using IRaCIS.Application.Contracts; using IRaCIS.Core.Domain.Share; using IRaCIS.Core.Infrastructure; using System.Text.RegularExpressions; using Microsoft.AspNetCore.Mvc; using Panda.DynamicWebApi.Attributes; using Microsoft.AspNetCore.Authorization; using Microsoft.Extensions.Options; using Microsoft.Extensions.Caching.Memory; namespace IRaCIS.Application.Services { [ApiExplorerSettings(GroupName = "Management")] public class UserService : BaseService, IUserService { private readonly IRepository _userRepository; private readonly IMailVerificationService _mailVerificationService; private readonly IRepository _verificationCodeRepository; private readonly IRepository _doctorRepository; private readonly IRepository _userTrialRepository; private readonly IMemoryCache _cache; private readonly IOptionsMonitor _verifyConfig; public UserService(IRepository userRepository, IMailVerificationService mailVerificationService, IRepository verificationCodeRepository, IRepository doctorRepository, IMemoryCache cache, IRepository userTrialRepository, IOptionsMonitor verifyConfig ) { _verifyConfig = verifyConfig; _cache = cache; _userRepository = userRepository; _mailVerificationService = mailVerificationService; _verificationCodeRepository = verificationCodeRepository; _doctorRepository = doctorRepository; _userTrialRepository = userTrialRepository; } private async Task VerifyUserNameAsync(Guid? userId, string userName) { if (await _userRepository.WhereIf(userId != null, t => t.Id != userId).AnyAsync(t => t.UserName == userName)) { throw new BusinessValidationFailedException("用户名已经存在。"); } } private async Task VerifyUserPhoneAsync(Guid? userId, Guid userTypeId, string phone) { if (await _userRepository.WhereIf(userId != null, t => t.Id != userId).AnyAsync(t => (t.Phone == phone && t.UserTypeId == userTypeId))) { throw new BusinessValidationFailedException("该用户类型中已存在具有相同的电话的用户。"); } } private async Task VerifyUserEmailAsync(Guid? userId, Guid userTypeId, string email) { if (await _userRepository.WhereIf(userId != null, t => t.Id != userId).AnyAsync(t => (t.EMail == email && t.UserTypeId == userTypeId))) { throw new BusinessValidationFailedException("该用户类型中已存在具有相同邮箱的用户。"); } } private async Task VerifyUserPwdAsync(Guid userId, string newPwd, string? oldPwd = null) { //var dbUser = (await _userRepository.FirstOrDefaultAsync(t => t.Id == userId)).IfNullThrowException(); if (_verifyConfig.CurrentValue.OpenUserComplexPassword) { if (oldPwd != null && oldPwd == newPwd) { throw new BusinessValidationFailedException("新密码与旧密码相同。"); } var dbUser = (await _userRepository.Where(t => t.Id == userId).FirstOrDefaultAsync()).IfNullThrowException(); if (oldPwd != null && dbUser.Password != oldPwd) { throw new BusinessValidationFailedException("旧密码验证失败。"); } if (dbUser.Password == newPwd) { throw new BusinessValidationFailedException("新密码与旧密码相同。"); } } await Task.CompletedTask; } ///

