feat: integrate authentication and password management features, including bcrypt for hashing and NextAuth for session handling

2025-11-30 08:04:06 +01:00
parent 7cb1d5f433
commit d663fbcbd0
30 changed files with 3287 additions and 4164 deletions
--- a/app/api/auth/[...nextauth]/route.ts
+++ b/app/api/auth/[...nextauth]/route.ts
@@ -0,0 +1,7 @@
+import NextAuth from "next-auth";
+import { authOptions } from "@/lib/auth";
+
+const handler = NextAuth(authOptions);
+
+export { handler as GET, handler as POST };
+
--- a/app/api/auth/change-password/route.ts
+++ b/app/api/auth/change-password/route.ts
@@ -0,0 +1,52 @@
+import { NextRequest, NextResponse } from "next/server";
+import { getServerSession } from "next-auth";
+import { authOptions } from "@/lib/auth";
+import { authService } from "@/services/auth.service";
+
+export async function POST(request: NextRequest) {
+  try {
+    // Verify user is authenticated
+    const session = await getServerSession(authOptions);
+    if (!session) {
+      return NextResponse.json(
+        { success: false, error: "Non authentifié" },
+        { status: 401 }
+      );
+    }
+
+    const body = await request.json();
+    const { oldPassword, newPassword } = body;
+
+    if (!oldPassword || !newPassword) {
+      return NextResponse.json(
+        { success: false, error: "Mot de passe requis" },
+        { status: 400 }
+      );
+    }
+
+    if (newPassword.length < 4) {
+      return NextResponse.json(
+        { success: false, error: "Le mot de passe doit contenir au moins 4 caractères" },
+        { status: 400 }
+      );
+    }
+
+    const result = await authService.changePassword(oldPassword, newPassword);
+    
+    if (!result.success) {
+      return NextResponse.json(
+        { success: false, error: result.error },
+        { status: 400 }
+      );
+    }
+
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error("Error changing password:", error);
+    return NextResponse.json(
+      { success: false, error: "Erreur lors du changement de mot de passe" },
+      { status: 500 }
+    );
+  }
+}
+
--- a/app/api/backups/[id]/restore/route.ts
+++ b/app/api/backups/[id]/restore/route.ts
@@ -1,10 +1,13 @@
 import { NextRequest, NextResponse } from "next/server";
 import { backupService } from "@/services/backup.service";
+import { requireAuth } from "@/lib/auth-utils";

 export async function POST(
  request: NextRequest,
  { params }: { params: Promise<{ id: string }> | { id: string } }
 ) {
+  const authError = await requireAuth();
+  if (authError) return authError;
  try {
    const resolvedParams = params instanceof Promise ? await params : params;
    await backupService.restoreBackup(resolvedParams.id);
--- a/app/api/backups/[id]/route.ts
+++ b/app/api/backups/[id]/route.ts
@@ -1,10 +1,13 @@
 import { NextRequest, NextResponse } from "next/server";
 import { backupService } from "@/services/backup.service";
+import { requireAuth } from "@/lib/auth-utils";

 export async function DELETE(
  request: NextRequest,
  { params }: { params: Promise<{ id: string }> | { id: string } }
 ) {
+  const authError = await requireAuth();
+  if (authError) return authError;
  try {
    const resolvedParams = params instanceof Promise ? await params : params;
    await backupService.deleteBackup(resolvedParams.id);
--- a/app/api/backups/auto/route.ts
+++ b/app/api/backups/auto/route.ts
@@ -1,7 +1,10 @@
 import { NextRequest, NextResponse } from "next/server";
 import { backupService } from "@/services/backup.service";
+import { requireAuth } from "@/lib/auth-utils";

 export async function POST(_request: NextRequest) {
+  const authError = await requireAuth();
+  if (authError) return authError;
  try {
    // Check if automatic backup should run
    const shouldRun = await backupService.shouldRunAutomaticBackup();
--- a/app/api/backups/route.ts
+++ b/app/api/backups/route.ts
@@ -1,7 +1,11 @@
 import { NextRequest, NextResponse } from "next/server";
 import { backupService } from "@/services/backup.service";
+import { requireAuth } from "@/lib/auth-utils";

 export async function GET() {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const backups = await backupService.getAllBackups();
    return NextResponse.json({ success: true, data: backups });
@@ -15,6 +19,9 @@ export async function GET() {
 }

