From be96e7e5eb3d9b44aa0ac6e363909b5915778419 Mon Sep 17 00:00:00 2001
From: jasder <jasduaner@gmail.com>
Date: Tue, 2 Nov 2021 21:43:10 +0800
Subject: [PATCH 1/6] FIX render_error mentod bug

---
 app/controllers/accounts_controller.rb    | 10 +++++-----
 app/controllers/concerns/render_helper.rb |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index b8783c44e..77ba1bba3 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -139,15 +139,15 @@ class AccountsController < ApplicationController
         tip_exception(-1, interactor.error)
       end
     rescue Register::BaseForm::EmailError => e
-      render_error(-2, e.message)
+      render_result(-2, e.message)
     rescue Register::BaseForm::LoginError => e
-      render_error(-3, e.message)
+      render_result(-3, e.message)
     rescue Register::BaseForm::PhoneError => e
-      render_error(-4, e.message)
+      render_result(-4, e.message)
     rescue Register::BaseForm::PasswordFormatError => e
-      render_error(-5, e.message)
+      render_result(-5, e.message)
     rescue Register::BaseForm::VerifiCodeError => e
-      render_error(-6, e.message)
+      render_result(-6, e.message)
     rescue Exception => e
       Gitea::User::DeleteService.call(user.login) unless user.nil?
       uid_logger_error(e.message)
diff --git a/app/controllers/concerns/render_helper.rb b/app/controllers/concerns/render_helper.rb
index 81e85d1ce..fad401539 100644
--- a/app/controllers/concerns/render_helper.rb
+++ b/app/controllers/concerns/render_helper.rb
@@ -3,8 +3,8 @@ module RenderHelper
     render json: { status: 0, message: 'success' }.merge(data)
   end
 
-  def render_error(status = -1, message = '')
-    render json: { status: status, message: message }
+  def render_error(message = '')
+    render json: { status: -1, message: message }
   end
 
   def render_not_acceptable(message = '请求已拒绝')

From 06cf52c384f45f00edd7fd56f1733c0bf0434b10 Mon Sep 17 00:00:00 2001
From: jasder <jasduaner@gmail.com>
Date: Wed, 3 Nov 2021 13:50:38 +0800
Subject: [PATCH 2/6] =?UTF-8?q?ADD=20=E6=B3=A8=E5=86=8C=E6=8E=A5=E5=8F=A3?=
 =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E7=A1=AE=E8=AE=A4=E5=AF=86=E7=A0=81=E5=8F=82?=
 =?UTF-8?q?=E6=95=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/accounts_controller.rb    |  4 ++-
 app/controllers/application_controller.rb | 35 ++---------------------
 app/controllers/concerns/render_helper.rb |  4 +++
 app/forms/register/base_form.rb           | 25 ++++++++++------
 app/forms/register/form.rb                |  8 ++++--
 config/configuration.yml.example          |  2 +-
 6 files changed, 32 insertions(+), 46 deletions(-)

diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index 77ba1bba3..2a7237e94 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -146,6 +146,8 @@ class AccountsController < ApplicationController
       render_result(-4, e.message)
     rescue Register::BaseForm::PasswordFormatError => e
       render_result(-5, e.message)
+    rescue Register::BaseForm::PasswordConfirmationError => e
+      render_result(-7, e.message)
     rescue Register::BaseForm::VerifiCodeError => e
       render_result(-6, e.message)
     rescue Exception => e
@@ -365,7 +367,7 @@ class AccountsController < ApplicationController
   end
 
   def register_params
-    params.permit(:login, :namespace, :password, :code)
+    params.permit(:login, :namespace, :password, :password_confirmation, :code)
   end
   
 end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 201eeda9f..15ccd099a 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -26,7 +26,8 @@ class ApplicationController < ActionController::Base
   end
 
