From dffda6d618722d09d19de1cece5ab5d72451fec5 Mon Sep 17 00:00:00 2001
From: Cursor Agent <cursoragent@cursor.com>
Date: Fri, 27 Feb 2026 07:55:23 +0000
Subject: [PATCH] feat(auth): add AuthStateService for role-based redirects

- Create Services/AuthStateService.cs with Login/Logout/GetPortalUrl
- Register as singleton in Program.cs

Co-authored-by: Velik <hongochai10@users.noreply.github.com>
---
 .../src/WebClientTpos.Client/Program.cs       |  4 ++
 .../Services/AuthStateService.cs              | 38 +++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 apps/web-client-tpos-net/src/WebClientTpos.Client/Services/AuthStateService.cs

diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Program.cs b/apps/web-client-tpos-net/src/WebClientTpos.Client/Program.cs
index db681304..e2fbb2bf 100644
--- a/apps/web-client-tpos-net/src/WebClientTpos.Client/Program.cs
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Program.cs
@@ -20,6 +20,10 @@ builder.Services.AddSingleton(sp => new HttpClient { BaseAddress = new Uri(new U
 // VI: Thêm POS data service cho BFF API calls
 builder.Services.AddScoped<WebClientTpos.Client.Services.PosDataService>();
 
+// EN: Add auth state service for role-based redirects
+// VI: Thêm auth state service cho điều hướng theo vai trò
+builder.Services.AddSingleton<WebClientTpos.Client.Services.AuthStateService>();
+
 // EN: Add MudBlazor services
 // VI: Thêm các services của MudBlazor
 builder.Services.AddMudServices();
diff --git a/apps/web-client-tpos-net/src/WebClientTpos.Client/Services/AuthStateService.cs b/apps/web-client-tpos-net/src/WebClientTpos.Client/Services/AuthStateService.cs
new file mode 100644
index 00000000..94aaa91c
--- /dev/null
+++ b/apps/web-client-tpos-net/src/WebClientTpos.Client/Services/AuthStateService.cs
@@ -0,0 +1,38 @@
+namespace WebClientTpos.Client.Services;
+
+public class AuthStateService
+{
+    public bool IsAuthenticated { get; private set; }
+    public string? UserEmail { get; private set; }
+    public string? UserRole { get; private set; } // "owner", "staff", "customer", "branch"
+    public string? Token { get; private set; }
+
+    public event Action? OnChange;
+
+    public void Login(string email, string token, string role)
+    {
+        IsAuthenticated = true;
+        UserEmail = email;
+        Token = token;
+        UserRole = role;
+        OnChange?.Invoke();
+    }
+
+    public void Logout()
+    {
+        IsAuthenticated = false;
+        UserEmail = null;
+        Token = null;
+        UserRole = null;
+        OnChange?.Invoke();
+    }
+
+    public string GetPortalUrl() => UserRole switch
+    {
+        "owner" or "admin" => "/admin",
+        "staff" => "/pos/cafe",
+        "branch" => "/admin",
+        "customer" => "/app",
+        _ => "/auth/login"
+    };
+}