diff --git a/.gitignore b/.gitignore
index 413c71c..3d901ba 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,3 +10,4 @@ app/static/frequency/frequency.p
 app/static/wordfreqapp.db
 app/static/donate-the-author.jpg
 app/static/donate-the-author-hidden.jpg
+app/model/__pycache__/
\ No newline at end of file
diff --git a/README.md b/README.md
index 29e74dd..14cc9aa 100644
--- a/README.md
+++ b/README.md
@@ -182,6 +182,7 @@ Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=215
 
 
 
+
 ### 丁锐
 
 修复了以下漏洞
@@ -191,4 +192,5 @@ Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=215
 Bug report: http://118.25.96.118/bugzilla/show_bug.cgi?id=489
 
 
-*Last modified on 2023-01-30*
\ No newline at end of file
+*Last modified on 2023-01-30*
+
diff --git a/app/Article.py b/app/Article.py
index 04a32ea..e40717f 100644
--- a/app/Article.py
+++ b/app/Article.py
@@ -32,12 +32,20 @@ def get_article_body(s):
     return '\n'.join(lst)
 
 
-def get_today_article(user_word_list, articleID):
+def get_today_article(user_word_list, visited_articles):
     rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
-    if articleID == None:
+    if visited_articles is None:
+        visited_articles = {
+            "index" : 0,  # 为 article_ids 的索引
+            "article_ids": []  # 之前显示文章的id列表，越后越新
+        }
+    if visited_articles["index"] > len(visited_articles["article_ids"])-1:  # 生成新的文章，因此查找所有的文章
         rq.instructions("SELECT * FROM article")
-    else:
-        rq.instructions('SELECT * FROM article WHERE article_id=%d' % (articleID))
+    else:  # 生成阅读过的文章，因此查询指定 article_id 的文章
+        if visited_articles["article_ids"][visited_articles["index"]] == 'null':  # 可能因为直接刷新页面导致直接去查询了'null'，因此当刷新的页面的时候，需要直接进行“上一篇”操作
+            visited_articles["index"] -= 1
+            visited_articles["article_ids"].pop()
+        rq.instructions('SELECT * FROM article WHERE article_id=%d' % (visited_articles["article_ids"][visited_articles["index"]]))
     rq.do()
     result = rq.get_results()
     random.shuffle(result)
@@ -47,36 +55,49 @@ def get_today_article(user_word_list, articleID):
     d2 = load_freq_history(path_prefix + 'static/words_and_tests.p')
     d3 = get_difficulty_level(d1, d2)
 
-    d = {}
+    d = None
+    result_of_generate_article = "not found"
     d_user = load_freq_history(user_word_list)
     user_level = user_difficulty_level(d_user, d3)  # more consideration as user's behaviour is dynamic. Time factor should be considered.
-    random.shuffle(result)  # shuffle list
-    d = random.choice(result)
-    text_level = text_difficulty_level(d['text'], d3)
-    if articleID == None:
-        for reading in result:
-            text_level = text_difficulty_level(reading['text'], d3)
-            factor = random.gauss(0.8,
-                                  0.1)  # a number drawn from Gaussian distribution with a mean of 0.8 and a stand deviation of 1
-            if within_range(text_level, user_level, (8.0 - user_level) * factor):
-                d = reading
-                break
+    text_level = 0
+    if visited_articles["index"] > len(visited_articles["article_ids"])-1:  # 生成新的文章
+        amount_of_visited_articles = len(visited_articles["article_ids"])
+        amount_of_existing_articles = result.__len__()
+        if amount_of_visited_articles == amount_of_existing_articles:  # 如果当前阅读过的文章的数量 == 存在的文章的数量，即所有的书本都阅读过了
+            result_of_generate_article = "had read all articles"
+        else:
+            for k in range(3):  # 最多尝试3次
+                for reading in result:
+                    text_level = text_difficulty_level(reading['text'], d3)
+                    factor = random.gauss(0.8, 0.1)  # a number drawn from Gaussian distribution with a mean of 0.8 and a stand deviation of 1
+                    if reading['article_id'] not in visited_articles["article_ids"] and within_range(text_level, user_level, (8.0 - user_level) * factor):  # 新的文章之前没有出现过且符合一定范围的水平
+                        d = reading
+                        visited_articles["article_ids"].append(d['article_id'])  # 列表添加新的文章id；下面进行
+                        result_of_generate_article = "found"
+                        break
+                if result_of_generate_article == "found":  # 用于成功找到文章后及时退出外层循环
+                    break
+        if result_of_generate_article != "found":  # 阅读完所有文章，或者循环3次没有找到适合的文章，则放入空（“null”）
+            visited_articles["article_ids"].append('null')
+    else:  # 生成已经阅读过的文章
+        d = random.choice(result)
+        text_level = text_difficulty_level(d['text'], d3)
+        result_of_generate_article = "found"
 
-    s = '<div class="alert alert-success" role="alert">According to your word list, your level is <span class="badge bg-success">%4.2f</span>  and we have chosen an article with a difficulty level of <span class="badge bg-success">%4.2f</span> for you.</div>' % (
-        user_level, text_level)
-    s += '<p class="text-muted">Article added on: %s</p>' % (d['date'])
-    s += '<div class="p-3 mb-2 bg-light text-dark">'
-    article_title = get_article_title(d['text'])
-    article_body = get_article_body(d['text'])
-    s += '<p class="display-5">%s</p>' % (article_title)
-    s += '<p class="lead"><font id="article" size=2>%s</font></p>' % (article_body)
-    s += '<p><small class="text-muted">%s</small></p>' % (d['source'])
-    s += '<p><b>%s</b></p>' % (get_question_part(d['question']))
-    s = s.replace('\n', '<br/>')
-    s += '%s' % (get_answer_part(d['question']))
-    s += '</div>'
-    session['articleID'] = d['article_id']
-    return s
+    today_article = None
+    if d:
+        today_article = {
+            "user_level": '%4.2f' % user_level,
+            "text_level": '%4.2f' % text_level,
+            "date": d['date'],
+            "article_title": get_article_title(d['text']),
+            "article_body": get_article_body(d['text']),
+            "source": d["source"],
+            "question": get_question_part(d['question']),
+            "answer": get_answer_part(d['question'])
+        }
+
+    return visited_articles, today_article, result_of_generate_article
 
 
 def load_freq_history(path):
@@ -116,21 +137,4 @@ def get_answer_part(s):
             flag = 1
         elif flag == 1:
             result.append(line)
-    # https://css-tricks.com/snippets/javascript/showhide-element/
-    js = '''
-<script type="text/javascript">
-
-    function toggle_visibility(id) {
-       var e = document.getElementById(id);
-       if(e.style.display == 'block')
-          e.style.display = 'none';
-       else
-          e.style.display = 'block';
-    }
-</script>
-    '''
-    html_code = js
-    html_code += '\n'
-    html_code += '<button onclick="toggle_visibility(\'answer\');">ANSWER</button>\n'
-    html_code += '<div id="answer" style="display:none;">%s</div>\n' % ('\n'.join(result))
-    return html_code
\ No newline at end of file
+    return '\n'.join(result)
diff --git a/app/Login.py b/app/Login.py
index 8e0030b..cd750d1 100644
--- a/app/Login.py
+++ b/app/Login.py
@@ -3,6 +3,18 @@ import string
 from datetime import datetime, timedelta
 from UseSqlite import InsertQuery, RecordQuery
 
