doc/DjangoBlog-master/.idea/.gitignore

@@ -0,0 +1,3 @@
+# 默认忽略的文件
+/shelf/
+/workspace.xml

doc/DjangoBlog-master/.idea/DjangoBlog-master.iml

@@ -2,7 +2,7 @@
 <module type="PYTHON_MODULE" version="4">
   <component name="NewModuleRootManager">
     <content url="file://$MODULE_DIR$" />
-    <orderEntry type="jdk" jdkName="Python 3.13" jdkType="Python SDK" />
+    <orderEntry type="jdk" jdkName="Python 3.13 (DjangoBlog-master)" jdkType="Python SDK" />
     <orderEntry type="sourceFolder" forTests="false" />
   </component>
   <component name="PyDocumentationSettings">

doc/DjangoBlog-master/.idea/misc.xml

@@ -1,4 +1,4 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
-  <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.13" project-jdk-type="Python SDK" />
+  <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.13 (DjangoBlog-master)" project-jdk-type="Python SDK" />
 </project>

doc/DjangoBlog-master/.idea/modules.xml

@@ -2,7 +2,7 @@
 <project version="4">
   <component name="ProjectModuleManager">
     <modules>
-      <module fileurl="file://$PROJECT_DIR$/.idea/djangoblog.iml" filepath="$PROJECT_DIR$/.idea/djangoblog.iml" />
+      <module fileurl="file://$PROJECT_DIR$/.idea/DjangoBlog-master.iml" filepath="$PROJECT_DIR$/.idea/DjangoBlog-master.iml" />
     </modules>
   </component>
 </project>

doc/DjangoBlog-master/accounts/admin.py

@@ -9,16 +9,15 @@ from .models import BlogUser
 
 
 class BlogUserCreationForm(forms.ModelForm):
-    #sjt 后台创建用户表单：处理密码设置和验证
-    password1 = forms.CharField(label=_('password'), widget=forms.PasswordInput)  # sjt 密码字段
-    password2 = forms.CharField(label=_('Enter password again'), widget=forms.PasswordInput)  # sjt 确认密码字段
+    password1 = forms.CharField(label=_('password'), widget=forms.PasswordInput)
+    password2 = forms.CharField(label=_('Enter password again'), widget=forms.PasswordInput)
 
     class Meta:
-        model = BlogUser  # sjt 关联BlogUser模型
-        fields = ('email',)  # sjt 表单包含的字段
+        model = BlogUser
+        fields = ('email',)
 
     def clean_password2(self):
-        #sjt 验证两次输入密码一致性
+        # Check that the two password entries match
         password1 = self.cleaned_data.get("password1")
         password2 = self.cleaned_data.get("password2")
         if password1 and password2 and password1 != password2:
@@ -26,31 +25,29 @@ class BlogUserCreationForm(forms.ModelForm):
         return password2
 
     def save(self, commit=True):
-        #sjt 保存用户：加密密码并标记来源为后台
+        # Save the provided password in hashed format
         user = super().save(commit=False)
-        user.set_password(self.cleaned_data["password1"])  # sjt 加密密码
+        user.set_password(self.cleaned_data["password1"])
         if commit:
-            user.source = 'adminsite'  # sjt 标记来源为后台添加
+            user.source = 'adminsite'
             user.save()
         return user
 
 
 class BlogUserChangeForm(UserChangeForm):
-    #sjt 后台修改用户表单：配置修改用户的字段
     class Meta:
-        model = BlogUser  # sjt 关联BlogUser模型
-        fields = '__all__'  # sjt 包含所有字段
-        field_classes = {'username': UsernameField}  # sjt 用户名字段类
+        model = BlogUser
+        fields = '__all__'
+        field_classes = {'username': UsernameField}
 