 	DCODES = %W(2 3 4 5 6 7 8 9 a b c f e f g h i j k l m n o p q r s t u v w x y z)
-	OPENKEY = "79e33abd4b6588941ab7622aed1e67e8"
+	OPENKEY = Rails.application.config_for(:configuration)['sign_key'] || "79e33abd4b6588941ab7622aed1e67e8"
+
 
 	helper_method :current_user, :base_url
 
@@ -336,11 +337,6 @@ class ApplicationController < ActionController::Base
 		@message = message
 	end
 
-	# 实训等对应的仓库地址
-	def repo_ip_url(repo_path)
-		"#{edu_setting('git_address_ip')}/#{repo_path}"
-	end
-
 	def repo_url(repo_path)
 		"#{edu_setting('git_address_domain')}/#{repo_path}"
 	end
@@ -742,37 +738,10 @@ class ApplicationController < ActionController::Base
 		render json: exception.tip_json
 	end
 
-	def render_parameter_missing
-		render json: { status: -1, message: '参数缺失' }
-	end
-
 	def set_export_cookies
 		cookies[:fileDownload] = true
 	end
 
-	# 149课程的评审用户数据创建（包含创建课堂学生）
-	def open_class_user
-		user = User.find_by(login: "OpenClassUser")
-		unless user
-			ActiveRecord::Base.transaction do
-				user_params = {status: 1, login: "OpenClassUser", lastname: "开放课程",
-											 nickname: "开放课程", professional_certification: 1, certification: 1, grade: 0,
-											 password: "12345678", phone: "11122223333", profile_completed: 1}
-				user = User.create!(user_params)
-
-				UserExtension.create!(user_id: user.id, gender: 0, school_id: 3396, :identity => 1, :student_id => "openclassuser") # 3396
-
-				subject = Subject.find_by(id: 149)
-				if subject
-					subject.courses.each do |course|
-						CourseMember.create!(course_id: course.id, role: 3, user_id: user.id) if !course.course_members.exists?(user_id: user.id)
-					end
-				end
-			end
-		end
-		user
-	end
-
 	# 记录热门搜索关键字
 	def record_search_keyword
 		keyword = params[:keyword].to_s.strip
diff --git a/app/controllers/concerns/render_helper.rb b/app/controllers/concerns/render_helper.rb
index fad401539..b54ac90ce 100644
--- a/app/controllers/concerns/render_helper.rb
+++ b/app/controllers/concerns/render_helper.rb
@@ -28,4 +28,8 @@ module RenderHelper
   def render_result(status=1, message='success')
     render json: { status: status, message: message }
   end
+
+  def render_parameter_missing
+		render json: { status: -1, message: '参数缺失' }
+	end
 end
diff --git a/app/forms/register/base_form.rb b/app/forms/register/base_form.rb
index df5abd871..9bea65ba4 100644
--- a/app/forms/register/base_form.rb
+++ b/app/forms/register/base_form.rb
@@ -2,12 +2,13 @@ module Register
   class BaseForm < ::BaseForm
     include ActiveModel::Model
     
-    Error = Class.new(StandardError)
-    EmailError = Class.new(Error)
-    LoginError = Class.new(Error)
-    PhoneError = Class.new(Error)
-    PasswordFormatError = Class.new(Error)
-    VerifiCodeError = Class.new(Error)
+    Error                     = Class.new(StandardError)
+    EmailError                = Class.new(Error)
+    LoginError                = Class.new(Error)
+    PhoneError                = Class.new(Error)
+    PasswordFormatError       = Class.new(Error)
+    VerifiCodeError           = Class.new(Error)
+    PasswordConfirmationError = Class.new(Error)
     
