管理员页面使用session保持认证。

hunter/static/hunter/admin.css

@@ -291,6 +291,11 @@ svg{
     height:45px;
     line-height: 45px;
 }
+.list_private_art {
+    width:100%;
+    height:50px;
+    line-height: 50px;
+}
 .user_score_List>.list_head >ul> li,.list_score_body > li{
     width:25%;
     float: left;

hunter/templates/hunter/admin.html

@@ -80,7 +80,7 @@
         </div>
 
         <!--Publication列表-->
-        <div id="paperadmin" class="userlist">
+        <div id="paperadmin" class="userlist" style="border:1px solid #000;">
             <table class="table tableList">
                 <thead>
                     
@@ -107,7 +107,9 @@
             </table>
         </div>
 
-        <div id="privateArtadmin" class="userlist" >
+        <!--内部文章管理-->
+        <div id="privateArtadmin" class="userlist" style="border:1px solid #000;">
+            <div class="list_private_art">  
                 <ul id="articleList" class="node-list">
                     {% for article in articles %}
                         <li>
@@ -121,6 +123,8 @@
                         </li>
                     {% endfor %}
                 </ul>
+            </div>
+            
             <div id="articleView" class="hide" >
                 <button class="lastStep" onclick="returnToList()"><?xml version="1.0" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg t="1541063213171" class="icon" style="" viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="2135" xmlns:xlink="http://www.w3.org/1999/xlink" width="200" height="200"><defs><style type="text/css"></style></defs><path d="M939.880137 487.72513l-782.215258 0 358.804922-318.92975c12.389168-11.011798 13.505595-29.980825 2.492774-42.369993-11.011798-12.386098-29.977755-13.505595-42.367947-2.492774L64.602344 490.13911c-6.407943 5.693676-10.073426 13.858636-10.073426 22.430872s3.665483 16.737196 10.073426 22.430872l411.993309 366.204449c5.717212 5.083785 12.83533 7.580652 19.925818 7.580652 8.274454 0 16.514115-3.403516 22.442128-10.07445 11.011798-12.387122 9.896394-31.357172-2.492774-42.367947L169.687704 548.100196 939.880137 548.100196c16.57449 0 30.011524-13.613042 30.011524-30.187533S956.454628 487.72513 939.880137 487.72513z" p-id="2136" fill="#FF9800"></path></svg></button>
                 <div id="artTitle"><h1></h1></div>
@@ -128,7 +132,11 @@
                 <div id="content"></div>
             </div>
         </div>
-        <div id="scoreRecords" class="userlist">
+
+        
+
+        <!--学习积分-->
+        <div id="scoreRecords" class="userlist" style="border:1px solid #000;">
             <div style="width:100%;height:50px;">
                 <span id="user_score_List" style="color:#ff9800" onclick="changeScoreList(this)">积分列表</span>
                 <span id="score_history_List" onclick="changeScoreList(this)">详细记录</span>

hunter/views.py

 from django.shortcuts import render, get_object_or_404
-from django.http import HttpResponse, Http404
+from django.http import HttpResponse, Http404, HttpResponseNotFound
 from .models import *
 from django.core.exceptions import ObjectDoesNotExist
 from django.http import JsonResponse
@@ -725,8 +725,10 @@ def check_admin_privilage(user_id):
 
 # 管理员
 def admin(request):
+    admin_id = request.session.get('admin_id')
+    if admin_id == None:
         if request.method != 'POST':
-        return  HttpResponse(status=404)
+            return HttpResponseNotFound('<h1>Page not found</h1>')
 
         user_id = request.POST.get('user_id', '')
         if user_id == '':
@@ -735,6 +737,7 @@ def admin(request):
 
         if not check_admin_privilage(user_id):
             return HttpResponse(status=404)
+        request.session['admin_id'] = user_id
 
     if User.objects.last():
         if User.objects.last().userID > 0: