Skip to content

P
performance
Commit 58086a24 by ryun
Options

Merge branch 'feature/宜宾高县安全' into release/v23.2.19高县版

parents 1efc93a4 5259e6dc
Showing with 278 additions and 92 deletions
performance/Performance.Api/Controllers/AccountController.cs
......@@ -49,7 +49,7 @@ public class AccountController : Controller
/// {
/// "logintype": 2,
/// "account": "admin",
/// "password": "1111",
/// "password": "e10adc3949ba59abbe56e057f20f883e",
/// "appname": "string",
/// "device": "web"
/// }
......@@ -75,6 +75,37 @@ public ApiResponse<JwtToken> Login([FromBody] LoginRequest request)
new Claim(JwtClaimTypes.AppName, request.AppName ?? ""),
new Claim(JwtClaimTypes.Device, request.Device ?? ""),
new Claim(JwtClaimTypes.Department, user.Department ?? ""),
new Claim(JwtClaimTypes.QuickLogin, EQuickLogin.NO.ToString()),
};
var jwtToken = JwtTokenHelper.GenerateToken(claims, _options.ExpirationMinutes);
return new ApiResponse<JwtToken>(ResponseType.OK, jwtToken);
}
/// <summary>
/// 快速登录
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
[Route("quick/login")]
[HttpPost]
[AllowAnonymous]
public ApiResponse<JwtToken> QuickLogin([FromBody] ResetPwdRequest request)
{
var user = _userService.QuickLogin(request.TargetUserId, request.CurrentUserId, request.Password);
if (user == null)
return new ApiResponse<JwtToken>(ResponseType.Fail, "用户不存在");
var claims = new Claim[]
{
new Claim(JwtClaimTypes.Id, user.UserID.ToString()),
new Claim(JwtClaimTypes.Login, user.Login),
new Claim(JwtClaimTypes.RealName, user.RealName),
new Claim(JwtClaimTypes.Mail, user.Mail??""),
new Claim(JwtClaimTypes.AppName, request.AppName ?? ""),
new Claim(JwtClaimTypes.Device, request.Device ?? ""),
new Claim(JwtClaimTypes.Department, user.Department ?? ""),
new Claim(JwtClaimTypes.QuickLogin, EQuickLogin.YES.ToString()),
};
var jwtToken = JwtTokenHelper.GenerateToken(claims, _options.ExpirationMinutes);
......@@ -119,6 +150,16 @@ public ApiResponse SelfInfo()
{
var userid = _claim.GetUserId();
var user = _userService.GetUser(userid);
var userClaim = _claim.GetUserClaim();
// 如果用户是快捷登录的,则不需要重置密码
var quickLogin = userClaim.FirstOrDefault(t => t.Type == JwtClaimTypes.QuickLogin)?.Value ?? "";
if (quickLogin.Equals(EQuickLogin.YES.ToString(), StringComparison.OrdinalIgnoreCase))
{
user.IsInitialPassword = (int)InitialPassword.修改;
}
user.Role = _roleService.GetUserRole(user.UserID);
user.Hospital = _hospitalService.GetUserHopital(user.UserID);
......@@ -147,59 +188,12 @@ public ApiResponse<UserResponse> UpdateSelf([CustomizeValidator(RuleSet = "Self"
/// <returns></returns>
[Route("list")]
[HttpPost]
public ApiResponse<List<UserResponse>> List([FromBody] UserRequest request)
public ApiResponse<List<UserResponse>> List([FromBody] UserListRequest request)
{
var userList = _userService.GetUserList(_claim.GetUserId(), request.Role);
return new ApiResponse<List<UserResponse>>(ResponseType.OK, "ok", userList);
}
///// <summary>
///// 新增用户
///// </summary>
///// <param name="request"></param>
///// <returns></returns>
//[Route("insert")]
//[HttpPost]
//public ApiResponse<UserResponse> Insert([CustomizeValidator(RuleSet = "Insert"), FromBody] UserRequest request)
//{
// var userId = _claim.GetUserId();
// var user = _userService.Insert(request, userId);
// user.Role = request.Role;
// return new ApiResponse<UserResponse>(ResponseType.OK, user);
//}
///// <summary>
///// 新增用户
///// </summary>
///// <param name="request"></param>
///// <returns></returns>
//[Route("delete")]
//[HttpPost]
//public ApiResponse Delete([CustomizeValidator(RuleSet = "Delete"), FromBody] UserRequest request)
