using AmtScanner.Api.Models; using AmtScanner.Api.Services; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using System.Security.Claims; namespace AmtScanner.Api.Controllers; /// /// 认证控制器 /// [ApiController] [Route("api/[controller]")] public class AuthController : ControllerBase { private readonly IAuthService _authService; public AuthController(IAuthService authService) { _authService = authService; } /// /// 用户登录 /// [HttpPost("login")] public async Task>> Login([FromBody] LoginRequest request) { if (string.IsNullOrEmpty(request.UserName) || string.IsNullOrEmpty(request.Password)) { return Ok(ApiResponse.Fail(400, "用户名和密码不能为空")); } var (user, accessToken, refreshToken, error) = await _authService.LoginAsync(request.UserName, request.Password); if (error != null) { return Ok(ApiResponse.Fail(401, error)); } var roles = await _authService.GetUserRolesAsync(user!.Id); return Ok(ApiResponse.Success(new LoginResponse { Token = accessToken!, RefreshToken = refreshToken!, UserInfo = new UserInfoDto { UserId = user.Id, UserName = user.UserName, NickName = user.NickName ?? user.UserName, Avatar = user.Avatar, Email = user.Email, Phone = user.Phone, Gender = user.Gender, Roles = roles } }, "登录成功")); } /// /// 刷新 Token /// [HttpPost("refresh")] public async Task>> RefreshToken([FromBody] RefreshTokenRequest request) { if (string.IsNullOrEmpty(request.AccessToken) || string.IsNullOrEmpty(request.RefreshToken)) { return Ok(ApiResponse.Fail(400, "Token 不能为空")); } var (accessToken, refreshToken, error) = await _authService.RefreshTokenAsync(request.AccessToken, request.RefreshToken); if (error != null) { return Ok(ApiResponse.Fail(401, error)); } return Ok(ApiResponse.Success(new RefreshTokenResponse { Token = accessToken!, RefreshToken = refreshToken! }, "刷新成功")); } /// /// 退出登录 /// [Authorize] [HttpPost("logout")] public async Task>> Logout() { var userIdClaim = User.FindFirst("userId")?.Value; if (string.IsNullOrEmpty(userIdClaim) || !int.TryParse(userIdClaim, out var userId)) { return Ok(ApiResponse.Fail(401, "无效的用户")); } await _authService.LogoutAsync(userId); return Ok(ApiResponse.Success(null, "退出成功")); } } #region DTOs /// /// 登录请求 /// public class LoginRequest { public string UserName { get; set; } = string.Empty; public string Password { get; set; } = string.Empty; } /// /// 登录响应 /// public class LoginResponse { public string Token { get; set; } = string.Empty; public string RefreshToken { get; set; } = string.Empty; public UserInfoDto UserInfo { get; set; } = new(); } /// /// 用户信息 DTO /// public class UserInfoDto { public int UserId { get; set; } public string UserName { get; set; } = string.Empty; public string NickName { get; set; } = string.Empty; public string? Avatar { get; set; } public string? Email { get; set; } public string? Phone { get; set; } public string Gender { get; set; } = "0"; public List Roles { get; set; } = new(); } /// /// 刷新 Token 请求 /// public class RefreshTokenRequest { public string AccessToken { get; set; } = string.Empty; public string RefreshToken { get; set; } = string.Empty; } /// /// 刷新 Token 响应 /// public class RefreshTokenResponse { public string Token { get; set; } = string.Empty; public string RefreshToken { get; set; } = string.Empty; } #endregion