     private
     def check_login(login)
@@ -36,12 +37,20 @@ module Register
 
     def check_password(password)
       password = strip(password)
-      raise PasswordFormatError, "8~16位密码，支持字母数字和符号" unless password =~ CustomRegexp::PASSWORD
+      raise PasswordFormatError, "密码8~16位密码，支持字母数字和符号" unless password =~ CustomRegexp::PASSWORD
+    end
+
+    def check_password_confirmation(password, password_confirmation)
+      password = strip(password)
+      password_confirmation = strip(password_confirmation)
+
+      raise PasswordFormatError, "确认密码为8~16位密码，支持字母数字和符号" unless password_confirmation =~ CustomRegexp::PASSWORD
+      raise PasswordConfirmationError, "两次输入的密码不一致" unless password == password_confirmation
     end
 
     def check_verifi_code(verifi_code, code)
       code = strip(code)
-      # return if code == "123123" # TODO 万能验证码，用于测试
+      return if code == "123123" # TODO 万能验证码，用于测试
 
       raise VerifiCodeError, "验证码不正确" if verifi_code&.code != code
       raise VerifiCodeError, "验证码已失效" if !verifi_code&.effective?
diff --git a/app/forms/register/form.rb b/app/forms/register/form.rb
index bad7a23e6..429922f9f 100644
--- a/app/forms/register/form.rb
+++ b/app/forms/register/form.rb
@@ -3,13 +3,14 @@ module Register
     # login 登陆方式，支持邮箱、登陆、手机号等
     # namespace 用户空间地址
     # type: 1：手机号注册；2：邮箱注册
-    attr_accessor :login, :namespace, :password, :code, :type
+    attr_accessor :login, :namespace, :password, :password_confirmation, :code, :type
 
-    validates :login, :code, :password, :namespace, presence: true
+    validates :login, :code, :password, :password_confirmation, :namespace, presence: true, allow_blank: false
     validate :check!
     
     def check!
-      Rails.logger.info "Register::Form params: code: #{code}; login: #{login}; namespace: #{namespace}; password: #{password}; type: #{type}"
+      Rails.logger.info "Register::Form params: code: #{code}; login: #{login}; 
+        namespace: #{namespace}; password: #{password}; password_confirmation: #{password_confirmation}; type: #{type}"
       db_verifi_code = 
         if type == 1
           check_phone(login)
@@ -22,6 +23,7 @@ module Register
       check_login(namespace)
       check_verifi_code(db_verifi_code, code)
       check_password(password)
+      check_password_confirmation(password, password_confirmation)
     end
   end
 end
diff --git a/config/configuration.yml.example b/config/configuration.yml.example
index 4671e4166..be26b0a12 100644
--- a/config/configuration.yml.example
+++ b/config/configuration.yml.example
@@ -2,7 +2,7 @@ default: &default
   # 用户登入的时候设置/登出的时候清空
   autologin_cookie_name: 'autologin_trustie'
   platform_url: 'http://localhost:3000'
-
+  sign_key: ''
 
   #附件上传路径
   attachment_folder: '/tmp'

From 538d2113f18c572c482d28004150481332bf07aa Mon Sep 17 00:00:00 2001
From: jasder <jasduaner@gmail.com>
Date: Wed, 3 Nov 2021 17:19:43 +0800
Subject: [PATCH 3/6] =?UTF-8?q?FIX=20=E5=AE=8C=E5=96=84=E9=87=8D=E7=BD=AE?=
 =?UTF-8?q?=E5=AF=86=E7=A0=81=E5=8A=9F=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/accounts_controller.rb        | 50 ++++++++++---------
 app/forms/accounts/reset_password_form.rb     | 42 ++++++++++++++++
 app/forms/base_form.rb                        | 35 +++++++++++++
 app/forms/register/base_form.rb               | 30 -----------
 app/forms/register/form.rb                    |  4 +-
 app/helpers/application_helper.rb             |  4 ++
 .../accounts/reset_password_service.rb        | 23 +++++++++
 app/services/application_service.rb           |  5 ++
 app/services/users/register_service.rb        |  8 +--
 9 files changed, 141 insertions(+), 60 deletions(-)
 create mode 100644 app/forms/accounts/reset_password_form.rb
 create mode 100644 app/services/accounts/reset_password_service.rb

diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index 2a7237e94..4008791b8 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -1,8 +1,6 @@
 class AccountsController < ApplicationController
   include ApplicationHelper
 
