首先创建一个后缀为py的文档然后写如代码:
from flask import Flask, redirect, render_template, url_for, flash, request, jsonify
from flask_sqlalchemy import SQLAlchemy
from flask_login import UserMixin, LoginManager
from werkzeug.security import generate_password_hash, check_password_hash
from datetime import datetime
from flask_login import login_required, current_user, login_user, logout_user
app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql+pymysql://root:010811@127.0.0.1:3306/jiuwu'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['SQLALCHEMY_ECHO'] = True
app.config['SECRET_KEY'] = 'AASDFASDF'
db = SQLAlchemy(app)
login_manager = LoginManager()
login_manager.init_app(app)
@login_manager.user_loader
def load_user(user_id):
user = db.session.query(User).get(user_id)
return user
class Goods(db.Model):
__tablename__ = 'goods'
id = db.Column(db.Integer, primary_key=True, unique=True)
good_name = db.Column(db.String(64))
post_name = db.Column(db.String(64), index=True)
good_info = db.Column(db.String(64))
price = db.Column(db.Integer)
img = db.Column(db.String(64))
good_state = db.Column(db.String(64))
class User(UserMixin, db.Model):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True, unique=True)
username = db.Column(db.String(64), unique=True, index=True)
password_hash = db.Column(db.String(128))
gender = db.Column(db.Integer, default=1)
phone = db.Column(db.String(20))
# 0:管理员 1:用户
user_type = db.Column(db.Integer, default=1)
# 头像图片链接
avata = db.Column(db.String(256), default='../static/img/avata/defaultavata.jpg')
# 密码加密及验证
@property
def password(self):
raise AttributeError('password is not a readable attribute')
@password.setter
def password(self, password):
self.password_hash = generate_password_hash(password)
def verify_password(self, password):
return check_password_hash(self.password_hash, password)
def check_username(username):
result = User.query.filter_by(username=username).first()
if result:
return True
else:
return False
class Order(db.Model):
__tablename__ = 'orders'
id = db.Column(db.Integer, primary_key=True, unique=True)
good_id = db.Column(db.String(64), unique=True)
buy_id = db.Column(db.String(64), index=True)
date = db.Column(db.String(20), index=True)
from forms import LoginForm, RegisterForm
@app.route('/', methods=["post", "get"])
@app.route('/login', methods=["post", "get"])
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is not None and user.verify_password(form.password.data):
login_user(user, True)
if user.user_type == 0:
return redirect(url_for('admin'))
else:
return redirect(url_for('user'))
flash('用户名或密码错误')
return render_template('login.html', form=form)
@app.route('/register', methods=["post", "get"])
def register():
form = RegisterForm()
if (request.method == "POST"):
if form.validate_on_submit():
print(form.gender.data)
if (form.avata.data == ""):
user = User(username=form.username.data, password=form.password.data, gender=int(form.gender.data),
phone=form.contact.data)
else:
user = User(username=form.username.data, password=form.password.data, gender=int(form.gender.data),
phone=form.contact.data, avata=form.avata.data)
db.session.add(user)
db.session.commit()
flash('注册成功!')
