update

src/route.ts

@@ -21,6 +21,10 @@ export const addAuth = (app: App) => {
     })
     .define(async (ctx) => {
       const token = ctx.query.token;
+      // 已经有用户信息则直接返回，不需要重复验证
+      if (ctx.state.tokenUser) {
+        return;
+      }
       if (!token) {
         app.throw(401, 'Token is required');
       }
@@ -44,6 +48,10 @@ export const addAuth = (app: App) => {
       description: '验证token，可以不成功，错误不返回401，正确赋值到ctx.state.tokenUser，失败赋值null',
     })
     .define(async (ctx) => {
+      // 已经有用户信息则直接返回，不需要重复验证
+      if (ctx.state.tokenUser) {
+        return;
+      }
       if (ctx.query?.token) {
         const token = ctx.query.token;
         const user = await User.getOauthUser(token);
@@ -76,6 +84,9 @@ app
     if (!tokenUser) {
       ctx.throw(401, 'No User For authorized');
     }
+    if (typeof ctx.state.isAdmin !== 'undefined' && ctx.state.isAdmin === true) {
+      return;
+    }
     try {
       const user = await User.findOne({
         where: {
@@ -92,6 +103,7 @@ app
       } else {
         ctx.throw(403, 'forbidden');
       }
+      ctx.state.isAdmin = true;
     } catch (e) {
       console.error(`auth-admin error`, e);
       console.error('tokenUser', tokenUser?.id, tokenUser?.username, tokenUser?.uid);
@@ -111,6 +123,9 @@ app
     if (!tokenUser) {
       ctx.throw(401, 'No User For authorized');
     }
+    if (typeof ctx.state.isAdmin !== 'undefined') {
+      return;
+    }
 
     try {
       const user = await User.findOne({
@@ -125,12 +140,15 @@ app
       const orgs = await user.getOrgs();
       if (orgs.includes('admin')) {
         ctx.body = 'admin';
+        ctx.state.isAdmin = true;
         ctx.state.tokenAdmin = {
           id: user.id,
           username: user.username,
           orgs,
         };
         return;
+      } else {
+        ctx.state.isAdmin = false;
       }
       ctx.body = 'not admin';
     } catch (e) {