修复了一些已知问题

backend/routes/admin.py

@@ -23,12 +23,13 @@ from services.conduct_service import ConductService
 from services.homework_service import HomeworkService
 from services.attendance_service import AttendanceService
 from services.log_service import LogService
+from utils.redis_client import RedisClient
 from schemas.admin import (
     AddPointsRequest, RevokeRequest, AddAdminRequest,
     AddStudentRequest, UpdateStudentRequest,
     UpdateHomeworkStatusRequest, AddAttendanceRequest,
     UpdateAdminRequest, DeleteAdminRequest, ResetPasswordRequest,
-    CreateAssignmentRequest
+    CreateAssignmentRequest, UnlockUserRequest
 )
 from utils.response import success_response, error_response
 from utils.logger import get_logger
@@ -214,14 +215,17 @@ async def add_conduct_points(request: Request, req: AddPointsRequest):
         recorder_name=user["username"]
     )
     if result["success"]:
-        role = await PermissionChecker.get_user_role(user["user_id"])
-        await LogService.write_operation_log(
-            operator_id=user["user_id"], operator_name=user["real_name"],
-            operator_role=role, operation_type="add_points",
-            target_type="conduct",
-            details=f"批量加减分: {req.points_change}分, 原因: {req.reason}, 对象: {req.student_ids}",
-            ip=request.client.host
-        )
+        try:
+            role = await PermissionChecker.get_user_role(user["user_id"])
+            await LogService.write_operation_log(
+                operator_id=user["user_id"], operator_name=user["real_name"],
+                operator_role=role, operation_type="add_points",
+                target_type="conduct",
+                details=f"批量加减分: {req.points_change}分, 原因: {req.reason}, 对象: {req.student_ids}",
+                ip=request.client.host
+            )
+        except Exception as e:
+            logger.error(f"写入加减分操作日志失败: {e}")
         return success_response(data=result, message="操作成功")
     else:
         return error_response(message=result["message"])
@@ -592,4 +596,26 @@ async def reset_admin_password(request: Request, user_id: int, req: ResetPasswor
         )
         return success_response(message="密码重置成功")
     else:
-        return error_response(message="密码重置失败")
+        return error_response(message="密码重置失败")
+
+
+# ========== 登录黑名单管理 ==========
+
+@router.post("/unlock-user")
+async def unlock_user(request: Request, req: UnlockUserRequest):
+    """解除用户登录锁定（班主任）"""
+    user = await get_current_user(request)
+    is_teacher = await PermissionChecker.check_is_teacher(user["user_id"])
+    if not is_teacher:
+        return error_response(message="仅班主任可解除用户锁定", code=403)
+    
+    await RedisClient.clear_login_attempts(req.username)
+    
+    await LogService.write_operation_log(
+        operator_id=user["user_id"], operator_name=user["real_name"],
+        operator_role="班主任", operation_type="unlock_user",
+        target_type="user",
+        details=f"解除用户登录锁定: {req.username}",
+        ip=request.client.host
+    )
+    return success_response(message=f"已解除用户 {req.username} 的登录锁定")

backend/schemas/admin.py

@@ -48,7 +48,7 @@ class ImportResult(BaseModel):
 
 class AddAdminRequest(BaseModel):
     """添加管理员请求"""
-    username: str = Field(..., min_length=2, max_length=50, pattern=r'^[a-zA-Z0-9_\u4e00-\u9fa]+$', description="登录账号")
+    username: str = Field(..., min_length=2, max_length=50, pattern=r'^[a-zA-Z0-9_\u4e00-\u9fa5]+$', description="登录账号")
     real_name: str = Field(..., min_length=1, max_length=50, description="真实姓名")
     password: Optional[str] = Field(None, min_length=6, max_length=50, description="密码（不填则自动生成）")
     role_type: str = Field(..., pattern=r'^(班长|学习委员|考勤委员|劳动委员|志愿委员)$', description="角色类型")
@@ -116,4 +116,9 @@ class CreateAssignmentRequest(BaseModel):
     subject_id: int = Field(..., gt=0, description="科目ID")
     title: str = Field(..., min_length=1, max_length=200, description="作业标题")
     description: Optional[str] = Field(None, max_length=1000, description="作业描述")
-    deadline: str = Field(..., min_length=1, max_length=20, description="截止日期")
+    deadline: str = Field(..., min_length=1, max_length=20, description="截止日期")
+
+
+class UnlockUserRequest(BaseModel):
+    """解除用户登录锁定请求"""
+    username: str = Field(..., min_length=1, max_length=50, description="用户名")

backend/services/auth_service.py

@@ -37,7 +37,7 @@ class AuthService:
         attempts = await RedisClient.get(f"login_attempts:{username}")
         if attempts and int(attempts) >= 5:
             await LogService.write_login_log(username, 0, ip, user_agent, "登录失败次数过多")
-            return {"success": False, "message": "登录失败次数过多，请15分钟后重试"}
+            return {"success": False, "message": "登录失败次数过多，请5分钟后重试"}
         
         # 获取用户信息
         user = await UserModel.get_by_username(username)

backend/utils/redis_client.py

@@ -130,7 +130,7 @@ class RedisClient:
         key = f"login_attempts:{username}"
         attempts = await RedisClient.get(key)
         attempts = int(attempts) + 1 if attempts else 1
-        await RedisClient.set(key, attempts, 900)  # 15分钟锁定
+        await RedisClient.set(key, attempts, 300)  # 5分钟锁定
         return attempts
     
     @staticmethod