deliveryman/deliveryman-api
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

增加用户角色和头像字段。

Browse Source
This commit is contained in:
aaron 2025-01-05 11:01:27 +08:00
parent 5fa3da3743
commit 2fde433561
3 changed files with 61 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/api/deps.py
View File

@ -2,7 +2,7 @@ from fastapi import Depends, HTTPException, Header, Cookie
from typing import Optional from typing import Optional
from sqlalchemy.orm import Session from sqlalchemy.orm import Session
from app.models.database import get_db from app.models.database import get_db
from app.models.user import UserDB from app.models.user import UserDB, UserRole
from app.core.security import verify_token from app.core.security import verify_token
async def get_current_user( async def get_current_user(
@ -32,6 +32,14 @@ async def get_current_user(
async def get_admin_user( async def get_admin_user(
current_user: UserDB = Depends(get_current_user) current_user: UserDB = Depends(get_current_user)
) -> UserDB: ) -> UserDB:
if not current_user.is_admin: if UserRole.ADMIN not in current_user.roles:
raise HTTPException(status_code=403, detail="需要管理员权限") raise HTTPException(status_code=403, detail="需要管理员权限")
return current_user return current_user
async def get_deliveryman_user(
current_user: UserDB = Depends(get_current_user)
) -> UserDB:
"""验证配送员权限"""
if UserRole.DELIVERYMAN not in current_user.roles:
raise HTTPException(status_code=403, detail="需要配送员权限")
return current_user

42
app/api/endpoints/user.py
View File

@ -1,7 +1,7 @@
from fastapi import APIRouter, HTTPException, Depends, Response from fastapi import APIRouter, HTTPException, Depends, Response
from sqlalchemy.orm import Session from sqlalchemy.orm import Session
from app.models.user import UserLogin, UserInfo, VerifyCodeRequest, UserDB, UserUpdate from app.models.user import UserLogin, UserInfo, VerifyCodeRequest, UserDB, UserUpdate, UserRole
from app.api.deps import get_current_user from app.api.deps import get_current_user, get_admin_user
from app.models.database import get_db from app.models.database import get_db
import random import random
import string import string
@ -13,6 +13,7 @@ from datetime import timedelta
from app.core.security import create_access_token, set_jwt_cookie, clear_jwt_cookie from app.core.security import create_access_token, set_jwt_cookie, clear_jwt_cookie
from app.core.response import success_response, error_response, ResponseModel from app.core.response import success_response, error_response, ResponseModel
from pydantic import BaseModel, Field from pydantic import BaseModel, Field
from typing import List
router = APIRouter() router = APIRouter()
@ -86,7 +87,8 @@ async def login(
if not user: if not user:
user = UserDB( user = UserDB(
username=f"user_{phone[-4:]}", username=f"user_{phone[-4:]}",
phone=phone phone=phone,
roles=[UserRole.USER]
) )
db.add(user) db.add(user)
db.commit() db.commit()
@ -192,3 +194,37 @@ async def update_user_info(
except Exception as e: except Exception as e:
db.rollback() db.rollback()
return error_response(code=500, message=f"更新失败: {str(e)}") return error_response(code=500, message=f"更新失败: {str(e)}")
@router.put("/roles", response_model=ResponseModel)
async def update_user_roles(
user_id: int,
roles: List[UserRole],
db: Session = Depends(get_db),
admin: UserDB = Depends(get_admin_user)
):
"""更新用户角色(管理员)"""
user = db.query(UserDB).filter(UserDB.userid == user_id).first()
if not user:
return error_response(code=404, message="用户不存在")
# 确保至少有一个角色
if not roles:
return error_response(code=400, message="用户必须至少有一个角色")
# 确保普通用户角色始终存在
if UserRole.USER not in roles:
roles.append(UserRole.USER)
# 更新角色
user.roles = list(set(roles)) # 去重
try:
db.commit()
db.refresh(user)
return success_response(
message="用户角色更新成功",
data=UserInfo.model_validate(user)
)
except Exception as e:
db.rollback()
return error_response(code=500, message=f"更新失败: {str(e)}")

15
app/models/user.py
View File

@ -1,8 +1,15 @@
from sqlalchemy import Column, String, DateTime,Integer, Boolean from sqlalchemy import Column, String, DateTime,Integer, Boolean
from sqlalchemy.sql import func from sqlalchemy.sql import func
from sqlalchemy.dialects.mysql import JSON
from pydantic import BaseModel, Field from pydantic import BaseModel, Field
from .database import Base from .database import Base
from typing import Optional from typing import Optional, List
import enum
class UserRole(str, enum.Enum):
USER = "user"
DELIVERYMAN = "deliveryman"
ADMIN = "admin"
# 数据库模型 # 数据库模型
class UserDB(Base): class UserDB(Base):
@ -11,7 +18,8 @@ class UserDB(Base):
userid = Column(Integer, primary_key=True,autoincrement=True, index=True) userid = Column(Integer, primary_key=True,autoincrement=True, index=True)
username = Column(String(50)) username = Column(String(50))
phone = Column(String(11), unique=True, index=True) phone = Column(String(11), unique=True, index=True)
is_admin = Column(Boolean, default=False) avatar = Column(String(200), nullable=True) # 头像URL地址
roles = Column(JSON, default=lambda: [UserRole.USER]) # 存储角色列表
create_time = Column(DateTime(timezone=True), server_default=func.now()) create_time = Column(DateTime(timezone=True), server_default=func.now())
update_time = Column(DateTime(timezone=True), onupdate=func.now()) update_time = Column(DateTime(timezone=True), onupdate=func.now())
@ -24,7 +32,8 @@ class UserInfo(BaseModel):
userid: int userid: int
username: str username: str
phone: str phone: str
is_admin: bool avatar: Optional[str] = None
roles: List[UserRole]
class Config: class Config:
from_attributes = True from_attributes = True