登陆状态验证，找回密码接口

app/controller/User.php

@@ -76,7 +76,7 @@ class User extends BaseController
 
             if ($user['status']) {
 
-                $userinfo = ['id' => $user['data']['id'], 'username' => $user['data']['name']];
+                $userinfo = ['id' => $user['data']['id'], 'username' => $user['data']['username']];
                 $token = ['token'=>signToken($userinfo)];
 
                 return $this->renderSuccess('登陆成功',$token);
@@ -124,4 +124,35 @@ class User extends BaseController
             return $this->renderError($exception->getMessage());
         }
     }
+
+    /**
+     * 找回密码
+     * @return array
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\DbException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @author whj
+     * @date 2023-08-22 18:16
+     */
+    public function modifyPassword()
+    {
+        $data = Request::param();
+
+        try {
+            // 验证用户输入
+            validate(UserValidate::class)->scene('modifyPassword')->check($data);
+
+            $userModel = new UserModel();
+
+            $user = $userModel->modifyPassword($data);
+
+            if ($user['status']) {
+                return $this->renderSuccess('修改成功');
+            } else {
+                return $this->renderError($user['msg']);
+            }
+        } catch (ValidateException $exception) {
+            return $this->renderError($exception->getMessage());
+        }
+    }
 }

app/middleware/CheckToken.php

@@ -5,6 +5,7 @@ namespace app\middleware;
 
 use think\Exception;
 use \think\facade\Request;
+use think\facade\Session;
 
 class CheckToken
 {
@@ -27,6 +28,9 @@ class CheckToken
             if($userinfo['code'] != 200)
                 throw new Exception('Token checked error',202);
             $request->userInfo = $userinfo['data'];
+            if (!Session::get('login_user_data')) {
+                throw new Exception('用户未登录，请先登陆后操作',203);
+            }
         }
         catch (\Exception $err){
             return json(['code'=>$err->getCode(),'msg'=>$err->getMessage()]);

app/model/User.php

@@ -2,6 +2,7 @@
 
 namespace app\model;
 
+use think\facade\Session;
 use think\Model;
 
 class User extends Model
@@ -50,15 +51,20 @@ class User extends Model
     public function login($data)
     {
         // 根据用户名查询用户信息
-        $user = $this->where('phone', $data['phone'])->find();
+        $user = $this->where('phone', $data['phone'])->field('id,username,phone,invite_code,password,salt')->find();
 
         if ($user) {
             // 使用相同的盐值对输入密码进行哈希验证
             $hashedPassword = $this->generateHashedPassword($data['password'], $user->salt);
 
             if ($user->password === $hashedPassword) {
+
+                # 缓存用户信息
+                $login_user_data = $user->toArray();
+                unset($login_user_data['password'],$login_user_data['salt']);
+                Session::set('login_user_data',$login_user_data);
                 // 登录成功
-                return ['status' => true, 'msg' => '手机号未注册', 'data' => $user];
+                return ['status' => true, 'msg' => '登录成功', 'data' => $login_user_data];
             } else {
 
                 return ['status' => false, 'msg' => '密码错误'];
@@ -85,11 +91,12 @@ class User extends Model
 
             // 生成盐值
             $salt = $this->generateSalt();
+            $password = $this->generateHashedPassword($data['password'], $salt);
             // 密码加盐值后哈希存储
-            $user->password = $this->generateHashedPassword($data['password'], $salt);
+            $user->password = $password;
             $user->salt = $salt;
             $user->update_time = date("Y-m-d H:i:s",time());
-            $this->save();
+            $user->save();
 
             return ['status' => true, 'msg' => '密码重制成功'];
         }
@@ -97,6 +104,44 @@ class User extends Model
         return ['status' => false, 'msg' => '手机号未注册'];
     }
 
+    /**
+     * 修改密码
+     * @param $data
+     * @return array
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\DbException
+     * @throws \think\db\exception\ModelNotFoundException
+     */
+    public function modifyPassword($data)
+    {
+        $user = Session::get('login_user_data');
+
+        if ($user) {
+
+            $userModel = $this->find($user['id']);
+            $password = $this->generateHashedPassword($data['password'], $userModel->salt);
+
+            if ($userModel->password == $password) {
+                return ['status' => false, 'msg' => '新密码与原密码一致'];
+            }
+
+            // 生成盐值
+            $salt = $this->generateSalt();
+            $new_password = $this->generateHashedPassword($data['password'], $salt);
+
+            // 密码加盐值后哈希存储
+            $userModel->password = $new_password;
+            $userModel->salt = $salt;
+            $userModel->update_time = date("Y-m-d H:i:s",time());
+
+            $this->save();
+
+            return ['status' => true, 'msg' => '修改成功'];
+        }
+
+        return ['status' => false, 'msg' => '登陆状态有误'];
+    }
+
     /**
      * 手机号短信验证码验证
      * @param $phone

app/validate/User.php

@@ -37,6 +37,7 @@ class User extends Validate
     protected $scene = [
         'login'     =>  ['phone','password'],
         'register'  =>  ['phone','password','sms_code'],
-        'retrieve'  =>  ['phone','password','sms_code']
+        'retrieve'  =>  ['phone','password','sms_code'],
+        'modifyPassword'  =>  ['password']
     ];
 }

route/app.php

@@ -9,6 +9,7 @@
 // | Author: liu21st <liu21st@gmail.com>
 // +----------------------------------------------------------------------
 use think\facade\Route;
+use app\middleware\CheckToken;
 
 Route::get('think', function () {
     return 'hello,ThinkPHP6!';
@@ -19,6 +20,7 @@ Route::group('user',function (){
     Route::post('register','user/register');
     Route::post('login','user/login');
     Route::post('retrieve','user/retrieve');
+    Route::post('modifyPassword','user/modifyPassword')->middleware(CheckToken::class);
 });