From f1cd5176deba62e9ea6dcc47ba7864a26be8071a Mon Sep 17 00:00:00 2001
From: yuyx <237899745@qq.com>
Date: Thu, 11 Dec 2025 20:41:53 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E7=94=A8=E6=88=B7=E5=92=8C?=
 =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=91=98session=E5=86=B2=E7=AA=81=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

问题：在同一浏览器先登录用户再登录管理员时，用户会掉线
原因：管理员登录时使用session.clear()清除了整个session
修复：改为只清除管理员相关的session键，保留用户登录状态

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 app.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/app.py b/app.py
index 0d90c87..0370827 100755
--- a/app.py
+++ b/app.py
@@ -976,8 +976,10 @@ def admin_login():
 
     admin = database.verify_admin(username, password)
     if admin:
-        # 清除旧session，确保干净的状态
-        session.clear()
+        # 安全修复: 只清除管理员相关的session，保留用户登录状态
+        # 这样用户和管理员可以在同一浏览器中共存
+        session.pop('admin_id', None)
+        session.pop('admin_username', None)
         # 设置管理员session
         session['admin_id'] = admin['id']
         session['admin_username'] = admin['username']