chore: replace duplicated ajax value name

resources/views/tabler/auth/login.tpl

@@ -23,7 +23,7 @@
                             </span>
                     </label>
                     <div class="input-group input-group-flat">
-                        <input id="passwd" type="password" class="form-control" autocomplete="off">
+                        <input id="password" type="password" class="form-control" autocomplete="off">
                     </div>
                 </div>
                 <div class="mb-2">
@@ -44,7 +44,7 @@
                     </div>
                 </div>
                 <div class="form-footer">
-                    <button id="login" class="btn btn-primary w-100"
+                    <button class="btn btn-primary w-100"
                             hx-post="/auth/login" hx-swap="none" hx-vals='js:{
                                 {if $public_setting['enable_login_captcha']}
                                     {if $public_setting['captcha_provider'] === 'turnstile'}
@@ -55,7 +55,7 @@
                                     {/if}
                                 {/if}
                                 email: document.getElementById("email").value,
-                                passwd: document.getElementById("passwd").value,
+                                password: document.getElementById("password").value,
                                 mfa_code: document.getElementById("mfa_code").value,
                                 remember_me: document.getElementById("remember_me").checked,
                              }'>

resources/views/tabler/auth/register.tpl

@@ -20,12 +20,12 @@
                     </div>
                     <div class="mb-3">
                         <div class="input-group input-group-flat">
-                            <input id="passwd" type="password" class="form-control" placeholder="登录密码">
+                            <input id="password" type="password" class="form-control" placeholder="登录密码">
                         </div>
                     </div>
                     <div class="mb-3">
                         <div class="input-group input-group-flat">
-                            <input id="repasswd" type="password" class="form-control" placeholder="重复登录密码">
+                            <input id="confirm_password" type="password" class="form-control" placeholder="重复登录密码">
                         </div>
                     </div>
                     {if $public_setting['reg_mode'] !== 'close' }
@@ -65,7 +65,7 @@
                         </div>
                     </div>
                     <div class="form-footer">
-                        <button id="register" class="btn btn-primary w-100"
+                        <button class="btn btn-primary w-100"
                                 hx-post="/auth/register" hx-swap="none" hx-vals='js:{
                                     {if $public_setting['reg_email_verify']}
                                         emailcode: document.getElementById("emailcode").value,
@@ -80,8 +80,8 @@
                                     {/if}
                                     name: document.getElementById("name").value,
                                     email: document.getElementById("email").value,
-                                    passwd: document.getElementById("passwd").value,
-                                    repasswd: document.getElementById("repasswd").value,
+                                    password: document.getElementById("password").value,
+                                    confirm_password: document.getElementById("confirm_password").value,
                                     invite_code: document.getElementById("invite_code").value,
                                     tos: document.getElementById("tos").checked,
                                  }'>

resources/views/tabler/password/token.tpl

@@ -17,14 +17,14 @@
                 </div>
                 <div class="mb-3">
                     <label class="form-label">再次输入新密码</label>
-                    <input id="repasswd" type="password" class="form-control" placeholder="请再次输入新密码">
+                    <input id="confirm_password" type="password" class="form-control" placeholder="请再次输入新密码">
                 </div>
                 <div class="form-footer">
-                    <button id="reset" class="btn btn-primary w-100"
+                    <button class="btn btn-primary w-100"
                             hx-post="{ location.pathname }" hx-swap="none"
                             hx-vals='js:{
                             password: document.getElementById("password").value,
-                            repasswd: document.getElementById("repasswd").value, }'>
+                            confirm_password: document.getElementById("confirm_password").value, }'>
                         <i class="ti ti-key icon"></i>
                         重置
                     </button>

