refactor: ♻️ 取消明文密码

2 years ago · 88668e63c3
parent c2eb20d5ed
commit 88668e63c3
1 changed files with 15 additions and 3 deletions
--- a/app/rts.go
+++ b/app/rts.go
@ -68,7 +68,19 @@ func CreateUser(w *ResponseWriter, r *Request) {
 		return
 	}

-	if err := DB.Create(&user).Error; err != nil {
+	hash, err := HashPassword(user.Password)
+	if err != nil {
+		LogError(err)
+		w.Error(NewError(1, "加密密码失败"))
+		return
+	}
+
+	u := User{
+		Name:        user.Name,
+		PhoneNumber: user.PhoneNumber,
+		Password:    hash,
+	}
+	if err := DB.Create(&u).Error; err != nil {
 		w.Error(err)
 	} else {
 		w.Ok(user, "创建用户成功")
@ -98,7 +110,7 @@ func UpdateUser(w *ResponseWriter, r *Request) {
 	}

 	// 用户信息未发生变化
-	if u.Name == user.Name && u.PhoneNumber == u.PhoneNumber && u.Password == user.Password {
+	if user.Name == u.Name && user.PhoneNumber == u.PhoneNumber && CheckPasswordHash(user.Password, u.Password) {
 		w.Ok(nil, "操作成功")
 		return
 	}
@ -218,7 +230,7 @@ func Login(w *ResponseWriter, r *Request) {
 	} else if err != nil {
 		w.Error(err)
 	} else {
-		if password != user.Password {
+		if !CheckPasswordHash(password, user.Password) {
 			w.Error(NewError(1, "手机号码或密码错误"))
 			return
 		}