| | | 1 | | using FAU.Logica.DTOs; |
| | | 2 | | using FAU.Logica.Services; |
| | | 3 | | using FAU.DataAccess.Repositories; |
| | | 4 | | using Microsoft.AspNetCore.Authorization; |
| | | 5 | | using Microsoft.AspNetCore.Mvc; |
| | | 6 | | |
| | | 7 | | namespace FAU.API.Controllers; |
| | | 8 | | |
| | | 9 | | /// <summary> |
| | | 10 | | /// Controlador de autenticación |
| | | 11 | | /// </summary> |
| | | 12 | | [ApiController] |
| | | 13 | | [Route("api/[controller]")] |
| | | 14 | | public class AuthController : ControllerBase |
| | | 15 | | { |
| | | 16 | | private readonly IAuthService _authService; |
| | | 17 | | private readonly IUsuarioService _usuarioService; |
| | | 18 | | private readonly IPermisoRepository _permisoRepository; |
| | | 19 | | private readonly ILogger<AuthController> _logger; |
| | | 20 | | |
| | 7 | 21 | | public AuthController( |
| | 7 | 22 | | IAuthService authService, |
| | 7 | 23 | | IUsuarioService usuarioService, |
| | 7 | 24 | | IPermisoRepository permisoRepository, |
| | 7 | 25 | | ILogger<AuthController> logger) |
| | | 26 | | { |
| | 7 | 27 | | _authService = authService; |
| | 7 | 28 | | _usuarioService = usuarioService; |
| | 7 | 29 | | _permisoRepository = permisoRepository; |
| | 7 | 30 | | _logger = logger; |
| | 7 | 31 | | } |
| | | 32 | | |
| | | 33 | | /// <summary> |
| | | 34 | | /// Login de usuario - Endpoint principal de autenticación |
| | | 35 | | /// POST /api/auth/login |
| | | 36 | | /// </summary> |
| | | 37 | | [HttpPost("login")] |
| | | 38 | | [AllowAnonymous] |
| | | 39 | | public async Task<IActionResult> Login([FromBody] LoginRequest request) |
| | | 40 | | { |
| | | 41 | | try |
| | | 42 | | { |
| | 3 | 43 | | var (success, token, error) = await _authService.LoginAsync(request.Username, request.Password); |
| | | 44 | | |
| | 2 | 45 | | if (!success) |
| | | 46 | | { |
| | 1 | 47 | | return Unauthorized(ApiResponse<string>.ErrorResult(error ?? "Credenciales inválidas")); |
| | | 48 | | } |
| | | 49 | | |
| | 1 | 50 | | var usuario = await _usuarioService.GetByUsernameAsync(request.Username); |
| | | 51 | | |
| | 1 | 52 | | var response = new LoginResponse |
| | 1 | 53 | | { |
| | 1 | 54 | | Success = true, |
| | 1 | 55 | | Token = token, |
| | 1 | 56 | | Usuario = usuario != null ? new UsuarioDto |
| | 1 | 57 | | { |
| | 1 | 58 | | Id = usuario.Id, |
| | 1 | 59 | | Username = usuario.Username, |
| | 1 | 60 | | Estado = usuario.Estado, |
| | 1 | 61 | | PersonaId = usuario.PersonaId, |
| | 1 | 62 | | Persona = usuario.Persona != null ? new PersonaDto |
| | 1 | 63 | | { |
| | 1 | 64 | | Id = usuario.Persona.Id, |
| | 1 | 65 | | Cedula = usuario.Persona.Cedula, |
| | 1 | 66 | | Nombre = usuario.Persona.PrimerNombre, |
| | 1 | 67 | | Apellido = usuario.Persona.PrimerApellido, |
| | 1 | 68 | | Email = usuario.Persona.Email, |
| | 1 | 69 | | Telefono = usuario.Persona.Telefono |
| | 1 | 70 | | } : null, |
| | 1 | 71 | | Roles = usuario.Roles.Select(r => new RolDto |
| | 1 | 72 | | { |
| | 1 | 73 | | Id = r.Id, |
| | 1 | 74 | | Nombre = r.Nombre, |
| | 1 | 75 | | Descripcion = r.Descripcion, |
| | 1 | 76 | | Permisos = r.Permisos.Select(p => new PermisoDto |
| | 1 | 77 | | { |
| | 1 | 78 | | Id = p.Id, |