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
 
 
 class BlogUserAdmin(UserAdmin):
-    #sjt Admin后台用户管理配置：定义显示和操作方式
-    form = BlogUserChangeForm  # sjt 修改用户表单
-    add_form = BlogUserCreationForm  # sjt 创建用户表单
-    list_display = (  # sjt 列表页显示的字段
+    form = BlogUserChangeForm
+    add_form = BlogUserCreationForm
+    list_display = (
         'id',
         'nickname',
         'username',
@@ -58,6 +55,6 @@ class BlogUserAdmin(UserAdmin):
         'last_login',
         'date_joined',
         'source')
-    list_display_links = ('id', 'username')  # sjt 列表页可点击的链接字段
-    ordering = ('-id',)  # sjt 按ID倒序排列
-    search_fields = ('username', 'nickname', 'email')  # sjt 搜索字段
+    list_display_links = ('id', 'username')
+    ordering = ('-id',)
+    search_fields = ('username', 'nickname', 'email')

doc/DjangoBlog-master/accounts/apps.py

@@ -0,0 +1,5 @@
+from django.apps import AppConfig
+
+
+class AccountsConfig(AppConfig):
+    name = 'accounts'

doc/DjangoBlog-master/accounts/forms.py

@@ -9,48 +9,39 @@ from .models import BlogUser
 
 
 class LoginForm(AuthenticationForm):
-    #sjt 登录表单：定义登录表单字段样式
     def __init__(self, *args, **kwargs):
         super(LoginForm, self).__init__(*args, **kwargs)
-        # sjt 设置用户名输入框样式
         self.fields['username'].widget = widgets.TextInput(
             attrs={'placeholder': "username", "class": "form-control"})
-        # sjt 设置密码输入框样式
         self.fields['password'].widget = widgets.PasswordInput(
             attrs={'placeholder': "password", "class": "form-control"})
 
 
 class RegisterForm(UserCreationForm):
-    #sjt 注册表单：验证用户名、邮箱、密码合法性
     def __init__(self, *args, **kwargs):
         super(RegisterForm, self).__init__(*args, **kwargs)
-        # sjt 设置用户名输入框样式
+
         self.fields['username'].widget = widgets.TextInput(
             attrs={'placeholder': "username", "class": "form-control"})
-        # sjt 设置邮箱输入框样式
         self.fields['email'].widget = widgets.EmailInput(
             attrs={'placeholder': "email", "class": "form-control"})
-        # sjt 设置密码输入框样式
         self.fields['password1'].widget = widgets.PasswordInput(
             attrs={'placeholder': "password", "class": "form-control"})
-        # sjt 设置确认密码输入框样式
         self.fields['password2'].widget = widgets.PasswordInput(
             attrs={'placeholder': "repeat password", "class": "form-control"})
 
     def clean_email(self):
-        #sjt 验证邮箱唯一性：已存在则抛出异常
         email = self.cleaned_data['email']
         if get_user_model().objects.filter(email=email).exists():
             raise ValidationError(_("email already exists"))
         return email
 
     class Meta:
-        model = get_user_model()  # sjt 关联用户模型
-        fields = ("username", "email")  # sjt 表单包含的字段
+        model = get_user_model()
+        fields = ("username", "email")
 
 
 class ForgetPasswordForm(forms.Form):
-    #sjt 密码找回表单：验证邮箱、验证码、新密码合法性
     new_password1 = forms.CharField(
         label=_("New password"),
         widget=forms.PasswordInput(
@@ -59,7 +50,7 @@ class ForgetPasswordForm(forms.Form):
                 'placeholder': _("New password")
             }
         ),
-    )  # sjt 新密码字段
+    )
 
     new_password2 = forms.CharField(
         label="确认密码",
@@ -69,7 +60,7 @@ class ForgetPasswordForm(forms.Form):
                 'placeholder': _("Confirm password")
             }
         ),
-    )  # sjt 确认密码字段
+    )
 
     email = forms.EmailField(
         label='邮箱',
@@ -79,7 +70,7 @@ class ForgetPasswordForm(forms.Form):
                 'placeholder': _("Email")
             }
         ),
-    )  # sjt 邮箱字段
+    )
 
     code = forms.CharField(
         label=_('Code'),
@@ -89,28 +80,27 @@ class ForgetPasswordForm(forms.Form):
                 'placeholder': _("Code")
             }
         ),
-    )  # sjt 验证码字段
+    )
 
