ShopSolution-backend/Webshop.Api/Controllers/Customers/OrdersController.cs

// src/Webshop.Api/Controllers/Customer/OrdersController.cs
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;
using Webshop.Application;
using Webshop.Application.DTOs.Orders;
using Webshop.Application.Services.Customers;

namespace Webshop.Api.Controllers.Customer
{
    [ApiController]
    [Route("api/v1/customer/[controller]")]
    [Authorize(Roles = "Customer")]
    public class OrdersController : ControllerBase
    {
        private readonly IOrderService _orderService;

        public OrdersController(IOrderService orderService)
        {
            _orderService = orderService;
        }

        [HttpGet]
        [ProducesResponseType(typeof(IEnumerable<OrderSummaryDto>), StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        public async Task<IActionResult> GetMyOrders()
        {
            var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
            if (string.IsNullOrEmpty(userId)) return Unauthorized();

            var result = await _orderService.GetMyOrdersAsync(userId);
            return Ok(result.Value);
        }

        [HttpGet("{id}")]
        [ProducesResponseType(typeof(OrderDetailDto), StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        [ProducesResponseType(StatusCodes.Status403Forbidden)]
        [ProducesResponseType(typeof(ProblemDetails), StatusCodes.Status404NotFound)]
        public async Task<IActionResult> GetMyOrderById(Guid id)
        {
            var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
            if (string.IsNullOrEmpty(userId)) return Unauthorized();

            var result = await _orderService.GetMyOrderByIdAsync(id, userId);

            return result.Type switch
            {
                ServiceResultType.Success => Ok(result.Value),
                ServiceResultType.Forbidden => Forbid(),
                ServiceResultType.NotFound => NotFound(new { Message = result.ErrorMessage }),
                _ => StatusCode(StatusCodes.Status500InternalServerError, "Ein unerwarteter Fehler ist aufgetreten.")
            };
        }

        // HINWEIS: Die Logik zur Erstellung einer Bestellung wurde in den CheckoutController verschoben,
        // da dies dem typischen Workflow entspricht. Falls du diesen Endpunkt hier dennoch benötigst,
        // kannst du ihn nach dem gleichen Muster wie im CheckoutController implementieren.
    }
}