fix bug

app/api/endpoints/login.py

@@ -13,6 +13,7 @@ from app.core.config import settings
 from app.core.security import get_password_hash
 from app.db import get_db
 from app.db.models.user import User
+from app.helper.sites import SitesHelper
 from app.log import logger
 from app.utils.web import WebUtils
 
@@ -58,17 +59,20 @@ async def login_access_token(
     elif user and not user.is_active:
         raise HTTPException(status_code=403, detail="用户未启用")
     logger.info(f"用户 {user.name} 登录成功！")
+    level = SitesHelper().auth_level
     return schemas.Token(
         access_token=security.create_access_token(
             userid=user.id,
             username=user.name,
             super_user=user.is_superuser,
-            expires_delta=timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
+            expires_delta=timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES),
+            level=level
         ),
         token_type="bearer",
         super_user=user.is_superuser,
         user_name=user.name,
-        avatar=user.avatar
+        avatar=user.avatar,
+        level=level
     )
 
 

app/core/security.py

@@ -30,7 +30,7 @@ reusable_oauth2 = OAuth2PasswordBearer(
 
 def create_access_token(
         userid: Union[str, Any], username: str, super_user: bool = False,
-        expires_delta: timedelta = None
+        expires_delta: timedelta = None, level: int = 1
 ) -> str:
     if expires_delta:
         expire = datetime.utcnow() + expires_delta
@@ -42,7 +42,8 @@ def create_access_token(
         "exp": expire,
         "sub": str(userid),
         "username": username,
-        "super_user": super_user
+        "super_user": super_user,
+        "level": level
     }
     encoded_jwt = jwt.encode(to_encode, settings.SECRET_KEY, algorithm=ALGORITHM)
     return encoded_jwt

app/schemas/token.py

@@ -9,6 +9,7 @@ class Token(BaseModel):
     super_user: bool
     user_name: str
     avatar: Optional[str] = None
+    level: int = 1
 
 
 class TokenPayload(BaseModel):