diff --git a/app.py b/app.py index 97d0563c..891d3ea6 100755 --- a/app.py +++ b/app.py @@ -1849,6 +1849,15 @@ def send_verification_code(): if not credential or not code_type: return jsonify({'success': False, 'error': '缺少必要参数'}), 400 + # 清理格式字符(空格、横线、括号等) + if code_type == 'phone': + # 移除手机号中的空格、横线、括号、加号等格式字符 + credential = re.sub(r'[\s\-\(\)\+]', '', credential) + print(f"📱 清理后的手机号: {credential}") + elif code_type == 'email': + # 邮箱只移除空格 + credential = credential.strip() + # 生成验证码 verification_code = generate_verification_code() @@ -1907,6 +1916,17 @@ def login_with_verification_code(): if not credential or not verification_code or not login_type: return jsonify({'success': False, 'error': '缺少必要参数'}), 400 + # 清理格式字符(空格、横线、括号等) + if login_type == 'phone': + # 移除手机号中的空格、横线、括号、加号等格式字符 + original_credential = credential + credential = re.sub(r'[\s\-\(\)\+]', '', credential) + if original_credential != credential: + print(f"📱 登录时清理手机号: {original_credential} -> {credential}") + elif login_type == 'email': + # 邮箱只移除前后空格 + credential = credential.strip() + # 检查验证码 session_key = f'verification_code_{login_type}_{credential}_login' stored_code_info = session.get(session_key) diff --git a/src/components/Auth/AuthFormContent.js b/src/components/Auth/AuthFormContent.js index 793f2293..6de1fa70 100644 --- a/src/components/Auth/AuthFormContent.js +++ b/src/components/Auth/AuthFormContent.js @@ -143,7 +143,10 @@ export default function AuthFormContent() { return; } - if (!/^1[3-9]\d{9}$/.test(credential)) { + // 清理手机号格式字符(空格、横线、括号等) + const cleanedCredential = credential.replace(/[\s\-\(\)\+]/g, ''); + + if (!/^1[3-9]\d{9}$/.test(cleanedCredential)) { toast({ title: "请输入有效的手机号", status: "warning", @@ -156,7 +159,7 @@ export default function AuthFormContent() { setSendingCode(true); const requestData = { - credential: credential.trim(), // 添加 trim() 防止空格 + credential: cleanedCredential, // 使用清理后的手机号 type: 'phone', purpose: config.api.purpose }; @@ -189,13 +192,13 @@ export default function AuthFormContent() { if (response.ok && data.success) { // ❌ 移除成功 toast,静默处理 logger.info('AuthFormContent', '验证码发送成功', { - credential: credential.substring(0, 3) + '****' + credential.substring(7), + credential: cleanedCredential.substring(0, 3) + '****' + cleanedCredential.substring(7), dev_code: data.dev_code }); // ✅ 开发环境下在控制台显示验证码 if (data.dev_code) { - console.log(`%c✅ [验证码] ${credential} -> ${data.dev_code}`, 'color: #16a34a; font-weight: bold; font-size: 14px;'); + console.log(`%c✅ [验证码] ${cleanedCredential} -> ${data.dev_code}`, 'color: #16a34a; font-weight: bold; font-size: 14px;'); } setVerificationCodeSent(true); @@ -205,7 +208,7 @@ export default function AuthFormContent() { } } catch (error) { logger.api.error('POST', '/api/auth/send-verification-code', error, { - credential: credential.substring(0, 3) + '****' + credential.substring(7) + credential: cleanedCredential.substring(0, 3) + '****' + cleanedCredential.substring(7) }); // ✅ 显示错误提示给用户 @@ -247,7 +250,10 @@ export default function AuthFormContent() { return; } - if (!/^1[3-9]\d{9}$/.test(phone)) { + // 清理手机号格式字符(空格、横线、括号等) + const cleanedPhone = phone.replace(/[\s\-\(\)\+]/g, ''); + + if (!/^1[3-9]\d{9}$/.test(cleanedPhone)) { toast({ title: "请输入有效的手机号", status: "warning", @@ -258,13 +264,13 @@ export default function AuthFormContent() { // 构建请求体 const requestBody = { - credential: phone.trim(), // 添加 trim() 防止空格 + credential: cleanedPhone, // 使用清理后的手机号 verification_code: verificationCode.trim(), // 添加 trim() 防止空格 login_type: 'phone', }; logger.api.request('POST', '/api/auth/login-with-code', { - credential: phone.substring(0, 3) + '****' + phone.substring(7), + credential: cleanedPhone.substring(0, 3) + '****' + cleanedPhone.substring(7), verification_code: verificationCode.substring(0, 2) + '****', login_type: 'phone' });