70 lines
1.8 KiB
JavaScript
70 lines
1.8 KiB
JavaScript
const {
|
||
userCollection
|
||
} = require('../../common/constants')
|
||
const {
|
||
ERROR
|
||
} = require('../../common/error')
|
||
const PasswordUtils = require('../../lib/utils/password')
|
||
/**
|
||
* 更新密码
|
||
* @tutorial https://uniapp.dcloud.net.cn/uniCloud/uni-id-pages.html#update-pwd
|
||
* @param {object} params
|
||
* @param {string} params.oldPassword 旧密码
|
||
* @param {string} params.newPassword 新密码
|
||
* @returns {object}
|
||
*/
|
||
module.exports = async function (params = {}) {
|
||
const schema = {
|
||
oldPassword: 'string', // 防止密码规则调整导致旧密码无法更新
|
||
newPassword: 'password'
|
||
}
|
||
this.middleware.validate(params, schema)
|
||
const uid = this.authInfo.uid
|
||
const getUserRes = await userCollection.doc(uid).get()
|
||
const userRecord = getUserRes.data[0]
|
||
if (!userRecord) {
|
||
throw {
|
||
errCode: ERROR.ACCOUNT_NOT_EXISTS
|
||
}
|
||
}
|
||
const {
|
||
oldPassword,
|
||
newPassword
|
||
} = params
|
||
const passwordUtils = new PasswordUtils({
|
||
userRecord,
|
||
clientInfo: this.getUniversalClientInfo(),
|
||
passwordSecret: this.config.passwordSecret
|
||
})
|
||
|
||
const {
|
||
success: checkPasswordSuccess
|
||
} = passwordUtils.checkUserPassword({
|
||
password: oldPassword,
|
||
autoRefresh: false
|
||
})
|
||
|
||
if (!checkPasswordSuccess) {
|
||
throw {
|
||
errCode: ERROR.PASSWORD_ERROR
|
||
}
|
||
}
|
||
|
||
const {
|
||
passwordHash,
|
||
version
|
||
} = passwordUtils.generatePasswordHash({
|
||
password: newPassword
|
||
})
|
||
|
||
await userCollection.doc(uid).update({
|
||
password: passwordHash,
|
||
password_secret_version: version,
|
||
valid_token_date: Date.now() // refreshToken时会校验,如果创建token时间在此时间点之前,则拒绝下发新token,返回token失效错误码
|
||
})
|
||
// 执行更新密码操作后客户端应将用户退出重新登录
|
||
return {
|
||
errCode: 0
|
||
}
|
||
}
|