+def md5(s):
+    '''
+    MD5摘要
+    :param str: 字符串
+    :return: 经MD5以后的字符串
+    '''
+    h = hashlib.md5(s.encode(encoding='utf-8'))
+    return h.hexdigest()
+
+# import model.user after the defination of md5(s) to avoid circular import
+from model.user import get_user_by_username, insert_user, update_password_by_username
+
 path_prefix = '/var/www/wordfreq/wordfreq/'
 path_prefix = './'  # comment this line in deployment
 
@@ -12,13 +24,9 @@ def verify_pass(newpass,oldpass):
 
 
 def verify_user(username, password):
-    rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
-    password = md5(username + password)
-    rq.instructions_with_parameters("SELECT * FROM user WHERE name=:username AND password=:password", dict(
-        username=username, password=password))  # the named style https://docs.python.org/3/library/sqlite3.html
-    rq.do_with_parameters()
-    result = rq.get_results()
-    return result != []
+    user = get_user_by_username(username)
+    encoded_password = md5(username + password)
+    return user is not None and user.password == encoded_password
 
 
 def add_user(username, password):
@@ -26,19 +34,12 @@ def add_user(username, password):
     expiry_date = (datetime.now() + timedelta(days=30)).strftime('%Y%m%d') # will expire after 30 days
     # 将用户名和密码一起加密，以免暴露不同用户的相同密码
     password = md5(username + password)
-    rq = InsertQuery(path_prefix + 'static/wordfreqapp.db')
-    rq.instructions_with_parameters("INSERT INTO user VALUES (:username, :password, :start_date, :expiry_date)", dict(
-        username=username, password=password, start_date=start_date, expiry_date=expiry_date))
-    rq.do_with_parameters()
+    insert_user(username=username, password=password, start_date=start_date, expiry_date=expiry_date)
 
 
 def check_username_availability(username):
-    rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
-    rq.instructions_with_parameters(
-        "SELECT * FROM user WHERE name=:username", dict(username=username))
-    rq.do_with_parameters()
-    result = rq.get_results()
-    return result == []
+    existed_user = get_user_by_username(username)
+    return existed_user is None
 
 
 def change_password(username, old_password, new_password):
@@ -54,35 +55,16 @@ def change_password(username, old_password, new_password):
     # 将用户名和密码一起加密，以免暴露不同用户的相同密码
     if verify_pass(new_password,old_password): #新旧密码一致
         return False
-    password = md5(username + new_password)
-    rq = InsertQuery(path_prefix + 'static/wordfreqapp.db')
-    rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict(
-        password=password, username=username))
-    rq.do_with_parameters()
+    update_password_by_username(username, new_password)
     return True
 
 
 def get_expiry_date(username):
-    rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
-    rq.instructions_with_parameters(
-        "SELECT expiry_date FROM user WHERE name=:username", dict(username=username))
-    rq.do_with_parameters()
-    result = rq.get_results()
-    if len(result) > 0:
-        return result[0]['expiry_date']
-    else:
+    user = get_user_by_username(username)
+    if user is None:
         return '20191024'
-
-
-def md5(s):
-    '''
-    MD5摘要
-    :param str: 字符串
-    :return: 经MD5以后的字符串
-    '''
-    h = hashlib.md5(s.encode(encoding='utf-8'))
-    return h.hexdigest()
-
+    else:
+        return user.expiry_date
 
 class UserName:
     def __init__(self, username):
@@ -96,9 +78,9 @@ class UserName:
         if ' ' in self.username: # a user name must not include a whitespace
             return 'Whitespace is not allowed in the user name.'
         for c in self.username: # a user name must not include special characters, except non-leading periods or underscores
-            if c in string.punctuation and c is not '.' and c is not '_':
+            if c in string.punctuation and c != '.' and c != '_':
                 return f'{c} is not allowed in the user name.'
-        if self.username in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del']:
+        if self.username in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del', 'admin']:
             return 'You used a restricted word as your user name.  Please come up with a better one.'
 
         return 'OK'
diff --git a/app/account_service.py b/app/account_service.py
index 9b1c46b..a7ed0c4 100644
--- a/app/account_service.py
+++ b/app/account_service.py
@@ -19,21 +19,15 @@ def signup():
         # POST方法需判断是否注册成功，再根据结果返回不同的内容
         username = escape(request.form['username'])
         password = escape(request.form['password'])
-        password2 = escape(request.form['password2'])
         
         #! 添加如下代码为了过滤注册时的非法字符
         warn = WarningMessage(username)
         if str(warn) != 'OK':
-            return str(warn)
+            return jsonify({'status': '3', 'warn': str(warn)})
         
         available = check_username_availability(username)
         if not available: # 用户名不可用
-            flash('用户名 %s 已经被注册。' % (username))
-            return render_template('signup.html')
-        elif len(password.strip()) < 4: # 密码过短
-            return '密码过于简单。'
-        elif password != password2:
-            return '确认密码与输入密码不一致！'
+            return jsonify({'status': '0'})
         else: # 添加账户信息
             add_user(username, password)
             verified = verify_user(username, password)
@@ -43,11 +37,10 @@ def signup():
                 session[username] = username
                 session['username'] = username
                 session['expiry_date'] = get_expiry_date(username)
-                session['articleID'] = None
-                return '<p>恭喜，你已成功注册， 你的用户名是 <a href="%s">%s</a>。</p>\
-                <p><a href="/%s">开始使用</a> <a href="/">返回首页</a><p/>' % (username, username, username)
+                session['visited_articles'] = None
+                return jsonify({'status': '2'})
             else:
-                return '用户名密码验证失败。'
+                return jsonify({'status': '1'})
 
 
 
@@ -59,13 +52,7 @@ def login():
     '''
     if request.method == 'GET':
         # GET请求
-        if not session.get('logged_in'):
-            # 未登录，返回登录页面
-            return render_template('login.html')
-        else:
-            # 已登录，提示信息并显示登出按钮
-            return '你已登录 <a href="/%s">%s</a>。 登出点击<a href="/logout">这里</a>。' % (
-                session['username'], session['username'])
+        return render_template('login.html')
     elif request.method == 'POST':
         # POST方法用于判断登录是否成功
         # check database and verify user
@@ -79,10 +66,10 @@ def login():
             session['username'] = username
             user_expiry_date = get_expiry_date(username)
             session['expiry_date'] = user_expiry_date
-            session['articleID'] = None
-            return redirect(url_for('user_bp.userpage', username=username))
+            session['visited_articles'] = None
+            return jsonify({'status': '1'})
         else:
-            return '无法通过验证。'
+            return jsonify({'status': '0'})
 
