refactor: update authentication flow and cookie management

- Changed COOKIE_NAME from "peakSkills_userId" to "session_token" for better clarity. - Updated AuthClient to handle login and registration with new data structures. - Enhanced AuthWrapper to manage user sessions and display appropriate messages. - Added error handling in LoginForm and RegisterForm for better user feedback. - Refactored user service methods to streamline user creation and verification processes.
2025-08-25 16:19:31 +02:00
parent caf396d964
commit 5c71ce1a54
14 changed files with 537 additions and 91 deletions
--- a/app/api/auth/login/route.ts
+++ b/app/api/auth/login/route.ts
@@ -0,0 +1,62 @@
+import { NextRequest, NextResponse } from "next/server";
+import { AuthService, UserService } from "@/services";
+
+export async function POST(request: NextRequest) {
+  try {
+    const { email, password } = await request.json();
+
+    // Validation des données
+    if (!email || !password) {
+      return NextResponse.json(
+        { error: "Email et mot de passe requis" },
+        { status: 400 }
+      );
+    }
+
+    // Vérifier les identifiants
+    const userService = new UserService();
+    const user = await userService.verifyCredentials(email, password);
+
+    if (!user) {
+      return NextResponse.json(
+        { error: "Email ou mot de passe incorrect" },
+        { status: 401 }
+      );
+    }
+
+    // Générer un token de session
+    const sessionToken = await AuthService.createSession(user.uuid_id);
+
+    // Créer la réponse avec le cookie de session
+    const response = NextResponse.json(
+      {
+        message: "Connexion réussie",
+        user: {
+          id: user.uuid_id,
+          firstName: user.first_name,
+          lastName: user.last_name,
+          email: user.email,
+          teamId: user.team_id,
+        },
+      },
+      { status: 200 }
+    );
+
+    // Définir le cookie de session
+    response.cookies.set("session_token", sessionToken, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      sameSite: "lax",
+      maxAge: 60 * 60 * 24 * 7, // 7 jours
+      path: "/",
+    });
+
+    return response;
+  } catch (error) {
+    console.error("Login error:", error);
+    return NextResponse.json(
+      { error: "Erreur interne du serveur" },
+      { status: 500 }
+    );
+  }
+}
--- a/app/api/auth/logout/route.ts
+++ b/app/api/auth/logout/route.ts
@@ -0,0 +1,29 @@
+import { NextResponse } from "next/server";
+
+export async function POST() {
+  try {
+    // Créer la réponse
+    const response = NextResponse.json(
+      { message: "Déconnexion réussie" },
+      { status: 200 }
+    );
+
+    // Supprimer le cookie de session
+    response.cookies.set("session_token", "", {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      sameSite: "lax",
+      maxAge: 0, // Expire immédiatement
+      path: "/",
+    });
+
+    return response;
+  } catch (error) {
+    console.error("Logout error:", error);
+    return NextResponse.json(
+      { error: "Erreur interne du serveur" },
+      { status: 500 }
+    );
+  }
+}
+
--- a/app/api/auth/register/route.ts
+++ b/app/api/auth/register/route.ts
@@ -0,0 +1,83 @@
+import { NextRequest, NextResponse } from "next/server";
+import { AuthService, userService } from "@/services";
+import bcrypt from "bcryptjs";
+
+export async function POST(request: NextRequest) {
+  try {
+    const { firstName, lastName, email, password, teamId } =
+      await request.json();
+
+    // Validation des données
+    if (!firstName || !lastName || !email || !password || !teamId) {
+      return NextResponse.json(
+        { error: "Tous les champs sont requis" },
+        { status: 400 }
+      );
+    }
+
+    // Vérifier si l'email existe déjà
+    const existingUser = await userService.getUserByEmail(email);
+    if (existingUser) {
+      return NextResponse.json(
+        { error: "Un utilisateur avec cet email existe déjà" },
+        { status: 409 }
+      );
+    }
+
+    // Hasher le mot de passe
+    const saltRounds = 12;
+    const passwordHash = await bcrypt.hash(password, saltRounds);
+
+    // Créer l'utilisateur
+    const newUser = await userService.createUser({
+      firstName,
+      lastName,
+      email,
+      passwordHash,
+      teamId,
+    });
+
+    if (!newUser) {
+      return NextResponse.json(
+        { error: "Erreur lors de la création de l'utilisateur" },
+        { status: 500 }
+      );
+    }
+
+    // Générer un token de session
+    const sessionToken = await AuthService.createSession(newUser.uuid_id);
+
+    // Créer la réponse avec le cookie de session
+    const response = NextResponse.json(
+      {
+        message: "Compte créé avec succès",
+        user: {
+          id: newUser.uuid_id,
+          firstName: newUser.first_name,
+          lastName: newUser.last_name,
+          email: newUser.email,
+          teamId: newUser.team_id,
+        },
+      },
+      { status: 201 }
+    );
+
+    // Définir le cookie de session
+    response.cookies.set("session_token", sessionToken, {
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+      sameSite: "lax",
+      maxAge: 60 * 60 * 24 * 7, // 7 jours
+      path: "/",
+    });
+
+    return response;
+  } catch (error) {
+    console.error("Register error:", error);
+    return NextResponse.json(
+      { error: "Erreur interne du serveur" },
+      { status: 500 }
+    );
+  }
+}
+