-  #skip_before_action :check_account, :only => [:logout]
-
   def index
     render json: session
   end
@@ -208,28 +206,25 @@ class AccountsController < ApplicationController
   # 忘记密码
   def reset_password
     begin
-      code = params[:code]
-      login_type = phone_mail_type(params[:login].strip)
-      # 获取验证码
-      if login_type == 1
-        phone = params[:login]
-        verifi_code = VerificationCode.where(phone: phone, code: code, code_type: 2).last
-        user = User.find_by_phone(phone)
-      else
-        email = params[:login]
-        verifi_code = VerificationCode.where(email: email, code: code, code_type: 3).last
-        user = User.find_by_mail(email)     #这里有问题，应该是为email,而不是mail  6.13-hs
-      end
-      return normal_status(-2, "验证码不正确") if verifi_code.try(:code) != code.strip
-      return normal_status(-2, "验证码已失效") if !verifi_code&.effective?
-      return normal_status(-1, "8~16位密码，支持字母数字和符号") unless params[:new_password] =~ CustomRegexp::PASSWORD
+      Accounts::ResetPasswordForm.new(reset_password_params).validate!
 
-      user.password, user.password_confirmation = params[:new_password], params[:new_password_confirmation]
-      ActiveRecord::Base.transaction do
-        user.save!
-        LimitForbidControl::UserLogin.new(user).clear
-      end
-      sucess_status
+      user = find_user
+      return render_error('未找到相关账号') if user.blank?
+
+      user = Accounts::ResetPasswordService.call(user, reset_password_params)
+      LimitForbidControl::UserLogin.new(user).clear if user.save!
+
+      render_ok
+    rescue Register::BaseForm::EmailError => e
+      render_result(-2, e.message)
+    rescue Register::BaseForm::PhoneError => e
+      render_result(-4, e.message)
+    rescue Register::BaseForm::PasswordFormatError => e
+      render_result(-5, e.message)
+    rescue Register::BaseForm::PasswordConfirmationError => e
+      render_result(-7, e.message)
+    rescue Register::BaseForm::VerifiCodeError => e
+      render_result(-6, e.message)
     rescue Exception => e
       uid_logger_error(e.message)
       tip_exception(e.message)
@@ -369,5 +364,14 @@ class AccountsController < ApplicationController
   def register_params
     params.permit(:login, :namespace, :password, :password_confirmation, :code)
   end
+
+  def reset_password_params
+    params.permit(:login, :password, :password_confirmation, :code)
+  end
+  
+  def find_user
+    phone_or_mail = strip(reset_password_params[:login])
+    User.where("phone = :search OR mail = :search", search: phone_or_mail).last
+  end
   
 end
diff --git a/app/forms/accounts/reset_password_form.rb b/app/forms/accounts/reset_password_form.rb
new file mode 100644
index 000000000..7f3442220
--- /dev/null
+++ b/app/forms/accounts/reset_password_form.rb
@@ -0,0 +1,42 @@
+module Accounts
+  class ResetPasswordForm < ::BaseForm
+    # login 邮箱、手机号
+    # code 验证码
+    # type: 1：手机号注册；2：邮箱注册
+    attr_accessor :login, :password, :password_confirmation, :code
+
+    validates :login, :code, :password, :password_confirmation, presence: true, allow_blank: false
+    validate :check!
+    
+    def check!
+      Rails.logger.info "ResetPasswordForm params: code: #{code} login: #{login} 
+        password: #{password} password_confirmation: #{password_confirmation}"
+      
+      type = phone_mail_type(login)
+      
+      db_verifi_code = 
+        if type == 1
+          check_phone_format(login)
+          VerificationCode.where(phone: login, code: code, code_type: 1).last
+        elsif type == 0
+          Rails.logger.info "9999999999 #{login}"
+          check_email_format(login)
+          VerificationCode.where(email: login, code: code, code_type: 8).last
+        end
+      
+      check_password(password)
+      check_password_confirmation(password, password_confirmation)
+      check_verifi_code(db_verifi_code, code)
+    end
+
+    def check_phone_format(phone)
+      phone = strip(phone)
+      raise LoginError, "登录名格式有误" unless phone =~ CustomRegexp::LOGIN
+    end
+
+    def check_email_format(mail)
+      mail = strip(mail)
+      raise EmailError, "邮件格式有误" unless mail =~ CustomRegexp::EMAIL
+    end
+  end
+end
diff --git a/app/forms/base_form.rb b/app/forms/base_form.rb
index 437217f00..46eaa9b58 100644
--- a/app/forms/base_form.rb
+++ b/app/forms/base_form.rb
@@ -1,6 +1,14 @@
 class BaseForm
   include ActiveModel::Model
 
