Campaign_Tracker/Campaign_Tracker.Server/Controllers/AuthSessionController.cs

using System.Security.Claims;
using Campaign_Tracker.Server.Authentication;
using Campaign_Tracker.Server.Authorization;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace Campaign_Tracker.Server.Controllers;

[ApiController]
[Authorize]
[Route("api/auth/session")]
public sealed class AuthSessionController : ControllerBase
{
    [HttpGet]
    public ActionResult<AuthSessionResponse> Get()
    {
        var roles = ApplicationRole.NormalizeMany(
            User.FindAll(ClaimTypes.Role).Select(claim => claim.Value));
        var userName = User.Identity?.Name
            ?? User.FindFirstValue(ClaimTypes.NameIdentifier)
            ?? "unknown";

        return Ok(new AuthSessionResponse(
            userName,
            roles,
            RoleWorkspaceResolver.ResolveWorkspacePath(roles)));
    }
}

public sealed record AuthSessionResponse(
    string UserName,
    string[] Roles,
    string WorkspacePath);