From 2cb3cc85b85c8cb293aa7eed5f0d1a016cb68bee Mon Sep 17 00:00:00 2001
From: aaron <>
Date: Thu, 6 Feb 2025 22:14:30 +0900
Subject: [PATCH] =?UTF-8?q?=E5=AF=86=E7=A0=81=E7=99=BB=E5=BD=95=EF=BC=8C?=
 =?UTF-8?q?=E5=8F=AA=E5=85=81=E8=AE=B8=E9=85=8D=E9=80=81=E5=91=98=E5=92=8C?=
 =?UTF-8?q?=E5=95=86=E5=AE=B6=E7=99=BB=E5=BD=95=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/api/endpoints/user.py | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/app/api/endpoints/user.py b/app/api/endpoints/user.py
index c03080c..4879738 100644
--- a/app/api/endpoints/user.py
+++ b/app/api/endpoints/user.py
@@ -21,6 +21,7 @@ from sqlalchemy import text
 from app.models.community import CommunityDB
 from app.models.user_auth import UserAuthDB, UserAuthCreate, UserAuthInfo
 from app.core.qcloud import qcloud_manager
+from app.models.merchant import MerchantDB
 
 router = APIRouter()
 
@@ -258,7 +259,7 @@ async def password_login(
 ):
     """密码登录"""
     user = db.query(UserDB).filter(UserDB.phone == login_data.phone).first()
-    
+
     if not user:
         return error_response(code=401, message="用户不存在")
     
@@ -267,6 +268,18 @@ async def password_login(
     
     if not verify_password(login_data.password, user.password):
         return error_response(code=401, message="密码错误")
+
+    if user.roles not in [UserRole.DELIVERYMAN, UserRole.MERCHANT]:
+        return error_response(code=401, message="只有配送员和商家可以登录")
+    
+    if user.roles == UserRole.MERCHANT:
+        # 检查是否有商家设置了当前用户 id
+        merchant = db.query(MerchantDB).filter(MerchantDB.user_id == user.userid).first()
+        if not merchant:
+            return error_response(code=401, message="商家账户，请先关联商家")
+    
+    if user.roles == UserRole.DELIVERYMAN and not user.community_id:
+        return error_response(code=401, message="配送员账户，请先设置归属小区")
     
     # 生成访问令牌
     access_token = create_access_token(data={"phone": user.phone,"userid":user.userid})