using API.Security;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace API.Controllers.Auth
{
    [ApiController]
    [Route("auth/user")]
    public class AppUserController : ControllerBase
    {
        [HttpGet]
        [Authorize(Policy = PolicyNames.AdminOnly)]
        public IActionResult GetAppUsers()
        {
            return Ok(new { message = "Adminzugriff bestätigt." });
        }
    }
}