SenQi-666
diff --git a/‎README.md
Lines changed: 99 additions & 5 deletions b/‎README.md
Lines changed: 99 additions & 5 deletions
diff --git a/‎backend/app/api/system/auth.py
Lines changed: 1 addition & 0 deletions b/‎backend/app/api/system/auth.py
Lines changed: 1 addition & 0 deletions
diff --git a/‎backend/app/api/system/dept.py
Lines changed: 3 additions & 6 deletions b/‎backend/app/api/system/dept.py
Lines changed: 3 additions & 6 deletions
diff --git a/‎backend/app/api/system/log.py
Lines changed: 1 addition & 1 deletion b/‎backend/app/api/system/log.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/app/api/system/menu.py
Lines changed: 6 additions & 11 deletions b/‎backend/app/api/system/menu.py
Lines changed: 6 additions & 11 deletions
diff --git a/‎backend/app/api/system/position.py
Lines changed: 2 additions & 2 deletions b/‎backend/app/api/system/position.py
Lines changed: 2 additions & 2 deletions
diff --git a/‎backend/app/api/system/role.py
Lines changed: 11 additions & 2 deletions b/‎backend/app/api/system/role.py
Lines changed: 11 additions & 2 deletions
diff --git a/‎backend/app/api/system/user.py
Lines changed: 30 additions & 14 deletions b/‎backend/app/api/system/user.py
Lines changed: 30 additions & 14 deletions
diff --git a/‎backend/app/core/config.py
Lines changed: 16 additions & 7 deletions b/‎backend/app/core/config.py
Lines changed: 16 additions & 7 deletions
@@ -1,7 +1,101 @@
-# fastapi-vue-admin
+<div align="center">
+  <p align="center">
+    <img src="web/public/logo.png" height="150" alt="logo"/>
+  </p>
+</div>
 
-#### 介绍
-fastapi-vue-admin 权限管理系统
+## 介绍
 
-#### 软件架构
-基于 RBAC 权限架构设计
+<b>fastapi-vue-admin</b> 是一套全部开源的快速开发平台，提供免费使用
+
+- 后端采用 <a href="https://fastapi.tiangolo.com/zh/">FastAPI</a>（现代、高性能异步框架） + <a href="https://swagger.io/docs/specification/about/">Swagger</a>（自动生成交互式API文档） + <a href="https://docs.pydantic.dev/2.5/">Pydantic</a>（强制类型约束） + <a href="https://docs.sqlalchemy.org/en/20/">SQLAlchemy 2.0</a>；
+- 前端采用 <a href="https://cn.vuejs.org/guide/introduction.html">Vue3</a> + <a href="https://antdv.com/docs/vue/introduce-cn">Ant Design Vue</a> + <a href="https://www.typescriptlang.org/">TypeScript</a> + <a href="https://vitejs.dev/">Vite</a> 等主流技术开发；
+- 权限认证使用（哈希）密码和 JWT Bearer 令牌的 OAuth2
+- 基于 RBAC 权限架构设计。支持加载动态权限菜单、按钮级别权限控制、数据级别权限控制
+- 开箱即用的中后台解决方案，可以用来作为新项目的启动模版，也可用于学习参考
+
+## 在线体验
+
+PC端演示地址：https://fastapi-vue-admin.senqiweb.cn
+
+管理员账户：
+
+- 账号：senqi
+- 密码：senqi1010
+
+测试账户：
+
+- 账号：test
+- 密码：test1010
+
+## 安装和使用
+
+### 获取代码
+
+> git clone https://gitee.com/senqi666/fastapi-vue-admin.git
+
+### 准备工作
+
+```
+Python == 3.10（其他版本均未测试）
+nodejs >= 20.0（推荐使用最新版）
+PgSQL（推荐使用最新版）
+Redis（推荐使用最新版）
+```
+
+### 后端
+
+1. 安装依赖
+   
+   ```shell
+   cd backend
+   pip3 install -r requirements.txt
+   ```
+
+2. 修改项目数据库配置信息
+   在`app/core/config.py`文件中的`SQL_DB_URL`和`REDIS_URL`
+
+3. 创建名为`fastapi_vue_admin`的数据库
+
+4. 初始化数据库数据
+   
+   ```shell
+   # 进入后端根目录 backend 下运行
+   # 运行命令后会自动生成数据库内的表和数据
+   # 如已初始化数据库数据，此命令可不执行
+   python3 main.py init
+   ```
+
+5. 启动
+   
+   ```shell
+   # 进入后端根目录 backend 下运行
+   python3 main.py run
+   ```
+
+### 前端
+
+1. 安装依赖
+   
+   ```shell
+   cd web
+   npm install
+   ```
+
+2. 运行
+   
+   ```shell
+   npm run dev
+   ```
+
+3. 打包
+   
+   ```shell
+   npm run build
+   ```
+
+### 访问项目
+
+- 前端地址：http://127.0.0.1:5180
+- 账号：`senqi`密码：`senqi1010`
+- 接口地址：http://127.0.0.1:8080/docs
@@ -37,6 +37,7 @@ async def login_for_access_token(
 @router.post("/token/refresh", response_model=JWTOut, summary="刷新token", description="刷新token")
 async def get_new_token(payload: RefreshTokenPayload) -> JSONResponse:
     new_token = await LoginService.refresh_token(payload.refresh_token)
+    # return ErrorResponse(msg='测试异常', status_code=400)
     return SuccessResponse(new_token.model_dump(), msg="刷新成功")
 
