Add: get auth user endpoint

Author: tatevikg1

src/Identity/Controller/SessionController.php

@@ -12,6 +12,7 @@
 use PhpList\RestBundle\Common\Controller\BaseController;
 use PhpList\RestBundle\Common\Validator\RequestValidator;
 use PhpList\RestBundle\Identity\Request\CreateSessionRequest;
+use PhpList\RestBundle\Identity\Serializer\AdministratorNormalizer;
 use PhpList\RestBundle\Identity\Serializer\AdministratorTokenNormalizer;
 use Symfony\Bridge\Doctrine\Attribute\MapEntity;
 use Symfony\Component\HttpFoundation\JsonResponse;
@@ -36,6 +37,7 @@ public function __construct(
         RequestValidator $validator,
         SessionManager $sessionManager,
         private readonly EntityManagerInterface $entityManager,
+        private readonly AdministratorNormalizer $normalizer,
     ) {
         parent::__construct($authentication, $validator);
 
@@ -170,4 +172,46 @@ public function deleteSession(
 
         return $this->json(null, Response::HTTP_NO_CONTENT);
     }
+
+    #[Route('/me', name: 'me', methods: ['GET'])]
+    #[OA\Get(
+        path: '/api/v2/sessions/me',
+        description: '🚧 **Status: Beta** – This method is under development. Avoid using in production. ' .
+        'Get auth user data.',
+        summary: 'Get auth user data.',
+        tags: ['sessions'],
+        parameters: [
+            new OA\Parameter(
+                name: 'php-auth-pw',
+                description: 'Session key obtained from login',
+                in: 'header',
+                required: true,
+                schema: new OA\Schema(type: 'string')
+            ),
+        ],
+        responses: [
+            new OA\Response(
+                response: 200,
+                description: 'Administrator found',
+                content: new OA\JsonContent(ref: '#/components/schemas/Administrator')
+            ),
+            new OA\Response(
+                response: 401,
+                description: 'Failure',
+                content: new OA\JsonContent(
+                    properties: [
+                        new OA\Property(property: 'message', type: 'string', example: 'Not authorized.')
+                    ]
+                )
+            )
+        ]
+    )]
+    public function getSessionUser(Request $request): JsonResponse
+    {
+        $administrator = $this->requireAuthentication($request);
+
+        $json = $this->normalizer->normalize($administrator, 'json');
+
+        return $this->json($json, Response::HTTP_OK);
+    }
 }

tests/Integration/Identity/Controller/SessionControllerTest.php

@@ -227,4 +227,32 @@ public function testDeleteSessionWithNoSuchSessionReturns404(): void
         $this->authenticatedJsonRequest('DELETE', '/api/v2/sessions/999999');
         $this->assertHttpNotFound();
     }
+
+    public function testGetSessionUserWithoutAuthenticationReturnsForbiddenStatus(): void
+    {
+        self::getClient()->request('GET', '/api/v2/sessions/me');
+
+        $this->assertHttpForbidden();
+    }
+
+    public function testGetSessionUserWithAuthenticationReturnsOkayStatus(): void
+    {
+        $this->loadFixtures([AdministratorFixture::class, AdministratorTokenFixture::class]);
+        $this->authenticatedJsonRequest('GET', '/api/v2/sessions/me');
+
+        $this->assertHttpOkay();
+    }
+
+    public function testGetSessionUserWithAuthenticationReturnsAdministratorData(): void
+    {
+        $this->loadFixtures([AdministratorFixture::class, AdministratorTokenFixture::class]);
+        $this->authenticatedJsonRequest('GET', '/api/v2/sessions/me');
+
+        $data = $this->getDecodedJsonResponseContent();
+
+        self::assertSame(1, $data['id']);
+        self::assertSame('john.doe', $data['login_name']);
+        self::assertSame('john@example.com', $data['email']);
+        self::assertTrue($data['super_user']);
+    }
 }