不再使用的代码清理

backend/auth/server/src/main/java/com/emotionmuseum/auth/config/SecurityConfig.java

@@ -109,7 +109,8 @@ public class SecurityConfig {
                                 "/auth/check-account",
                                 "/auth/check-email",
                                 "/auth/check-phone",
-                                "/captcha/**",
+                                "/auth/resetPassword",
+                                        "/captcha/**",
                                 "/oauth/**")
                         .permitAll()
 

backend/auth/server/src/main/java/com/emotionmuseum/auth/controller/AuthController.java

@@ -3,8 +3,10 @@ package com.emotionmuseum.auth.controller;
 import com.emotionmuseum.common.result.Result;
 import com.emotionmuseum.auth.request.LoginRequest;
 import com.emotionmuseum.auth.request.RegisterRequest;
+import com.emotionmuseum.auth.request.ResetPasswordRequest;
 import com.emotionmuseum.auth.service.AuthService;
 import com.emotionmuseum.auth.response.LoginResponse;
+import com.emotionmuseum.auth.response.ResetPasswordResponse;
 import com.emotionmuseum.auth.response.UserInfoResponse;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
@@ -108,4 +110,19 @@ public class AuthController {
         boolean exists = authService.existsByPhone(phone);
         return Result.success(exists);
     }
+
+    /**
+     * 重置密码（未登录场景）
+     *
+     * @param request 重置密码请求（手机号 + 新密码 + 验证码=123456）
+     * @return 重置密码响应
+     */
+    @Operation(summary = "重置密码（手机号+验证码）")
+    @PostMapping("/resetPassword")
+    public Result<ResetPasswordResponse> resetPassword(@Valid @RequestBody ResetPasswordRequest request) {
+        log.info("重置密码请求: phone={}", request.getPhone());
+        ResetPasswordResponse response = authService.resetPassword(request);
+        return Result.success("重置密码成功", response);
+    }
 }
+

backend/auth/server/src/main/java/com/emotionmuseum/auth/service/AuthService.java

@@ -2,12 +2,18 @@ package com.emotionmuseum.auth.service;
 
 import com.emotionmuseum.auth.request.LoginRequest;
 import com.emotionmuseum.auth.request.RegisterRequest;
+import com.emotionmuseum.auth.request.ResetPasswordRequest;
 import com.emotionmuseum.auth.response.LoginResponse;
+import com.emotionmuseum.auth.response.ResetPasswordResponse;
 import com.emotionmuseum.auth.response.UserInfoResponse;
 
 /**
  * 认证服务接口
  *
+ * <p>
+ * 注意：所有新增接口需遵循项目接口规范与异常处理规范。
+ * </p>
+ *
  * @author emotion-museum
  * @since 2025-07-16
  */
@@ -89,4 +95,16 @@ public interface AuthService {
      * @param userId 用户ID
      */
     void updateLastActiveTime(String userId);
+
+    /**
+     * 重置密码（未登录场景）
+     *
+     * <p>
+     * 通过手机号与验证码（当前固定为123456）设置新密码。
+     * </p>
+     *
+     * @param request 重置密码请求
+     * @return 重置密码响应
+     */
+    ResetPasswordResponse resetPassword(ResetPasswordRequest request);
 }

backend/auth/server/src/main/java/com/emotionmuseum/auth/service/impl/AuthServiceImpl.java

@@ -6,11 +6,13 @@ import com.emotionmuseum.common.result.ResultCode;
 import com.emotionmuseum.common.util.JwtUtil;
 import com.emotionmuseum.auth.request.LoginRequest;
 import com.emotionmuseum.auth.request.RegisterRequest;
+import com.emotionmuseum.auth.request.ResetPasswordRequest;
 import com.emotionmuseum.auth.entity.User;
 import com.emotionmuseum.auth.mapper.UserMapper;
 import com.emotionmuseum.auth.service.AuthService;
 import com.emotionmuseum.auth.service.CaptchaService;
 import com.emotionmuseum.auth.response.LoginResponse;
+import com.emotionmuseum.auth.response.ResetPasswordResponse;
 import com.emotionmuseum.auth.response.UserInfoResponse;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@@ -239,6 +241,46 @@ public class AuthServiceImpl extends ServiceImpl<UserMapper, User> implements Au
         return convertToUserInfoResponse(user);
     }
 
+    /**
+     * 重置密码（未登录场景）
+     *
+     * <p>
+     * 校验验证码（当前固定为123456），按手机号查询用户，使用 PasswordEncoder(BCrypt) 加密新密码并更新。
+     * </p>
+     *
+     * @param request 重置密码请求
+     * @return 重置密码响应
+     */
+    @Override
+    public ResetPasswordResponse resetPassword(ResetPasswordRequest request) {
+        // 校验验证码（本期约定固定为 123456）
+        if (!"123456".equals(request.getCaptcha())) {
+            throw new RuntimeException(ResultCode.CAPTCHA_ERROR.getMessage());
+        }
+
+        // 按手机号查找用户
+        User user = baseMapper.selectByPhone(request.getPhone());
+        if (user == null) {
+            throw new RuntimeException(ResultCode.USER_NOT_FOUND.getMessage());
+        }
+
+        // 获取加密器并加密新密码
+        PasswordEncoder passwordEncoder = applicationContext.getBean(PasswordEncoder.class);
+        String encoded = passwordEncoder.encode(request.getNewPassword());
+
+        // 仅更新密码与更新时间（遵循仅更新非空字段原则）
+        User toUpdate = new User();
+        toUpdate.setId(user.getId());
+        toUpdate.setPassword(encoded);
+        updateById(toUpdate);
+
+        log.info("用户重置密码成功: phone={}", request.getPhone());
+        ResetPasswordResponse resp = new ResetPasswordResponse();
+        resp.setSuccess(true);
+        resp.setMessage("重置密码成功");
+        return resp;
+    }
+
     @Override
     public void updateLastActiveTime(String userId) {
         baseMapper.updateLastActiveTime(userId);