 
 @accountService.route("/logout", methods=['GET', 'POST'])
@@ -115,31 +102,9 @@ def reset():
         # POST请求用于提交修改后信息
         old_password = escape(request.form['old-password'])
         new_password = escape(request.form['new-password'])
-
-        re_new_password = escape(request.form['re-new-password'])  # 确认新密码
-        if re_new_password != new_password: #验证新密码两次输入是否相同
-            return '新密码不匹配，请重新输入'
-        if len(new_password) < 4: #验证新密码长度，原则参照注册模块
-            return '密码过于简单。(密码长度至少4位)'
-
         flag = change_password(username, old_password, new_password) # flag表示是否修改成功
         if flag:
             session['logged_in'] = False
-            return \
-'''
-<script>
-alert('密码修改成功，请重新登录。');
-window.location.href="/login";
-</script>
-
-'''
-
+            return jsonify({'status':'1'})  # 修改成功
         else:
-            return \
-'''
-<script>
-alert('密码修改失败');
-window.location.href="/reset";
-</script>
-
-'''
+            return jsonify({'status':'2'})  # 修改失败
diff --git a/app/admin_service.py b/app/admin_service.py
new file mode 100644
index 0000000..a604b5e
--- /dev/null
+++ b/app/admin_service.py
@@ -0,0 +1,142 @@
+# System Library
+from flask import *
+
+# Personal library
+from Yaml import yml
+from model.user import *
+from model.article import *
+
+ADMIN_NAME = "lanhui"  # unique admin name
+_cur_page = 1  # current article page
+_page_size = 5  # article sizes per page
+adminService = Blueprint("admin_service", __name__)
+
+
+def check_is_admin():
+    # 未登录，跳转到未登录界面
+    if not session.get("logged_in"):
+        return render_template("not_login.html")
+
+    # 用户名不是admin_name
+    if session.get("username") != ADMIN_NAME:
+        return "You are not admin!"
+
+    return "pass"
+
+
+@adminService.route("/admin", methods=["GET"])
+def admin():
+    is_admin = check_is_admin()
+    if is_admin != "pass":
+        return is_admin
+
+    return render_template(
+        "admin_index.html", yml=yml, username=session.get("username")
+    )
+
+
+@adminService.route("/admin/article", methods=["GET", "POST"])
+def article():
+    global _cur_page, _page_size
+
+    is_admin = check_is_admin()
+    if is_admin != "pass":
+        return is_admin
+
+    _article_number = get_number_of_articles()
+    try:
+        _page_size = min(
+            max(1, int(request.args.get("size", 5))), _article_number
+        )  # 最小的size是1
+        _cur_page = min(
+            max(1, int(request.args.get("page", 1))), _article_number // _page_size + (_article_number % _page_size > 0)
+        )  # 最小的page是1
+    except ValueError:
+        return "page parmas must be int!"
+    
+    _articles = get_page_articles(_cur_page, _page_size)
+    for article in _articles:   # 获取每篇文章的title
+        article.title = article.text.split("\n")[0]
+        article.content = '<br/>'.join(article.text.split("\n")[1:])
+    
+    context = {
+        "article_number": _article_number,
+        "text_list": _articles,
+        "page_size": _page_size,
+        "cur_page": _cur_page,
+        "username": session.get("username"),
+    }
+
+    def _update_context():
+        article_len = get_number_of_articles()
+        context["article_number"] = article_len
+        context["text_list"] = get_page_articles(_cur_page, _page_size)
+        _articles = get_page_articles(_cur_page, _page_size)
+        for article in _articles:   # 获取每篇文章的title
+            article.title = article.text.split("\n")[0]
+        context["text_list"] = _articles
+
+    if request.method == "GET":
+        try:
+            delete_id = int(request.args.get("delete_id", 0))
+        except:
+            return "Delete article ID must be int!"
+        if delete_id:  # delete article
+            delete_article_by_id(delete_id)
+            _update_context()
+    elif request.method == "POST":
+        data = request.form
+        content = data.get("content", "")
+        source = data.get("source", "")
+        question = data.get("question", "")
+        level = data.get("level", "4")
+        if content:
+            if level not in ['1', '2', '3', '4']:
+                return "Level must be between 1 and 4."
+            add_article(content, source, level, question)
+            _update_context()
+            title = content.split('\n')[0]
+            flash(f'Article added. Title: {title}')
+    return render_template("admin_manage_article.html", **context)
+
+
+@adminService.route("/admin/user", methods=["GET", "POST"])
+def user():
+    is_admin = check_is_admin()
+    if is_admin != "pass":
+        return is_admin
+    
+    context = {
+        "user_list": get_users(),
+        "username": session.get("username"),
+    }
+    if request.method == "POST":
+        data = request.form
+        username = data.get("username","")
+        new_password = data.get("new_password", "")
+        expiry_time = data.get("expiry_time", "")
+        if username:
+            if new_password:
+                update_password_by_username(username, new_password)
+                flash(f'Password updated to {new_password}')
+            if expiry_time:
+                update_expiry_time_by_username(username, "".join(expiry_time.split("-")))
+                flash(f'Expiry date updated to {expiry_time}.')
+    return render_template("admin_manage_user.html", **context)
+
+
+@adminService.route("/admin/expiry", methods=["GET"])
+def user_expiry_time():
+    is_admin = check_is_admin()
+    if is_admin != "pass":
+        return is_admin
+
+    username = request.args.get("username", "")
+    if not username:
+        return "Username can't be empty."
+
+    user = get_user_by_username(username)
+    if not user:
+        return "User does not exist."
+
+    return user.expiry_date
diff --git a/app/main.py b/app/main.py
index e311bb0..4e3f829 100644
--- a/app/main.py
+++ b/app/main.py
@@ -5,24 +5,24 @@
 # Copyright 2019 (C) Hui Lan <hui.lan@cantab.net>
 # Written permission must be obtained from the author for commercial uses.
 ###########################################################################
-
 from flask import escape
 from Login import *
 from Article import *
 import Yaml
 from user_service import userService
 from account_service import accountService
+from admin_service import adminService, ADMIN_NAME
 app = Flask(__name__)
 app.secret_key = 'lunch.time!'
 
 # 将蓝图注册到Lab app
 app.register_blueprint(userService)
 app.register_blueprint(accountService)
+app.register_blueprint(adminService)
 
 path_prefix = '/var/www/wordfreq/wordfreq/'
 path_prefix = './'  # comment this line in deployment
 