//{
// return _userService.Delete(request.ID);
//}
///// <summary>
///// 删除用户
///// </summary>
///// <param name="request"></param>
///// <returns></returns>
//[Route("update")]
//[HttpPost]
//public ApiResponse<UserResponse> Update([CustomizeValidator(RuleSet = "Update"), FromBody] UserRequest request)
//{
// var userId = _claim.GetUserId();
// int[] roleArray = new int[] { _options.NurseRole, _options.DirectorRole, _options.SpecialRole, _options.OfficeRole };
// var roles = _roleService.GetUserRole(userId);
// var isAgainAdmin = roles != null ? roleArray.Contains(roles.First().Type ?? 0) : false;
// var user = _userService.Update(request, isAgainAdmin);
// user.Role = request.Role;
// return new ApiResponse<UserResponse>(ResponseType.OK, user);
//}
/// <summary>
/// 修改用户密码
/// </summary>
......@@ -282,16 +276,17 @@ public ApiResponse<JwtToken> DemoUsers(int userId)
}
/// <summary>
/// 修改用户密码
/// 重置密码
/// </summary>
/// <param name="userId">用户id</param>
/// <param name="userId">重置目标用户id</param>
/// <param name="request"></param>
/// <returns></returns>
[Route("reset/{userId}")]
[HttpPost]
public ApiResponse<UserResponse> Password(int userId)
public ApiResponse<UserResponse> Password(int userId, [FromBody] ResetPwdRequest request)
{
var loginUserId = _claim.GetUserId();
var user = _userService.ResetPwd(userId, loginUserId);
var user = _userService.ResetPwd(userId, loginUserId, request.Password);
return new ApiResponse<UserResponse>(ResponseType.OK, user);
}
......@@ -316,6 +311,16 @@ public ApiResponse SelfInfos([FromBody] UserRequest request)
user.IsAgainAdmin = user.Role != null ? roleArray.Contains(user.Role.First().Type ?? 0) : false;
else
user.IsAgainAdmin = user.Role != null ? roleArray.Contains(user.Role.First(t => t.RoleID == request.Role).Type ?? 0) : false;
var userClaim = _claim.GetUserClaim();
// 如果用户是快捷登录的,则不需要重置密码
var quickLogin = userClaim.FirstOrDefault(t => t.Type == JwtClaimTypes.QuickLogin)?.Value ?? "";
if (quickLogin.Equals(EQuickLogin.YES.ToString(), StringComparison.OrdinalIgnoreCase))
{
user.IsInitialPassword = (int)InitialPassword.修改;
}
return new ApiResponse(ResponseType.OK, user);
}
......
performance/Performance.Api/Util/JwtToken.cs
......@@ -99,6 +99,7 @@ public static class JwtClaimTypes
public const string AppName = "appname";
public const string Device = "device";
public const string Department = "department";
public const string QuickLogin = "quicklogin";
}
public static class Consts
......
performance/Performance.Api/appsettings.Localhost.json
......@@ -7,7 +7,7 @@
},
"AppConnection": {
//"PerformanceConnectionString": "server=112.124.13.17;database=db_performance;uid=suvalue;pwd=suvalue2016;pooling=true;charset=utf8;convert zero datetime=true;port=3306;connection timeout=120;max pool size=512;allow user variables=true;",
"PerformanceConnectionString": "server=192.168.18.166;database=db_test_beiliu;uid=root;pwd=1234qwer;pooling=true;charset=utf8;convert zero datetime=true;port=3306;connection timeout=120;max pool size=512;allow user variables=true;"
"PerformanceConnectionString": "server=192.168.18.166;database=db_performance_screen;uid=root;pwd=1234qwer;pooling=true;charset=utf8;convert zero datetime=true;port=3306;connection timeout=120;max pool size=512;allow user variables=true;"
//"PerformanceConnectionString": "server=116.62.245.55;database=db_performance;uid=root;pwd=1234qwer;pooling=true;charset=utf8;convert zero datetime=true;port=3306;connection timeout=120;max pool size=512;allow user variables=true;"
},
"Application": {
......
