2020-03-30 16:10:51 +08:00
|
|
|
|
using System;
|
2020-04-27 16:14:01 +08:00
|
|
|
|
using System.Collections.Generic;
|
2020-03-30 16:10:51 +08:00
|
|
|
|
using System.Linq;
|
2020-04-14 16:44:05 +08:00
|
|
|
|
using Falcon.Extend;
|
|
|
|
|
|
using FAuth.DataBase.Tables;
|
2020-05-06 15:57:09 +08:00
|
|
|
|
using FAuth.Extensions;
|
2020-04-20 11:41:09 +08:00
|
|
|
|
using FAuth.Extensions.Account;
|
2020-04-14 16:44:05 +08:00
|
|
|
|
using FAuth.Extensions.Decryptor;
|
2020-03-30 16:10:51 +08:00
|
|
|
|
using FAuth.Models;
|
|
|
|
|
|
using Microsoft.AspNetCore.Mvc;
|
2020-04-01 10:54:48 +08:00
|
|
|
|
using Microsoft.AspNetCore.Mvc.ModelBinding;
|
2020-04-10 18:15:11 +08:00
|
|
|
|
using Microsoft.EntityFrameworkCore;
|
2020-04-20 11:41:09 +08:00
|
|
|
|
using Microsoft.Extensions.DependencyInjection;
|
2020-04-14 16:44:05 +08:00
|
|
|
|
using Microsoft.Extensions.Logging;
|
2020-03-30 16:10:51 +08:00
|
|
|
|
|
|
|
|
|
|
namespace FAuth.Controllers.api
|
|
|
|
|
|
{
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 用户相关api控制器接口
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public class UserController:ApiControllerBase<UserController>
|
|
|
|
|
|
{
|
2020-04-08 16:28:42 +08:00
|
|
|
|
public IUserTicketDryptor UserTicketDryptor { get; set; }
|
2020-04-20 11:41:09 +08:00
|
|
|
|
public AccountHelper Account { get; set; }
|
2020-04-08 16:28:42 +08:00
|
|
|
|
|
2020-04-20 11:41:09 +08:00
|
|
|
|
public UserController(ILogger<UserController> logger,IServiceProvider service)
|
2020-04-08 16:28:42 +08:00
|
|
|
|
: base(logger,service) {
|
2020-04-20 11:41:09 +08:00
|
|
|
|
this.Account = service.GetRequiredService<AccountHelper>();
|
|
|
|
|
|
this.UserTicketDryptor = service.GetRequiredService<IUserTicketDryptor>();
|
2020-03-30 16:10:51 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
2020-04-13 08:35:54 +08:00
|
|
|
|
/// 用户登录方法
|
2020-03-30 16:10:51 +08:00
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="userName">用户名</param>
|
|
|
|
|
|
/// <param name="password">密码</param>
|
2020-04-13 08:35:54 +08:00
|
|
|
|
/// <returns>登录结果</returns>
|
2020-03-30 16:10:51 +08:00
|
|
|
|
[HttpPost]
|
|
|
|
|
|
[ProducesResponseType(typeof(CheckUserResult),200)]
|
2020-04-13 08:35:54 +08:00
|
|
|
|
public CheckUserResult Login(string userName,string password) {
|
2020-04-10 18:15:11 +08:00
|
|
|
|
if(userName.IsNullOrEmpty()) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiArgumentNullException(nameof(userName));
|
2020-04-10 18:15:11 +08:00
|
|
|
|
}
|
|
|
|
|
|
var qu = this.Db.Users.Where(m => m.UserName == userName && m.Password == password);
|
|
|
|
|
|
if(!qu.Any()) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiException("提供的用户名或密码不正确");
|
2020-04-10 18:15:11 +08:00
|
|
|
|
}
|
|
|
|
|
|
var fir = qu.First();
|
2020-04-13 08:35:54 +08:00
|
|
|
|
var now = DateTimeOffset.Now;
|
|
|
|
|
|
fir.LastLoginDatetime = now;
|
|
|
|
|
|
fir.Status |= FUserStatusEnum.Login;
|
2020-04-10 18:15:11 +08:00
|
|
|
|
this.Db.SaveChangesAsync().Wait();
|
2020-04-13 08:49:04 +08:00
|
|
|
|
this.Logger.LogInformation($"用户{userName}登录成功!");
|
2020-03-30 16:10:51 +08:00
|
|
|
|
return new CheckUserResult {
|
2020-04-08 16:28:42 +08:00
|
|
|
|
Ticket = this.UserTicketDryptor.Encrypt(new UserTicketModel {
|
2020-04-10 18:15:11 +08:00
|
|
|
|
