feat(auth): extend LoginResponse with username + mustChangePassword + ultimoLogin [UDT-008]

2026-04-15 17:39:48 -03:00
parent d1f7b3805b
commit 9dcd63543e
9 changed files with 312 additions and 9 deletions
--- a/src/api/SIGCM2.Infrastructure/Persistence/UsuarioRepository.cs
+++ b/src/api/SIGCM2.Infrastructure/Persistence/UsuarioRepository.cs
@@ -1,5 +1,7 @@
+using System.Text;
 using Dapper;
 using SIGCM2.Application.Abstractions.Persistence;
+using SIGCM2.Application.Common;
 using SIGCM2.Domain.Entities;

 namespace SIGCM2.Infrastructure.Persistence;
@@ -19,7 +21,8 @@ public sealed class UsuarioRepository : IUsuarioRepository
            SELECT
                Id, Username, PasswordHash,
                Nombre, Apellido, Email,
-                Rol, PermisosJson, Activo
+                Rol, PermisosJson, Activo,
+                FechaModificacion, UltimoLogin, MustChangePassword
            FROM dbo.Usuario
            WHERE Username = @Username
              AND Activo = 1
@@ -41,7 +44,8 @@ public sealed class UsuarioRepository : IUsuarioRepository
            SELECT
                Id, Username, PasswordHash,
                Nombre, Apellido, Email,
-                Rol, PermisosJson, Activo
+                Rol, PermisosJson, Activo,
+                FechaModificacion, UltimoLogin, MustChangePassword
            FROM dbo.Usuario
            WHERE Id = @Id
            """;
@@ -94,6 +98,136 @@ public sealed class UsuarioRepository : IUsuarioRepository
        return id;
    }

