diff --git a/src/plugins/apiauth.ts b/src/plugins/apiauth.ts index 6eac69f..8c44943 100644 --- a/src/plugins/apiauth.ts +++ b/src/plugins/apiauth.ts @@ -30,29 +30,30 @@ const apiAuthPlugin: FastifyPluginAsync = async function( try { if (request.roles.indexOf('svr') >= 0) { // TODO: check svr - return; + } else { + // @ts-ignore + let { accountid, sessionid } = request.params; + //TODO: 增加sessionid的校验 + // if (!accountid || !sessionid) { + // return reply.send({code: 11, msg: 'need accountid and sessionid'}); + // } + if (!accountid) { + return reply.send({code: 2, msg: 'need accountid and sessionid'}); + } + // const data = this.jwt.verify(request.token); + // if (!data || !data.id) { + // return reply.send({code: 10, msg: 'need login'}); + // } + let account = await User.findById(accountid); + if (!account) { + return reply.send({code: 5, msg: 'account not found'}); + } + if (account.locked) { + return reply.send({code: 4, msg: 'account locked'}); + } + request.user = account; } - // @ts-ignore - let { accountid, sessionid } = request.params; - //TODO: 增加sessionid的校验 - // if (!accountid || !sessionid) { - // return reply.send({code: 11, msg: 'need accountid and sessionid'}); - // } - if (!accountid) { - return reply.send({code: 2, msg: 'need accountid and sessionid'}); - } - // const data = this.jwt.verify(request.token); - // if (!data || !data.id) { - // return reply.send({code: 10, msg: 'need login'}); - // } - let account = await User.findById(accountid); - if (!account) { - return reply.send({code: 5, msg: 'account not found'}); - } - if (account.locked) { - return reply.send({code: 4, msg: 'account locked'}); - } - request.user = account; + } catch (err) { return reply.send({code: 401, msg: 'need auth'}) }