return redirect(url_for('login'))
else:
flash('填写注册信息有误,用户名重复')
return render_template('register.html', form=form)
@app.route('/admin/add_user', methods=["post", "get"])
def add_user():
user_gender = int(request.form['gender'])
password = "666666"
user = User(username=request.form['username'], password=password, gender=user_gender,
phone=request.form['phone'], avata=request.form['avata'])
db.session.add(user)
db.session.commit()
return {"code": 1, "msg": "请求成功"}
@app.route('/admin/del_user', methods=["post", "get"])
def del_user():
id = request.form['id']
del_user = User.query.filter_by(id=id).first()
db.session.delete(del_user)
db.session.commit()
return "删除id为" + str(id) + "用户成功"
@app.route('/admin/update_user', methods=["POST"])
def admin_updateuser():
ch_user = User.query.filter_by(id=request.form['id']).first()
if request.form['username'] == request.form['oldname']: # 用户名没改
ch_user.phone = request.form['phone']
if (request.form['pwd_reset'] == "1"):
pwd = "666666"
ch_user.password = pwd
elif (request.form['pwd_reset'] == "2"):
pwd = request.form['pwd']
ch_user.password = pwd
ch_user.gender = int(request.form['gender'])
ch_user.avata = request.form['avata']
db.session.commit()
return {"code": 1, "mess": "修改成功"}
else: # 用户名改了的情况
if check_username(request.form['username']): # 用户名重复了
return {"code": 0, "mess": "更改后的用户名已存在"}
else:
ch_user.username = request.form['username']
ch_user.phone = request.form['phone']
if (request.form['pwd_reset'] == "1"):
pwd = "666666"
ch_user.password = pwd
elif (request.form['pwd_reset'] == "2"):
pwd = request.form['pwd']
ch_user.password = pwd
ch_user.gender = int(request.form['gender'])
ch_user.avata = request.form['avata']
db.session.commit()
return {"code": 1, "mess": "修改成功"}
@app.route('/register_avata', methods=['GET', 'POST'])
def register_avata_api():
import os
path = os.path.abspath(os.path.dirname(__file__))
path = path + '/static/img/avata/'
file = request.files["file"]
basename = str(request.files["file"]).split(':')[1].split(' ')[1].split('.')[0][1:]
uniname = basename + datetime.now().strftime("%y_%m_%d_%H_%M_%S") + '.jpg'
localpath = path + uniname
file.save(localpath)
url = '../static/img/avata/' + uniname
result = {
"code": 0
, "msg": ""
, "data": {
"src": url
}
}
print('注册')
return jsonify(result)
@app.route('/postgood_img', methods=['GET', 'POST'])
def post_img_api():
import os
path = os.path.abspath(os.path.dirname(__file__))
path = path + '/static/img/goods/'
file = request.files["file"]
basename = str(request.files["file"]).split(':')[1].split(' ')[1].split('.')[0][1:]
uniname = basename + datetime.now().strftime("%y_%m_%d_%H_%M_%S") + '.jpg'
localpath = path + uniname
file.save(localpath)
url = '../static/img/goods/' + uniname
result = {
"code": 0
, "msg": ""
, "data": {
"src": url
}
}
print('上传商品图片')
return jsonify(result)
@app.route('/admin', methods=["post", "get"])
def admin():
return render_template('admin.html')
@app.route('/user', methods=["post", "get"])
def user():
return render_template('user.html')
@app.route('/user/my_info', methods=["post", "get"])
def my_info():
return render_template('my_info.html')
@app.route('/api/get_avata_url', methods=['GET', 'POST'])
def get_avata_url_api():
if current_user.avata != '':
result = {"url": current_user.avata}
else:
result = {"url": "../static/img/avata/defaultavata.jpg"}
return jsonify(result)
@app.route('/get_sellinfo', methods=['GET', 'POST'])
def get_sellinfo():
if (request.args.get('good_name') == None or request.args.get('good_name') == ""):
sell_data = Goods.query.filter_by(good_state='审核通过').all()
else:
sell_data = Goods.query.filter_by(good_state='审核通过', good_name=request.args.get('good_name')).all()
data = []
for sell in sell_data:
postname = User.query.filter_by(id=sell.post_name).first().username
sellinfo = {
"id": sell.id,
"good_name": sell.good_name,
"post_name": postname,
"good_info": sell.good_info,
"price": sell.price,
"img": sell.img,
}
data.append(sellinfo)
return {"code": 0, "msg": "请求成功", "count": len(sell_data), "data": data}
@app.route('/search_goods', methods=['GET', 'POST'])
def search_goods():
return render_template('search_goods.html')
@app.route('/my_sell', methods=['GET', 'POST'])
def mysell():
return render_template('post_goods.html')
@app.route('/my_order', methods=['GET', 'POST'])
def myorder():
return render_template('my_order.html')
