tone/tonePage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

secure: 调整设置密码的响应为null

Browse Source
This commit is contained in:
tone
2025-12-18 17:08:23 +08:00
parent 21c010d131
commit fa4a31a6ff
2 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
apps/backend/src/user/user.controller.ts
View File

@@ -18,7 +18,8 @@ export class UserController {
@UseGuards(AuthGuard) @UseGuards(AuthGuard)
@Put('password') @Put('password')
async update(@CurrentUser() user: AuthUser, @Body() dto: UpdateUserPasswordDto) { async update(@CurrentUser() user: AuthUser, @Body() dto: UpdateUserPasswordDto): Promise<null> {
return this.userService.setPassword(user.userId, dto.password); await this.userService.setPassword(user.userId, dto.password.trim());
return null;
} }
} }

6
apps/backend/src/user/user.service.ts
View File

@@ -133,15 +133,15 @@ export class UserService {
return uuid().replace(/-/g, ''); return uuid().replace(/-/g, '');
} }
async setPassword(userId: string, password: string): Promise<User> { async setPassword(userId: string, password: string) {
const user = await this.userRepository.findOne({ where: { userId } }); const user = await this.userRepository.findOne({ where: { userId } });
if (!user) { if (!user) {
throw new BadRequestException('User not found'); throw new BadRequestException('用户不存在');
} }
const salt = this.generateSalt(); const salt = this.generateSalt();
user.password_hash = this.hashPassword(password, salt); user.password_hash = this.hashPassword(password, salt);
user.salt = salt; user.salt = salt;
return this.userRepository.save(user); await this.userRepository.save(user);
} }
private getDuplicateErrorMessage(error: QueryFailedError): string { private getDuplicateErrorMessage(error: QueryFailedError): string {