# routes/admin.py from flask import Blueprint, render_template, request, jsonify, flash, redirect, url_for from flask_login import login_user, login_required, current_user from app.extensions import db from app.models.user import User from app.models.teacher import Teacher from app.models.student import Student from app.models.course import Course from app.models.booking import Booking from app.models.feedback import Feedback from app.models.announcement import Announcement admin_bp = Blueprint('admin', __name__) @admin_bp.before_request def require_admin(): """ 全局管理员权限检查 排除登录页,防止被拦截 """ # 如果是登录页,直接放行 if request.endpoint == 'admin.admin_login': return # 检查是否登录 if not current_user.is_authenticated: return redirect(url_for('admin.admin_login')) # 检查是否为管理员 if not current_user.is_admin: flash('您没有权限访问此页面。', 'error') return redirect(url_for('main.index')) @admin_bp.route('/admin', methods=['GET', 'POST']) def admin_login(): """管理员登录页面""" if request.method == 'POST': email = request.form.get('email').strip() password = request.form.get('password') print("🎯 管理员登录尝试:") print(f" 邮箱/用户名: '{email}'") # 支持邮箱或用户名登录 user = User.query.filter( (User.email == email) | (User.username == email) ).first() if user and user.check_password(password): if user.is_admin: login_user(user) print(f"✅ 管理员 {user.username} 登录成功!") flash('欢迎回来,管理员!', 'success') return redirect(url_for('admin.dashboard')) else: print("❌ 用户不是管理员") flash('您没有权限访问此页面。', 'error') else: print("❌ 用户不存在或密码错误") flash('用户名或密码错误!', 'error') return redirect(url_for('admin.admin_login')) return render_template('admin/login.html') @admin_bp.route('/') @login_required def dashboard(): """管理员仪表盘""" stats = { 'total_users': User.query.count(), 'total_teachers': Teacher.query.count(), 'total_students': Student.query.count(), 'total_courses': Course.query.count(), 'pending_bookings': Booking.query.filter_by(status='pending').count(), 'pending_teachers': Teacher.query.filter_by(is_verified=False).count(), 'recent_feedbacks': Feedback.query.count(), 'total_revenue': db.session.query(db.func.sum(Booking.total_amount)).filter( Booking.status == 'completed' ).scalar() or 0 } recent_bookings = Booking.query.order_by(Booking.created_at.desc()).limit(10).all() recent_feedbacks = Feedback.query.order_by(Feedback.created_at.desc()).limit(10).all() return render_template('admin/dashboard.html', stats=stats, recent_bookings=recent_bookings, recent_feedbacks=recent_feedbacks) @admin_bp.route('/users') @login_required def users(): """用户管理""" page = request.args.get('page', 1, type=int) per_page = 20 role = request.args.get('role') query = User.query if role: query = query.filter_by(role=role) users = query.order_by(User.created_at.desc()).paginate( page=page, per_page=per_page, error_out=False ) return render_template('admin/users.html', users=users) @admin_bp.route('/teachers') @login_required def teachers(): """老师管理""" page = request.args.get('page', 1, type=int) per_page = 20 verified = request.args.get('verified') query = Teacher.query.join(User) if verified == 'pending': query = query.filter(Teacher.is_verified == False) elif verified == 'verified': query = query.filter(Teacher.is_verified == True) teachers = query.order_by(Teacher.created_at.desc()).paginate( page=page, per_page=per_page, error_out=False ) # 🔴 关键修复:添加 stats 统计数据 stats = { 'total_users': User.query.count(), 'total_teachers': Teacher.query.count(), 'total_students': Student.query.count(), 'total_courses': Course.query.count(), 'pending_bookings': Booking.query.filter_by(status='pending').count(), 'pending_teachers': Teacher.query.filter_by(is_verified=False).count(), 'recent_feedbacks': Feedback.query.count(), 'total_revenue': db.session.query(db.func.sum(Booking.total_amount)).filter( Booking.status == 'completed' ).scalar() or 0 } # return render_template('admin/teachers.html', teachers=teachers) return render_template( 'admin/teachers.html', teachers=teachers, stats=stats # ✅ 必须传入 stats ) @admin_bp.route('/teacher/verify/', methods=['POST']) @login_required def verify_teacher(teacher_id): """审核通过老师""" teacher = Teacher.query.get_or_404(teacher_id) teacher.is_verified = True db.session.commit() flash(f'已通过 {teacher.full_name} 的认证申请', 'success') return redirect(url_for('admin.teachers')) @admin_bp.route('/courses') @login_required def courses(): """课程管理""" page = request.args.get('page', 1, type=int) per_page = 20 courses = Course.query.order_by(Course.created_at.desc()).paginate( page=page, per_page=per_page, error_out=False ) return render_template('admin/courses.html', courses=courses) @admin_bp.route('/bookings') @login_required def bookings(): """预约管理""" page = request.args.get('page', 1, type=int) per_page = 20 status = request.args.get('status') query = Booking.query if status: query = query.filter_by(status=status) bookings = query.order_by(Booking.booking_time.desc()).paginate( page=page, per_page=per_page, error_out=False ) return render_template('admin/bookings.html', bookings=bookings) @admin_bp.route('/feedback') @login_required def feedback(): """反馈管理""" page = request.args.get('page', 1, type=int) per_page = 20 feedbacks = Feedback.query.order_by(Feedback.created_at.desc()).paginate( page=page, per_page=per_page, error_out=False ) return render_template('admin/feedback.html', feedbacks=feedbacks) @admin_bp.route('/announcements') @login_required def announcements(): """公告管理""" announcements = Announcement.query.order_by( Announcement.is_pinned.desc(), Announcement.publish_at.desc() ).all() return render_template('admin/announcements.html', announcements=announcements) @admin_bp.route('/announcement/create', methods=['GET', 'POST']) @login_required def create_announcement(): """创建公告""" if request.method == 'POST': title = request.form.get('title') content = request.form.get('content') announcement_type = request.form.get('type') target_audience = request.form.get('target_audience') is_published = bool(request.form.get('is_published')) is_pinned = bool(request.form.get('is_pinned')) announcement = Announcement( title=title, content=content, announcement_type=announcement_type, target_audience=target_audience, is_published=is_published, is_pinned=is_pinned ) db.session.add(announcement) db.session.commit() flash('公告创建成功!', 'success') return redirect(url_for('admin.announcements')) return render_template('admin/create_announcement.html') @admin_bp.route('/database') @login_required def database_management(): """数据库管理""" return render_template('admin/database.html') @admin_bp.route('/api/stats') @login_required def api_stats(): """统计数据API""" stats = { 'users': { 'total': User.query.count(), 'students': User.query.filter_by(role='student').count(), 'teachers': User.query.filter_by(role='teacher').count(), 'today': User.query.filter( db.func.date(User.created_at) == db.func.current_date() ).count() }, 'bookings': { 'total': Booking.query.count(), 'completed': Booking.query.filter_by(status='completed').count(), 'pending': Booking.query.filter_by(status='pending').count() }, 'revenue': { 'total': db.session.query(db.func.sum(Booking.total_amount)).filter( Booking.status == 'completed' ).scalar() or 0, 'monthly': db.session.query(db.func.sum(Booking.total_amount)).filter( Booking.status == 'completed', db.func.month(Booking.created_at) == db.func.month(db.func.now()), db.func.year(Booking.created_at) == db.func.year(db.func.now()) ).scalar() or 0 } } return jsonify(stats)