resources/views/tabler/user/edit.tpl

@@ -76,12 +76,12 @@
                                                 <div class="card-footer">
                                                     <div class="d-flex">
                                                         {if $public_setting['reg_email_verify'] && $config['enable_change_email']}
-                                                            <button id="email-verify" class="btn btn-link"
+                                                            <button class="btn btn-link"
                                                                     hx-post="/user/send" hx-swap="none"
                                                                     hx-vals='js:{ email: document.getElementById("newemail").value }'>
                                                                 获取验证码
                                                             </button>
-                                                            <button id="modify-email" class="btn btn-primary ms-auto"
+                                                            <button class="btn btn-primary ms-auto"
                                                                     hx-post="/user/email" hx-swap="none"
                                                                     hx-vals='js:{
                                                                         newemail: document.getElementById("new-email").value,
@@ -90,13 +90,13 @@
                                                                 修改
                                                             </button>
                                                         {elseif $config['enable_change_email']}
-                                                            <button id="modify-email" class="btn btn-primary ms-auto"
+                                                            <button class="btn btn-primary ms-auto"
                                                                     hx-post="/user/email" hx-swap="none"
                                                                     hx-vals='js:{ newemail: document.getElementById("new-email").value }'>
                                                                 修改
                                                             </button>
                                                         {else}
-                                                            <button id="modify-email" class="btn btn-primary ms-auto"
+                                                            <button class="btn btn-primary ms-auto"
                                                                     disabled>不允许修改
                                                             </button>
                                                         {/if}
@@ -116,7 +116,7 @@
                                                 </div>
                                                 <div class="card-footer">
                                                     <div class="d-flex">
-                                                        <button id="modify-username" class="btn btn-primary ms-auto"
+                                                        <button class="btn btn-primary ms-auto"
                                                            hx-post="/user/username" hx-swap="none"
                                                            hx-vals='js:{ newusername: document.getElementById("new-username").value }'>
                                                             修改
@@ -174,7 +174,7 @@
                                                 {if $user->im_type !== 0}
                                                     <div class="card-footer">
                                                         <div class="d-flex">
-                                                            <button id="unbind-im" class="btn btn-red ms-auto"
+                                                            <button class="btn btn-red ms-auto"
                                                                     hx-post="/user/unbind_im" hx-swap="none">
                                                                 解绑
                                                             </button>
@@ -238,16 +238,16 @@
                                                 </div>
                                                 <div class="card-footer">
                                                     <div class="d-flex">
-                                                        <button id="reset-2fa" class="btn btn-link"
+                                                        <button class="btn btn-link"
                                                                 hx-post="/user/ga_reset" hx-swap="none" >
                                                             重置
                                                         </button>
-                                                        <button id="test-2fa" class="btn btn-link"
+                                                        <button class="btn btn-link"
                                                                 hx-post="/user/ga_check" hx-swap="none"
                                                                 hx-vals='js:{ code: document.getElementById("ga-test-code").value }'>
                                                             测试
                                                         </button>
-                                                        <button id="save-2fa" class="btn btn-primary ms-auto"
+                                                        <button class="btn btn-primary ms-auto"
                                                                 hx-post="/user/ga_set" hx-swap="none"
                                                                 hx-vals='js:{ enable: document.getElementById("ga-enable").value }'>
                                                             设置
@@ -268,14 +268,14 @@
                                                     </div>
                                                     <div class="mb-3">
                                                         <form>
-                                                            <input id="new-password" type="password"
+                                                            <input id="new_password" type="password"
                                                                    class="form-control" placeholder="输入新密码"
                                                                    autocomplete="off">
                                                         </form>
                                                     </div>
                                                     <div class="mb-3">
                                                         <form>
-                                                            <input id="repeat-new-password" type="password"
+                                                            <input id="confirm_new_password" type="password"
                                                                    class="form-control" placeholder="再次输入新密码"
                                                                    autocomplete="off">
                                                         </form>
