xiaji/diary-family
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(views): 为所有视图添加登录验证装饰器

Browse Source 
为保护用户数据安全,防止未授权访问,在所有需要用户认证的视图函数上添加@login_required装饰器
This commit is contained in:
xiaji
2026-01-28 21:39:41 +08:00
parent bf7f9a8a64
commit f7692a6db6
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
core/views.py
View File

@@ -88,6 +88,7 @@ def index(request):
return render(request, 'core/index.html', context) return render(request, 'core/index.html', context)
# 昨日记录视图 # 昨日记录视图
@login_required
def yesterday_records(request): def yesterday_records(request):
"""昨日记录""" """昨日记录"""
logger.info("用户访问昨日记录页面") logger.info("用户访问昨日记录页面")
@@ -109,6 +110,7 @@ def yesterday_records(request):
return render(request, 'core/yesterday_records.html', context) return render(request, 'core/yesterday_records.html', context)
# 添加阅读记录 # 添加阅读记录
@login_required
def add_reading(request): def add_reading(request):
"""添加阅读记录""" """添加阅读记录"""
if request.method == 'POST': if request.method == 'POST':
@@ -126,6 +128,7 @@ def add_reading(request):
return render(request, 'core/add_reading.html', context) return render(request, 'core/add_reading.html', context)
# 编辑阅读记录 # 编辑阅读记录
@login_required
def edit_reading(request, pk): def edit_reading(request, pk):
"""编辑阅读记录""" """编辑阅读记录"""
reading = get_object_or_404(ReadingRecord, pk=pk) reading = get_object_or_404(ReadingRecord, pk=pk)
@@ -142,6 +145,7 @@ def edit_reading(request, pk):
return render(request, 'core/edit_reading.html', context) return render(request, 'core/edit_reading.html', context)
# 删除阅读记录 # 删除阅读记录
@login_required
def delete_reading(request, pk): def delete_reading(request, pk):
"""删除阅读记录""" """删除阅读记录"""
reading = get_object_or_404(ReadingRecord, pk=pk) reading = get_object_or_404(ReadingRecord, pk=pk)
@@ -154,6 +158,7 @@ def delete_reading(request, pk):
return render(request, 'core/delete_reading.html', context) return render(request, 'core/delete_reading.html', context)
# 添加感悟记录 # 添加感悟记录
@login_required
def add_insight(request): def add_insight(request):
"""添加感悟记录""" """添加感悟记录"""
family_members = FamilyMember.objects.all() family_members = FamilyMember.objects.all()
@@ -172,6 +177,7 @@ def add_insight(request):
return render(request, 'core/add_insight.html', context) return render(request, 'core/add_insight.html', context)
# 编辑感悟记录 # 编辑感悟记录
@login_required
def edit_insight(request, pk): def edit_insight(request, pk):
"""编辑感悟记录""" """编辑感悟记录"""
insight = get_object_or_404(InsightRecord, pk=pk) insight = get_object_or_404(InsightRecord, pk=pk)
@@ -189,6 +195,7 @@ def edit_insight(request, pk):
return render(request, 'core/edit_insight.html', context) return render(request, 'core/edit_insight.html', context)
# 删除感悟记录 # 删除感悟记录
@login_required
def delete_insight(request, pk): def delete_insight(request, pk):
"""删除感悟记录""" """删除感悟记录"""
insight = get_object_or_404(InsightRecord, pk=pk) insight = get_object_or_404(InsightRecord, pk=pk)
@@ -201,6 +208,7 @@ def delete_insight(request, pk):
return render(request, 'core/delete_insight.html', context) return render(request, 'core/delete_insight.html', context)
# 今日记录视图 # 今日记录视图
@login_required
def today_records(request): def today_records(request):
"""今日记录""" """今日记录"""
logger.info("用户访问今日记录页面") logger.info("用户访问今日记录页面")
@@ -220,6 +228,7 @@ def today_records(request):
return render(request, 'core/today_records.html', context) return render(request, 'core/today_records.html', context)
@login_required
# 添加今日阅读记录 # 添加今日阅读记录
def add_today_reading(request): def add_today_reading(request):
"""添加今日阅读记录""" """添加今日阅读记录"""
@@ -266,6 +275,7 @@ def delete_today_reading(request, pk):
return render(request, 'core/delete_reading.html', context) return render(request, 'core/delete_reading.html', context)
