From b97b2ddd09af949d3add99a4d9948733c16b66e3 Mon Sep 17 00:00:00 2001
From: falcon <9504402@qq.com>
Date: Mon, 20 Apr 2020 11:41:09 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E8=B4=A6=E6=88=B7=E5=B8=AE?=
=?UTF-8?q?=E5=8A=A9=E7=B1=BB=E3=80=82=E5=A4=84=E7=90=86=E7=94=A8=E6=88=B7?=
=?UTF-8?q?=E6=98=AF=E5=90=A6=E4=B8=BA=E7=AE=A1=E7=90=86=E5=91=98=E7=9B=B8?=
=?UTF-8?q?=E5=85=B3=E6=96=B9=E6=B3=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
FAuth/Controllers/api/AppController.cs | 13 ++++
FAuth/Controllers/api/UserController.cs | 45 +++++++++++--
FAuth/Extensions/Account/AccountHelper.cs | 63 +++++++++++++++++++
.../Account/ServiceCollectionExtend.cs | 20 ++++++
FAuth/Startup.cs | 2 +
5 files changed, 139 insertions(+), 4 deletions(-)
create mode 100644 FAuth/Extensions/Account/AccountHelper.cs
create mode 100644 FAuth/Extensions/Account/ServiceCollectionExtend.cs
diff --git a/FAuth/Controllers/api/AppController.cs b/FAuth/Controllers/api/AppController.cs
index 9563a47..00c4817 100644
--- a/FAuth/Controllers/api/AppController.cs
+++ b/FAuth/Controllers/api/AppController.cs
@@ -44,6 +44,19 @@ namespace FAuth.Controllers.api
return newApp;
}
+ [HttpPost]
+ public bool RemoveApp(string appName) {
+ if(appName.IsNullOrEmpty()) {
+ throw new ArgumentNullException(nameof(appName));
+ }
+ var qu = this.Db.Apps.Where(m => m.Name == appName);
+ foreach(var item in qu) {
+ this.Db.Entry(item).State = EntityState.Deleted;
+ }
+ this.Db.SaveChangesAsync().Wait();
+ return true;
+ }
+
///
/// 查询app是否注册
///
diff --git a/FAuth/Controllers/api/UserController.cs b/FAuth/Controllers/api/UserController.cs
index a3a39e7..0ee1ffc 100644
--- a/FAuth/Controllers/api/UserController.cs
+++ b/FAuth/Controllers/api/UserController.cs
@@ -2,11 +2,13 @@
using System.Linq;
using Falcon.Extend;
using FAuth.DataBase.Tables;
+using FAuth.Extensions.Account;
using FAuth.Extensions.Decryptor;
using FAuth.Models;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.ModelBinding;
using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
namespace FAuth.Controllers.api
@@ -17,11 +19,12 @@ namespace FAuth.Controllers.api
public class UserController:ApiControllerBase
{
public IUserTicketDryptor UserTicketDryptor { get; set; }
+ public AccountHelper Account { get; set; }
- public UserController(ILogger logger,IServiceProvider service,IUserTicketDryptor userTicketDryptor)
+ public UserController(ILogger logger,IServiceProvider service)
: base(logger,service) {
-
- this.UserTicketDryptor = userTicketDryptor;
+ this.Account = service.GetRequiredService();
+ this.UserTicketDryptor = service.GetRequiredService();
}
///
@@ -82,7 +85,7 @@ namespace FAuth.Controllers.api
///
/// 登录票据
/// 用户信息
- [HttpPost]
+ [HttpGet]
[ProducesResponseType(typeof(UserInfo),200)]
public UserInfo GetUserByTicket([BindRequired]string ticket) {
if(ticket.IsNullOrEmpty()) {
@@ -146,6 +149,10 @@ namespace FAuth.Controllers.api
throw new ArgumentException("用户姓名不能为空",nameof(name));
if(string.IsNullOrEmpty(password))
throw new ArgumentException("密码不能为空",nameof(password));
+
+ if(this.Account.IsNotSystemAdmin(adminTicket)) {
+ throw new Exception($"用户必须在应用FAuth中具有Admin角色!");
+ }
var qu = this.Db.Users.Where(m => m.UserName == userName);
if(qu.Any()) {
throw new Exception("用户登录名已经存在,不能重复添加");
@@ -160,5 +167,35 @@ namespace FAuth.Controllers.api
this.Logger.LogInformation($"用户{nUser.Id}:{nUser.UserName}:{nUser.Name}添加成功!");
return true;
}
+
+ ///
+ /// 重置用户密码
+ ///
+ /// 管理员票据
+ /// 要重置密码的用户名
+ /// 新密码
+ /// 是否成功。成功True 否则返回False
+ [HttpPost]