 
 
@@ -7,7 +7,6 @@
 from app.core.dependencies import AuthPermission
 from app.services.system import DeptService
 from app.utils.response import SuccessResponse
-from app.core.params import DeptQueryParams
 from app.schemas.system import (
     Auth,
     DeptCreate,
@@ -36,13 +35,11 @@ async def get_dept_detail(
     return SuccessResponse(data)
 
 
-@router.post("/options", summary="查询部门选项", description="查询部门选项")
+@router.get("/options", summary="查询部门选项", description="查询部门选项")
 async def get_dept_options(
-        dept_query: DeptQueryParams = Depends(),
-        auth: Auth = Depends(AuthPermission(permissions=["system:dept:query"])),
+        auth: Auth = Depends(AuthPermission(permissions=["system:dept:options"])),
 ) -> JSONResponse:
-    search = dept_query.__dict__
-    data = await DeptService.get_dept_options(search, auth)
+    data = await DeptService.get_dept_options(auth)
     return SuccessResponse(data)
 
 
 
@@ -7,7 +7,7 @@
 from app.core.params import PaginationQueryParams, LogQueryParams
 from app.core.dependencies import AuthPermission
 from app.services.system import LogService
-from app.utils.response import SuccessResponse, PaginationResponse
+from app.utils.response import PaginationResponse
 from app.schemas.system import Auth
 
 
 
@@ -4,7 +4,6 @@
 from fastapi import APIRouter, Depends, Query
 from fastapi.responses import JSONResponse
 from app.core.router_class import OperationLogRoute
-from app.core.params import MenuQueryParams
 from app.core.dependencies import AuthPermission
 from app.services.system import MenuService
 from app.utils.response import SuccessResponse
@@ -21,11 +20,9 @@
 
 @router.get("/list", summary="查询菜单", description="查询菜单")
 async def get_menu_list(
-        menu_query: MenuQueryParams = Depends(),
         auth: Auth = Depends(AuthPermission(permissions=["system:menu:query"], check_data_scope=False)),
 ) -> JSONResponse:
-    search = menu_query.__dict__
-    data = await MenuService.get_menu_list(search, auth)
+    data = await MenuService.get_menu_list(auth)
     return SuccessResponse(data)
 
 
@@ -38,13 +35,11 @@ async def get_menu_detail(
     return SuccessResponse(data)
 
 
-@router.post("/options", summary="查询菜单选项", description="查询菜单选项")
+@router.get("/options", summary="查询菜单选项", description="查询菜单选项")
 async def get_menu_options(
-        menu_query: MenuQueryParams = Depends(),
-        auth: Auth = Depends(AuthPermission(permissions=["system:menu:query"], check_data_scope=False)),
+        auth: Auth = Depends(AuthPermission(permissions=["system:menu:options"], check_data_scope=False)),
 ) -> JSONResponse:
-    search = menu_query.__dict__
-    data = await MenuService.get_menu_options(search, auth)
+    data = await MenuService.get_menu_options(auth)
     return SuccessResponse(data)
 
 
@@ -80,7 +75,7 @@ async def batch_enabled_menu(
         data: MenuBatchSetAvailable,
         auth: Auth = Depends(AuthPermission(permissions=["system:menu:update"], check_data_scope=False)),
 ) -> JSONResponse:
-    await MenuService.set_menu_available(data.ids, available=True, auth=auth)
+    await MenuService.enable_menu(data.ids, auth=auth)
     return SuccessResponse(msg="启用成功")
 
