fix: restrict password login to existing phone accounts

2026-04-26 01:11:45 +08:00
parent c4b9b8173f
commit 0a0f3f1bd8
33 changed files with 489 additions and 778 deletions
--- a/server-rs/crates/api-server/src/password_entry.rs
+++ b/server-rs/crates/api-server/src/password_entry.rs
@@ -29,7 +29,7 @@ pub async fn password_entry(
    let result = state
        .password_entry_service()
        .execute(PasswordEntryInput {
-            username: payload.username,
+            phone_number: payload.phone,
            password: payload.password,
        })
        .await
@@ -64,10 +64,10 @@ pub async fn password_entry(

 fn map_password_entry_error(error: PasswordEntryError) -> AppError {
    match error {
-        PasswordEntryError::InvalidUsername => AppError::from_status(StatusCode::BAD_REQUEST)
+        PasswordEntryError::InvalidPhoneNumber => AppError::from_status(StatusCode::BAD_REQUEST)
            .with_message("手机号格式不正确")
            .with_details(json!({
-                "field": "username",
+                "field": "phone",
            })),
        PasswordEntryError::InvalidPasswordLength => AppError::from_status(StatusCode::BAD_REQUEST)
            .with_message("密码长度需要在 6 到 128 位之间")
@@ -77,7 +77,7 @@ fn map_password_entry_error(error: PasswordEntryError) -> AppError {
        PasswordEntryError::InvalidPublicUserCode => AppError::from_status(StatusCode::BAD_REQUEST)
            .with_message("叙世号格式不正确")
            .with_details(json!({
-                "field": "username",
+                "field": "phone",
            })),
        PasswordEntryError::InvalidCredentials => {
            AppError::from_status(StatusCode::UNAUTHORIZED).with_message("手机号或密码错误")