FIX 完善重置密码功能

app/controllers/accounts_controller.rb

@@ -1,8 +1,6 @@
 class AccountsController < ApplicationController
   include ApplicationHelper
 
-  #skip_before_action :check_account, :only => [:logout]
-
   def index
     render json: session
   end
@@ -208,28 +206,25 @@ class AccountsController < ApplicationController
   # 忘记密码
   def reset_password
     begin
-      code = params[:code]
-      login_type = phone_mail_type(params[:login].strip)
-      # 获取验证码
-      if login_type == 1
-        phone = params[:login]
-        verifi_code = VerificationCode.where(phone: phone, code: code, code_type: 2).last
-        user = User.find_by_phone(phone)
-      else
-        email = params[:login]
-        verifi_code = VerificationCode.where(email: email, code: code, code_type: 3).last
-        user = User.find_by_mail(email)     #这里有问题，应该是为email,而不是mail  6.13-hs
-      end
-      return normal_status(-2, "验证码不正确") if verifi_code.try(:code) != code.strip
-      return normal_status(-2, "验证码已失效") if !verifi_code&.effective?
-      return normal_status(-1, "8~16位密码，支持字母数字和符号") unless params[:new_password] =~ CustomRegexp::PASSWORD
+      Accounts::ResetPasswordForm.new(reset_password_params).validate!
 
-      user.password, user.password_confirmation = params[:new_password], params[:new_password_confirmation]
-      ActiveRecord::Base.transaction do
-        user.save!
-        LimitForbidControl::UserLogin.new(user).clear
-      end
-      sucess_status
+      user = find_user
+      return render_error('未找到相关账号') if user.blank?
+
+      user = Accounts::ResetPasswordService.call(user, reset_password_params)
+      LimitForbidControl::UserLogin.new(user).clear if user.save!
+
+      render_ok
+    rescue Register::BaseForm::EmailError => e
+      render_result(-2, e.message)
+    rescue Register::BaseForm::PhoneError => e
+      render_result(-4, e.message)
+    rescue Register::BaseForm::PasswordFormatError => e
+      render_result(-5, e.message)
+    rescue Register::BaseForm::PasswordConfirmationError => e
+      render_result(-7, e.message)
+    rescue Register::BaseForm::VerifiCodeError => e
+      render_result(-6, e.message)
     rescue Exception => e
       uid_logger_error(e.message)
       tip_exception(e.message)
@@ -369,5 +364,14 @@ class AccountsController < ApplicationController
   def register_params
     params.permit(:login, :namespace, :password, :password_confirmation, :code)
   end
+
+  def reset_password_params
+    params.permit(:login, :password, :password_confirmation, :code)
+  end
+  
+  def find_user
+    phone_or_mail = strip(reset_password_params[:login])
+    User.where("phone = :search OR mail = :search", search: phone_or_mail).last
+  end
   
 end

app/forms/accounts/reset_password_form.rb

@@ -0,0 +1,42 @@
+module Accounts
+  class ResetPasswordForm < ::BaseForm
+    # login 邮箱、手机号
+    # code 验证码
+    # type: 1：手机号注册；2：邮箱注册
+    attr_accessor :login, :password, :password_confirmation, :code
+
+    validates :login, :code, :password, :password_confirmation, presence: true, allow_blank: false
+    validate :check!
+    
+    def check!
+      Rails.logger.info "ResetPasswordForm params: code: #{code} login: #{login} 
+        password: #{password} password_confirmation: #{password_confirmation}"
+      
+      type = phone_mail_type(login)
+      
+      db_verifi_code = 
+        if type == 1
+          check_phone_format(login)
+          VerificationCode.where(phone: login, code: code, code_type: 1).last
+        elsif type == 0
+          Rails.logger.info "9999999999 #{login}"
+          check_email_format(login)
+          VerificationCode.where(email: login, code: code, code_type: 8).last
+        end
+      
+      check_password(password)
+      check_password_confirmation(password, password_confirmation)
+      check_verifi_code(db_verifi_code, code)
+    end
+
+    def check_phone_format(phone)
+      phone = strip(phone)
+      raise LoginError, "登录名格式有误" unless phone =~ CustomRegexp::LOGIN
+    end
+
+    def check_email_format(mail)
+      mail = strip(mail)
+      raise EmailError, "邮件格式有误" unless mail =~ CustomRegexp::EMAIL
+    end
+  end
+end

app/forms/base_form.rb

@@ -1,6 +1,14 @@
 class BaseForm
   include ActiveModel::Model
 
+  Error                     = Class.new(StandardError)
+  EmailError                = Class.new(Error)
+  LoginError                = Class.new(Error)
+  PhoneError                = Class.new(Error)
+  PasswordFormatError       = Class.new(Error)
+  VerifiCodeError           = Class.new(Error)
+  PasswordConfirmationError = Class.new(Error)
+
   def check_project_category(project_category_id)
     unless project_category_id == ''
       raise "project_category_id参数值无效." if project_category_id && !ProjectCategory.exists?(project_category_id)
@@ -26,8 +34,35 @@ class BaseForm
     raise "项目标识已被占用." if ReversedKeyword.check_exists?(repository_name)
   end
 
