using Features.Auth.Commands.ConfirmUser;
using Features.Auth.Commands.RefreshToken;
using Features.Auth.Commands.RegisterUser;
using Features.Auth.Commands.ResendConfirmationEmail;
using Features.Auth.Dtos;
using Features.Auth.Queries.Login;
using MediatR;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Shared.Contracts;
namespace Features.Auth.Controllers;
///
/// Handles user authentication concerns: registration, login, email confirmation, and token refresh.
///
///
/// The controller is decorated with [Authorize(AuthenticationSchemes = "JWT")] by default, but most
/// actions opt out via [AllowAnonymous] since they are entry points used before a caller holds a token.
///
/// Used to dispatch auth commands and queries to their handlers.
[ApiController]
[Route("api/[controller]")]
[Authorize(AuthenticationSchemes = "JWT")]
public class AuthController(IMediator mediator) : ControllerBase
{
///
/// Registers a new user account.
///
///
/// Allows anonymous access. On success, responds with 201 Created containing the new user's ID,
/// username, issued refresh/access tokens, and whether a confirmation email was sent.
///
/// The registration details, including username, name, email, date of birth, and password.
/// A 201 Created result wrapping a of .
[AllowAnonymous]
[HttpPost("register")]
public async Task>> Register(
[FromBody] RegisterUserCommand command
)
{
RegistrationPayload payload = await mediator.Send(command);
return Created("/", new ResponseBody
{
Message = "User registered successfully.",
Payload = payload
});
}
///
/// Authenticates a user with a username and password.
///
///
/// Allows anonymous access. On success, responds with 200 OK containing the user's ID,
/// username, and a newly issued refresh/access token pair.
///
/// The login credentials (username and password).
/// An 200 OK result wrapping a of .
[AllowAnonymous]
[HttpPost("login")]
public async Task>> Login([FromBody] LoginQuery query)
{
LoginPayload payload = await mediator.Send(query);
return Ok(new ResponseBody
{
Message = "Logged in successfully.",
Payload = payload
});
}
///
/// Confirms a user account using a confirmation token.
///
///
/// Requires JWT authentication. On success, responds with 200 OK containing the confirmed
/// user's ID and the confirmation timestamp.
///
/// The confirmation token supplied via the confirmation email link.
/// A 200 OK result wrapping a of .
[HttpPost("confirm")]
public async Task>> Confirm([FromQuery] string token)
{
ConfirmationPayload payload = await mediator.Send(new ConfirmUserCommand(token));
return Ok(new ResponseBody
{
Message = "User with ID " + payload.UserAccountId + " is confirmed.",
Payload = payload
});
}
///
/// Resends the account confirmation email for the specified user.
///
///
/// Requires JWT authentication. On success, responds with 200 OK.
///
/// The unique identifier of the user account to resend the confirmation email for.
/// A 200 OK result wrapping a confirming the email was resent.
[HttpPost("confirm/resend")]
public async Task> ResendConfirmation([FromQuery] Guid userId)
{
await mediator.Send(new ResendConfirmationEmailCommand(userId));
return Ok(new ResponseBody { Message = "confirmation email has been resent" });
}
///
/// Exchanges a valid refresh token for a new access/refresh token pair.
///
///
/// Allows anonymous access. On success, responds with 200 OK containing the user's ID,
/// username, and the newly issued refresh/access token pair.
///
/// The request containing the refresh token to exchange.
/// A 200 OK result wrapping a of .
[AllowAnonymous]
[HttpPost("refresh")]
public async Task>> Refresh(
[FromBody] RefreshTokenCommand command
)
{
LoginPayload payload = await mediator.Send(command);
return Ok(new ResponseBody
{
Message = "Token refreshed successfully.",
Payload = payload
});
}
}