From aaa7d5ec3fb07c573cf7d044b678510caad5e3a0 Mon Sep 17 00:00:00 2001
From: sh <sh@zkr.com>
Date: Mon, 8 Dec 2025 20:03:59 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E9=99=84=E4=BB=B6=E4=B8=8A?=
 =?UTF-8?q?=E4=BC=A0-=E5=BF=85=E9=A1=BB=E7=99=BB=E5=BD=95=E6=9C=89token?=
 =?UTF-8?q?=E6=89=8D=E8=83=BD=E4=B8=8A=E4=BC=A0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../ruoyi/cms/controller/app/AppFileController.java    | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppFileController.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppFileController.java
index 5082a94..916c058 100644
--- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppFileController.java
+++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/controller/app/AppFileController.java
@@ -7,6 +7,8 @@ import com.ruoyi.cms.service.IFileService;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.page.TableDataInfo;
+import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.utils.SiteSecurityUtils;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
@@ -26,7 +28,10 @@ public class AppFileController extends BaseController {
     @ApiOperation("上传文件")
     @PostMapping("/upload")
     public AjaxResult upload(@RequestParam("file") MultipartFile file, @RequestParam(value = "bussinessid",required = false) Long bussinessId) {
-       return fileService.upload(file,bussinessId);
+       if(!(SiteSecurityUtils.isLogin() || SecurityUtils.isLogin())){
+            return AjaxResult.error("未登录，请登录后在上传文件!");
+       }
+        return fileService.upload(file,bussinessId);
     }
 
     @ApiOperation("获取附件列表")
@@ -49,6 +54,9 @@ public class AppFileController extends BaseController {
     public AjaxResult uploadFile(@RequestParam("file") MultipartFile file, @RequestParam(value = "bussinessid",required = false) Long bussinessId, HttpServletRequest request) {
         String proxyServer = ProxyServerUtil.getProxyServer(request);
         System.out.println("获取服务器地址======================"+proxyServer);
+        if(!(SiteSecurityUtils.isLogin() || SecurityUtils.isLogin())){
+            return AjaxResult.error("未登录，请登录后在上传文件!");
+        }
         if(bussinessId==null){
             bussinessId=idGenerator.generateId();
         }