feat(views): 为所有视图添加登录验证装饰器
为保护用户数据安全,防止未授权访问,在所有需要用户认证的视图函数上添加@login_required装饰器
This commit is contained in:
@@ -88,6 +88,7 @@ def index(request):
|
||||
return render(request, 'core/index.html', context)
|
||||
|
||||
# 昨日记录视图
|
||||
@login_required
|
||||
def yesterday_records(request):
|
||||
"""昨日记录"""
|
||||
logger.info("用户访问昨日记录页面")
|
||||
@@ -109,6 +110,7 @@ def yesterday_records(request):
|
||||
return render(request, 'core/yesterday_records.html', context)
|
||||
|
||||
# 添加阅读记录
|
||||
@login_required
|
||||
def add_reading(request):
|
||||
"""添加阅读记录"""
|
||||
if request.method == 'POST':
|
||||
@@ -126,6 +128,7 @@ def add_reading(request):
|
||||
return render(request, 'core/add_reading.html', context)
|
||||
|
||||
# 编辑阅读记录
|
||||
@login_required
|
||||
def edit_reading(request, pk):
|
||||
"""编辑阅读记录"""
|
||||
reading = get_object_or_404(ReadingRecord, pk=pk)
|
||||
@@ -142,6 +145,7 @@ def edit_reading(request, pk):
|
||||
return render(request, 'core/edit_reading.html', context)
|
||||
|
||||
# 删除阅读记录
|
||||
@login_required
|
||||
def delete_reading(request, pk):
|
||||
"""删除阅读记录"""
|
||||
reading = get_object_or_404(ReadingRecord, pk=pk)
|
||||
@@ -154,6 +158,7 @@ def delete_reading(request, pk):
|
||||
return render(request, 'core/delete_reading.html', context)
|
||||
|
||||
# 添加感悟记录
|
||||
@login_required
|
||||
def add_insight(request):
|
||||
"""添加感悟记录"""
|
||||
family_members = FamilyMember.objects.all()
|
||||
@@ -172,6 +177,7 @@ def add_insight(request):
|
||||
return render(request, 'core/add_insight.html', context)
|
||||
|
||||
# 编辑感悟记录
|
||||
@login_required
|
||||
def edit_insight(request, pk):
|
||||
"""编辑感悟记录"""
|
||||
insight = get_object_or_404(InsightRecord, pk=pk)
|
||||
@@ -189,6 +195,7 @@ def edit_insight(request, pk):
|
||||
return render(request, 'core/edit_insight.html', context)
|
||||
|
||||
# 删除感悟记录
|
||||
@login_required
|
||||
def delete_insight(request, pk):
|
||||
"""删除感悟记录"""
|
||||
insight = get_object_or_404(InsightRecord, pk=pk)
|
||||
@@ -201,6 +208,7 @@ def delete_insight(request, pk):
|
||||
return render(request, 'core/delete_insight.html', context)
|
||||
|
||||
# 今日记录视图
|
||||
@login_required
|
||||
def today_records(request):
|
||||
"""今日记录"""
|
||||
logger.info("用户访问今日记录页面")
|
||||
@@ -220,6 +228,7 @@ def today_records(request):
|
||||
|
||||
return render(request, 'core/today_records.html', context)
|
||||
|
||||
@login_required
|
||||
# 添加今日阅读记录
|
||||
def add_today_reading(request):
|
||||
"""添加今日阅读记录"""
|
||||
@@ -266,6 +275,7 @@ def delete_today_reading(request, pk):
|
||||
return render(request, 'core/delete_reading.html', context)
|
||||
|
||||
# 添加今日感悟记录
|
||||
@login_required
|
||||
def add_today_insight(request):
|
||||
"""添加今日感悟记录"""
|
||||
family_members = FamilyMember.objects.all()
|
||||
@@ -346,6 +356,7 @@ def add_summary(request):
|
||||
return render(request, 'core/add_summary.html', context)
|
||||
|
||||
# 编辑汇总记录
|
||||
@login_required
|
||||
def edit_summary(request, pk):
|
||||
"""编辑汇总记录"""
|
||||
summary = get_object_or_404(Summary, pk=pk)
|
||||
@@ -364,6 +375,7 @@ def edit_summary(request, pk):
|
||||
return render(request, 'core/edit_summary.html', context)
|
||||
|
||||
# 删除汇总记录
|
||||
@login_required
|
||||
def delete_summary(request, pk):
|
||||
"""删除汇总记录"""
|
||||
summary = get_object_or_404(Summary, pk=pk)
|
||||
@@ -376,6 +388,7 @@ def delete_summary(request, pk):
|
||||
return render(request, 'core/delete_summary.html', context)
|
||||
|
||||
# 家庭事项视图
|
||||
@login_required
|
||||
def family_tasks(request):
|
||||
"""家庭事项"""
|
||||
logger.info("用户访问家庭事项页面")
|
||||
@@ -419,6 +432,7 @@ def edit_family_task(request, pk):
|
||||
return render(request, 'core/edit_family_task.html', context)
|
||||
|
||||
# 删除家庭事项
|
||||
@login_required
|
||||
def delete_family_task(request, pk):
|
||||
"""删除家庭事项"""
|
||||
task = get_object_or_404(FamilyTask, pk=pk)
|
||||
@@ -447,6 +461,7 @@ def today_plan(request):
|
||||
return render(request, 'core/today_plan.html', context)
|
||||
|
||||
# 添加今日计划
|
||||
@login_required
|
||||
def add_today_plan(request):
|
||||
"""添加今日计划"""
|
||||
family_members = FamilyMember.objects.all()
|
||||
@@ -492,6 +507,7 @@ def delete_today_plan(request, pk):
|
||||
return render(request, 'core/delete_today_plan.html', context)
|
||||
|
||||
# 切换今日计划状态
|
||||
@login_required
|
||||
def toggle_today_plan(request, pk):
|
||||
"""切换今日计划状态"""
|
||||
plan = get_object_or_404(TodayPlan, pk=pk)
|
||||
@@ -507,6 +523,7 @@ def toggle_today_plan(request, pk):
|
||||
return redirect('today_plan')
|
||||
|
||||
# 生成报告
|
||||
@login_required
|
||||
def generate_report(request):
|
||||
"""生成报告"""
|
||||
logger.info("用户访问报告生成页面")
|
||||
@@ -588,6 +605,7 @@ def view_report(request, date):
|
||||
return render(request, 'core/report.html', context)
|
||||
|
||||
# 生成PDF报告
|
||||
@login_required
|
||||
def generate_pdf_report(request, date):
|
||||
"""生成PDF报告"""
|
||||
if not is_weasyprint_available():
|
||||
@@ -679,6 +697,7 @@ def preview_pdf_report(request, date):
|
||||
return HttpResponse(f"预览PDF报告失败: {str(e)}", status=500)
|
||||
|
||||
# 系统配置
|
||||
@login_required
|
||||
def system_settings(request):
|
||||
"""系统配置"""
|
||||
logger.info("用户访问系统配置页面")
|
||||
@@ -778,6 +797,7 @@ def send_email(request):
|
||||
return send_email_view(request)
|
||||
|
||||
# PDF文件列表
|
||||
@login_required
|
||||
def pdf_list(request):
|
||||
"""显示服务器上已有的PDF文件列表"""
|
||||
logger.info("用户访问PDF文件列表页面")
|
||||
|
||||
Reference in New Issue
Block a user