发送验证码修改邮箱（已经登陆修改） New

[HttpGet("{email}")] public async Task SendVerificationCode(string email) { //检查手机或者邮箱是否有效 if (!Regex.IsMatch(email, @"^[a-zA-Z0-9_-]+@[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$")) { return ResponseOutput.NotOk("Please input a legal email"); } //验证码 6位 int verificationCode = new Random().Next(100000, 1000000); await _mailVerificationService.SendMailEditEmail(_userInfo.Id, _userInfo.RealName, email, verificationCode); return ResponseOutput.Ok(); } [HttpPut("{newEmail}/{verificationCode}")] [UnitOfWork] public async Task SetNewEmail(string newEmail, string verificationCode) { var verificationRecord = await _verificationCodeRepository .FirstOrDefaultAsync(t => t.UserId == _userInfo.Id && t.Code == verificationCode && t.CodeType == 0); //检查数据库是否存在该验证码 if (verificationRecord == null) { return ResponseOutput.NotOk("验证码错误。"); } else { //检查验证码是否失效 if (verificationRecord.ExpirationTime < DateTime.Now) { return ResponseOutput.NotOk("验证码已经过期。"); } else //验证码正确并且没有超时 { //更新密码 //var pwd = MD5Helper.Md5(newPwd); //var count = _doctorRepository.Update().Where(t => t.Id == doctor.Id).Set(d => d.Password == pwd).ExecuteAffrows(); await VerifyUserEmailAsync(_userInfo.Id, _userInfo.UserTypeId, newEmail); await _userRepository.UpdatePartialNowNoQueryAsync(_userInfo.Id, u => new User() { EMail = newEmail }); //删除验证码历史记录 await _verificationCodeRepository.BatchDeleteNoTrackingAsync(t => t.UserId == _userInfo.Id && t.CodeType == 0); return ResponseOutput.Ok(); } } } [HttpPut("{newPhone}")] public async Task SetNewPhone(string newPhone) { await VerifyUserPhoneAsync(_userInfo.Id, _userInfo.UserTypeId, newPhone); await _userRepository.UpdatePartialNowNoQueryAsync(_userInfo.Id, u => new User() { Phone = newPhone }); return ResponseOutput.Ok(); } [HttpPut("{newUserName}")] public async Task SetNewUserName(string newUserName) { await VerifyUserNameAsync(_userInfo.Id, newUserName); await _userRepository.UpdatePartialNowNoQueryAsync(_userInfo.Id, u => new User() { UserName = newUserName }); return ResponseOutput.Ok(); } /////

///// Result 为true 的时候认为链接没有失效 /////

///// ///// //[HttpGet] //public async Task VerifyCanInitSetUserNameAndPwd(Guid userId) //{ // return ResponseOutput.Ok(await _userRepository.AnyAsync(t => t.Id == userId && t.EmailToken == _userInfo.UserToken && t.IsFirstAdd)); //} [HttpGet] public async Task InitSetUserNameAndPwd(Guid userId, string newUserName, string newPWd) { await VerifyUserPwdAsync(userId, newPWd); await VerifyUserNameAsync(userId, newUserName); await _userRepository.UpdatePartialFromQueryAsync(userId, u => new User() { UserName = newUserName, Password = newPWd, IsFirstAdd = false, EmailToken = String.Empty }, true); return ResponseOutput.Ok(); } ///

/// 重置密码为默认密码 ///

/// /// [HttpGet("{userId:guid}")] [UnitOfWork] public async Task ResetPassword(Guid userId) { var pwd = AppSettings.DefaultPassword; if (_hostEnvironment.EnvironmentName != "Development") { pwd = "EIImage." + new Random().Next(100, 1000); } try { await _mailVerificationService.AdminResetPwdSendEmailAsync(userId, pwd); } catch (Exception ex) { throw new BusinessValidationFailedException("请检查邮箱地址或者联系维护人员, 邮件发送失败, 未能创建账户成功"); } await _userRepository.UpdatePartialNowNoQueryAsync(userId, u => new User() { Password = MD5Helper.Md5(pwd), IsFirstAdd = true }); return ResponseOutput.Ok(); } ///

/// 重置密码发邮件（未登陆修改） ///

/// /// [AllowAnonymous] [HttpGet("{email}")] public async Task AnonymousSendVerificationCode(string email) { //检查手机或者邮箱是否有效 if (!Regex.IsMatch(email, @"^[a-zA-Z0-9_-]+@[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$")) { return ResponseOutput.NotOk("请输入一个正确的邮箱。"); } ////查找改邮箱或者手机的用户 var exist = await _userRepository.AnyAsync(t => t.EMail == email); if (!exist) { return ResponseOutput.NotOk("邮箱错误。"); } //验证码 6位 int verificationCode = new Random().Next(100000, 1000000); await _mailVerificationService.AnolymousSendEmailForResetAccount(email, verificationCode); return ResponseOutput.Ok(); } ///

