fix bug

backend/Dockerfile

@@ -29,9 +29,9 @@ RUN addgroup --system app \
 COPY --from=builder /opt/venv /opt/venv
 COPY . .
 
-RUN chown -R app:app /app
-
-USER app
+# 有 volumes 挂载时用 root 用户，避免日志目录权限问题
+# 正式发版（无 volume）时再改回 app 用户
+# USER app
 
 EXPOSE 8001
 

backend/app/api/v1/module_system/auth/service.py

@@ -200,6 +200,15 @@ class LoginService:
         if user.status == "1":
             raise CustomException(msg="用户已被停用")
 
+        # 检查员工是否已签约激活（有员工记录但未签约的禁止登录）
+        from sqlalchemy import select
+        from app.plugin.module_payment.employee.model import EmployeeModel
+        emp_stmt = select(EmployeeModel).where(EmployeeModel.user_id == user.id)
+        emp_result = await db.execute(emp_stmt)
+        employee = emp_result.scalar_one_or_none()
+        if employee and employee.status != "EMPLOYEE_ACTIVATED":
+            raise CustomException(msg="用户不存在")
+
         # 更新最后登录时间
         user = await UserCRUD(auth).update_last_login_crud(id=user.id)
         if not user: