Home Explore 引导页 在线工具 Blog
Register Sign In
Pchen0
/
Double_X_Attendance
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 54664cb588
Branches Tags
Double_X_Attend...
/
apis
/
User
/
Login
/
ForgetPassword.js

ForgetPassword.js 3.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 
  1. const md5 = require("md5");
    2. 

  2. const API = require("../../../lib/API");
    3. 

  3. const bcryptjs = require('bcryptjs');
    4. 

  4. const db = require("../../../plugin/DataBase/db");
    5. 

  5. const { BaseStdResponse } = require("../../../BaseStdResponse");
    6. 

  6. const Redis = require('../../../plugin/DataBase/Redis');
    7. 

  7. const sendEmail = require('../../../plugin/Email/Email');
    8. 

  8. 

  9. // 找回密码
    10. 

  10. class ForgetPassword extends API {
    11. 

  11.     constructor() {
    12. 

  12.         super();
    13. 

  13. 

  14.         this.setMethod("POST");
    15. 

  15.         this.setPath("/User/ForgetPassword");
    16. 

  16.     }
    17. 

  17. 

  18.     CheckPassword(password) {
    19. 

  19.         if (password.length < 8 || password.length > 16) {
    20. 

  20.             return false;
    21. 

  21.         }
    22. 

  22. 

  23.         const hasLetter = /[a-zA-Z]/.test(password);
    24. 

  24.         const hasNumber = /\d/.test(password);
    25. 

  25. 

  26.         return hasLetter && hasNumber;
    27. 

  27.     }
    28. 

  28. 

  29.     createSession(uuid, salt) {
    30. 

  30.         return md5(`${uuid}${salt}${new Date().getTime()}`);
    31. 

  31.     }
    32. 

  32. 

  33.     async onRequest(req, res) {
    34. 

  34.         let { username, email, code, password } = req.body;
    35. 

  35. 

  36.         if ([username, email, code, password].some(value => value === '' || value === null || value === undefined)) {
    37. 

  37.             res.json({
    38. 

  38.                 ...BaseStdResponse.MISSING_PARAMETER,
    39. 

  39.                 endpoint: 1513126
    40. 

  40.             });
    41. 

  41.             return;
    42. 

  42.         }
    43. 

  43. 

  44.         if (!this.CheckPassword(password))
    45. 

  45.             return res.json({
    46. 

  46.                 ...BaseStdResponse.ERR,
    47. 

  47.                 msg: '密码需在8到16位之间,且包含字母和数字'
    48. 

  48.             })
    49. 

  49. 

  50.         let sql = 'SELECT id FROM users WHERE username = ? AND email = ?';
    51. 

  51.         let Rows = await db.query(sql, [username, email]);
    52. 

  52.         if (Rows.length === 0)
    53. 

  53.             return res.json({
    54. 

  54.                 ...BaseStdResponse.USER_NOT_EXISTS,
    55. 

  55.                 msg: '用户名和邮箱不匹配!'
    56. 

  56.             })
    57. 

  57. 

  58.         password = atob(password);
    59. 

  59. 

  60.         try {
    61. 

  61.             const VerifyCode = await Redis.get(`email:${email}`);
    62. 

  62.             if (!VerifyCode || VerifyCode != code)
    63. 

  63.                 return res.json({
    64. 

  64.                     ...BaseStdResponse.SMS_CHECK_FAIL,
    65. 

  65.                     msg: '邮箱验证码输入错误或已过期'
    66. 

  66.                 })
    67. 

  67. 

  68.         } catch (err) {
    69. 

  69.             this.logger.error(`验证邮箱验证码失败!${err.stack}`);
    70. 

  70.             return res.json({
    71. 

  71.                 ...BaseStdResponse.DATABASE_ERR,
    72. 

  72.                 msg: '验证失败!'
    73. 

  73.             })
    74. 

  74.         }
    75. 

  75. 

  76.         
    77. 

  77.         const session = this.createSession(code, Math.random().toFixed(6).slice(-6));
    78. 

  78.         const hashPassword = bcryptjs.hashSync(password, 10);
    79. 

  79. 

  80.         sql = 'UPDATE users SET password = ? , session = ? WHERE id = ?';
    81. 

  81.         let result = await db.query(sql, [hashPassword, session, Rows[0].id]);
    82. 

  82. 

  83.         if (result && result.affectedRows > 0) {
    84. 

  84.             await Redis.del(`email:${email}`);
    85. 

  85. 

  86.             res.json({
    87. 

  87.                 ...BaseStdResponse.OK
    88. 

  88.             });
    89. 

  89.             await sendEmail(email, '密码修改提醒', `您已成功修改Double_X考勤账号密码,用户名${username},修改时间:${new Date().toLocaleString()}`);
    90. 

  90.         } else {
    91. 

  91.             res.json({ ...BaseStdResponse.ERR, endpoint: 7894378, msg: '修改失败!'});
    92. 

  92.         }
    93. 

  93.     }
    94. 

  94. }
    95. 

  95. 

  96. module.exports.ForgetPassword = ForgetPassword;
    97.