feat: enhance evaluation loading with cookie authentication

- Updated the GET method in the evaluations route to support user authentication via cookies, improving security and user experience. - Added compatibility for legacy parameter-based authentication to ensure backward compatibility. - Refactored the useEvaluation hook to load user profiles from cookies instead of localStorage, streamlining the authentication process. - Introduced a new method in EvaluationService to retrieve user profiles by ID, enhancing data retrieval efficiency. - Updated ApiClient to handle cookie-based requests for loading evaluations, ensuring proper session management.
2025-08-21 11:55:50 +02:00
parent 5cb2bad992
commit 45fb1148ae
6 changed files with 270 additions and 32 deletions
--- a/services/api-client.ts
+++ b/services/api-client.ts
@@ -16,18 +16,28 @@ export class ApiClient {

  /**
   * Charge une évaluation utilisateur depuis l'API
+   * Si profile est fourni, utilise les paramètres (mode compatibilité)
+   * Sinon, utilise l'authentification par cookie
   */
  async loadUserEvaluation(
-    profile: UserProfile
+    profile?: UserProfile
  ): Promise<UserEvaluation | null> {
    try {
-      const params = new URLSearchParams({
-        firstName: profile.firstName,
-        lastName: profile.lastName,
-        teamId: profile.teamId,
-      });
+      let url = `${this.baseUrl}/api/evaluations`;
+      
+      // Mode compatibilité avec profile en paramètres
+      if (profile) {
+        const params = new URLSearchParams({
+          firstName: profile.firstName,
+          lastName: profile.lastName,
+          teamId: profile.teamId,
+        });
+        url += `?${params}`;
+      }

-      const response = await fetch(`${this.baseUrl}/api/evaluations?${params}`);
+      const response = await fetch(url, {
+        credentials: "same-origin", // Pour inclure les cookies
+      });

      if (!response.ok) {
        throw new Error("Erreur lors du chargement de l'évaluation");
@@ -52,6 +62,7 @@ export class ApiClient {
          "Content-Type": "application/json",
        },
        body: JSON.stringify({ evaluation }),
+        credentials: "same-origin",
      });

      if (!response.ok) {
@@ -165,6 +176,7 @@ export class ApiClient {
          skillId,
          ...options,
        }),
+        credentials: "same-origin",
      });

      if (!response.ok) {
--- a/services/evaluation-service.ts
+++ b/services/evaluation-service.ts
@@ -66,6 +66,37 @@ export class EvaluationService {
    }
  }

+  /**
+   * Récupère un utilisateur par son ID
+   */
+  async getUserById(userId: number): Promise<UserProfile | null> {
+    const pool = getPool();
+    const client = await pool.connect();
+
+    try {
+      const query = `
+        SELECT u.first_name, u.last_name, u.team_id
+        FROM users u
+        WHERE u.id = $1
+      `;
+
+      const result = await client.query(query, [userId]);
+
+      if (result.rows.length === 0) {
+        return null;
+      }
+
+      const user = result.rows[0];
+      return {
+        firstName: user.first_name,
+        lastName: user.last_name,
+        teamId: user.team_id,
+      };
+    } finally {
+      client.release();
+    }
+  }
+
  /**
   * Sauvegarde une évaluation utilisateur complète
   */