优化会员退出逻辑和mobilelogin鉴权判断

application/admin/library/Auth.php

@@ -72,10 +72,9 @@ class Auth extends \fast\Auth
     {
         $admin = Admin::get(intval($this->id));
         if (!$admin) {
-            return true;
+            $admin->token = '';
+            $admin->save();
         }
-        $admin->token = '';
-        $admin->save();
         $this->logined = false; //重置登录状态
         Session::delete("admin");
         Cookie::delete("keeplogin");

application/api/controller/User.php

@@ -72,6 +72,9 @@ class User extends Api
         }
         $user = \app\common\model\User::getByMobile($mobile);
         if ($user) {
+            if ($user->status != 'normal') {
+                $this->error(__('Account is locked'));
+            }
             //如果已经有账号则直接登录
             $ret = $this->auth->direct($user->id);
         } else {