diff --git a/server/app/common/dao/system/SysAdminDao.php b/server/app/common/dao/system/SysAdminDao.php index 029930cc80737d0b42a5346b2b21f3c56f60ab94..89ce32b25810d7a772fd02b01eded53e84fa09cc 100644 --- a/server/app/common/dao/system/SysAdminDao.php +++ b/server/app/common/dao/system/SysAdminDao.php @@ -201,7 +201,7 @@ class SysAdminDao extends BaseDao { $result = $this->getModel() ->where('id', $id) - ->with(['depts', 'posts', 'casbin.roles',]) + ->with(['depts', 'posts', 'casbin.roles','roles']) ->first() ->makeHidden(['password', 'backend_setting']); diff --git a/server/app/functions.php b/server/app/functions.php index e8fbac0c244d5aa3cd145071649bd08883380470..708afe65ec0b7aa4642617b7a6c21c58ee312d9e 100644 --- a/server/app/functions.php +++ b/server/app/functions.php @@ -18,24 +18,28 @@ use support\Container; */ function getCurrentUser(bool $fullInfo = false, bool $refresh = false): mixed { - // 1. 验证请求和授权令牌 - $token = resolveAuthorizationToken(); - if ($token === null) { - return null; - } + try { + // 1. 验证请求和授权令牌 + $token = resolveAuthorizationToken(); + if ($token === null) { + return null; + } - // 2. 获取当前用户ID - $userId = JwtToken::getCurrentId(); - if ($userId === null) { - return null; - } + // 2. 获取当前用户ID + $userId = JwtToken::getCurrentId(); + if ($userId === null) { + return null; + } - // 3. 根据参数返回相应数据 - if ($refresh) { - return $fullInfo ? JwtToken::getUser() : $userId; - } + // 3. 根据参数返回相应数据 + if ($refresh) { + return $fullInfo ? JwtToken::getUser() : $userId; + } - return $fullInfo ? JwtToken::getExtend() : $userId; + return $fullInfo ? JwtToken::getExtend() : $userId; + } catch (\Exception $e) { + return null; + } } function resolveAuthorizationToken(): ?string diff --git a/server/app/middleware/AuthTokenMiddleware.php b/server/app/middleware/AuthTokenMiddleware.php index 02a64a8982d4c6628d588c47a6c843cec2d583fc..27de2cafe2ef2f1a48c30cc81af2e0910a605ae7 100644 --- a/server/app/middleware/AuthTokenMiddleware.php +++ b/server/app/middleware/AuthTokenMiddleware.php @@ -14,6 +14,7 @@ namespace app\middleware; use core\jwt\JwtToken; use core\exception\handler\UnauthorizedHttpException; +use core\utils\Json; use Webman\Http\Request; use Webman\Http\Response; use Webman\MiddlewareInterface; @@ -49,9 +50,13 @@ class AuthTokenMiddleware implements MiddlewareInterface return $handler($request); } - $userId = JwtToken::getCurrentId(); - if (0 === $userId) { - throw new UnauthorizedHttpException(); + try { + $userId = JwtToken::getCurrentId(); + if (0 === $userId) { + throw new UnauthorizedHttpException(); + } + }catch (\Exception $e){ + return Json::fail($e->getMessage(), [], 401); } return $handler($request); } diff --git a/server/app/middleware/PermissionMiddleware.php b/server/app/middleware/PermissionMiddleware.php index ecb88e65ea9259f49a0fea144113e01f0fcacd69..65a98ce2c75604016fa3b11c2c4bd758d12a83e3 100644 --- a/server/app/middleware/PermissionMiddleware.php +++ b/server/app/middleware/PermissionMiddleware.php @@ -20,6 +20,7 @@ use core\enum\system\PolicyPrefix; use core\exception\handler\ForbiddenHttpException; use core\exception\handler\UnauthorizedHttpException; use core\jwt\JwtToken; +use core\utils\Json; use Webman\Http\Request; use Webman\Http\Response; use Webman\MiddlewareInterface; @@ -63,9 +64,13 @@ class PermissionMiddleware implements MiddlewareInterface return $handler($request); } - $userId = JwtToken::getCurrentId(); - if ($userId === 0) { - throw new UnauthorizedHttpException(); + try { + $userId = JwtToken::getCurrentId(); + if (0 === $userId) { + throw new UnauthorizedHttpException(); + } + }catch (\Exception $e){ + return Json::fail($e->getMessage(), [], 401); } $userData = JwtToken::getExtend(); // 顶级管理员直接跳过权限验证