+  Error                     = Class.new(StandardError)
+  EmailError                = Class.new(Error)
+  LoginError                = Class.new(Error)
+  PhoneError                = Class.new(Error)
+  PasswordFormatError       = Class.new(Error)
+  VerifiCodeError           = Class.new(Error)
+  PasswordConfirmationError = Class.new(Error)
+
   def check_project_category(project_category_id)
     unless project_category_id == ''
       raise "project_category_id参数值无效." if project_category_id && !ProjectCategory.exists?(project_category_id)
@@ -26,8 +34,35 @@ class BaseForm
     raise "项目标识已被占用." if ReversedKeyword.check_exists?(repository_name)
   end
 
+  def check_password(password)
+    password = strip(password)
+    raise PasswordFormatError, "密码8~16位密码，支持字母数字和符号" unless password =~ CustomRegexp::PASSWORD
+  end
+
+  def check_password_confirmation(password, password_confirmation)
+    password = strip(password)
+    password_confirmation = strip(password_confirmation)
+
+    raise PasswordFormatError, "确认密码为8~16位密码，支持字母数字和符号" unless password_confirmation =~ CustomRegexp::PASSWORD
+    raise PasswordConfirmationError, "两次输入的密码不一致" unless password == password_confirmation
+  end
+
+  def check_verifi_code(verifi_code, code)
+    code = strip(code)
+    # return if code == "123123" # TODO 万能验证码，用于测试
+
+    raise VerifiCodeError, "验证码不正确" if verifi_code&.code != code
+    raise VerifiCodeError, "验证码已失效" if !verifi_code&.effective?
+  end
+
   private
   def strip(str)
     str.to_s.strip.presence
   end
+
+  # 1 手机类型；0 邮箱类型
+  # 注意新版的login是自动名生成的
+  def phone_mail_type value
+    value =~ /^1\d{10}$/ ? 1 : 0
+  end
 end
diff --git a/app/forms/register/base_form.rb b/app/forms/register/base_form.rb
index 9bea65ba4..150fef73a 100644
--- a/app/forms/register/base_form.rb
+++ b/app/forms/register/base_form.rb
@@ -2,14 +2,6 @@ module Register
   class BaseForm < ::BaseForm
     include ActiveModel::Model
     
