Add JWT authentication with AuthController and services

2026-04-03 21:00:16 +02:00
parent 8bfd49e0ab
commit b6962e1024
6 changed files with 224 additions and 12 deletions
@@ -0,0 +1,92 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+using RacePlannerApi.Data;
+using RacePlannerApi.DTOs;
+using RacePlannerApi.Models;
+using RacePlannerApi.Services;
+
+namespace RacePlannerApi.Controllers;
+
+[ApiController]
+[Route("api/[controller]")]
+public class AuthController : ControllerBase
+{
+    private readonly RacePlannerDbContext _context;
+    private readonly JwtTokenService _jwtService;
+
+    public AuthController(RacePlannerDbContext context, JwtTokenService jwtService)
+    {
+        _context = context;
+        _jwtService = jwtService;
+    }
+
+    [HttpPost("register")]
+    public async Task<ActionResult<AuthResponse>> Register(RegisterRequest request)
+    {
+        // Check if email already exists
+        if (await _context.Users.AnyAsync(u => u.Email == request.Email))
+        {
+            return Conflict(new { error = "Email already registered" });
+        }
+
+        // Create new user
+        var user = new User
+        {
+            Email = request.Email,
+            PasswordHash = BCrypt.Net.BCrypt.HashPassword(request.Password),
+            Name = request.Name,
+            Role = request.Role
+        };
+
+        _context.Users.Add(user);
+        await _context.SaveChangesAsync();
+
+        // Generate token
+        var token = _jwtService.GenerateToken(user);
+
+        return Ok(new AuthResponse
+        {
+            Token = token,
+            User = new UserDto
+            {
+                Id = user.Id,
+                Email = user.Email,
+                Name = user.Name,
+                Role = user.Role.ToString()
+            }
+        });
+    }
+
+    [HttpPost("login")]
+    public async Task<ActionResult<AuthResponse>> Login(LoginRequest request)
+    {
+        // Find user by email
+        var user = await _context.Users.FirstOrDefaultAsync(u => u.Email == request.Email);
+
+        if (user == null)
+        {
+            return Unauthorized(new { error = "Invalid credentials" });
+        }
+
+        // Verify password
+        if (!BCrypt.Net.BCrypt.Verify(request.Password, user.PasswordHash))
+        {
+            return Unauthorized(new { error = "Invalid credentials" });
+        }
+
+        // Generate token
+        var token = _jwtService.GenerateToken(user);
+
+        return Ok(new AuthResponse
+        {
+            Token = token,
+            User = new UserDto
+            {
+                Id = user.Id,
+                Email = user.Email,
+                Name = user.Name,
+                Role = user.Role.ToString()
+            }
+        });
+    }
+}