From db24dade1964fe33ffd352cf845ee303a8f03fc2 Mon Sep 17 00:00:00 2001
From: ccrice <syywqs@foxmail.com>
Date: Thu, 25 Sep 2025 12:43:29 +0800
Subject: [PATCH] =?UTF-8?q?fix(api):=E4=BF=AE=E6=AD=A3=20API=20=E4=BB=A4?=
 =?UTF-8?q?=E7=89=8C=E9=AA=8C=E8=AF=81=E9=80=BB=E8=BE=91-=20=E8=B0=83?=
 =?UTF-8?q?=E6=95=B4=E4=BB=A4=E7=89=8C=E9=AA=8C=E8=AF=81=E6=9D=A1=E4=BB=B6?=
 =?UTF-8?q?=EF=BC=8C=E4=BF=AE=E5=A4=8D=E4=B8=8D=E4=BC=A0=E5=85=A5token?=
 =?UTF-8?q?=E4=B8=8D=E8=BF=9B=E8=A1=8Ctoken=E9=AA=8C=E8=AF=81=E7=9A=84?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Action.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Action.php b/Action.php
index 8cc4f87..8ccd5e2 100644
--- a/Action.php
+++ b/Action.php
@@ -208,7 +208,7 @@ private function checkState($route)
             $this->throwError('This API has been disabled.', 403);
         }
         $token = $this->request->getHeader('token');
-        if (!empty($token) && $token != $this->config->apiToken) {
+        if ($this->config->apiToken && $token != $this->config->apiToken) {
             $this->throwError('apiToken is invalid', 403);
         }
     }