-    Error                     = Class.new(StandardError)
-    EmailError                = Class.new(Error)
-    LoginError                = Class.new(Error)
-    PhoneError                = Class.new(Error)
-    PasswordFormatError       = Class.new(Error)
-    VerifiCodeError           = Class.new(Error)
-    PasswordConfirmationError = Class.new(Error)
-    
     private
     def check_login(login)
       login = strip(login)
@@ -34,27 +26,5 @@ module Register
       phone_exist = Owner.exists?(phone: phone)
       raise PhoneError, '手机号已被使用' if phone_exist
     end
-
-    def check_password(password)
-      password = strip(password)
-      raise PasswordFormatError, "密码8~16位密码，支持字母数字和符号" unless password =~ CustomRegexp::PASSWORD
-    end
-
-    def check_password_confirmation(password, password_confirmation)
-      password = strip(password)
-      password_confirmation = strip(password_confirmation)
-
-      raise PasswordFormatError, "确认密码为8~16位密码，支持字母数字和符号" unless password_confirmation =~ CustomRegexp::PASSWORD
-      raise PasswordConfirmationError, "两次输入的密码不一致" unless password == password_confirmation
-    end
-
-    def check_verifi_code(verifi_code, code)
-      code = strip(code)
-      return if code == "123123" # TODO 万能验证码，用于测试
-
-      raise VerifiCodeError, "验证码不正确" if verifi_code&.code != code
-      raise VerifiCodeError, "验证码已失效" if !verifi_code&.effective?
-    end
-    
   end
 end
diff --git a/app/forms/register/form.rb b/app/forms/register/form.rb
index 429922f9f..6800fa1de 100644
--- a/app/forms/register/form.rb
+++ b/app/forms/register/form.rb
@@ -10,7 +10,9 @@ module Register
     
     def check!
       Rails.logger.info "Register::Form params: code: #{code}; login: #{login}; 
-        namespace: #{namespace}; password: #{password}; password_confirmation: #{password_confirmation}; type: #{type}"
+        namespace: #{namespace}; password: #{password}; password_confirmation: #{password_confirmation}"
+      
+      type = phone_mail_type(strip(login))
       db_verifi_code = 
         if type == 1
           check_phone(login)
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 9cad9f44b..148c6b454 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -461,5 +461,9 @@ module ApplicationHelper
   def phone_mail_type value
     value =~ /^1\d{10}$/ ? 1 : 0
   end
+
+  def strip(str)
+    str.to_s.strip.presence
+  end
   
 end
diff --git a/app/services/accounts/reset_password_service.rb b/app/services/accounts/reset_password_service.rb
new file mode 100644
index 000000000..61a4bb1cf
--- /dev/null
+++ b/app/services/accounts/reset_password_service.rb
@@ -0,0 +1,23 @@
+module Accounts
+  class ResetPasswordService < ApplicationService
+    # login、code、password、password_confirmation
+    def initialize(user, params)
+      @user      = user
+      @password  = params[:password]
+      @password_confirmation = params[:password_confirmation]
+    end
+
+    def call
+      return if @user.blank?
+      password  = strip(@password)
+      password_confirmation = strip(@password_confirmation)
+
+      Rails.logger.info "Accounts::ResetPasswordService params:   
+        ##### password: #{@password} password_confirmation: #{@password_confirmation}"
+        
+      @user.password, @user.password_confirmation = password, password_confirmation
+      
+      @user
+    end
+  end
+end
diff --git a/app/services/application_service.rb b/app/services/application_service.rb
index 2fa59ed29..81ecf5f7b 100644
--- a/app/services/application_service.rb
+++ b/app/services/application_service.rb
@@ -18,4 +18,9 @@ class ApplicationService
   def str_to_boolean str
     ActiveModel::Type::Boolean.new.cast str
   end
+
+  def phone_mail_type value
+    value =~ /^1\d{10}$/ ? 1 : 0
+  end
+
 end
diff --git a/app/services/users/register_service.rb b/app/services/users/register_service.rb
index bb3b3ada1..fc0e4231e 100644
--- a/app/services/users/register_service.rb
+++ b/app/services/users/register_service.rb
@@ -12,7 +12,8 @@ class Users::RegisterService < ApplicationService
     namespace = strip(@namespace)
     password  = strip(@password)
 
-    Rails.logger.info "Users::RegisterService params:   ##### #{params} "
+    Rails.logger.info "Users::RegisterService params:   
+      ##### code: #{code} login: #{login} namespace: #{namespace}  password: #{password} "
 
     email, phone = 
       if register_type == 1
@@ -50,9 +51,4 @@ class Users::RegisterService < ApplicationService
   def register_type
     phone_mail_type(@login)
   end
-
-  def phone_mail_type value
-    value =~ /^1\d{10}$/ ? 1 : 0
-  end
-  
 end

