using System.Security.Claims; using API.Core.Contracts.Common; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; namespace API.Core.Controllers; /// /// Sample controller demonstrating an endpoint that requires JWT authentication. /// [ApiController] [Route("api/[controller]")] [Authorize(AuthenticationSchemes = "JWT")] public class ProtectedController : ControllerBase { /// /// Returns the authenticated caller's user ID and username, extracted from the JWT claims. /// /// /// A 200 OK result wrapping a whose payload contains the /// caller's userId (from ) and username /// (from ), either of which may be null if not present in the token. /// [HttpGet] public ActionResult> Get() { var userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value; var username = User.FindFirst(ClaimTypes.Name)?.Value; return Ok( new ResponseBody { Message = "Protected endpoint accessed successfully", Payload = new { userId, username }, } ); } }