exit if user is banned

This commit is contained in:
printempw 2016-07-23 14:23:11 +08:00
parent 1a19bc065d
commit e550add61a

View File

@ -5,6 +5,7 @@ namespace App\Middlewares;
use Pecee\Http\Middleware\IMiddleware;
use Pecee\Http\Request;
use App\Models\User;
use App\Exceptions\E;
class CheckLoggedInMiddleware implements IMiddleware
{
@ -17,9 +18,19 @@ class CheckLoggedInMiddleware implements IMiddleware
if (isset($_SESSION['email'])) {
$user = new User($_SESSION['email']);
if ($_SESSION['token'] != $user->getToken())
\Http::redirect('../auth/login', '无效的 token请重新登录~');
if ($user->getPermission() == "-1") {
// delete cookies
setcookie("email", "", time() - 3600, '/');
setcookie("token", "", time() - 3600, '/');
session_destroy();
throw new E('你已经被本站封禁啦,请联系管理员解决', -1, true);
}
return $user;
} else {
\Http::redirect('../auth/login', '非法访问,请先登录');