jwt&swagger

performance/Performance.Api/Controllers/AccountController.cs

 using FluentValidation.AspNetCore;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Caching.Memory;
 using Microsoft.Extensions.Options;
@@ -11,6 +12,7 @@
 using System;
 using System.Collections.Generic;
 using System.Linq;
+using System.Security.Claims;
 using System.Threading.Tasks;
 
 namespace Performance.Api.Controllers
@@ -44,42 +46,72 @@ public class AccountController : Controller
         /// </summary>
         /// <param name="request"></param>
         /// <returns></returns> 
-        [NoVerify]
         [HttpPost]
         [Route("login")]
-        public ApiResponse<UserIdentity> Login([FromBody]LoginRequest request)
+        [AllowAnonymous]
+        public ApiResponse<JwtToken> Login([FromBody]LoginRequest request)
         {
             var user = _userService.Login(request);
             if (user == null)
-                return new ApiResponse<UserIdentity>(ResponseType.Fail, "用户不存在");
-            int[] roleArray = new int[] { _options.NurseRole, _options.DirectorRole };
+                return new ApiResponse<JwtToken>(ResponseType.Fail, "用户不存在");
 
-            user.Hospital = _hospitalService.GetUserHopital(user.UserID);
-            user.Role = _roleService.GetUserRole(user.UserID);
-            user.IsAgainAdmin = user.Role != null ? roleArray.Contains(user.Role.First().RoleID) : false;
+            var claims = new Claim[]
+            {
+                new Claim(JwtClaimTypes.Id, user.UserID.ToString()),
+                new Claim(JwtClaimTypes.Login, user.Login),
+                new Claim(JwtClaimTypes.RealName,  user.RealName),
+                new Claim(JwtClaimTypes.Mail, user.Mail),
+                new Claim(JwtClaimTypes.AppName, request.AppName ?? ""),
+                new Claim(JwtClaimTypes.Device, request.Device ?? ""),
+                new Claim(JwtClaimTypes.Department, user.Department ?? ""),
+            };
 
-            if (string.IsNullOrEmpty(user.Token))
-                user.Token = Guid.NewGuid().ToString("N");
+            var jwtToken = JwtTokenHelper.GenerateToken(claims, _options.ExpirationMinutes);
+            return new ApiResponse<JwtToken>(ResponseType.OK, jwtToken);
+        }
 
-            var option = new MemoryCacheEntryOptions()
+        /// <summary>
+        /// 刷新登录JWT TOKEN
+        /// </summary>
+        /// <returns></returns> 
+        [HttpPost]
+        [Route("refresh")]
+        public ApiResponse<JwtToken> Refresh()
+        {
+            var userClaim = _claim.GetUserClaim();
+            var claims = new Claim[]
             {
-                SlidingExpiration = TimeSpan.FromMinutes(_options.ExpirationMinutes)
+                new Claim(JwtClaimTypes.Id, userClaim.FirstOrDefault(t => t.Type == JwtClaimTypes.Id).Value),
+                new Claim(JwtClaimTypes.Login, userClaim.FirstOrDefault(t => t.Type == JwtClaimTypes.Login).Value),
+                new Claim(JwtClaimTypes.RealName,  userClaim.FirstOrDefault(t => t.Type == JwtClaimTypes.RealName).Value),
+                new Claim(JwtClaimTypes.Mail, userClaim.FirstOrDefault(t => t.Type == JwtClaimTypes.Mail).Value),
+                new Claim(JwtClaimTypes.AppName, userClaim.FirstOrDefault(t => t.Type == JwtClaimTypes.AppName).Value),
+                new Claim(JwtClaimTypes.Device, userClaim.FirstOrDefault(t => t.Type == JwtClaimTypes.Device).Value),
+                new Claim(JwtClaimTypes.Department, userClaim.FirstOrDefault(t => t.Type == JwtClaimTypes.Department).Value),
             };
-            _memoryCache.Set(user.Token, user, option);
 
-            return new ApiResponse<UserIdentity>(ResponseType.OK, user);
-        }
+            var jwtToken = JwtTokenHelper.GenerateToken(claims, _options.ExpirationMinutes);
+            // 设置当前请求Jwt失效
+            var jwt = _claim.GetJwtToken();
+            //claimService.SetJwtBlacklist(jwt);
 
+            return new ApiResponse<JwtToken>(ResponseType.OK, jwtToken);
+        }
         /// <summary>
         /// 查询个人信息
         /// </summary>
-        /// <param name="request"></param>
         /// <returns></returns>
         [Route("selfinfo")]
         [HttpPost]
-        public ApiResponse SelfInfo([FromBody]ApiRequest request)
+        public ApiResponse SelfInfo()
         {
-            var user = _claim.At(request.Token);
+            var userid = _claim.GetUserId();
+            var user = _userService.GetUser(userid);
+            user.Role = _roleService.GetUserRole(user.UserID);
+            user.Hospital = _hospitalService.GetUserHopital(user.UserID);
+
+            int[] roleArray = new int[] { _options.NurseRole, _options.DirectorRole };
+            user.IsAgainAdmin = user.Role != null ? roleArray.Contains(user.Role.First().RoleID) : false;
             return new ApiResponse(ResponseType.OK, user);
         }
 
@@ -92,7 +124,7 @@ public ApiResponse SelfInfo([FromBody]ApiRequest request)
         [HttpPost]
         public ApiResponse<UserResponse> UpdateSelf([CustomizeValidator(RuleSet = "Self"), FromBody]UserRequest request)
         {
-            request.ID = _claim.At(request.Token).UserID;
+            request.ID = _claim.GetUserId();
             var user = _userService.UpdateSelf(request);
             return new ApiResponse<UserResponse>(ResponseType.OK, user);
         }
@@ -100,13 +132,12 @@ public ApiResponse<UserResponse> UpdateSelf([CustomizeValidator(RuleSet = "Self"
         /// <summary>
         /// 用户列表
         /// </summary>
-        /// <param name="request"></param>
         /// <returns></returns>
         [Route("list")]
         [HttpPost]
-        public ApiResponse<List<UserResponse>> List([FromBody]ApiRequest request)
+        public ApiResponse<List<UserResponse>> List()
         {
-            var userList = _userService.GetUserList(_claim.At(request.Token).UserID);
+            var userList = _userService.GetUserList(_claim.GetUserId());
             return new ApiResponse<List<UserResponse>>(ResponseType.OK, "ok", userList);
         }
 
@@ -119,8 +150,8 @@ public ApiResponse<List<UserResponse>> List([FromBody]ApiRequest request)
         [HttpPost]
         public ApiResponse<UserResponse> Insert([CustomizeValidator(RuleSet = "Insert"), FromBody]UserRequest request)
         {
-            var userIdentity = _claim.At(request.Token);
-            var user = _userService.Insert(request, userIdentity.UserID);
+            var userId = _claim.GetUserId();
+            var user = _userService.Insert(request, userId);
             user.Role = request.Role;
             return new ApiResponse<UserResponse>(ResponseType.OK, user);
         }
@@ -146,8 +177,13 @@ public ApiResponse Delete([CustomizeValidator(RuleSet = "Delete"), FromBody]User
         [HttpPost]
         public ApiResponse<UserResponse> Update([CustomizeValidator(RuleSet = "Update"), FromBody]UserRequest request)
         {
-            var userIdentity = _claim.At(request.Token);
-            var user = _userService.Update(request, userIdentity.IsAgainAdmin);
+            var userId = _claim.GetUserId();
+
+            int[] roleArray = new int[] { _options.NurseRole, _options.DirectorRole };
+            var roles = _roleService.GetUserRole(userId);
+            var isAgainAdmin = roles != null ? roleArray.Contains(roles.First().RoleID) : false;
+
+            var user = _userService.Update(request, isAgainAdmin);
             user.Role = request.Role;
             return new ApiResponse<UserResponse>(ResponseType.OK, user);
         }
@@ -161,7 +197,7 @@ public ApiResponse<UserResponse> Update([CustomizeValidator(RuleSet = "Update"),
         [HttpPost]
         public ApiResponse<UserResponse> Password([FromBody]PasswordRequest request)
         {
-            var userid = _claim.At(request.Token).UserID;
+            var userid = _claim.GetUserId();
             var user = _userService.UpdatePwd(request, userid);
             return new ApiResponse<UserResponse>(ResponseType.OK, user);
         }
@@ -169,11 +205,10 @@ public ApiResponse<UserResponse> Password([FromBody]PasswordRequest request)
         /// <summary>
         /// 角色列表
         /// </summary>
-        /// <param name="request"></param>
         /// <returns></returns>
         [Route("rolelist")]
         [HttpPost]
-        public ApiResponse<List<sys_role>> RoleList([FromBody]ApiRequest request)
+        public ApiResponse<List<sys_role>> RoleList()
         {
             var roleList = _userService.RoleList();
             return new ApiResponse<List<sys_role>>(ResponseType.OK, "ok", roleList);

