diff --git a/Apimanager_backend/Apimanager_backend.csproj b/Apimanager_backend/Apimanager_backend.csproj
index 4874a8a..059696b 100644
--- a/Apimanager_backend/Apimanager_backend.csproj
+++ b/Apimanager_backend/Apimanager_backend.csproj
@@ -13,6 +13,7 @@
all
runtime; build; native; contentfiles; analyzers; buildtransitive
+
diff --git a/Apimanager_backend/Config/ServiceCollectionExtensions.cs b/Apimanager_backend/Config/ServiceCollectionExtensions.cs
index 295bb77..8d90732 100644
--- a/Apimanager_backend/Config/ServiceCollectionExtensions.cs
+++ b/Apimanager_backend/Config/ServiceCollectionExtensions.cs
@@ -1,6 +1,8 @@
-using Apimanager_backend.Services;
+using Apimanager_backend.Dtos;
+using Apimanager_backend.Services;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
+using Newtonsoft.Json;
using StackExchange.Redis;
using System.ComponentModel;
using System.Runtime.CompilerServices;
@@ -29,6 +31,7 @@ namespace Apimanager_backend.Config
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
+ //jwt参数
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
@@ -39,11 +42,45 @@ namespace Apimanager_backend.Config
ValidAudience = jwtSettings["Audience"],
IssuerSigningKey = new SymmetricSecurityKey(key)
};
+ //添加自定义响应处理函数
+ options.Events = new JwtBearerEvents
+ {
+ OnChallenge = new Func(JwtTokenErrorEventFunc),
+ OnForbidden = new Func(JwtPermissionEventFunc)
+ };
});
//redis配置
services.AddSingleton(ConnectionMultiplexer.Connect(configuration["Redis:ConnectionString"]));
return services;
}
+ ///
+ /// token无效事件处理函数
+ ///
+ ///
+ ///
+ public async static Task JwtTokenErrorEventFunc(JwtBearerChallengeContext context)
+ {
+ context.Response.ContentType = "application/json";
+ var res = new ResponseBase(
+ code: 1002,
+ message: "用户未登录或认证失败",
+ data: null
+ );
+ context.Response.StatusCode = StatusCodes.Status401Unauthorized;
+ await context.Response.WriteAsync(JsonConvert.SerializeObject(res));
+ context.HandleResponse();
+ }
+ public async static Task JwtPermissionEventFunc(ForbiddenContext context)
+ {
+ context.Response.ContentType = "application/json";
+ var res = new ResponseBase(
+ code: 2006,
+ message: "用户无权限进行该操作",
+ data: null
+ );
+ context.Response.StatusCode = StatusCodes.Status401Unauthorized;
+ await context.Response.WriteAsync(JsonConvert.SerializeObject(res));
+ }
}
}
diff --git a/Apimanager_backend/Controllers/AuthController.cs b/Apimanager_backend/Controllers/AuthController.cs
index 7a91f0e..a4086d0 100644
--- a/Apimanager_backend/Controllers/AuthController.cs
+++ b/Apimanager_backend/Controllers/AuthController.cs
@@ -100,32 +100,32 @@ namespace Apimanager_backend.Controllers
if (isUsernameExist)
{
var errorRes = new ResponseBase(
- code:2003,
- message:"用户名已存在",
- data:null
+ code: 2003,
+ message: "用户名已存在",
+ data: null
);
- return StatusCode(409,errorRes);
+ return StatusCode(409, errorRes);
}
try
{
var userInfo = await authService.RegisterAsync(requestDto);
var res = new ResponseBase(
- code:1000,
- message:"Success",
- data:userInfo
+ code: 1000,
+ message: "Success",
+ data: userInfo
);
return Ok(res);
- }catch(BaseException e)
+ }
+ catch (BaseException e)
{
var res = new ResponseBase(
- code:e.code,
- message:e.message,
+ code: e.code,
+ message: e.message,
data: null
);
- return StatusCode(500,res);
- }
-
+ return StatusCode(500, res);
}
+ }
///
/// 发送邮箱校验码
///
diff --git a/Apimanager_backend/Controllers/UserController.cs b/Apimanager_backend/Controllers/UserController.cs
index 6babc8f..748f01a 100644
--- a/Apimanager_backend/Controllers/UserController.cs
+++ b/Apimanager_backend/Controllers/UserController.cs
@@ -4,6 +4,9 @@ using Apimanager_backend.Services;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Apimanager_backend.Filters;
+using Microsoft.AspNetCore.Authorization;
+using Apimanager_backend.Models;
+using System.Security.Claims;
namespace Apimanager_backend.Controllers
{
@@ -16,6 +19,18 @@ namespace Apimanager_backend.Controllers
{
this.userService = userService;
}
-
+ [HttpGet]
+ [Authorize(Roles = "User")]
+ public async Task>> UserInfo()
+ {
+ var userId = User.Claims.First(x => x.Type == "userId").Value;
