101 lines
3.6 KiB
C#
101 lines
3.6 KiB
C#
using System.Security.Claims;
|
|
using MealPlan.Api.DTOs.Auth;
|
|
using MealPlan.Api.Services;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.AspNetCore.RateLimiting;
|
|
|
|
namespace MealPlan.Api.Controllers;
|
|
|
|
[ApiController]
|
|
[Route("api/auth")]
|
|
public class AuthController : ControllerBase
|
|
{
|
|
private readonly IAuthService _authService;
|
|
|
|
public AuthController(IAuthService authService) => _authService = authService;
|
|
|
|
/// <summary>Creates a new user account and returns an access + refresh token pair.</summary>
|
|
[HttpPost("register")]
|
|
[AllowAnonymous]
|
|
[EnableRateLimiting("login")]
|
|
[ProducesResponseType(typeof(TokenResponseDto), StatusCodes.Status201Created)]
|
|
[ProducesResponseType(StatusCodes.Status400BadRequest)]
|
|
[ProducesResponseType(StatusCodes.Status409Conflict)]
|
|
public async Task<IActionResult> Register([FromBody] RegisterRequestDto request, CancellationToken ct)
|
|
{
|
|
var result = await _authService.RegisterAsync(request, ct);
|
|
if (!result.Succeeded)
|
|
{
|
|
var status = result.Error?.Contains("already exists", StringComparison.OrdinalIgnoreCase) == true
|
|
? StatusCodes.Status409Conflict
|
|
: StatusCodes.Status400BadRequest;
|
|
return StatusCode(status, new { error = result.Error });
|
|
}
|
|
|
|
return StatusCode(StatusCodes.Status201Created, result.Tokens);
|
|
}
|
|
|
|
/// <summary>Authenticates a user and returns an access + refresh token pair.</summary>
|
|
[HttpPost("login")]
|
|
[AllowAnonymous]
|
|
[EnableRateLimiting("login")]
|
|
[ProducesResponseType(typeof(TokenResponseDto), StatusCodes.Status200OK)]
|
|
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
|
public async Task<IActionResult> Login([FromBody] LoginRequestDto request, CancellationToken ct)
|
|
{
|
|
var result = await _authService.LoginAsync(request, ct);
|
|
if (!result.Succeeded)
|
|
{
|
|
return Unauthorized(new { error = result.Error });
|
|
}
|
|
|
|
return Ok(result.Tokens);
|
|
}
|
|
|
|
/// <summary>Rotates a refresh token and issues a fresh token pair.</summary>
|
|
[HttpPost("refresh")]
|
|
[AllowAnonymous]
|
|
[ProducesResponseType(typeof(TokenResponseDto), StatusCodes.Status200OK)]
|
|
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
|
public async Task<IActionResult> Refresh([FromBody] RefreshRequestDto request, CancellationToken ct)
|
|
{
|
|
var result = await _authService.RefreshAsync(request.RefreshToken, ct);
|
|
if (!result.Succeeded)
|
|
{
|
|
return Unauthorized(new { error = result.Error });
|
|
}
|
|
|
|
return Ok(result.Tokens);
|
|
}
|
|
|
|
/// <summary>Revokes the supplied refresh token. Always returns 204.</summary>
|
|
[HttpPost("logout")]
|
|
[AllowAnonymous]
|
|
[ProducesResponseType(StatusCodes.Status204NoContent)]
|
|
public IActionResult Logout([FromBody] RefreshRequestDto request)
|
|
{
|
|
_authService.Logout(request.RefreshToken);
|
|
return NoContent();
|
|
}
|
|
|
|
/// <summary>Returns the currently authenticated user's profile.</summary>
|
|
[HttpGet("me")]
|
|
[Authorize]
|
|
[ProducesResponseType(typeof(UserInfoDto), StatusCodes.Status200OK)]
|
|
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
|
public async Task<IActionResult> Me(CancellationToken ct)
|
|
{
|
|
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier)
|
|
?? User.FindFirstValue("sub");
|
|
|
|
if (string.IsNullOrEmpty(userId))
|
|
{
|
|
return Unauthorized();
|
|
}
|
|
|
|
var info = await _authService.GetUserInfoAsync(userId, ct);
|
|
return info is null ? Unauthorized() : Ok(info);
|
|
}
|
|
}
|