diff --git a/src/lib/reset-pwd.js b/src/lib/reset-pwd.js
index de5456a1ac238f9a4fab7d93fbb3c6fbaece6984..79bc572599b1ea21ea0b82b8e03d10490ab68fc8 100644
--- a/src/lib/reset-pwd.js
+++ b/src/lib/reset-pwd.js
@@ -1,4 +1,5 @@
 import encryptPwd from './encrypt-pwd'
+import uniToken from './uni-token'
 import {
   userCollection,
   log
@@ -6,9 +7,16 @@ import {
 
 async function resetPwd ({
   uid,
+  token ,
   password
 }) {
   try {
+	
+	uid = uniToken.resetUidByToken(uid , token);
+	if(!uid){
+		throw "uid或token参数缺失"
+	}
+	  
     const upRes = await userCollection.doc(uid).update({
       password: encryptPwd(password),
       token: []
diff --git a/src/lib/uni-token.js b/src/lib/uni-token.js
index dc989af6cca6001053a72e791a35905339606afb..a02573bff2e0ce16aafa93b2587dfe41087720c4 100644
--- a/src/lib/uni-token.js
+++ b/src/lib/uni-token.js
@@ -103,7 +103,19 @@ const uniToken = {
       }
     })
     return tokenExpired
-  }
+  },
+  
+  /**
+   * 适用于使用uid的场景，如未获取到uid，可以通过该函数使用token换取uid
+   * @param {Object} uid
+   * @param {Object} token
+   */
+  resetUidByToken : function(uid , token){
+  	 if(!!uid) return uid 
+	 if(!token) return null 
+	 return checkToken(token).uid ;
+  },
+  
 }
 
 export default uniToken
diff --git a/src/lib/update-user.js b/src/lib/update-user.js
index ed7471c41fa0b6bc70dc8ad3fc4c59459a353e5c..af33239039c8e4dbeffc32d962e3e8a54bd41a67 100644
--- a/src/lib/update-user.js
+++ b/src/lib/update-user.js
@@ -1,3 +1,4 @@
+import encryptPwd from './encrypt-pwd'
 import {
   userCollection,
   log
@@ -13,6 +14,11 @@ async function updateUser (params) {
   }
   delete params.uid
   try {
+	
+	if(!!params.password){
+		params.password = encryptPwd(params.password)
+	}
+	
     const upRes = await userCollection.doc(uid).update(params)
 
     log('update -> upRes', upRes)