Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
rjx93917
/
task
1
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Pārlūkot izejas kodu

no message

kuaifan 5 gadi atpakaļ
vecāks
b55fc90133
revīzija
a931f804df
3 mainītis faili ar 26 papildinājumiem un 8 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 2 0
      .gitignore
  2. 7 3
      app/Http/Controllers/Api/UsersController.php
  3. 17 5
      app/Module/Users.php

+ 2 - 0
.gitignore
Parādīt failu 

@@ -15,3 +15,5 @@ npm-debug.log
 
 yarn-error.log
 
 public
 
 uploads/picture
 
+test.js
 
+test.php

+ 7 - 3
app/Http/Controllers/Api/UsersController.php
Parādīt failu 

@@ -56,7 +56,7 @@ class UsersController extends Controller
 
             if (empty($user)) {
 
                 return Base::retError('账号或密码错误。');
 
             }
 
-            if ($user['userpass'] != Base::md52($userpass)) {
 
+            if ($user['userpass'] != Base::md52($userpass, $user['encrypt'])) {
 
                 return Base::retError('账号或密码错误!');
 
             }
 
         }
 
@@ -259,12 +259,16 @@ class UsersController extends Controller
 
         }
 
         //
 
         if ($user['setpass']) {
 
-            $verify = DB::table('users')->where(['id'=>$user['id'], 'userpass'=>Base::md52($oldpass)])->count();
 
+            $verify = DB::table('users')->where(['id'=>$user['id'], 'userpass'=>Base::md52($oldpass, Users::token2encrypt())])->count();
 
             if (empty($verify)) {
 
                 return Base::retError('请填写正确的旧密码!');
 
             }
 
         }
 
-        DB::table('users')->where('id', $user['id'])->update(['encrypt' => Base::generatePassword(6), 'userpass'=>Base::md52($newpass)]);
 
+        $encrypt = Base::generatePassword(6);
 
+        DB::table('users')->where('id', $user['id'])->update([
 
+            'encrypt' => $encrypt,
 
+            'userpass' => Base::md52($newpass, $encrypt)
 
+        ]);
 
         return Base::retSuccess('修改成功');
 
     }

+ 17 - 5
app/Module/Users.php
Parādīt failu 

@@ -41,9 +41,11 @@ class Users
 
             return Base::retError('密码最多只能设置32位数!');
 
         }
 
         //开始注册
 
+        $encrypt = Base::generatePassword(6);
 
         $inArray = [
 
+            'encrypt' => $encrypt,
 
             'username' => $username,
 
-            'userpass' => Base::md52($userpass),
 
+            'userpass' => Base::md52($userpass, $encrypt),
 
             'regip' => Base::getIp(),
 
             'regdate' => Base::time()
 
         ];
 
@@ -123,6 +125,20 @@ class Users
 
     }
 
 
     /**
 
+     * token获取encrypt
 
+     * @return mixed|string
 
+     */
 
+    public static function token2encrypt()
 
+    {
 
+        $authorization = Base::getToken();
 
+        $encrypt = '';
 
+        if ($authorization) {
 
+            list($id, $username, $encrypt, $timestamp) = explode("@", base64_decode($authorization) . "@@@@");
 
+        }
 
+        return $encrypt ?: '';
 
+    }
 
+
 
+    /**
 
      * 用户身份认证(获取用户信息)
 
      * @return array|mixed
 
      */
 
@@ -181,10 +197,6 @@ class Users
 
      */
 
     public static function token($userinfo)
 
     {
 
-        if (strlen($userinfo['encrypt']) < 6) {
 
-            $userinfo['encrypt'] = Base::generatePassword(6);
 
-            DB::table('users')->where('id', $userinfo['id'])->update(['encrypt' => $userinfo['encrypt']]);
 
-        }
 
         return base64_encode($userinfo['id'] . '@' . $userinfo['username'] . '@' . $userinfo['encrypt'] . '@' . Base::time() . '@' . Base::generatePassword(6));
 
     }