feat: 后台管理功能增强

1. 前端用户下拉菜单优化 - 改用CSS动画，解决鼠标移动问题 2. 帖子管理增加显示/隐藏开关 3. 帖子详情页可直接删除回复 4. 新增回复管理页面（列表、删除） 5. 用户管理增加编辑功能（用户名、邮箱、手机、简介） 6. 用户管理增加查看帖子按钮 7. 所有页面侧边栏添加回复管理入口 8. 数据库增加 is_hidden 字段
2026-04-12 18:16:36 +08:00
parent e7ebc3a4d6
commit cd087e9931
9 changed files with 458 additions and 48 deletions
--- a/backend/app.py
+++ b/backend/app.py
@@ -128,6 +128,11 @@ def admin_users_page():
 def admin_posts_page():
    return render_template('posts.html')

+@app.route('/admin/replies')
+@admin_required
+def admin_replies_page():
+    return render_template('replies.html')
+
@app.route('/admin/topics')
@admin_required
 def admin_topics_page():
@@ -312,6 +317,92 @@ def admin_api_pin_post(post_id):
        'is_pinned': new_pin
    })

+@app.route('/admin/api/posts/<post_id>/hide', methods=['POST'])
+@admin_required
+def admin_api_hide_post(post_id):
+    """切换帖子显示/隐藏"""
+    new_hidden = post_model.toggle_hidden(post_id)
+    return jsonify({
+        'success': True,
+        'is_hidden': new_hidden
+    })
+
+# ============ 回复管理 API ============
+
+@app.route('/admin/api/replies')
+@admin_required
+def admin_api_replies():
+    """获取所有回复列表"""
+    replies = reply_model.get_all(limit=100)
+    
+    reply_list = []
+    for reply in replies:
+        author = user_model.get_by_id(reply['author_id']) or {}
+        post = post_model.get_by_id(reply['post_id']) or {}
+        reply_list.append({
+            'id': reply['id'],
+            'content': reply['content'][:100] + '...' if len(reply['content']) > 100 else reply['content'],
+            'author': author.get('username', '未知'),
+            'post_title': post.get('title', '未知'),
+            'post_id': reply['post_id'],
+            'likes': len(reply['likes']),
+            'created_at': reply['created_at'],
+        })
+    
+    return jsonify(reply_list)
+
+@app.route('/admin/api/replies/<reply_id>', methods=['DELETE'])
+@admin_required
+def admin_api_delete_reply(reply_id):
+    """删除回复"""
+    reply_model.delete(reply_id)
+    return jsonify({'success': True})
+
+# ============ 用户管理 API ============
+
+@app.route('/admin/api/users/<user_id>', methods=['PUT'])
+@admin_required
+def admin_api_update_user(user_id):
+    """编辑用户信息"""
+    data = request.json
+    
+    update_fields = {}
+    if data.get('username'):
+        update_fields['username'] = data['username'].strip()
+    if data.get('email'):
+        update_fields['email'] = data['email'].strip().lower()
+    if data.get('phone'):
+        update_fields['phone'] = data['phone'].strip()
+    if data.get('bio'):
+        update_fields['bio'] = data['bio'].strip()
+    
+    if not update_fields:
+        return jsonify({'error': '没有要更新的字段'}), 400
+    
+    # 更新用户
+    user = user_model.get_by_id(user_id)
+    if not user:
+        return jsonify({'error': '用户不存在'}), 404
+    
+    # 检查用户名/邮箱是否重复
+    if 'username' in update_fields:
+        existing = user_model.get_by_username(update_fields['username'])
+        if existing and existing['id'] != user_id:
+            return jsonify({'error': '用户名已存在'}), 400
+    
+    if 'email' in update_fields:
+        existing = user_model.get_by_email(update_fields['email'])
+        if existing and existing['id'] != user_id:
+            return jsonify({'error': '邮箱已存在'}), 400
+    
+    with db.get_conn() as conn:
+        set_clause = ', '.join([f"{k} = ?" for k in update_fields.keys()])
+        conn.execute(f"UPDATE users SET {set_clause}, updated_at = ? WHERE id = ?",
+                     list(update_fields.values()) + [datetime.datetime.now().isoformat(), user_id])
+        conn.commit()
+    
+    return jsonify({'success': True})
+
@app.route('/admin/api/topics')
@admin_required
 def admin_api_topics():