fix: fix错误

src/routes/user/org.ts

@@ -60,11 +60,19 @@ app
       };
       return;
     }
-    const user = await User.createOrg(username, tokenUser.id, description);
+    const user = await User.findByPk(tokenUser.id);
+    if (!user) {
+      throw new CustomError('user not found');
+    }
+    const orgs = await user.getOrgs();
+    if (!orgs.includes('admin')) {
+      throw new CustomError('Permission denied');
+    }
+    const newUser = await User.createOrg(username, tokenUser.id, description);
     ctx.body = {
-      id: user.id,
-      username: user.username,
-      description: user.description,
+      id: newUser.id,
+      username: newUser.username,
+      description: newUser.description,
     };
   })
   .addTo(app);

src/routes/user/web-login.ts

@@ -1,11 +1,12 @@
 import { app } from '@/app.ts';
 import { User } from '@/models/user.ts';
-import { log } from 'console';
 import MD5 from 'crypto-js/md5.js';
 
 import jsonwebtoken from 'jsonwebtoken';
 
-const tokenData: Record<string, string> = {};
+// const tokenData: Record<string, string> = {};
+import { redis } from '@/app.ts';
+
 app
   .route({
     path: 'user',
@@ -39,7 +40,7 @@ app
       ctx.throw(400, 'sign error');
     }
     const user = await User.findByPk(tokenUser.id);
-    console.log('tokenUser', tokenUser)
+    console.log('tokenUser', tokenUser);
     if (!user) {
       ctx.throw(400, 'user not found');
     }
@@ -59,7 +60,9 @@ app
     );
 
     // ctx.body = data;
-    tokenData[loginToken] = data;
+    // tokenData[loginToken] = data;
+    await redis.set(loginToken, data, 'EX', 3600); // 1小时
+    ctx.body = 'success';
   })
   .addTo(app);
 
@@ -73,7 +76,8 @@ app
     if (!loginToken) {
       ctx.throw(400, 'loginToken is required');
     }
-    const data = tokenData[loginToken];
+    // const data = tokenData[loginToken];
+    const data = await redis.get(loginToken);
     if (data) {
       ctx.body = data;
     } else {