Spaces:
Running
Running
Upload router_users.py
Browse files- router_users.py +26 -6
router_users.py
CHANGED
|
@@ -263,14 +263,14 @@ async def update_user_profile(account: str, update_data: UserUpdate):
|
|
| 263 |
|
| 264 |
|
| 265 |
# ==========================================
|
| 266 |
-
# 🚀
|
| 267 |
# ==========================================
|
| 268 |
@router.post("/api/users/reset_password")
|
| 269 |
async def reset_password(request: Request):
|
| 270 |
# 1. 万能解析器:兼容 JSON、双重字符串化、以及 FormData
|
| 271 |
try:
|
| 272 |
data = await request.json()
|
| 273 |
-
if isinstance(data, str):
|
| 274 |
data = json.loads(data)
|
| 275 |
except:
|
| 276 |
try:
|
|
@@ -282,12 +282,14 @@ async def reset_password(request: Request):
|
|
| 282 |
if not isinstance(data, dict):
|
| 283 |
raise HTTPException(status_code=400, detail=f"前端数据格式异常,收到的是: {type(data).__name__}")
|
| 284 |
|
| 285 |
-
# 2. 万能提取器
|
| 286 |
account = data.get("account")
|
| 287 |
new_password = data.get("new_password") or data.get("password")
|
| 288 |
verify_contact = data.get("verifyContact") or data.get("verify_contact") or data.get("email") or data.get("phone")
|
| 289 |
verify_type = data.get("verifyType") or data.get("verify_type") or data.get("contact_type")
|
| 290 |
-
|
|
|
|
|
|
|
| 291 |
|
| 292 |
if not all([account, new_password, verify_contact, verify_type, code]):
|
| 293 |
raise HTTPException(status_code=400, detail="缺失必要参数 (账号/密码/验证码/联系方式),请检查表单")
|
|
@@ -302,12 +304,30 @@ async def reset_password(request: Request):
|
|
| 302 |
if verify_type == "phone" and user.get("phone") != verify_contact:
|
| 303 |
raise HTTPException(status_code=400, detail="填写的手机号与该账号绑定的手机号不匹配")
|
| 304 |
|
|
|
|
|
|
|
|
|
|
| 305 |
cache_key = f"{verify_contact}_reset"
|
| 306 |
cached = VERIFY_CODES.get(cache_key)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 307 |
expire_time = cached.get("expires_at", cached.get("expires", 0)) if cached else 0
|
| 308 |
|
| 309 |
-
if
|
| 310 |
-
raise HTTPException(status_code=400, detail="验证码
|
|
|
|
|
|
|
|
|
|
|
|
|
| 311 |
|
| 312 |
if len(new_password) < 6: raise HTTPException(status_code=400, detail="新密码必须大于等于6个字符")
|
| 313 |
if not re.match(r'^[a-zA-Z0-9!@#$%^&*()_+\-=\[\]{};\':"\\|,.<>\/?]{6,}$', new_password): raise HTTPException(status_code=400, detail="新密码包含不支持的特殊字符")
|
|
|
|
| 263 |
|
| 264 |
|
| 265 |
# ==========================================
|
| 266 |
+
# 🚀 究极重置密码接口:带智能纠错与透视报错
|
| 267 |
# ==========================================
|
| 268 |
@router.post("/api/users/reset_password")
|
| 269 |
async def reset_password(request: Request):
|
| 270 |
# 1. 万能解析器:兼容 JSON、双重字符串化、以及 FormData
|
| 271 |
try:
|
| 272 |
data = await request.json()
|
| 273 |
+
if isinstance(data, str):
|
| 274 |
data = json.loads(data)
|
| 275 |
except:
|
| 276 |
try:
|
|
|
|
| 282 |
if not isinstance(data, dict):
|
| 283 |
raise HTTPException(status_code=400, detail=f"前端数据格式异常,收到的是: {type(data).__name__}")
|
| 284 |
|
| 285 |
+
# 2. 万能提取器 + 强力空格清洗
|
| 286 |
account = data.get("account")
|
| 287 |
new_password = data.get("new_password") or data.get("password")
|
| 288 |
verify_contact = data.get("verifyContact") or data.get("verify_contact") or data.get("email") or data.get("phone")
|
| 289 |
verify_type = data.get("verifyType") or data.get("verify_type") or data.get("contact_type")
|
| 290 |
+
|
| 291 |
+
# 🚀 强力洗消:不管前端传什么脏数据,统统转字符串并去掉头尾空格
|
| 292 |
+
code = str(data.get("code", "")).strip()
|
| 293 |
|
| 294 |
if not all([account, new_password, verify_contact, verify_type, code]):
|
| 295 |
raise HTTPException(status_code=400, detail="缺失必要参数 (账号/密码/验证码/联系方式),请检查表单")
|
|
|
|
| 304 |
if verify_type == "phone" and user.get("phone") != verify_contact:
|
| 305 |
raise HTTPException(status_code=400, detail="填写的手机号与该账号绑定的手机号不匹配")
|
| 306 |
|
| 307 |
+
# ==========================================
|
| 308 |
+
# 🚀 核心排雷:智能内存查找与透视报错
|
| 309 |
+
# ==========================================
|
| 310 |
cache_key = f"{verify_contact}_reset"
|
| 311 |
cached = VERIFY_CODES.get(cache_key)
|
| 312 |
+
|
| 313 |
+
# 如果精准匹配找不到,就去内存池里进行“模糊搜索”(解决前端 action_type 传参误差)
|
| 314 |
+
if not cached:
|
| 315 |
+
fallback_keys = [k for k in VERIFY_CODES.keys() if verify_contact in k]
|
| 316 |
+
if fallback_keys:
|
| 317 |
+
cache_key = fallback_keys[0]
|
| 318 |
+
cached = VERIFY_CODES.get(cache_key)
|
| 319 |
+
else:
|
| 320 |
+
# 💥 透视眼:如果真找不到,直接把后端真实收到的邮箱弹出来给你看!
|
| 321 |
+
raise HTTPException(status_code=400, detail=f"验证码内存已丢失!请重新点击发送。当前识别提取的邮箱是: [{verify_contact}]")
|
| 322 |
+
|
| 323 |
expire_time = cached.get("expires_at", cached.get("expires", 0)) if cached else 0
|
| 324 |
|
| 325 |
+
if time.time() > expire_time:
|
| 326 |
+
raise HTTPException(status_code=400, detail="验证码已过期,请重新获取")
|
| 327 |
+
|
| 328 |
+
if cached["code"] != code:
|
| 329 |
+
# 💥 透视眼:如果输错了,直接把正确答案亮出来!
|
| 330 |
+
raise HTTPException(status_code=400, detail=f"验证码不匹配!你输入的是 [{code}],系统记录的是 [{cached['code']}]")
|
| 331 |
|
| 332 |
if len(new_password) < 6: raise HTTPException(status_code=400, detail="新密码必须大于等于6个字符")
|
| 333 |
if not re.match(r'^[a-zA-Z0-9!@#$%^&*()_+\-=\[\]{};\':"\\|,.<>\/?]{6,}$', new_password): raise HTTPException(status_code=400, detail="新密码包含不支持的特殊字符")
|