@@ -283,12 +283,12 @@
                                                 </div>
                                                 <div class="card-footer">
                                                     <div class="d-flex">
-                                                        <button id="modify-login-passwd" class="btn btn-primary ms-auto"
+                                                        <button class="btn btn-primary ms-auto"
                                                                 hx-post="/user/password" hx-swap="none"
                                                                 hx-vals='js:{
-                                                                    pwd: document.getElementById("new-password").value,
-                                                                    repwd: document.getElementById("repeat-new-password").value,
-                                                                    oldpwd: document.getElementById("password").value
+                                                                    new_password: document.getElementById("new_password").value,
+                                                                    confirm_new_password: document.getElementById("confirm_new_password").value,
+                                                                    password: document.getElementById("password").value
                                                                 }'>
                                                             修改
                                                         </button>
@@ -319,7 +319,7 @@
                                                 </div>
                                                 <div class="card-footer">
                                                     <div class="d-flex">
-                                                        <button id="modify-user-method" class="btn btn-primary ms-auto"
+                                                        <button class="btn btn-primary ms-auto"
                                                                 hx-post="/user/method" hx-swap="none"
                                                                 hx-vals='js:{ method: document.getElementById("user-method").value }'>
                                                             修改
@@ -337,7 +337,7 @@
                                                 </div>
                                                 <div class="card-footer">
                                                     <div class="d-flex">
-                                                        <button id="reset-sub-url" class="btn btn-primary ms-auto bg-red"
+                                                        <button class="btn btn-primary ms-auto bg-red"
                                                                 hx-post="/user/url_reset" hx-swap="none">
                                                             重置
                                                         </button>
@@ -355,7 +355,7 @@
                                                 </div>
                                                 <div class="card-footer">
                                                     <div class="d-flex">
-                                                        <button id="reset-passwd" class="btn btn-primary ms-auto bg-red"
+                                                        <button class="btn btn-primary ms-auto bg-red"
                                                                 hx-post="/user/passwd_reset" hx-swap="none">
                                                             重置
                                                         </button>
@@ -390,7 +390,7 @@
                                                 </div>
                                                 <div class="card-footer">
                                                     <div class="d-flex">
-                                                        <button id="modify-daily-mail" class="btn btn-primary ms-auto"
+                                                        <button class="btn btn-primary ms-auto"
                                                                 hx-post="/user/daily_mail" hx-swap="none"
                                                                 hx-vals='js:{ mail: document.getElementById("daily-mail").value }'>
                                                             修改
@@ -419,7 +419,7 @@
                                                 </div>
                                                 <div class="card-footer">
                                                     <div class="d-flex">
-                                                        <button id="modify-contact-method" class="btn btn-primary ms-auto"
+                                                        <button class="btn btn-primary ms-auto"
                                                                 hx-post="/user/contact_method" hx-swap="none"
                                                                 hx-vals='js:{ contact: document.getElementById("contact-method").value }'>
                                                             修改
@@ -444,7 +444,7 @@
                                                 </div>
                                                 <div class="card-footer">
                                                     <div class="d-flex">
-                                                        <button id="modify-user-theme" class="btn btn-primary ms-auto"
+                                                        <button class="btn btn-primary ms-auto"
                                                                 hx-post="/user/theme" hx-swap="none"
                                                                 hx-vals='js:{ theme: document.getElementById("user-theme").value }'>
                                                             修改
@@ -498,7 +498,7 @@
                         </div>
                         <div class="py-3">
                             <form>
-                                <input id="confirm-passwd" type="password" class="form-control"
+                                <input id="confirm_kill_password" type="password" class="form-control"
                                        placeholder="输入登录密码" autocomplete="off">
                             </form>
                         </div>
@@ -512,9 +512,9 @@
                                     </button>
                                 </div>
                                 <div class="col">
-                                    <button href="#" id="confirm-kill" class="btn btn-danger w-100" data-bs-dismiss="modal"
+                                    <button href="#" class="btn btn-danger w-100" data-bs-dismiss="modal"
                                             hx-post="/user/kill" hx-swap="none"
-                                            hx-vals='js:{ passwd: document.getElementById("confirm-passwd").value }'>
+                                            hx-vals='js:{ password: document.getElementById("confirm_kill_password").value }'>
                                         确认
                                     </button>
                                 </div>

