|
|
@@ -268,6 +268,7 @@ class User extends Api
|
|
|
if (!$result) {
|
|
|
$this->error(__('Captcha is incorrect'));
|
|
|
}
|
|
|
+ Sms::flush($mobile, 'changepwd');
|
|
|
if (!Validate::make()->check(['newpassword' => $newpassword], ['newpassword' => 'require|regex:\S{6,30}'])) {
|
|
|
$this->error(__('Password must be 6 to 30 characters'));
|
|
|
}
|
|
|
@@ -279,8 +280,6 @@ class User extends Api
|
|
|
$this->error($this->auth->getError());
|
|
|
}
|
|
|
|
|
|
- Sms::flush($mobile, 'changepwd');
|
|
|
- $this->success();
|
|
|
}
|
|
|
|
|
|
/**
|
|
|
@@ -293,45 +292,36 @@ class User extends Api
|
|
|
*/
|
|
|
public function resetpwd()
|
|
|
{
|
|
|
- $type = $this->request->post("type", "mobile");
|
|
|
$mobile = $this->request->post("mobile");
|
|
|
- $email = $this->request->post("email");
|
|
|
- $newpassword = $this->request->post("newpassword");
|
|
|
$captcha = $this->request->post("captcha");
|
|
|
- if (!$newpassword || !$captcha) {
|
|
|
+ $newpassword = $this->request->post("newpassword");
|
|
|
+
|
|
|
+ if (!$mobile || !$captcha || !$newpassword) {
|
|
|
$this->error(__('Invalid parameters'));
|
|
|
}
|
|
|
- //验证Token
|
|
|
- if (!Validate::make()->check(['newpassword' => $newpassword], ['newpassword' => 'require|regex:\S{6,30}'])) {
|
|
|
- $this->error(__('Password must be 6 to 30 characters'));
|
|
|
+
|
|
|
+ if (!Validate::regex($mobile, "^1\d{10}$")) {
|
|
|
+ $this->error(__('Mobile is incorrect'));
|
|
|
}
|
|
|
- if ($type == 'mobile') {
|
|
|
- if (!Validate::regex($mobile, "^1\d{10}$")) {
|
|
|
- $this->error(__('Mobile is incorrect'));
|
|
|
- }
|
|
|
- $user = \app\common\model\User::getByMobile($mobile);
|
|
|
- if (!$user) {
|
|
|
- $this->error(__('User not found'));
|
|
|
- }
|
|
|
- $ret = Sms::check($mobile, $captcha, 'resetpwd');
|
|
|
- if (!$ret) {
|
|
|
- $this->error(__('Captcha is incorrect'));
|
|
|
- }
|
|
|
- Sms::flush($mobile, 'resetpwd');
|
|
|
- } else {
|
|
|
- if (!Validate::is($email, "email")) {
|
|
|
- $this->error(__('Email is incorrect'));
|
|
|
- }
|
|
|
- $user = \app\common\model\User::getByEmail($email);
|
|
|
- if (!$user) {
|
|
|
- $this->error(__('User not found'));
|
|
|
- }
|
|
|
- $ret = Ems::check($email, $captcha, 'resetpwd');
|
|
|
- if (!$ret) {
|
|
|
- $this->error(__('Captcha is incorrect'));
|
|
|
+ $user = \app\common\model\User::getByMobile($mobile);
|
|
|
+ if (!$user) {
|
|
|
+ $this->error('不存在的用户');
|
|
|
+ }else{
|
|
|
+ if ($user->status != 1) {
|
|
|
+ $this->error(__('Account is locked'));
|
|
|
}
|
|
|
- Ems::flush($email, 'resetpwd');
|
|
|
}
|
|
|
+
|
|
|
+ $ret = Sms::check($mobile, $captcha, 'resetpwd');
|
|
|
+ if (!$ret) {
|
|
|
+ $this->error(__('Captcha is incorrect'));
|
|
|
+ }
|
|
|
+ Sms::flush($mobile, 'resetpwd');
|
|
|
+
|
|
|
+ if (!Validate::make()->check(['newpassword' => $newpassword], ['newpassword' => 'require|regex:\S{6,30}'])) {
|
|
|
+ $this->error(__('Password must be 6 to 30 characters'));
|
|
|
+ }
|
|
|
+
|
|
|
//模拟一次登录
|
|
|
$this->auth->direct($user->id);
|
|
|
$ret = $this->auth->changepwd($newpassword, '', true);
|
lizhen_gitee