docs: add xml comments

Endpoint/Controllers/V1/AuthController.cs

@@ -60,6 +60,12 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
     [ApiExplorerSettings(IgnoreApi = true)]
     public void OnActionExecuted(ActionExecutedContext context) { }
 
+    /// <summary>
+    /// Handles user authentication by verifying the username/email and password, 
+    /// then generating and returning an authentication token if successful.
+    /// </summary>
+    /// <param name="request">The login request containing the username/email and password.</param>
+    /// <returns>A TokenResponse containing the access token and its expiry if successful, otherwise an Unauthorized response.</returns>
     [HttpPost("Login")]
     [ProducesResponseType(StatusCodes.Status401Unauthorized)]
     public async Task<ActionResult<TokenResponse>> Login([FromBody] LoginRequest request)
@@ -87,6 +93,10 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
         });
     }
 
+    /// <summary>
+    /// Refreshes the authentication token using the existing refresh token.
+    /// </summary>
+    /// <returns>A TokenResponse containing the new access token and its expiry if successful, otherwise an Unauthorized response.</returns>
     [HttpGet("ReLogin")]
     [ProducesResponseType(StatusCodes.Status401Unauthorized)]
     public async Task<ActionResult<TokenResponse>> ReLogin()
@@ -120,6 +130,10 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
         }
     }
 
+    /// <summary>
+    /// Logs the user out by clearing the refresh token and performing any necessary cleanup.
+    /// </summary>
+    /// <returns>An Ok response if the logout was successful.</returns>
     [HttpGet("Logout")]
     [ProducesResponseType(StatusCodes.Status401Unauthorized)]
     [Authorize]
@@ -133,6 +147,10 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
         return Ok();
     }
 
+    /// <summary>
+    /// Retrieves the role of the authenticated user.
+    /// </summary>
+    /// <returns>The role of the authenticated user.</returns>
     [HttpGet("GetRole")]
     [ProducesResponseType(StatusCodes.Status401Unauthorized)]
     [Authorize]

Endpoint/Program.cs

@@ -6,6 +6,7 @@ using Mirea.Api.DataAccess.Application;
 using Mirea.Api.DataAccess.Persistence;
 using Mirea.Api.DataAccess.Persistence.Common;
 using Mirea.Api.Endpoint.Common.Interfaces;
+using Mirea.Api.Endpoint.Common.Model;
 using Mirea.Api.Endpoint.Common.Services;
 using Mirea.Api.Endpoint.Configuration.AppConfig;
 using Mirea.Api.Endpoint.Configuration.General;
@@ -37,6 +38,8 @@ public class Program
         builder.Configuration.AddConfiguration(EnvironmentConfiguration.GetEnvironment());
         builder.Configuration.AddJsonFile(PathBuilder.Combine(GeneralConfig.FilePath), optional: true, reloadOnChange: true);
         builder.Services.Configure<GeneralConfig>(builder.Configuration);
+        builder.Configuration.AddJsonFile(PathBuilder.Combine(Admin.PathToSave), optional: true, reloadOnChange: true);
+        builder.Services.Configure<Admin>(builder.Configuration);
 
         builder.Host.AddCustomSerilog();
         AddDatabase(builder.Services, builder.Configuration);

Security/Services/AuthService.cs

@@ -81,14 +81,18 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
         var (token, expireIn) = GenerateAccessToken(authToken.UserId);
         await RevokeAccessToken(authToken.AccessToken);
 
+        var newRefreshToken = GenerateRefreshToken();
+
         authToken.AccessToken = token;
+        authToken.RefreshToken = newRefreshToken;
+
         await SetAuthTokenDataToCache(request.Fingerprint, authToken, cancellation);
 
         return new AuthTokenResponse
         {
             AccessToken = token,
             AccessExpiresIn = expireIn,
-            RefreshToken = GenerateRefreshToken(),
+            RefreshToken = newRefreshToken,
             RefreshExpiresIn = DateTime.UtcNow.Add(Lifetime)
         };
     }