Fishing2Server/Hotfix/Api/PlayerController.cs

using Fantasy;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace NBF.Controllers
{
    [ApiController]
    [Route("api/[controller]")]
    public class PlayerController : ControllerBase
    {
        private readonly Scene _scene;
        private readonly IPlayerService _playerService;

        public PlayerController(Scene scene, IPlayerService playerService)
        {
            _scene = scene;
            _playerService = playerService;
        }

        /// <summary>
        /// 获取玩家信息（需要认证）
        /// </summary>
        [HttpGet("{playerId}")]
        [Authorize(Policy = "Player")]
        public async Task<IActionResult> GetPlayer(long playerId)
        {
            var player = await _playerService.GetPlayerAsync(playerId);
            if (player == null)
            {
                return NotFound(new { error = "Player not found" });
            }

            return Ok(new
            {
                playerId = player.Id,
                name = player.Name,
                level = player.Level,
                exp = player.Exp
            });
        }

        /// <summary>
        /// 登录接口（无需认证）
        /// </summary>
        [HttpPost("login")]
        [AllowAnonymous]
        public async Task<IActionResult> Login([FromBody] LoginRequest request)
        {
            var (success, token, playerId) = await _playerService.LoginAsync(
                request.Username, request.Password);

            if (!success)
            {
                return Unauthorized(new { error = "Invalid credentials" });
            }

            return Ok(new
            {
                token = token,
                playerId = playerId,
                expiresIn = 3600
            });
        }

        /// <summary>
        /// 管理员接口（需要 Admin 角色）
        /// </summary>
        [HttpPost("ban/{playerId}")]
        [Authorize(Policy = "Admin")]
        public async Task<IActionResult> BanPlayer(long playerId, [FromBody] BanRequest request)
        {
            await _playerService.BanPlayerAsync(playerId, request.Reason, request.Duration);

            return Ok(new { message = "Player banned successfully" });
        }
    }

    public class LoginRequest
    {
        public string Username { get; set; }
        public string Password { get; set; }
    }

    public class BanRequest
    {
        public string Reason { get; set; }
        public int Duration { get; set; } // 分钟
    }
}