fix: login was KO by profile
This commit is contained in:
Julien Froidefond
@@ -1,11 +1,9 @@
|
||||
import { NextRequest, NextResponse } from "next/server";
|
||||
import { cookies } from "next/headers";
|
||||
import { userService } from "@/services/user-service";
|
||||
import { AuthService, COOKIE_NAME } from "@/services/auth-service";
|
||||
import { UserProfile } from "@/lib/types";
|
||||
|
||||
const COOKIE_NAME = "peakSkills_userId";
|
||||
const COOKIE_MAX_AGE = 30 * 24 * 60 * 60; // 30 jours
|
||||
|
||||
/**
|
||||
* GET /api/auth - Récupère l'utilisateur actuel depuis le cookie
|
||||
*/
|
||||
@@ -51,20 +49,10 @@ export async function POST(request: NextRequest) {
|
||||
);
|
||||
}
|
||||
|
||||
// Vérifier s'il y a déjà un cookie d'authentification
|
||||
const cookieStore = await cookies();
|
||||
const existingUserUuid = cookieStore.get(COOKIE_NAME)?.value;
|
||||
|
||||
let userUuid: string;
|
||||
|
||||
if (existingUserUuid) {
|
||||
// Mettre à jour l'utilisateur existant
|
||||
await userService.updateUserByUuid(existingUserUuid, profile);
|
||||
userUuid = existingUserUuid;
|
||||
} else {
|
||||
// Créer un nouvel utilisateur
|
||||
userUuid = await userService.upsertUserUuid(profile);
|
||||
}
|
||||
// Authentifier l'utilisateur et récupérer la configuration du cookie
|
||||
const { userUuid, cookieConfig } = await AuthService.authenticateUser(
|
||||
profile
|
||||
);
|
||||
|
||||
// Créer la réponse avec le cookie
|
||||
const response = NextResponse.json(
|
||||
@@ -75,14 +63,12 @@ export async function POST(request: NextRequest) {
|
||||
{ status: 200 }
|
||||
);
|
||||
|
||||
// Définir le cookie avec l'UUID utilisateur (plus sécurisé)
|
||||
response.cookies.set(COOKIE_NAME, userUuid, {
|
||||
maxAge: COOKIE_MAX_AGE,
|
||||
httpOnly: true,
|
||||
secure: process.env.NODE_ENV === "production",
|
||||
sameSite: "lax",
|
||||
path: "/",
|
||||
});
|
||||
// Définir le cookie avec l'UUID utilisateur
|
||||
response.cookies.set(
|
||||
cookieConfig.name,
|
||||
cookieConfig.value,
|
||||
cookieConfig.options
|
||||
);
|
||||
|
||||
return response;
|
||||
} catch (error) {
|
||||
|
||||
@@ -1,4 +1,7 @@
|
||||
import { cookies } from "next/headers";
|
||||
import { UserProfile } from "@/lib/types";
|
||||
import { userService } from "@/services/user-service";
|
||||
|
||||
// Constantes pour les cookies (définies ici car auth-service.ts a été supprimé)
|
||||
export const COOKIE_NAME = "peakSkills_userId";
|
||||
export const COOKIE_MAX_AGE = 30 * 24 * 60 * 60; // 30 jours
|
||||
@@ -29,4 +32,52 @@ export class AuthService {
|
||||
const userUuid = await this.getUserUuidFromCookie();
|
||||
return !!userUuid;
|
||||
}
|
||||
|
||||
/**
|
||||
* Authentifie un utilisateur et retourne la configuration du cookie
|
||||
*/
|
||||
static async authenticateUser(profile: UserProfile): Promise<{
|
||||
userUuid: string;
|
||||
cookieConfig: {
|
||||
name: string;
|
||||
value: string;
|
||||
options: {
|
||||
maxAge: number;
|
||||
httpOnly: boolean;
|
||||
secure: boolean;
|
||||
sameSite: "lax" | "strict" | "none";
|
||||
path: string;
|
||||
};
|
||||
};
|
||||
}> {
|
||||
// Vérifier si l'utilisateur existe déjà avec ces informations
|
||||
const existingUser = await userService.findUserByProfile(profile);
|
||||
let userUuid: string;
|
||||
|
||||
if (existingUser) {
|
||||
// Mettre à jour l'utilisateur existant si nécessaire
|
||||
if (existingUser.teamId !== profile.teamId) {
|
||||
await userService.updateUserByUuid(existingUser.uuid, profile);
|
||||
}
|
||||
userUuid = existingUser.uuid;
|
||||
} else {
|
||||
// Créer un nouvel utilisateur
|
||||
userUuid = await userService.upsertUserUuid(profile);
|
||||
}
|
||||
|
||||
return {
|
||||
userUuid,
|
||||
cookieConfig: {
|
||||
name: COOKIE_NAME,
|
||||
value: userUuid,
|
||||
options: {
|
||||
maxAge: COOKIE_MAX_AGE,
|
||||
httpOnly: true,
|
||||
secure: process.env.NODE_ENV === "production",
|
||||
sameSite: "lax",
|
||||
path: "/",
|
||||
},
|
||||
},
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
@@ -101,6 +101,41 @@ export class UserService {
|
||||
/**
|
||||
* Récupère un utilisateur par son UUID
|
||||
*/
|
||||
/**
|
||||
* Trouve un utilisateur par son profil (firstName, lastName)
|
||||
*/
|
||||
async findUserByProfile(profile: UserProfile): Promise<{
|
||||
uuid: string;
|
||||
teamId: string;
|
||||
} | null> {
|
||||
const pool = getPool();
|
||||
const client = await pool.connect();
|
||||
|
||||
try {
|
||||
const query = `
|
||||
SELECT uuid_id, team_id
|
||||
FROM users
|
||||
WHERE first_name = $1 AND last_name = $2
|
||||
`;
|
||||
|
||||
const result = await client.query(query, [
|
||||
profile.firstName,
|
||||
profile.lastName,
|
||||
]);
|
||||
|
||||
if (result.rows.length === 0) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return {
|
||||
uuid: result.rows[0].uuid_id,
|
||||
teamId: result.rows[0].team_id,
|
||||
};
|
||||
} finally {
|
||||
client.release();
|
||||
}
|
||||
}
|
||||
|
||||
async getUserByUuid(userUuid: string): Promise<UserProfile | null> {
|
||||
const pool = getPool();
|
||||
const client = await pool.connect();
|
||||
|
||||
Reference in New Issue
Block a user