From 909499fc447daca0409e8a4f84c543a21be67e2d Mon Sep 17 00:00:00 2001
From: caoqianming <caoqianming@foxmail.com>
Date: Thu, 24 Aug 2023 10:11:11 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20=E9=BB=98=E8=AE=A4=E5=AF=86=E7=A0=81?=
 =?UTF-8?q?=E8=AE=BE=E7=BD=AE=E5=A4=8D=E6=9D=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/system/views.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/apps/system/views.py b/apps/system/views.py
index 44584baa..65a7585a 100755
--- a/apps/system/views.py
+++ b/apps/system/views.py
@@ -457,7 +457,7 @@ class UserViewSet(CustomModelViewSet):
 
         创建用户
         """
-        password = make_password('0000')
+        password = make_password('abc!0000')
         serializer = self.get_serializer(data=request.data)
         serializer.is_valid(raise_exception=True)
         instance = serializer.save(password=password, belong_dept=None)
@@ -491,6 +491,8 @@ class UserViewSet(CustomModelViewSet):
             new_password1 = request.data['new_password1']
             new_password2 = request.data['new_password2']
             if new_password1 == new_password2:
+                if new_password1 == old_password:
+                    raise ParseError('新密码不得与旧密码相同')
                 user.set_password(new_password2)
                 user.save()
                 return Response()
@@ -503,7 +505,7 @@ class UserViewSet(CustomModelViewSet):
     def reset_password(self, request, pk=None):
         user = self.get_object()
         if request.user.is_superuser:
-            user.set_password('0000')
+            user.set_password('abc!0000')
             user.save()
         else:
             raise PermissionDenied()