performance/Performance.Api/wwwroot/Performance.Api.xml
......@@ -15,7 +15,7 @@
{
"logintype": 2,
"account": "admin",
"password": "1111",
"password": "e10adc3949ba59abbe56e057f20f883e",
"appname": "string",
"device": "web"
}
......@@ -24,6 +24,13 @@
<param name="request"></param>
<returns></returns>
</member>
<member name="M:Performance.Api.Controllers.AccountController.QuickLogin(Performance.DtoModels.ResetPwdRequest)">
<summary>
快速登录
</summary>
<param name="request"></param>
<returns></returns>
</member>
<member name="M:Performance.Api.Controllers.AccountController.Refresh">
<summary>
刷新登录JWT TOKEN
......@@ -43,7 +50,7 @@
<param name="request"></param>
<returns></returns>
</member>
<member name="M:Performance.Api.Controllers.AccountController.List(Performance.DtoModels.UserRequest)">
<member name="M:Performance.Api.Controllers.AccountController.List(Performance.DtoModels.UserListRequest)">
<summary>
用户列表
</summary>
......@@ -82,11 +89,12 @@
<param name="userId"></param>
<returns></returns>
</member>
<member name="M:Performance.Api.Controllers.AccountController.Password(System.Int32)">
<member name="M:Performance.Api.Controllers.AccountController.Password(System.Int32,Performance.DtoModels.ResetPwdRequest)">
<summary>
修改用户密码
重置密码
</summary>
<param name="userId">用户id</param>
<param name="userId">重置目标用户id</param>
<param name="request"></param>
<returns></returns>
</member>
<member name="M:Performance.Api.Controllers.AccountController.SelfInfos(Performance.DtoModels.UserRequest)">
......
performance/Performance.Api/wwwroot/Performance.DtoModels.xml
......@@ -14,6 +14,11 @@
返回数据。
</summary>
</member>
<member name="F:Performance.DtoModels.AppConst.InitPwd">
<summary>
初始密码
</summary>
</member>
<member name="T:Performance.DtoModels.AppSettings.AppConnection">
<summary>
数据库连接字符串
......@@ -826,6 +831,31 @@
保底绩效
</summary>
</member>
<member name="P:Performance.DtoModels.PerComputeData.SheetType">
<summary>
sheet模板类型
</summary>
</member>
<member name="P:Performance.DtoModels.PerComputeData.UnitType">
<summary>
核算单元类别 (医生组/护理组)
</summary>
</member>
<member name="P:Performance.DtoModels.PerComputeData.AccountingUnit">
<summary>
核算单元名称
</summary>
</member>
<member name="P:Performance.DtoModels.PerComputeData.TypeName">
<summary>
列头类型名称
</summary>
</member>
<member name="P:Performance.DtoModels.PerComputeData.CellValue">
<summary>
单元格value
</summary>
</member>
<member name="P:Performance.DtoModels.PerData.UnitType">
<summary>
核算单元类别 (医生组/护理组)
......@@ -2449,6 +2479,21 @@
<member name="P:Performance.DtoModels.ReportRequest.AccountingUnit">
<summary> 科室 </summary>
</member>
<member name="P:Performance.DtoModels.ResetPwdRequest.Password">
<summary>
操作人密码
</summary>
</member>
<member name="P:Performance.DtoModels.ResetPwdRequest.CurrentUserId">
<summary>
操作人密码
</summary>
</member>
<member name="P:Performance.DtoModels.ResetPwdRequest.TargetUserId">
<summary>
目标登录人,希望登录的账号ID
</summary>
</member>
<member name="P:Performance.DtoModels.SecondAuditRequest.SecondId">
<summary> 二次绩效Id </summary>
</member>
......@@ -2481,6 +2526,11 @@
提交类型 1 模板提交 2 其他提交
</summary>
</member>
<member name="P:Performance.DtoModels.UserListRequest.Role">
<summary>
角色
</summary>
</member>
<member name="P:Performance.DtoModels.UserRequest.RealName">
<summary>
真实名称
......@@ -4203,6 +4253,11 @@
用户科室
</summary>
</member>
<member name="P:Performance.DtoModels.UserIdentity.IsInitialPassword">
<summary>
初始密码 1 初始 2 改过
</summary>
</member>
<member name="P:Performance.DtoModels.WorkyearResponse.MaxRange">
<summary>
最大工龄范围(小于)
......
performance/Performance.Api/wwwroot/Performance.EntityModels.xml
......@@ -9188,6 +9188,11 @@
核算序号
</summary>
</member>
<member name="P:Performance.EntityModels.sys_user.IsInitialPassword">
<summary>
初始密码 1 初始 2 改过
</summary>
</member>
<member name="T:Performance.EntityModels.sys_user_hospital">
<summary>
......
