完善权限校验

This commit is contained in:
COOL 2023-04-16 11:08:49 +08:00
parent 56c288324b
commit 92e4ce85df

View File

@ -1,6 +1,6 @@
import { App, Config, Inject, Middleware } from '@midwayjs/decorator';
import * as _ from 'lodash';
import { CoolCommException, RESCODE } from '@cool-midway/core';
import { RESCODE } from '@cool-midway/core';
import * as jwt from 'jsonwebtoken';
import { NextFunction, Context } from '@midwayjs/koa';
import { IMiddleware, IMidwayApplication } from '@midwayjs/core';
@ -38,10 +38,15 @@ export class BaseAuthorityMiddleware
if (_.startsWith(url, adminUrl)) {
try {
ctx.admin = jwt.verify(token, this.jwtConfig.jwt.secret);
} catch (err) {
throw new CoolCommException('登录失效~');
if (ctx.admin.isRefresh) {
ctx.status = 401;
ctx.body = {
code: RESCODE.COMMFAIL,
message: '登录失效~',
};
return;
}
if (ctx.admin.isRefresh) throw new CoolCommException('登录失效~');
} catch (error) {}
// 不需要登录 无需权限校验
if (
new RegExp(`^${adminUrl}?.*/open/`).test(url) ||