优化管理员密码密码

application/admin/controller/auth/Admin.php

@@ -7,6 +7,7 @@ use app\admin\model\AuthGroupAccess;
 use app\common\controller\Backend;
 use fast\Random;
 use fast\Tree;
+use think\Validate;
 
 /**
  * 管理员管理
@@ -122,6 +123,9 @@ class Admin extends Backend
             $this->token();
             $params = $this->request->post("row/a");
             if ($params) {
+                if(!Validate::is($params['password'], '\S{6,16}')){
+                    $this->error(__("Please input correct password"));
+                }
                 $params['salt'] = Random::alnum();
                 $params['password'] = md5(md5($params['password']) . $params['salt']);
                 $params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。
@@ -159,6 +163,9 @@ class Admin extends Backend
             $params = $this->request->post("row/a");
             if ($params) {
                 if ($params['password']) {
+                    if(!Validate::is($params['password'], '\S{6,16}')){
+                        $this->error(__("Please input correct password"));
+                    }
                     $params['salt'] = Random::alnum();
                     $params['password'] = md5(md5($params['password']) . $params['salt']);
                 } else {
@@ -167,8 +174,9 @@ class Admin extends Backend
                 //这里需要针对username和email做唯一验证
                 $adminValidate = \think\Loader::validate('Admin');
                 $adminValidate->rule([
-                    'username' => 'require|max:50|unique:admin,username,' . $row->id,
-                    'email'    => 'require|email|unique:admin,email,' . $row->id
+                    'username' => 'require|regex:\w{3,12}|unique:admin,username,' . $row->id,
+                    'email'    => 'require|email|unique:admin,email,' . $row->id,
+                    'password' => 'regex:\S{32}',
                 ]);
                 $result = $row->validate('Admin.edit')->save($params);
                 if ($result === false) {

application/admin/lang/zh-cn/auth/admin.php

@@ -1,7 +1,9 @@
 <?php
 
 return [
-    'Group'        => '所属组别',
-    'Loginfailure' => '登录失败次数',
-    'Login time'   => '最后登录',
+    'Group'                         => '所属组别',
+    'Loginfailure'                  => '登录失败次数',
+    'Login time'                    => '最后登录',
+    'Please input correct username' => '用户名只能由3-12位数字、字母、下划线组合',
+    'Please input correct password' => '密码长度必须在6-16位之间，不能包含空格',
 ];

application/admin/validate/Admin.php

@@ -11,9 +11,9 @@ class Admin extends Validate
      * 验证规则
      */
     protected $rule = [
-        'username' => 'require|max:50|unique:admin',
+        'username' => 'require|regex:\w{3,12}|unique:admin',
         'nickname' => 'require',
-        'password' => 'require',
+        'password' => 'require|regex:\S{32}',
         'email'    => 'require|email|unique:admin,email',
     ];
 
@@ -34,7 +34,7 @@ class Admin extends Validate
      */
     protected $scene = [
         'add'  => ['username', 'email', 'nickname', 'password'],
-        'edit' => ['username', 'email', 'nickname'],
+        'edit' => ['username', 'email', 'nickname', 'password'],
     ];
 
     public function __construct(array $rules = [], $message = [], $field = [])
@@ -45,6 +45,10 @@ class Admin extends Validate
             'password' => __('Password'),
             'email'    => __('Email'),
         ];
+        $this->message = array_merge($this->message, [
+            'username.regex' => __('Please input correct username'),
+            'password.regex' => __('Please input correct password')
+        ]);
         parent::__construct($rules, $message, $field);
     }