/// 验证验证码，没问题就返回用户所有的账户 ///

/// /// /// /// [AllowAnonymous] [HttpGet("{email}/{verifyCode}")] public async Task> VerifyAnonymousVerifyCode(string email, string verifyCode) { var verificationRecord = await _verificationCodeRepository .Where(t => t.UserId == Guid.Empty && t.Code == verifyCode && t.CodeType == VerifyType.Email && t.EmailOrPhone == email).OrderByDescending(t => t.CreateTime).FirstOrDefaultAsync(); //检查数据库是否存在该验证码 if (verificationRecord == null) { throw new BusinessValidationFailedException("验证码错误。"); } else { //检查验证码是否失效 if (verificationRecord.ExpirationTime < DateTime.Now) { throw new BusinessValidationFailedException("验证码已经过期。"); } else //验证码正确并且没有超时 { //删除验证码历史记录 await _verificationCodeRepository.BatchDeleteNoTrackingAsync(t => t.Id == verificationRecord.Id); } } var list = await _userRepository.Where(t => t.EMail == email).Select(t => new UserAccountDto() { UserId = t.Id, UserName = t.UserName, UserRealName = t.FullName, UserType = t.UserTypeRole.UserTypeShortName }).ToListAsync(); return list; } ///

/// （未登陆）设置新密码 ///

/// /// /// [AllowAnonymous] [HttpGet("{userId:guid}/{newPwd}")] public async Task AnonymousSetPassword(Guid userId, string newPwd) { await VerifyUserPwdAsync(userId, newPwd); var success = await _userRepository.BatchUpdateNoTrackingAsync(t => t.Id == userId, u => new User() { Password = newPwd, IsFirstAdd = false }); return ResponseOutput.Result(success); } ///

/// 修改密码,当前支持旧密码修改密码 ///

/// [HttpPost] [UnitOfWork] public async Task ModifyPassword(EditPasswordCommand editPwModel) { await VerifyUserPwdAsync(_userInfo.Id, editPwModel.NewPassWord, editPwModel.OldPassWord); if (!string.IsNullOrEmpty(editPwModel.NewUserName)) { await VerifyUserNameAsync(_userInfo.Id, editPwModel.NewUserName); await _userRepository.BatchUpdateNoTrackingAsync(t => t.Id == _userInfo.Id, u => new User() { UserName = editPwModel.NewUserName, }); } var success = await _userRepository.BatchUpdateNoTrackingAsync(t => t.Id == _userInfo.Id, u => new User() { Password = editPwModel.NewPassWord, IsFirstAdd = false }); return ResponseOutput.Result(success); ////医生密码 //if (await _doctorRepository.AnyAsync(t => t.Id == _userInfo.Id && t.Password == editPwModel.OldPassWord)) //{ // var success = await _doctorRepository.BatchUpdateNoTrackingAsync(t => t.Id == _userInfo.Id, u => new Doctor() // { // Password = editPwModel.NewPassWord // }); // return ResponseOutput.Result(success); //} //return ResponseOutput.NotOk("Old password is wrong."); } ///

/// 获取用户列表 ///

/// /// [HttpPost] public async Task> GetUserList(UserListQueryDTO param) { var userQueryable = _userRepository.Where(x => x.UserTypeEnum != UserTypeEnum.SuperAdmin) .WhereIf(!string.IsNullOrWhiteSpace(param.UserName), t => t.UserName.Contains(param.UserName) ) .WhereIf(!string.IsNullOrWhiteSpace(param.RealName), t => t.FullName.Contains(param.RealName)) .WhereIf(!string.IsNullOrWhiteSpace(param.Phone), t => t.Phone.Contains(param.Phone)) .WhereIf(!string.IsNullOrWhiteSpace(param.OrganizationName), t => t.OrganizationName.Contains(param.OrganizationName)) .WhereIf(param.UserType != null, t => t.UserTypeId == param.UserType) .WhereIf(param.UserState != null, t => t.Status == param.UserState) .WhereIf(param.IsTestUser != null, t => t.IsTestUser == param.IsTestUser) .WhereIf(param.IsZhiZhun != null, t => t.IsZhiZhun == param.IsZhiZhun) .ProjectTo(_mapper.ConfigurationProvider); return await userQueryable.ToPagedListAsync(param.PageIndex, param.PageSize, param.SortField == string.Empty ? "UserName" : param.SortField, param.Asc); } ///

