diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index 0b4a5841..21b22de2 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -685,7 +685,7 @@ class AccountController < ApplicationController else code = VerificationCode.where(:email => params[:phone], :code => params[:code], :code_type => params[:type].to_i).last end - req[:valid] = !code.nil? && (Time.now.to_i - code.created_at.to_i) <= 10*60 + end render :json => req end @@ -1183,24 +1183,31 @@ class AccountController < ApplicationController def reset_psd if params[:lost_psd_phone] && params[:lost_psd_phone].strip != "" @user = User.where("phone = '#{params[:lost_psd_phone].to_s}'").first + code = VerificationCode.where(:phone => params[:lost_psd_phone], :code => params[:code], :code_type => 2).last + elsif params[:lost_psd_email] && params[:lost_psd_email].strip != "" @user = User.where("mail = '#{params[:lost_psd_email].to_s}'").first + code = VerificationCode.where(:email => params[:lost_psd_email], :code => params[:code], :code_type => 3).last end - if @user.present? - @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation] - if @user.save - Token.where(:user_id => @user, :action => "recovery").destroy_all - respond_to do |format| - format.js + if !code.nil? && (Time.now.to_i - code.created_at.to_i) <= 10*60 + if @user.present? + @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation] + if @user.save + Token.where(:user_id => @user, :action => "recovery").destroy_all + respond_to do |format| + format.js + end + else + redirect_to signin_path + return end else redirect_to signin_path return end else - redirect_to signin_path - return + @status = 0 end end diff --git a/app/views/account/lost_password.html.erb b/app/views/account/lost_password.html.erb index cc6170f7..93e6615a 100644 --- a/app/views/account/lost_password.html.erb +++ b/app/views/account/lost_password.html.erb @@ -28,7 +28,7 @@

两次输入的密码不一致

- + 获取验证码

发送验证码

diff --git a/app/views/account/reset_psd.js.erb b/app/views/account/reset_psd.js.erb index 851d151c..0e5143b2 100644 --- a/app/views/account/reset_psd.js.erb +++ b/app/views/account/reset_psd.js.erb @@ -1 +1,5 @@ -notice_box_redirect("<%= signin_path %>", "登录密码已重置,请重新登录"); \ No newline at end of file +<% if @status.present? %> +notice_box("验证码有误,请重新输入"); +<% else %> +notice_box_redirect("<%= signin_path %>", "登录密码已重置,请重新登录"); +<% end %> \ No newline at end of file