| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 |
- const {
- userCollection
- } = require('../../common/constants')
- const {
- ERROR
- } = require('../../common/error')
- const PasswordUtils = require('../../lib/utils/password')
- /**
- * 更新密码
- * @tutorial https://uniapp.dcloud.net.cn/uniCloud/uni-id-pages.html#update-pwd
- * @param {object} params
- * @param {string} params.oldPassword 旧密码
- * @param {string} params.newPassword 新密码
- * @returns {object}
- */
- module.exports = async function (params = {}) {
- const schema = {
- oldPassword: 'string', // 防止密码规则调整导致旧密码无法更新
- newPassword: 'password'
- }
- this.middleware.validate(params, schema)
- const uid = this.authInfo.uid
- const getUserRes = await userCollection.doc(uid).get()
- const userRecord = getUserRes.data[0]
- if (!userRecord) {
- throw {
- errCode: ERROR.ACCOUNT_NOT_EXISTS
- }
- }
- const {
- oldPassword,
- newPassword
- } = params
- const passwordUtils = new PasswordUtils({
- passwordSecret: this.config.passwordSecret
- })
- const {
- success: checkPasswordSuccess
- } = passwordUtils.checkUserPassword({
- password: oldPassword,
- passwordHash: userRecord.password,
- passwordSecretVersion: userRecord.password_secret_version,
- autoRefresh: false
- })
- if (!checkPasswordSuccess) {
- throw {
- errCode: ERROR.PASSWORD_ERROR
- }
- }
- const {
- passwordHash,
- version
- } = passwordUtils.generatePasswordHash({
- password: newPassword
- })
- await userCollection.doc(uid).update({
- password: passwordHash,
- password_secret_version: version,
- valid_token_date: Date.now() // refreshToken时会校验,如果创建token时间在此时间点之前,则拒绝下发新token,返回token失效错误码
- })
- // 执行更新密码操作后客户端应将用户退出重新登录
- return {
- errCode: 0
- }
- }
|