performance/Performance.DtoModels/AppConst.cs 0 → 100644
namespace Performance.DtoModels
{
public class AppConst
{
/// <summary>
/// 初始密码
/// </summary>
public const string InitPwd = "123456";
}
}
performance/Performance.DtoModels/Performance.DtoModels.csproj
<Project Sdk="Microsoft.NET.Sdk">
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net5.0</TargetFramework>
</PropertyGroup>
<PropertyGroup>
<TargetFramework>net5.0</TargetFramework>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
<DocumentationFile>..\Performance.Api\wwwroot\Performance.DtoModels.xml</DocumentationFile>
<NoWarn>1701;1702;1591</NoWarn>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
<DocumentationFile>..\Performance.Api\wwwroot\Performance.DtoModels.xml</DocumentationFile>
<NoWarn>1701;1702;1591</NoWarn>
</PropertyGroup>
<ItemGroup>
<Compile Remove="PerExcel\PerComputeData.cs" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\Performance.EntityModels\Performance.EntityModels.csproj" />
<ProjectReference Include="..\Performance.Infrastructure\Performance.Infrastructure.csproj" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\Performance.EntityModels\Performance.EntityModels.csproj" />
<ProjectReference Include="..\Performance.Infrastructure\Performance.Infrastructure.csproj" />
</ItemGroup>
</Project>
performance/Performance.DtoModels/Request/ResetPwdRequest.cs 0 → 100644
namespace Performance.DtoModels
{
public class ResetPwdRequest
{
/// <summary>
/// 操作人密码
/// </summary>
public string Password { get; set; }
/// <summary>
/// 操作人密码
/// </summary>
public int CurrentUserId { get; set; }
/// <summary>
/// 目标登录人,希望登录的账号ID
/// </summary>
public int TargetUserId { get; set; }
public string AppName { get; set; }
public string Device { get; set; }
}
}
performance/Performance.DtoModels/Request/UserListRequest.cs 0 → 100644
namespace Performance.DtoModels
{
public class UserListRequest
{
/// <summary>
/// 角色
/// </summary>
public int Role { get; set; }
}
}
performance/Performance.DtoModels/Request/UserRequest.cs
using FluentValidation;
using System;
using System.Collections.Generic;
using System.Text;
using System.Text.RegularExpressions;
using System;
using FluentValidation;
namespace Performance.DtoModels
{
......@@ -46,7 +43,7 @@ public class UserRequest
/// 角色Arr
/// </summary>
public int[] RoleArr { get; set; }
/// <summary>
/// 用户医院ID
/// </summary>
......@@ -74,7 +71,7 @@ public UserRequestValidator()
{
action();
RuleFor(x => x.RoleArr).NotNull().NotEmpty();
RuleFor(x => x.Password).NotNull().NotEmpty().Length(4, 20);
RuleFor(x => x.Password).NotNull().NotEmpty().Length(4, 64);
RuleFor(x => x.HosIDArray).NotNull().NotEmpty().Must(f => f.Length > 0);
});
......@@ -95,7 +92,7 @@ public UserRequestValidator()
RuleSet("Self", () =>
{
RuleFor(x => x.Password).Length(4, 20);
RuleFor(x => x.Password).Length(4, 64);
//RuleFor(x => x.Mobile).Must((pre) =>
//{
// if (!string.IsNullOrEmpty(pre))
......
performance/Performance.DtoModels/Response/UserIdentity.cs
......@@ -25,7 +25,10 @@ public class UserIdentity
public string Department { get; set; }
public List<HospitalResponse> Hospital { get; set; }
public List<RoleResponse> Role { get; set; }
/// <summary>
/// 初始密码 1 初始 2 改过
/// </summary>
public int IsInitialPassword { get; set; }
public UserIdentity()
{
Hospital = new List<HospitalResponse>();
......
performance/Performance.DtoModels/Response/UserResponse.cs
......@@ -11,7 +11,6 @@ public class UserResponse
public int CreateUser { get; set; }
public string RealName { get; set; }
public string Login { get; set; }
public string Password { get; set; }
public string Mail { get; set; }
public string Mobile { get; set; }
public int States { get; set; }
......
