public ApiResult SetPassword(SetPasswordReqDto reqDto) { if (string.IsNullOrWhiteSpace(reqDto.Password)) { throw new ApiException(11000, "参数Password验证失败"); } if (!ValidateUtil.IsValidPassword(reqDto.Password)) { throw new ApiException(11000, "密码包含非法字符"); } return(userInfoService.SetPassword(reqDto, this.UserInfo.UserId)); }
/// <summary> /// 设置密码 /// </summary> /// <param name="reqDto"></param> /// <param name="userId"></param> /// <returns></returns> public ApiResult SetPassword(SetPasswordReqDto reqDto, long userId) { var userInfo = Util.GetEntityById <UserInfo>((int)userId); if (userInfo.Password.StartsWith("$2y")) { if (!Crypter.CheckPassword(reqDto.OldPassword, userInfo.Password)) { return(new ApiResult(15023, "旧密码不正确")); } } else { if (Tool.GetMD5(reqDto.OldPassword) != userInfo.Password) { return(new ApiResult(15023, "旧密码不正确")); } } string password = Tool.GetMD5(reqDto.Password); string sql = "update dbo.userInfo set [Password]=@Password where Id=@UserId"; var sqlParameter = new[] { new SqlParameter("@Password", password), new SqlParameter("@UserId", userId), }; int count = SqlHelper.ExecuteNonQuery(sql, sqlParameter); if (count < 1) { return(new ApiResult(11001, "设置失败")); } return(new ApiResult()); }