From 74a8c2d512857564e327df10d70c63c37e58b522 Mon Sep 17 00:00:00 2001
From: lingling <1077478963@qq.com>
Date: Thu, 20 Feb 2025 19:46:39 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E6=9D=83=E9=99=90=E5=A4=84?=
 =?UTF-8?q?=E7=90=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/middleware/JwtAuthMiddleware.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/middleware/JwtAuthMiddleware.php b/app/middleware/JwtAuthMiddleware.php
index 1553ed6..6d3fca5 100644
--- a/app/middleware/JwtAuthMiddleware.php
+++ b/app/middleware/JwtAuthMiddleware.php
@@ -33,6 +33,7 @@ class JwtAuthMiddleware implements MiddlewareInterface
         if($controller->name=='hg\apidoc\Controller'){
             return $handler($request);
         }
+        // var_dump($controller->name);
         $noNeedLogin = $controller->getDefaultProperties()['noNeedLogin'] ?? [];
         if (in_array($request->action, $noNeedLogin)) {
             // 不需要登录的方法继续向洋葱芯穿越
@@ -65,6 +66,9 @@ class JwtAuthMiddleware implements MiddlewareInterface
             // 解码 token，返回用户信息
             $decoded = JwtToken::getExtend($token);
             if(!empty($decoded['user_type'])&&$decoded['user_type']=='user'){
+                if (false !== strstr($controller->name, 'admin')) {
+                    return response('',401,['error' => '无权限']);
+                  } 
                 $user=User::find($decoded['id']);
                 if($user->status==0){
                     return response('',401,['error' => '用户封禁']);