From 789e55e79d3adbc86379b2c63257b8c895fe0478 Mon Sep 17 00:00:00 2001
From: Jonathan Bourdon <lowrad000@gmail.com>
Date: Fri, 6 Feb 2026 01:06:16 -0500
Subject: [PATCH] feat(auth): used FastEndpoint facilities instead of custom
 solution

---
 .../Features/Auth/Endpoints/LoginEndpoint.cs  | 31 +++++++++----------
 1 file changed, 15 insertions(+), 16 deletions(-)

diff --git a/src/TrackApi/TrackQrApi/Features/Auth/Endpoints/LoginEndpoint.cs b/src/TrackApi/TrackQrApi/Features/Auth/Endpoints/LoginEndpoint.cs
index 993cb33..c045294 100644
--- a/src/TrackApi/TrackQrApi/Features/Auth/Endpoints/LoginEndpoint.cs
+++ b/src/TrackApi/TrackQrApi/Features/Auth/Endpoints/LoginEndpoint.cs
@@ -2,6 +2,7 @@ using System.IdentityModel.Tokens.Jwt;
 using System.Security.Claims;
 using System.Text;
 using FastEndpoints;
+using FastEndpoints.Security;
 using FluentValidation;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Options;
@@ -58,26 +59,24 @@ public class LoginEndpoint(AppDbContext db, IOptions<JwtSettings> jwtSettings)
         Logger.LogInformation("User logged in: {Email}", normalizedEmail);
 
         var expiresAt = DateTime.UtcNow.AddMinutes(_jwtSettings.ExpirationMinutes);
-        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Secret));
-        var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
 
-        var claims = new[]
+        var jwtToken = JwtBearer.CreateToken(o =>
         {
-            new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
-            new Claim(JwtRegisteredClaimNames.Email, user.Email),
-            new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
-        };
-
-        var token = new JwtSecurityToken(
-            _jwtSettings.Issuer,
-            _jwtSettings.Audience,
-            claims,
-            expires: expiresAt,
-            signingCredentials: credentials
-        );
+            o.SigningKey = _jwtSettings.Secret;
+            o.Issuer = _jwtSettings.Issuer;
+            o.Audience = _jwtSettings.Audience;
+            o.ExpireAt = expiresAt;
+            //o.User.Roles.Add("Manager", "Auditor");
+            o.User.Claims.Add(
+                new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
+                new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
+                new Claim(JwtRegisteredClaimNames.Email, user.Email),
+                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
+            );
+        });
 
         var response = new AuthResponse(
-            new JwtSecurityTokenHandler().WriteToken(token),
+            jwtToken,
             expiresAt,
             new UserInfo(user.Id, user.Email, user.VerifiedAt.HasValue)
         );