SPMS/SPMS_API
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5eb3635719
SPMS_API/SPMS.API/Controllers/AuthController.cs
seonkyu.kim 336dcf8193 feat: 토큰 갱신 및 로그아웃 API 구현 (#38) 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-09 23:08:29 +09:00

67 lines
2.4 KiB
C#
Raw Blame History

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Swashbuckle.AspNetCore.Annotations;
using SPMS.Application.DTOs.Auth;
using SPMS.Application.Interfaces;
using SPMS.Domain.Common;
namespace SPMS.API.Controllers;
[ApiController]
[Route("v1/in/auth")]
[ApiExplorerSettings(GroupName = "auth")]
public class AuthController : ControllerBase
{
private readonly IAuthService _authService;
public AuthController(IAuthService authService)
{
_authService = authService;
}
[HttpPost("login")]
[AllowAnonymous]
[SwaggerOperation(
Summary = "관리자 로그인",
Description = "이메일과 비밀번호로 로그인하여 JWT 토큰을 발급받습니다.")]
[SwaggerResponse(200, "로그인 성공", typeof(ApiResponse<LoginResponseDto>))]
[SwaggerResponse(401, "로그인 실패")]
public async Task<IActionResult> LoginAsync([FromBody] LoginRequestDto request)
{
var result = await _authService.LoginAsync(request);
return Ok(ApiResponse<LoginResponseDto>.Success(result));
}
[HttpPost("token/refresh")]
[AllowAnonymous]
[SwaggerOperation(
Summary = "토큰 갱신",
Description = "Refresh Token을 사용하여 새로운 Access Token과 Refresh Token을 발급받습니다.")]
[SwaggerResponse(200, "토큰 갱신 성공", typeof(ApiResponse<TokenRefreshResponseDto>))]
[SwaggerResponse(401, "유효하지 않거나 만료된 Refresh Token")]
public async Task<IActionResult> RefreshTokenAsync([FromBody] TokenRefreshRequestDto request)
{
var result = await _authService.RefreshTokenAsync(request);
return Ok(ApiResponse<TokenRefreshResponseDto>.Success(result));
}
[HttpPost("logout")]
[Authorize]
[SwaggerOperation(
Summary = "로그아웃",
Description = "현재 로그인된 관리자의 Refresh Token을 무효화합니다.")]
[SwaggerResponse(200, "로그아웃 성공")]
[SwaggerResponse(401, "인증되지 않은 요청")]
public async Task<IActionResult> LogoutAsync()
{
var adminIdClaim = User.FindFirst("adminId")?.Value;
if (string.IsNullOrEmpty(adminIdClaim) || !long.TryParse(adminIdClaim, out var adminId))
{
return Unauthorized(ApiResponse<object>.Fail("101", "인증 정보가 유효하지 않습니다."));
}
await _authService.LogoutAsync(adminId);
return Ok(ApiResponse.Success());
}
}
Reference in New Issue View Git Blame Copy Permalink