feat(editSelfValidate): 修改密码验证逻辑，优化了密码比对方式，提高了安全性，并更新了相关API接口。

2024-08-20 19:51:27 +08:00 · 2024-08-20 19:51:27 +08:00 · 6657d54fdc
commit 6657d54fdc
parent 937841a400
1 changed files with 4 additions and 3 deletions
--- a/app/admin/validate/auth/editSelfValidate.php
+++ b/app/admin/validate/auth/editSelfValidate.php
@ -59,12 +59,13 @@ class editSelfValidate extends BaseValidate
        if (empty($data['password_old'])) {
            return '请填写当前密码';
        }
-
        $admin = Admin::findOrEmpty($data['admin_id']);
-        if (!password_verify($data['password_old'],$admin['password'])) {
+        $passwordSalt = Config::get('project.unique_identification');
+        $oldPassword = create_password($data['password_old'], $passwordSalt);
+
+        if ($admin['password'] != $oldPassword) {
            return '当前密码错误';
        }
-
        return true;
    }