v0.3测试

2026-04-13 18:29:48 +08:00
parent 303258f0b5
commit fab5e0c02f
4 changed files with 201 additions and 3 deletions
--- a/frontend/api/save_session.php
+++ b/frontend/api/save_session.php
@@ -0,0 +1,117 @@
+<?php
+/**
+ * 班级操行分管理系统 - Session 保存接口
+ * 
+ * 开发者: Canglan
+ * 联系方式: admin@sea-studio.top
+ * 版权归属: Sea Network Technology Studio
+ * 许可证: MIT License
+ * 
+ * 版权所有 © Sea Network Technology Studio
+ * 
+ * 说明：登录成功后，前端调用此接口将用户信息同步到 PHP Session
+ */
+
+// 引入配置文件以初始化 Session
+require_once __DIR__ . '/../config.php';
+
+// 设置响应头
+header('Content-Type: application/json; charset=utf-8');
+
+// 允许跨域（如果需要）
+header('Access-Control-Allow-Origin: *');
+header('Access-Control-Allow-Methods: POST, OPTIONS');
+header('Access-Control-Allow-Headers: Content-Type');
+
+// 处理预检请求
+if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
+    http_response_code(200);
+    exit();
+}
+
+// 只允许 POST 请求
+if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+    http_response_code(405);
+    echo json_encode([
+        'success' => false,
+        'message' => '仅支持 POST 请求'
+    ]);
+    exit();
+}
+
+// 获取原始输入
+$input = file_get_contents('php://input');
+
+if (empty($input)) {
+    http_response_code(400);
+    echo json_encode([
+        'success' => false,
+        'message' => '请求数据为空'
+    ]);
+    exit();
+}
+
+// 解析 JSON 数据
+$data = json_decode($input, true);
+
+if (json_last_error() !== JSON_ERROR_NONE) {
+    http_response_code(400);
+    echo json_encode([
+        'success' => false,
+        'message' => 'JSON 解析失败: ' . json_last_error_msg()
+    ]);
+    exit();
+}
+
+// 验证必要字段
+$requiredFields = ['user_id', 'user_type', 'username'];
+$missingFields = [];
+
+foreach ($requiredFields as $field) {
+    if (!isset($data[$field]) || empty($data[$field])) {
+        $missingFields[] = $field;
+    }
+}
+
+if (!empty($missingFields)) {
+    http_response_code(400);
+    echo json_encode([
+        'success' => false,
+        'message' => '缺少必要字段: ' . implode(', ', $missingFields)
+    ]);
+    exit();
+}
+
+// 验证 user_type 是否合法
+$validUserTypes = ['student', 'parent', 'admin'];
+if (!in_array($data['user_type'], $validUserTypes)) {
+    http_response_code(400);
+    echo json_encode([
+        'success' => false,
+        'message' => '无效的用户类型'
+    ]);
+    exit();
+}
+
+// 设置 Session 变量
+$_SESSION['user_id'] = $data['user_id'];
+$_SESSION['user_type'] = $data['user_type'];
+$_SESSION['username'] = $data['username'];
+$_SESSION['real_name'] = $data['real_name'] ?? '';
+$_SESSION['login_time'] = time();
+
+// 如果是学生，额外设置 student_id（与 user_id 相同）
+if ($data['user_type'] === 'student') {
+    $_SESSION['student_id'] = $data['user_id'];
+}
+
+// 保存 Session
+session_write_close();
+
+// 返回成功响应
+http_response_code(200);
+echo json_encode([
+    'success' => true,
+    'message' => 'Session 保存成功'
+]);
+exit();
--- a/frontend/index.php
+++ b/frontend/index.php
@@ -82,9 +82,34 @@ if (isset($_SESSION['user_id']) && isset($_SESSION['user_type'])) {
                const data = await response.json();
                
                if (data.success && data.data) {
-                    localStorage.setItem(JWT_STORAGE_KEY, data.data.token);
-                    localStorage.setItem(USER_STORAGE_KEY, JSON.stringify(data.data));
-                    window.location.href = data.data.redirect;
+                    const userData = data.data;
+                    
+                    // 保存 Token 和用户信息到 localStorage
+                    localStorage.setItem(JWT_STORAGE_KEY, userData.token);
+                    localStorage.setItem(USER_STORAGE_KEY, JSON.stringify(userData));
+                    
+                    // 同步设置 PHP Session（保持 Session + Token 双轨制认证）
+                    try {
+                        const sessionResponse = await fetch('/api/save_session.php', {
+                            method: 'POST',
+                            headers: { 'Content-Type': 'application/json' },
+                            body: JSON.stringify({
+                                user_id: userData.user_id,
+                                user_type: userData.user_type,
+                                username: userData.username,
+                                real_name: userData.real_name
+                            })
+                        });
+                        
+                        if (!sessionResponse.ok) {
+                            console.warn('Session 同步失败，但继续跳转');
+                        }
+                    } catch (sessionError) {
+                        console.warn('Session 同步异常:', sessionError);
+                    }
+                    
+                    // 跳转到对应端首页
+                    window.location.href = userData.redirect;
                } else {
                    showError(data.message || '登录失败');
                }