Id = fir.Id,
|
|
|
|
|
|
UserName = fir.UserName,
|
2020-04-13 08:35:54 +08:00
|
|
|
|
LoginDatetime = now,
|
2020-04-08 16:28:42 +08:00
|
|
|
|
}),
|
2020-03-30 16:10:51 +08:00
|
|
|
|
};
|
|
|
|
|
|
}
|
2020-04-13 08:35:54 +08:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 登出用户
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="ticket">用户票据</param>
|
|
|
|
|
|
/// <returns>是否成功</returns>
|
|
|
|
|
|
[HttpPost]
|
|
|
|
|
|
public bool Logout(string ticket) {
|
|
|
|
|
|
if(ticket.IsNullOrEmpty()) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiArgumentNullException(nameof(ticket));
|
2020-04-13 08:35:54 +08:00
|
|
|
|
}
|
|
|
|
|
|
var userTicketModel = this.UserTicketDryptor.Decrypt(ticket);
|
|
|
|
|
|
var qu = this.Db.Users.Where(m => m.Id == userTicketModel.Id);
|
|
|
|
|
|
if(!qu.Any()) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiException("提交的票据信息错误");
|
2020-04-13 08:35:54 +08:00
|
|
|
|
}
|
|
|
|
|
|
var fir = qu.First();
|
|
|
|
|
|
fir.Status &= ~FUserStatusEnum.Login;
|
|
|
|
|
|
fir.LastLogoutDatetime = DateTimeOffset.Now;
|
|
|
|
|
|
this.Db.SaveChangesAsync().Wait();
|
2020-04-13 08:49:04 +08:00
|
|
|
|
this.Logger.LogInformation($"用户{userTicketModel.Id}:{userTicketModel.UserName}登出成功!");
|
2020-04-13 08:35:54 +08:00
|
|
|
|
return true;
|
|
|
|
|
|
}
|
2020-03-30 16:10:51 +08:00
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 根据用户凭据获取用户信息
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="ticket">登录票据</param>
|
|
|
|
|
|
/// <returns>用户信息</returns>
|
2020-04-20 11:41:09 +08:00
|
|
|
|
[HttpGet]
|
2020-03-30 16:10:51 +08:00
|
|
|
|
[ProducesResponseType(typeof(UserInfo),200)]
|
2020-05-12 11:24:56 +08:00
|
|
|
|
public UserInfo GetUserByTicket(string ticket) {
|
2020-04-10 18:15:11 +08:00
|
|
|
|
if(ticket.IsNullOrEmpty()) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiArgumentNullException(nameof(ticket));
|
2020-04-10 18:15:11 +08:00
|
|
|
|
}
|
2020-04-13 08:35:54 +08:00
|
|
|
|
var userTicketModel = this.UserTicketDryptor.Decrypt(ticket);
|
2020-04-10 18:15:11 +08:00
|
|
|
|
var qu = this.Db.Users.Where(m => m.Id == userTicketModel.Id);
|
|
|
|
|
|
if(!qu.Any()) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiException("提交的票据信息错误");
|
2020-04-10 18:15:11 +08:00
|
|
|
|
}
|
|
|
|
|
|
var fir = qu.First();
|
2020-04-13 08:35:54 +08:00
|
|
|
|
if(fir.LastLogoutDatetime.HasValue && userTicketModel.LoginDatetime < fir.LastLogoutDatetime.Value) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiException("用户已登出");
|
2020-04-13 08:35:54 +08:00
|
|
|
|
}
|
2020-03-30 16:10:51 +08:00
|
|
|
|
return new UserInfo {
|
2020-04-10 18:15:11 +08:00
|
|
|
|
Id = fir.Id,
|
|
|
|
|
|
LastLoginDatetime = fir.LastLoginDatetime,
|
|
|
|
|
|
UserName = fir.UserName,
|
2020-05-12 11:24:56 +08:00
|
|
|
|
Name = fir.Name,
|
2020-03-30 16:10:51 +08:00
|
|
|
|
};
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-04-27 16:14:01 +08:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 获取用户信息列表
|
|
|
|
|
|
/// </summary>
|
2020-05-18 11:09:31 +08:00
|
|
|
|
/// <param name="userName">登录用户名</param>
|
|
|
|
|
|
/// <param name="name">用户名</param>
|
2020-04-27 16:14:01 +08:00
|
|
|
|
/// <returns>用户信息列表</returns>
|
|
|
|
|
|
[HttpGet]
|
|
|
|
|
|
[ProducesResponseType(typeof(IEnumerable<UserInfo>),200)]
|