| | 1 | 79 | | Nombre = p.Nombre, |
| | 1 | 80 | | Descripcion = p.Descripcion |
| | 1 | 81 | | }).ToList() |
| | 1 | 82 | | }).ToList() |
| | 1 | 83 | | } : null |
| | 1 | 84 | | }; |
| | | 85 | | |
| | 1 | 86 | | return Ok(ApiResponse<LoginResponse>.SuccessResult(response, "Login exitoso")); |
| | | 87 | | } |
| | 1 | 88 | | catch (Exception ex) |
| | | 89 | | { |
| | 1 | 90 | | _logger.LogError(ex, "Error en login"); |
| | 1 | 91 | | return StatusCode(500, ApiResponse<string>.ErrorResult("Error interno del servidor")); |
| | | 92 | | } |
| | 3 | 93 | | } |
| | | 94 | | |
| | | 95 | | /// <summary> |
| | | 96 | | /// Registro de nuevo usuario (público) |
| | | 97 | | /// NOTA: Este endpoint permite registro público. Considere deshabilitarlo en producción. |
| | | 98 | | /// POST /api/auth/register |
| | | 99 | | /// </summary> |
| | | 100 | | [HttpPost("register")] |
| | | 101 | | [AllowAnonymous] |
| | | 102 | | public async Task<IActionResult> Register([FromBody] RegisterRequest request) |
| | | 103 | | { |
| | | 104 | | try |
| | | 105 | | { |
| | 2 | 106 | | var (success, usuario, error) = await _authService.RegisterAsync( |
| | 2 | 107 | | request.Username, |
| | 2 | 108 | | request.Password, |
| | 2 | 109 | | request.PersonaId); |
| | | 110 | | |
| | 2 | 111 | | if (!success) |
| | | 112 | | { |
| | 1 | 113 | | return BadRequest(ApiResponse<string>.ErrorResult(error ?? "Error al registrar usuario")); |
| | | 114 | | } |
| | | 115 | | |
| | 1 | 116 | | var usuarioDto = new UsuarioDto |
| | 1 | 117 | | { |
| | 1 | 118 | | Id = usuario!.Id, |
| | 1 | 119 | | Username = usuario.Username, |
| | 1 | 120 | | Estado = usuario.Estado, |
| | 1 | 121 | | PersonaId = usuario.PersonaId |
| | 1 | 122 | | }; |
| | | 123 | | |
| | 1 | 124 | | return Ok(ApiResponse<UsuarioDto>.SuccessResult(usuarioDto, "Usuario registrado exitosamente")); |
| | | 125 | | } |
| | 0 | 126 | | catch (Exception ex) |
| | | 127 | | { |
| | 0 | 128 | | _logger.LogError(ex, "Error en registro"); |
| | 0 | 129 | | return StatusCode(500, ApiResponse<string>.ErrorResult("Error interno del servidor")); |
| | | 130 | | } |
| | 2 | 131 | | } |
| | | 132 | | |
| | | 133 | | /// <summary> |
| | | 134 | | /// Listar todos los permisos disponibles |
| | | 135 | | /// GET /api/auth/permisos |
| | | 136 | | /// </summary> |
| | | 137 | | [HttpGet("permisos")] |
| | | 138 | | [Authorize] |
| | | 139 | | public async Task<IActionResult> GetPermisos() |
| | | 140 | | { |
| | | 141 | | try |
| | | 142 | | { |
| | 2 | 143 | | var permisos = await _permisoRepository.GetAllAsync(); |
| | | 144 | | |
| | 4 | 145 | | var permisosDto = permisos.Select(p => new PermisoDto |
| | 4 | 146 | | { |
| | 4 | 147 | | Id = p.Id, |
| | 4 | 148 | | Nombre = p.Nombre, |
| | 4 | 149 | | Descripcion = p.Descripcion |
| | 4 | 150 | | }).ToList(); |
| | | 151 | | |
| | 1 | 152 | | return Ok(ApiResponse<List<PermisoDto>>.SuccessResult(permisosDto)); |
| | | 153 | | } |
| | 1 | 154 | | catch (Exception ex) |
| | | 155 | | { |
| | 1 | 156 | | _logger.LogError(ex, "Error al obtener permisos"); |
| | 1 | 157 | | return StatusCode(500, ApiResponse<string>.ErrorResult("Error interno del servidor")); |
| | | 158 | | } |
| | 2 | 159 | | } |
| | | 160 | | } |