x

middleware/jwt/jwt.go

@@ -74,12 +74,15 @@ func JWT(opts ...JwtOption) middleware.Middleware {
 			if tr, ok := transport.FromServerContext(ctx); ok {
 				tokenStr = tr.RequestHeader().Get("token")
 			}
-			userInfo, _, err := cfg.parseFunc(ctx, cfg.jwtKey, tokenStr)
+			userInfo, checkOk, err := cfg.parseFunc(ctx, cfg.jwtKey, tokenStr)
 			if err != nil {
 				return nil, err
 			}
 			//需要验证
 			if needAuth {
+				if !checkOk {
+					return nil, errors.Unauthorized("TOKEN_PERMISSION_BAD", "")
+				}
 				if authKey != "" {
 					if !cfg.validatePermission(userInfo.Permissions, authKey) {
 						return nil, errors.Unauthorized("TOKEN_PERMISSION_BAD", "")