fixed 密码处理，兼容base64

app/controllers/accounts_controller.rb

@@ -144,7 +144,7 @@ class AccountsController < ApplicationController
 
       user = Users::RegisterService.call(register_params)
       user.mail = "#{user.login}@example.org" if user.mail.blank?
-      password = decrypt(register_params[:password]) rescue ""
+      password = decrypt(register_params[:password]) rescue register_params[:password].to_s
       password = password.strip
 
       # gitea用户注册, email, username, password
@@ -195,7 +195,7 @@ class AccountsController < ApplicationController
 
   # 用户登录
   def login
-    password = decrypt(login_params[:password]) rescue ""
+    password = decrypt(login_params[:password]) rescue login_params[:password].to_s
     Users::LoginForm.new(login_params.merge!({password: password})).validate!
     @user = User.try_to_login(params[:login], password)
 
@@ -225,9 +225,9 @@ class AccountsController < ApplicationController
   end
 
   def change_password 
-    password = decrypt(params[:password]) rescue ""
+    password = decrypt(params[:password]) rescue params[:password].to_s
-    new_password_repeat = decrypt(params[:new_password_repeat]) rescue ""
+    new_password_repeat = decrypt(params[:new_password_repeat]) rescue params[:new_password_repeat].to_s
-    old_password = decrypt(params[:old_password]) rescue ""
+    old_password = decrypt(params[:old_password]) rescue params[:old_password]
     return render_error("两次输入的密码不一致") if password.to_s != new_password_repeat.to_s
     @user = User.find_by(login: params[:login])
     return render_forbidden unless User.current.login == @user&.login

app/controllers/api/v1/users_controller.rb

@@ -54,7 +54,7 @@ class Api::V1::UsersController < Api::V1::BaseController
   end
 
   def check_password 
-    password = decrypt(params[:password]) rescue ""
+    password = decrypt(params[:password]) rescue params[:password].to_s
     return tip_exception(-5, "8~16位密码，支持字母数字和符号") unless password =~ CustomRegexp::PASSWORD
     return tip_exception(-5, "密码错误") unless @observe_user.check_password?(password)
     render_ok
@@ -127,7 +127,7 @@ class Api::V1::UsersController < Api::V1::BaseController
 
 
   def destroy
-    password = decrypt(params[:password]) rescue ""
+    password = decrypt(params[:password]) rescue params[:password].to_s
     return tip_exception(-1, "密码不正确.")  unless @observe_user.check_password?(password)
     org_ids = TeamUser.where(user_id: @observe_user.id).pluck(:organization_id) | OrganizationUser.where(user_id: @observe_user.id).pluck(:organization_id)
     org_count = TeamUser.where(organization_id: org_ids).where(user_id: @observe_user.id).joins(:team).where(teams: {authorize: %w(owner)}).count

app/controllers/organizations/organizations_controller.rb

@@ -140,7 +140,7 @@ class Organizations::OrganizationsController < Organizations::BaseController
   end
 
   def password
-    decrypt(params[:password]) rescue ""
+    decrypt(params[:password]) rescue params[:password].to_s
   end
 
   def load_organization

app/forms/base_form.rb

@@ -54,14 +54,14 @@ class BaseForm
   end
 
   def check_password(password)
-    password = decrypt(password) rescue ""
+    password = decrypt(password) rescue password
     password = strip(password)
     raise PasswordFormatError, "密码8~16位密码，支持字母数字和符号" unless password =~ CustomRegexp::PASSWORD
   end
 
   def check_password_confirmation(password, password_confirmation)
-    password = decrypt(password) rescue ""
+    password = decrypt(password) rescue password
-    password_confirmation = decrypt(password_confirmation) rescue ""
+    password_confirmation = decrypt(password_confirmation) rescue password_confirmation
 
     password = strip(password)
     password_confirmation = strip(password_confirmation)

app/services/accounts/reset_password_service.rb

@@ -4,8 +4,8 @@ module Accounts
     # login、code、password、password_confirmation
     def initialize(user, params)
       @user      = user
-      @password  = decrypt(params[:password]) rescue ""
+      @password  = decrypt(params[:password]) rescue params[:password].to_s
-      @password_confirmation = decrypt(params[:password_confirmation]) rescue ""
+      @password_confirmation = decrypt(params[:password_confirmation]) rescue params[:password_confirmation].to_s
     end
 
     def call

app/services/api/v1/users/update_email_service.rb

@@ -11,7 +11,7 @@ class Api::V1::Users::UpdateEmailService < ApplicationService
   def initialize(user, params, token =nil)
     @user = user 
     @token = token 
-    @password = decrypt(params[:password]) rescue ""
+    @password = decrypt(params[:password]) rescue params[:password].to_s
     @mail = params[:email]
     @old_mail = user.mail
     @code = params[:code]

app/services/api/v1/users/update_phone_service.rb

@@ -9,7 +9,7 @@ class Api::V1::Users::UpdatePhoneService < ApplicationService
 
   def initialize(user, params)
     @user = user 
-    @password = decrypt(params[:password]) rescue ""
+    @password = decrypt(params[:password]) rescue params[:password].to_s
     @phone = params[:phone]
     @code = params[:code]
     @verify_code = VerificationCode.where(phone: @phone, code_type: 4).last

app/services/users/register_service.rb

@@ -4,7 +4,7 @@ class Users::RegisterService < ApplicationService
   def initialize(params)
     @login     = params[:login]
     @namespace = params[:namespace]
-    @password  = decrypt(params[:password]) rescue ""
+    @password  = decrypt(params[:password]) rescue params[:password].to_s
     @code      = params[:code]
   end