完成用户密码修改

api/v1/user.proto

@@ -77,7 +77,7 @@ message GetUserCaptchaReply {
 message UpdateUserPasswordRequest {
   int64 id = 1;
   string old_password = 2;
-  string new_password = 3;
+  string new_password = 3  [ (gogoproto.moretags) = "validate:\"min=6\"" ];
 }
 
 service UserAPI {
@@ -106,7 +106,7 @@ service UserAPI {
 
   // 更新用户密码。如果不传用户ID，则表示更新当前用户的密码；
   // 如果穿了用户ID，则表示更新指定用户的密码，这时需要验证当前用户的权限
-  rpc UpdateUserPassword(User) returns (google.protobuf.Empty) {
+  rpc UpdateUserPassword(UpdateUserPasswordRequest) returns (google.protobuf.Empty) {
     option (google.api.http) = {
       put : '/api/v1/user/password',
       body : '*',

biz/user.go

@@ -24,6 +24,9 @@ const (
 	ErrorMessageUsernameOrPasswordError = "用户名或密码不正确"
 	ErrorMessageInvalidToken            = "您未登录或您的登录已过期，请重新登录"
 	ErrorMessagePermissionDenied        = "您没有权限访问该资源"
+	ErrorMessageUserNotExists           = "用户不存在"
+	ErrorMessageInvalidOldPassword      = "原密码不正确"
+	ErrorMessageUnsupportedCaptchaType  = "不支持的验证码类型"
 )
 
 type UserAPIService struct {
@@ -184,7 +187,51 @@ func (s *UserAPIService) UpdateUser(ctx context.Context, req *pb.User) (*emptypb
 	return &emptypb.Empty{}, nil
 }
 
-func (s *UserAPIService) UpdateUserPassword(ctx context.Context, req *pb.User) (*emptypb.Empty, error) {
+// UpdateUserPassword 更改用户密码
+// 1. 用户更改自身密码：需要验证旧密码
+// 2. 管理员更改用户密码：不需要验证旧密码
+func (s *UserAPIService) UpdateUserPassword(ctx context.Context, req *pb.UpdateUserPasswordRequest) (*emptypb.Empty, error) {
+	userClaims, ok := ctx.Value(auth.CtxKeyUserClaims).(*auth.UserClaims)
+	if !ok || s.dbModel.IsInvalidToken(userClaims.UUID) {
+		return nil, status.Errorf(codes.Unauthenticated, ErrorMessageInvalidToken)
+	}
+
+	err := validate.ValidateStruct(req, map[string]string{"NewPassword": "新密码"})
+	if err != nil {
+		return nil, status.Errorf(codes.InvalidArgument, err.Error())
+	}
+
+	// 更改自己的密码
+	if req.Id <= 0 || req.Id == userClaims.UserId {
+		existUser, _ := s.dbModel.GetUser(userClaims.UserId, "id", "password")
+		if existUser.Id == 0 {
+			return nil, status.Errorf(codes.Unauthenticated, ErrorMessageUserNotExists)
+		}
+
+		if ok, err := unchained.CheckPassword(req.OldPassword, existUser.Password); !ok || err != nil {
+			return nil, status.Errorf(codes.InvalidArgument, ErrorMessageInvalidOldPassword)
+		}
+
+		err = s.dbModel.UpdateUserPassword(userClaims.UserId, req.NewPassword)
+		if err != nil {
+			return nil, status.Errorf(codes.Internal, err.Error())
+		}
+
+		return &emptypb.Empty{}, nil
+	}
+
+	// 管理员更改用户密码
+	fullMethod, _ := ctx.Value(auth.CtxKeyFullMethod).(string)
+	yes := s.dbModel.CheckPermissionByUserId(userClaims.UserId, "", fullMethod)
+	if !yes {
+		return nil, status.Errorf(codes.PermissionDenied, ErrorMessagePermissionDenied)
+	}
+
+	err = s.dbModel.UpdateUserPassword(req.Id, req.NewPassword)
+	if err != nil {
+		return nil, status.Errorf(codes.Internal, err.Error())
+	}
+
 	return &emptypb.Empty{}, nil
 }
 
@@ -216,7 +263,7 @@ func (s *UserAPIService) GetUserCaptcha(ctx context.Context, req *pb.GetUserCapt
 	case "comment":
 		res.Enable = cfgSecurity.EnableCaptchaComment
 	default:
-		return nil, status.Errorf(codes.InvalidArgument, "不支持的验证码类型")
+		return nil, status.Errorf(codes.InvalidArgument, ErrorMessageUnsupportedCaptchaType)
 	}
 
 	if res.Enable {

web/components/FormPassword.vue

@@ -54,7 +54,7 @@
 </template>
 <script>
 import { mapGetters } from 'vuex'
-import { setUserPassword } from '~/api/user'
+import { updateUserPassword } from '~/api/user'
 export default {
   name: 'FormProfile',
   data() {
@@ -84,7 +84,11 @@ export default {
             this.$message.error('新密码和确认密码不一致')
             return
           }
-          const res = await setUserPassword(this.profile)
+          const res = await updateUserPassword({
+            id: this.user.id,
+            old_password: this.profile.old_password,
+            new_password: this.profile.new_password,
+          })
           if (res.status === 200) {
             this.$message.success('密码修改成功')
             this.$refs.formPassword.resetFields()

web/components/FormProfile.vue

@@ -9,17 +9,21 @@
         ></el-input>
       </el-form-item>
       <el-form-item label="真实姓名" prop="realname">
-        <el-input v-model="profile.realname"></el-input>
+        <el-input v-model="profile.realname" clearable></el-input>
+      </el-form-item>
+      <el-form-item label="身份证号">
+        <el-input v-model="profile.identity" clearable></el-input>
       </el-form-item>
       <el-form-item label="电子邮箱">
-        <el-input v-model="profile.email"></el-input>
+        <el-input v-model="profile.email" clearable></el-input>
       </el-form-item>
       <el-form-item label="联系电话">
-        <el-input v-model="profile.mobile"></el-input>
+        <el-input v-model="profile.mobile" clearable></el-input>
       </el-form-item>
       <el-form-item label="联系地址">
         <el-input
           v-model="profile.address"
+          clearable
           type="textarea"
           :rows="3"
         ></el-input>
@@ -28,6 +32,7 @@
         <el-input
           v-model="profile.signature"
           type="textarea"
+          clearable
           :rows="3"
         ></el-input>
       </el-form-item>

web/store/module/user.js

@@ -19,6 +19,9 @@ export const user = {
     setUser(state, user) {
       state.user = user
     },
+    mergeUser(state, user) {
+      state.user = Object.assign(state.user, user)
+    },
     setToken(state, token) {
       state.token = token
     },
@@ -33,18 +36,14 @@ export const user = {
     async getUser({ commit }) {
       const res = await getUser()
       if (res.status === 200) {
-        commit('setUser', res.data.data.user)
+        commit('setUser', res.data.user)
       }
       return res
     },
     async updateUser({ commit }, profile) {
       const res = await updateUser(profile)
       if (res.status === 200) {
-        commit('setUser', res.data.data)
-        Message({
-          type: 'success',
-          message: '修改成功',
-        })
+        commit('mergeUser', profile)
       } else {
         Message({
           type: 'error',