Refactor AuthController and add NTLM login endpoint

Refactored AuthController to improve attribute usage and code clarity. Added three endpoints: /auth/me (user info), /auth/login (NTLM/Negotiate authentication with user info or 401), and /auth/status (authenticated user status). Responses are now more structured and informative. Applied [Authorize] only to relevant endpoints. Improved code organization and documentation.
2026-03-13 10:02:19 +01:00
parent 8505259714
commit 8a8006874d
1 changed files with 49 additions and 16 deletions
--- a/Controllers/AuthController.cs
+++ b/Controllers/AuthController.cs
@@ -1,13 +1,13 @@
-using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

-namespace FakeNTLMServer.Controllers
+namespace FakeNTLMServer.Controllers;
+
+[ApiController]
+[Route("[controller]")]
+public class AuthController : ControllerBase
 {
-    [ApiController]
-    [Route("[controller]")]
    [Authorize]
-    public class AuthController : ControllerBase
-    {
    [HttpGet("me")]
    public IActionResult GetMe()
    {
@@ -20,5 +20,38 @@ namespace FakeNTLMServer.Controllers
            Claims = User.Claims.Select(claim => new { claim.Type, claim.Value })
        });
    }
+
+    /// <summary>
+    /// NTLM/Negotiate login endpoint.
+    /// Triggers the NTLM handshake (401 → challenge → response) and returns authenticated user info.
+    /// </summary>
+    [Authorize]
+    [HttpGet("login")]
+    public IActionResult Login()
+    {
+        var identity = User.Identity;
+
+        if (identity is null || !identity.IsAuthenticated)
+            return Unauthorized(new { Message = "NTLM authentication failed." });
+
+        return Ok(new
+        {
+            Message = "NTLM authentication successful.",
+            identity.Name,
+            identity.AuthenticationType,
+            identity.IsAuthenticated,
+            Claims = User.Claims.Select(claim => new { claim.Type, claim.Value })
+        });
+    }
+
+    [Authorize]
+    [HttpGet("status")]
+    public IActionResult Status()
+    {
+        return Ok(new
+        {
+            User.Identity?.Name,
+            User.Identity?.AuthenticationType
+        });
    }
 }