performance/Performance.Api/Controllers/AgainAllotController.cs

@@ -29,6 +29,7 @@ namespace Performance.Api.Controllers
     public class AgainAllotController : Controller
     {
         private AgainAllotService againAllotService;
+        private RoleService roleService;
         private ComputeService computeService;
         private ClaimService claimService;
         private AllotService allotService;
@@ -36,6 +37,7 @@ public class AgainAllotController : Controller
         private ConfigService configService;
         private Application application;
         public AgainAllotController(AgainAllotService againAllotService,
+              RoleService roleService,
              ClaimService claimService,
              AllotService allotService,
              IHostingEnvironment env,
@@ -44,6 +46,7 @@ public class AgainAllotController : Controller
              IOptions<Application> options)
         {
             this.againAllotService = againAllotService;
+            this.roleService = roleService;
             this.claimService = claimService;
             this.allotService = allotService;
             this.env = env;
@@ -58,10 +61,10 @@ public class AgainAllotController : Controller
         /// <returns></returns>
         [Route("allotlist")]
         [HttpPost]
-        public ApiResponse AllotList([FromBody]ApiRequest request)
+        public ApiResponse AllotList()
         {
-            var user = claimService.At(request);
-            var list = againAllotService.GetAllotList(user.UserID);
+            var userId = claimService.GetUserId();
+            var list = againAllotService.GetAllotList(userId);
             return new ApiResponse(ResponseType.OK, list);
         }
 
@@ -122,19 +125,21 @@ public ApiResponse Import([FromForm] IFormCollection form)
         [HttpPost]
         public ApiResponse DepartmentDetail([CustomizeValidator(RuleSet = "Generate"), FromBody]AgainAllotRequest request)
         {
-            var user = claimService.At(request);
+            var userId = claimService.GetUserId();
+            var roles = roleService.GetUserRole(userId);
+            var department = claimService.GetUserClaim(JwtClaimTypes.Department);
 
             var again = againAllotService.GetAgainallot(request.AgainAllotID);
             if (again == null)
                 return new ApiResponse(ResponseType.Fail, "当前二次绩效ID无效");
-            if (user.Role.First().RoleID == application.DirectorRole)
+            if (roles.First().RoleID == application.DirectorRole)
             {
-                var detail = computeService.GetDepartmentDetail(again.AllotID.Value, user.Department, 1);
+                var detail = computeService.GetDepartmentDetail(again.AllotID.Value, department, 1);
                 return new ApiResponse(ResponseType.OK, detail);
             }
-            else if (user.Role.First().RoleID == application.NurseRole)
+            else if (roles.First().RoleID == application.NurseRole)
             {
-                var detail = computeService.GetDepartmentDetail(again.AllotID.Value, user.Department, 2);
+                var detail = computeService.GetDepartmentDetail(again.AllotID.Value, department, 2);
                 return new ApiResponse(ResponseType.OK, detail);
             }
             return new ApiResponse(ResponseType.Fail, "当前用户角色无法识别");
@@ -149,8 +154,9 @@ public ApiResponse DepartmentDetail([CustomizeValidator(RuleSet = "Generate"), F
         [HttpPost]
         public ApiResponse Generate([CustomizeValidator(RuleSet = "Generate"), FromBody]AgainAllotRequest request)
         {
-            var user = claimService.At(request);
-            var result = againAllotService.Generate(request, user);
+            var userId = claimService.GetUserId();
+            var department = claimService.GetUserClaim(JwtClaimTypes.Department);
+            var result = againAllotService.Generate(request, userId, department);
             return new ApiResponse(ResponseType.OK);
         }
 
@@ -163,8 +169,7 @@ public ApiResponse Generate([CustomizeValidator(RuleSet = "Generate"), FromBody]
         [HttpPost]
         public ApiResponse Detail([CustomizeValidator(RuleSet = "Generate"), FromBody]AgainAllotRequest request)
         {
-            var user = claimService.At(request);
-            var result = againAllotService.Detail(request, user);
+            var result = againAllotService.Detail(request);
             return new ApiResponse(ResponseType.OK, new { result.AgainSituation, result.SheetExport });
         }
     }

performance/Performance.Api/Controllers/AllotController.cs

@@ -65,8 +65,8 @@ public ApiResponse List([FromBody]AllotRequest request)
         [HttpPost]
         public ApiResponse Insert([CustomizeValidator(RuleSet = "Insert"), FromBody]AllotRequest request)
         {
-            var user = _claim.At(request);
-            var result = _allotService.InsertAllot(request, user.UserID);
+            var userId = _claim.GetUserId();
+            var result = _allotService.InsertAllot(request, userId);
             _configService.Copy(result);
             return new ApiResponse(ResponseType.OK, result);
         }
@@ -155,8 +155,8 @@ public ApiResponse Generate([CustomizeValidator(RuleSet = "Delete"), FromBody]Al
             var allot = _allotService.GetAllot(request.ID);
             if (null == allot || string.IsNullOrEmpty(allot.Path))
                 throw new PerformanceException("当前绩效记录不存在或没有上传数据文件");
-            var user = _claim.At(request);
-            _allotService.Generate(allot, user.Mail);
+            var email = _claim.GetUserClaim(JwtClaimTypes.Mail);
+            _allotService.Generate(allot, email);
             //BackgroundJob.Enqueue(() => _allotService.Generate(allot, user.Mail));
             return new ApiResponse(ResponseType.OK);
         }

performance/Performance.Api/Controllers/AssessController.cs

@@ -129,7 +129,7 @@ public ApiResponse EditAssessData([CustomizeValidator(RuleSet = "Edit"), FromBod
         //考核模版列表
         [HttpPost]
         [Route("tempassesslist")]
-        public ApiResponse TempAssessList([FromBody]ApiRequest request)
+        public ApiResponse TempAssessList()
         {
             return assessService.TempAssessList();
         }

performance/Performance.Api/Controllers/ComputeController.cs

@@ -136,11 +136,12 @@ public ApiResponse AllCompute([FromBody]ComputerRequest request)
         [HttpPost]
         public ApiResponse UpdateRealfee([CustomizeValidator(RuleSet = "UpdateReal"), FromBody] ComputerRequest request)
         {
-            var user = _claim.At(request);
+            var userId = _claim.GetUserId();
+            var realName = _claim.GetUserClaim(JwtClaimTypes.RealName);
             var compute = _computeService.GetComputeSingle(request.ComputeId);
             if (null == compute)
                 throw new PerformanceException("当前数据记录不存在");
-            compute = _computeService.UpdateRealfee(request, user);
+            compute = _computeService.UpdateRealfee(request, userId, realName);
             return new ApiResponse(ResponseType.OK, "修改成功", compute);
         }
 

performance/Performance.Api/Controllers/HospitalController.cs

@@ -29,9 +29,9 @@ public HospitalController(HospitalService hospitalService, ClaimService claimSer
         /// <returns></returns>
         [Route("hospitallist")]
         [HttpPost]
-        public ApiResponse<List<HospitalResponse>> GetHospitalList([FromBody]ApiRequest request)
+        public ApiResponse<List<HospitalResponse>> GetHospitalList()
         {
-            var hospitalList = _hospitalService.GetUserHopital(_claim.At(request.Token).UserID);
+            var hospitalList = _hospitalService.GetUserHopital(_claim.GetUserId());
             return new ApiResponse<List<HospitalResponse>>(ResponseType.OK, "ok", hospitalList);
         }
 
