validate([ 'password' => 'required|current_password:api', 'new_password' => 'required', ], [ 'password.current_password' => '密码错误', ]); $user = auth('api')->user(); if (! $user || ! Hash::check($input['password'], $user->password)) { throw new BizException('密码错误'); } $user->password = bcrypt($input['new_password']); $user->save(); $user->tokens()->delete(); return $this->success('修改成功'); } public function logout() { $user = auth('api')->user(); $user->tokens()->delete(); return $this->success('退出成功'); } }