74 lines
2.5 KiB
C#
74 lines
2.5 KiB
C#
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using UniVerse.Application.DTOs.Auth;
|
|
using UniVerse.Application.Interfaces;
|
|
using System.Security.Claims;
|
|
|
|
namespace UniVerse.Api.Controllers;
|
|
|
|
[ApiController]
|
|
[Route("api/v1/auth")]
|
|
public class AuthController : ControllerBase
|
|
{
|
|
private readonly IAuthService _auth;
|
|
public AuthController(IAuthService auth) => _auth = auth;
|
|
|
|
[HttpPost("login/microsoft")]
|
|
public async Task<ActionResult<AuthResponse>> LoginMicrosoft([FromBody] LoginMicrosoftRequest request)
|
|
{
|
|
var result = await _auth.LoginWithMicrosoftAsync(request.AuthorizationCode);
|
|
SetRefreshTokenCookie(result.RefreshToken);
|
|
return Ok(result.Response);
|
|
}
|
|
|
|
[HttpPost("login/dev")]
|
|
public async Task<ActionResult<AuthResponse>> DevLogin([FromBody] DevLoginRequest request)
|
|
{
|
|
if (!HttpContext.RequestServices.GetRequiredService<IWebHostEnvironment>().IsDevelopment())
|
|
return NotFound();
|
|
var result = await _auth.DevLoginAsync(request.Email, request.DisplayName, request.Role);
|
|
SetRefreshTokenCookie(result.RefreshToken);
|
|
return Ok(result.Response);
|
|
}
|
|
|
|
[HttpPost("refresh")]
|
|
public async Task<ActionResult<AuthResponse>> Refresh()
|
|
{
|
|
var refreshToken = Request.Cookies["refreshToken"];
|
|
if (string.IsNullOrEmpty(refreshToken)) return Unauthorized();
|
|
var result = await _auth.RefreshTokenAsync(refreshToken);
|
|
SetRefreshTokenCookie(result.RefreshToken);
|
|
return Ok(result.Response);
|
|
}
|
|
|
|
[Authorize]
|
|
[HttpPost("logout")]
|
|
public async Task<IActionResult> Logout()
|
|
{
|
|
var refreshToken = Request.Cookies["refreshToken"];
|
|
if (!string.IsNullOrEmpty(refreshToken))
|
|
await _auth.RevokeRefreshTokenAsync(refreshToken);
|
|
Response.Cookies.Delete("refreshToken");
|
|
return NoContent();
|
|
}
|
|
|
|
[Authorize]
|
|
[HttpGet("me")]
|
|
public async Task<ActionResult> Me()
|
|
{
|
|
var userId = int.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier)
|
|
?? User.FindFirstValue("sub") ?? "0");
|
|
var user = await _auth.GetCurrentUserAsync(userId);
|
|
return Ok(user);
|
|
}
|
|
|
|
private void SetRefreshTokenCookie(string token)
|
|
{
|
|
Response.Cookies.Append("refreshToken", token, new CookieOptions
|
|
{
|
|
HttpOnly = true, Secure = true, SameSite = SameSiteMode.Strict,
|
|
Expires = DateTime.UtcNow.AddDays(30)
|
|
});
|
|
}
|
|
}
|