using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using RacePlannerApi.Data; using RacePlannerApi.DTOs; using RacePlannerApi.Models; using RacePlannerApi.Services; namespace RacePlannerApi.Controllers; [ApiController] [Route("api/[controller]")] public class AuthController : ControllerBase { private readonly RacePlannerDbContext _context; private readonly JwtTokenService _jwtService; public AuthController(RacePlannerDbContext context, JwtTokenService jwtService) { _context = context; _jwtService = jwtService; } [HttpPost("register")] public async Task> Register(RegisterRequest request) { // Check if email already exists if (await _context.Users.AnyAsync(u => u.Email == request.Email)) { return Conflict(new { error = "Email already registered" }); } // Create new user var user = new User { Email = request.Email, PasswordHash = BCrypt.Net.BCrypt.HashPassword(request.Password), Name = request.Name, Role = request.Role }; _context.Users.Add(user); await _context.SaveChangesAsync(); // Generate token var token = _jwtService.GenerateToken(user); return Ok(new AuthResponse { Token = token, User = new UserDto { Id = user.Id, Email = user.Email, Name = user.Name, Role = user.Role.ToString() } }); } [HttpPost("login")] public async Task> Login(LoginRequest request) { // Find user by email var user = await _context.Users.FirstOrDefaultAsync(u => u.Email == request.Email); if (user == null) { return Unauthorized(new { error = "Invalid credentials" }); } // Verify password if (!BCrypt.Net.BCrypt.Verify(request.Password, user.PasswordHash)) { return Unauthorized(new { error = "Invalid credentials" }); } // Generate token var token = _jwtService.GenerateToken(user); return Ok(new AuthResponse { Token = token, User = new UserDto { Id = user.Id, Email = user.Email, Name = user.Name, Role = user.Role.ToString() } }); } }