 
@@ -89,5 +84,5 @@ async def batch_disable_menu(
         data: MenuBatchSetAvailable,
         auth: Auth = Depends(AuthPermission(permissions=["system:menu:update"], check_data_scope=False)),
 ) -> JSONResponse:
-    await MenuService.set_menu_available(data.ids, available=False, auth=auth)
+    await MenuService.disable_menu(data.ids, auth=auth)
     return SuccessResponse(msg="停用成功")
@@ -39,11 +39,11 @@ async def get_position_detail(
     return SuccessResponse(data)
 
 
-@router.post("/options", summary="查询岗位选项", description="查询岗位选项")
+@router.get("/options", summary="查询岗位选项", description="查询岗位选项")
 async def get_position_options(
         paging_query: PaginationQueryParams = Depends(),
         position_query: PositionQueryParams = Depends(),
-        auth: Auth = Depends(AuthPermission(permissions=["system:position:query"])),
+        auth: Auth = Depends(AuthPermission(permissions=["system:position:options"])),
 ) -> JSONResponse:
     search = position_query.__dict__
     data = await PositionService.get_position_options(search, auth)
 
@@ -40,11 +40,11 @@ async def get_role_detail(
     return SuccessResponse(data)
 
 
-@router.post("/options", summary="查询角色选项", description="查询角色选项")
+@router.get("/options", summary="查询角色选项", description="查询角色选项")
 async def get_position_options(
         paging_query: PaginationQueryParams = Depends(),
         role_query: RoleQueryParams = Depends(),
-        auth: Auth = Depends(AuthPermission(permissions=["system:role:query"])),
+        auth: Auth = Depends(AuthPermission(permissions=["system:role:options"])),
 ) -> JSONResponse:
     search = role_query.__dict__
     data = await RoleService.get_role_options(search, auth)
@@ -96,6 +96,15 @@ async def batch_disable_role(
     return SuccessResponse(msg="停用成功")
 
 
+@router.get("/permission", summary="查询角色权限", description="查询角色权限")
+async def get_role_permission(
+    id: int = Query(..., description="角色ID"),
+    auth: Auth = Depends(AuthPermission(permissions=["system:role:query"])),
+) -> JSONResponse:
+    data = await RoleService.get_role_permission(id, auth)
+    return SuccessResponse(data)
+
+
 @router.post("/permission/setting", summary="设置角色权限", description="设置角色权限")
 async def set_role_permission(
         permission_in: RolePermissionSetting,
 
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from fastapi import APIRouter, Depends, Query
+from fastapi import APIRouter, Depends, Query, UploadFile
 from fastapi.responses import JSONResponse
 from app.core.router_class import OperationLogRoute
 from app.core.params import PaginationQueryParams, UserQueryParams
@@ -12,20 +12,45 @@
     Auth,
     UserCreate,
     UserUpdate,
-    UserBatchSetAvailable,
-    UserPermissionSetting
+    CurrentUserUpdate,
+    CurrentUserPasswordChange,
+    UserBatchSetAvailable
 )
 
 
 router = APIRouter(route_class=OperationLogRoute)
 
 
-@router.get("/user/current/info", summary="查询当前用户信息", description="查询当前用户信息")
+@router.get("/current/info", summary="查询当前用户信息", description="查询当前用户信息")
 async def get_current_user_info(auth: Auth = Depends(get_current_user)) -> JSONResponse:
     data = await UserService.get_current_user_info(auth)
     return SuccessResponse(data)
 
 
+@router.post("/current/avatar/upload", summary="上传当前用户头像")
+async def user_avatar_upload(file: UploadFile, auth: Auth = Depends(get_current_user)):
+    avatar = await UserService.upload_avatar(file, auth)
+    return SuccessResponse(avatar, msg='上传成功')
+
+
+@router.post("/current/info/update", summary="更新当前用户基本信息", description="更新当前用户基本信息")
+async def update_current_user_info(
+        data: CurrentUserUpdate,
+        auth: Auth = Depends(get_current_user)
+) -> JSONResponse:
+    data = await UserService.update_current_user_info(data, auth)
+    return SuccessResponse(data, msg='更新成功')
+
+
+@router.post("/current/password/change", summary="修改当前用户密码", description="修改当前用户密码")
+async def change_current_user_password(
+        data: CurrentUserPasswordChange,
+        auth: Auth = Depends(get_current_user)
+) -> JSONResponse:
+    data = await UserService.change_user_password(data, auth)
+    return SuccessResponse(data, msg='修改成功')
+
+
 @router.get("/list", summary="查询用户", description="查询用户")
 async def get_user_list(
         paging_query: PaginationQueryParams = Depends(),
@@ -39,7 +64,7 @@ async def get_user_list(
 
