Initial commit: HealthManager full-stack health management platform

Backend: .NET 10 + PostgreSQL + EF Core + JWT + SignalR Frontend patient: React 19 + TypeScript + Vite (mobile H5) Frontend doctor: React 19 + TypeScript + Vite (desktop web)
2026-05-20 16:18:56 +08:00
commit 435af55c4a
215 changed files with 18595 additions and 0 deletions
--- a/backend/src/HealthManager.WebApi/Controllers/AuthController.cs
+++ b/backend/src/HealthManager.WebApi/Controllers/AuthController.cs
@@ -0,0 +1,120 @@
+using System.Security.Claims;
+using HealthManager.Application.DTOs.Auth;
+using HealthManager.Domain.Interfaces;
+using HealthManager.Application.Services;
+using HealthManager.Domain.Entities;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace HealthManager.WebApi.Controllers;
+
+[ApiController]
+[Route("api/auth")]
+public class AuthController(
+    AuthService authService,
+    IJwtProvider jwtProvider) : ControllerBase
+{
+    [HttpPost("send-sms")]
+    public IActionResult SendSms([FromBody] SendSmsRequest request)
+    {
+        // Demo: always succeed
+        return Ok(new { message = "验证码已发送" });
+    }
+
+    [HttpPost("login")]
+    public async Task<IActionResult> Login([FromBody] LoginRequest request)
+    {
+        var user = await authService.GetUserByPhoneAsync(request.Phone);
+        if (user == null)
+            return Unauthorized(new { message = "用户不存在" });
+
+        // Demo: accept any SMS code
+        var accessToken = jwtProvider.GenerateAccessToken(user.Id, user.Name, user.Role);
+        var refreshToken = jwtProvider.GenerateRefreshToken();
+        await authService.SaveRefreshTokenAsync(user.Id, refreshToken, DateTime.UtcNow.AddDays(7));
+
+        return Ok(new AuthResponse(user.Id, user.Name, user.Role, accessToken, refreshToken));
+    }
+
+    [HttpPost("register")]
+    public async Task<IActionResult> Register([FromBody] RegisterRequest request)
+    {
+        var existing = await authService.GetUserByPhoneAsync(request.Phone);
+        if (existing != null)
+            return Conflict(new { message = "该手机号已注册" });
+
+        var user = new User
+        {
+            Phone = request.Phone,
+            Name = request.Name,
+            Role = "patient",
+            PasswordHash = AuthService.HashPassword("demo123"),
+        };
+
+        // Access DbContext via DI
+        var db = HttpContext.RequestServices.GetRequiredService<Infrastructure.Data.AppDbContext>();
+        db.Users.Add(user);
+        await db.SaveChangesAsync();
+
+        var accessToken = jwtProvider.GenerateAccessToken(user.Id, user.Name, user.Role);
+        var refreshToken = jwtProvider.GenerateRefreshToken();
+        await authService.SaveRefreshTokenAsync(user.Id, refreshToken, DateTime.UtcNow.AddDays(7));
+
+        return Ok(new AuthResponse(user.Id, user.Name, user.Role, accessToken, refreshToken));
+    }
+
+    [HttpPost("refresh")]
+    public async Task<IActionResult> RefreshToken([FromBody] RefreshTokenRequest request)
+    {
+        var saved = await authService.GetRefreshTokenAsync(request.RefreshToken);
+        if (saved == null)
+            return Unauthorized(new { message = "无效的刷新令牌" });
+
+        await authService.RevokeRefreshTokenAsync(saved.UserId);
+
+        var accessToken = jwtProvider.GenerateAccessToken(saved.User.Id, saved.User.Name, saved.User.Role);
+        var refreshToken = jwtProvider.GenerateRefreshToken();
+        await authService.SaveRefreshTokenAsync(saved.UserId, refreshToken, DateTime.UtcNow.AddDays(7));
+
+        return Ok(new AuthResponse(saved.User.Id, saved.User.Name, saved.User.Role, accessToken, refreshToken));
+    }
+
+    [HttpGet("me")]
+    [Authorize]
+    public async Task<IActionResult> GetProfile()
+    {
+        var userId = Guid.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier)!);
+        var db = HttpContext.RequestServices.GetRequiredService<Infrastructure.Data.AppDbContext>();
+        var user = await db.Users.FindAsync(userId);
+        if (user == null) return NotFound();
+
+        return Ok(new UserProfileResponse(
+            user.Id, user.Name, user.Phone, user.Role,
+            user.Gender, user.Birthday, user.HeightCm, user.WeightKg,
+            user.MedicalHistory, user.StentDate, user.StentType,
+            user.Department, user.Title, user.Specialty, user.Introduction));
+    }
+
+    [HttpPut("me")]
+    [Authorize]
+    public async Task<IActionResult> UpdateProfile([FromBody] UpdateProfileRequest request)
+    {
+        var userId = Guid.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier)!);
+        var db = HttpContext.RequestServices.GetRequiredService<Infrastructure.Data.AppDbContext>();
+        var user = await db.Users.FindAsync(userId);
+        if (user == null) return NotFound();
+
+        if (request.Name != null) user.Name = request.Name;
+        if (request.Gender != null) user.Gender = request.Gender;
+        if (request.Birthday.HasValue) user.Birthday = request.Birthday;
+        if (request.HeightCm.HasValue) user.HeightCm = request.HeightCm;
+        if (request.WeightKg.HasValue) user.WeightKg = request.WeightKg;
+        if (request.MedicalHistory != null) user.MedicalHistory = request.MedicalHistory;
+        user.UpdatedAt = DateTime.UtcNow;
+
+        await db.SaveChangesAsync();
+        return Ok(new { message = "更新成功" });
+    }
+}
+
+public record RefreshTokenRequest(string RefreshToken);