2020-05-18 11:09:31 +08:00
|
|
|
|
public IEnumerable<UserInfo> GetUsers(string userName,string name) {
|
|
|
|
|
|
var key = $"FAuth:Users:userName:{userName}:name:{name}";
|
|
|
|
|
|
List<UserInfo> result = null;// this.Cache?.GetObj<List<UserInfo>>(key);
|
|
|
|
|
|
if(result == null) {
|
|
|
|
|
|
var qu = this.Db.Users
|
|
|
|
|
|
.Select(m => new UserInfo {
|
|
|
|
|
|
Id = m.Id,
|
|
|
|
|
|
UserName = m.UserName,
|
|
|
|
|
|
Name = m.Name,
|
|
|
|
|
|
LastLoginDatetime = m.LastLoginDatetime,
|
|
|
|
|
|
Status =
|
|
|
|
|
|
!m.LastLoginDatetime.HasValue ? "未登陆" :
|
|
|
|
|
|
!m.LastLogoutDatetime.HasValue ? "在线" :
|
|
|
|
|
|
m.LastLoginDatetime.Value > m.LastLogoutDatetime.Value ? "在线" : "离线",
|
|
|
|
|
|
});
|
|
|
|
|
|
if(userName.IsNotNullOrEmpty()) {
|
|
|
|
|
|
qu = qu.Where(m => m.UserName == userName);
|
|
|
|
|
|
}
|
|
|
|
|
|
if(name.IsNotNullOrEmpty()) {
|
|
|
|
|
|
qu = qu.Where(m => m.Name == name);
|
|
|
|
|
|
}
|
|
|
|
|
|
result = qu.ToList();
|
|
|
|
|
|
this.Cache?.SetCache(key,result,new TimeSpan(0,5,0));
|
|
|
|
|
|
}
|
|
|
|
|
|
return result;
|
2020-04-27 16:14:01 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-30 16:10:51 +08:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 根据提供的登陆票据修改用户密码
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="ticket">票据</param>
|
|
|
|
|
|
/// <param name="nPassword">新密码</param>
|
|
|
|
|
|
/// <returns>是否成功</returns>
|
|
|
|
|
|
[HttpPost]
|
|
|
|
|
|
public bool ChangePassword(string ticket,string nPassword) {
|
2020-04-10 18:15:11 +08:00
|
|
|
|
if(ticket.IsNullOrEmpty()) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiArgumentNullException(nameof(ticket));
|
2020-04-10 18:15:11 +08:00
|
|
|
|
}
|
|
|
|
|
|
var userTicketModel = this.UserTicketDryptor.Decrypt(ticket);
|
|
|
|
|
|
var qu = this.Db.Users.Where(m => m.Id == userTicketModel.Id);
|
|
|
|
|
|
if(!qu.Any()) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiException("没找到票据对应用户");
|
2020-04-10 18:15:11 +08:00
|
|
|
|
}
|
|
|
|
|
|
foreach(var item in qu) {
|
|
|
|
|
|
item.Password = nPassword;
|
|
|
|
|
|
}
|
|
|
|
|
|
this.Db.SaveChangesAsync().Wait();
|
2020-04-13 08:49:04 +08:00
|
|
|
|
this.Logger.LogInformation($"用户{userTicketModel.Id}:{userTicketModel.UserName}修改密码成功!");
|
2020-04-10 18:15:11 +08:00
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 通过提供管理员票据和新用户信息创建用户
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="adminTicket">管理员票据</param>
|
|
|
|
|
|
/// <param name="userName">登录用户名</param>
|
|
|
|
|
|
/// <param name="name">用户名称</param>
|
|
|
|
|
|
/// <param name="password">用户密码</param>
|
|
|
|
|
|
/// <returns>是否成功</returns>
|
|
|
|
|
|
[HttpPost]
|
2020-05-18 11:09:31 +08:00
|
|
|
|
[ProducesResponseType(typeof(UserInfo),200)]
|
|
|
|
|
|
public UserInfo AddNewUser(string adminTicket,string userName,string name,string password) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
if(adminTicket is null)
|
|
|
|
|
|
throw new ApiArgumentNullException(nameof(adminTicket));
|
|
|
|
|
|
if(userName is null)
|
|
|
|
|
|
throw new ApiArgumentNullException(nameof(userName));
|
|
|
|
|
|
if(password is null)
|
|
|
|
|
|
throw new ApiArgumentNullException(nameof(password));
|
2020-04-20 11:41:09 +08:00
|
|
|
|
|
|
|
|
|
|