@@ -44,7 +44,7 @@ public ApiResponse<List<HospitalResponse>> GetHospitalList([FromBody]ApiRequest
         [HttpPost]
         public ApiResponse<HospitalResponse> Insert([CustomizeValidator(RuleSet = "Insert"), FromBody]HospitalRequest request)
         {
-            var userid = _claim.At(request.Token).UserID;
+            var userid = _claim.GetUserId();
             var hospital = _hospitalService.Insert(request, userid);
             _hospitalService.InsertUserHospital(userid, hospital.HosID);
             return new ApiResponse<HospitalResponse>(ResponseType.OK, hospital);
@@ -68,7 +68,7 @@ public ApiResponse<HospitalResponse> Update([CustomizeValidator(RuleSet = "Updat
         /// </summary>
         /// <param name="request"></param>
         /// <returns></returns>
-        [Disable]
+        [ApiDisable]
         [Route("delete")]
         [HttpPost]
         public ApiResponse Delete([CustomizeValidator(RuleSet = "Delete"), FromBody]HospitalRequest request)

performance/Performance.Api/Controllers/MenuController.cs

@@ -32,9 +32,9 @@ public MenuController(MenuService menuService, ClaimService claimService)
         /// <returns></returns>
         [Route("menulist")]
         [HttpPost]
-        public ApiResponse<List<MenuResponse>> MenuList([FromBody]ApiRequest request)
+        public ApiResponse<List<MenuResponse>> MenuList()
         {
-            var menuList = _menuService.GetMenuList(_claim.At(request.Token).UserID);
+            var menuList = _menuService.GetMenuList(_claim.GetUserId());
             return new ApiResponse<List<MenuResponse>>(ResponseType.OK, menuList);
         }
     }

performance/Performance.Api/Controllers/ReportController.cs

@@ -25,6 +25,7 @@ public ReportController(ReportService reportService, ClaimService claimService)
         /// </summary>
         /// <returns></returns>
         [Route("survey")]
+        [HttpPost]
         public ApiResponse Survey([CustomizeValidator(RuleSet = "Query"), FromBody]ReportRequest request)
         {
             var result = reportService.Survey(request.HospitalId);
@@ -36,6 +37,7 @@ public ApiResponse Survey([CustomizeValidator(RuleSet = "Query"), FromBody]Repor
         /// </summary>
         /// <returns></returns>
         [Route("doctoravg")]
+        [HttpPost]
         public ApiResponse DoctorAvg([CustomizeValidator(RuleSet = "Query"), FromBody]ReportRequest request)
         {
             var result = reportService.DoctorAvg(request.HospitalId, request.IsIndex);
@@ -47,6 +49,7 @@ public ApiResponse DoctorAvg([CustomizeValidator(RuleSet = "Query"), FromBody]Re
         /// </summary>
         /// <returns></returns>
         [Route("nurseavg")]
+        [HttpPost]
         public ApiResponse NurseAvg([CustomizeValidator(RuleSet = "Query"), FromBody]ReportRequest request)
         {
             var result = reportService.NurseAvg(request.HospitalId, request.IsIndex);
@@ -58,6 +61,7 @@ public ApiResponse NurseAvg([CustomizeValidator(RuleSet = "Query"), FromBody]Rep
         /// </summary>
         /// <returns></returns>
         [Route("outfeeavg")]
+        [HttpPost]
         public ApiResponse OutFeeAvg([CustomizeValidator(RuleSet = "Query"), FromBody]ReportRequest request)
         {
             var list = reportService.OutFeeAvg(request.HospitalId);
@@ -69,6 +73,7 @@ public ApiResponse OutFeeAvg([CustomizeValidator(RuleSet = "Query"), FromBody]Re
         /// </summary>
         /// <returns></returns>
         [Route("inpatfeeavg")]
+        [HttpPost]
         public ApiResponse InpatFeeAvg([CustomizeValidator(RuleSet = "Query"), FromBody]ReportRequest request)
         {
             var list = reportService.InpatFeeAvg(request.HospitalId);
@@ -80,6 +85,7 @@ public ApiResponse InpatFeeAvg([CustomizeValidator(RuleSet = "Query"), FromBody]
         /// </summary>
         /// <returns></returns>
         [Route("medicine")]
+        [HttpPost]
         public ApiResponse Medicine([CustomizeValidator(RuleSet = "Query"), FromBody]ReportRequest request)
         {
             var list = reportService.Medicine(request.HospitalId, request.IsIndex);
@@ -91,6 +97,7 @@ public ApiResponse Medicine([CustomizeValidator(RuleSet = "Query"), FromBody]Rep
         /// </summary>
         /// <returns></returns>
         [Route("income")]
+        [HttpPost]
         public ApiResponse Income([CustomizeValidator(RuleSet = "Query"), FromBody]ReportRequest request)
         {
             var list = reportService.Income(request.HospitalId, request.IsIndex);

performance/Performance.Api/Controllers/SmsController.cs

 using FluentValidation.AspNetCore;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Performance.DtoModels;
 using Performance.DtoModels.Request;
@@ -29,7 +30,7 @@ public SmsController(SmsService smsService)
         /// <returns></returns>
         [Route("code")]
         [HttpPost]
-        [NoVerify]
+        [AllowAnonymous]
         public ApiResponse Code([FromBody]SmsCodeRequest request)
         {
             if (!_smsService.SendCode(request.Type, request.Mobile))
@@ -44,7 +45,7 @@ public ApiResponse Code([FromBody]SmsCodeRequest request)
         /// <returns></returns>
         [Route("check")]
         [HttpPost]
-        [NoVerify]
+        [AllowAnonymous]
         public ApiResponse Check([CustomizeValidator(RuleSet = "SmsCheck")][FromBody]SmsCodeRequest request)
         {
             if (!_smsService.Check(request.Mobile, request.Code))

performance/Performance.Api/Controllers/TemplateController.cs

 using FluentValidation.AspNetCore;
 using Hangfire;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Http.Internal;
@@ -62,7 +63,7 @@ public class TemplateController : Controller
         [HttpPost]
         public ApiResponse Import([FromForm] IFormCollection form)
         {
-            var user = claim.At(form.ToDictionary().GetValue("token", ""));
+            var userId = claim.GetUserId();
             var hospitalid = form.ToDictionary().GetValue("hospitalid", 0);
             if (hospitalid <= 0)
                 return new ApiResponse(ResponseType.Fail, "参数错误", "hospitalid无效");
@@ -91,7 +92,7 @@ public ApiResponse Import([FromForm] IFormCollection form)
                 var template = new per_first
                 {
                     HospitalId = hospitalid,
-                    CreateUser = user.UserID,
+                    CreateUser = userId,
                     CreateDate = DateTime.Now,
                     Path = path,
                     UploadDate = DateTime.Now,
@@ -127,7 +128,7 @@ public ApiResponse ExtractData([CustomizeValidator(RuleSet = "Template"), FromBo
                 if (hospital == null)
                     return new ApiResponse(ResponseType.Fail, "医院无效");
 
