diff --git a/API/Contracts/Auth/CurrentUserResponse.cs b/API/Contracts/Auth/CurrentUserResponse.cs new file mode 100644 index 0000000..b8c04a9 --- /dev/null +++ b/API/Contracts/Auth/CurrentUserResponse.cs @@ -0,0 +1,11 @@ +namespace API.Contracts.Auth +{ + public class CurrentUserResponse + { + public Guid Id { get; set; } + public string UserName { get; set; } = string.Empty; + public bool IsAdmin { get; set; } + public bool IsActive { get; set; } + public bool MustChangePassword { get; set; } + } +} diff --git a/API/Contracts/Auth/LoginRequest.cs b/API/Contracts/Auth/LoginRequest.cs new file mode 100644 index 0000000..dd6d347 --- /dev/null +++ b/API/Contracts/Auth/LoginRequest.cs @@ -0,0 +1,8 @@ +namespace API.Contracts.Auth +{ + public class LoginRequest + { + public string UserName { get; set; } = string.Empty; + public string Password { get; set; } = string.Empty; + } +} diff --git a/API/Controllers/Auth/AuthController.cs b/API/Controllers/Auth/AuthController.cs new file mode 100644 index 0000000..3e0ce89 --- /dev/null +++ b/API/Controllers/Auth/AuthController.cs @@ -0,0 +1,71 @@ +using API.Contracts.Auth; +using API.Models; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Identity; +using Microsoft.AspNetCore.Mvc; + +namespace API.Controllers.Auth +{ + [ApiController] + [Route("auth")] + public class AuthController( + SignInManager signInManager, + UserManager userManager) + : ControllerBase + { + [HttpPost("login")] + [AllowAnonymous] + public async Task Login([FromBody] LoginRequest request) + { + if (string.IsNullOrWhiteSpace(request.UserName) || string.IsNullOrWhiteSpace(request.Password)) + return BadRequest(new { message = "Benutzername und Passwort sind erforderlich." }); + + var user = await userManager.FindByNameAsync(request.UserName); + if (user is null) + return Unauthorized(new { message = "Ungültige Anmeldedaten." }); + + if (!user.IsActive) + return Forbid(); + + var result = await signInManager.PasswordSignInAsync( + user, + request.Password, + isPersistent: true, + lockoutOnFailure: false); + + if (!result.Succeeded) + return Unauthorized(new { message = "Ungültige Anmeldedaten." }); + + user.UpdatedAt = DateTimeOffset.UtcNow; + await userManager.UpdateAsync(user); + + return Ok(new { message = "Login erfolgreich." }); + } + + [HttpPost("logout")] + [Authorize] + public async Task Logout() + { + await signInManager.SignOutAsync(); + return Ok(new { message = "Logout erfolgreich." }); + } + + [HttpGet("me")] + [Authorize] + public async Task> Me() + { + var user = await userManager.GetUserAsync(User); + if (user is null) + return Unauthorized(); + + return Ok(new CurrentUserResponse + { + Id = user.Id, + UserName = user.UserName ?? string.Empty, + IsAdmin = user.IsAdmin, + IsActive = user.IsActive, + MustChangePassword = user.MustChangePassword + }); + } + } +} diff --git a/API/Services/IdentitySeedService.cs b/API/Services/IdentitySeedService.cs index c179726..e69b52a 100644 --- a/API/Services/IdentitySeedService.cs +++ b/API/Services/IdentitySeedService.cs @@ -20,7 +20,7 @@ namespace API.Services } var adminUserName = configuration["SeedAdmin:UserName"] ?? "admin"; - var adminPassword = configuration["SeedAdmin:Password"] ?? "Hoard"; + var adminPassword = configuration["SeedAdmin:Password"] ?? "HoardPassword"; var adminEmail = configuration["SeedAdmin:Email"]; var admin = new AppUser