增加权限处理

2025-02-20 19:46:39 +08:00 · 2025-02-20 19:46:39 +08:00 · 74a8c2d512
parent 4f4b3cd9c0
commit 74a8c2d512
1 changed files with 4 additions and 0 deletions
--- a/app/middleware/JwtAuthMiddleware.php
+++ b/app/middleware/JwtAuthMiddleware.php
@ -33,6 +33,7 @@ class JwtAuthMiddleware implements MiddlewareInterface
        if($controller->name=='hg\apidoc\Controller'){
            return $handler($request);
        }
+        // var_dump($controller->name);
        $noNeedLogin = $controller->getDefaultProperties()['noNeedLogin'] ?? [];
        if (in_array($request->action, $noNeedLogin)) {
            // 不需要登录的方法继续向洋葱芯穿越
@ -65,6 +66,9 @@ class JwtAuthMiddleware implements MiddlewareInterface
            // 解码 token，返回用户信息
            $decoded = JwtToken::getExtend($token);
            if(!empty($decoded['user_type'])&&$decoded['user_type']=='user'){
+                if (false !== strstr($controller->name, 'admin')) {
+                    return response('',401,['error' => '无权限']);
+                  } 
                $user=User::find($decoded['id']);
                if($user->status==0){
                    return response('',401,['error' => '用户封禁']);