@app.route('/get_mysell', methods=['GET', 'POST'])
def get_mysell():
my_sell = Goods.query.filter_by(post_name=current_user.id).all()
data = []
for sell in my_sell:
if (sell.good_state == "已卖出"):
buy_id = Order.query.filter_by(good_id=sell.id).first().buy_id
buy_name = User.query.filter_by(id=buy_id).first().username
else:
buy_name = ""
sellinfo = {
"id": sell.id,
"good_name": sell.good_name,
"good_info": sell.good_info,
"price": sell.price,
"buy_name": buy_name,
"img": sell.img,
"good_state": sell.good_state
}
data.append(sellinfo)
return {"code": 0, "msg": "请求成功", "count": len(my_sell), "data": data}
@app.route('/user/add_goods', methods=['GET', 'POST'])
def add_goods():
data = request.form
good_name = data['good_name']
post_name = data['post_name']
good_info = data['good_info']
price = data['price']
img = data['img_url']
good_state = "待审核"
good = Goods(good_name=good_name, post_name=post_name, good_info=good_info,
price=price, good_state=good_state, img=img)
db.session.add(good)
db.session.commit()
return {"code": "1"}
@app.route('/user/del_goods', methods=['POST'])
def del_good():
del_id = request.form['id']
del_good = Goods.query.filter_by(id=del_id).first()
db.session.delete(del_good)
db.session.commit()
return "删除id为" + str(del_id) + "商品成功"
@app.route('/admin/check_goods', methods=['POST', 'GET'])
def check_goods():
return render_template('check_goods.html')
@app.route('/get_check_goods', methods=['POST', 'GET'])
def get_check_goods():
check = Goods.query.filter_by(good_state="待审核").all()
data = []
for c in check:
sellinfo = {
"id": c.id,
"good_name": c.good_name,
"good_info": c.good_info,
"price": c.price,
"post_id": c.post_name,
"img": c.img,
}
data.append(sellinfo)
return {"code": 0, "msg": "请求成功", "count": len(check), "data": data}
@app.route('/admin/pass_goods', methods=['POST'])
def pass_goods():
pass_good = Goods.query.filter_by(id=request.form['id']).first()
pass_good.good_state = "审核通过"
db.session.commit()
return {"code": 1, "mess": "通过成功"}
@app.route('/admin/deny_goods', methods=['POST'])
def deny_goods():
pass_good = Goods.query.filter_by(id=request.form['id']).first()
pass_good.good_state = "审核不通过,违规:" + request.form['reason']
db.session.commit()
return {"code": 1, "mess": "通过成功"}
@app.route('/user/buy_goods', methods=['POST'])
def buy_good():
buy_id = request.form['buy_id']
good_id = request.form['id']
curr_time = datetime.now()
date = datetime.strftime(curr_time, '%Y-%m-%d')
order = Order(buy_id=buy_id, date=date, good_id=good_id)
db.session.add(order)
good = Goods.query.filter_by(id=good_id).first()
good.good_state = "已卖出"
db.session.commit()
return {"code": 1, "mess": "购买成功"}
@app.route('/user/get_myorder', methods=['POST', 'GET'])
def get_myorder():
buy_id = current_user.id
orders = Order.query.filter_by(buy_id=buy_id).all()
data = []
for o in orders:
good = Goods.query.filter_by(id=o.good_id).first()
post_name = User.query.filter_by(id=good.post_name).first().username
if (request.args.get('good_name') == None or request.args.get(
'good_name') == "" or good.good_name == request.args.get('good_name')):
orderinfo = {
"id": o.id,
"good_name": good.good_name,
"good_info": good.good_info,
"price": good.price,
"img": good.img,
"post_name": post_name,
"date": o.date
}
data.append(orderinfo)
return {"code": 0, "msg": "请求成功", "count": len(orders), "data": data}
@app.route('/user/del_order', methods=['POST'])
def del_order():
del_id = request.form['id']
del_order = Order.query.filter_by(id=del_id).first()
db.session.delete(del_order)
db.session.commit()
return "删除id为" + str(del_id) + "商品成功"
@app.route('/logout')
@login_required
def logout():
logout_user()
flash("您已经退出登录了")
return redirect(url_for('login'))
@app.route('/admin/user_manage', methods=['POST', "GET"])
def user_manage():
return render_template('manage_user.html')
@app.route('/admin/get_userinfo', methods=['POST', "GET"])
def get_userinfo():
if (request.args.get('username') == None or request.args.get('username') == ""):
users = User.query.filter_by(user_type=1).all()
else:
users = User.query.filter_by(username=request.args.get('username'), user_type=1).all()
data = []
for u in users:
user_info = {
"id": u.id,
"username": u.username,
"gender": u.gender,
"img": u.avata,
"pwd": u.password_hash,
"phone": u.phone
}
data.append(user_info)
return {"code": 0, "msg": "请求成功", "count": len(users), "data": data}
if __name__ == '__main__':
app.run()