-
 def get_random_image(path):
     '''
     返回随机图
@@ -39,8 +39,7 @@ def get_random_ads():
     返回随机广告
     :return: 一个广告(包含HTML标签)
     '''
-    ads = random.choice(['个性化分析精准提升', '你的专有单词本', '智能捕捉阅读弱点，针对性提高你的阅读水平'])
-    return ads + '。 <a href="/signup">试试</a>吧！'
+    return random.choice(['个性化分析精准提升', '你的专有单词本', '智能捕捉阅读弱点，针对性提高你的阅读水平'])
 
 
 def appears_in_test(word, d):
@@ -98,9 +97,13 @@ def mainpage():
         d = load_freq_history(path_prefix + 'static/frequency/frequency.p')
         d_len = len(d)
         lst = sort_in_descending_order(pickle_idea.dict2lst(d))
-        return render_template('mainpage_get.html', random_ads=random_ads, number_of_essays=number_of_essays,
-                               d_len=d_len, lst=lst, yml=Yaml.yml)
-
+        return render_template('mainpage_get.html', 
+                               admin_name=ADMIN_NAME,
+                               random_ads=random_ads,
+                               d_len=d_len,
+                               lst=lst,
+                               yml=Yaml.yml,
+                               number_of_essays=number_of_essays)
 
 
 if __name__ == '__main__':
diff --git a/app/model/__init__.py b/app/model/__init__.py
new file mode 100644
index 0000000..9526313
--- /dev/null
+++ b/app/model/__init__.py
@@ -0,0 +1,30 @@
+from pony.orm import *
+
+db = Database()
+db.bind("sqlite", "../static/wordfreqapp.db", create_db=True)  # bind sqlite file
+
+
+class User(db.Entity):
+    _table_ = "user"  # table name
+    name = PrimaryKey(str)
+    password = Optional(str)
+    start_date = Optional(str)
+    expiry_date = Optional(str)
+
+
+class Article(db.Entity):
+    _table_ = "article"  # table name
+    article_id = PrimaryKey(int, auto=True)
+    text = Optional(str)
+    source = Optional(str)
+    date = Optional(str)
+    level = Optional(str)
+    question = Optional(str)
+
+
+db.generate_mapping(create_tables=True)  # must mapping after class declaration
+
+
+if __name__ == "__main__":
+    with db_session:
+        print(Article[2].text)  # test get article which id=2 text content
diff --git a/app/model/article.py b/app/model/article.py
new file mode 100644
index 0000000..a3b4bf7
--- /dev/null
+++ b/app/model/article.py
@@ -0,0 +1,34 @@
+from model import *
+from datetime import datetime
+
+def add_article(content, source="manual_input", level="5", question="No question"):
+    with db_session:
+        # add one article to sqlite
+        Article(
+            text=content,
+            source=source,
+            date=datetime.now().strftime("%-d %b %Y"),  # format style of `5 Oct 2022`
+            level=level,
+            question=question,
+        )
+
+
+def delete_article_by_id(article_id):
+    article_id &= 0xFFFFFFFF  # max 32 bits
+    with db_session:
+        article = Article.select(article_id=article_id)
+        if article:
+            article.first().delete()
+
+
+def get_number_of_articles():
+    with db_session:
+        return len(Article.select()[:])
+
+
+def get_page_articles(num, size):
+    with db_session:
+        return [
+            x
+            for x in Article.select().order_by(desc(Article.article_id)).page(num, size)
+        ]
diff --git a/app/model/user.py b/app/model/user.py
new file mode 100644
index 0000000..d684332
--- /dev/null
+++ b/app/model/user.py
@@ -0,0 +1,30 @@
+from model import *
+from Login import md5
+from pony import orm
+
+def get_users():
+    with db_session:
+        return User.select().order_by(User.name)[:]
+
+def get_user_by_username(username):
+    with db_session:
+        user = User.select(name=username)
+        if user:
+            return user.first()
+
+def insert_user(username, password, start_date, expiry_date):
+    with db_session:
+        user = User(name=username, password=password, start_date=start_date, expiry_date=expiry_date)
+        orm.commit()
+
+def update_password_by_username(username, password="123456"):
+    with db_session:
+        user = User.select(name=username)
+        if user:
+            user.first().password = md5(username + password)
+
+def update_expiry_time_by_username(username, expiry_time="20230323"):
+    with db_session:
+        user = User.select(name=username)
+        if user:
+            user.first().expiry_date = expiry_time
diff --git a/app/pickle_idea2.py b/app/pickle_idea2.py
index 4055fc4..0da55bc 100644
--- a/app/pickle_idea2.py
+++ b/app/pickle_idea2.py
@@ -68,7 +68,7 @@ def save_frequency_to_pickle(d, pickle_fname):
     d2 = {}
     for k in d:
         if not k in exclusion_lst and not k.isnumeric() and not len(k) < 2:
-            d2[k] = list(sorted(set(d[k])))
+            d2[k] = list(sorted(d[k])) # 原先这里是d2[k] = list(sorted(set(d[k])))
     pickle.dump(d2, f)
     f.close()
 
diff --git a/app/static/config.yml b/app/static/config.yml
index 20aa396..e6f7ef1 100644
--- a/app/static/config.yml
+++ b/app/static/config.yml
@@ -1,16 +1,16 @@
 # 全局引入的css文件地址
 css:
   item:
-    - static/css/bootstrap.css
+    - ../static/css/bootstrap.css
 
 # 全局引入的js文件地址
 js:
   head: # 在页面加载之前加载
-    - static/js/jquery.js
-    - static/js/word_operation.js
+    - ../static/js/jquery.js
+    - ../static/js/word_operation.js
   bottom: # 在页面加载完之后加载
-    - static/js/fillword.js
-    - static/js/highlight.js
+    - ../static/js/fillword.js
+    - ../static/js/highlight.js
 
