找回密码后端加验证

dev_haigong
cxt 6 years ago
parent 1780153ba2
commit 66a1a9027a

@ -685,7 +685,7 @@ class AccountController < ApplicationController
else else
code = VerificationCode.where(:email => params[:phone], :code => params[:code], :code_type => params[:type].to_i).last code = VerificationCode.where(:email => params[:phone], :code => params[:code], :code_type => params[:type].to_i).last
end end
req[:valid] = !code.nil? && (Time.now.to_i - code.created_at.to_i) <= 10*60
end end
render :json => req render :json => req
end end
@ -1183,24 +1183,31 @@ class AccountController < ApplicationController
def reset_psd def reset_psd
if params[:lost_psd_phone] && params[:lost_psd_phone].strip != "" if params[:lost_psd_phone] && params[:lost_psd_phone].strip != ""
@user = User.where("phone = '#{params[:lost_psd_phone].to_s}'").first @user = User.where("phone = '#{params[:lost_psd_phone].to_s}'").first
code = VerificationCode.where(:phone => params[:lost_psd_phone], :code => params[:code], :code_type => 2).last
elsif params[:lost_psd_email] && params[:lost_psd_email].strip != "" elsif params[:lost_psd_email] && params[:lost_psd_email].strip != ""
@user = User.where("mail = '#{params[:lost_psd_email].to_s}'").first @user = User.where("mail = '#{params[:lost_psd_email].to_s}'").first
code = VerificationCode.where(:email => params[:lost_psd_email], :code => params[:code], :code_type => 3).last
end end
if @user.present? if !code.nil? && (Time.now.to_i - code.created_at.to_i) <= 10*60
@user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation] if @user.present?
if @user.save @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
Token.where(:user_id => @user, :action => "recovery").destroy_all if @user.save
respond_to do |format| Token.where(:user_id => @user, :action => "recovery").destroy_all
format.js respond_to do |format|
format.js
end
else
redirect_to signin_path
return
end end
else else
redirect_to signin_path redirect_to signin_path
return return
end end
else else
redirect_to signin_path @status = 0
return
end end
end end

@ -28,7 +28,7 @@
<div style="height: 25px"><p class="color-orange edu-txt-left none" id="reset_password_confirmation_notice">两次输入的密码不一致</p></div> <div style="height: 25px"><p class="color-orange edu-txt-left none" id="reset_password_confirmation_notice">两次输入的密码不一致</p></div>
<p class="clearfix mt10"> <p class="clearfix mt10">
<input type="text" class="input-48-45 edu-txt-center fl" id="lost_psd_ver_code" placeholder="请输入验证码"/> <input type="text" class="input-48-45 edu-txt-center fl" name="code" id="lost_psd_ver_code" placeholder="请输入验证码"/>
<a href="javascript:void(0);" disabled onclick="get_lost_psd_code(this);" class="gain-code" id="lost_psd_get_code">获取验证码</a> <a href="javascript:void(0);" disabled onclick="get_lost_psd_code(this);" class="gain-code" id="lost_psd_get_code">获取验证码</a>
<div style="height: 25px"> <div style="height: 25px">
<p class="color-orange edu-txt-left none" id="lost_psd_input_testcode">发送验证码</p> <p class="color-orange edu-txt-left none" id="lost_psd_input_testcode">发送验证码</p>

@ -1 +1,5 @@
<% if @status.present? %>
notice_box("验证码有误,请重新输入");
<% else %>
notice_box_redirect("<%= signin_path %>", "登录密码已重置,请重新登录"); notice_box_redirect("<%= signin_path %>", "登录密码已重置,请重新登录");
<% end %>
Loading…
Cancel
Save