feat(udt-001): api layer with AuthController, Program.cs and Serilog

src/api/SIGCM2.Api/Program.cs

@@ -0,0 +1,69 @@
+using Serilog;
+using Scalar.AspNetCore;
+using SIGCM2.Application;
+using SIGCM2.Infrastructure;
+using SIGCM2.Api.Filters;
+
+// Bootstrap logger — before DI is built
+Log.Logger = new LoggerConfiguration()
+    .WriteTo.Console()
+    .CreateBootstrapLogger();
+
+Log.Information("Starting SIGCM2 API");
+
+var builder = WebApplication.CreateBuilder(args);
+
+// Serilog — reads from appsettings.json "Serilog" section
+builder.Host.UseSerilog((ctx, lc) => lc
+    .ReadFrom.Configuration(ctx.Configuration));
+
+// Application + Infrastructure DI
+builder.Services.AddApplication();
+builder.Services.AddInfrastructure(builder.Configuration);
+
+// Controllers with exception filter
+builder.Services.AddControllers(opts =>
+{
+    opts.Filters.Add<ExceptionFilter>();
+});
+
+// OpenAPI / Scalar
+builder.Services.AddOpenApi();
+
+// CORS
+var allowedOrigins = builder.Configuration
+    .GetSection("Cors:AllowedOrigins")
+    .Get<string[]>() ?? [];
+
+builder.Services.AddCors(opts =>
+{
+    opts.AddDefaultPolicy(policy =>
+        policy.WithOrigins(allowedOrigins)
+              .AllowAnyHeader()
+              .AllowAnyMethod());
+});
+
+var app = builder.Build();
+
+// Middleware pipeline
+app.UseSerilogRequestLogging();
+
+if (app.Environment.IsDevelopment() || app.Environment.IsEnvironment("Testing"))
+{
+    app.MapOpenApi();
+    app.MapScalarApiReference(opts =>
+    {
+        opts.Title = "SIGCM2 API";
+    });
+}
+
+app.UseHttpsRedirection();
+app.UseCors();
+app.UseAuthentication();
+app.UseAuthorization();
+app.MapControllers();
+
+app.Run();
+
+// Exposed for WebApplicationFactory in integration tests
+public partial class Program { }