feat: 友好的错误提示 && 普通用户重置密码判断邮箱是否绑定

Author: LydiaCai1203

backend/biz/team/handler/http/v1/user.go

@@ -173,6 +173,11 @@ func (h *TeamGroupUserHandler) Status(c *web.Context) error {
 //	@Router			/api/v1/teams/users/passwords/change [put]
 func (h *TeamGroupUserHandler) ChangePassword(c *web.Context, req domain.ChangePasswordReq) error {
 	teamUser := middleware.GetTeamUser(c)
+
+	if err := req.Validate(); err != nil {
+		return err
+	}
+
 	err := h.usecase.ChangePassword(c.Request().Context(), teamUser.User.ID, &req)
 	if err != nil {
 		return err

backend/biz/user/handler/v1/auth.go

@@ -116,6 +116,10 @@ func (h *AuthHandler) PasswordLogin(c *web.Context, req domain.TeamLoginReq) err
 func (h *AuthHandler) ChangePassword(c *web.Context, req domain.ChangePasswordReq) error {
 	ctx := c.Request().Context()
 
+	if err := req.Validate(); err != nil {
+		return err
+	}
+
 	user := middleware.GetUser(c)
 	if user == nil {
 		return errcode.ErrUnauthorized
@@ -201,6 +205,9 @@ func (h *AuthHandler) Status(c *web.Context) error {
 //	@Router			/api/v1/users/passwords/reset-request [put]
 func (h *AuthHandler) SendResetPasswordEmail(c *web.Context, req domain.ResetUserPasswordEmailReq) error {
 	ctx := c.Request().Context()
+	if err := req.Validate(); err != nil {
+		return err
+	}
 	if !h.captcha.ValidateToken(ctx, req.CaptchaToken) {
 		return errcode.ErrForbidden
 	}
@@ -279,6 +286,9 @@ func (h *AuthHandler) GetAccountInfo(c *web.Context, req domain.GetAccountInfoRe
 //	@Success		200	{object}	web.Resp{}
 //	@Router			/api/v1/users/passwords/reset [put]
 func (h *AuthHandler) ResetPassword(c *web.Context, req domain.ResetUserPasswordReq) error {
+	if err := req.Validate(); err != nil {
+		return err
+	}
 	// 重置前检查 redis 里的 Key
 	key := fmt.Sprintf("reset_password_token:%s", req.Token)
 	userID, err := h.redis.Get(c.Request().Context(), key).Result()

backend/biz/user/usecase/user.go

@@ -97,6 +97,9 @@ func (u *UserUsecase) SendResetPasswordEmail(ctx context.Context, req *domain.Re
 	if err != nil {
 		return err
 	}
+	if len(users) != len(req.Emails) {
+		return errcode.ErrEmailNotBound
+	}
 
 	for _, user := range users {
 		token := uuid.NewString()

backend/domain/team.go

@@ -10,6 +10,7 @@ import (
 	"github.com/chaitin/MonkeyCode/backend/pkg/cvt"
 
 	"github.com/chaitin/MonkeyCode/backend/consts"
+	"github.com/chaitin/MonkeyCode/backend/errcode"
 )
 
 // TeamGroupUserUsecase 团队分组成员业务逻辑接口
@@ -290,8 +291,15 @@ type TeamMemberInfo struct {
 
 // ChangePasswordReq 修改密码请求
 type ChangePasswordReq struct {
-	CurrentPassword string `json:"current_password" validate:"omitempty"`         // 当前密码
-	NewPassword     string `json:"new_password" validate:"required,min=8,max=32"` // 新密码
+	CurrentPassword string `json:"current_password" validate:"omitempty"` // 当前密码
+	NewPassword     string `json:"new_password" validate:"required"`      // 新密码
+}
+
+func (r *ChangePasswordReq) Validate() error {
+	if len(r.NewPassword) < 8 || len(r.NewPassword) > 32 {
+		return errcode.ErrPasswordLength
+	}
+	return nil
 }
 
 // ChangePasswordResp 修改密码响应

backend/domain/user.go

@@ -2,14 +2,15 @@ package domain
 
 import (
 	"context"
+	"strings"
 	"time"
 
 	"github.com/google/uuid"
 