 # 高亮样式，目前仅支持修改颜色
 highlight:
diff --git a/app/static/js/highlight.js b/app/static/js/highlight.js
index 5ec9663..0cea31a 100644
--- a/app/static/js/highlight.js
+++ b/app/static/js/highlight.js
@@ -38,8 +38,18 @@ function highLight() {
         list[i] = list[i].replace('|', "");
         list[i] = list[i].replace('?', "");
         if (list[i] !== "" && "<mark>".indexOf(list[i]) === -1 && "</mark>".indexOf(list[i]) === -1) {
-	    //将文章中所有出现该单词word的地方改为：" <mark>" + word + "<mark> "。 正则表达式RegExp()中，"\\s"代表单词前后必须要有空格，以防止只对单词中的部分字符高亮的情况出现。
-            articleContent = articleContent.replace(new RegExp("\\s"+list[i]+"\\s", "g"), " <mark>" + list[i] + "</mark> ");
+           //将文章中所有出现该单词word的地方改为："<mark>" + word + "<mark>"。 正则表达式RegExp()中，"\\b"代表单词边界匹配。
+
+            //修改代码
+            let articleContent_fb = articleContent;  //文章副本
+            while(articleContent_fb.toLowerCase().indexOf(list[i].toLowerCase()) !== -1 && list[i]!=""){
+                //找到副本中和list[i]匹配的第一个单词(第一种匹配情况),并赋值给list[i]。
+                const index = articleContent_fb.toLowerCase().indexOf(list[i].toLowerCase());
+                list[i] = articleContent_fb.substring(index, index + list[i].length);
+
+                articleContent_fb = articleContent_fb.substring(index + list[i].length);    // 使用副本中list[i]之后的子串替换掉副本
+                articleContent = articleContent.replace(new RegExp("\\b"+list[i]+"\\b","g"),"<mark>" + list[i] + "</mark>");
+            }
         }
     }
     document.getElementById("article").innerHTML = articleContent;
diff --git a/app/templates/admin_index.html b/app/templates/admin_index.html
new file mode 100644
index 0000000..f62a137
--- /dev/null
+++ b/app/templates/admin_index.html
@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport"
+        content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes" />
+    <meta name="format-detection" content="telephone=no" />
+    {{ yml['header'] | safe }}
+    {% if yml['css']['item'] %}
+    {% for css in yml['css']['item'] %}
+    <link href="{{ css }}" rel="stylesheet">
+    {% endfor %}
+    {% endif %}
+    {% if yml['js']['head'] %}
+    {% for js in yml['js']['head'] %}
+    <script src="{{ js }}"></script>
+    {% endfor %}
+    {% endif %}
+
+</head>
+
+<body class="container" style="width: 800px; margin: auto; margin-top:24px;">
+    <nav class="navbar navbar-expand-lg bg-light">
+        <div class="container-fluid">
+            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav"
+                aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
+                <span class="navbar-toggler-icon"></span>
+            </button>
+            <div class="collapse navbar-collapse" id="navbarNav">
+                <ul class="navbar-nav">
+                    <li class="nav-item">
+                        <a class="nav-link" href="/{{ username }}/userpage">返回 {{ username }}</a>
+                    </li>
+                </ul>
+            </div>
+        </div>
+    </nav>
+
+    <div class="card" style="margin-top:24px;">
+        <div class="card-header">
+            请选择您需要的操作
+        </div>
+        <ul class="list-group list-group-flush">
+            <li class="list-group-item">
+                <div class="d-grid gap-2">
+                    <a href="/admin/article" class="btn btn-outline-primary" type="button">管理文章</a>
+                    <a href="/admin/user" class="btn btn-outline-primary" type="button">管理用户</a>
+                </div>
+            </li>
+        </ul>
+    </div>
+</body>
+
+</html>
diff --git a/app/templates/admin_manage_article.html b/app/templates/admin_manage_article.html
new file mode 100644
index 0000000..272b54e
--- /dev/null
+++ b/app/templates/admin_manage_article.html
@@ -0,0 +1,103 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport"
+        content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes" />
+    <meta name="format-detection" content="telephone=no" />
+    <link href="../static/css/bootstrap.css" rel="stylesheet">
+</head>
+
+<body class="container" style="width: 800px; margin: auto; margin-top:24px;">
+    <nav class="navbar navbar-expand-lg bg-light">
+        <div class="container-fluid">
+            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav"
+                aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
+                <span class="navbar-toggler-icon"></span>
+            </button>
+            <div class="collapse navbar-collapse" id="navbarNav">
+                <ul class="navbar-nav">
+                    <li class="nav-item">
+                        <a class="nav-link" href="/admin">前一页</a>
+                    </li>
+                </ul>
+            </div>
+        </div>
+    </nav>
+
+    {% for message in get_flashed_messages() %}
+      <div class="alert alert-success" role="alert">
+        {{ message }}
+      </div>
+    {% endfor %}
+
+    <div class="card" style="margin-top:24px;">
+        {% if tips %}
+        <div class="alert alert-success" role="alert">
+            {{ tips }}
+        </div>
+        {% endif %}
+        <div class="card-content">
+            <h5 style="margin-top: 10px;padding-left: 10px;">录入文章</h5>
+            <form action="" method="post" class="container mb-3">
+                <div class="mb-3">
+                    <label class="form-label">文章内容</label>
+                    <textarea id="content" name="content" class="form-control" rows="8" placeholder="首行是标题，后面是正文。"></textarea>
+                    <label class="form-label">文章来源</label>
+                    <textarea id="source" name="source" class="form-control" placeholder="推荐格式：Source: HTTP 链接。"></textarea>
+                    <label class="form-label">文章等级</label>
+                    <select id="level" class="form-select" name="level">
+                        <option value="1">1</option>
+                        <option value="2">2</option>
+                        <option value="3">3</option>
+                        <option selected value="4">4</option>
+                    </select>
+                    <label class="form-label">文章问题</label>
+                    <textarea id="question" name="question" class="form-control" rows="6" placeholder="格式：&#x0a; QUESTION&#x0a; What?&#x0a;&#x0a; ANSWER&#x0a; Apple. "></textarea>
+                </div>
+                <input type="submit" value="保存" class="btn btn-outline-primary">
+            </form>
+        </div>
+    </div>
+
+    <div class="card" style="margin-top:24px;">
+        <h5 style="margin-top: 10px;padding-left: 10px;">文章列表</h5>
+        <div class="list-group">
+            {% for text in text_list %}
+            <div class="list-group-item list-group-item-action" aria-current="true">
+                <div>
+                    <a type="button" href="/admin/article?delete_id={{text.article_id}}" class="btn btn-outline-danger btn-sm">删除</a>
+                </div>
+                <div class="d-flex w-100 justify-content-between">
+                    <h5 class="mb-1">{{ text.title }}</h5>
+                </div>
+                <div><small>{{ text.source }}</small></div>
+                <div class="d-flex w-100 justify-content-between">
+                    <small>Level: {{text.level }}</small>
+                    <small>Date: {{ text.date }}</small>
+                </div>
+                {{ text.content | safe }}
+            </div>
+            {% endfor %}
+        </div>
+    </div>
+    <div style="margin:20px 0;">
+        <ul class="pagination pagination-sm justify-content-center">
+            <li class="page-item"><a class="page-link" href="/admin/article?page={{ cur_page - 1 }}&size={{ page_size }}">Previous</a>
+            </li>
+            {% for i in range(1, article_number // page_size + (article_number % page_size > 0) + 1) %}
+            {% if cur_page == i %}
+            <li class="page-item active"><a class="page-link" href="/admin/article?page={{ i }}&size={{ page_size }}">{{ i }}</a>
+            </li>
+            {% else %}
+            <li class="page-item"><a class="page-link" href="/admin/article?page={{ i }}&size={{ page_size }}">{{ i }}</a></li>
+            {% endif %}
+            {% endfor %}
+            <li class="page-item"><a class="page-link" href="/admin/article?page={{ cur_page + 1 }}&size={{ page_size }}">Next</a>
+            </li>
+        </ul>
+    </div>
+</body>
+
+</html>
diff --git a/app/templates/admin_manage_user.html b/app/templates/admin_manage_user.html
new file mode 100644
index 0000000..cee4667
--- /dev/null
+++ b/app/templates/admin_manage_user.html
@@ -0,0 +1,99 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport"
+        content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes" />
+    <meta name="format-detection" content="telephone=no" />
+    <link href="../static/css/bootstrap.css" rel="stylesheet">
+    <script src="../static/js/jquery.js"></script>
+</head>
+
+<body class="container" style="width: 800px; margin: auto; margin-top:24px;">
+    <nav class="navbar navbar-expand-lg bg-light">
+        <div class="container-fluid">
+            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav"
+                aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
+                <span class="navbar-toggler-icon"></span>
+            </button>
+            <div class="collapse navbar-collapse" id="navbarNav">
+                <ul class="navbar-nav">
+                    <li class="nav-item">
+                        <a class="nav-link" href="/admin">前一页</a>
+                    </li>
+                </ul>
+            </div>
+        </div>
+    </nav>
+
+    {% for message in get_flashed_messages() %}
+      <div class="alert alert-success" role="alert">
+        {{ message }}
+      </div>
+    {% endfor %}
+
+    <div class="card" style="margin-top:24px;">
+        <h5 style="margin-top: 10px;padding-left: 10px;">重置选中用户的信息</h5>
+        <form id="user_form" action="" method="post" class="container mb-3">
+            <div>
+                <label class="form-label" style="padding-top: 10px;">用户</label>
+                <select onchange="loadUserExpiryDate()" id="username" name="username" class="form-select" aria-label="Default select example">
+                    <option selected>选择用户</option>
+                    {% for user in user_list %}
+                    <option value="{{ user.name }}">{{ user.name }}</option>
+                    {% endfor %}
+                </select>
+
+                <label class="form-label" style="padding-top: 10px;">修改密码</label>
+                <div>
+                    <button type="button" id="reset_pwd_btn" class="btn btn-outline-success">获取12位随机密码</button>
+                    <input style="margin-left: 20px;border: 0; font-size: 20px;" name="new_password"
+                        id="new_password"></input>
+                </div>
+
+                <label class="form-label" style="padding-top: 10px;">过期时间</label>
+                <div>
+                    <input type="date" id="expiry_date" name="expiry_time" placeholder="YYYY-MM-DD" pattern="yyyyMMdd">
+                </div>
+
+            </div>
+
+            <button style="margin-top: 50px;" type="submit" class="btn btn-primary">更新用户信息</button>
+        </form>
+    </div>
+</body>
+
+
+<script>
+    // 密码生成器
+    function generatePassword(length) {
+        const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^*()_+~`|}{[]\:;?,./-=";
+        let password = "";
+        for (let i = 0; i < length; i++) {
+            password += charset.charAt(Math.floor(Math.random() * charset.length));
+        }
+        return password;
+    }
+    document.getElementById("reset_pwd_btn").addEventListener("click", () => {
+        // 生成12位随机密码
+        let pwd = generatePassword(12)
+        document.getElementById("new_password").value = pwd
+    })
+    // 选择用户后更新其过期时间
+    function loadUserExpiryDate() {
+        const cur_user = $('#username').val();
+        $.ajax({
+            type: "GET",
+            url: `/admin/expiry?username=${cur_user}`,
+            success: function(resp) {
+                const year = resp.substr(0,4);
+                const month = resp.substr(4,2);
+                const day = resp.substr(6,2);
+                document.getElementById("expiry_date").value = year + '-' + month + '-' + day
+            }
+        })
+    }
+</script>
+
+</html>
diff --git a/app/templates/login.html b/app/templates/login.html
index a347e22..2507f75 100644
--- a/app/templates/login.html
+++ b/app/templates/login.html
@@ -1,28 +1,47 @@
 {% block body %}
 {% if session['logged_in'] %}
 