+ var userInfo = await userService.GetUserAsync(int.Parse(userId));
+ var res = new ResponseBase(
+ code:1000,
+ message:"Success",
+ data:userInfo
+ );
+ return Ok(res);
+ }
}
}
diff --git a/Apimanager_backend/Dtos/UpdateUserDto.cs b/Apimanager_backend/Dtos/UpdateUserDto.cs
index 3c53eed..6029f4f 100644
--- a/Apimanager_backend/Dtos/UpdateUserDto.cs
+++ b/Apimanager_backend/Dtos/UpdateUserDto.cs
@@ -1,6 +1,10 @@
-namespace Apimanager_backend.Dtos
+using System.ComponentModel.DataAnnotations;
+
+namespace Apimanager_backend.Dtos
{
public class UpdateUserDto
{
+ public int? userId { get; set; }
+ public string? password { get; set; }
}
}
diff --git a/Apimanager_backend/Services/IAdminService.cs b/Apimanager_backend/Services/IAdminService.cs
new file mode 100644
index 0000000..d2c90f6
--- /dev/null
+++ b/Apimanager_backend/Services/IAdminService.cs
@@ -0,0 +1,40 @@
+using Apimanager_backend.Dtos;
+
+namespace Apimanager_backend.Services
+{
+ public interface IAdminService
+ {
+ ///
+ /// 禁用用户,使其无法登录。
+ ///
+ /// 要禁用的用户ID
+ /// 异步操作
+ Task BanUserAsync(int userId);
+ ///
+ /// 取消禁用用户,恢复登录权限。
+ ///
+ /// 要取消禁用的用户ID
+ /// 异步操作
+ Task UnbanUserAsync(int userId);
+ ///
+ /// 获取分页的用户列表。
+ ///
+ /// 要获取的页码,从1开始
+ /// 每页的用户数量
+ /// 是否按降序排序
+ /// 包含用户信息的
+ Task> GetUsersAsync(int page, int pageSize, bool desc);
+ ///
+ /// 创建新用户。
+ ///
+ /// 包含新用户信息的
+ /// 创建成功的用户信息
+ Task CreateUserAsync(CreateUserDto user);
+ ///
+ /// 删除指定的用户。
+ ///
+ /// 用户ID
+ /// 异步操作
+ Task DeleteUserAsync(int userId);
+ }
+}
diff --git a/Apimanager_backend/Services/IUserService.cs b/Apimanager_backend/Services/IUserService.cs
index 1eccfa6..02fea0e 100644
--- a/Apimanager_backend/Services/IUserService.cs
+++ b/Apimanager_backend/Services/IUserService.cs
@@ -35,43 +35,6 @@ namespace Apimanager_backend.Services
/// 包含更新信息的
/// 更新后的
Task UpdateUserAsync(UpdateUserDto user);
-
- ///
- /// 删除指定的用户。
- ///
- /// 要删除的用户名
- /// 异步操作
- Task DeleteUserAsync(string username);
-
- ///
- /// 创建新用户。
- ///
- /// 包含新用户信息的
- /// 创建成功的用户信息
- Task CreateUserAsync(CreateUserDto user);
-
- ///
- /// 禁用用户,使其无法登录。
- ///
- /// 要禁用的用户名
- /// 异步操作
- Task BanUserAsync(string username);
-
- ///
- /// 取消禁用用户,恢复登录权限。
- ///
- /// 要取消禁用的用户名
- /// 异步操作
- Task UnbanUserAsync(string username);
-
- ///
- /// 获取分页的用户列表。
- ///
- /// 要获取的页码,从1开始
- /// 每页的用户数量
- /// 是否按降序排序
- /// 包含用户信息的
- Task> GetUsersAsync(int page, int pageSize, bool desc);
///
/// 检测用户名是否被使用
///
diff --git a/Apimanager_backend/Services/UserService.cs b/Apimanager_backend/Services/UserService.cs
index ddfb8d1..973444b 100644
--- a/Apimanager_backend/Services/UserService.cs
+++ b/Apimanager_backend/Services/UserService.cs
@@ -19,21 +19,6 @@ namespace Apimanager_backend.Services
this.apiContext = apiContext;
this.mapper = automapper;
}
- public Task BanUserAsync(string username)
- {
- throw new NotImplementedException();
- }
-
- public Task CreateUserAsync(CreateUserDto user)
- {
- throw new NotImplementedException();
- }
-
- public Task DeleteUserAsync(string username)
- {
- throw new NotImplementedException();
- }
-
public async Task GetUserAsync(int userId)
{
User? user = await apiContext.Users.SingleOrDefaultAsync(x => x.Id == userId);
@@ -45,11 +30,6 @@ namespace Apimanager_backend.Services
return mapper.Map(user);
}
- public Task> GetUsersAsync(int page, int pageSize, bool desc)
- {
- throw new NotImplementedException();
- }
-
public async Task IsEmailExist(string email)
{
return await apiContext.Users.AnyAsync(x => x.Email == email);
@@ -70,14 +50,19 @@ namespace Apimanager_backend.Services
throw new NotImplementedException();
}
- public Task UnbanUserAsync(string username)
- {
- throw new NotImplementedException();
- }
- public Task UpdateUserAsync(UpdateUserDto user)
+ public async Task UpdateUserAsync(UpdateUserDto dto)
{
- throw new NotImplementedException();
+ var user = await apiContext.Users.FirstOrDefaultAsync(x => x.Id == dto.userId);
+ if (user == null)
+ {
+ throw new BaseException(2004, "用户不存在");
+ }
+ user.PassHash = dto.password == null ? user.PassHash : dto.password;
+
+ apiContext.Users.Update(user);
+ await apiContext.SaveChangesAsync();
+ return mapper.Map(user);
}
}
}