-                var user = claim.At(request.Token);
+                var email = claim.GetUserClaim(JwtClaimTypes.Mail);
                 allot.IsExtracting = 1;
                 allotService.Update(allot);
                 string path = extractService.GetFilepath(hospital.ID, out int type);
@@ -145,7 +146,7 @@ public ApiResponse ExtractData([CustomizeValidator(RuleSet = "Template"), FromBo
                 {
                     id = request.ID,
                     hospitalId = hospital.ID,
-                    mail = user.Mail,
+                    mail = email,
                     path = path
                 });
 
@@ -171,7 +172,8 @@ public ApiResponse ExtractData([CustomizeValidator(RuleSet = "Template"), FromBo
         /// </summary>
         /// <returns></returns>
         [Route("down")]
-        [NoVerify]
+        [AllowAnonymous]
+        [HttpGet]
         public IActionResult DownFile([FromQuery]AllotRequest request)
         {
             var allot = allotService.GetAllot(request.ID);
@@ -199,7 +201,7 @@ public IActionResult DownFile([FromQuery]AllotRequest request)
         /// <returns></returns>
         [Route("savefile")]
         [HttpPost]
-        [NoVerify]
+        [AllowAnonymous]
         public ApiResponse SaveFile([FromForm] IFormCollection form, int allotId, int hospitalId)
         {
             logger.LogInformation($"保存提取文件 参数:allotId：{allotId} hospitalId：{hospitalId}");

performance/Performance.Api/Controllers/ValuesController.cs

-using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -12,7 +13,7 @@ public class ValuesController : ControllerBase
     {
         // GET api/values
         [HttpGet]
-        [NoVerify]
+        [AllowAnonymous]
         public ActionResult<IEnumerable<string>> Get()
         {
             //var excel = _excelService.Analyze(@"C:\Users\ry\Desktop\文件\测试.xlsx");
@@ -21,7 +22,7 @@ public ActionResult<IEnumerable<string>> Get()
 
         // GET api/values/5
         [HttpGet("{id}")]
-        [NoVerify]
+        [AllowAnonymous]
         public ActionResult<string> Getid(int id)
         {
             return "value";

performance/Performance.Api/Filters/ActionsFilter.cs

@@ -33,37 +33,20 @@ public ActionsFilter(ILoggerFactory factory, IMemoryCache cache, IHostingEnviron
         public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
         {
             var request = context.HttpContext.Request;
+            //记录Request请求 
+            var authorization = context.HttpContext.Request.Headers["Authorization"];
+            var req = new { request.Path, request.Method, context.ActionArguments, Token = authorization.Count > 0 ? authorization.First() : "" };
+            _logger.LogInformation($"请求内容 {JsonHelper.Serialize(req)}");
             //启用body倒带功能
             request.EnableRewind();
-            //记录Request请求
-            var kv = GetRequestContent(request);
-            _logger.LogInformation($"请求内容 {request.Method}:{JsonHelper.Serialize(kv)}");
 
-            LogHelper.Information($"请求地址：{context.HttpContext.Request.Path};请求参数：{JsonHelper.Serialize(kv)}", "请求内容");
             //接口禁用 
-            var disable = ((ControllerActionDescriptor)context.ActionDescriptor).MethodInfo.GetCustomAttributes(typeof(DisableAttribute), true);
-            if (disable.Length > 0)
+            if (context.Filters.Any(item => item is ApiDisableAttribute))
             {
                 var response = new ApiResponse(ResponseType.Disable, "接口已禁用");
                 context.Result = new ObjectResult(response);
                 return;
             }
-            //token验证
-            if (!_env.IsDevelopment())
-            {
-                var arry = ((ControllerActionDescriptor)context.ActionDescriptor).MethodInfo.GetCustomAttributes(typeof(NoVerifyAttribute), true);
-                if (arry.Length == 0)
-                {
-                    var token = kv.GetValue("token", "");
-                    var user = _cache.Get<UserIdentity>(token);
-                    if (string.IsNullOrEmpty(token) || user == null || !user.Token.Equals(token))
-                    {
-                        var response = new ApiResponse(ResponseType.TokenError, "Token无效");
-                        context.Result = new ObjectResult(response);
-                        return;
-                    }
-                }
-            }
             //验证请求参数
             if (!context.ModelState.IsValid)
             {
@@ -76,6 +59,7 @@ public ActionsFilter(ILoggerFactory factory, IMemoryCache cache, IHostingEnviron
                 _logger.LogInformation($"响应结果:{jsonData}");
                 LogHelper.Information($"请求地址：{context.HttpContext.Request.Path};响应结果：{jsonData}", "响应结果");
             }
+
             //记录response结果
             else
             {
@@ -93,58 +77,8 @@ public ActionsFilter(ILoggerFactory factory, IMemoryCache cache, IHostingEnviron
                 }
             }
         }
-
-        /// <summary>
-        /// 读取请求内容
-        /// </summary>
-        /// <param name="request"></param>
-        /// <returns></returns>
-        private SortedDictionary<string, object> GetRequestContent(HttpRequest request)
-        {
-            if (request.Method.Equals("POST"))
-            {
-                if (request.Body.CanSeek)
-                {
-                    var types = request.ContentType.Split(';');
-                    if (types.Contains("application/json"))
-                    {
-                        using (var stream = request.Body)
-                        {
-                            stream.Position = 0;
-                            var reader = new StreamReader(stream, Encoding.UTF8);
-                            var requestContext = reader.ReadToEnd();
-                            return JsonHelper.DeserializeLower(requestContext);
-                        }
-                    }
-                    else if (types.Contains("application/x-www-form-urlencoded") || types.Contains("multipart/form-data"))
-                    {
-                        return request.Form.ToDictionary();
-                    }
-                    else if (types.Contains("text/xml"))
-                    {
-                        //暂不处理
     }
-                }
-            }
-            else
-            {
-                if (request.Query.Count > 0)
-                {
-                    var kv = new SortedDictionary<string, object>();
-                    foreach (var item in request.Query)
-                    {
-                        kv.Add(item.Key, item.Value);
-                    }
-                    return kv;
-                }
-            }
-            return new SortedDictionary<string, object>();
-        }
-    }
-
-    [AttributeUsage(AttributeTargets.Method)]
-    public class NoVerifyAttribute : Attribute { }
 
     [AttributeUsage(AttributeTargets.Method | AttributeTargets.Class)]
-    public class DisableAttribute : Attribute { }
+    public class ApiDisableAttribute : Attribute, IFilterMetadata { }
 }

performance/Performance.Api/Filters/AuthenticationFilter.cs

+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Authorization;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Performance.DtoModels;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+
+namespace Performance.Api
+{
+    public class AuthenticationFilter : IAsyncAuthorizationFilter
+    {
+        private readonly ClaimService claimService;
+
+        public AuthenticationFilter(ClaimService claimService)
+        {
+            this.claimService = claimService;
+        }
+
+        public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
+        {
+            if (context.Filters.Any(item => item is IAllowAnonymousFilter))
+                return;
+
+            var headers = context.HttpContext.Request.Headers;
+            var authorization = headers["Authorization"];
+            if (authorization.Count == 0 || string.IsNullOrEmpty(authorization.First()))
+            {
+                var response = new ApiResponse(ResponseType.TokenError, "Token无效");
+                context.Result = new ObjectResult(response);
+                return;
+            }
+
+            // 获取token字符串
+            var token = authorization.First().Replace("Bearer ", "");
+            // jwt是否被禁用
+            if (!claimService.JwtUsable(token))
+            {
+                var response = new ApiResponse(ResponseType.TokenError, "当前请求Token已被禁用");
+                context.Result = new ObjectResult(response);
+                return;
+            }
+
+            // 调用此方法，根据token生成对应的"身份证持有人"
+            var principal = await AuthenticateJwtToken(token);
+
+            if (principal == null)
+            {
+                var response = new ApiResponse(ResponseType.TokenError, "Token无效");
+                context.Result = new ObjectResult(response);
+            }
+            else
+            {
+                context.HttpContext.User = principal; // 设置身份验证的主体
+            }
+        }
+
+        private Task<ClaimsPrincipal> AuthenticateJwtToken(string token)
+        {
+            if (ValidateToken(token, out Claim[] claims))
+            {
+                var infos = new ClaimsIdentity(claims, "Jwt");
+                ClaimsPrincipal user = new ClaimsPrincipal(infos);
+                return Task.FromResult(user);
+            }
+            return Task.FromResult<ClaimsPrincipal>(null);
+        }
+
+        private bool ValidateToken(string token, out Claim[] claims)
+        {
+            // 调用自定义的GetPrincipal获取Token的信息对象
+            var simplePrinciple = JwtTokenHelper.GetPrincipal(token);
+            // 获取主声明标识
+            var identity = simplePrinciple?.Identity as ClaimsIdentity;
+
+            claims = new Claim[] { };
+
+            if (identity == null)
+                return false;
+
+            if (identity.Claims != null && identity.Claims.Any())
+                claims = identity.Claims.ToArray();
+
+            return identity.IsAuthenticated;
+        }
+    }
+
+}

