Refactor AuthController and update Login method

- Added using directive for EnvelopeGenerator.GeneratorAPI.Models.
- Changed Login method parameter type from LogInDto to Login.
- Modified HTTP route for Login method from "/form" to "form".
- Enhanced XML documentation for better clarity on method usage.
- Specified response type for successful login as text/javascript.
- Removed ProducesResponseType for 500 Internal Server Error.

EnvelopeGenerator.GeneratorAPI/Controllers/AuthController.cs

@@ -7,17 +7,27 @@ using Microsoft.AspNetCore.Mvc;
 using System.Security.Claims;
 using DigitalData.UserManager.Application.DTOs.Auth;
 using Microsoft.AspNetCore.Authorization;
+using EnvelopeGenerator.GeneratorAPI.Models;
 
 namespace EnvelopeGenerator.GeneratorAPI.Controllers
 {
+    /// <summary>
+    /// Controller verantwortlich für die Benutzer-Authentifizierung, einschließlich Anmelden, Abmelden und Überprüfung des Authentifizierungsstatus.
+    /// </summary>
     [Route("api/[controller]")]
     [ApiController]
-    public class AuthController : ControllerBase
+    public partial class AuthController : ControllerBase
     {
         private readonly ILogger<AuthController> _logger;
         private readonly IUserService _userService;
         private readonly IDirectorySearchService _dirSearchService;
 
+        /// <summary>
+        /// Initializes a new instance of the <see cref="AuthController"/> class.
+        /// </summary>
+        /// <param name="logger">The logger instance.</param>
+        /// <param name="userService">The user service instance.</param>
+        /// <param name="dirSearchService">The directory search service instance.</param>
         public AuthController(ILogger<AuthController> logger, IUserService userService, IDirectorySearchService dirSearchService)
         {
             _logger = logger;
@@ -25,13 +35,28 @@ namespace EnvelopeGenerator.GeneratorAPI.Controllers
             _dirSearchService = dirSearchService;
         }
 
-        //TODO: When a user group is created for signFlow, add a process to check if the user is in this group (like "PM_USER")
+        /// <summary>
+        /// Authentifiziert einen Benutzer und generiert ein JWT-Token. Wenn 'cookie' wahr ist, wird das Token als HTTP-Only-Cookie zurückgegeben.
+        /// </summary>
+        /// <param name="login">Benutzeranmeldedaten (Benutzername und Passwort).</param>
+        /// <param name="cookie">Wenn wahr, wird das JWT-Token auch als HTTP-Only-Cookie gesendet.</param>
+        /// <returns>
+        /// Gibt eine HTTP 200 OK-Antwort mit dem JWT-Token im Antwortkörper oder als HTTP-Only-Cookie zurück, wenn 'cookie' wahr ist.
+        /// </returns>
+        /// <response code="200">Erfolgreiche Anmeldung. Gibt das JWT-Token im Antwortkörper oder als Cookie zurück, wenn 'cookie' wahr ist.</response>
+        /// <response code="401">Unbefugt. Ungültiger Benutzername oder Passwort.</response>
+        [ProducesResponseType(typeof(string), StatusCodes.Status200OK, "text/javascript")]
+        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
         [AllowAnonymous]
-        [HttpPost("login")]
-        public async Task<IActionResult> Login([FromBody] LogInDto login)
+        [HttpPost]
+        public async Task<IActionResult> Login([FromBody] Login login, [FromQuery] bool cookie = false)
         {
             try
             {
+                return Ok();
+
+                throw new NotImplementedException("JWT and cookie option is not implemented");
+
                 bool isValid = _dirSearchService.ValidateCredentials(login.Username, login.Password);
 
                 if (!isValid)
@@ -48,13 +73,13 @@ namespace EnvelopeGenerator.GeneratorAPI.Controllers
 
                 // Create claims
                 var claims = new List<Claim>
-                {
-                    new (ClaimTypes.NameIdentifier, user.Id.ToString()),
-                    new (ClaimTypes.Name, user.Username),
-                    new (ClaimTypes.Surname, user.Name!),
-                    new (ClaimTypes.GivenName, user.Prename!),
-                    new (ClaimTypes.Email, user.Email!),
-                };
+                    {
+                        new (ClaimTypes.NameIdentifier, user.Id.ToString()),
+                        new (ClaimTypes.Name, user.Username),
+                        new (ClaimTypes.Surname, user.Name!),
+                        new (ClaimTypes.GivenName, user.Prename!),
+                        new (ClaimTypes.Email, user.Email!),
+                    };
 
