From a4c4bd7475d72ce432811bc5f526ab8528a96fa4 Mon Sep 17 00:00:00 2001
From: "Kalman.CHENG" <123204464@qq.com>
Date: Tue, 15 Jul 2025 11:37:29 +0800
Subject: [PATCH] =?UTF-8?q?=E6=95=99=E8=82=B2=E5=9E=82=E7=9B=B4=E9=A2=86?=
 =?UTF-8?q?=E5=9F=9F=E5=A4=A7=E6=A8=A1=E5=9E=8B=E5=B9=B3=E5=8F=B0=20modify?=
 =?UTF-8?q?=20by=20Kalman.CHENG=20=E2=98=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../api/controller/UserController.py          | 20 ++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/dsAiTeachingModel/api/controller/UserController.py b/dsAiTeachingModel/api/controller/UserController.py
index e23d8f5f..bff5dd85 100644
--- a/dsAiTeachingModel/api/controller/UserController.py
+++ b/dsAiTeachingModel/api/controller/UserController.py
@@ -3,6 +3,7 @@ import re
 
 from fastapi import APIRouter, Request, Response, Depends
 from auth.dependencies import *
+from utils.CommonUtil import md5_encrypt
 from utils.Database import *
 from utils.ParseRequest import *
 
@@ -29,4 +30,21 @@ async def modify_telephone(request: Request):
 
 
 # 【Base-User-2】维护用户密码
-# @router.post("/modifyPassword")
+@router.post("/modifyPassword")
+async def modify_password(request: Request):
+    person_id = await get_request_str_param(request, "person_id", True, True)
+    old_password = await get_request_str_param(request, "old_password", True, True)
+    password = await get_request_str_param(request, "password", True, True)
+    # 校验旧密码是否正确
+    select_password_sql: str = "select pwdmd5 from t_sys_loginperson where person_id = '" + person_id + "' and b_use = 1"
+    userlist = await find_by_sql(select_password_sql, ())
+    if len(userlist) == 0:
+        return {"success": False, "message": "用户不存在"}
+    else:
+        if userlist[0]["pwdmd5"] != md5_encrypt(old_password):
+            return {"success": False, "message": "旧密码错误"}
+        else:
+            update_password_sql: str = "update t_sys_loginperson set original_pwd = '" + password + "',pwdmd5 = '" + md5_encrypt(password) + "' where person_id = '" + person_id + "'"
+            await execute_sql(update_password_sql)
+            return {"success": True, "message": "修改成功"}
+