performance/Performance.Api/Performance.Api.csproj

@@ -5,14 +5,28 @@
     <AspNetCoreHostingModel>InProcess</AspNetCoreHostingModel>
   </PropertyGroup>
 
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
+    <OutputPath />
+    <DocumentationFile>..\Performance.Api\wwwroot\Performance.Api.xml</DocumentationFile>
+    <NoWarn>1701;1702;1591</NoWarn>
+  </PropertyGroup>
+
   <ItemGroup>
+    <Compile Remove="aaa\**" />
     <Compile Remove="Files\**" />
+    <Content Remove="aaa\**" />
     <Content Remove="Files\**" />
+    <EmbeddedResource Remove="aaa\**" />
     <EmbeddedResource Remove="Files\**" />
+    <None Remove="aaa\**" />
     <None Remove="Files\**" />
   </ItemGroup>
 
   <ItemGroup>
+    <None Remove="Template\~%24医院绩效模板.xlsx" />
+  </ItemGroup>
+
+  <ItemGroup>
     <PackageReference Include="AutoMapper" Version="8.0.0" />
     <PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="6.0.0" />
     <PackageReference Include="CSRedisCore" Version="3.0.45" />
@@ -45,6 +59,24 @@
     <Content Update="nlog.config">
       <CopyToOutputDirectory>Never</CopyToOutputDirectory>
     </Content>
+    <Content Update="wwwroot\Performance.Api.xml">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </Content>
+    <Content Update="wwwroot\Performance.DtoModels.xml">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </Content>
+    <Content Update="wwwroot\Performance.EntityModels.xml">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </Content>
+  </ItemGroup>
+
+  <ItemGroup>
+    <None Update="Template\医院二次分配绩效模板.xlsx">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </None>
+    <None Update="Template\医院绩效模板.xlsx">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </None>
   </ItemGroup>
 
   <ProjectExtensions><VisualStudio><UserProperties appsettings_1json__JSONSchema="" /></VisualStudio></ProjectExtensions>

performance/Performance.Api/Properties/launchSettings.json

@@ -12,14 +12,14 @@
     "IIS Express": {
       "commandName": "IISExpress",
       "launchBrowser": true,
-      "launchUrl": "api/values",
+      "launchUrl": "index.html",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       }
     },
     "Performance.Api": {
       "commandName": "Project",
-      "launchUrl": "api/values",
+      "launchUrl": "index.html",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       },

performance/Performance.Api/Startup.cs

@@ -26,6 +26,7 @@
 using System;
 using System.Collections.Generic;
 using System.Globalization;
+using System.IO;
 using System.Linq;
 using System.Net.Http;
 using System.Reflection;
@@ -108,12 +109,6 @@ public void ConfigureServices(IServiceCollection services)
                 .AddPerformanceRepoitory();
             #endregion
 
-            #region swagger
-            //services.AddSwaggerGen(c =>
-            //{
-            //    c.SwaggerDoc("v1", new Info { Title = "My API", Version = "v1" });
-            //}); 
-            #endregion
 
             #region custom util
 
@@ -157,6 +152,41 @@ public void ConfigureServices(IServiceCollection services)
                 options.UseMySQL(connection.Value.PerformanceConnectionString);
             });
             #endregion
+
+            #region swagger 
+            services.AddSwaggerGen(c =>
+            {
+                c.SwaggerDoc("v1", new Info { Version = "v1.0", Title = "食管癌随访API接口" });
+
+                var xmlPath = new string[]
+                {
+                    Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "wwwroot", "Performance.Api.xml"),
+                    Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "wwwroot", "Performance.DtoModels.xml"),
+                    Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "wwwroot", "Performance.EntityModels.xml"),
+                };
+                var xmlPathsss = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "wwwroot", "Performance.Api.xml");
+                c.IncludeXmlComments(xmlPathsss, true);
+
+                //foreach (var item in xmlPath)
+                //{
+                //    c.IncludeXmlComments(item, true);
+                //}
+
+                #region Token绑定到ConfigureServices
+
+                var security = new Dictionary<string, IEnumerable<string>> { { "Performance API", new string[] { } }, };
+                c.AddSecurityRequirement(security);
+                c.AddSecurityDefinition("Performance API", new ApiKeyScheme
+                {
+                    Description = "JWT授权(数据将在请求头中进行传输) 直接在下框中输入Bearer {token}（注意两者之间是一个空格）",
+                    Name = "Authorization",
+                    In = "HEADER"
+                });
+
+                #endregion
+            });
+            #endregion
+
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -171,16 +201,16 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
             {
                 app.UseStatusCodePagesWithReExecute("/error/{0}");
             }
-            //// Enable middleware to serve generated Swagger as a JSON endpoint.
-            //app.UseSwagger();
 
-            //// Enable middleware to serve swagger-ui (HTML, JS, CSS, etc.), 
-            //// specifying the Swagger JSON endpoint.
-            //app.UseSwaggerUI(c =>
-            //{
-            //    c.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1");
-            //    c.RoutePrefix = string.Empty;
-            //}); 
+            #region Swagger
+            app.UseSwagger();
+            app.UseSwaggerUI(c =>
+            {
+                //c.SwaggerEndpoint(Configuration["Application:SwaggerEndpoint"], "v1.0");              
+                c.SwaggerEndpoint("/swagger/v1/swagger.json", "v1.0");
+                c.RoutePrefix = "";
+            });
+            #endregion
 
             #region hangfire
 

performance/Performance.Api/Util/ClaimService.cs

-using Microsoft.Extensions.Caching.Memory;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Caching.Memory;
 using Performance.DtoModels;
 using System;
 using System.Collections.Generic;
 using System.Linq;
+using System.Security.Claims;
 using System.Threading.Tasks;
 
 namespace Performance.Api
 {
     public class ClaimService
     {
-        IMemoryCache _memoryCache;
-        public ClaimService(IMemoryCache memoryCache)
+        private readonly IHttpContextAccessor contextAccessor;
+        private readonly IMemoryCache memoryCache;
+
+        public ClaimService(IHttpContextAccessor contextAccessor, IMemoryCache memoryCache)
+        {
+            this.contextAccessor = contextAccessor;
+            this.memoryCache = memoryCache;
+        }
+
+        /// <summary>
+        /// 获取当前请求登录ID
+        /// </summary>
+        /// <returns></returns>
+        public int GetUserId()
+        {
+            var claim = GetUserClaim().FirstOrDefault(t => t.Type == JwtClaimTypes.Id);
+            if (claim == null)
+            {
+                throw new PerformanceTokenErrorException("获取当前登录用户ID失败");
+            }
+            return Convert.ToInt32(claim.Value);
+        }
+
+        /// <summary>
+        /// 获取当前请求登录ID
+        /// </summary>
+        /// <returns></returns>
+        public string GetUserClaim(string jwtClaimTypes)
+        {
+            var claim = GetUserClaim().FirstOrDefault(t => t.Type == jwtClaimTypes);
+            if (claim == null)
+            {
+                throw new PerformanceTokenErrorException("获取当前登录用户ID失败");
+            }
+            return claim.Value;
+        }
+
+        /// <summary>
+        /// 获取当前请求所有身份信息
+        /// </summary>
+        /// <returns></returns>
+        public List<Claim> GetUserClaim()
+        {
+            if (contextAccessor.HttpContext.User == null)
+            {
+                throw new PerformanceException("获取当前请求登录信息失败");
+            }
+            return contextAccessor.HttpContext.User.Claims.ToList();
+        }
+
+        /// <summary>
+        /// 获取当前请求Jwt Token
+        /// </summary>
+        /// <returns></returns>
+        public string GetJwtToken()
+        {
+            var authorization = contextAccessor.HttpContext.Request.Headers["Authorization"];
+            if (authorization.Count == 0 || string.IsNullOrEmpty(authorization.First()))
+            {
+                throw new PerformanceException("获取当前请求Authorization失败");
+            }
+            return authorization.First().Replace("Bearer ", "");
+        }
+
+        /// <summary>
+        /// 设置jwt进入黑名单
+        /// </summary>
+        /// <param name="token"></param>
+        /// <returns></returns>
+        public bool SetJwtBlacklist(string token)
         {
-            _memoryCache = memoryCache;
+            memoryCache.Set(token, DateTime.Now);
+            return true;
         }
 
-        public UserIdentity At(ApiRequest request)
+        /// <summary>
+        /// 判断当前请求JWT是否可用 可用true
+        /// </summary>
+        /// <returns></returns>
+        public bool JwtUsable()
         {
-            return At(request.Token);
+            string token = GetJwtToken();
+            return JwtUsable(token);
         }
 
-        public UserIdentity At(string token)
+        /// <summary>
+        /// 判断当前请求JWT是否可用 可用true
+        /// </summary>
+        /// <param name="token"></param>
+        /// <returns></returns>
+        public bool JwtUsable(string token)
         {
-            if (string.IsNullOrEmpty(token))
-                throw new PerformanceTokenErrorException("token is not null");
-            var user = _memoryCache.Get<UserIdentity>(token);
-            if (user == null)
-                throw new PerformanceTokenErrorException("当前用户未登录");
-            return user;
+            var @object = memoryCache.Get(token);
+            return @object == null;
         }
     }
 }

performance/Performance.Api/Util/JwtToken.cs

+using Microsoft.IdentityModel.Tokens;
+using Newtonsoft.Json;
+using System;
+using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
+using System.IO;
+using System.Linq;
+using System.Security.Claims;
+using System.Security.Cryptography;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Performance.Api
+{
+    public class JwtTokenHelper
+    {
+        private static byte[] secret = Encoding.ASCII.GetBytes(Consts.Secret);
+
+        public static JwtToken GenerateToken(Claim[] claims, int expiresMinute)
+        {
+            var authTime = DateTime.UtcNow;
+            var expiresAt = authTime.AddMinutes(expiresMinute);
+
+            var tokenDescriptor = new SecurityTokenDescriptor
+            {
+                Audience = Consts.Audience,
+                Issuer = Consts.Issuer,
+                Subject = new ClaimsIdentity(claims),
+                Expires = expiresAt,
+                SigningCredentials = new SigningCredentials(
+                    new SymmetricSecurityKey(secret), SecurityAlgorithms.HmacSha256Signature)
+            };
+            var tokenHandler = new JwtSecurityTokenHandler();
+            var token = tokenHandler.CreateToken(tokenDescriptor);
+            var tokenString = tokenHandler.WriteToken(token);
+            return new JwtToken
+            {
+                access_token = tokenString,
+                token_type = "Bearer",
+                auth_time = new DateTimeOffset(authTime).ToUnixTimeSeconds(),
+                expires_at = new DateTimeOffset(expiresAt).ToUnixTimeSeconds()
+            };
+        }
+
+        public static ClaimsPrincipal GetPrincipal(string token)
+        {
+            try
+            {
+                // 创建一个JwtSecurityTokenHandler类，用来后续操作
+                var tokenHandler = new JwtSecurityTokenHandler();
+                // 将字符串token解码成token对象
+                var jwtToken = tokenHandler.ReadToken(token) as JwtSecurityToken;
+
+                if (jwtToken == null) return null;
+
+                // 生成验证token的参数
+                var validationParameters = new TokenValidationParameters()
+                {
+                    RequireExpirationTime = true,
+                    ValidateIssuer = true,
+                    ValidateAudience = true,
+                    ValidAudience = Consts.Audience,
+                    ValidIssuer = Consts.Issuer,
+                    IssuerSigningKey = new SymmetricSecurityKey(secret)
+                };
+
+                var principal = tokenHandler.ValidateToken(token, validationParameters, out SecurityToken securityToken);
+                // 返回秘钥的主体对象，包含秘钥的所有相关信息
+                return principal;
+            }
+
+            catch (Exception ex)
+            {
+                return null;
+            }
+        }
+    }
+
+    public class JwtToken
+    {
+        /// <summary>
+        /// access token
+        /// </summary>
+        public string access_token { get; set; }
+        /// <summary>
+        /// token type
+        /// </summary>
+        public string token_type { get; set; }
+        /// <summary>
+        /// 授权时间
+        /// </summary>
+        public long auth_time { get; set; }
+        /// <summary>
+        /// 过期时间
+        /// </summary>
+        public long expires_at { get; set; }
+    }
+
+    public static class JwtClaimTypes
+    {
+        public const string Id = "id";
+        public const string Login = "login";
+        public const string RealName = "realname";
+        public const string Mail = "mail";
+        public const string AppName = "appname";
+        public const string Device = "device";
+        public const string Department = "department";
+    }
+
+    public static class Consts
+    {
+        public const string Secret = "DH4neb6Aipe1ortdalusvo8iosQiBIYupLNPTu3j40PZ9tBbLrPD4mAmDVsB7nZw";
+        public const string Issuer = "suvalue";
+        public const string Audience = "jixiao.suvalue.com";
+    }
+}

performance/Performance.DtoModels/ApiRequest.cs

@@ -6,27 +6,27 @@
 
 namespace Performance.DtoModels
 {
-    public class ApiRequest
-    {
-        /// <summary>
-        /// 登录后返回登录令牌
-        /// </summary>
-        public string Token { get; set; }
-        /// <summary>
-        /// 版本号 v1
-        /// </summary>
-        public string Version { get; set; }
-        /// <summary>
-        /// 设备号 1 苹果 2 安卓 3 网页 
-        /// </summary>
-        public string Device { get; set; }
-        /// <summary>
-        /// App名称
-        /// </summary>
-        public string AppName { get; set; }
-        ///// <summary>
-        ///// 操作用户
-        ///// </summary>
-        //public Nullable<int> ActiveUID { get; set; }
-    }
+    //public class ApiRequest
+    //{
+    //    /// <summary>
+    //    /// 登录后返回登录令牌
+    //    /// </summary>
+    //    public string Token { get; set; }
+    //    /// <summary>
+    //    /// 版本号 v1
+    //    /// </summary>
+    //    public string Version { get; set; }
+    //    /// <summary>
+    //    /// 设备号 1 苹果 2 安卓 3 网页 
+    //    /// </summary>
+    //    public string Device { get; set; }
+    //    /// <summary>
+    //    /// App名称
+    //    /// </summary>
+    //    public string AppName { get; set; }
+    //    ///// <summary>
+    //    ///// 操作用户
+    //    ///// </summary>
+    //    //public Nullable<int> ActiveUID { get; set; }
+    //}
 }

performance/Performance.DtoModels/Performance.DtoModels.csproj

@@ -4,6 +4,11 @@
     <TargetFramework>netstandard2.0</TargetFramework>
   </PropertyGroup>
 
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
+    <DocumentationFile>..\Performance.Api\wwwroot\Performance.DtoModels.xml</DocumentationFile>
+    <NoWarn>1701;1702;1591</NoWarn>
+  </PropertyGroup>
+
   <ItemGroup>
     <Compile Remove="PerExcel\PerComputeData.cs" />
   </ItemGroup>

performance/Performance.DtoModels/Request/AgainAllotRequest.cs

@@ -8,7 +8,7 @@ namespace Performance.DtoModels
     /// <summary>
     /// 二次分配请求
     /// </summary>
-    public class AgainAllotRequest : ApiRequest
+    public class AgainAllotRequest
     {
         /// <summary>
         /// 二次分配ID

performance/Performance.DtoModels/Request/AllotRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class AllotRequest : ApiRequest
+    public class AllotRequest
     {
         public int ID { get; set; }
 

performance/Performance.DtoModels/Request/AssessColumnRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class AssessColumnRequest : ApiRequest
+    public class AssessColumnRequest
     {
         public int ColumnID { get; set; }
         public int AssessID { get; set; }

performance/Performance.DtoModels/Request/AssessDataRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class AssessDataRequest : ApiRequest
+    public class AssessDataRequest
     {
         public int AssessID { get; set; }
         public List<AssessRow> AssessRow { get; set; }

performance/Performance.DtoModels/Request/AssessRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class AssessRequest : ApiRequest
+    public class AssessRequest
     {
         public int AssessID { get; set; }
         public int AllotID { get; set; }

performance/Performance.DtoModels/Request/CofAgainRequest.cs

-using System;
-using FluentValidation;
+using FluentValidation;
+using System;
 
 namespace Performance.DtoModels
 {
-    public class CofAgainRequest: ApiRequest
+    public class CofAgainRequest
     {
         public int ID { get; set; }
 

performance/Performance.DtoModels/Request/ComputerRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class ComputerRequest : ApiRequest
+    public class ComputerRequest
     {
         /// <summary>
         /// 绩效数据id

performance/Performance.DtoModels/Request/DeptDetailRequest.cs

@@ -8,7 +8,7 @@ namespace Performance.DtoModels
     /// <summary>
     /// 查看科室绩效详情
     /// </summary>
-    public class DeptDetailRequest : ApiRequest
+    public class DeptDetailRequest
     {
         /// <summary>
         /// 绩效id

performance/Performance.DtoModels/Request/DirectorRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class DirectorRequest : ApiRequest
+    public class DirectorRequest
     {
         public int ID { get; set; }
 

performance/Performance.DtoModels/Request/DrugpropRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class DrugpropRequest : ApiRequest
+    public class DrugpropRequest
     {
         public int ID { get; set; }
 

performance/Performance.DtoModels/Request/HospitalRequest.cs

@@ -8,7 +8,7 @@ namespace Performance.DtoModels
     /// <summary>
     /// 登录请求
     /// </summary>
-    public class HospitalRequest : ApiRequest
+    public class HospitalRequest
     {
         public int ID { get; set; }
         /// <summary>

performance/Performance.DtoModels/Request/IncomeRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class IncomeRequest : ApiRequest
+    public class IncomeRequest
     {
         public int ID { get; set; }
 

performance/Performance.DtoModels/Request/LoginRequest.cs

@@ -8,7 +8,7 @@ namespace Performance.DtoModels
     /// <summary>
     /// 登录请求
     /// </summary>
-    public class LoginRequest : ApiRequest
+    public class LoginRequest
     {
         /// <summary>
         /// 登录类型 1 手机号登录 2 账号登录
@@ -16,6 +16,8 @@ public class LoginRequest : ApiRequest
         public int LoginType { get; set; }
         public string Account { get; set; }
         public string Password { get; set; }
+        public string AppName { get; set; }
+        public string Device { get; set; }
     }
 
     public class LoginRequestValidator : AbstractValidator<LoginRequest>

performance/Performance.DtoModels/Request/ModItemRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class ModItemRequest : ApiRequest
+    public class ModItemRequest
     {
         /// <summary>
         /// 
@@ -24,7 +24,7 @@ public class ModItemRequest : ApiRequest
     }
 
 
-    public class ItemListRequest : ApiRequest
+    public class ItemListRequest
     {
         /// <summary> 方案Id </summary>
         public Nullable<int> ModuleId { get; set; }

performance/Performance.DtoModels/Request/ModModuleRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class ModModuleRequest : ApiRequest
+    public class ModModuleRequest
     {
         /// <summary> 绩效模块Id </summary>
         public Nullable<int> ModuleId { get; set; }

performance/Performance.DtoModels/Request/ModSpecialRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class ModSpecialRequest : ApiRequest
+    public class ModSpecialRequest
     {
         /// <summary> 医院Id </summary>
         public Nullable<int> HospitalId { get; set; }
@@ -15,7 +15,7 @@ public class ModSpecialRequest : ApiRequest
     }
 
 
-    public class SpecialListRequest : ApiRequest
+    public class SpecialListRequest
     {
         /// <summary> 医院Id </summary>
         public int HospitalId { get; set; }

performance/Performance.DtoModels/Request/PasswordRequest.cs

@@ -6,7 +6,7 @@
 
 namespace Performance.DtoModels
 {
-    public class PasswordRequest : ApiRequest
+    public class PasswordRequest
     {
         /// <summary>
         /// 原始密码

performance/Performance.DtoModels/Request/PositionRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class PositionRequest : ApiRequest
+    public class PositionRequest
     {
         public int ID { get; set; }
 

performance/Performance.DtoModels/Request/ReportRequest.cs

@@ -5,7 +5,7 @@
 
 namespace Performance.DtoModels
 {
-    public class ReportRequest : ApiRequest
+    public class ReportRequest
     {
         public int HospitalId { get; set; }
 

performance/Performance.DtoModels/Request/SetDepartmentRequest.cs

@@ -8,7 +8,7 @@ namespace Performance.DtoModels
     /// <summary>
     /// 登录请求
     /// </summary>
-    public class SetDepartmentRequest : ApiRequest
+    public class SetDepartmentRequest
     {
         public int HospitalID { get; set; }
     }

performance/Performance.DtoModels/Request/SheetExportRequest.cs

@@ -8,7 +8,7 @@ namespace Performance.DtoModels
     /// <summary>
     /// sheet数据详情请求
     /// </summary>
-    public class SheetExportRequest : ApiRequest
+    public class SheetExportRequest
     {
         public int SheetID { get; set; }
 

performance/Performance.DtoModels/Request/SheetRequest.cs

@@ -8,7 +8,7 @@ namespace Performance.DtoModels
     /// <summary>
     /// sheet页列表请求
     /// </summary>
-    public class SheetRequest : ApiRequest
+    public class SheetRequest
     {
         public int AllotID { get; set; }
 

performance/Performance.DtoModels/Request/SmsCodeRequest.cs

@@ -6,7 +6,7 @@
 
 namespace Performance.DtoModels.Request
 {
-    public class SmsCodeRequest : ApiRequest
+    public class SmsCodeRequest
     {
         /// <summary>
         /// 短信验证类型 1 手机号登录 2 其他

performance/Performance.DtoModels/Request/UserRequest.cs

@@ -6,7 +6,7 @@
 
 namespace Performance.DtoModels
 {
-    public class UserRequest : ApiRequest
+    public class UserRequest
     {
         public int ID { get; set; }
         /// <summary>

performance/Performance.DtoModels/Request/WorkyearRequest.cs

@@ -6,7 +6,7 @@
 namespace Performance.DtoModels
 {
 
-    public class WorkyearRequest : ApiRequest
+    public class WorkyearRequest 
     {
         public int ID { get; set; }
 

performance/Performance.EntityModels/Performance.EntityModels.csproj

@@ -4,6 +4,11 @@
     <TargetFramework>netstandard2.0</TargetFramework>
   </PropertyGroup>
 
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
+    <DocumentationFile>..\Performance.Api\wwwroot\Performance.EntityModels.xml</DocumentationFile>
+    <NoWarn>1701;1702;1591</NoWarn>
+  </PropertyGroup>
+
   <ItemGroup>
     <Compile Remove="T4Template\**" />
     <EmbeddedResource Remove="T4Template\**" />

performance/Performance.Extract.Api/Controllers/ModExtractController.cs

-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using FluentValidation.AspNetCore;
+using FluentValidation.AspNetCore;
 using Microsoft.AspNetCore.Mvc;
 using Performance.DtoModels;
 using Performance.Services;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
 
 namespace Performance.Extract.Api.Controllers
 {
@@ -39,7 +39,7 @@ public ApiResponse Extract([CustomizeValidator(RuleSet = "Query"), FromBody]ModM
         /// <returns></returns>
         [Route("type")]
         [HttpPost]
-        public ApiResponse FeeType([FromBody]ApiRequest request)
+        public ApiResponse FeeType()
         {
             var list = modExtractService.FeeType();
             return new ApiResponse(ResponseType.OK, list);

performance/Performance.Services/AgainAllotService.cs

@@ -15,6 +15,7 @@ public class AgainAllotService : IAutoInjection
     {
         private Application application;
         private AgainService againService;
+        private RoleService roleService;
         private ConfigService configService;
         private PerforCofagainRepository perforCofagainRepository;
         private PerforPeragainallotRepository perforPeragainallotRepository;
@@ -30,6 +31,7 @@ public class AgainAllotService : IAutoInjection
         private PerforAgheaderRepository perforAgheaderRepository;
 
         public AgainAllotService(IOptions<Application> options, AgainService againService,
+            RoleService roleService,
             PerforCofagainRepository perforCofagainRepository,
             PerforPeragainallotRepository perforPeragainallotRepository,
             PerforResaccountdoctorRepository perforResaccountdoctorRepository,
@@ -45,6 +47,7 @@ public class AgainAllotService : IAutoInjection
         {
             this.application = options.Value;
             this.againService = againService;
+            this.roleService = roleService;
             this.perforCofagainRepository = perforCofagainRepository;
             this.perforPeragainallotRepository = perforPeragainallotRepository;
             this.perforResaccountdoctorRepository = perforResaccountdoctorRepository;
@@ -65,12 +68,14 @@ public class AgainAllotService : IAutoInjection
         /// 生成二次绩效
         /// </summary>
         /// <param name="request"></param>
-        public bool Generate(AgainAllotRequest request, UserIdentity user)
+        public bool Generate(AgainAllotRequest request, int userId, string department)
         {
             var againAllot = perforPeragainallotRepository.GetEntity(t => t.ID == request.AgainAllotID);
             if (againAllot == null || againAllot.ID == 0)
                 throw new PerformanceException("绩效二次分配不存在");
 
+            var roles = roleService.GetRole(userId);
+
             perforPeragainallotRepository.Update(againAllot, p => { p.States = 2; });
 
             //清理二次绩效无用数据
@@ -86,15 +91,15 @@ public bool Generate(AgainAllotRequest request, UserIdentity user)
 
                 decimal? basicnumber = 0m;
                 //获取科室实发绩效
-                if (user.Role != null)
+                if (roles != null)
                 {
-                    var role = user.Role.FirstOrDefault();
+                    var role = roles.FirstOrDefault();
                     if (role != null)
                     {
-                        if (application.NurseRole == role.RoleID)
-                            basicnumber = perforResaccountnurseRepository.GetEntity(t => t.AllotID == againAllot.AllotID && t.AccountingUnit == user.Department)?.RealGiveFee;
-                        else if (application.DirectorRole == role.RoleID)
-                            basicnumber = perforResaccountdoctorRepository.GetEntity(t => t.AllotID == againAllot.AllotID && t.AccountingUnit == user.Department)?.RealGiveFee;
+                        if (application.NurseRole == role.ID)
+                            basicnumber = perforResaccountnurseRepository.GetEntity(t => t.AllotID == againAllot.AllotID && t.AccountingUnit == department)?.RealGiveFee;
+                        else if (application.DirectorRole == role.ID)
+                            basicnumber = perforResaccountdoctorRepository.GetEntity(t => t.AllotID == againAllot.AllotID && t.AccountingUnit == department)?.RealGiveFee;
                     }
                 }
                 #endregion
@@ -302,7 +307,7 @@ public bool Generate(AgainAllotRequest request, UserIdentity user)
         /// <param name="request"></param>
         /// <param name="user"></param>
         /// <returns></returns>
-        public (SheetExportResponse SheetExport, PerAgainSituation AgainSituation) Detail(AgainAllotRequest request, UserIdentity user)
+        public (SheetExportResponse SheetExport, PerAgainSituation AgainSituation) Detail(AgainAllotRequest request)
         {
             var againAllot = perforPeragainallotRepository.GetEntity(t => t.ID == request.AgainAllotID);
             if (againAllot == null || againAllot.ID == 0)

performance/Performance.Services/ComputeService.cs

@@ -272,15 +272,15 @@ public res_compute GetComputeSingle(int computeid)
         /// <param name="id"></param>
         /// <param name="score"></param>
         /// <returns></returns>
-        public res_compute UpdateRealfee(ComputerRequest request, UserIdentity user)
+        public res_compute UpdateRealfee(ComputerRequest request, int userId, string realName)
         {
             var compute = _perforRescomputeRepository.GetEntity(t => t.ID == request.ComputeId);
             var log = JsonHelper.Deserialize<List<ChangeLog>>(compute.ChangeLog);
             log = log ?? new List<ChangeLog>();
             log.Add(new ChangeLog
             {
-                uid = user.UserID,
-                user = user.RealName,
+                uid = userId,
+                user = realName,
                 date = DateTime.Now,
                 value = compute.RealGiveFee
             });

performance/Performance.Services/RoleService.cs

@@ -28,6 +28,18 @@ public class RoleService : IAutoInjection
         /// <returns></returns>
         public List<RoleResponse> GetUserRole(int userid)
         { 
+            var roles = GetRole(userid);
+            return Mapper.Map<List<RoleResponse>>(roles);
+        }
+
+
+        /// <summary>
+        /// 获取用户角色
+        /// </summary>
+        /// <param name="userid"></param>
+        /// <returns></returns>
+        public List<sys_role> GetRole(int userid)
+        {
             if (userid <= 0)
                 throw new PerformanceException($"userid：{userid} 错误");
 
@@ -37,7 +49,7 @@ public List<RoleResponse> GetUserRole(int userid)
 
             var roles = _roleRepository.GetEntities(t => joinList.Select(j => j.RoleID).Contains(t.ID));
 
-            return Mapper.Map<List<RoleResponse>>(roles);
+            return roles;
         }
     }
 }

performance/Performance.Services/UserService.cs

@@ -82,6 +82,15 @@ public UserIdentity Login(LoginRequest request)
             throw new PerformanceException($"登录类型LoginType：{request.LoginType}暂不支持");
         }
 
+        public UserIdentity GetUser(int userId)
+        {
+            var user = _userRepository.GetEntity(t => t.ID == userId);
+            if (user == null)
+                throw new PerformanceException("用户信息查询失败");
+
+            return Mapper.Map<UserIdentity>(user);
+        }
+
         /// <summary>
         /// 查询用户列表
         /// </summary>