+  def check_password(password)
+    password = strip(password)
+    raise PasswordFormatError, "密码8~16位密码，支持字母数字和符号" unless password =~ CustomRegexp::PASSWORD
+  end
+
+  def check_password_confirmation(password, password_confirmation)
+    password = strip(password)
+    password_confirmation = strip(password_confirmation)
+
+    raise PasswordFormatError, "确认密码为8~16位密码，支持字母数字和符号" unless password_confirmation =~ CustomRegexp::PASSWORD
+    raise PasswordConfirmationError, "两次输入的密码不一致" unless password == password_confirmation
+  end
+
+  def check_verifi_code(verifi_code, code)
+    code = strip(code)
+    # return if code == "123123" # TODO 万能验证码，用于测试
+
+    raise VerifiCodeError, "验证码不正确" if verifi_code&.code != code
+    raise VerifiCodeError, "验证码已失效" if !verifi_code&.effective?
+  end
+
   private
   def strip(str)
     str.to_s.strip.presence
   end
+
+  # 1 手机类型；0 邮箱类型
+  # 注意新版的login是自动名生成的
+  def phone_mail_type value
+    value =~ /^1\d{10}$/ ? 1 : 0
+  end
 end

app/forms/register/base_form.rb

@@ -2,14 +2,6 @@ module Register
   class BaseForm < ::BaseForm
     include ActiveModel::Model
     
-    Error                     = Class.new(StandardError)
-    EmailError                = Class.new(Error)
-    LoginError                = Class.new(Error)
-    PhoneError                = Class.new(Error)
-    PasswordFormatError       = Class.new(Error)
-    VerifiCodeError           = Class.new(Error)
-    PasswordConfirmationError = Class.new(Error)
-    
     private
     def check_login(login)
       login = strip(login)
@@ -34,27 +26,5 @@ module Register
       phone_exist = Owner.exists?(phone: phone)
       raise PhoneError, '手机号已被使用' if phone_exist
     end
-
-    def check_password(password)
-      password = strip(password)
-      raise PasswordFormatError, "密码8~16位密码，支持字母数字和符号" unless password =~ CustomRegexp::PASSWORD
-    end
-
-    def check_password_confirmation(password, password_confirmation)
-      password = strip(password)
-      password_confirmation = strip(password_confirmation)
-
-      raise PasswordFormatError, "确认密码为8~16位密码，支持字母数字和符号" unless password_confirmation =~ CustomRegexp::PASSWORD
-      raise PasswordConfirmationError, "两次输入的密码不一致" unless password == password_confirmation
-    end
-
-    def check_verifi_code(verifi_code, code)
-      code = strip(code)
-      return if code == "123123" # TODO 万能验证码，用于测试
-
-      raise VerifiCodeError, "验证码不正确" if verifi_code&.code != code
-      raise VerifiCodeError, "验证码已失效" if !verifi_code&.effective?
-    end
-    
   end
 end

app/forms/register/form.rb

@@ -10,7 +10,9 @@ module Register
     
     def check!
       Rails.logger.info "Register::Form params: code: #{code}; login: #{login}; 
-        namespace: #{namespace}; password: #{password}; password_confirmation: #{password_confirmation}; type: #{type}"
+        namespace: #{namespace}; password: #{password}; password_confirmation: #{password_confirmation}"
+      
+      type = phone_mail_type(strip(login))
       db_verifi_code = 
         if type == 1
           check_phone(login)

app/helpers/application_helper.rb

@@ -461,5 +461,9 @@ module ApplicationHelper
   def phone_mail_type value
     value =~ /^1\d{10}$/ ? 1 : 0
   end
+
+  def strip(str)
+    str.to_s.strip.presence
+  end
   
 end

app/services/accounts/reset_password_service.rb

@@ -0,0 +1,23 @@
+module Accounts
+  class ResetPasswordService < ApplicationService
+    # login、code、password、password_confirmation
+    def initialize(user, params)
+      @user      = user
+      @password  = params[:password]
+      @password_confirmation = params[:password_confirmation]
+    end
+
+    def call
+      return if @user.blank?
+      password  = strip(@password)
+      password_confirmation = strip(@password_confirmation)
+
+      Rails.logger.info "Accounts::ResetPasswordService params:   
+        ##### password: #{@password} password_confirmation: #{@password_confirmation}"
+        
+      @user.password, @user.password_confirmation = password, password_confirmation
+      
+      @user
+    end
+  end
+end

app/services/application_service.rb

@@ -18,4 +18,9 @@ class ApplicationService
   def str_to_boolean str
     ActiveModel::Type::Boolean.new.cast str
   end
+
+  def phone_mail_type value
+    value =~ /^1\d{10}$/ ? 1 : 0
+  end
+
 end

app/services/users/register_service.rb

@@ -12,7 +12,8 @@ class Users::RegisterService < ApplicationService
     namespace = strip(@namespace)
     password  = strip(@password)
 
-    Rails.logger.info "Users::RegisterService params:   ##### #{params} "
+    Rails.logger.info "Users::RegisterService params:   
+      ##### code: #{code} login: #{login} namespace: #{namespace}  password: #{password} "
 
     email, phone = 
       if register_type == 1
@@ -50,9 +51,4 @@ class Users::RegisterService < ApplicationService
   def register_type
     phone_mail_type(@login)
   end
-
-  def phone_mail_type value
-    value =~ /^1\d{10}$/ ? 1 : 0
-  end
-  
 end