-You're logged in already!
+你已登录 <a href="/{{ session['username'] }}">{{ session['username'] }}</a>。 登出点击<a href="/logout">这里</a>。
 
 {% else %}
 <meta charset="utf-8" name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes" />
 <link rel="stylesheet" href="static/css/login_service.css">
-
+<script src="static/js/jquery.js"></script>
+<script>
+    function login(){
+        let username = $("#username").val();
+        let password = $("#password").val();
+        if (username === "" || password === ""){
+            alert('输入不能为空!');
+            return false;
+        }
+        $.post(
+            "/login", {'username': username, 'password': password},
+            function (response) {
+                if (response.status === '0') {
+                    alert('无法通过验证。');
+                    window.location.href = "/login";
+                } else if (response.status === '1') {
+                    window.location.href = "/"+username+"/userpage";
+                }
+            }
+        )
+        return false;
+    }
+</script>
 <div class="container">
 
   <section class="signin-heading">
     <h1>Sign In</h1>
   </section>
 
-  <form action="/login" method="POST">
-    <input type="text" placeholder="用户名" class="username" name="username" required>
-    <input type="password" placeholder="密码" class="password"  name="password" required>
-    <button type="submit" class="btn">登录</button>
-  </form>
+  <input type="text" placeholder="用户名" class="username" id="username">
+  <input type="password" placeholder="密码" class="password"  id="password">
+  <button type="button" class="btn" onclick="login()">登录</button>
+  <a class="signup" href="/signup">注册</a>
 
 </div>
 
-<a href="/signup" class="signup">注册</a>
-
 {% endif %}
 {% endblock %}
 
diff --git a/app/templates/mainpage_get.html b/app/templates/mainpage_get.html
index cbb51a6..344943d 100644
--- a/app/templates/mainpage_get.html
+++ b/app/templates/mainpage_get.html
@@ -23,12 +23,15 @@
     <div class="container-fluid">
         <p><b><font size="+3" color="red">English Pal - Learn English smartly!</font></b></p>
         {% if session['logged_in'] %}
-            <a href="/{{session['username']}}">{{session['username']}}</a></p>
+            <a href="/{{ session['username'] }}/userpage">{{ session['username'] }}</a>
+            {% if session['username'] == admin_name %}
+            <a href="/admin">管理</a></p>
+            {% endif %}
         {% else %}
             <p><a href="/login">登录</a>  <a href="/signup">注册</a> <a href="/static/usr/instructions.html">使用说明</a></p >
-            <p><b>{{random_ads|safe}}</b></p>
+            <p><b> {{ random_ads }}。 <a href="/signup">试试</a>吧！</b></p>
         {% endif %}
-        <div class="alert alert-success" role="alert">共有文章 <span class="badge bg-success"> {{number_of_essays}} </span> 篇</div>
+        <div class="alert alert-success" role="alert">共有文章 <span class="badge bg-success"> {{ number_of_essays }} </span> 篇</div>
         <p>粘贴1篇文章 (English only)</p>
         <form method="post" action="/">
             <textarea name="content" rows="10" cols="120"></textarea><br/>
diff --git a/app/templates/reset.html b/app/templates/reset.html
index 902d046..3425c97 100644
--- a/app/templates/reset.html
+++ b/app/templates/reset.html
@@ -2,6 +2,38 @@
     <meta charset="utf-8" name="viewport"
           content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes"/>
     <link rel="stylesheet" href="static/css/login_service.css">
+    <script src="static/js/jquery.js"></script>
+    <script>
+        function reset() {
+            let old_password = $("#old-password").val();
+            let new_password = $("#new-password").val();
+            let re_new_password = $("#re-new-password").val();
+            if (old_password === "" || new_password === "" || re_new_password === ""){
+                alert('输入不能为空!');
+                return false;
+            }
+            if (new_password !== re_new_password) {
+                alert('新密码不匹配，请重新输入');
+                return false;
+            }
+            if (new_password.length < 4) {
+                alert('密码过于简单。(密码长度至少4位)');
+                return false;
+            }
+            $.post("/reset", {'old-password': old_password, 'new-password': new_password},
+                function (response) {
+                    if (response.status === '1') {
+                        alert('密码修改成功，请重新登录。');
+                        window.location.href = "/login";
+                    } else if (response.status === '2') {
+                        alert('密码修改失败');
+                        window.location.href = "/reset";
+                    }
+                }
+            )
+            return false;
+        }
+    </script>
 
