- Changed [HttpGet("me")] to [HttpGet(nameof(Me))] for route safety.
- Renamed method from GetMe to Me for consistency.
- Removed [Authorize] attribute to allow unauthenticated access.
Refactored route attributes for Login and Status actions to use nameof() for improved maintainability. Added a new Test GET endpoint that returns a simple OK response.
Introduced a new endpoint to AuthController that allows authentication using Windows username, password, and optional domain via the Win32 LogonUser API. This enables credential validation without NTLM/Negotiate middleware or IIS. The endpoint parses both "DOMAIN\user" and "user@domain" formats and returns user info and claims on success, or Unauthorized on failure. Added necessary using directives for implementation.
Refactored AuthController to improve attribute usage and code clarity. Added three endpoints: /auth/me (user info), /auth/login (NTLM/Negotiate authentication with user info or 401), and /auth/status (authenticated user status). Responses are now more structured and informative. Applied [Authorize] only to relevant endpoints. Improved code organization and documentation.
Introduced AuthController secured with [Authorize] attribute.
Provides a GET /auth/me endpoint that returns the authenticated
user's identity details and claims.
