Controller 是 API 的入口,理论上应该只做三件事:接收请求、调用下层、返回响应。但在实际项目中,不少开发者会把用户校验、金额判断、业务限制条件直接写进 Controller Action,久而久之就成了所谓的"胖 Controller"。这不只是代码整洁的问题。业务规则一旦耦合进 Controller,测试就得通过 HTTP 请求来驱动,需求变更时要在 Controller 里翻来覆去地找条件分支,多个接口复用同一段逻辑也变得困难。本文展示如何识别问题并系统地解决它。胖 Controller 长什么样以一个电商下单场景为例,来看一段典型的"胖"实现:using System; using Microsoft.AspNetCore.Mvc; namespace EcCommerce.Controllers; [ApiController] [Route("api/[controller]")] public class OrdersController : ControllerBase { private readonly ApplicationDbContext _context; public OrdersController(ApplicationDbContext context) { _context = context; } [HttpPost] public async TaskIActionResult CreateOrder(CreateOrderRequest request) { var user = await _context.Users .Include(u = u.Orders) .FirstOrDefaultAsync(u = u.Id == request.UserId); if (user == null) return NotFound("User not found"); if (!user.IsActive) return BadRequest("User is not active"); if (request.TotalAmount = 0) return BadRequest("Invalid order amount"); var todayOrdersCount = user.Orders .Count(o = o.CreatedAt.Date == DateTime.UtcNow.Date); if (todayOrdersCount = 5) return BadRequest("Daily or