     <div class="container">
 
@@ -9,14 +41,11 @@
             <h1>Reset Password</h1>
         </section>
 
-        <form action="/reset" method="POST">
-            <input type="password" placeholder="原密码" class="old-password" name="old-password" required>
-            <input type="password" placeholder="新密码" class="new-password" name="new-password" required>
-            <input type="password" placeholder="确认新密码" class="re-new-password" name="re-new-password" required>
-            <input type="submit" name="submit" class="btn" value="提交"/>
-            <input type="button" name="submit" class="btn" value="放弃修改"
-                   onclick="window.location.href='/{{ username }}'"/>
-        </form>
+        <input type="password" placeholder="原密码" class="old-password" name="old-password" id="old-password"/>
+        <input type="password" placeholder="新密码" class="new-password" name="new-password" id="new-password"/>
+        <input type="password" placeholder="确认新密码" class="re-new-password" name="re-new-password" id="re-new-password"/>
+        <button id="submit" class="btn" onclick="reset()">提交</button>
+        <button class="btn" onclick="window.location.href='/{{ username }}/userpage'">放弃修改</button>
 
     </div>
 {% endblock %}
\ No newline at end of file
diff --git a/app/templates/signup.html b/app/templates/signup.html
index 1fd05f0..9030d41 100644
--- a/app/templates/signup.html
+++ b/app/templates/signup.html
@@ -6,6 +6,47 @@ You're logged in already! <a href="/logout">Logout</a>.
 {% else %}
 <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes" />
 <link rel="stylesheet" href="static/css/login_service.css">
+<script src="static/js/jquery.js"></script>
+    <script>
+        function signup() {
+            let username = $("#username").val();
+            let password = $("#password").val();
+            let password2 = $("#password2").val();
+            if (username === "" || password === "" || password2 === ""){
+                alert('输入不能为空!');
+                return false;
+            }
+            if (password !== password2) {
+                alert('确认密码与输入密码不一致！');
+                return false;
+            }
+            if (password.length < 4) {
+                alert('密码过于简单。(密码长度至少4位)');
+                return false;
+            }
+            $.post("/signup", {'username': username, 'password': password},
+                function (response) {
+                    if (response.status === '0') {
+                        alert('用户名'+username+'已经被注册。');
+                        window.location.href = "/signup";
+                    } else if (response.status === '1') {
+                        alert('用户名密码验证失败。');
+                        window.location.href = "/signup";
+                    } else if (response.status === '2') {
+                        let f = confirm("恭喜，你已成功注册，你的用户名是"+username+'.\n点击“确认”开始使用，或点击“取消”返回首页');
+                        if (f) {
+                            window.location.href = '/'+username+'/userpage';
+                        } else {
+                            window.location.href = '/';
+                        }
+                    } else if (response.status === '3') {
+                        alert(response.warn);
+                    }
+                }
+            )
+            return false;
+        }
+    </script>
 <p>{{ get_flashed_messages()[0] | safe }}</p>
 
 
@@ -15,12 +56,10 @@ You're logged in already! <a href="/logout">Logout</a>.
     <h1>Sign Up</h1>
   </section>
 
-  <form action="/signup" method="POST">
-    <p><input type="username" name="username" placeholder="输入用户名" required="required" class="username"></p>
-    <p><input type="password" name="password" placeholder="输入密码" required="required" class="password"></p>
-    <p><input type="password" name="password2" placeholder="确认密码" required="required" class="password" ></p>
-    <button type="submit" class="btn">注册</button>
-  </form>
+  <p><input type="username" id="username" placeholder="输入用户名" class="username"></p>
+  <p><input type="password" id="password" placeholder="输入密码" class="password"></p>
+  <p><input type="password" id="password2" placeholder="确认密码" class="password" ></p>
+  <button type="button" class="btn" onclick="signup()">注册</button>
 
 </div>
   
diff --git a/app/templates/userpage_get.html b/app/templates/userpage_get.html
index dc0d497..ae11a1c 100644
--- a/app/templates/userpage_get.html
+++ b/app/templates/userpage_get.html
@@ -37,20 +37,57 @@
 <body>
 <div class="container-fluid">
     <p><b>English Pal for <font id="username" color="red">{{ username }}</font></b>
-        <a class="btn btn-secondary" href="/logout" role="button">退出</a>
-        <a class="btn btn-secondary" href="/reset" role="button">重设密码</a>
-    </p>
-    {{ flashed_messages|safe }}
 
-    <a class="btn btn-success" href="/{{ username }}/reset" role="button"> 下一篇 Next Article </a>    
-    {% if session.get('articleID') != session.get('old_articleID') %}
-        {% if session.get('old_articleID') != None %}
-            <a class="btn btn-success" href="/{{ username }}/back" role="button"> 上一篇 Previous Article </a>
-        {% endif%}
+        {% if username ==  admin_name %}
+        <a class="btn btn-secondary" href="/admin" role="button" onclick="stopRead()">管理</a>
+        {% endif %}
+        <a id="quit" class="btn btn-secondary" href="/logout" role="button" onclick="stopRead()">退出</a>
+        <a class="btn btn-secondary" href="/reset" role="button" onclick="stopRead()">重设密码</a>
+
+    </p>
+{#    {% for message in flashed_messages %}#} {# 根据user_service.userpage,取消了参数flashed_messages，因此注释了这段代码 #}
+{#        <div class="alert alert-warning" role="alert">Congratulations! {{ message }}</div>#}
+{#    {% endfor %}#}
+
+    {% if result_of_generate_article != "had read all articles" %}
+        <a id="next_btn" class="btn btn-success" href="/{{ username }}/reset" role="button"> 下一篇 Next Article </a>
+    {% endif %}
+    {% if session.get('visited_articles') and session.get('visited_articles')['index']>0 %}
+        <a id="pre_btn" class="btn btn-success" href="/{{ username }}/back" role="button"> 上一篇 Previous Article </a>
     {% endif %}
 
     <p><b>阅读文章并回答问题</b></p>
-    <div id="text-content">{{ today_article|safe }}</div>
+    <div id="text-content">
+        {% if result_of_generate_article == 'found' %}
+            <div class="alert alert-success" role="alert">According to your word list, your level is <span class="badge bg-success">{{ today_article["user_level"] }}</span>  and we have chosen an article with a difficulty level of <span class="badge bg-success">{{ today_article["text_level"] }}</span> for you.</div>
+                <p class="text-muted">Article added on: {{ today_article["date"] }}</p><br/>
+            <div class="p-3 mb-2 bg-light text-dark"><br/>
+            <p class="display-5">{{ today_article["article_title"] }}</p><br/>
+            <p class="lead"><font id="article" size=2>{{ today_article["article_body"] }}</font></p><br/>
+            <p><small class="text-muted">{{ today_article['source'] }}</small></p><br/>
+            <p><b>{{ today_article['question'] }}</b></p><br/>
+                <script type="text/javascript">
+                    function toggle_visibility(id) { {# https://css-tricks.com/snippets/javascript/showhide-element/#}
+                        const e = document.getElementById(id);
+                        if(e.style.display === 'block')
+                            e.style.display = 'none';
+                        else
+                            e.style.display = 'block';
+                    }
+                </script>
+                <button onclick="toggle_visibility('answer');">ANSWER</button>
+                <div id="answer" style="display:none;">{{ today_article['answer'] }}</div><br/>
+            </div>
+        {% elif result_of_generate_article == "not found" %}
+            <div class="alert alert-success" role="alert">
+                <p class="text-muted"><span class="badge bg-success">Notes:</span><br>No article is currently available for you. You can try again a few times or mark new words in the passage to improve your level.</p>
+            </div>
+        {% elif result_of_generate_article == "had read all articles" %}
+            <div class="alert alert-success" role="alert">
+                <p class="text-muted"><span class="badge bg-success">Notes:</span><br>You've read all the articles.</p>
+            </div>
+        {% endif %}
+    </div>
 
