bugfix: API访问报403错误

2017-12-25 23:55:23 +08:00 · 2017-12-25 23:55:23 +08:00 · 750fb49a37
parent 68d569a6de
commit 750fb49a37
1 changed files with 5 additions and 3 deletions
--- a/routers/routers.go
+++ b/routers/routers.go
@ -230,6 +230,11 @@ func urlAuth(ctx *macaron.Context, sess session.Store)  {
 	if user.IsAdmin(sess) {
 		return
 	}
+	uri := strings.TrimSpace(ctx.Req.URL.Path)
+	uri = strings.TrimRight(uri, "/")
+	if (strings.HasPrefix(uri, "/api")) {
+		return
+	}
 	// 普通用户允许访问的URL地址
 	allowPaths := []string{
 		"",
@ -239,10 +244,7 @@ func urlAuth(ctx *macaron.Context, sess session.Store)  {
 		"/user/login",
 		"/user/logout",
 		"/user/editMyPassword",
-		"/api",
 	}
-	uri := strings.TrimSpace(ctx.Req.URL.Path)
-	uri = strings.TrimRight(uri, "/")
 	for _, path := range allowPaths {
 		if path == uri {
 			return