+    // UDT-008 ─────────────────────────────────────────────────────────────────
+
+    public async Task UpdateUltimoLoginAsync(int id, DateTime utcNow, CancellationToken ct = default)
+    {
+        const string sql = """
+            UPDATE dbo.Usuario SET UltimoLogin = @Utc WHERE Id = @Id
+            """;
+
+        await using var connection = _connectionFactory.CreateConnection();
+        await connection.OpenAsync(ct);
+        await connection.ExecuteAsync(sql, new { Utc = utcNow, Id = id });
+    }
+
+    public async Task<PagedResult<UsuarioListItem>> GetPagedAsync(UsuariosQuery query, CancellationToken ct = default)
+    {
+        // Clamp paging params
+        var page = Math.Max(1, query.Page);
+        var pageSize = Math.Clamp(query.PageSize, 1, 100);
+        var offset = (page - 1) * pageSize;
+
+        var where = new StringBuilder("WHERE 1=1");
+        var parameters = new DynamicParameters();
+        parameters.Add("PageSize", pageSize);
+        parameters.Add("Offset", offset);
+
+        if (!string.IsNullOrWhiteSpace(query.Rol))
+        {
+            where.Append(" AND Rol = @Rol");
+            parameters.Add("Rol", query.Rol);
+        }
+
+        if (query.Activo.HasValue)
+        {
+            where.Append(" AND Activo = @Activo");
+            parameters.Add("Activo", query.Activo.Value ? 1 : 0);
+        }
+
+        if (!string.IsNullOrWhiteSpace(query.Search))
+        {
+            where.Append(" AND (Username LIKE @Search OR Nombre LIKE @Search OR Apellido LIKE @Search OR Email LIKE @Search)");
+            parameters.Add("Search", $"%{query.Search}%");
+        }
+
+        var sql = $"""
+            SELECT
+                Id, Username, Nombre, Apellido, Email, Rol, Activo, UltimoLogin, FechaModificacion,
+                COUNT(*) OVER() AS TotalCount
+            FROM dbo.Usuario
+            {where}
+            ORDER BY Username
+            OFFSET @Offset ROWS FETCH NEXT @PageSize ROWS ONLY
+            """;
+
+        await using var connection = _connectionFactory.CreateConnection();
+        await connection.OpenAsync(ct);
+
+        var rows = await connection.QueryAsync<UsuarioPagedRow>(sql, parameters);
+        var list = rows.ToList();
+
+        var total = list.Count > 0 ? list[0].TotalCount : 0;
+        var items = list.Select(r => new UsuarioListItem(
+            r.Id, r.Username, r.Nombre, r.Apellido, r.Email, r.Rol, r.Activo, r.UltimoLogin, r.FechaModificacion
+        )).ToList();
+
+        return new PagedResult<UsuarioListItem>(items, page, pageSize, total);
+    }
+
+    public async Task<Usuario?> GetDetailAsync(int id, CancellationToken ct = default)
+        => await GetByIdAsync(id, ct);
+
+    public async Task UpdateAsync(int id, UpdateUsuarioFields fields, DateTime fechaModificacion, CancellationToken ct = default)
+    {
+        const string sql = """
+            UPDATE dbo.Usuario
+            SET Nombre            = @Nombre,
+                Apellido          = @Apellido,
+                Email             = @Email,
+                Rol               = @Rol,
+                Activo            = @Activo,
+                FechaModificacion = @FechaModificacion
+            WHERE Id = @Id
+            """;
+
+        await using var connection = _connectionFactory.CreateConnection();
+        await connection.OpenAsync(ct);
+        await connection.ExecuteAsync(sql, new
+        {
+            fields.Nombre,
+            fields.Apellido,
+            fields.Email,
+            fields.Rol,
+            fields.Activo,
+            FechaModificacion = fechaModificacion,
+            Id = id
+        });
+    }
+
+    public async Task UpdatePasswordAsync(int id, string passwordHash, bool mustChangePassword, CancellationToken ct = default)
+    {
+        const string sql = """
+            UPDATE dbo.Usuario
+            SET PasswordHash      = @PasswordHash,
+                MustChangePassword = @MustChangePassword,
+                FechaModificacion  = SYSUTCDATETIME()
+            WHERE Id = @Id
+            """;
+
+        await using var connection = _connectionFactory.CreateConnection();
+        await connection.OpenAsync(ct);
+        await connection.ExecuteAsync(sql, new
+        {
+            PasswordHash = passwordHash,
+            MustChangePassword = mustChangePassword ? 1 : 0,
+            Id = id
+        });
+    }
+
+    public async Task<int> CountActiveAdminsAsync(CancellationToken ct = default)
+    {
+        const string sql = """
+            SELECT COUNT(1) FROM dbo.Usuario WITH (NOLOCK) WHERE Activo = 1 AND Rol = 'admin'
+            """;
+
+        await using var connection = _connectionFactory.CreateConnection();
+        await connection.OpenAsync(ct);
+        return await connection.ExecuteScalarAsync<int>(sql);
+    }
+
+    // ── mapping ───────────────────────────────────────────────────────────────
+
    private static Usuario MapRow(UsuarioRow row)
        => new(
            id: row.Id,
@@ -104,7 +238,10 @@ public sealed class UsuarioRepository : IUsuarioRepository
            email: row.Email,
            rol: row.Rol,
            permisosJson: row.PermisosJson,
-            activo: row.Activo
+            activo: row.Activo,
+            fechaModificacion: row.FechaModificacion,
+            ultimoLogin: row.UltimoLogin,
+            mustChangePassword: row.MustChangePassword
        );

    // Flat DTO for Dapper mapping (avoids polluting domain entity with Dapper attributes)
@@ -117,6 +254,22 @@ public sealed class UsuarioRepository : IUsuarioRepository
        string? Email,
        string Rol,
        string PermisosJson,
-        bool Activo
+        bool Activo,
+        DateTime? FechaModificacion,
+        DateTime? UltimoLogin,
+        bool MustChangePassword
+    );
+
+    private sealed record UsuarioPagedRow(
+        int Id,
+        string Username,
+        string Nombre,
+        string Apellido,
+        string? Email,
+        string Rol,
+        bool Activo,
+        DateTime? UltimoLogin,
+        DateTime? FechaModificacion,
+        int TotalCount
    );
 }