diff --git a/app/api/endpoints/user.py b/app/api/endpoints/user.py index f933562..4607a3b 100644 --- a/app/api/endpoints/user.py +++ b/app/api/endpoints/user.py @@ -79,7 +79,7 @@ async def login( if not stored_code or stored_code != verify_code: return error_response(message="验证码错误或已过期") - redis_client.delete(f"verify_code:{phone}") + redis_client.get_client().delete(f"verify_code:{phone}") # 查找或创建用户 user = db.query(UserDB).filter(UserDB.phone == phone).first() @@ -520,12 +520,15 @@ async def update_user_community( @router.post("/change-password", response_model=ResponseModel) async def change_password( request: ChangePasswordRequest, - db: Session = Depends(get_db), - current_user: UserDB = Depends(get_current_user) # 获取当前登录用户 + db: Session = Depends(get_db) ): """通过短信验证码修改密码""" + user = db.query(UserDB).filter(UserDB.phone == request.phone).first() + if not user: + return error_response(message="用户不存在") + # 验证短信验证码 - redis_code = redis_client.get(f"verify_code:{current_user.phone}") + redis_code = redis_client.get_client().get(f"verify_code:{user.phone}") if not redis_code: return error_response(message="验证码已过期") @@ -533,12 +536,14 @@ async def change_password( return error_response(message="验证码错误") try: + + # 更新密码 - current_user.password = get_password_hash(request.new_password) + user.password = get_password_hash(request.new_password) db.commit() # 删除验证码 - redis_client.delete(f"verify_code:{current_user.phone}") + redis_client.get_client().delete(f"verify_code:{request.phone}") return success_response(message="密码修改成功") except Exception as e: diff --git a/app/models/user.py b/app/models/user.py index 845868f..3a10051 100644 --- a/app/models/user.py +++ b/app/models/user.py @@ -114,6 +114,7 @@ class UserPasswordLogin(BaseModel): role: UserRole = Field(default=UserRole.DELIVERYMAN) class ChangePasswordRequest(BaseModel): + phone: str = Field(..., pattern="^1[3-9]\d{9}$") verify_code: str = Field(..., min_length=4, max_length=6) new_password: str = Field(..., min_length=6, max_length=20)