diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
index e501f04..6b1ddd0 100644
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -14,6 +14,7 @@ use App\Http\Requests\LoginRequest;
 use App\Models\User;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
+use App\Models\Sysparam;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Redis;
@@ -40,8 +41,9 @@ class AuthController extends Controller
             if (Hash::check($password, $user->password)) {
                 // Bcrypt 验证通过
 
-                // 检测是否被封禁 (管理员豁免：假设大于等于 15 为系统管理/总管)
-                if ($user->user_level < 15) {
+                // 检测是否被封禁 (后台管理员级别获得豁免权，防止误把自己关在门外)
+                $adminLevel = (int) Sysparam::getValue('superlevel', '100');
+                if ($user->user_level < $adminLevel) {
                     if ($user->user_level < 0) {
                         return response()->json(['status' => 'error', 'message' => '您的账号已被管理员封禁，无法登录。'], 403);
                     }
@@ -61,8 +63,9 @@ class AuthController extends Controller
                 $user->password = Hash::make($password);
                 $user->save();
 
-                // 检测是否被封禁 (管理员豁免)
-                if ($user->user_level < 15) {
+                // 检测是否被封禁 (后台管理员级别获得豁免权，防止误把自己关在门外)
+                $adminLevel = (int) Sysparam::getValue('superlevel', '100');
+                if ($user->user_level < $adminLevel) {
                     if ($user->user_level < 0) {
                         return response()->json(['status' => 'error', 'message' => '您的账号已被管理员封禁，无法登录。'], 403);
                     }