From 88668e63c395444fa5c022ec97c0bb4597796372 Mon Sep 17 00:00:00 2001
From: hupeh <hupeh@qq.com>
Date: Mon, 2 Jan 2023 12:48:46 +0800
Subject: [PATCH] =?UTF-8?q?refactor:=20:recycle:=20=E5=8F=96=E6=B6=88?=
 =?UTF-8?q?=E6=98=8E=E6=96=87=E5=AF=86=E7=A0=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/rts.go | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/app/rts.go b/app/rts.go
index 045b8e2..042598c 100644
--- a/app/rts.go
+++ b/app/rts.go
@@ -68,7 +68,19 @@ func CreateUser(w *ResponseWriter, r *Request) {
 		return
 	}
 
-	if err := DB.Create(&user).Error; err != nil {
+	hash, err := HashPassword(user.Password)
+	if err != nil {
+		LogError(err)
+		w.Error(NewError(1, "加密密码失败"))
+		return
+	}
+
+	u := User{
+		Name:        user.Name,
+		PhoneNumber: user.PhoneNumber,
+		Password:    hash,
+	}
+	if err := DB.Create(&u).Error; err != nil {
 		w.Error(err)
 	} else {
 		w.Ok(user, "创建用户成功")
@@ -98,7 +110,7 @@ func UpdateUser(w *ResponseWriter, r *Request) {
 	}
 
 	// 用户信息未发生变化
-	if u.Name == user.Name && u.PhoneNumber == u.PhoneNumber && u.Password == user.Password {
+	if user.Name == u.Name && user.PhoneNumber == u.PhoneNumber && CheckPasswordHash(user.Password, u.Password) {
 		w.Ok(nil, "操作成功")
 		return
 	}
@@ -218,7 +230,7 @@ func Login(w *ResponseWriter, r *Request) {
 	} else if err != nil {
 		w.Error(err)
 	} else {
-		if password != user.Password {
+		if !CheckPasswordHash(password, user.Password) {
 			w.Error(NewError(1, "手机号码或密码错误"))
 			return
 		}