feat(AuthController): Aktualisiert, um die Anmeldung über die Benutzer-ID zu ermöglichen.

src/DigitalData.Auth.API/Controllers/AuthController.cs

@@ -3,13 +3,13 @@ using DigitalData.Core.Abstractions.Security;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
-using DigitalData.UserManager.Application.DTOs.Auth;
 using DigitalData.UserManager.Application.Contracts;
 using DigitalData.UserManager.Application.DTOs.User;
 using DigitalData.Core.Abstractions.Application;
 using DigitalData.Auth.API.Dto;
 using DigitalData.Auth.API.Services.Contracts;
 using DigitalData.Auth.API.Entities;
+using DigitalData.Core.DTO;
 
 namespace DigitalData.Auth.API.Controllers
 {
@@ -45,18 +45,37 @@ namespace DigitalData.Auth.API.Controllers
             _consumerSignatureHandler = apiSignatureHandler;
         }
 
-        private async Task<IActionResult> CreateTokenAsync(LogInDto login, string consumerName, bool cookie = true)
+        private async Task<IActionResult> CreateTokenAsync(UserLogin login, string consumerName, bool cookie = true)
+        {
+            DataResult<UserReadDto>? uRes;
+            if (login.Username is not null)
             {
                 bool isValid = await _dirSearchService.ValidateCredentialsAsync(login.Username, login.Password);
 
                 if (!isValid)
                     return Unauthorized();
 
-            //find the user
+                uRes = await _userService.ReadByUsernameAsync(login.Username);
-            var uRes = await _userService.ReadByUsernameAsync(login.Username);            
+                if (uRes.IsFailed)
+                    return Unauthorized();
+            }
+            else if(login.Id is int userId)
+            {
+                uRes = await _userService.ReadByIdAsync(userId);
                 if (uRes.IsFailed)
                     return Unauthorized();
 
+                bool isValid = await _dirSearchService.ValidateCredentialsAsync(uRes.Data.Username, login.Password);
+
+                if (!isValid)
+                    return Unauthorized();
+            }
+            else
+            {
+                return BadRequest("One of user ID or username should be provided.");
+            }
+
+            //find the user
             var consumer = await _consumerService.ReadByNameAsync(consumerName);
             if (consumer is null)
                 return Unauthorized();
@@ -64,7 +83,7 @@ namespace DigitalData.Auth.API.Controllers
             if (!_cryptoFactory.TokenDescriptors.TryGet(_apiParams.Issuer, consumer.Audience, out var descriptor))
                 return StatusCode(StatusCodes.Status500InternalServerError);
 
-            var token = _userSignatureHandler.WriteToken(uRes.Data, descriptor);
+            var token = _userSignatureHandler.WriteToken(uRes!.Data, descriptor);
 
             //set cookie
             if (cookie)
@@ -102,7 +121,7 @@ namespace DigitalData.Auth.API.Controllers
         //TODO: Add role depends on group name
         [HttpPost("{consumerName}/login")]
         [AllowAnonymous]
-        public async Task<IActionResult> Login([FromForm] LogInDto login, [FromRoute] string consumerName)
+        public async Task<IActionResult> Login([FromForm] UserLogin login, [FromRoute] string consumerName)
         {
             try
             {
@@ -146,7 +165,7 @@ namespace DigitalData.Auth.API.Controllers
         }
 
         [HttpPost("{consumerName}")]
-        public async Task<IActionResult> CreateTokenViaBody([FromBody] LogInDto login, [FromRoute] string consumerName, [FromQuery] bool cookie = false)
+        public async Task<IActionResult> CreateTokenViaBody([FromBody] UserLogin login, [FromRoute] string consumerName, [FromQuery] bool cookie = false)
         {
             try
             {

src/DigitalData.Auth.API/Dto/UserLogin.cs

@@ -0,0 +1,6 @@
+namespace DigitalData.Auth.API.Dto;
+
+public record UserLogin(string Password, int? Id = null, string? Username = null)
+{
+    public bool Valid => Id is not null || !string.IsNullOrWhiteSpace(Username);
+};