81 lines
1.5 KiB
Markdown
81 lines
1.5 KiB
Markdown
|
# 多用户改造方案
|
|||
|
|
|
|||
|
|
## 📋 改动清单
|
|||
|
|
|
|||
|
|
### 1. 数据模型改动
|
|||
|
|
|
|||
|
|
#### DiaryEntry
|
|||
|
|
```python
|
|||
|
|
# 添加字段
|
|||
|
|
user = ForeignKey(User, on_delete=CASCADE, verbose_name='用户')
|
|||
|
|
|
|||
|
|
# 修改唯一约束
|
|||
|
|
unique_together = ['user', 'date'] # 每个用户每天一条
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
#### Experience
|
|||
|
|
```python
|
|||
|
|
user = ForeignKey(User, on_delete=CASCADE, verbose_name='用户')
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
#### Task
|
|||
|
|
```python
|
|||
|
|
user = ForeignKey(User, on_delete=CASCADE, verbose_name='用户')
|
|||
|
|
assigned_to = ForeignKey(User, ..., null=True) # 改为关联用户
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
#### Comment
|
|||
|
|
```python
|
|||
|
|
created_by = ForeignKey(User, on_delete=CASCADE) # 改为关联用户
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 2. 新增认证 API
|
|||
|
|
|
|||
|
|
```
|
|||
|
|
POST /api/auth/register/ # 注册
|
|||
|
|
POST /api/auth/login/ # 登录
|
|||
|
|
POST /api/auth/logout/ # 登出
|
|||
|
|
GET /api/auth/me/ # 当前用户
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 3. API 权限控制
|
|||
|
|
|
|||
|
|
所有 API 添加:
|
|||
|
|
```python
|
|||
|
|
permission_classes = [IsAuthenticated]
|
|||
|
|
|
|||
|
|
def get_queryset(self):
|
|||
|
|
return Model.objects.filter(user=self.request.user)
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 4. 前端新增
|
|||
|
|
|
|||
|
|
- 登录页面 `/login`
|
|||
|
|
- 注册页面 `/register`
|
|||
|
|
- 未登录重定向
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
## ⏱️ 预计工时
|
|||
|
|
|
|||
|
|
- 数据模型迁移:15 分钟
|
|||
|
|
- 认证 API:30 分钟
|
|||
|
|
- 权限控制:30 分钟
|
|||
|
|
- 前端登录界面:30 分钟
|
|||
|
|
- 测试验证:15 分钟
|
|||
|
|
|
|||
|
|
**总计:约 2 小时**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
## ⚠️ 注意事项
|
|||
|
|
|
|||
|
|
1. **数据迁移** - 现有数据需要关联到默认用户
|
|||
|
|
2. **向后兼容** - 保持现有 API 格式
|
|||
|
|
3. **密码安全** - 使用 Django 内置加密
|
|||
|
|
4. **用户隔离** - 确保用户只能访问自己的数据
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
_确认改造后开始实施_
|