+ public bool ResetUserPassword(string adminTicket,string userName,string newPassword) {
+ if(string.IsNullOrEmpty(adminTicket))
+ throw new ArgumentException("必须提供管理票据",nameof(adminTicket));
+ if(string.IsNullOrEmpty(userName))
+ throw new ArgumentException("新用户登录名不能为空",nameof(userName));
+ if(string.IsNullOrEmpty(newPassword))
+ throw new ArgumentException("密码不能为空",nameof(newPassword));
+
+ if(this.Account.IsNotSystemAdmin(adminTicket)) {
+ throw new Exception($"用户必须在应用FAuth中具有Admin角色!");
+ }
+ var qu = this.Db.Users.Where(m => m.UserName == userName);
+ if(!qu.Any()) {
+ throw new Exception("用户登录名不存在");
+ }
+ foreach(var item in qu) {
+ item.Password = newPassword;
+ }
+ this.Db.SaveChangesAsync().Wait();
+ return true;
+ }
}
}
diff --git a/FAuth/Extensions/Account/AccountHelper.cs b/FAuth/Extensions/Account/AccountHelper.cs
new file mode 100644
index 0000000..0144677
--- /dev/null
+++ b/FAuth/Extensions/Account/AccountHelper.cs
@@ -0,0 +1,63 @@
+using System.Collections.Generic;
+using System.Linq;
+using FAuth.DataBase;
+using FAuth.Extensions.Decryptor;
+
+namespace FAuth.Extensions.Account
+{
+ ///
+ /// 账号帮助类
+ ///
+ public class AccountHelper
+ {
+ ///
+ /// 数据库上下文
+ ///
+ public FAuthDb Db { get; set; }
+ ///
+ /// 用户凭据加密提供器
+ ///
+ public IUserTicketDryptor TicketDryptor { get; set; }
+
+ public AccountHelper(FAuthDb db,IUserTicketDryptor ticketDryptor) {
+ this.Db = db;
+ this.TicketDryptor = ticketDryptor;
+ }
+
+ ///
+ /// 查询用户是否为FAuth系统管理员
+ ///
+ /// 用户编号
+ /// 是否为FAuth系统管理员
+ public bool IsSystemAdmin(int userId) {
+ var qu =
+ from arg in this.Db.App_RoleGroups
+ join rgr in this.Db.RoleGroup_Roles on arg.RoleGroupId equals rgr.RoleGroupId
+ join ru in this.Db.Role_Users on rgr.RoleId equals ru.RoleId
+ where arg.AppId == 1 && arg.RoleGroupId == 1 && ru.UserId == userId
+ select 1;
+ return qu.Any();
+ }
+
+ ///
+ /// 用户是否不是系统管理员
+ ///
+ /// 用户编号
+ /// 是否不是管理员
+ public bool IsNotSystemAdmin(int userId) => !IsSystemAdmin(userId);
+
+ ///
+ /// 查询票据是否为系统管理员
+ ///
+ /// 用户票据
+ /// 是管理员True,否则false
+ public bool IsSystemAdmin(string userTicket) => IsSystemAdmin(this.TicketDryptor.Decrypt(userTicket).Id);
+
+ ///
+ /// 查询票据是否不是系统管理员
+ ///
+ /// 用户票据
+ /// 是管理员False,否则True
+ public bool IsNotSystemAdmin(string userTicket) => !IsSystemAdmin(userTicket);
+ }
+}
diff --git a/FAuth/Extensions/Account/ServiceCollectionExtend.cs b/FAuth/Extensions/Account/ServiceCollectionExtend.cs
new file mode 100644
index 0000000..76e6c56
--- /dev/null
+++ b/FAuth/Extensions/Account/ServiceCollectionExtend.cs
@@ -0,0 +1,20 @@
+using Microsoft.Extensions.DependencyInjection;
+
+namespace FAuth.Extensions.Account
+{
+ ///
+ /// 服务集合扩展
+ ///
+ public static class ServiceCollectionExtend
+ {
+ ///
+ /// 增加账号帮助类服务
+ ///
+ /// 服务集合
+ /// 服务集合
+ public static IServiceCollection AddAccountHelper(this IServiceCollection service) {
+ service.AddTransient();
+ return service;
+ }
+ }
+}
diff --git a/FAuth/Startup.cs b/FAuth/Startup.cs
index affb1b9..efddd4d 100644
--- a/FAuth/Startup.cs
+++ b/FAuth/Startup.cs
@@ -5,6 +5,7 @@ using System.Text.Unicode;
using Falcon.Extend;
using FAuth.DataBase;
using FAuth.Extensions;
+using FAuth.Extensions.Account;
using FAuth.Extensions.Decryptor;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
@@ -40,6 +41,7 @@ namespace FAuth
services.AddDbContext(option => {
option.UseSqlServer(Configuration.GetConnectionString("FAuthDb"));
});
+ services.AddAccountHelper();
//עRedis
var rop = this.Configuration.GetSection("Redis").Get();
services.AddRedis(rop);