using System.Security.Claims;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Shared.Contracts;
namespace API.Core.Controllers;
///
/// Sample controller demonstrating an endpoint that requires JWT authentication.
///
[ApiController]
[Route("api/[controller]")]
[Authorize(AuthenticationSchemes = "JWT")]
public class ProtectedController : ControllerBase
{
///
/// Returns the authenticated caller's user ID and username, extracted from the JWT claims.
///
///
/// A 200 OK result wrapping a whose payload contains the
/// caller's userId (from ) and username
/// (from ), either of which may be null if not present in the token.
///
[HttpGet]
public ActionResult> Get()
{
string? userId = User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
string? username = User.FindFirst(ClaimTypes.Name)?.Value;
return Ok(
new ResponseBody