diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php
index 6c2dae3..d270c8c 100644
--- a/app/Http/Middleware/Authenticate.php
+++ b/app/Http/Middleware/Authenticate.php
@@ -37,10 +37,16 @@ public function __construct(Auth $auth)
      */
     public function handle($request, Closure $next, $guard = null)
     {
-        if ($this->auth->guard($guard)->guest()) {
+        $auth = $this->auth->guard($guard);
+        if ($auth->guest()) {
             return $this->unauthorized('Unauthorized.');
         }
 
+        $user = $this->auth->guard($guard)->user();
+        if ($user->banned_at) {
+            return $this->forbidden('您已被封禁，原因是: ' . $user->banned_reason);
+        }
+
         return $next($request);
     }
 }
diff --git a/app/Models/User.php b/app/Models/User.php
index 8b2ef6a..ced9315 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -41,6 +41,7 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
     protected $casts = [
         'email_verified_at' => 'datetime',
         'balance' => 'float',
+        'banned_at' => 'datetime',
     ];