更新用户登录验证

app/api/BaseController.php

@@ -100,9 +100,9 @@ abstract class BaseController
         $header = Request::header();
         $token = $header['token'] ?? '';
         // 取消登录验证
-        if ($this->controller != 'user' && $this->action != 'login') {
+        if ($this->action != 'login') {
             if (!Session::has($session_admin) || !$token) {
-                $this->apiError('请先登录');
+                $this->apiError('用户未登录');
             }
         }
         if ($token) {

app/api/controller/User.php

@@ -9,10 +9,13 @@ namespace app\api\controller;
 
 use app\api\BaseController;
 use app\api\middleware\Auth;
+use app\user\validate\AdminCheck;
 use Firebase\JWT\JWT;
 use Firebase\JWT\Key;
 use think\facade\Db;
 use think\facade\Request;
+use think\exception\ValidateException;
+
 
 class User extends BaseController
 {
@@ -81,4 +84,33 @@ class User extends BaseController
         $userInfo = Db::name('Admin')->where(['id' => $uid])->find();
         $this->apiSuccess('请求成功', ['user' => $userInfo]);
     }
+
+    public function editPassword(Request $request)
+    {
+        $param = get_params();			
+        try {
+            validate(AdminCheck::class)->scene('editPwd')->check($param);
+        } catch (ValidateException $e) {
+            // 验证失败 输出错误信息
+            $this->apiError($e->getError());
+        }
+        $uid = $this->uid;
+        
+        $admin = Db::name('Admin')->where(['id' => $uid])->find();
+        $old_psw = set_password($param['old_pwd'], $admin['salt']);
+        if ($admin['pwd'] != $old_psw) {
+            $this->apiError('旧密码错误');
+        }
+
+        $salt = set_salt(20);
+        $new_pwd = set_password($param['pwd'], $salt);
+        $data = [
+            'reg_pwd' => '',
+            'salt' => $salt,
+            'pwd' => $new_pwd,
+            'update_time' => time(),
+        ];
+        Db::name('Admin')->where(['id' => $uid])->strict(false)->field(true)->update($data);
+        $this->apiSuccess('请求成功', ['user' => $userInfo]);
+    }
 }