From 8a8006874d3f1a2fbc09ccc2f4384fbd385b25ac Mon Sep 17 00:00:00 2001
From: TekH <h.tek@digitaldata.works>
Date: Fri, 13 Mar 2026 10:02:19 +0100
Subject: [PATCH] Refactor AuthController and add NTLM login endpoint

Refactored AuthController to improve attribute usage and code clarity. Added three endpoints: /auth/me (user info), /auth/login (NTLM/Negotiate authentication with user info or 401), and /auth/status (authenticated user status). Responses are now more structured and informative. Applied [Authorize] only to relevant endpoints. Improved code organization and documentation.
---
 Controllers/AuthController.cs | 65 ++++++++++++++++++++++++++---------
 1 file changed, 49 insertions(+), 16 deletions(-)

diff --git a/Controllers/AuthController.cs b/Controllers/AuthController.cs
index eb704c5..a2fc353 100644
--- a/Controllers/AuthController.cs
+++ b/Controllers/AuthController.cs
@@ -1,24 +1,57 @@
-using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
-namespace FakeNTLMServer.Controllers
+namespace FakeNTLMServer.Controllers;
+
+[ApiController]
+[Route("[controller]")]
+public class AuthController : ControllerBase
 {
-    [ApiController]
-    [Route("[controller]")]
     [Authorize]
-    public class AuthController : ControllerBase
+    [HttpGet("me")]
+    public IActionResult GetMe()
+    {
+        var identity = User.Identity;
+        return Ok(new
+        {
+            identity?.Name,
+            identity?.AuthenticationType,
+            identity?.IsAuthenticated,
+            Claims = User.Claims.Select(claim => new { claim.Type, claim.Value })
+        });
+    }
+
+    /// <summary>
+    /// NTLM/Negotiate login endpoint.
+    /// Triggers the NTLM handshake (401 → challenge → response) and returns authenticated user info.
+    /// </summary>
+    [Authorize]
+    [HttpGet("login")]
+    public IActionResult Login()
+    {
+        var identity = User.Identity;
+
+        if (identity is null || !identity.IsAuthenticated)
+            return Unauthorized(new { Message = "NTLM authentication failed." });
+
+        return Ok(new
+        {
+            Message = "NTLM authentication successful.",
+            identity.Name,
+            identity.AuthenticationType,
+            identity.IsAuthenticated,
+            Claims = User.Claims.Select(claim => new { claim.Type, claim.Value })
+        });
+    }
+
+    [Authorize]
+    [HttpGet("status")]
+    public IActionResult Status()
     {
-        [HttpGet("me")]
-        public IActionResult GetMe()
+        return Ok(new
         {
-            var identity = User.Identity;
-            return Ok(new
-            {
-                identity?.Name,
-                identity?.AuthenticationType,
-                identity?.IsAuthenticated,
-                Claims = User.Claims.Select(claim => new { claim.Type, claim.Value })
-            });
-        }
+            User.Identity?.Name,
+            User.Identity?.AuthenticationType
+        });
     }
 }
\ No newline at end of file