fix: return code -1 when disabled user has token in getResourceList, triggers frontend logout

This commit is contained in:
2026-05-21 10:08:15 +08:00
parent 8bb7b5d30a
commit 3b44300216
2 changed files with 9 additions and 3 deletions
@@ -102,6 +102,7 @@ class AssetAppController extends BaseApiController
*/
public function getResourceList()
{
$token = $this->request->header('token');
$user = $this->getAssetUser();
$type = $this->request->get('type', 1);
$pageNo = $this->request->get('page_no', 1);
@@ -109,6 +110,11 @@ class AssetAppController extends BaseApiController
$days = (int)$this->request->get('days', 0);
$usageStatus = (int)$this->request->get('usage_status', 0); // 0=全部, 1=未使用, 2=已使用
// 携带了 token 但用户无效(被禁用/过期),返回 -1 触发前端重新登录
if (!empty($token) && !$user) {
return $this->fail('账号已被禁用或登录已过期,请重新登录', [], -1);
}
$query = AssetResource::where('type', $type);
$usedResourceIds = [];