     def clean_new_password2(self):
-        #sjt 验证两次输入密码一致性，并检查密码强度
         password1 = self.data.get("new_password1")
         password2 = self.data.get("new_password2")
         if password1 and password2 and password1 != password2:
             raise ValidationError(_("passwords do not match"))
-        password_validation.validate_password(password2)  # sjt 调用Django密码验证器
+        password_validation.validate_password(password2)
+
         return password2
 
     def clean_email(self):
-        #sjt 验证邮箱是否已注册
         user_email = self.cleaned_data.get("email")
         if not BlogUser.objects.filter(
                 email=user_email
         ).exists():
+            # todo 这里的报错提示可以判断一个邮箱是不是注册过，如果不想暴露可以修改
             raise ValidationError(_("email does not exist"))
         return user_email
 
     def clean_code(self):
-        #sjt 验证验证码有效性
         code = self.cleaned_data.get("code")
         error = utils.verify(
             email=self.cleaned_data.get("email"),
@@ -122,7 +112,6 @@ class ForgetPasswordForm(forms.Form):
 
 
 class ForgetPasswordCodeForm(forms.Form):
-    #sjt 发送验证码表单：验证邮箱格式
     email = forms.EmailField(
         label=_('Email'),
-    )  # sjt 邮箱字段（用于发送验证码）
+    )

doc/DjangoBlog-master/accounts/models.py

@@ -9,31 +9,27 @@ from djangoblog.utils import get_current_site
 # Create your models here.
 
 class BlogUser(AbstractUser):
-    #sjt 扩展Django内置用户模型，增加博客系统所需的用户属性
-    nickname = models.CharField(_('nick name'), max_length=100, blank=True)  # sjt 用户昵称
-    creation_time = models.DateTimeField(_('creation time'), default=now)  # sjt 账号创建时间
-    last_modify_time = models.DateTimeField(_('last modify time'), default=now)  # sjt 信息最后修改时间
-    source = models.CharField(_('create source'), max_length=100, blank=True)  # sjt 账号创建来源（如注册、后台添加）
+    nickname = models.CharField(_('nick name'), max_length=100, blank=True)
+    creation_time = models.DateTimeField(_('creation time'), default=now)
+    last_modify_time = models.DateTimeField(_('last modify time'), default=now)
+    source = models.CharField(_('create source'), max_length=100, blank=True)
 
     def get_absolute_url(self):
-        #sjt 获取用户详情页的相对URL
         return reverse(
             'blog:author_detail', kwargs={
                 'author_name': self.username})
 
     def __str__(self):
-        #sjt 对象字符串表示，返回用户邮箱
         return self.email
 
     def get_full_url(self):
-        #sjt 获取用户详情页的完整URL（包含域名）
         site = get_current_site().domain
         url = "https://{site}{path}".format(site=site,
                                             path=self.get_absolute_url())
         return url
 
     class Meta:
-        ordering = ['-id']  # sjt 按ID倒序排列
-        verbose_name = _('user')  # sjt 模型显示名称
+        ordering = ['-id']
+        verbose_name = _('user')
         verbose_name_plural = verbose_name
-        get_latest_by = 'id'  # sjt 最新记录按ID判断
+        get_latest_by = 'id'

doc/DjangoBlog-master/accounts/tests.py

@@ -13,7 +13,6 @@ from . import utils
 
 class AccountTest(TestCase):
     def setUp(self):
-        #sjt 测试初始化：创建测试客户端和测试用户
         self.client = Client()
         self.factory = RequestFactory()
         self.blog_user = BlogUser.objects.create_user(
@@ -21,19 +20,16 @@ class AccountTest(TestCase):
             email="admin@admin.com",
             password="12345678"
         )
-        self.new_test = "xxx123--="  # sjt 测试用新密码
+        self.new_test = "xxx123--="
 
     def test_validate_account(self):
-        #sjt 测试用户账号验证：管理员登录、文章创建等功能
         site = get_current_site().domain
-        # sjt 创建超级用户
         user = BlogUser.objects.create_superuser(
             email="liangliangyy1@gmail.com",
             username="liangliangyy1",
             password="qwer!@#$ggg")
         testuser = BlogUser.objects.get(username='liangliangyy1')
 