src/Controllers/AuthController.php

@@ -63,7 +63,7 @@ final class AuthController extends BaseController
         }
 
         $mfa_code = $this->antiXss->xss_clean($request->getParam('mfa_code'));
-        $passwd = $request->getParam('passwd');
+        $password = $request->getParam('password');
         $rememberMe = $request->getParam('remember_me') === 'true' ? 1 : 0;
         $email = strtolower(trim($this->antiXss->xss_clean($request->getParam('email'))));
         $redir = $this->antiXss->xss_clean(Cookie::get('redir')) ?? '/user';
@@ -79,7 +79,7 @@ final class AuthController extends BaseController
             ]);
         }
 
-        if (! Hash::checkPassword($user->pass, $passwd)) {
+        if (! Hash::checkPassword($user->pass, $password)) {
             $loginIp->collectLoginIP($_SERVER['REMOTE_ADDR'], 1, $user->id);
 
             return $response->withJson([
@@ -198,7 +198,7 @@ final class AuthController extends BaseController
         Response $response,
         $name,
         $email,
-        $passwd,
+        $password,
         $invite_code,
         $imtype,
         $imvalue,
@@ -213,7 +213,7 @@ final class AuthController extends BaseController
         $user->user_name = $name;
         $user->email = $email;
         $user->remark = '';
-        $user->pass = Hash::passwordHash($passwd);
+        $user->pass = Hash::passwordHash($password);
         $user->passwd = Tools::genRandomChar(16);
         $user->uuid = Uuid::uuid4();
         $user->api_token = Uuid::uuid4();
@@ -298,14 +298,22 @@ final class AuthController extends BaseController
         $tos = $request->getParam('tos') === 'true' ? 1 : 0;
         $email = strtolower(trim($this->antiXss->xss_clean($request->getParam('email'))));
         $name = $this->antiXss->xss_clean($request->getParam('name'));
-        $passwd = $request->getParam('passwd');
-        $repasswd = $request->getParam('repasswd');
+        $password = $request->getParam('password');
+        $confirm_password = $request->getParam('confirm_password');
         $invite_code = $this->antiXss->xss_clean(trim($request->getParam('invite_code')));
-        // Check TOS agreement
+
         if (! $tos) {
             return ResponseHelper::error($response, '请同意服务条款');
         }
-        // Check Invite Code
+
+        if (strlen($password) < 8) {
+            return ResponseHelper::error($response, '密码请大于8位');
+        }
+
+        if ($password !== $confirm_password) {
+            return ResponseHelper::error($response, '两次密码输入不符');
+        }
+
         if ($invite_code === '' && Config::obtain('reg_mode') === 'invite') {
             return ResponseHelper::error($response, '邀请码不能为空');
         }
@@ -339,14 +347,6 @@ final class AuthController extends BaseController
         if ($user !== null) {
             return ResponseHelper::error($response, '邮箱已经被注册了');
         }
-        // check pwd length
-        if (strlen($passwd) < 8) {
-            return ResponseHelper::error($response, '密码请大于8位');
-        }
-        // check pwd re
-        if ($passwd !== $repasswd) {
-            return ResponseHelper::error($response, '两次密码输入不符');
-        }
 
         if (Config::obtain('reg_email_verify')) {
             $redis = (new Cache())->initRedis();
@@ -360,7 +360,7 @@ final class AuthController extends BaseController
             $redis->del('email_verify:' . $email_verify_code);
         }
 
-        return $this->registerHelper($response, $name, $email, $passwd, $invite_code, $imtype, $imvalue, 0, 0);
+        return $this->registerHelper($response, $name, $email, $password, $invite_code, $imtype, $imvalue, 0, 0);
     }
 
     public function logout(ServerRequest $request, Response $response, $next): Response

src/Controllers/PasswordController.php

@@ -63,13 +63,13 @@ final class PasswordController extends BaseController
         }
 
