71 lines
1.6 KiB
Markdown
71 lines
1.6 KiB
Markdown
# 手机号+密码登录接口文档
|
||
|
||
## 概述
|
||
用于移动端/前端通过手机号和密码登录,成功后返回 `token` 与用户信息,后续请求携带 `Authorization: Bearer <token>`。
|
||
|
||
## 基础信息
|
||
- 方法: `POST`
|
||
- 路径: `/api/open/user/login`
|
||
- Content-Type: `application/json`
|
||
|
||
## 请求头
|
||
- `Content-Type: application/json`
|
||
- `Authorization`: 不需要(已加入登录白名单)
|
||
- 安全校验(当 `security.enable: true` 时必须):
|
||
- `X-App-Timestamp`: 毫秒时间戳
|
||
- `X-App-Sign`: MD5(`timestamp` + `secret_key`)
|
||
|
||
## 请求参数
|
||
| 字段 | 类型 | 必填 | 说明 |
|
||
| --- | --- | --- | --- |
|
||
| phone | string | 是 | 手机号 |
|
||
| password | string | 是 | 密码 |
|
||
|
||
### 请求示例
|
||
```json
|
||
{
|
||
"phone": "13800000000",
|
||
"password": "your_password"
|
||
}
|
||
```
|
||
|
||
## 响应参数
|
||
| 字段 | 类型 | 说明 |
|
||
| --- | --- | --- |
|
||
| token | string | 登录令牌 |
|
||
| user | object | 登录用户信息(基础字段) |
|
||
|
||
### 成功响应示例
|
||
```json
|
||
{
|
||
"code": 200,
|
||
"message": "success",
|
||
"data": {
|
||
"token": "c6f7f1e4-5a3b-4f4e-9d0b-6b3f7b8c5e3a",
|
||
"user": {
|
||
"id": "10001",
|
||
"username": "13800000000",
|
||
"realname": "张三",
|
||
"avatar": "https://oss-xxx/avatar.png",
|
||
"phone": "13800000000",
|
||
"email": "",
|
||
"token": "c6f7f1e4-5a3b-4f4e-9d0b-6b3f7b8c5e3a"
|
||
}
|
||
}
|
||
}
|
||
```
|
||
|
||
## 错误响应示例
|
||
```json
|
||
{
|
||
"code": 401,
|
||
"message": "手机号或密码错误",
|
||
"data": null
|
||
}
|
||
```
|
||
|
||
## 备注
|
||
- 需要在 `t_user` 中预先设置 `password` 与 `salt`。
|
||
- 密码加密方式与系统一致:`common.Encrypt(phone, rawPassword, salt)`。
|
||
- token 默认 24 小时过期(Redis)。
|