-        # sjt 测试登录
         loginresult = self.client.login(
             username='liangliangyy1',
             password='qwer!@#$ggg')
@@ -41,14 +37,12 @@ class AccountTest(TestCase):
         response = self.client.get('/admin/')
         self.assertEqual(response.status_code, 200)
 
-        # sjt 测试创建分类
         category = Category()
         category.name = "categoryaaa"
         category.creation_time = timezone.now()
         category.last_modify_time = timezone.now()
         category.save()
 
-        # sjt 测试创建文章
         article = Article()
         article.title = "nicetitleaaa"
         article.body = "nicecontentaaa"
@@ -58,30 +52,24 @@ class AccountTest(TestCase):
         article.status = 'p'
         article.save()
 
-        # sjt 测试访问文章管理页
         response = self.client.get(article.get_admin_url())
         self.assertEqual(response.status_code, 200)
 
     def test_validate_register(self):
-        #sjt 测试注册流程：注册->邮箱验证->登录->功能验证
-        # sjt 验证初始状态无此用户
         self.assertEquals(
             0, len(
                 BlogUser.objects.filter(
                     email='user123@user.com')))
-        # sjt 提交注册表单
         response = self.client.post(reverse('account:register'), {
             'username': 'user1233',
             'email': 'user123@user.com',
             'password1': 'password123!q@wE#R$T',
             'password2': 'password123!q@wE#R$T',
         })
-        # sjt 验证用户创建成功
         self.assertEquals(
             1, len(
                 BlogUser.objects.filter(
                     email='user123@user.com')))
-        # sjt 验证邮箱并激活用户
         user = BlogUser.objects.filter(email='user123@user.com')[0]
         sign = get_sha256(get_sha256(settings.SECRET_KEY + str(user.id)))
         path = reverse('accounts:result')
@@ -90,32 +78,59 @@ class AccountTest(TestCase):
         response = self.client.get(url)
         self.assertEqual(response.status_code, 200)
 
-        # sjt 测试登录及权限
         self.client.login(username='user1233', password='password123!q@wE#R$T')
         user = BlogUser.objects.filter(email='user123@user.com')[0]
         user.is_superuser = True
         user.is_staff = True
         user.save()
         delete_sidebar_cache()
-        # ... 后续测试创建分类、文章等功能
+        category = Category()
+        category.name = "categoryaaa"
+        category.creation_time = timezone.now()
+        category.last_modify_time = timezone.now()
+        category.save()
+
+        article = Article()
+        article.category = category
+        article.title = "nicetitle333"
+        article.body = "nicecontentttt"
+        article.author = user
+
+        article.type = 'a'
+        article.status = 'p'
+        article.save()
+
+        response = self.client.get(article.get_admin_url())
+        self.assertEqual(response.status_code, 200)
+
+        response = self.client.get(reverse('account:logout'))
+        self.assertIn(response.status_code, [301, 302, 200])
+
+        response = self.client.get(article.get_admin_url())
+        self.assertIn(response.status_code, [301, 302, 200])
+
+        response = self.client.post(reverse('account:login'), {
+            'username': 'user1233',
+            'password': 'password123'
+        })
+        self.assertIn(response.status_code, [301, 302, 200])
+
+        response = self.client.get(article.get_admin_url())
+        self.assertIn(response.status_code, [301, 302, 200])
 
     def test_verify_email_code(self):
-        #sjt 测试验证码验证功能
         to_email = "admin@admin.com"
-        code = generate_code()  # sjt 生成验证码
-        utils.set_code(to_email, code)  # sjt 缓存验证码
-        utils.send_verify_email(to_email, code)  # sjt 发送验证码邮件
+        code = generate_code()
+        utils.set_code(to_email, code)
+        utils.send_verify_email(to_email, code)
 
-        # sjt 验证正确验证码
         err = utils.verify("admin@admin.com", code)
         self.assertEqual(err, None)
 
