changes

Webshop.Api/Controllers/Admin/AdminProductsController.cs

@@ -0,0 +1,62 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Webshop.Application.DTOs; // ProductDto and AdminProductDto
+using Webshop.Application.Services.Admin;
+
+namespace Webshop.Api.Controllers.Admin
+{
+    [ApiController]
+    [Route("api/v1/admin/[controller]")] // z.B. /api/v1/admin/products
+    [Authorize(Roles = "Admin")] // Nur Benutzer mit der Rolle "Admin" dürfen zugreifen
+    public class AdminProductsController : ControllerBase
+    {
+        private readonly AdminProductService _adminProductService;
+
+        public AdminProductsController(AdminProductService adminProductService)
+        {
+            _adminProductService = adminProductService;
+        }
+
+        [HttpGet] // /api/v1/admin/products
+        public async Task<ActionResult<IEnumerable<AdminProductDto>>> GetAdminProducts()
+        {
+            var products = await _adminProductService.GetAllAdminProductsAsync();
+            return Ok(products);
+        }
+
+        [HttpGet("{id}")] // /api/v1/admin/products/{id}
+        public async Task<ActionResult<AdminProductDto>> GetAdminProduct(Guid id)
+        {
+            var product = await _adminProductService.GetAdminProductByIdAsync(id);
+            if (product == null) return NotFound();
+            return Ok(product);
+        }
+
+        [HttpPost] // /api/v1/admin/products
+        public async Task<ActionResult<AdminProductDto>> CreateAdminProduct([FromBody] AdminProductDto productDto)
+        {
+            if (!ModelState.IsValid) return BadRequest(ModelState);
+            var createdProduct = await _adminProductService.CreateAdminProductAsync(productDto);
+            return CreatedAtAction(nameof(GetAdminProduct), new { id = createdProduct.Id }, createdProduct);
+        }
+
+        [HttpPut("{id}")] // /api/v1/admin/products/{id}
+        public async Task<IActionResult> UpdateAdminProduct(Guid id, [FromBody] AdminProductDto productDto)
+        {
+            if (id != productDto.Id) return BadRequest();
+            if (!ModelState.IsValid) return BadRequest(ModelState);
+
+            var success = await _adminProductService.UpdateAdminProductAsync(productDto);
+            if (!success) return NotFound();
+            return NoContent();
+        }
+
+        [HttpDelete("{id}")] // /api/v1/admin/products/{id}
+        public async Task<IActionResult> DeleteAdminProduct(Guid id)
+        {
+            var success = await _adminProductService.DeleteAdminProductAsync(id);
+            if (!success) return NotFound();
+            return NoContent();
+        }
+    }
+}

Webshop.Api/Controllers/Admin/AdminUsersController.cs

@@ -0,0 +1,36 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Webshop.Application.DTOs.Users; // UserDto
+using Webshop.Application.Services.Admin;
+
+namespace Webshop.Api.Controllers.Admin
+{
+    [ApiController]
+    [Route("api/v1/admin/[controller]")] // z.B. /api/v1/admin/users
+    [Authorize(Roles = "Admin")] // Nur Benutzer mit der Rolle "Admin" dürfen zugreifen
+    public class AdminUsersController : ControllerBase
+    {
+        private readonly AdminUserService _adminUserService;
+
+        public AdminUsersController(AdminUserService adminUserService)
+        {
+            _adminUserService = adminUserService;
+        }
+
+        [HttpGet] // /api/v1/admin/users
+        public async Task<ActionResult<IEnumerable<UserDto>>> GetAllUsers()
+        {
+            var users = await _adminUserService.GetAllUsersAsync();
+            return Ok(users);
+        }
+
+        [HttpGet("{userId}")] // /api/v1/admin/users/{userId}
+        public async Task<ActionResult<UserDto>> GetUserById(string userId)
+        {
+            var user = await _adminUserService.GetUserByIdAsync(userId);
+            if (user == null) return NotFound();
+            return Ok(user);
+        }
+        // TODO: Hier könnten weitere Methoden für User-Verwaltung (Rollen ändern, löschen etc.) hinzukommen
+    }
+}

