set-pwd.js

const { userCollection, SMS_SCENE, LOG_TYPE, CAPTCHA_SCENE } = require('../../common/constants')
const { ERROR } = require('../../common/error')
const { verifyMobileCode } = require('../../lib/utils/verify-code')
const PasswordUtils = require('../../lib/utils/password')
const { getNeedCaptcha, verifyCaptcha } = require('../../lib/utils/captcha')

module.exports = async function (params = {}) {
  const schema = {
    password: 'password',
    code: 'string',
    captcha: {
      required: false,
      type: 'string'
    }
  }
  this.middleware.validate(params, schema)

  const { password, code, captcha } = params
  const uid = this.authInfo.uid
  const getUserRes = await userCollection.doc(uid).get()
  const userRecord = getUserRes.data[0]
  if (!userRecord) {
    throw {
      errCode: ERROR.ACCOUNT_NOT_EXISTS
    }
  }

  const needCaptcha = await getNeedCaptcha.call(this, {
    mobile: userRecord.mobile
  })

  if (needCaptcha) {
    await verifyCaptcha.call(this, {
      captcha,
      scene: CAPTCHA_SCENE.SET_PWD_BY_SMS
    })
  }

  try {
    // 验证手机号验证码，验证不通过时写入失败日志
    await verifyMobileCode({
      mobile: userRecord.mobile,
      code,
      scene: SMS_SCENE.SET_PWD_BY_SMS
    })
  } catch (error) {
    await this.middleware.uniIdLog({
      data: {
        mobile: userRecord.mobile
      },
      type: LOG_TYPE.SET_PWD_BY_SMS,
      success: false
    })
    throw error
  }

  const {
    passwordHash,
    version
  } = new PasswordUtils({
    clientInfo: this.getUniversalClientInfo(),
    passwordSecret: this.config.passwordSecret
  }).generatePasswordHash({
    password
  })

  // 更新用户密码
  await userCollection.doc(uid).update({
    password: passwordHash,
    password_secret_version: version
  })

  await this.middleware.uniIdLog({
    data: {
      mobile: userRecord.mobile
    },
    type: LOG_TYPE.SET_PWD_BY_SMS
  })

  return {
    errCode: 0
  }
}