-        # sjt 验证错误邮箱的验证码
         err = utils.verify("admin@123.com", code)
         self.assertEqual(type(err), str)
 
     def test_forget_password_email_code_success(self):
-        #sjt 测试成功发送密码找回验证码
         resp = self.client.post(
             path=reverse("account:forget_password_code"),
             data=dict(email="admin@admin.com")
@@ -125,7 +140,6 @@ class AccountTest(TestCase):
         self.assertEqual(resp.content.decode("utf-8"), "ok")
 
     def test_forget_password_email_code_fail(self):
-        #sjt 测试发送密码找回验证码失败情况（无效邮箱）
         resp = self.client.post(
             path=reverse("account:forget_password_code"),
             data=dict()
@@ -139,7 +153,6 @@ class AccountTest(TestCase):
         self.assertEqual(resp.content.decode("utf-8"), "错误的邮箱")
 
     def test_forget_password_email_success(self):
-        #sjt 测试成功找回密码流程
         code = generate_code()
         utils.set_code(self.blog_user.email, code)
         data = dict(
@@ -154,15 +167,14 @@ class AccountTest(TestCase):
         )
         self.assertEqual(resp.status_code, 302)
 
-        # sjt 验证密码是否修改成功
+        # 验证用户密码是否修改成功
         blog_user = BlogUser.objects.filter(
             email=self.blog_user.email,
-        ).first()
+        ).first()  # type: BlogUser
         self.assertNotEqual(blog_user, None)
         self.assertEqual(blog_user.check_password(data["new_password1"]), True)
 
     def test_forget_password_email_not_user(self):
-        #sjt 测试使用未注册邮箱找回密码
         data = dict(
             new_password1=self.new_test,
             new_password2=self.new_test,
@@ -176,19 +188,20 @@ class AccountTest(TestCase):
 
         self.assertEqual(resp.status_code, 200)
 
+
     def test_forget_password_email_code_error(self):
-        #sjt 测试使用错误验证码找回密码
         code = generate_code()
         utils.set_code(self.blog_user.email, code)
         data = dict(
             new_password1=self.new_test,
             new_password2=self.new_test,
             email=self.blog_user.email,
-            code="111111",  # sjt 错误验证码
+            code="111111",
         )
         resp = self.client.post(
             path=reverse("account:forget_password"),
             data=data
         )
 
-        self.assertEqual(resp.status_code, 200)
+        self.assertEqual(resp.status_code, 200)
+

doc/DjangoBlog-master/accounts/urls.py

@@ -4,25 +4,25 @@ from django.urls import re_path
 from . import views
 from .forms import LoginForm
 
-app_name = "accounts"  # sjt 应用命名空间
+app_name = "accounts"
 
-urlpatterns = [re_path(r'^login/$',  # sjt 登录页面路由
+urlpatterns = [re_path(r'^login/$',
                        views.LoginView.as_view(success_url='/'),
                        name='login',
                        kwargs={'authentication_form': LoginForm}),
-               re_path(r'^register/$',  # sjt 注册页面路由
+               re_path(r'^register/$',
                        views.RegisterView.as_view(success_url="/"),
                        name='register'),
-               re_path(r'^logout/$',  # sjt 注销功能路由
+               re_path(r'^logout/$',
                        views.LogoutView.as_view(),
                        name='logout'),
-               path(r'account/result.html',  # sjt 注册/验证结果页路由
+               path(r'account/result.html',
                     views.account_result,
                     name='result'),
-               re_path(r'^forget_password/$',  # sjt 密码找回页面路由
+               re_path(r'^forget_password/$',
                        views.ForgetPasswordView.as_view(),
                        name='forget_password'),
-               re_path(r'^forget_password_code/$',  # sjt 发送密码找回验证码路由
+               re_path(r'^forget_password_code/$',
                        views.ForgetPasswordEmailCode.as_view(),
                        name='forget_password_code'),
-               ]
+               ]

doc/DjangoBlog-master/accounts/user_login_backend.py

@@ -0,0 +1,26 @@
+from django.contrib.auth import get_user_model
+from django.contrib.auth.backends import ModelBackend
+
+
+class EmailOrUsernameModelBackend(ModelBackend):
+    """
+    允许使用用户名或邮箱登录
+    """
+
+    def authenticate(self, request, username=None, password=None, **kwargs):
+        if '@' in username:
+            kwargs = {'email': username}
+        else:
+            kwargs = {'username': username}
+        try:
+            user = get_user_model().objects.get(**kwargs)
+            if user.check_password(password):
+                return user
+        except get_user_model().DoesNotExist:
+            return None
+
+    def get_user(self, username):
+        try:
+            return get_user_model().objects.get(pk=username)
+        except get_user_model().DoesNotExist:
+            return None

