lcly-data-admin/app/Http/Controllers/UserController.php

<?php

namespace App\Http\Controllers;

use App\Exceptions\BizException;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;

class UserController extends Controller
{
    public function resetPwd(Request $request)
    {
        $input = $request->validate([
            'password' => 'required|current_password:api',
            'new_password' => 'required',
        ], [
            'password.current_password' => '密码错误',
        ]);
        $user = auth('api')->user();
        if (! $user || ! Hash::check($input['password'], $user->password)) {
            throw new BizException('密码错误');
        }

        $user->password = bcrypt($input['new_password']);
        $user->save();

        $user->tokens()->delete();

        return $this->success('修改成功');
    }

    public function logout()
    {
        $user = auth('api')->user();
        $user->tokens()->delete();

        return $this->success('退出成功');
    }
}