FalconSSO/FAuth/Controllers/api/UserController.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using FAuth.Models;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using FAuth.DataBase.Tables;
using Microsoft.AspNetCore.Mvc.ModelBinding;
using FAuth.Extensions.Decryptor;
using FAuth.DataBase;
using Microsoft.EntityFrameworkCore;
using Falcon.Extend;

namespace FAuth.Controllers.api
{
    /// <summary>
    /// 用户相关api控制器接口
    /// </summary>
    public class UserController:ApiControllerBase<UserController>
    {
        public IUserTicketDryptor UserTicketDryptor { get; set; }
        public FAuthDb Db { get; set; }

        public UserController(
            ILogger<UserController> logger,
            IServiceProvider service,
            IUserTicketDryptor userTicketDryptor,
            FAuthDb db)
            : base(logger,service) {

            if(logger is null)
                throw new ArgumentNullException(nameof(logger));
            if(service is null)
                throw new ArgumentNullException(nameof(service));
            this.UserTicketDryptor = userTicketDryptor ?? throw new ArgumentNullException(nameof(userTicketDryptor));
            this.Db = db ?? throw new ArgumentNullException(nameof(db));
        }

        /// <summary>
        /// 验证用户名密码是否匹配
        /// </summary>
        /// <param name="userName">用户名</param>
        /// <param name="password">密码</param>
        /// <returns>是否匹配</returns>
        [HttpPost]
        [ProducesResponseType(typeof(CheckUserResult),200)]
        public CheckUserResult CheckUser(string userName,string password) {
            if(userName.IsNullOrEmpty()) {
                throw new ArgumentNullException(nameof(userName));
            }
            var qu = this.Db.Users.Where(m => m.UserName == userName && m.Password == password);
            if(!qu.Any()) {
                throw new Exception("提供的用户名或密码不正确");
            }
            var fir = qu.First();
            fir.LastLoginDatetime = DateTimeOffset.Now;
            this.Db.SaveChangesAsync().Wait();
            return new CheckUserResult {
                Ticket = this.UserTicketDryptor.Encrypt(new UserTicketModel {
                    Id = fir.Id,
                    UserName = fir.UserName,
                }),
            };
        }

        /// <summary>
        /// 根据用户凭据获取用户信息
        /// </summary>
        /// <param name="ticket">登录票据</param>
        /// <returns>用户信息</returns>
        [HttpPost]
        [ProducesResponseType(typeof(UserInfo),200)]
        public UserInfo GetUserByTicket([BindRequired]string ticket) {
            if(ticket.IsNullOrEmpty()) {
                throw new ArgumentNullException(nameof(ticket));
            }
            UserTicketModel userTicketModel = null;
            userTicketModel = this.UserTicketDryptor.Decrypt(ticket);
            var qu = this.Db.Users.Where(m => m.Id == userTicketModel.Id);
            if(!qu.Any()) {
                throw new Exception("提交的票据信息错误");
            }
            var fir = qu.First();
            return new UserInfo {
                Id = fir.Id,
                LastLoginDatetime = fir.LastLoginDatetime,
                UserName = fir.UserName,
            };
        }

        /// <summary>
        /// 根据提供的登陆票据修改用户密码
        /// </summary>
        /// <param name="ticket">票据</param>
        /// <param name="nPassword">新密码</param>
        /// <returns>是否成功</returns>
        [HttpPost]
        public bool ChangePassword(string ticket,string nPassword) {
            if(ticket.IsNullOrEmpty()) {
                throw new ArgumentNullException(nameof(ticket));
            }
            var userTicketModel = this.UserTicketDryptor.Decrypt(ticket);
            var qu = this.Db.Users.Where(m => m.Id == userTicketModel.Id);
            if(!qu.Any()) {
                throw new Exception("没找到票据对应用户");
            }
            foreach(var item in qu) {
                item.Password = nPassword;
            }
            this.Db.SaveChangesAsync().Wait();
            return true;
        }

        /// <summary>
        /// 通过提供管理员票据和新用户信息创建用户
        /// </summary>
        /// <param name="adminTicket">管理员票据</param>
        /// <param name="userName">登录用户名</param>
        /// <param name="name">用户名称</param>
        /// <param name="password">用户密码</param>
        /// <returns>是否成功</returns>
        [HttpPost]
        public bool AddNewUser(string adminTicket,string userName,string name,string password) {
            if(string.IsNullOrEmpty(adminTicket))
                throw new ArgumentException("必须提供管理票据",nameof(adminTicket));
            if(string.IsNullOrEmpty(userName))
                throw new ArgumentException("新用户登录名不能为空",nameof(userName));
            if(string.IsNullOrEmpty(name))
                throw new ArgumentException("用户姓名不能为空",nameof(name));
            if(string.IsNullOrEmpty(password))
                throw new ArgumentException("密码不能为空",nameof(password));
            var qu = this.Db.Users.Where(m => m.UserName == userName);
            if(qu.Any()) {
                throw new Exception("用户登录名已经存在，不能重复添加");
            }
            var nUser = new FUser {
                Name = name,
                UserName = userName,
                Password = password,
            };
            this.Db.Entry(nUser).State = EntityState.Added;
            this.Db.SaveChangesAsync().Wait();
            return true;
        }
    }
}