doc/DjangoBlog-master/accounts/utils.py

@@ -7,16 +7,16 @@ from django.utils.translation import gettext_lazy as _
 
 from djangoblog.utils import send_email
 
-_code_ttl = timedelta(minutes=5)  # sjt 验证码有效期（5分钟）
+_code_ttl = timedelta(minutes=5)
 
 
 def send_verify_email(to_mail: str, code: str, subject: str = _("Verify Email")):
-    '''sjt 发送密码重置验证码邮件
+    """发送重设密码验证码
     Args:
-        to_mail: 接收邮箱
+        to_mail: 接受邮箱
         subject: 邮件主题
         code: 验证码
-    '''
+    """
     html_content = _(
         "You are resetting the password, the verification code is：%(code)s, valid within 5 minutes, please keep it "
         "properly") % {'code': code}
@@ -24,23 +24,26 @@ def send_verify_email(to_mail: str, code: str, subject: str = _("Verify Email"))
 
 
 def verify(email: str, code: str) -> typing.Optional[str]:
-    '''sjt 验证验证码有效性
+    """验证code是否有效
     Args:
         email: 请求邮箱
         code: 验证码
     Return:
-        如果有错误返回错误信息字符串，否则返回None
-        '''
-    cache_code = get_code(email)  # sjt 从缓存获取验证码
-    if cache_code != code:  # sjt 验证码不匹配
+        如果有错误就返回错误str
+    Node:
+        这里的错误处理不太合理，应该采用raise抛出
+        否测调用方也需要对error进行处理
+    """
+    cache_code = get_code(email)
+    if cache_code != code:
         return gettext("Verification code error")
 
 
 def set_code(email: str, code: str):
-    #sjt 将验证码存入缓存（有效期5分钟）
+    """设置code"""
     cache.set(email, code, _code_ttl.seconds)
 
 
 def get_code(email: str) -> typing.Optional[str]:
-    #sjt 从缓存获取验证码
-    return cache.get(email)
+    """获取code"""
+    return cache.get(email)

doc/DjangoBlog-master/accounts/views.py

@@ -32,34 +32,28 @@ logger = logging.getLogger(__name__)
 # Create your views here.
 
 class RegisterView(FormView):
-    #sjt 用户注册视图：处理注册表单提交，发送邮箱验证链接
-    form_class = RegisterForm  # sjt 注册表单类
-    template_name = 'account/registration_form.html'  # sjt 注册页面模板
+    form_class = RegisterForm
+    template_name = 'account/registration_form.html'
 
     @method_decorator(csrf_protect)
     def dispatch(self, *args, **kwargs):
-        #sjt 处理请求分发，添加CSRF保护
         return super(RegisterView, self).dispatch(*args, **kwargs)
 
     def form_valid(self, form):
-        #sjt 表单验证通过后：创建未激活用户，生成验证链接并发送邮件
         if form.is_valid():
-            user = form.save(False)  # sjt 不立即保存用户
-            user.is_active = False  # sjt 初始为未激活状态（需邮箱验证）
-            user.source = 'Register'  # sjt 标记来源为注册
-            user.save(True)  # sjt 保存用户
-            site = get_current_site().domain  # sjt 获取当前站点域名
-            # sjt 生成双重加密签名（防止链接篡改）
+            user = form.save(False)
+            user.is_active = False
+            user.source = 'Register'
+            user.save(True)
+            site = get_current_site().domain
             sign = get_sha256(get_sha256(settings.SECRET_KEY + str(user.id)))
 
-            if settings.DEBUG:  # sjt 开发环境下使用本地域名
+            if settings.DEBUG:
                 site = '127.0.0.1:8000'
-            path = reverse('account:result')  # sjt 获取结果页路由
-            # sjt 构建验证链接
+            path = reverse('account:result')
             url = "http://{site}{path}?type=validation&id={id}&sign={sign}".format(
                 site=site, path=path, id=user.id, sign=sign)
 
