web/ws/backend/app/api/db.py

@@ -0,0 +1,24 @@
+from sqlalchemy import create_engine, MetaData
+from sqlalchemy.ext.declarative import declarative_base
+from sqlalchemy.orm import sessionmaker
+from app.settings import DATABASE_URL
+
+# 创建SQLAlchemy引擎
+engine = create_engine(DATABASE_URL)
+
+# 创建元数据对象
+metadata = MetaData()
+
+# 创建会话工厂
+SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
+
+# 创建基类
+Base = declarative_base()
+
+# 依赖项：获取数据库会话
+def get_db():
+    db = SessionLocal()
+    try:
+        yield db
+    finally:
+        db.close()

web/ws/backend/app/api/login.py

@@ -0,0 +1,31 @@
+from fastapi import APIRouter, Depends, HTTPException
+from sqlalchemy.orm import Session
+from sqlalchemy import text
+from app.api.db import get_db
+from pydantic import BaseModel
+from app.settings import WHITELIST_TABLE, WHITELIST_COLUMN
+
+router = APIRouter()
+
+# 请求模型
+class EmailRequest(BaseModel):
+    email: str
+
+# 检查邮箱是否在白名单中
+@router.post("/check-email")
+async def check_email_in_whitelist(request: EmailRequest, db: Session = Depends(get_db)):
+    try:
+        # 构建查询语句
+        query = text(f"SELECT COUNT(*) FROM {WHITELIST_TABLE} WHERE {WHITELIST_COLUMN} = :email")
+        
+        # 执行查询
+        result = db.execute(query, {"email": request.email})
+        count = result.scalar()
+        
+        if count > 0:
+            return {"status": "success", "message": "继续操作"}
+        else:
+            raise HTTPException(status_code=403, detail="邮箱不在白名单中，请联系管理员")
+            
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=f"服务器错误：{str(e)}")

web/ws/backend/app/api/submit_record.py

@@ -0,0 +1,43 @@
+from fastapi import APIRouter, Depends, HTTPException
+from sqlalchemy.orm import Session
+from sqlalchemy import text
+from app.api.db import get_db
+from pydantic import BaseModel
+from app.settings import SUBMIT_RECORD_TABLE
+from datetime import datetime
+import pytz
+
+router = APIRouter()
+
+class SubmitRecordRequest(BaseModel):
+    user_email: str
+    operation_type: str
+    storage_path: str
+
+@router.post("/submit-record")
+async def submit_record(request: SubmitRecordRequest, db: Session = Depends(get_db)):
+    try:
+        if request.operation_type not in ['upload', 'delete']:
+            raise HTTPException(status_code=400, detail="操作类型必须是 'upload' 或 'delete'")
+        
+        china_tz = pytz.timezone('Asia/Shanghai')
+        operation_time = datetime.now(china_tz)
+        
+        query = text(f"""
+            INSERT INTO {SUBMIT_RECORD_TABLE} (user_email, operation_time, operation_type, storage_path)
+            VALUES (:user_email, :operation_time, :operation_type, :storage_path)
+        """)
+        
+        db.execute(query, {
+            "user_email": request.user_email,
+            "operation_time": operation_time,
+            "operation_type": request.operation_type,
+            "storage_path": request.storage_path
+        })
+        db.commit()
+        
+        return {"status": "success", "message": "操作记录已保存"}
+        
+    except Exception as e:
+        db.rollback()
+        raise HTTPException(status_code=500, detail=f"服务器错误：{str(e)}")