+	"github.com/chaitin/MonkeyCode/backend/consts"
 	"github.com/chaitin/MonkeyCode/backend/db"
+	"github.com/chaitin/MonkeyCode/backend/errcode"
 	"github.com/chaitin/MonkeyCode/backend/pkg/cvt"
-
-	"github.com/chaitin/MonkeyCode/backend/consts"
 )
 
 type UserUsecase interface {
@@ -41,13 +42,13 @@ type UserActiveRepo interface {
 }
 
 type User struct {
-	ID         uuid.UUID         `json:"id"`
-	Name       string            `json:"name"`
-	AvatarURL  string            `json:"avatar_url"`
-	Email      string            `json:"email"`
-	Role       consts.UserRole   `json:"role"`
-	Status     consts.UserStatus `json:"status"`
-	IsBlocked  bool              `json:"is_blocked"`
+	ID          uuid.UUID         `json:"id"`
+	Name        string            `json:"name"`
+	AvatarURL   string            `json:"avatar_url"`
+	Email       string            `json:"email"`
+	Role        consts.UserRole   `json:"role"`
+	Status      consts.UserStatus `json:"status"`
+	IsBlocked   bool              `json:"is_blocked"`
 	Token       string            `json:"token,omitempty"`
 	Identities  []*UserIdentity   `json:"identities"`
 	Team        *Team             `json:"team,omitempty"`
@@ -143,16 +144,35 @@ type GetAccountInfoReq struct {
 
 // ResetUserPasswordReq 修改密码请求
 type ResetUserPasswordReq struct {
-	NewPassword string `json:"new_password" validate:"required,min=8,max=32"`
+	NewPassword string `json:"new_password" validate:"required"`
 	Token       string `json:"token" validate:"required"`
 }
 
+func (r *ResetUserPasswordReq) Validate() error {
+	if len(r.NewPassword) < 8 || len(r.NewPassword) > 32 {
+		return errcode.ErrPasswordLength
+	}
+	return nil
+}
+
 // ResetUserPasswordEmailReq 发送重置密码邮件请求
 type ResetUserPasswordEmailReq struct {
 	Emails       []string `json:"emails" validate:"required"`
 	CaptchaToken string   `json:"captcha_token"`
 }
 
+func (r *ResetUserPasswordEmailReq) Validate() error {
+	if len(r.Emails) == 0 {
+		return errcode.ErrEmailRequired
+	}
+	for _, email := range r.Emails {
+		if strings.TrimSpace(email) == "" {
+			return errcode.ErrEmailRequired
+		}
+	}
+	return nil
+}
+
 // TeamMembersResp 团队成员列表响应
 type TeamMembersResp []*User
 

backend/errcode/errcode.go

@@ -78,6 +78,7 @@ var (
 	ErrUserAlreadyExists       = web.NewErr(http.StatusOK, 10503, "err-user-already-exists")
 	ErrChangePasswordFailed    = web.NewErr(http.StatusOK, 10504, "err-change-password-failed")
 	ErrPasswordHashFailed      = web.NewErr(http.StatusOK, 10505, "err-password-hash-failed")
+	ErrPasswordLength          = web.NewErr(http.StatusOK, 10506, "err-password-length")
 
 	// 用户管理
 	ErrIdentityAlreadyBound = web.NewErr(http.StatusOK, 10601, "err-identity-already-bound")
@@ -92,6 +93,8 @@ var (
 	ErrEmailVerifyFailed    = web.NewErr(http.StatusOK, 10611, "err-email-verify-failed")
 	ErrEmailAlreadyBound    = web.NewErr(http.StatusOK, 10612, "err-email-already-bound")
 	ErrEmailTaken           = web.NewErr(http.StatusOK, 10613, "err-email-taken")
+	ErrEmailRequired        = web.NewErr(http.StatusOK, 10614, "err-email-required")
+	ErrEmailNotBound        = web.NewErr(http.StatusOK, 10615, "err-email-not-bound")
 
 	// captcha 模块
 	ErrCreateCaptchaFailed  = web.NewErr(http.StatusOK, 10700, "err-create-captcha-failed")

backend/errcode/locale.en.toml

@@ -85,6 +85,9 @@ other = "Team member limit exceeded"
 [err-invalid-password]
 other = "Invalid password"
 
+[err-password-length]
+other = "Password must be between 8 and 32 characters"
+
 [err-sms-failed]
 other = "SMS send failed"
 
@@ -138,6 +141,12 @@ other = "Email already bound"
 [err-email-taken]
 other = "Email already taken by another user"
 
+[err-email-required]
+other = "Email is required"
+
+[err-email-not-bound]
+other = "Some emails are not bound, please bind email before resetting password"
+
 [err-deposit-failed]
 other = "Deposit failed"
 

backend/errcode/locale.zh.toml

@@ -94,6 +94,9 @@ other = "团队成员数量超出限制"
 [err-invalid-password]
 other = "密码无效"
 
+[err-password-length]
+other = "密码长度必须在 8 到 32 个字符之间"
+
 [err-sms-failed]
 other = "短信发送失败"
 
@@ -145,6 +148,12 @@ other = "该邮箱已绑定"
 [err-email-taken]
 other = "该邮箱已被使用"
 
+[err-email-required]
+other = "邮箱不能为空"
+
+[err-email-not-bound]
+other = "存在未绑定邮箱的用户，请绑定邮箱后再重置密码"
+
 [err-deposit-failed]
 other = "充值失败"