public ApiResult SetPassword(SetPasswordReqDto reqDto)
{
if (string.IsNullOrWhiteSpace(reqDto.Password))
{
throw new ApiException(11000, "参数Password验证失败");
}
if (!ValidateUtil.IsValidPassword(reqDto.Password))
{
throw new ApiException(11000, "密码包含非法字符");
}
return(userInfoService.SetPassword(reqDto, this.UserInfo.UserId));
}
/// <summary>
/// 设置密码
/// </summary>
/// <param name="reqDto"></param>
/// <param name="userId"></param>
/// <returns></returns>
public ApiResult SetPassword(SetPasswordReqDto reqDto, long userId)
{
var userInfo = Util.GetEntityById <UserInfo>((int)userId);
if (userInfo.Password.StartsWith("$2y"))
{
if (!Crypter.CheckPassword(reqDto.OldPassword, userInfo.Password))
{
return(new ApiResult(15023, "旧密码不正确"));
}
}
else
{
if (Tool.GetMD5(reqDto.OldPassword) != userInfo.Password)
{
return(new ApiResult(15023, "旧密码不正确"));
}
}
string password = Tool.GetMD5(reqDto.Password);
string sql = "update dbo.userInfo set [Password]=@Password where Id=@UserId";
var sqlParameter = new[]
{
new SqlParameter("@Password", password),
new SqlParameter("@UserId", userId),
};
int count = SqlHelper.ExecuteNonQuery(sql, sqlParameter);
if (count < 1)
{
return(new ApiResult(11001, "设置失败"));
}
return(new ApiResult());
}
