feat: enhance evaluation loading with cookie authentication

- Updated the GET method in the evaluations route to support user authentication via cookies, improving security and user experience. - Added compatibility for legacy parameter-based authentication to ensure backward compatibility. - Refactored the useEvaluation hook to load user profiles from cookies instead of localStorage, streamlining the authentication process. - Introduced a new method in EvaluationService to retrieve user profiles by ID, enhancing data retrieval efficiency. - Updated ApiClient to handle cookie-based requests for loading evaluations, ensuring proper session management.
2025-08-21 11:55:50 +02:00
parent 5cb2bad992
commit 45fb1148ae
6 changed files with 270 additions and 32 deletions
--- a/services/api-client.ts
+++ b/services/api-client.ts
@@ -16,18 +16,28 @@ export class ApiClient {

  /**
   * Charge une évaluation utilisateur depuis l'API
+   * Si profile est fourni, utilise les paramètres (mode compatibilité)
+   * Sinon, utilise l'authentification par cookie
   */
  async loadUserEvaluation(
-    profile: UserProfile
+    profile?: UserProfile
  ): Promise<UserEvaluation | null> {
    try {
-      const params = new URLSearchParams({
-        firstName: profile.firstName,
-        lastName: profile.lastName,
-        teamId: profile.teamId,
-      });
+      let url = `${this.baseUrl}/api/evaluations`;
+      
+      // Mode compatibilité avec profile en paramètres
+      if (profile) {
+        const params = new URLSearchParams({
+          firstName: profile.firstName,
+          lastName: profile.lastName,
+          teamId: profile.teamId,
+        });
+        url += `?${params}`;
+      }

-      const response = await fetch(`${this.baseUrl}/api/evaluations?${params}`);
+      const response = await fetch(url, {
+        credentials: "same-origin", // Pour inclure les cookies
+      });

      if (!response.ok) {
        throw new Error("Erreur lors du chargement de l'évaluation");
@@ -52,6 +62,7 @@ export class ApiClient {
          "Content-Type": "application/json",
        },
        body: JSON.stringify({ evaluation }),
+        credentials: "same-origin",
      });

      if (!response.ok) {
@@ -165,6 +176,7 @@ export class ApiClient {
          skillId,
          ...options,
        }),
+        credentials: "same-origin",
      });

      if (!response.ok) {