         $user = (new User())->where('email', $email)->first();
-        $msg = '如果你的账户存在于我们的数据库中，那么重置密码的链接将会发送到你账户所对应的邮箱。';
+        $msg = '如果你的账户存在于我们的数据库中，那么重置密码的链接将会发送到你账户所对应的邮箱';
 
         if ($user !== null) {
             try {
                 Password::sendResetEmail($email);
             } catch (ClientExceptionInterface|RedisException $e) {
-                $msg = '邮件发送失败，请联系网站管理员。';
+                $msg = '邮件发送失败';
             }
         }
 
@@ -101,9 +101,9 @@ final class PasswordController extends BaseController
     {
         $token = $this->antiXss->xss_clean($args['token']);
         $password = $request->getParam('password');
-        $repasswd = $request->getParam('repasswd');
+        $confirm_password = $request->getParam('confirm_password');
 
-        if ($password !== $repasswd) {
+        if ($password !== $confirm_password) {
             return ResponseHelper::error($response, '两次输入不符合');
         }
 

src/Controllers/User/InfoController.php

@@ -144,28 +144,30 @@ final class InfoController extends BaseController
 
     public function updatePassword(ServerRequest $request, Response $response, array $args): ResponseInterface
     {
-        $oldpwd = $request->getParam('oldpwd');
-        $pwd = $request->getParam('pwd');
-        $repwd = $request->getParam('repwd');
+        $password = $request->getParam('password');
+        $new_password = $request->getParam('new_password');
+        $confirm_new_password = $request->getParam('confirm_new_password');
         $user = $this->user;
 
-        if ($oldpwd === '' || $pwd === '' || $repwd === '') {
+        if ($password === '' || $new_password === '' || $confirm_new_password === '') {
             return ResponseHelper::error($response, '密码不能为空');
         }
 
-        if (! Hash::checkPassword($user->pass, $oldpwd)) {
+        if (! Hash::checkPassword($user->pass, $password)) {
             return ResponseHelper::error($response, '旧密码错误');
         }
 
-        if ($pwd !== $repwd) {
+        if ($new_password !== $confirm_new_password) {
             return ResponseHelper::error($response, '两次输入不符合');
         }
 
-        if (strlen($pwd) < 8) {
+        if (strlen($new_password) < 8) {
             return ResponseHelper::error($response, '密码太短啦');
         }
 
-        if (! $user->updatePassword($pwd)) {
+        $user->pass = Hash::passwordHash($new_password);
+
+        if (! $user->save()) {
             return ResponseHelper::error($response, '修改失败');
         }
 
@@ -312,13 +314,9 @@ final class InfoController extends BaseController
     public function sendToGulag(ServerRequest $request, Response $response, array $args): ResponseInterface
     {
         $user = $this->user;
-        $passwd = $request->getParam('passwd');
-
-        if ($passwd === '') {
-            return ResponseHelper::error($response, '密码不能为空');
-        }
+        $password = $request->getParam('password');
 
-        if (! Hash::checkPassword($user->pass, $passwd)) {
+        if ($password === '' || ! Hash::checkPassword($user->pass, $password)) {
             return ResponseHelper::error($response, '密码错误');
         }
 
@@ -328,7 +326,7 @@ final class InfoController extends BaseController
 
             return $response->withHeader('HX-Refresh', 'true')->withJson([
                 'ret' => 1,
-                'msg' => '你的帐号已被送去古拉格劳动改造，再见',
+                'msg' => '你将被送去古拉格接受劳动改造，再见',
             ]);
         }
 

src/Models/User.php

@@ -5,7 +5,6 @@ declare(strict_types=1);
 namespace App\Models;
 
 use App\Services\IM;
-use App\Utils\Hash;
 use App\Utils\Tools;
 use GuzzleHttp\Exception\GuzzleException;
 use Illuminate\Database\Query\Builder;
@@ -135,16 +134,6 @@ final class User extends Model
         return $this->last_check_in_time === 0 ? '从未签到' : Tools::toDateTime($this->last_check_in_time);
     }
 
-    /**
-     * 更新密码
-     */
-    public function updatePassword(string $pwd): bool
-    {
-        $this->pass = Hash::passwordHash($pwd);
-
-        return $this->save();
-    }
-
     /**
      * 生成新的 API Token
      */