-            # sjt 构建验证邮件内容
             content = """
                             <p>请点击下面链接验证您的邮箱</p>
 
@@ -70,7 +64,6 @@ class RegisterView(FormView):
                             如果上面链接无法打开，请将此链接复制至浏览器。
                             {url}
                             """.format(url=url)
-            # sjt 发送验证邮件
             send_email(
                 emailto=[
                     user.email,
@@ -78,7 +71,6 @@ class RegisterView(FormView):
                 title='验证您的电子邮箱',
                 content=content)
 
-            # sjt 重定向到注册结果页
             url = reverse('accounts:result') + \
                   '?type=register&id=' + str(user.id)
             return HttpResponseRedirect(url)
@@ -89,66 +81,60 @@ class RegisterView(FormView):
 
 
 class LogoutView(RedirectView):
-    #sjt 用户注销视图：处理用户注销并跳转登录页
-    url = '/login/'  # sjt 注销后跳转的URL
+    url = '/login/'
 
     @method_decorator(never_cache)
     def dispatch(self, request, *args, **kwargs):
-        #sjt 处理请求分发，禁止缓存
         return super(LogoutView, self).dispatch(request, *args, **kwargs)
 
     def get(self, request, *args, **kwargs):
-        #sjt 处理GET请求：执行注销操作并清除缓存
-        logout(request)  # sjt 注销用户
-        delete_sidebar_cache()  # sjt 删除侧边栏缓存
+        logout(request)
+        delete_sidebar_cache()
         return super(LogoutView, self).get(request, *args, **kwargs)
 
 
 class LoginView(FormView):
-    #sjt 用户登录视图：支持用户名/邮箱登录，处理登录状态
-    form_class = LoginForm  # sjt 登录表单类
-    template_name = 'account/login.html'  # sjt 登录页面模板
-    success_url = '/'  # sjt 登录成功默认跳转页
-    redirect_field_name = REDIRECT_FIELD_NAME  # sjt 重定向字段名
-    login_ttl = 2626560  # sjt 记住登录状态的有效期（一个月，单位秒）
+    form_class = LoginForm
+    template_name = 'account/login.html'
+    success_url = '/'
+    redirect_field_name = REDIRECT_FIELD_NAME
+    login_ttl = 2626560  # 一个月的时间
 
     @method_decorator(sensitive_post_parameters('password'))
     @method_decorator(csrf_protect)
     @method_decorator(never_cache)
     def dispatch(self, request, *args, **kwargs):
-        #sjt 处理请求分发：保护敏感参数、CSRF保护、禁止缓存
+
         return super(LoginView, self).dispatch(request, *args, **kwargs)
 
     def get_context_data(self, **kwargs):
-        #sjt 构建上下文数据：获取重定向URL
         redirect_to = self.request.GET.get(self.redirect_field_name)
         if redirect_to is None:
             redirect_to = '/'
         kwargs['redirect_to'] = redirect_to
 
-        return super(LoginView, self).get_context_data(** kwargs)
+        return super(LoginView, self).get_context_data(**kwargs)
 
     def form_valid(self, form):
-        #sjt 表单验证通过后：验证用户凭据，处理登录状态（含"记住我"功能）
         form = AuthenticationForm(data=self.request.POST, request=self.request)
 
-        if form.is_valid():  # sjt 验证用户凭据
-            delete_sidebar_cache()  # sjt 删除侧边栏缓存
+        if form.is_valid():
+            delete_sidebar_cache()
             logger.info(self.redirect_field_name)
 