Webshop.Api/Controllers/Auth/AuthController.cs

@@ -0,0 +1,49 @@
+using Microsoft.AspNetCore.Mvc;
+using Webshop.Application.DTOs.Auth;
+using Webshop.Application.Services.Auth;
+using Microsoft.AspNetCore.Authorization;
+
+namespace Webshop.Api.Controllers.Auth // Beachten Sie den Namespace
+{
+    [ApiController]
+    [Route("api/v1/[controller]")] // z.B. /api/v1/auth
+    public class AuthController : ControllerBase
+    {
+        private readonly IAuthService _authService;
+
+        public AuthController(IAuthService authService)
+        {
+            _authService = authService;
+        }
+
+        [HttpPost("register")] // /api/v1/auth/register (für Kunden)
+        [AllowAnonymous] // Jeder darf sich registrieren
+        public async Task<IActionResult> Register([FromBody] RegisterRequestDto request)
+        {
+            if (!ModelState.IsValid) return BadRequest(ModelState);
+            var result = await _authService.RegisterUserAsync(request);
+            if (!result.IsAuthSuccessful) return BadRequest(new { Message = result.ErrorMessage });
+            return Ok(result);
+        }
+
+        [HttpPost("login/customer")] // /api/v1/auth/login/customer (für Kunden-Login)
+        [AllowAnonymous]
+        public async Task<IActionResult> LoginCustomer([FromBody] LoginRequestDto request)
+        {
+            if (!ModelState.IsValid) return BadRequest(ModelState);
+            var result = await _authService.LoginUserAsync(request);
+            if (!result.IsAuthSuccessful) return Unauthorized(new { Message = result.ErrorMessage });
+            return Ok(result);
+        }
+
+        [HttpPost("login/admin")] // /api/v1/auth/login/admin (für Admin-Dashboard Login)
+        [AllowAnonymous]
+        public async Task<IActionResult> LoginAdmin([FromBody] LoginRequestDto request)
+        {
+            if (!ModelState.IsValid) return BadRequest(ModelState);
+            var result = await _authService.LoginAdminAsync(request);
+            if (!result.IsAuthSuccessful) return Unauthorized(new { Message = result.ErrorMessage });
+            return Ok(result);
+        }
+    }
+}

Webshop.Api/Controllers/Customer/OrdersController.cs

@@ -0,0 +1,23 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+// using Webshop.Application.DTOs.Orders; // Später erstellen
+// using Webshop.Application.Services.Customer; // Später erstellen
+
+namespace Webshop.Api.Controllers.Customer // Beachten Sie den Namespace
+{
+    [ApiController]
+    [Route("api/v1/customer/[controller]")] // z.B. /api/v1/customer/orders
+    [Authorize(Roles = "Customer")] // Nur Benutzer mit der Rolle "Customer" dürfen zugreifen
+    public class OrdersController : ControllerBase
+    {
+        // Beispiel-Endpunkt für eingeloggte Kunden
+        [HttpGet("my-orders")]
+        public async Task<IActionResult> GetMyOrders()
+        {
+            // Hier würden Sie die Bestellungen des eingeloggten Benutzers abrufen.
+            // Die Benutzer-ID können Sie über User.FindFirstValue(ClaimTypes.NameIdentifier) abrufen.
+            // return Ok(await _orderService.GetOrdersForCurrentUserAsync(User.FindFirstValue(ClaimTypes.NameIdentifier)));
+            return Ok(new { Message = "Dies sind Ihre Bestellungen (Platzhalter)." });
+        }
+    }
+}

Webshop.Api/Controllers/ProductsController.cs

@@ -1,34 +0,0 @@
-// src/Webshop.Api/Controllers/ProductsController.cs
-using Microsoft.AspNetCore.Mvc;
-using Webshop.Application.DTOs;
-using Webshop.Application.Services;
-
-namespace Webshop.Api.Controllers
-{
-    [ApiController]
-    [Route("api/[controller]")]
-    public class ProductsController : ControllerBase
-    {
-        private readonly ProductService _productService;
-
-        public ProductsController(ProductService productService)
-        {
-            _productService = productService;
-        }
-
-        [HttpGet]
-        public async Task<ActionResult<IEnumerable<ProductDto>>> GetAllProducts()
-        {
-            var products = await _productService.GetAllProductsAsync();
-            return Ok(products);
-        }
-
-        [HttpPost]
-        public async Task<ActionResult<ProductDto>> CreateProduct([FromBody] ProductDto productDto)
-        {
-            var createdProduct = await _productService.CreateProductAsync(productDto);
-
-            return CreatedAtAction(nameof(GetAllProducts), new { id = createdProduct.Id }, createdProduct);
-        }
-    }
-}

Webshop.Api/Controllers/Public/ProductsController.cs

@@ -0,0 +1,29 @@
+using Microsoft.AspNetCore.Mvc;
+using Webshop.Application.DTOs; // ProductDto
+using Webshop.Application.Services.Public; // ProductCatalogService
+using Microsoft.AspNetCore.Authorization;
+
+namespace Webshop.Api.Controllers.Public // Beachten Sie den Namespace
+{
+    [ApiController]
+    [Route("api/v1/public/[controller]")] // z.B. /api/v1/public/products
+    [AllowAnonymous] // Jeder darf hier zugreifen (Gast oder eingeloggter User)
+    public class ProductsController : ControllerBase
+    {
+        private readonly ProductService _productCatalogService; // Umbenannt
+
+        public ProductsController(ProductService productCatalogService) // Injiziert den umbenannten Service
+        {
+            _productCatalogService = productCatalogService;
+        }
+
+        [HttpGet] // /api/v1/public/products
+        public async Task<ActionResult<IEnumerable<ProductDto>>> GetAllProducts()
+        {
+            var products = await _productCatalogService.GetAllProductsAsync(); // Ruft Service-Methode auf
+            return Ok(products);
+        }
+        // Keine POST, PUT, DELETE hier für öffentliche Zugriffe.
+        // Diese gehören in den AdminProductsController.
+    }
+}