# 添加今日感悟记录 # 添加今日感悟记录
@login_required
def add_today_insight(request): def add_today_insight(request):
"""添加今日感悟记录""" """添加今日感悟记录"""
family_members = FamilyMember.objects.all() family_members = FamilyMember.objects.all()
@@ -346,6 +356,7 @@ def add_summary(request):
return render(request, 'core/add_summary.html', context) return render(request, 'core/add_summary.html', context)
# 编辑汇总记录 # 编辑汇总记录
@login_required
def edit_summary(request, pk): def edit_summary(request, pk):
"""编辑汇总记录""" """编辑汇总记录"""
summary = get_object_or_404(Summary, pk=pk) summary = get_object_or_404(Summary, pk=pk)
@@ -364,6 +375,7 @@ def edit_summary(request, pk):
return render(request, 'core/edit_summary.html', context) return render(request, 'core/edit_summary.html', context)
# 删除汇总记录 # 删除汇总记录
@login_required
def delete_summary(request, pk): def delete_summary(request, pk):
"""删除汇总记录""" """删除汇总记录"""
summary = get_object_or_404(Summary, pk=pk) summary = get_object_or_404(Summary, pk=pk)
@@ -376,6 +388,7 @@ def delete_summary(request, pk):
return render(request, 'core/delete_summary.html', context) return render(request, 'core/delete_summary.html', context)
# 家庭事项视图 # 家庭事项视图
@login_required
def family_tasks(request): def family_tasks(request):
"""家庭事项""" """家庭事项"""
logger.info("用户访问家庭事项页面") logger.info("用户访问家庭事项页面")
@@ -419,6 +432,7 @@ def edit_family_task(request, pk):
return render(request, 'core/edit_family_task.html', context) return render(request, 'core/edit_family_task.html', context)
# 删除家庭事项 # 删除家庭事项
@login_required
def delete_family_task(request, pk): def delete_family_task(request, pk):
"""删除家庭事项""" """删除家庭事项"""
task = get_object_or_404(FamilyTask, pk=pk) task = get_object_or_404(FamilyTask, pk=pk)
@@ -447,6 +461,7 @@ def today_plan(request):
return render(request, 'core/today_plan.html', context) return render(request, 'core/today_plan.html', context)
# 添加今日计划 # 添加今日计划
@login_required
def add_today_plan(request): def add_today_plan(request):
"""添加今日计划""" """添加今日计划"""
family_members = FamilyMember.objects.all() family_members = FamilyMember.objects.all()
@@ -492,6 +507,7 @@ def delete_today_plan(request, pk):
return render(request, 'core/delete_today_plan.html', context) return render(request, 'core/delete_today_plan.html', context)
# 切换今日计划状态 # 切换今日计划状态
@login_required
def toggle_today_plan(request, pk): def toggle_today_plan(request, pk):
"""切换今日计划状态""" """切换今日计划状态"""
plan = get_object_or_404(TodayPlan, pk=pk) plan = get_object_or_404(TodayPlan, pk=pk)
@@ -507,6 +523,7 @@ def toggle_today_plan(request, pk):
return redirect('today_plan') return redirect('today_plan')
# 生成报告 # 生成报告
@login_required
def generate_report(request): def generate_report(request):
"""生成报告""" """生成报告"""
logger.info("用户访问报告生成页面") logger.info("用户访问报告生成页面")
@@ -588,6 +605,7 @@ def view_report(request, date):
return render(request, 'core/report.html', context) return render(request, 'core/report.html', context)
# 生成PDF报告 # 生成PDF报告
@login_required
def generate_pdf_report(request, date): def generate_pdf_report(request, date):
"""生成PDF报告""" """生成PDF报告"""
if not is_weasyprint_available(): if not is_weasyprint_available():
@@ -679,6 +697,7 @@ def preview_pdf_report(request, date):
return HttpResponse(f"预览PDF报告失败: {str(e)}", status=500) return HttpResponse(f"预览PDF报告失败: {str(e)}", status=500)
# 系统配置 # 系统配置
@login_required
def system_settings(request): def system_settings(request):
"""系统配置""" """系统配置"""
logger.info("用户访问系统配置页面") logger.info("用户访问系统配置页面")
@@ -778,6 +797,7 @@ def send_email(request):
return send_email_view(request) return send_email_view(request)
# PDF文件列表 # PDF文件列表
@login_required
def pdf_list(request): def pdf_list(request):
"""显示服务器上已有的PDF文件列表""" """显示服务器上已有的PDF文件列表"""
logger.info("用户访问PDF文件列表页面") logger.info("用户访问PDF文件列表页面")