performance/Performance.EntityModels/Entity/Sys_User.cs
......@@ -83,5 +83,9 @@ public class sys_user
/// 核算序号
/// </summary>
public string UnitCode { get; set; }
/// <summary>
/// 初始密码 1 初始 2 改过
/// </summary>
public int IsInitialPassword { get; set; }
}
}
performance/Performance.EntityModels/Enum.cs
......@@ -92,3 +92,14 @@ public enum UnitType
[Description("行政工勤")]
行政工勤 = 12,
}
public enum InitialPassword
{
初始 = 1,
修改 = 2,
}
public enum EQuickLogin
{
YES = 1,
NO = 2,
}
performance/Performance.Infrastructure/Helper/PwdHelper.cs 0 → 100644
using System.Security.Cryptography;
using System.Text;
namespace Performance.Infrastructure
{
public class PwdHelper
{
/// <summary>
/// 一次加密不加盐
/// </summary>
/// <param name="password"></param>
/// <returns></returns>
public static string MD5(string password)
{
return MD5Encrypt(password);
}
/// <summary>
/// 一次加密加盐
/// </summary>
/// <param name="password"></param>
/// <param name="salt"></param>
/// <returns></returns>
public static string MD5AndSalt(string password, string salt = "Suvalue")
{
return MD5Encrypt(password + salt);
}
/// <summary>
/// 两次加密加盐
/// </summary>
/// <param name="password"></param>
/// <param name="salt"></param>
/// <returns></returns>
public static string MD5AndSalt2(string password, string salt = "Suvalue")
{
return MD5Encrypt(MD5Encrypt(password) + salt);
}
/// <summary>
/// 32位MD5加密
/// </summary>
/// <param name="password"></param>
/// <returns></returns>
private static string MD5Encrypt(string password)
{
MD5CryptoServiceProvider md5Hasher = new MD5CryptoServiceProvider();
byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(password));
StringBuilder sBuilder = new StringBuilder();
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));//转化为小写的32进制
}
return sBuilder.ToString();
}
}
}
\ No newline at end of file
performance/Performance.Services/PersonService.cs
......@@ -381,7 +381,7 @@ public ApiResponse UpdatePerson(PerEmployeeResponse request)
}
if (error.Count > 0)
return new ApiResponse(ResponseType.WarningTable, "修改成功,但存在其他问题请及时处理", error);
return new ApiResponse(ResponseType.WarningTable, "修改成功,但存在其他问题请及时处理", error);
#endregion
return new ApiResponse(ResponseType.OK, "修改成功");
......@@ -1353,13 +1353,16 @@ public void SaveQueryRole(int hospitalId, int userId, List<Dictionary<string, st
{
var json = JsonHelper.Serialize(item);
var data = JsonHelper.Deserialize<per_employee>(json);
string pwd = item.ContainsKey("Password") ? item["Password"] : "";
if (hospital.IsOwnerQuery == 1)
{
var isNewRole = !string.IsNullOrEmpty(data.PersonnelNumber?.Trim()) && !string.IsNullOrEmpty(item["Password"]);
var isNewRole = !string.IsNullOrEmpty(data.PersonnelNumber?.Trim()) && !string.IsNullOrEmpty(pwd);
var isRepeat = users.FirstOrDefault(t => t.Login == data.PersonnelNumber?.Trim());
if (isRepeat != null)
{
isRepeat.Password = item["Password"];
isRepeat.Password = PwdHelper.MD5AndSalt2(pwd);
updateUsers.Add(isRepeat);
}
if (isNewRole && isRepeat == null)
......
performance/Performance.Services/ReportGlobalService.cs
......@@ -559,7 +559,8 @@ private T GetCellValue<T>(IRow row, List<string> columns, string key)
var data = (from t1 in pdata
join t2 in tdata
on t1.PersonnelNumber equals t2.PersonnelNumber into temp
from t in temp.DefaultIfEmpty() orderby t1.Id descending
from t in temp.DefaultIfEmpty()
orderby t1.Id descending
select new
{
PersonnelNumber = t1.PersonnelNumber,
......@@ -590,7 +591,7 @@ select new
Tag5 = t?.Tag5,
}).Distinct()?.ToList();
if (data == null || !data.Any()) return (result,null);
if (data == null || !data.Any()) return (result, null);
var users = new List<sys_user>();
if (hos?.IsOwnerQuery == 1)
......@@ -613,7 +614,8 @@ select new
select new HandsonCellData(conf.Alias, fst.Value)).ToList();
if (hos?.IsOwnerQuery == 1)
{
var password = users.FirstOrDefault(w => w.Login == item.PersonnelNumber && w.Department == item.AccountingUnit)?.Password ?? "";
//var password = users.FirstOrDefault(w => w.Login == item.PersonnelNumber && w.Department == item.AccountingUnit)?.Password ?? "";
var password = "";
cells.Add(new HandsonCellData("密码", password));
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment