fix(auth-service): 修复支付密码DTO缺少class-validator装饰器导致请求被ValidationPipe拒绝

根因：ValidationPipe配置了whitelist+forbidNonWhitelisted，但DTO类的属性没有任何class-validator装饰器，导致所有请求体属性被当作非白名单属性直接返回Bad Request，请求根本未到达业务逻辑层。修复：为SetTradePasswordDto、ChangeTradePasswordDto、VerifyTradePasswordDto 添加@IsString()和@IsNotEmpty()装饰器。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-26 09:39:14 -08:00 · 2026-02-26 09:39:14 -08:00 · 74f061cfeb
parent 16da1d20f0
commit 74f061cfeb
1 changed files with 13 additions and 0 deletions
--- a/backend/services/auth-service/src/api/controllers/trade-password.controller.ts
+++ b/backend/services/auth-service/src/api/controllers/trade-password.controller.ts
@ -7,22 +7,35 @@ import {
  HttpStatus,
  UseGuards,
 } from '@nestjs/common';
+import { IsString, IsNotEmpty } from 'class-validator';
 import { ThrottlerGuard } from '@nestjs/throttler';
 import { TradePasswordService } from '@/application/services/trade-password.service';
 import { JwtAuthGuard } from '@/shared/guards/jwt-auth.guard';
 import { CurrentUser } from '@/shared/decorators/current-user.decorator';

 class SetTradePasswordDto {
+  @IsString()
+  @IsNotEmpty()
  loginPassword: string;
+
+  @IsString()
+  @IsNotEmpty()
  tradePassword: string;
 }

 class ChangeTradePasswordDto {
+  @IsString()
+  @IsNotEmpty()
  oldTradePassword: string;
+
+  @IsString()
+  @IsNotEmpty()
  newTradePassword: string;
 }

 class VerifyTradePasswordDto {
+  @IsString()
+  @IsNotEmpty()
  tradePassword: string;
 }