update:用户密码

controller/userController.js

@@ -173,7 +173,39 @@ async function checkUserToken(req, res, next) {
     }
 }
 
+// 用于登录后更新密码，
+async function changePassword(req, res, next) {
+    try {
+        let user = req.user;
+        let newPassword = req.body.newPassword;
+        const { salt, passwordHash } = utils.saltHashPassword(newPassword);
+        const ret = await userModule.findOneAndUpdate({_id: user._id}, {
+            // ...req.body,
+            salt,
+            password: passwordHash
+        });
+        await ioRedis.del(`token:${user.token}`)
+        res.sendData(req.user);
+    } catch (error) {
+        next(error);
+    }
+}
+
 
+// changePwd  用于管理员修改成员密码，不影响成员当前这一次的登录状态，下次登录需要用新密码登录。
+async function changePwd(req, res, next) {
+    try {
+        const { salt, passwordHash } = utils.saltHashPassword("123456");
+        const ret = await userModule.findOneAndUpdate({_id: req.body._id}, {
+            // ...req.body,
+            salt,
+            password: passwordHash
+        });
+        res.sendData(ret);
+    } catch (error) {
+        next(error);
+    }
+}
 
 
 
@@ -363,6 +395,8 @@ module.exports = {
     getRole,
     deleteUser,
     checkUserToken,
+    changePassword,
+    changePwd,
 
     createRole,
     listRole,

router/userRouter.js

@@ -10,12 +10,14 @@ router.post('/regist', userController.regist);
 router.post('/login', userController.login);
 
 router.post('/checkUserToken', userController.checkUserToken);
+router.post('/changePassword', userController.changePassword);
 
 router.post('/manage/list', userController.listUser);
 router.post('/manage/create', userController.addUser);
 router.post('/manage/update', userController.updateUser); //更新 
 router.post('/manage/info', userController.getUser);
 router.post('/manage/delete', userController.deleteUser); // 删除
+router.post('/manage/changePwd', userController.changePwd); // 删除
 
 
 /**