Merge pull request #27 from pierrick-fonquerne/FRO-10-Connexion-utilisateur

Fro 10 connexion utilisateur

Author: pierrick-fonquerne

src/backend/src/FantasyRealm.Api/Controllers/AuthController.cs

@@ -42,5 +42,30 @@ public async Task<IActionResult> Register([FromBody] RegisterRequest request, Ca
 
             return CreatedAtAction(nameof(Register), new { id = result.Value!.Id }, result.Value);
         }
+
+        /// <summary>
+        /// Authenticates a user and returns a JWT token.
+        /// </summary>
+        /// <param name="request">The login credentials.</param>
+        /// <param name="cancellationToken">Cancellation token.</param>
+        /// <returns>The JWT token and user information.</returns>
+        /// <response code="200">Login successful.</response>
+        /// <response code="401">Invalid credentials.</response>
+        /// <response code="403">Account suspended.</response>
+        [HttpPost("login")]
+        [ProducesResponseType(typeof(LoginResponse), StatusCodes.Status200OK)]
+        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
+        [ProducesResponseType(StatusCodes.Status403Forbidden)]
+        public async Task<IActionResult> Login([FromBody] LoginRequest request, CancellationToken cancellationToken)
+        {
+            var result = await _authService.LoginAsync(request, cancellationToken);
+
+            if (result.IsFailure)
+            {
+                return StatusCode(result.ErrorCode ?? 401, new { message = result.Error });
+            }
+
+            return Ok(result.Value);
+        }
     }
 }

src/backend/src/FantasyRealm.Api/FantasyRealm.Api.csproj

@@ -8,7 +8,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.11" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.*" />
     <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.11" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="6.9.0" />
   </ItemGroup>

src/backend/src/FantasyRealm.Api/Program.cs

@@ -1,4 +1,8 @@
+using System.Text;
 using FantasyRealm.Infrastructure;
+using FantasyRealm.Infrastructure.Security;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
 
 namespace FantasyRealm.Api
 {
@@ -31,6 +35,27 @@ private static void Main(string[] args)
             // Infrastructure services (Database, Email, Auth)
             builder.Services.AddInfrastructure(builder.Configuration);
 
+            // JWT Authentication configuration
+            var jwtSettings = builder.Configuration.GetSection(JwtSettings.SectionName).Get<JwtSettings>()!;
+            builder.Services.AddAuthentication(options =>
+            {
+                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+            })
+            .AddJwtBearer(options =>
+            {
+                options.TokenValidationParameters = new TokenValidationParameters
+                {
+                    ValidateIssuer = true,
+                    ValidateAudience = true,
+                    ValidateLifetime = true,
+                    ValidateIssuerSigningKey = true,
+                    ValidIssuer = jwtSettings.Issuer,
+                    ValidAudience = jwtSettings.Audience,
+                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.Secret))
+                };
+            });
+
             var app = builder.Build();
 
             // Configure the HTTP request pipeline
@@ -45,6 +70,7 @@ private static void Main(string[] args)
 
             app.UseHttpsRedirection();
             app.UseCors("AllowFrontend");
+            app.UseAuthentication();
             app.UseAuthorization();
             app.MapControllers();
 

src/backend/src/FantasyRealm.Api/appsettings.json

@@ -21,5 +21,11 @@
     "Password": "",
     "FromAddress": "noreply@fantasy-realm.com",
     "FromName": "FantasyRealm"
+  },
+  "Jwt": {
+    "Secret": "CHANGE_ME_IN_PRODUCTION_THIS_IS_A_DEV_SECRET_KEY_MIN_32_CHARS",
+    "Issuer": "FantasyRealm",
+    "Audience": "FantasyRealmUsers",
+    "ExpirationHours": 24
   }
 }

src/backend/src/FantasyRealm.Application/DTOs/LoginRequest.cs

@@ -0,0 +1,16 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace FantasyRealm.Application.DTOs
+{
+    /// <summary>
+    /// Request payload for user login.
+    /// </summary>
+    public sealed record LoginRequest(
+        [Required(ErrorMessage = "L'email est requis.")]
+        [EmailAddress(ErrorMessage = "Le format de l'email est invalide.")]
+        string Email,
+
+        [Required(ErrorMessage = "Le mot de passe est requis.")]
+        string Password
+    );
+}

src/backend/src/FantasyRealm.Application/DTOs/LoginResponse.cs

@@ -0,0 +1,12 @@
+namespace FantasyRealm.Application.DTOs
+{
+    /// <summary>
+    /// Response payload for successful login.
+    /// </summary>
+    public sealed record LoginResponse(
+        string Token,
+        DateTime ExpiresAt,
+        UserInfo User,
+        bool MustChangePassword
+    );
+}

src/backend/src/FantasyRealm.Application/DTOs/UserInfo.cs

@@ -0,0 +1,12 @@
+namespace FantasyRealm.Application.DTOs
+{
+    /// <summary>
+    /// Basic user information returned in authentication responses.
+    /// </summary>
+    public sealed record UserInfo(
+        int Id,
+        string Email,
+        string Pseudo,
+        string Role
+    );
+}

src/backend/src/FantasyRealm.Application/Interfaces/IAuthService.cs

@@ -15,5 +15,13 @@ public interface IAuthService
         /// <param name="cancellationToken">Cancellation token.</param>
         /// <returns>A result containing the registered user info or an error.</returns>
         Task<Result<RegisterResponse>> RegisterAsync(RegisterRequest request, CancellationToken cancellationToken = default);
+
+        /// <summary>
+        /// Authenticates a user and returns a JWT token.
+        /// </summary>
+        /// <param name="request">The login request containing credentials.</param>
+        /// <param name="cancellationToken">Cancellation token.</param>
+        /// <returns>A result containing the login response with token or an error.</returns>
+        Task<Result<LoginResponse>> LoginAsync(LoginRequest request, CancellationToken cancellationToken = default);
     }
 }

src/backend/src/FantasyRealm.Application/Interfaces/IJwtService.cs

@@ -0,0 +1,24 @@
+namespace FantasyRealm.Application.Interfaces
+{
+    /// <summary>
+    /// Service interface for JWT token operations.
+    /// </summary>
+    public interface IJwtService
+    {
+        /// <summary>
+        /// Generates a JWT token for the specified user.
+        /// </summary>
+        /// <param name="userId">The user's unique identifier.</param>
+        /// <param name="email">The user's email address.</param>
+        /// <param name="pseudo">The user's display name.</param>
+        /// <param name="role">The user's role.</param>
+        /// <returns>A signed JWT token string.</returns>
+        string GenerateToken(int userId, string email, string pseudo, string role);
+
+        /// <summary>
+        /// Gets the expiration date for a newly generated token.
+        /// </summary>
+        /// <returns>The UTC datetime when the token will expire.</returns>
+        DateTime GetExpirationDate();
+    }
+}

src/backend/src/FantasyRealm.Application/Interfaces/IUserRepository.cs

@@ -27,5 +27,13 @@ public interface IUserRepository
         /// Retrieves a role by its label.
         /// </summary>
         Task<Role?> GetRoleByLabelAsync(string label, CancellationToken cancellationToken = default);
+
+        /// <summary>
+        /// Retrieves a user by email address, including their role.
+        /// </summary>
+        /// <param name="email">The email address to search for (case-insensitive).</param>
+        /// <param name="cancellationToken">Cancellation token.</param>
+        /// <returns>The user with their role, or null if not found.</returns>
+        Task<User?> GetByEmailWithRoleAsync(string email, CancellationToken cancellationToken = default);
     }
 }