用户管理密码验证失败的状态码从 401 修改为 403

backend/app/api/v1/endpoints/apps.py

@@ -234,7 +234,7 @@ def regenerate_secret(
         
     # Security Verification
     if not security.verify_password(req.password, current_user.password_hash):
-        raise HTTPException(status_code=401, detail="密码错误")
+        raise HTTPException(status_code=403, detail="密码错误")
 
     if not SmsService.verify_code(current_user.mobile, req.verification_code):
         raise HTTPException(status_code=400, detail="验证码无效或已过期")
@@ -269,7 +269,7 @@ def view_secret(
     """
     # 1. Verify Password
     if not security.verify_password(req.password, current_user.password_hash):
-        raise HTTPException(status_code=401, detail="密码错误")
+        raise HTTPException(status_code=403, detail="密码错误")
         
     app = db.query(Application).filter(Application.id == app_id).first()
     if not app:
@@ -312,7 +312,7 @@ def transfer_app(
 
     # 1. Verify Password
     if not security.verify_password(req.password, current_user.password_hash):
-        raise HTTPException(status_code=401, detail="密码错误")
+        raise HTTPException(status_code=403, detail="密码错误")
 
     # 2. Verify SMS Code
     if not SmsService.verify_code(current_user.mobile, req.verification_code):
@@ -421,7 +421,7 @@ def create_mapping(
 
     # Verify Password
     if not security.verify_password(mapping_in.password, current_user.password_hash):
-        raise HTTPException(status_code=401, detail="密码错误")
+        raise HTTPException(status_code=403, detail="密码错误")
 
     # Normalize input: treat empty strings as None to avoid unique constraint violations
     mapped_key = mapping_in.mapped_key if mapping_in.mapped_key else None
@@ -535,7 +535,7 @@ def update_mapping(
 
     # Verify Password
     if not security.verify_password(mapping_in.password, current_user.password_hash):
-        raise HTTPException(status_code=401, detail="密码错误")
+        raise HTTPException(status_code=403, detail="密码错误")
 
     mapping = db.query(AppUserMapping).filter(
         AppUserMapping.id == mapping_id,
@@ -616,7 +616,7 @@ def delete_mapping(
     """
     # Verify Password
     if not security.verify_password(req.password, current_user.password_hash):
-        raise HTTPException(status_code=401, detail="密码错误")
+        raise HTTPException(status_code=403, detail="密码错误")
 
     mapping = db.query(AppUserMapping).filter(
         AppUserMapping.id == mapping_id,