Add authentication methods to access protected resources #15

Merged
Wesser merged 13 commits from feat/auth into release/v1.0.0 2024-06-28 23:14:18 +03:00
Showing only changes of commit 41b5bb571b - Show all commits

View File

@ -60,6 +60,12 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
[ApiExplorerSettings(IgnoreApi = true)]
public void OnActionExecuted(ActionExecutedContext context) { }
/// <summary>
/// Handles user authentication by verifying the username/email and password,
/// then generating and returning an authentication token if successful.
/// </summary>
/// <param name="request">The login request containing the username/email and password.</param>
/// <returns>A TokenResponse containing the access token and its expiry if successful, otherwise an Unauthorized response.</returns>
[HttpPost("Login")]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
public async Task<ActionResult<TokenResponse>> Login([FromBody] LoginRequest request)
@ -87,6 +93,10 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
});
}
/// <summary>
/// Refreshes the authentication token using the existing refresh token.
/// </summary>
/// <returns>A TokenResponse containing the new access token and its expiry if successful, otherwise an Unauthorized response.</returns>
[HttpGet("ReLogin")]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
public async Task<ActionResult<TokenResponse>> ReLogin()
@ -120,6 +130,10 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
}
}
/// <summary>
/// Logs the user out by clearing the refresh token and performing any necessary cleanup.
/// </summary>
/// <returns>An Ok response if the logout was successful.</returns>
[HttpGet("Logout")]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[Authorize]
@ -133,6 +147,10 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
return Ok();
}
/// <summary>
/// Retrieves the role of the authenticated user.
/// </summary>
/// <returns>The role of the authenticated user.</returns>
[HttpGet("GetRole")]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[Authorize]