 @router.get("/detail", summary="查询用户详情", description="查询用户详情")
 async def get_user_detail(
-        id: int = Query(..., description="角色ID"),
+        id: int = Query(..., description="用户ID"),
         auth: Auth = Depends(AuthPermission(permissions=["system:user:query"])),
 ) -> JSONResponse:
     data = await UserService.get_detail_by_id(id, auth)
@@ -89,12 +114,3 @@ async def batch_disable_user(
 ) -> JSONResponse:
     await UserService.set_user_available(data.ids, available=False, auth=auth)
     return SuccessResponse(msg="停用成功")
-
-
-@router.post("/permission/setting", summary="设置用户权限", description="设置用户权限")
-async def set_user_permission(
-        permission_in: UserPermissionSetting,
-        auth: Auth = Depends(AuthPermission(permissions=["system:user:permission"])),
-) -> JSONResponse:
-    await UserService.set_user_permission(permission_in, auth)
-    return SuccessResponse(msg="授权成功")
 
@@ -14,10 +14,18 @@ class Settings(BaseSettings):
     # 调试模式 安全警告：不要在生产环境中打开调试运行！
     DEBUG: bool = True
 
+    # 是否开启演示功能：取消所有POST,DELETE,PUT操作权限
+    DEMO: bool = False
+    # 演示功能白名单
+    DEMO_WHITE_LIST_PATH: List[str] = [
+        "/api/system/auth/login",
+        "/api/system/auth/token/refresh"
+    ]
+
     # 主机IP
     SERVER_HOST: str = "0.0.0.0"
     # 主机端口
-    SERVER_PORT: int = 8000
+    SERVER_PORT: int = 8080
 
     # 接口路由前缀
     API_PREFIX: str = "/api"
@@ -26,7 +34,7 @@ class Settings(BaseSettings):
     # ******************* API文档配置 ****************** #
     # ================================================= #
     # 文档标题
-    TITLE: str = "Fastapi React Admin Application"
+    TITLE: str = "Fastapi Vue Admin Application"
     # 版本号
     VERSION: str = "0.1.0"
     # 文档描述, 支持 Markdown 语法
@@ -62,7 +70,7 @@ class Settings(BaseSettings):
     # 用于设定 JWT 令牌签名算法
     ALGORITHM: str = "HS256"
     # access_token 过期时间
-    ACCESS_TOKEN_EXPIRE_MINUTES: int = 60 * 24 * 5
+    ACCESS_TOKEN_EXPIRE_MINUTES: int = 60 * 24
     # refresh_token 过期时间
     REFRESH_TOKEN_EXPIRE_MINUTES: int = 60 * 24 * 7
 
@@ -82,7 +90,7 @@ class Settings(BaseSettings):
     # ***************** 临时文件目录配置 ***************** #
     # ================================================= #
     # 是否启用临时文件目录访问
-    TEMP_ENABLE: bool = True
+    TEMP_ENABLE: bool = False
     # 路由访问
     TEMP_URL: str = "/temp"
     # 临时文件目录名
@@ -94,10 +102,10 @@ class Settings(BaseSettings):
     # ******************** 数据库配置 ******************* #
     # ================================================= #
     SQL_DB_ENABLE: bool = True
-    SQL_DB_URL: Union[PostgresDsn, MySQLDsn] = "postgresql+asyncpg://postgres:senqi1010@192.168.222.18:5432/fastapi_react_admin"
+    SQL_DB_URL: Union[PostgresDsn, MySQLDsn] = "postgresql+asyncpg://postgres:senqi1010@127.0.0.1:5432/fastapi_vue_admin"
 
     REDIS_ENABLE: bool = True
-    REDIS_URL: RedisDsn = "redis://192.168.222.18:6379/4"
+    REDIS_URL: RedisDsn = "redis://127.0.0.1:6379/0"
 
     # ================================================= #
     # ******************** 验证码配置 ******************* #
@@ -124,7 +132,8 @@ class Settings(BaseSettings):
     # ================================================= #
     MIDDLEWARE: List[Optional[str]] = [
         "app.core.middlewares.CustomCORSMiddleware" if CORS_ORIGIN_ENABLE else None,
-        "app.core.middlewares.RequestLogMiddleware" if REQUEST_LOG_RECORD else None
+        "app.core.middlewares.RequestLogMiddleware" if REQUEST_LOG_RECORD else None,
+        "app.core.middlewares.DemoEnvMiddleware" if DEMO else None,
     ]
 
     @property