Добавил API проект

backend/UniVerse.Api/Controllers/AuthController.cs

@@ -0,0 +1,71 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using UniVerse.Application.DTOs.Auth;
+using UniVerse.Application.Interfaces;
+using System.Security.Claims;
+
+namespace UniVerse.Api.Controllers;
+
+[ApiController]
+[Route("api/v1/auth")]
+public class AuthController : ControllerBase
+{
+    private readonly IAuthService _auth;
+    public AuthController(IAuthService auth) => _auth = auth;
+
+    [HttpPost("login/microsoft")]
+    public async Task<ActionResult<AuthResponse>> LoginMicrosoft([FromBody] LoginMicrosoftRequest request)
+    {
+        var result = await _auth.LoginWithMicrosoftAsync(request.AuthorizationCode);
+        return Ok(result);
+    }
+
+    [HttpPost("login/dev")]
+    public async Task<ActionResult<AuthResponse>> DevLogin([FromBody] DevLoginRequest request)
+    {
+        if (!HttpContext.RequestServices.GetRequiredService<IWebHostEnvironment>().IsDevelopment())
+            return NotFound();
+        var result = await _auth.DevLoginAsync(request.Email, request.DisplayName, request.Role);
+        SetRefreshTokenCookie(result.AccessToken); // simplified: set cookie logic
+        return Ok(result);
+    }
+
+    [HttpPost("refresh")]
+    public async Task<ActionResult<AuthResponse>> Refresh()
+    {
+        var refreshToken = Request.Cookies["refreshToken"];
+        if (string.IsNullOrEmpty(refreshToken)) return Unauthorized();
+        var result = await _auth.RefreshTokenAsync(refreshToken);
+        return Ok(result);
+    }
+
+    [Authorize]
+    [HttpPost("logout")]
+    public async Task<IActionResult> Logout()
+    {
+        var refreshToken = Request.Cookies["refreshToken"];
+        if (!string.IsNullOrEmpty(refreshToken))
+            await _auth.RevokeRefreshTokenAsync(refreshToken);
+        Response.Cookies.Delete("refreshToken");
+        return NoContent();
+    }
+
+    [Authorize]
+    [HttpGet("me")]
+    public async Task<ActionResult> Me()
+    {
+        var userId = int.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier)
+            ?? User.FindFirstValue("sub") ?? "0");
+        var user = await _auth.GetCurrentUserAsync(userId);
+        return Ok(user);
+    }
+
+    private void SetRefreshTokenCookie(string token)
+    {
+        Response.Cookies.Append("refreshToken", token, new CookieOptions
+        {
+            HttpOnly = true, Secure = true, SameSite = SameSiteMode.Strict,
+            Expires = DateTime.UtcNow.AddDays(30)
+        });
+    }
+}