/// 根据用户Id获取用户详细信息[New] ///

/// /// xiuga [HttpGet("{id:guid}")] public async Task GetUser(Guid id) { var userQuery = _userRepository.Where(t => t.Id == id).ProjectTo(_mapper.ConfigurationProvider); return await (userQuery.FirstOrDefaultAsync()).IfNullThrowException(); } ///

/// 添加用户 ///

/// /// [UnitOfWork] public async Task> AddUser(UserCommand userAddModel) { await VerifyUserNameAsync(null, userAddModel.UserName); await VerifyUserEmailAsync(null, userAddModel.UserTypeId, userAddModel.EMail); //await VerifyUserPhoneAsync(null, userAddModel.UserTypeId, userAddModel.Phone); var saveItem = _mapper.Map(userAddModel); saveItem.Code = await _userRepository.Select(t => t.Code).DefaultIfEmpty().MaxAsync() + 1; saveItem.UserCode = AppSettings.GetCodeStr(saveItem.Code, nameof(User)); saveItem.Password = MD5Helper.Md5(AppSettings.DefaultPassword); await _userRepository.AddAsync(saveItem); var success = await _userRepository.SaveChangesAsync(); await _mailVerificationService.AddUserSendEmailAsync(saveItem.Id, userAddModel.BaseUrl, userAddModel.RouteUrl); return ResponseOutput.Result(success, new UserAddedReturnDTO { Id = saveItem.Id, UserCode = saveItem.UserCode }); } ///

/// 更新用户 ///

/// /// public async Task UpdateUser(UserCommand model) { await VerifyUserNameAsync(model.Id, model.UserName); await VerifyUserEmailAsync(model.Id, model.UserTypeId, model.EMail); //await VerifyUserPhoneAsync(model.Id, model.UserTypeId, model.Phone); var user = await _userRepository.FirstOrDefaultAsync(t => t.Id == model.Id); if (user == null) return Null404NotFound(user); _mapper.Map(model, user); var success = await _userRepository.SaveChangesAsync(); return ResponseOutput.Ok(success); } ///

/// 删除用户 ///

/// /// [HttpDelete("{userId:guid}")] public async Task DeleteUser(Guid userId) { if (await _userTrialRepository.AnyAsync(t => t.Id == userId)) { return ResponseOutput.NotOk("该用户已经参加项目，不能够删除。"); } var success = await _userRepository.BatchDeleteNoTrackingAsync(t => t.Id == userId); return ResponseOutput.Result(success); } ///

/// 禁用或者启用账户 ///

/// /// /// [HttpPost("{userId:guid}/{state:int}")] public async Task UpdateUserState(Guid userId, UserStateEnum state) { var success = await _userRepository.BatchUpdateNoTrackingAsync(u => u.Id == userId, t => new User { Status = state }); return ResponseOutput.Result(success); } ///

/// 用户登陆 ///

/// /// /// [NonDynamicMethod] public async Task> Login(string userName, string password) { var userLoginReturnModel = new LoginReturnDTO(); var loginUser = await _userRepository.Where(u => u.UserName.Equals(userName) && u.Password == password).ProjectTo(_mapper.ConfigurationProvider).FirstOrDefaultAsync(); if (loginUser == null) { //此处下面代码为了支持医生也能登录而且前端不加选择到底是管理用户还是医生用户奇怪的需求无法理解 var loginDoctor = await _doctorRepository.Where(u => u.Phone == userName && u.Password == password).ProjectTo(_mapper.ConfigurationProvider).FirstOrDefaultAsync(); if (loginDoctor == null) { return ResponseOutput.NotOk(_localizer["User_CheckNameOrPw"], new LoginReturnDTO()); } userLoginReturnModel.BasicInfo = loginDoctor; // 登录清除缓存 _cache.Remove(userLoginReturnModel.BasicInfo.Id.ToString()); return ResponseOutput.Ok(userLoginReturnModel); } if (loginUser.Status == 0) { return ResponseOutput.NotOk("该用户已经被禁用。", new LoginReturnDTO()); } userLoginReturnModel.BasicInfo = loginUser; // 登录清除缓存 _cache.Remove(userLoginReturnModel.BasicInfo.Id.ToString()); return ResponseOutput.Ok(userLoginReturnModel); } } }