GestionIntegralWeb/Backend/GestionIntegral.Api/Controllers/AuthController.cs

using GestionIntegral.Api.Dtos;
using GestionIntegral.Api.Services;
using Microsoft.AspNetCore.Mvc;

namespace GestionIntegral.Api.Controllers
{
    [Route("api/[controller]")] // Ruta base: /api/auth
    [ApiController]
    public class AuthController : ControllerBase
    {
        private readonly IAuthService _authService;
        private readonly ILogger<AuthController> _logger; // Para logging

        public AuthController(IAuthService authService, ILogger<AuthController> logger)
        {
            _authService = authService;
            _logger = logger;
        }

        [HttpPost("login")] // Ruta: POST /api/auth/login
        [ProducesResponseType(typeof(LoginResponseDto), StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status400BadRequest)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        public async Task<IActionResult> Login([FromBody] LoginRequestDto loginRequest)
        {
            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            try
            {
                var loginResponse = await _authService.LoginAsync(loginRequest);

                if (loginResponse == null)
                {
                    _logger.LogWarning("Login failed for user {Username}", loginRequest.Username);
                    // Devolver Unauthorized genérico para no dar pistas sobre si el usuario existe o no
                    return Unauthorized(new { message = "Usuario o contraseña inválidos." });
                }

                _logger.LogInformation("User {Username} logged in successfully.", loginRequest.Username);
                return Ok(loginResponse);
            }
            catch (Exception ex)
            {
                _logger.LogError(ex, "Error during login for user {Username}", loginRequest.Username);
                // No exponer detalles del error al cliente
                return StatusCode(StatusCodes.Status500InternalServerError, new { message = "Ocurrió un error interno durante el inicio de sesión." });
            }
        }

        // TODO: Añadir endpoint para cambiar clave [HttpPost("change-password")]
        //       Probablemente requerirá [Authorize] para que solo usuarios logueados puedan usarlo.
    }
}
Fase 2: Creatción de la UI (React + Vite). Implementación de Log In reemplazando texto plano. Y creación de tool para migrar contraseñas. 2025-05-05 15:49:01 -03:00			`using GestionIntegral.Api.Dtos;`
			`using GestionIntegral.Api.Services;`
			`using Microsoft.AspNetCore.Mvc;`

			`namespace GestionIntegral.Api.Controllers`
			`{`
			`[Route("api/[controller]")] // Ruta base: /api/auth`
			`[ApiController]`
			`public class AuthController : ControllerBase`
			`{`
			`private readonly IAuthService _authService;`
			`private readonly ILogger<AuthController> _logger; // Para logging`

			`public AuthController(IAuthService authService, ILogger<AuthController> logger)`
			`{`
			`_authService = authService;`
			`_logger = logger;`
			`}`

			`[HttpPost("login")] // Ruta: POST /api/auth/login`
			`[ProducesResponseType(typeof(LoginResponseDto), StatusCodes.Status200OK)]`
			`[ProducesResponseType(StatusCodes.Status400BadRequest)]`
			`[ProducesResponseType(StatusCodes.Status401Unauthorized)]`
			`public async Task<IActionResult> Login([FromBody] LoginRequestDto loginRequest)`
			`{`
			`if (!ModelState.IsValid)`
			`{`
			`return BadRequest(ModelState);`
			`}`

			`try`
			`{`
			`var loginResponse = await _authService.LoginAsync(loginRequest);`

			`if (loginResponse == null)`
			`{`
			`_logger.LogWarning("Login failed for user {Username}", loginRequest.Username);`
			`// Devolver Unauthorized genérico para no dar pistas sobre si el usuario existe o no`
			`return Unauthorized(new { message = "Usuario o contraseña inválidos." });`
			`}`

			`_logger.LogInformation("User {Username} logged in successfully.", loginRequest.Username);`
			`return Ok(loginResponse);`
			`}`
			`catch (Exception ex)`
			`{`
			`_logger.LogError(ex, "Error during login for user {Username}", loginRequest.Username);`
			`// No exponer detalles del error al cliente`
			`return StatusCode(StatusCodes.Status500InternalServerError, new { message = "Ocurrió un error interno durante el inicio de sesión." });`
			`}`
			`}`

			`// TODO: Añadir endpoint para cambiar clave [HttpPost("change-password")]`
			`// Probablemente requerirá [Authorize] para que solo usuarios logueados puedan usarlo.`
			`}`
			`}`