-            auth.login(self.request, form.get_user())  # sjt 登录用户
-            if self.request.POST.get("remember"):  # sjt 如果勾选"记住我"
-                self.request.session.set_expiry(self.login_ttl)  # sjt 设置会话有效期
+            auth.login(self.request, form.get_user())
+            if self.request.POST.get("remember"):
+                self.request.session.set_expiry(self.login_ttl)
             return super(LoginView, self).form_valid(form)
+            # return HttpResponseRedirect('/')
         else:
             return self.render_to_response({
                 'form': form
             })
 
     def get_success_url(self):
-        #sjt 获取登录成功后的跳转URL（验证安全性）
+
         redirect_to = self.request.POST.get(self.redirect_field_name)
-        # sjt 验证跳转URL是否安全
         if not url_has_allowed_host_and_scheme(
                 url=redirect_to, allowed_hosts=[
                     self.request.get_host()]):
@@ -157,33 +143,31 @@ class LoginView(FormView):
 
 
 def account_result(request):
-    #sjt 注册/验证结果页：处理邮箱验证逻辑，激活用户账号
-    type = request.GET.get('type')  # sjt 获取操作类型（注册/验证）
-    id = request.GET.get('id')  # sjt 获取用户ID
+    type = request.GET.get('type')
+    id = request.GET.get('id')
 
-    user = get_object_or_404(get_user_model(), id=id)  # sjt 获取用户对象
+    user = get_object_or_404(get_user_model(), id=id)
     logger.info(type)
-    if user.is_active:  # sjt 如果用户已激活，直接跳转首页
+    if user.is_active:
         return HttpResponseRedirect('/')
     if type and type in ['register', 'validation']:
-        if type == 'register':  # sjt 注册成功结果页
+        if type == 'register':
             content = '''
     恭喜您注册成功，一封验证邮件已经发送到您的邮箱，请验证您的邮箱后登录本站。
     '''
             title = '注册成功'
-        else:  # sjt 邮箱验证结果页
-            # sjt 验证签名是否正确
+        else:
             c_sign = get_sha256(get_sha256(settings.SECRET_KEY + str(user.id)))
             sign = request.GET.get('sign')
-            if sign != c_sign:  # sjt 签名错误返回403
+            if sign != c_sign:
                 return HttpResponseForbidden()
-            user.is_active = True  # sjt 激活用户
+            user.is_active = True
             user.save()
             content = '''
             恭喜您已经成功的完成邮箱验证，您现在可以使用您的账号来登录本站。
             '''
             title = '验证成功'
-        return render(request, 'account/result.html', {  # sjt 渲染结果页
+        return render(request, 'account/result.html', {
             'title': title,
             'content': content
         })
@@ -192,34 +176,29 @@ def account_result(request):
 
 
 class ForgetPasswordView(FormView):
-    #sjt 密码找回视图：验证验证码后重置密码
-    form_class = ForgetPasswordForm  # sjt 密码找回表单
-    template_name = 'account/forget_password.html'  # sjt 密码找回页面模板
+    form_class = ForgetPasswordForm
+    template_name = 'account/forget_password.html'
 
     def form_valid(self, form):
-        #sjt 表单验证通过后：更新用户密码并跳转登录页
         if form.is_valid():
             blog_user = BlogUser.objects.filter(email=form.cleaned_data.get("email")).get()
-            # sjt 加密并更新密码
             blog_user.password = make_password(form.cleaned_data["new_password2"])
             blog_user.save()
-            return HttpResponseRedirect('/login/')  # sjt 跳转登录页
+            return HttpResponseRedirect('/login/')
         else:
             return self.render_to_response({'form': form})
 
 
 class ForgetPasswordEmailCode(View):
-    #sjt 发送密码找回验证码视图：处理发送验证码请求
 
     def post(self, request: HttpRequest):
-        #sjt 处理POST请求：验证邮箱并发送验证码
-        form = ForgetPasswordCodeForm(request.POST)  # sjt 验证邮箱表单
-        if not form.is_valid():  # sjt 邮箱验证失败
+        form = ForgetPasswordCodeForm(request.POST)
+        if not form.is_valid():
             return HttpResponse("错误的邮箱")
-        to_email = form.cleaned_data["email"]  # sjt 获取目标邮箱
+        to_email = form.cleaned_data["email"]
 
-        code = generate_code()  # sjt 生成验证码
-        utils.send_verify_email(to_email, code)  # sjt 发送验证码邮件
-        utils.set_code(to_email, code)  # sjt 缓存验证码（有效期5分钟）
+        code = generate_code()
+        utils.send_verify_email(to_email, code)
+        utils.set_code(to_email, code)
 
-        return HttpResponse("ok")  # sjt 发送成功返回"ok"
+        return HttpResponse("ok")