更新登录逻辑，等待数据库进一步完善

2025-11-10 13:38:44 +08:00
parent f3aec9a18d
commit 1bbd777565
6 changed files with 52 additions and 29 deletions
--- a/main/templates/main/home.html
+++ b/main/templates/main/home.html
@@ -38,6 +38,7 @@
        try {
            const resp = await fetch('/accounts/logout/', {
                method: 'POST',
+                credentials: 'same-origin',
                headers: {
                    'Content-Type': 'application/json',
                    'X-CSRFToken': csrftoken || ''
--- a/main/views.py
+++ b/main/views.py
@@ -6,7 +6,7 @@ from django.views.decorators.http import require_http_methods
 def home(request):
    # Enforce login: require session user_id
    session_user_id = request.session.get("user_id")
-    if not session_user_id:
+    if session_user_id is None:
        return redirect("/accounts/login/")

    # Show user_id (prefer query param if present, but don't trust it)