 export async function POST(request: NextRequest) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const body = await request.json().catch(() => ({}));
    const force = body.force === true; // Only allow force for manual backups
--- a/app/api/backups/settings/route.ts
+++ b/app/api/backups/settings/route.ts
@@ -1,7 +1,10 @@
 import { NextRequest, NextResponse } from "next/server";
 import { backupService } from "@/services/backup.service";
+import { requireAuth } from "@/lib/auth-utils";

 export async function GET() {
+  const authError = await requireAuth();
+  if (authError) return authError;
  try {
    const settings = await backupService.getSettings();
    return NextResponse.json({ success: true, data: settings });
@@ -15,6 +18,9 @@ export async function GET() {
 }

 export async function PUT(request: NextRequest) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const body = await request.json();
    const settings = await backupService.updateSettings(body);
--- a/app/api/banking/accounts/route.ts
+++ b/app/api/banking/accounts/route.ts
@@ -1,8 +1,12 @@
 import { NextResponse } from "next/server";
 import { accountService } from "@/services/account.service";
+import { requireAuth } from "@/lib/auth-utils";
 import type { Account } from "@/lib/types";

 export async function POST(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const data: Omit<Account, "id"> = await request.json();
    const created = await accountService.create(data);
@@ -17,6 +21,9 @@ export async function POST(request: Request) {
 }

 export async function PUT(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const account: Account = await request.json();
    const updated = await accountService.update(account.id, account);
@@ -31,6 +38,9 @@ export async function PUT(request: Request) {
 }

 export async function DELETE(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const { searchParams } = new URL(request.url);
    const id = searchParams.get("id");
--- a/app/api/banking/categories/route.ts
+++ b/app/api/banking/categories/route.ts
@@ -1,8 +1,11 @@
 import { NextResponse } from "next/server";
 import { categoryService } from "@/services/category.service";
+import { requireAuth } from "@/lib/auth-utils";
 import type { Category } from "@/lib/types";

 export async function POST(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
  try {
    const data: Omit<Category, "id"> = await request.json();
    const created = await categoryService.create(data);
@@ -17,6 +20,9 @@ export async function POST(request: Request) {
 }

 export async function PUT(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const category: Category = await request.json();
    const updated = await categoryService.update(category.id, category);
@@ -31,6 +37,9 @@ export async function PUT(request: Request) {
 }

 export async function DELETE(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const { searchParams } = new URL(request.url);
    const id = searchParams.get("id");
--- a/app/api/banking/folders/route.ts
+++ b/app/api/banking/folders/route.ts
@@ -1,8 +1,11 @@
 import { NextResponse } from "next/server";
 import { folderService, FolderNotFoundError } from "@/services/folder.service";
+import { requireAuth } from "@/lib/auth-utils";
 import type { Folder } from "@/lib/types";

 export async function POST(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
  try {
    const data: Omit<Folder, "id"> = await request.json();
    const created = await folderService.create(data);
@@ -17,6 +20,9 @@ export async function POST(request: Request) {
 }

 export async function PUT(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const folder: Folder = await request.json();
    const updated = await folderService.update(folder.id, folder);
@@ -31,6 +37,9 @@ export async function PUT(request: Request) {
 }

 export async function DELETE(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const { searchParams } = new URL(request.url);
    const id = searchParams.get("id");
--- a/app/api/banking/route.ts
+++ b/app/api/banking/route.ts
@@ -1,7 +1,11 @@
 import { NextResponse } from "next/server";
 import { bankingService } from "@/services/banking.service";
+import { requireAuth } from "@/lib/auth-utils";

 export async function GET() {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const data = await bankingService.getAllData();
    return NextResponse.json(data);
--- a/app/api/banking/transactions/clear-categories/route.ts
+++ b/app/api/banking/transactions/clear-categories/route.ts
@@ -1,7 +1,10 @@
 import { NextResponse } from "next/server";
 import { prisma } from "@/lib/prisma";
+import { requireAuth } from "@/lib/auth-utils";

 export async function POST() {
+  const authError = await requireAuth();
+  if (authError) return authError;
  try {
    const result = await prisma.transaction.updateMany({
      where: {
--- a/app/api/banking/transactions/route.ts
+++ b/app/api/banking/transactions/route.ts
@@ -1,8 +1,11 @@
 import { NextResponse } from "next/server";
 import { transactionService } from "@/services/transaction.service";
+import { requireAuth } from "@/lib/auth-utils";
 import type { Transaction } from "@/lib/types";

 export async function POST(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
  try {
    const transactions: Transaction[] = await request.json();
    const result = await transactionService.createMany(transactions);
@@ -17,6 +20,9 @@ export async function POST(request: Request) {
 }

 export async function PUT(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const transaction: Transaction = await request.json();
    const updated = await transactionService.update(
@@ -34,6 +40,9 @@ export async function PUT(request: Request) {
 }

 export async function DELETE(request: Request) {
+  const authError = await requireAuth();
+  if (authError) return authError;
+
  try {
    const { searchParams } = new URL(request.url);
    const id = searchParams.get("id");
--- a/app/layout.tsx
+++ b/app/layout.tsx
@@ -2,6 +2,7 @@ import type React from "react";
 import type { Metadata } from "next";
 import { Geist, Geist_Mono } from "next/font/google";
 import "./globals.css";
+import { AuthSessionProvider } from "@/components/providers/session-provider";

 const _geist = Geist({ subsets: ["latin"] });
 const _geistMono = Geist_Mono({ subsets: ["latin"] });
@@ -20,7 +21,9 @@ export default function RootLayout({
 }>) {
  return (
    <html lang="fr">
-      <body className="font-sans antialiased">{children}</body>
+      <body className="font-sans antialiased">
+        <AuthSessionProvider>{children}</AuthSessionProvider>
+      </body>
    </html>
  );
 }
--- a/app/login/page.tsx
+++ b/app/login/page.tsx
@@ -0,0 +1,95 @@
+"use client";
+
+import { useState } from "react";
+import { signIn } from "next-auth/react";
+import { useRouter } from "next/navigation";
+import { Button } from "@/components/ui/button";
+import { Input } from "@/components/ui/input";
+import { Label } from "@/components/ui/label";
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardHeader,
+  CardTitle,
+} from "@/components/ui/card";
+import { Lock } from "lucide-react";
+import { toast } from "sonner";
+
+export default function LoginPage() {
+  const [password, setPassword] = useState("");
+  const [loading, setLoading] = useState(false);
+  const router = useRouter();
+
+  const handleSubmit = async (e: React.FormEvent) => {
+    e.preventDefault();
+    setLoading(true);
+
+    try {
+      const result = await signIn("credentials", {
+        password,
+        redirect: false,
+      });
+
+      if (result?.error) {
+        toast.error("Mot de passe incorrect");
+        setPassword("");
+      } else {
+        toast.success("Connexion réussie");
+        router.push("/");
+        router.refresh();
+      }
+    } catch {
+      toast.error("Erreur lors de la connexion");
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  return (
+    <div className="min-h-screen flex items-center justify-center bg-[var(--background)] p-4">
+      <Card className="w-full max-w-md">
+        <CardHeader className="space-y-1">
+          <div className="flex items-center justify-center mb-4">
+            <Lock className="w-12 h-12 text-[var(--primary)]" />
+          </div>
+          <CardTitle className="text-2xl text-center">
+            Accès protégé
+          </CardTitle>
+          <CardDescription className="text-center">
+            Entrez le mot de passe pour accéder à l'application
+          </CardDescription>
+        </CardHeader>
+        <CardContent>
+          <form onSubmit={handleSubmit} className="space-y-4">
+            <div className="space-y-2">
+              <Label htmlFor="password">Mot de passe</Label>
+              <Input
+                id="password"
+                type="password"
+                value={password}
+                onChange={(e) => setPassword(e.target.value)}
+                placeholder="Entrez le mot de passe"
+                disabled={loading}
+                autoFocus
+                onKeyDown={(e) => {
+                  if (e.key === "Enter") {
+                    handleSubmit(e);
+                  }
+                }}
+              />
+            </div>
+            <Button
+              type="submit"
+              className="w-full"
+              disabled={loading || !password}
+            >
+              {loading ? "Connexion..." : "Se connecter"}
+            </Button>
+          </form>
+        </CardContent>
+      </Card>
+    </div>
+  );
+}
+
--- a/app/settings/page.tsx
+++ b/app/settings/page.tsx
@@ -7,6 +7,7 @@ import {
  DangerZoneCard,
  OFXInfoCard,
  BackupCard,
+  PasswordCard,
 } from "@/components/settings";
 import { useBankingData } from "@/lib/hooks";
 import type { BankingData } from "@/lib/types";
@@ -107,6 +108,8 @@ export default function SettingsPage() {

        <BackupCard />

+        <PasswordCard />
+
        <DangerZoneCard
          categorizedCount={categorizedCount}
          onClearCategories={clearAllCategories}