|
|
@@ -294,6 +294,10 @@ class UserController
|
|
|
public function extractIntegral(Request $request, UserAwardIntegralServices $services, $id)
|
|
|
{
|
|
|
$info = $services->getIntegral($id);
|
|
|
+ $password = $request->post('password', '');
|
|
|
+ $user = $this->services->get($request->uid());
|
|
|
+ if ($user->pwd !== md5((string)$password))
|
|
|
+ return app('json')->success('密码错误');
|
|
|
if (!$info || $info['uid'] != $request->uid()) {
|
|
|
return app('json')->fail('记录不存在');
|
|
|
}
|
Kirin