if(this.Account.IsNotSystemAdmin(adminTicket)) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiException($"用户必须在应用FAuth中具有Admin角色!");
|
2020-04-20 11:41:09 +08:00
|
|
|
|
}
|
2020-04-10 18:15:11 +08:00
|
|
|
|
var qu = this.Db.Users.Where(m => m.UserName == userName);
|
|
|
|
|
|
if(qu.Any()) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiException("用户登录名已经存在,不能重复添加");
|
2020-04-10 18:15:11 +08:00
|
|
|
|
}
|
|
|
|
|
|
var nUser = new FUser {
|
|
|
|
|
|
Name = name,
|
|
|
|
|
|
UserName = userName,
|
|
|
|
|
|
Password = password,
|
|
|
|
|
|
};
|
|
|
|
|
|
this.Db.Entry(nUser).State = EntityState.Added;
|
|
|
|
|
|
this.Db.SaveChangesAsync().Wait();
|
2020-04-13 08:49:04 +08:00
|
|
|
|
this.Logger.LogInformation($"用户{nUser.Id}:{nUser.UserName}:{nUser.Name}添加成功!");
|
2020-05-18 11:09:31 +08:00
|
|
|
|
return new UserInfo {
|
|
|
|
|
|
Id = nUser.Id,
|
|
|
|
|
|
UserName = nUser.UserName,
|
|
|
|
|
|
Name = nUser.Name,
|
|
|
|
|
|
LastLoginDatetime = nUser.LastLoginDatetime,
|
|
|
|
|
|
};
|
2020-03-30 16:10:51 +08:00
|
|
|
|
}
|
2020-04-20 11:41:09 +08:00
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 重置用户密码
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="adminTicket">管理员票据</param>
|
|
|
|
|
|
/// <param name="userName">要重置密码的用户名</param>
|
|
|
|
|
|
/// <param name="newPassword">新密码</param>
|
|
|
|
|
|
/// <returns>是否成功。成功True 否则返回False</returns>
|
|
|
|
|
|
[HttpPost]
|
|
|
|
|
|
public bool ResetUserPassword(string adminTicket,string userName,string newPassword) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
if(adminTicket is null)
|
|
|
|
|
|
throw new ApiArgumentNullException(nameof(adminTicket));
|
|
|
|
|
|
if(userName is null)
|
|
|
|
|
|
throw new ApiArgumentNullException(nameof(userName));
|
|
|
|
|
|
if(newPassword is null)
|
|
|
|
|
|
throw new ApiArgumentNullException(nameof(newPassword));
|
2020-04-20 11:41:09 +08:00
|
|
|
|
|
|
|
|
|
|
if(this.Account.IsNotSystemAdmin(adminTicket)) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiException($"用户必须在应用FAuth中具有Admin角色!");
|
2020-04-20 11:41:09 +08:00
|
|
|
|
}
|
|
|
|
|
|
var qu = this.Db.Users.Where(m => m.UserName == userName);
|
|
|
|
|
|
if(!qu.Any()) {
|
2020-05-06 15:57:09 +08:00
|
|
|
|
throw new ApiException("用户登录名不存在");
|
2020-04-20 11:41:09 +08:00
|
|
|
|
}
|
|
|
|
|
|
foreach(var item in qu) {
|
|
|
|
|
|
item.Password = newPassword;
|
|
|
|
|
|
}
|
|
|
|
|
|
this.Db.SaveChangesAsync().Wait();
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
2020-05-18 11:09:31 +08:00
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 删除用户
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="adminTicket">管理员凭据</param>
|
|
|
|
|
|
/// <param name="id">要删除的用户编号</param>
|
|
|
|
|
|
/// <returns>删除结果</returns>
|
|
|
|
|
|
[HttpPost, ProducesResponseType(typeof(ApiBoolResult),200)]
|
|
|
|
|
|
public ApiBoolResult RemoveUser(string adminTicket,int id) {
|
|
|
|
|
|
var user = this.Account.TicketDryptor.Decrypt(adminTicket);
|
|
|
|
|
|
if(user.Id == id) {
|
|
|
|
|
|
throw new ApiException("当前用户不能删除");
|
|
|
|
|
|
}
|
|
|
|
|
|
this.Db.Users.Attach(new FUser {
|
|
|
|
|
|
Id = id,
|
|
|
|
|
|
}).State = EntityState.Deleted;
|
|
|
|
|
|
this.Db.SaveChangesAsync().Wait();
|
|
|
|
|
|
return new ApiBoolResult { Result = true };
|
|
|
|
|
|
}
|
2020-03-30 16:10:51 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
