From 3d5053d1775a53839de608b26a52913d8dff9552 Mon Sep 17 00:00:00 2001
From: Developer 02 <developer02@didaloghe.onmicrosoft.com>
Date: Tue, 11 Feb 2025 16:13:24 +0100
Subject: [PATCH] =?UTF-8?q?feat(TFARegController):=20Logout-Methode=20hinz?=
 =?UTF-8?q?ugef=C3=BCgt?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controllers/TFARegController.cs           | 23 +++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/EnvelopeGenerator.Web/Controllers/TFARegController.cs b/EnvelopeGenerator.Web/Controllers/TFARegController.cs
index 04832945..7f244028 100644
--- a/EnvelopeGenerator.Web/Controllers/TFARegController.cs
+++ b/EnvelopeGenerator.Web/Controllers/TFARegController.cs
@@ -9,11 +9,13 @@ using DigitalData.Core.DTO;
 using EnvelopeGenerator.Application.Extensions;
 using Microsoft.Extensions.Options;
 using Microsoft.AspNetCore.Authorization;
+using static EnvelopeGenerator.Common.Constants;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication;
 
 namespace EnvelopeGenerator.Web.Controllers;
 
 //TODO: Add authorization as well as limiting the link duration (intermediate token with different role) or sign it
-[Route("tfa")]
 public class TFARegController : ViewControllerBase
 {
     private readonly IEnvelopeReceiverService _envRcvService;
@@ -29,8 +31,9 @@ public class TFARegController : ViewControllerBase
         _params = tfaRegParamsOptions.Value;
     }
 
+    //TODO: move under auth route
     [Authorize]
-    [HttpGet("{envelopeReceiverId}")]
+    [HttpGet("tfa/{envelopeReceiverId}")]
     public async Task<IActionResult> Reg(string envelopeReceiverId)
     {
         try
@@ -84,4 +87,20 @@ public class TFARegController : ViewControllerBase
             return this.ViewInnerServiceError();
         }
     }
+
+    [Authorize(Roles = ReceiverRole.FullyAuth)]
+    [HttpPost("auth/logout")]
+    public async Task<IActionResult> LogOut()
+    {
+        try
+        {
+            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
+            return Ok();
+        }
+        catch(Exception ex)
+        {
+            _logger.LogError(ex, "{message}", ex.Message);
+            return this.ViewInnerServiceError();
+        }
+    }
 }
\ No newline at end of file