     <input type="checkbox" onclick="toggleHighlighting()" checked/>生词高亮
     <input type="checkbox" onclick="onReadClick()" checked/>大声朗读
@@ -60,11 +97,11 @@
             <div class="sliderValue">
                 <span id="rangeValue">1×</span>
             </div>
-        <input type="range" id="rangeComponent" min="0.5" max="2" value="1" step="0.25" "/>
+            <input type="range" id="rangeComponent" min="0.5" max="2" value="1" step="0.25"/>
         </div>
-    </div>    
+    </div>
     <p><b>收集生词吧</b> （可以在正文中划词，也可以复制黏贴）</p>
-    <form method="post" action="/{{ username }}">
+    <form method="post" action="/{{ username }}/userpage">
         <textarea name="content" id="selected-words" rows="10" cols="120"></textarea><br/>
         <input type="submit" value="把生词加入我的生词库"/>
         <input type="reset" value="清除"/>
@@ -117,9 +154,9 @@
 </body>
 <style>
     mark {
-    color: #{{ yml['highlight']['color'] }};
-    background-color: rgba(0,0,0,0);
-}
+        color: #{{ yml['highlight']['color'] }};
+        background-color: rgba(0, 0, 0, 0);
+    }
 </style>
 
 </html>
diff --git a/app/user_service.py b/app/user_service.py
index 2d10404..6a6bd97 100644
--- a/app/user_service.py
+++ b/app/user_service.py
@@ -1,5 +1,5 @@
 from datetime import datetime
-
+from admin_service import ADMIN_NAME
 from flask import *
 
 # from app import Yaml
@@ -29,9 +29,13 @@ def user_reset(username):
     :param username: 用户名
     :return: 返回页面内容
     '''
-    session['old_articleID'] = session.get('articleID')
     if request.method == 'GET':
-        session['articleID'] = None
+        visited_articles = session.get("visited_articles")
+        if visited_articles['article_ids'][-1] == "null":  # 如果当前还是“null”，则将“null”pop出来,无需index+=1
+            visited_articles['article_ids'].pop()
+        else:  # 当前不为“null”，直接 index+=1
+            visited_articles["index"] += 1
+        session["visited_articles"] = visited_articles
         return redirect(url_for('user_bp.userpage', username=username))
     else:
         return 'Under construction'
@@ -44,7 +48,11 @@ def user_back(username):
     :return: 返回页面内容
     '''
     if request.method == 'GET':
-        session['articleID'] = session.get('old_articleID')
+        visited_articles = session.get("visited_articles")
+        visited_articles["index"] -= 1  # 上一篇，index-=1
+        if visited_articles['article_ids'][-1] == "null":  # 如果当前还是“null”，则将“null”pop出来
+            visited_articles['article_ids'].pop()
+        session["visited_articles"] = visited_articles
         return redirect(url_for('user_bp.userpage', username=username))
 
 
@@ -89,11 +97,12 @@ def deleteword(username, word):
     '''
     user_freq_record = path_prefix + 'static/frequency/' + 'frequency_%s.pickle' % (username)
     pickle_idea2.deleteRecord(user_freq_record, word)
-    flash(f'<strong>{word}</strong> is no longer in your word list.')
+    # 模板userpage_get.html中删除单词是异步执行，而flash的信息后续是同步执行的，所以注释这段代码；同时如果这里使用flash但不提取信息，则会影响 signup.html的显示。bug复现：删除单词后，点击退出，点击注册，注册页面就会出现提示信息
+    # flash(f'{word} is no longer in your word list.')
     return "success"
 
 
-@userService.route("/<username>", methods=['GET', 'POST'])
+@userService.route("/<username>/userpage", methods=['GET', 'POST'])
 def userpage(username):
     '''
     用户界面
@@ -130,11 +139,16 @@ def userpage(username):
         words = ''
         for x in lst3:
             words += x[0] + ' '
+        visited_articles, today_article, result_of_generate_article = get_today_article(user_freq_record, session.get('visited_articles'))
+        session['visited_articles'] = visited_articles
+        # 通过 today_article，加载前端的显示页面
         return render_template('userpage_get.html',
+                               admin_name=ADMIN_NAME,
                                username=username,
                                session=session,
-                               flashed_messages=get_flashed_messages_if_any(),
-                               today_article=get_today_article(user_freq_record, session['articleID']),
+                               # flashed_messages=get_flashed_messages(), 仅有删除单词的时候使用到flash，而删除单词是异步执行，这里的信息提示是同步执行，所以就没有存在的必要了
+                               today_article=today_article,
+                               result_of_generate_article=result_of_generate_article,
                                d_len=len(d),
                                lst3=lst3,
                                yml=Yaml.yml,
@@ -173,15 +187,3 @@ def get_time():
     '''
     return datetime.now().strftime('%Y%m%d%H%M')  # upper to minutes
 
-def get_flashed_messages_if_any():
-    '''
-    在用户界面显示黄色提示信息
-    :return: 包含HTML标签的提示信息
-    '''
-    messages = get_flashed_messages()
-    s = ''
-    for message in messages:
-        s += '<div class="alert alert-warning" role="alert">'
-        s += f'Congratulations! {message}'
-        s += '</div>'
-    return s
diff --git a/app/wordfreqCMD.py b/app/wordfreqCMD.py
index c4f8a63..e56ba0c 100644
--- a/app/wordfreqCMD.py
+++ b/app/wordfreqCMD.py
@@ -70,7 +70,7 @@ def sort_in_ascending_order(lst):# 单词按频率降序排列
     return lst2
 
 
-def make_html_page(lst, fname):
+def make_html_page(lst, fname):  # 只是在wordfreqCMD.py中的main函数中调用，所以不做修改
     '''
     功能：把lst的信息存到fname中，以html格式。
     '''
diff --git a/build.sh b/build.sh
index 4348b2f..e313fce 100755
--- a/build.sh
+++ b/build.sh
@@ -3,6 +3,10 @@
 DEPLOYMENT_DIR=/home/lanhui/englishpal2/EnglishPal
 cd $DEPLOYMENT_DIR
 
+# Install dependencies
+
+pip3 install -r requirements.txt
+
 # Stop service
 sudo docker stop EnglishPal
 sudo docker rm EnglishPal
diff --git a/requirements.txt b/requirements.txt
index 2746a3b..e2d1e1f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,3 +1,4 @@
 Flask==1.1.2
 selenium==3.141.0
 PyYAML~=6.0
+pony==0.7.16