18be0fb183
- Add path exemption in TenantValidationMiddleware for /api/clubs/me - Change authorization policy from RequireMember to RequireViewer - Fix KEYCLOAK_CLIENT_ID in docker-compose.yml (workclub-app) - Resolves frontend chicken-and-egg problem for club discovery Verified: - /api/clubs/me returns 200 OK without X-Tenant-Id header - /api/tasks still requires X-Tenant-Id (400 Bad Request) - Other endpoints unaffected
38 lines
1.1 KiB
C#
38 lines
1.1 KiB
C#
using Microsoft.AspNetCore.Http.HttpResults;
|
|
using WorkClub.Api.Services;
|
|
using WorkClub.Application.Clubs.DTOs;
|
|
|
|
namespace WorkClub.Api.Endpoints.Clubs;
|
|
|
|
public static class ClubEndpoints
|
|
{
|
|
public static void MapClubEndpoints(this IEndpointRouteBuilder app)
|
|
{
|
|
var group = app.MapGroup("/api/clubs");
|
|
|
|
group.MapGet("/me", GetMyClubs)
|
|
.RequireAuthorization("RequireViewer")
|
|
.WithName("GetMyClubs");
|
|
|
|
group.MapGet("/current", GetCurrentClub)
|
|
.RequireAuthorization("RequireMember")
|
|
.WithName("GetCurrentClub");
|
|
}
|
|
|
|
private static async Task<Ok<List<ClubListDto>>> GetMyClubs(ClubService clubService)
|
|
{
|
|
var result = await clubService.GetMyClubsAsync();
|
|
return TypedResults.Ok(result);
|
|
}
|
|
|
|
private static async Task<Results<Ok<ClubDetailDto>, NotFound>> GetCurrentClub(ClubService clubService)
|
|
{
|
|
var result = await clubService.GetCurrentClubAsync();
|
|
|
|
if (result == null)
|
|
return TypedResults.NotFound();
|
|
|
|
return TypedResults.Ok(result);
|
|
}
|
|
}
|