From 0fb12c77eb0da763a24576c8a4ba71360020b23c Mon Sep 17 00:00:00 2001
From: jxxghp <jxxghp@gmail.com>
Date: Wed, 19 Jun 2024 18:04:00 +0800
Subject: [PATCH] fix bug

---
 app/api/endpoints/login.py | 8 ++++++--
 app/core/security.py       | 5 +++--
 app/schemas/token.py       | 1 +
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/app/api/endpoints/login.py b/app/api/endpoints/login.py
index 91b1c4225..0b3a27cad 100644
--- a/app/api/endpoints/login.py
+++ b/app/api/endpoints/login.py
@@ -13,6 +13,7 @@
 from app.core.security import get_password_hash
 from app.db import get_db
 from app.db.models.user import User
+from app.helper.sites import SitesHelper
 from app.log import logger
 from app.utils.web import WebUtils
 
@@ -58,17 +59,20 @@ async def login_access_token(
     elif user and not user.is_active:
         raise HTTPException(status_code=403, detail="用户未启用")
     logger.info(f"用户 {user.name} 登录成功！")
+    level = SitesHelper().auth_level
     return schemas.Token(
         access_token=security.create_access_token(
             userid=user.id,
             username=user.name,
             super_user=user.is_superuser,
-            expires_delta=timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
+            expires_delta=timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES),
+            level=level
         ),
         token_type="bearer",
         super_user=user.is_superuser,
         user_name=user.name,
-        avatar=user.avatar
+        avatar=user.avatar,
+        level=level
     )
 
 
diff --git a/app/core/security.py b/app/core/security.py
index 1888a13a5..06bf02fa2 100644
--- a/app/core/security.py
+++ b/app/core/security.py
@@ -30,7 +30,7 @@
 
 def create_access_token(
         userid: Union[str, Any], username: str, super_user: bool = False,
-        expires_delta: timedelta = None
+        expires_delta: timedelta = None, level: int = 1
 ) -> str:
     if expires_delta:
         expire = datetime.utcnow() + expires_delta
@@ -42,7 +42,8 @@ def create_access_token(
         "exp": expire,
         "sub": str(userid),
         "username": username,
-        "super_user": super_user
+        "super_user": super_user,
+        "level": level
     }
     encoded_jwt = jwt.encode(to_encode, settings.SECRET_KEY, algorithm=ALGORITHM)
     return encoded_jwt
diff --git a/app/schemas/token.py b/app/schemas/token.py
index 95fe6dd17..c7ca1dbde 100644
--- a/app/schemas/token.py
+++ b/app/schemas/token.py
@@ -9,6 +9,7 @@ class Token(BaseModel):
     super_user: bool
     user_name: str
     avatar: Optional[str] = None
+    level: int = 1
 
 
 class TokenPayload(BaseModel):