Add authentication methods to access protected resources #15
@ -60,6 +60,12 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
|
||||
[ApiExplorerSettings(IgnoreApi = true)]
|
||||
public void OnActionExecuted(ActionExecutedContext context) { }
|
||||
|
||||
/// <summary>
|
||||
/// Handles user authentication by verifying the username/email and password,
|
||||
/// then generating and returning an authentication token if successful.
|
||||
/// </summary>
|
||||
/// <param name="request">The login request containing the username/email and password.</param>
|
||||
/// <returns>A TokenResponse containing the access token and its expiry if successful, otherwise an Unauthorized response.</returns>
|
||||
[HttpPost("Login")]
|
||||
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
||||
public async Task<ActionResult<TokenResponse>> Login([FromBody] LoginRequest request)
|
||||
@ -87,6 +93,10 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
|
||||
});
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Refreshes the authentication token using the existing refresh token.
|
||||
/// </summary>
|
||||
/// <returns>A TokenResponse containing the new access token and its expiry if successful, otherwise an Unauthorized response.</returns>
|
||||
[HttpGet("ReLogin")]
|
||||
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
||||
public async Task<ActionResult<TokenResponse>> ReLogin()
|
||||
@ -120,6 +130,10 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Logs the user out by clearing the refresh token and performing any necessary cleanup.
|
||||
/// </summary>
|
||||
/// <returns>An Ok response if the logout was successful.</returns>
|
||||
[HttpGet("Logout")]
|
||||
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
||||
[Authorize]
|
||||
@ -133,6 +147,10 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
|
||||
return Ok();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Retrieves the role of the authenticated user.
|
||||
/// </summary>
|
||||
/// <returns>The role of the authenticated user.</returns>
|
||||
[HttpGet("GetRole")]
|
||||
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
||||
[Authorize]
|
||||
|
Loading…
Reference in New Issue
Block a user