rachelos
diff --git a/‎apis/article.py
Lines changed: 2 additions & 1 deletion b/‎apis/article.py
Lines changed: 2 additions & 1 deletion
diff --git a/‎apis/auth.py
Lines changed: 9 additions & 1 deletion b/‎apis/auth.py
Lines changed: 9 additions & 1 deletion
diff --git a/‎apis/user.py
Lines changed: 29 additions & 4 deletions b/‎apis/user.py
Lines changed: 29 additions & 4 deletions
diff --git a/‎apis/wechat.py
Lines changed: 2 additions & 1 deletion b/‎apis/wechat.py
Lines changed: 2 additions & 1 deletion
diff --git a/‎node_modules/.yarn-integrity
Lines changed: 41 additions & 0 deletions b/‎node_modules/.yarn-integrity
Lines changed: 41 additions & 0 deletions
diff --git a/‎node_modules/asynckit/LICENSE
Lines changed: 21 additions & 0 deletions b/‎node_modules/asynckit/LICENSE
Lines changed: 21 additions & 0 deletions
diff --git a/‎node_modules/asynckit/README.md
Lines changed: 233 additions & 0 deletions b/‎node_modules/asynckit/README.md
Lines changed: 233 additions & 0 deletions
@@ -12,8 +12,9 @@ async def get_articles(
 ):
     session = DB.get_session()
     try:
+        from sqlalchemy import text
         articles = session.execute(
-            "SELECT * FROM articles LIMIT :limit OFFSET :offset",
+            text("SELECT * FROM articles LIMIT :limit OFFSET :offset"),
             {"limit": limit, "offset": offset}
         ).fetchall()
         return {"code": 0, "data": articles}
 
@@ -34,4 +34,12 @@ async def refresh_token(current_user: dict = Depends(get_current_user)):
     access_token = create_access_token(
         data={"sub": current_user["username"]}, expires_delta=access_token_expires
     )
-    return {"access_token": access_token, "token_type": "bearer"}
+    return {"access_token": access_token, "token_type": "bearer"}
+
+@router.get("/verify", summary="验证Token有效性")
+async def verify_token(current_user: dict = Depends(get_current_user)):
+    """验证当前token是否有效"""
+    return {
+        "is_valid": True,
+        "user": current_user["username"]
+    }
@@ -1,12 +1,12 @@
-from fastapi import APIRouter, Depends, HTTPException, status
+from fastapi import APIRouter, Depends, HTTPException, status, UploadFile, File
 from datetime import datetime
 from core.auth import get_current_user
 from core.db import DB
 from core.models import User as DBUser
 from core.auth import pwd_context
-from .ver import API_VERSION
+import os
 
-router = APIRouter(prefix=f"{API_VERSION}/user", tags=["用户管理"])
+router = APIRouter(prefix="/wx/user", tags=["用户管理"])
 
 @router.get("", summary="获取用户信息")
 async def get_user_info(current_user: dict = Depends(get_current_user)):
@@ -64,4 +64,29 @@ async def update_user_info(
             detail=str(e)
         )
     finally:
-        session.close()
+        session.close()
+
+@router.post("/avatar", summary="上传用户头像")
+async def upload_avatar(
+    file: UploadFile = File(...),
+    current_user: dict = Depends(get_current_user)
+):
+    """处理用户头像上传"""
+    try:
+        # 确保头像目录存在
+        os.makedirs("static/avatars", exist_ok=True)
+        
+        # 保存文件
+        file_path = f"static/avatars/{current_user['username']}.jpg"
+        with open(file_path, "wb") as buffer:
+            buffer.write(await file.read())
+        
+        return {
+            "code": 0,
+            "url": f"/avatars/{current_user['username']}.jpg"
+        }
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"头像上传失败: {str(e)}"
+        )
@@ -20,8 +20,9 @@ async def get_mp_detail(
 ):
     session = DB.get_session()
     try:
+        from sqlalchemy import text
         mp = session.execute(
-            "SELECT * FROM mps WHERE mp_id = :id",
+            text("SELECT * FROM mps WHERE mp_id = :id"),
             {"id": mp_id}
         ).fetchone()
         if not mp: