Merge pull request #836 from Qtoss-AI/master

clean code of sql planner

Author: Oceania2018

src/Infrastructure/BotSharp.Abstraction/Browsing/Models/HttpRequestParams.cs

@@ -1,7 +1,9 @@
+using System.Diagnostics;
 using System.Net.Http;
 
 namespace BotSharp.Abstraction.Browsing.Models;
 
+[DebuggerStepThrough]
 public class HttpRequestParams
 {
     [JsonPropertyName("url")]

src/Infrastructure/BotSharp.Abstraction/Users/IAuthenticationHook.cs

@@ -49,7 +49,7 @@ bool UserAuthenticated(User user, Token token)
     /// </summary>
     /// <param name="user"></param>
     /// <returns></returns>
-    Task VerificationCodeResetPassword(User user);
+    Task SendVerificationCode(User user);
 
     /// <summary>
     /// Delete users

src/Infrastructure/BotSharp.Abstraction/Users/IUserService.cs

@@ -18,12 +18,15 @@ public interface IUserService
     Task<Token?> GetAdminToken(string authorization);
     Task<Token?> GetToken(string authorization);
     Task<Token> CreateTokenByUser(User user);
+    Task<Token> RenewToken();
     Task<User> GetMyProfile();
     Task<bool> VerifyUserNameExisting(string userName);
     Task<bool> VerifyEmailExisting(string email);
     Task<bool> VerifyPhoneExisting(string phone, string regionCode);
-    Task<bool> SendVerificationCodeResetPasswordNoLogin(User user);
-    Task<bool> SendVerificationCodeResetPasswordLogin();
+    Task<User> ResetVerificationCode(User user);
+    Task<bool> SendVerificationCodeNoLogin(User user);
+    Task<bool> SendVerificationCodeLogin();
+    Task<bool> SetUserPassword(User user);
     Task<bool> ResetUserPassword(User user);
     Task<bool> ModifyUserEmail(string email);
     Task<bool> ModifyUserPhone(string phone, string regionCode);

src/Infrastructure/BotSharp.Abstraction/Users/Models/User.cs

@@ -20,6 +20,7 @@ public class User
     public string Type { get; set; } = UserType.Client;
     public string Role { get; set; } = UserRole.User;
     public string? VerificationCode { get; set; }
+    public DateTime? VerificationCodeExpireAt { get; set; }
     public bool Verified { get; set; }
     public string RegionCode { get; set; } = "CN";
     public string? AffiliateId { get; set; }

src/Infrastructure/BotSharp.Core/Users/Services/UserService.cs

@@ -53,14 +53,7 @@ public async Task<User> CreateUser(User user)
             record = db.GetUserByUserName(user.UserName);
         }
 
-        if (record != null && record.Verified)
-        {
-            // account is already activated
-            _logger.LogWarning($"User account already exists: {record.Id} {record.UserName}");
-            return record;
-        }
-
-        if (!string.IsNullOrWhiteSpace(user.Phone))
+        if (record == null && !string.IsNullOrWhiteSpace(user.Phone))
         {
             record = db.GetUserByPhone(user.Phone, regionCode: (string.IsNullOrWhiteSpace(user.RegionCode) ? "CN" : user.RegionCode));
         }
@@ -70,6 +63,13 @@ record = db.GetUserByPhone(user.Phone, regionCode: (string.IsNullOrWhiteSpace(us
             record = db.GetUserByEmail(user.Email);
         }
 
+        if (record != null && record.Verified)
+        {
+            // account is already activated
+            _logger.LogWarning($"User account already exists: {record.Id} {record.UserName}");
+            return record;
+        }
+
         if (record != null)
         {
             hasRegisterId = record.Id;
@@ -94,8 +94,13 @@ record = user;
             //record.Phone = "+" + Regex.Match(user.Phone, @"\d+").Value;
             record.Phone = Regex.Match(user.Phone, @"\d+").Value;
         }
+
         record.Salt = Guid.NewGuid().ToString("N");
-        record.Password = Utilities.HashTextMd5($"{user.Password}{record.Salt}");
+
+        if (!string.IsNullOrWhiteSpace(user.Password))
+        {
+            record.Password = Utilities.HashTextMd5($"{user.Password}{record.Salt}");
+        }
 
         if (_setting.NewUserVerification)
         {
@@ -482,7 +487,7 @@ record = db.GetUserByPhone(id, regionCode: (string.IsNullOrWhiteSpace(model.Regi
             return default;
         }
 
-        if (record.VerificationCode != model.VerificationCode)
+        if (record.VerificationCode != model.VerificationCode || (record.VerificationCodeExpireAt != null && DateTime.UtcNow > record.VerificationCodeExpireAt))
         {
             return default;
         }
@@ -520,6 +525,16 @@ public async Task<Token> CreateTokenByUser(User user)
         return token;
     }
 
+    public async Task<Token> RenewToken()
+    {
+        var newToken = GenerateJwtToken(await GetMyProfile());
+        var newJwt = new JwtSecurityTokenHandler().ReadJwtToken(newToken);
+        Token token = new Token();
+        token.AccessToken = newToken;
+        token.ExpireTime = newJwt.Payload.Exp.Value;
+        return token;
+    }
+
     public async Task<bool> VerifyUserNameExisting(string userName)
     {
         if (string.IsNullOrEmpty(userName))
@@ -572,15 +587,32 @@ public async Task<bool> VerifyPhoneExisting(string phone, string regionCode)
         return false;
     }
 
-    public async Task<bool> SendVerificationCodeResetPasswordNoLogin(User user)
+    public async Task<bool> SendVerificationCodeNoLogin(User user)
     {
-        var db = _services.GetRequiredService<IBotSharpRepository>();
+        User? record = await ResetVerificationCode(user);
 
-        User? record = null;
+        if (record == null)
+        {
+            return false;
+        }
 
+        //send code to user Email.
+        var hooks = _services.GetServices<IAuthenticationHook>();
+        foreach (var hook in hooks)
+        {
+            await hook.SendVerificationCode(record);
+        }
+
+        return true;
+    }
+
+    public async Task<User> ResetVerificationCode(User user)
+    {
+        var db = _services.GetRequiredService<IBotSharpRepository>();
+        User record = null;
         if (!string.IsNullOrEmpty(user.Email) && !string.IsNullOrEmpty(user.Phone))
         {
-            return false;
+            return null;
         }
 
         if (!string.IsNullOrEmpty(user.Phone))
@@ -595,25 +627,18 @@ record = db.GetUserByEmail(user.Email);
 
         if (record == null)
         {
-            return false;
+            return null;
         }
 
         record.VerificationCode = Nanoid.Generate(alphabet: "0123456789", size: 6);
 
         //update current verification code.
         db.UpdateUserVerificationCode(record.Id, record.VerificationCode);
 
-        //send code to user Email.
-        var hooks = _services.GetServices<IAuthenticationHook>();
-        foreach (var hook in hooks)
-        {
-            await hook.VerificationCodeResetPassword(record);
-        }
-
-        return true;
+        return record;
     }
 
-    public async Task<bool> SendVerificationCodeResetPasswordLogin()
+    public async Task<bool> SendVerificationCodeLogin()
     {
         var db = _services.GetRequiredService<IBotSharpRepository>();
 
@@ -638,7 +663,7 @@ record = db.GetUserById(_user.Id);
         var hooks = _services.GetServices<IAuthenticationHook>();
         foreach (var hook in hooks)
         {
-            await hook.VerificationCodeResetPassword(record);
+            await hook.SendVerificationCode(record);
         }
 
         return true;
@@ -669,7 +694,40 @@ record = db.GetUserByPhone(user.Phone, regionCode: (string.IsNullOrWhiteSpace(us
             return false;
         }
 
-        if (user.VerificationCode != record.VerificationCode)
+        if (user.VerificationCode != record.VerificationCode || (record.VerificationCodeExpireAt != null && DateTime.UtcNow > record.VerificationCodeExpireAt))
+        {
+            return false;
+        }
+
+        var newPassword = Utilities.HashTextMd5($"{user.Password}{record.Salt}");
+        db.UpdateUserPassword(record.Id, newPassword);
+        return true;
+    }
+
+    public async Task<bool> SetUserPassword(User user)
+    {
+        if (!string.IsNullOrEmpty(user.Id) && !string.IsNullOrEmpty(user.Email) && !string.IsNullOrEmpty(user.Phone))
+        {
+            return false;
+        }
+        var db = _services.GetRequiredService<IBotSharpRepository>();
+
+        User? record = null;
+
+        if (!string.IsNullOrEmpty(user.Id))
+        {
+            record = db.GetUserById(user.Id);
+        }
+        else if (!string.IsNullOrEmpty(user.Phone))
+        {
+            record = db.GetUserByPhone(user.Phone, regionCode: (string.IsNullOrWhiteSpace(user.RegionCode) ? "CN" : user.RegionCode));
+        }
+        else if (!string.IsNullOrEmpty(user.Email))
+        {
+            record = db.GetUserByEmail(user.Email);
+        }
+
+        if (record == null)
         {
             return false;
         }

src/Infrastructure/BotSharp.OpenAPI/BotSharpOpenApiExtensions.cs

@@ -11,7 +11,6 @@
 using Microsoft.OpenApi.Models;
 using Microsoft.IdentityModel.JsonWebTokens;
 using BotSharp.OpenAPI.BackgroundServices;
-using BotSharp.OpenAPI.Filters;
 
 namespace BotSharp.OpenAPI;
 
@@ -33,15 +32,6 @@ public static IServiceCollection AddBotSharpOpenAPI(this IServiceCollection serv
         services.AddScoped<IUserIdentity, UserIdentity>();
         services.AddHostedService<ConversationTimeoutService>();
 
-        var enableSingleLogin = bool.Parse(config["Jwt:EnableSingleLogin"] ?? "false");
-        if (enableSingleLogin)
-        {
-            services.AddMvc(options =>
-            {
-                options.Filters.Add<UserSingleLoginFilter>();
-            });
-        }
-
         // Add bearer authentication
         var schema = "MIXED_SCHEME";
         var builder = services.AddAuthentication(options =>

src/Infrastructure/BotSharp.OpenAPI/Controllers/UserController.cs

@@ -132,13 +132,13 @@ public async Task<bool> VerifyPhoneExisting([FromQuery] string phone, [FromQuery
     [HttpPost("/user/verifycode-out")]
     public async Task<bool> SendVerificationCodeResetPassword([FromBody] UserCreationModel user)
     {
-        return await _userService.SendVerificationCodeResetPasswordNoLogin(user.ToUser());
+        return await _userService.SendVerificationCodeNoLogin(user.ToUser());
     }
 
     [HttpPost("/user/verifycode-in")]
     public async Task<bool> SendVerificationCodeResetPasswordLogined()
     {
-        return await _userService.SendVerificationCodeResetPasswordLogin();
+        return await _userService.SendVerificationCodeLogin();
     }
 
     [AllowAnonymous]

src/Infrastructure/BotSharp.OpenAPI/Filters/UserSingleLoginFilter.cs

@@ -17,6 +17,7 @@ public class UserDocument : MongoBase
     public string Type { get; set; } = UserType.Client;
     public string Role { get; set; } = null!;
     public string? VerificationCode { get; set; }
+    public DateTime? VerificationCodeExpireAt { get; set; }
     public bool Verified { get; set; }
     public string? RegionCode { get; set; }
     public string? AffiliateId { get; set; }
@@ -48,6 +49,7 @@ public User ToUser()
             EmployeeId = EmployeeId,
             IsDisabled = IsDisabled,
             VerificationCode = VerificationCode,
+            VerificationCodeExpireAt = VerificationCodeExpireAt,
             Verified = Verified,
             RegionCode = RegionCode,
             Permissions = Permissions,

src/Plugins/BotSharp.Plugin.MongoStorage/Collections/UserDocument.cs

@@ -132,6 +132,7 @@ public void UpdateUserVerificationCode(string userId, string verficationCode)
     {
         var filter = Builders<UserDocument>.Filter.Eq(x => x.Id, userId);
         var update = Builders<UserDocument>.Update.Set(x => x.VerificationCode, verficationCode)
+            .Set(x => x.VerificationCodeExpireAt, DateTime.UtcNow.AddMinutes(5))
             .Set(x => x.UpdatedTime, DateTime.UtcNow);
         _dc.Users.UpdateOne(filter, update);
     }