                 // Create claimsIdentity
                 var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
@@ -75,13 +100,32 @@ namespace EnvelopeGenerator.GeneratorAPI.Controllers
 
                 return Ok();
             }
-            catch(Exception ex)
+            catch (Exception ex)
             {
                 _logger.LogError(ex, "Unexpected error occurred.\n{ErrorMessage}", ex.Message);
                 return StatusCode(StatusCodes.Status500InternalServerError);
             }
         }
 
+        /// <summary>
+        /// Authentifiziert einen Benutzer und generiert ein JWT-Token. Das Token wird als HTTP-only-Cookie zurückgegeben.
+        /// </summary>
+        /// <param name="login">Benutzeranmeldedaten (Benutzername und Passwort).</param>
+        /// <returns>
+        /// Gibt eine HTTP 200 OK-Antwort als HTTP-Only-Cookie zurück.
+        /// </returns>
+        /// <response code="200">Erfolgreiche Anmeldung. Gibt das JWT-Token im Antwortkörper oder als Cookie zurück, wenn 'cookie' wahr ist.</response>
+        /// <response code="401">Unbefugt. Ungültiger Benutzername oder Passwort.</response>
+        [ProducesResponseType(typeof(string), StatusCodes.Status200OK, "text/javascript")]
+        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
+        [AllowAnonymous]
+        [HttpPost]
+        [Route("form")]
+        public async Task<IActionResult> Login([FromForm] Login login)
+        {
+            return await Login(login, true);
+        }
+
         [Authorize]
         [HttpPost("logout")]
         public async Task<IActionResult> Logout()
@@ -99,7 +143,7 @@ namespace EnvelopeGenerator.GeneratorAPI.Controllers
         }
 
         [AllowAnonymous]
-        [HttpGet("check")]
+        [HttpGet]
         public IActionResult IsAuthenticated() => Ok(User.Identity?.IsAuthenticated ?? false);
     }
 }

EnvelopeGenerator.GeneratorAPI/EnvelopeGenerator.GeneratorAPI.csproj

@@ -4,6 +4,7 @@
     <TargetFrameworks>net9.0</TargetFrameworks>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
+    <GenerateDocumentationFile>true</GenerateDocumentationFile>
   </PropertyGroup>
 
   <ItemGroup>
@@ -12,7 +13,7 @@
     <PackageReference Include="DigitalData.Core.API" Version="2.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.3" />
     <PackageReference Include="Scalar.AspNetCore" Version="2.1.4" />
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="6.5.0" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="8.1.0" />
     <PackageReference Include="System.DirectoryServices" Version="7.0.1" />
     <PackageReference Include="System.DirectoryServices.AccountManagement" Version="7.0.1" />
     <PackageReference Include="System.DirectoryServices.Protocols" Version="7.0.1" />

EnvelopeGenerator.GeneratorAPI/Models/Login.cs

@@ -0,0 +1,15 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace EnvelopeGenerator.GeneratorAPI.Models;
+
+/// <summary>
+/// Anmeldedatenmodell
+/// </summary>
+/// <summary lang="en-US">
+/// Login data model 
+/// </summary>
+/// <param name="Username">Active Directory user name</param>
+/// <param name="Password">Active Directory password</param>
+public record Login([Required]string Username, [Required] string Password)
+{
+}

EnvelopeGenerator.GeneratorAPI/Program.cs

@@ -8,6 +8,8 @@ using Microsoft.AspNetCore.Localization;
 using Microsoft.EntityFrameworkCore;
 using System.Globalization;
 using Scalar.AspNetCore;
+using Microsoft.OpenApi.Models;
+using System.Reflection;
 
 var builder = WebApplication.CreateBuilder(args);
 
@@ -32,7 +34,24 @@ builder.Services.AddCors(options =>
 
 // Swagger
 builder.Services.AddEndpointsApiExplorer();
-builder.Services.AddSwaggerGen();
+builder.Services.AddSwaggerGen(options =>
+{
+    options.SwaggerDoc("v1", new OpenApiInfo
+    {
+        Version = "v1",
+        Title = "signFLOW Absender-API",
+        Description = "Eine API zur Verwaltung der Erstellung, des Versands und der Nachverfolgung von Umschlägen in der signFLOW-Anwendung.",
+        Contact = new OpenApiContact
+        {
+            Name = "Digital Data GmbH",
+            Url = new Uri("https://digitaldata.works/digitale-signatur#kontakt"),
+            Email = "info-flow@digitaldata.works"
+        },
+    });
+
+    var xmlFilename = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
+    options.IncludeXmlComments(Path.Combine(AppContext.BaseDirectory, xmlFilename));
+});
 builder.Services.AddOpenApi();
 // DbContext
 var connStr = config.GetConnectionString("Default") ?? throw new InvalidOperationException("There is no default connection string in appsettings.json.");