Website/BlazorApp/Endpoints/DeveloperEndpoints.cs

using SilverLabs.Website.Models;
using SilverLabs.Website.Services;

namespace SilverLabs.Website.Endpoints;

public static class DeveloperEndpoints
{
    public static void MapDeveloperEndpoints(this WebApplication app)
    {
        var group = app.MapGroup("/api/developers");

        group.MapPost("/apply", async (DeveloperApplication application, DeveloperApplicationService service) =>
        {
            var (success, message) = await service.SubmitApplicationAsync(application);
            return success
                ? Results.Ok(new { message })
                : Results.Problem(message, statusCode: 502);
        });

        group.MapPost("/approve/{ticketId:int}", async (
            int ticketId,
            ApproveRequest request,
            ProvisioningService service,
            HttpContext context,
            IConfiguration config) =>
        {
            var apiKey = context.Request.Headers["X-Api-Key"].FirstOrDefault();
            var expectedKey = config["AdminApiKey"];

            if (string.IsNullOrEmpty(expectedKey) || apiKey != expectedKey)
                return Results.Unauthorized();

            var (success, message) = await service.ApproveApplicationAsync(
                ticketId, request.Username, request.Email, request.FullName);

            return success
                ? Results.Ok(new { message })
                : Results.Problem(message, statusCode: 502);
        });
    }
}

public record ApproveRequest(string Username, string Email, string FullName);