 # 管理员
 def admin(request):
-    if request.method != 'POST':
-        return  HttpResponse(status=404)
-
-    user_id = request.POST.get('user_id', '')
-    if user_id == '':
-        return  HttpResponse(status=404)
-    print ("admin user_id = ", user_id)
-
-    if not check_admin_privilage(user_id):
-        return HttpResponse(status=404)
+    admin_id = request.session.get('admin_id')
+    if admin_id == None:
+        if request.method != 'POST':
+            return HttpResponseNotFound('<h1>Page not found</h1>')
+
+        user_id = request.POST.get('user_id', '')
+        if user_id == '':
+            return  HttpResponse(status=404)
+        print ("admin user_id = ", user_id)
+
+        if not check_admin_privilage(user_id):
+            return HttpResponse(status=404)
+        request.session['admin_id'] = user_id
 
     if User.objects.last():
         if User.objects.last().userID > 0: