refactor(frontend): 重构前端目录结构并优化认证流程

将前端文件从html目录迁移到views目录，按功能模块组织重构认证中间件和路由处理，简化页面权限控制更新静态资源引用路径，统一使用/public前缀添加学生仪表板页面，优化移动端显示移除旧版html和js文件，更新样式和脚本
2025-12-21 22:07:23 +08:00
parent 38b200f9b3
commit bcf2c71fad
20 changed files with 2009 additions and 2009 deletions
--- a/backend/server.js
+++ b/backend/server.js
@@ -52,65 +52,72 @@ app.use(session({
    }
 }));

-// 静态文件服务
-app.use(express.static(path.join(__dirname, '../frontend')));
+// 静态文件服务 - 只公开 public 目录
+app.use('/public', express.static(path.join(__dirname, '../frontend/public')));

-// 重定向旧路径 /frontend/html/* 到 /html/*
-app.get('/frontend/html/*', (req, res) => {
-    const path = req.params[0];
-    res.redirect(`/html/${path}`);
+// 页面认证中间件
+const requirePageAuth = (req, res, next) => {
+    if (!req.session.user) {
+        return res.redirect('/login');
+    }
+    next();
+};
+
+const requirePageRole = (allowedRoles) => {
+    return (req, res, next) => {
+        if (!req.session.user) return res.redirect('/login');
+        if (!allowedRoles.includes(req.session.user.role)) {
+            return res.status(403).send('<h1>403 Forbidden - 权限不足</h1><a href="/dashboard">返回首页</a>');
+        }
+        next();
+    };
+};
+
+// 页面路由
+app.get('/', (req, res) => res.redirect('/login'));
+app.get('/login', (req, res) => {
+    if (req.session.user) return res.redirect('/dashboard');
+    res.sendFile(path.join(__dirname, '../frontend/views/auth/login.html'));
+});
+app.get('/register', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/auth/register.html')));
+
+app.get('/dashboard', requirePageAuth, (req, res) => {
+    const role = req.session.user?.role;
+    switch (role) {
+        case 'student': res.redirect('/student/dashboard'); break;
+        case 'teacher': res.redirect('/teacher/dashboard'); break;
+        case 'admin': res.redirect('/admin/dashboard'); break;
+        default: res.redirect('/login');
+    }
 });

-// 路由
+// 学生页面
+app.get('/student/dashboard', requirePageAuth, requirePageRole(['student']), (req, res) => {
+    res.sendFile(path.join(__dirname, '../frontend/views/student/dashboard.html'));
+});
+
+// 教师页面
+const teacherRouter = express.Router();
+teacherRouter.use(requirePageAuth, requirePageRole(['teacher']));
+teacherRouter.get('/dashboard', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/teacher/dashboard.html')));
+teacherRouter.get('/grade_entry', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/teacher/grade_entry.html')));
+teacherRouter.get('/grade_management', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/teacher/grade_management.html')));
+app.use('/teacher', teacherRouter);
+
+// 管理员页面
+const adminRouter = express.Router();
+adminRouter.use(requirePageAuth, requirePageRole(['admin']));
+adminRouter.get('/dashboard', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/admin/dashboard.html')));
+adminRouter.get('/student_management', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/admin/student_management.html')));
+adminRouter.get('/user_management', (req, res) => res.sendFile(path.join(__dirname, '../frontend/views/admin/user_management.html')));
+app.use('/admin', adminRouter);
+
+// API 路由
 app.use('/api/auth', authRoutes);
 app.use('/api/student', studentRoutes);
 app.use('/api/teacher', teacherRoutes);
 app.use('/api/admin', adminRoutes);

-// 认证中间件
-const { requireAuth, requireRole } = require('./middleware/auth');
-
-// 页面路由
-app.get('/', (req, res) => {
-    res.sendFile(path.join(__dirname, '../frontend/html/login.html'));
-});
-
-app.get('/dashboard', requireAuth, (req, res) => {
-    // 根据用户角色重定向到不同的仪表板
-    const role = req.session.user?.role;
-    
-    switch (role) {
-        case 'student':
-            res.redirect('/html/student_dashboard.html');
-            break;
-        case 'teacher':
-            res.redirect('/html/teacher_dashboard.html');
-            break;
-        case 'admin':
-            res.redirect('/html/admin_dashboard.html');
-            break;
-        default:
-            // 如果没有角色信息，重定向到登录页面
-            res.redirect('/');
-            break;
-    }
-});
-
-// 学生页面路由
-app.get('/student/*', requireAuth, requireRole(['student', 'admin', 'teacher']), (req, res, next) => {
-    next();
-});
-
-// 教师页面路由
-app.get('/teacher/*', requireAuth, requireRole(['teacher', 'admin']), (req, res, next) => {
-    next();
-});
-
-// 管理员页面路由
-app.get('/admin/*', requireAuth, requireRole(['admin']), (req, res, next) => {
-    next();
-});
-
 // 404处理
 app.use((req, res) => {
    res.status(404).json({ error: 'Not found' });