From db31213fe224efb5315d606092597a1569f1fe36 Mon Sep 17 00:00:00 2001
From: Tdxdxoz <tdxdxoz@gmail.com>
Date: Sun, 27 Dec 2020 01:26:14 +0800
Subject: [PATCH] fix bugs and better UI

---
 app.py                     | 29 ++++++++++++++++-------------
 static/login/index.html    |  5 ++++-
 templates/guest-login.html | 10 +++++++++-
 templates/list.html        |  5 +++--
 4 files changed, 32 insertions(+), 17 deletions(-)

diff --git a/app.py b/app.py
index d796a19..f6efbf3 100644
--- a/app.py
+++ b/app.py
@@ -42,14 +42,16 @@ class Paper(db.Model):
 if __name__ == "__main__":
     db.create_all()
 
-def login_required(f):
-    @wraps(f)
-    def df(*args, **kwargs):
-        username = session.get('username')
-        if not username or (not C.allow_guest_upload and username.startswith('guest~')):
-            return redirect(url_for('login'))
-        return f(*args, **kwargs, username=username)
-    return df
+def login_required(allow_guest=True):
+    def login_required_instance(f):
+        @wraps(f)
+        def df(*args, **kwargs):
+            username = session.get('username')
+            if not username or (not allow_guest and username.startswith('guest~')):
+                return redirect(url_for('login'))
+            return f(*args, **kwargs, username=username)
+        return df
+    return login_required_instance
 
 @app.route('/pastExam/login/')
 def login():
@@ -57,7 +59,7 @@ def login():
 
 @app.route('/pastExam/login/guest/')
 def guest_login():
-    return render_template('guest-login.html', vs=C.verify)
+    return render_template('guest-login.html', vs=C.verify, allow_guest_upload=C.allow_guest_upload)
 
 @app.route('/pastExam/login/guest/verify', methods=['POST'])
 @limiter.limit("10 / hour")
@@ -67,14 +69,14 @@ def guest_login_send():
             return '错误!', 401
 
     if 'uid' not in session:
-        session['uid'] = random.randint(0, 100000)
+        session['uid'] = random.randint(0, 10000000)
 
     session['username'] = 'guest~%s' % session['uid']
     session.permanent = True
     return {'r':0}
 
 @app.route('/pastExam/')
-@login_required
+@login_required()
 def list(username):
     course = request.args.get('course')
     teacher = request.args.get('teacher')
@@ -109,7 +111,7 @@ def check_length(x, limit=30, allow_null=False):
 
 @app.route('/pastExam/upload', methods=['POST'])
 @limiter.limit("10 / hour")
-@login_required
+@login_required(allow_guest=C.allow_guest_upload)
 def upload(username):
     name = request.form.get('name')
     teacher = request.form.get('teacher')
@@ -155,9 +157,10 @@ def upload(username):
     return redirect('.#part2')
 
 @app.route('/pastExam/<pid>/download')
-@login_required
+@login_required()
 def download(pid, username):
     p = Paper.query.get_or_404(pid)
     # TODO: download number
     return redirect(C.ipfs_base_url + p.file_hash, code=301) # 301减少不必要的请求
 
+# TODO like
diff --git a/static/login/index.html b/static/login/index.html
index 517bf13..a5ac71c 100644
--- a/static/login/index.html
+++ b/static/login/index.html
@@ -65,6 +65,9 @@
         <iframe class="guest-login-form" style="display: none;border:none"></iframe>
       </div>
     </div>
+    <div class="text-center">
+      <p>消除信息不对等，追求更有意义的评价体系</p>
+    </div>
   </div>
 </body>
 <script src="https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js" integrity="sha384-DfXdz2htPH0lsSSs5nCTpuj/zy4C+OGpamoFVy38MVBnE+IbbVYUew+OrCXaRkfj" crossorigin="anonymous"></script>
@@ -76,7 +79,7 @@
       return;
     }
     ifr.width($('.login-box').width() - 10);
-    ifr.height(530);
+    ifr.height(570);
     if(!ifr.attr('src'))
       ifr.attr("src", "guest");
     ifr.show();
diff --git a/templates/guest-login.html b/templates/guest-login.html
index 689a907..699a244 100644
--- a/templates/guest-login.html
+++ b/templates/guest-login.html
@@ -37,7 +37,15 @@
         </div>
       </div>
       {% endfor %}
-      <button type="submit" class="btn btn-link btn-lg">提交</button>
+      <button type="submit" class="btn btn-link btn-lg mb-3">提交</button>
+      <p>
+        {% if allow_guest_upload %}
+        <small>*当前允许游客上传。如果未来出现内容失控，将关闭此权限。</small>
+        {% else %}
+        <small>*当前不允许游客上传，如有需要请使用闭社账户登陆。</small>
+        {% endif %}
+      </p>
+
     </form>
   </div>
 </body>
diff --git a/templates/list.html b/templates/list.html
index 93d038d..039371e 100644
--- a/templates/list.html
+++ b/templates/list.html
@@ -166,7 +166,7 @@
       margin-bottom: 8px;
     }
 
-    .user-info:not(:hover) .username{
+    .user-info:not(:hover) div:not(.show) .username{
       display: none;
     }
   </style>
@@ -186,9 +186,10 @@
     </button>
     <div class="dropdown-menu">
       <a class="dropdown-item" href="#">我的上传</a>
-      <div class="dropdown-divider"></div>
       <a class="dropdown-item" href="#">我的下载</a>
       <a class="dropdown-item" href="#">我的点赞</a>
+      <div class="dropdown-divider"></div>
+      <a class="dropdown-item" href="login">切换帐号</a>
     </div>
   </div>
     </div>