update changepassword

app/Http/Controllers/Passport/AuthController.php

@@ -7,7 +7,6 @@ use App\Http\Requests\Passport\AuthRegister;
 use App\Http\Requests\Passport\AuthForget;
 use App\Http\Requests\Passport\AuthLogin;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Mail;
 use Illuminate\Support\Facades\Cache;
 use App\Models\User;
 use App\Models\InviteCode;
@@ -93,7 +92,7 @@ class AuthController extends Controller
         if (!$user) {
             abort(500, '用户名或密码错误');
         }
-        if (!$this->multiPasswordVerify(
+        if (!Helper::multiPasswordVerify(
             $user->password_algo,
             $password,
             $user->password)
@@ -186,13 +185,4 @@ class AuthController extends Controller
             'data' => true
         ]);
     }
-
-    private function multiPasswordVerify($algo, $password, $hash)
-    {
-        switch($algo) {
-            case 'md5': return md5($password) === $hash;
-            case 'sha256': return hash('sha256', $password) === $hash;
-            default: return password_verify($password, $hash);
-        }
-    }
 }

app/Http/Controllers/User/UserController.php

@@ -32,7 +32,11 @@ class UserController extends Controller
             abort(500, '新密码不能为空');
         }
         $user = User::find($request->session()->get('id'));
-        if (!password_verify($request->input('old_password'), $user->password)) {
+        if (!Helper::multiPasswordVerify(
+            $user->password_algo,
+            $request->input('old_password'),
+            $user->password)
+        ) {
             abort(500, '旧密码有误');
         }
         $user->password = password_hash($request->input('new_password'), PASSWORD_DEFAULT);