找回密码功能实现

看下流程图(由flowchart.js绘制)

image.png

表设计

1. name 关联用户表，表内唯一
2. uuid 随机uuid，并通过sha1 加密
3. etime 过期时间

type ForGetPwd struct {
    Id    int
    Name  *User `orm:"rel(fk);unique"`
    Uuid  string
    Etime time.Time
}

发送找回密码邮件代码

用户输入邮箱,填写验证码,信息发送到服务端

image.png

系统判断前端提交信息，验证是否通过，邮箱是否存在

func (self *UserController) ForGetPwd() {
    email, vercode, captcha_id := self.Input().Get("email"), self.Input().Get("vercode"), self.Input().Get("captcha_id")
    if !CheckCode(vercode, captcha_id) {
        msg := map[string]interface{}{"code": 1, "msg": "验证码错误"}
        self.Data["json"] = &msg
        self.ServeJSON()
        return
    }
    //通过邮箱判断用户是否存在
    if models.IsUserExitByEmail(email) {
        _, user := models.FindUserByEmail(email)
        uuid := Encrypt(email + Getuuid())
        //当前时间
        now := time.Now()
        //设置过期时间,这里设置1小时后过期
        h, _ := time.ParseDuration("1h")
        //添加时间
        m := now.Add(h)

        //是否第一次找回密码,不是则更新表记录的uuid,过期时间,否则添加
        if models.IsExitForGetPwdByuser(user.Id) {
            forgetpwd := models.FindForGetPwdByuser(user.Id)
            forgetpwd.Uuid = uuid
            forgetpwd.Etime = m
            models.UpdateForGetPwd(&forgetpwd)
        } else {
            forgetpwd := models.ForGetPwd{Uuid: uuid, Name: &models.User{Id: user.Id}, Etime: m}
            models.AddForGetPwd(&forgetpwd)
        }
        //发送找回密码邮件
        url := "http://192.168.1.12:8080/forgetpwd/?uuid=" + uuid
        SendMail(email, "
请点击以下链接重置密码,如非本人操作请忽略:
"+url+"", "重置密码")
        msg := map[string]interface{}{"code": 0, "msg": "success"}
        self.Data["json"] = &msg
        self.ServeJSON()
    } else {
        msg := map[string]interface{}{"code": 1, "msg": "邮箱不存在"}
        self.Data["json"] = &msg
        self.ServeJSON()
    }
}

用户收到邮件,点击链接重置密码

image.png

把uuid回传到重设密码页面，以便前端发送uuid

func (self *UserController) ForGetPwdPage() {
    //用户点击重置密码链接,需要把uuid回传
    uuid := self.Input().Get("uuid")
    self.Data["uuid"] = uuid
    self.TplName = "user/forgetpwd.html"

}

image.png

image.png

//更新密码
func (self *UserController) SetNewPwd() {
   uuid, password := self.Input().Get("uuid"), self.Input().Get("password")
   now := time.Now()
   //检测uuid是否有效,有效便更新密码,否则直接返回
   if models.CheckForGet(uuid, now) {
       //通过uuid查找对应要修改密码的用户
       u := models.FindForGetPwdByUuid(uuid)
       user := models.FindUserDetialById(u.Name.Id)
       user.Password = password
       models.UpdateUser(&user)
       msg := map[string]interface{}{"code": 0, "msg": "success"}
       self.Data["json"] = &msg
       self.ServeJSON()
   }
   msg := map[string]interface{}{"code": 1, "msg": "invalid token"}
   self.Data["json"] = &msg
   self.ServeJSON()

}

检测uuid是否有效

//检测uuid是否过期
func CheckForGet(uuid string, t time.Time) bool {
    o := orm.NewOrm()
    var forgetpwd ForGetPwd
    return o.QueryTable(forgetpwd).Filter("UUID", uuid).Filter("Etime__gte", t).Exist()
}

js代码片段

layui.define(['layer', 'form'], function(exports) {
    var layer = layui.layer
    var form = layui.form()
    var $ = layui.jquery

    form.verify({
        password: [/(.+){6,12}$/, '密码必须6到12位'],
    });

    form.on('submit(forgetpwd)', function(data) {
         if (data.field.password != data.field.repassword) {
            layer.msg("两次密码输入不一致!")
            return false;
        }
        $.ajax({
            async: false,
            url: "/user/setnewpwd",
            data: {
              
                "password": data.field.password,
                "repassword":data.field.password,
               "uuid":data.field.uuid,
            },
            type: 'POST',
            success: function(text) {
                if (text.msg == 'success') {
                    location.href = '/'
                } else if (text.code != 0) {
                    layer.msg(text.msg)
                }
            }

        });

        return false;

    });
    exports('forgetpwd', {});
});