From e02237a9e0cd520703dae3127439ef5ade93af18 Mon Sep 17 00:00:00 2001
From: jasder <jasduaner@gmail.com>
Date: Wed, 3 Nov 2021 18:25:57 +0800
Subject: [PATCH 4/6] FIX code review

---
 app/controllers/accounts_controller.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index 4008791b8..c2d7c99c1 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -157,7 +157,7 @@ class AccountsController < ApplicationController
 
   # 用户登录
   def login
-    Users::LoginForm.new(account_params).validate!
+    Users::LoginForm.new(login_params).validate!
     @user = User.try_to_login(params[:login], params[:password])
 
     return normal_status(-2, "错误的账号或密码") if @user.blank?
@@ -353,7 +353,7 @@ class AccountsController < ApplicationController
     params.require(:user).permit(:login, :email, :phone)
   end
 
-  def account_params 
+  def login_params 
     params.require(:account).permit(:login, :password)
   end
 

From a549dc1e25b5db733f93c8408ee57a4d68a11afd Mon Sep 17 00:00:00 2001
From: jasder <jasduaner@gmail.com>
Date: Wed, 3 Nov 2021 21:32:17 +0800
Subject: [PATCH 5/6] FIX reset password bug

---
 app/controllers/accounts_controller.rb          | 2 ++
 app/services/accounts/reset_password_service.rb | 7 +++++++
 2 files changed, 9 insertions(+)

diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index c2d7c99c1..70e5b603b 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -225,6 +225,8 @@ class AccountsController < ApplicationController
       render_result(-7, e.message)
     rescue Register::BaseForm::VerifiCodeError => e
       render_result(-6, e.message)
+    rescue ActiveRecord::Rollback => e
+      render_result(-1, "服务器异常")
     rescue Exception => e
       uid_logger_error(e.message)
       tip_exception(e.message)
diff --git a/app/services/accounts/reset_password_service.rb b/app/services/accounts/reset_password_service.rb
index 61a4bb1cf..5202fe77a 100644
--- a/app/services/accounts/reset_password_service.rb
+++ b/app/services/accounts/reset_password_service.rb
@@ -16,6 +16,13 @@ module Accounts
         ##### password: #{@password} password_confirmation: #{@password_confirmation}"
         
       @user.password, @user.password_confirmation = password, password_confirmation
+
+      sync_params = {
+        password: password,
+        email: @user.mail
+      }
+      interactor = Gitea::User::UpdateInteractor.call(@user.login, sync_params)
+      raise ActiveRecord::Rollback unless interactor.success?
       
       @user
     end

From 8d3b674321fe4aa59e3f5150e859c007af9e7aa1 Mon Sep 17 00:00:00 2001
From: jasder <jasduaner@gmail.com>
Date: Thu, 4 Nov 2021 14:14:11 +0800
Subject: [PATCH 6/6] FIX viri code invalid bug

---
 app/forms/accounts/reset_password_form.rb | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/app/forms/accounts/reset_password_form.rb b/app/forms/accounts/reset_password_form.rb
index 7f3442220..a451d13c2 100644
--- a/app/forms/accounts/reset_password_form.rb
+++ b/app/forms/accounts/reset_password_form.rb
@@ -17,11 +17,10 @@ module Accounts
       db_verifi_code = 
         if type == 1
           check_phone_format(login)
-          VerificationCode.where(phone: login, code: code, code_type: 1).last
+          VerificationCode.where(phone: login, code: code, code_type: 2).last
         elsif type == 0
-          Rails.logger.info "9999999999 #{login}"
           check_email_format(login)
-          VerificationCode.where(email: login, code: code, code_type: 8).last
+          VerificationCode.where(email: login, code: code, code_type: 3).last
         end
       
       check_password(password)