99 lines
2.8 KiB
TypeScript
99 lines
2.8 KiB
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
|
import { cookies } from "next/headers";
|
|
import { EvaluationService } from "@/services/evaluation-service";
|
|
import { UserProfile } from "@/lib/types";
|
|
|
|
const COOKIE_NAME = "peakSkills_userId";
|
|
const COOKIE_MAX_AGE = 30 * 24 * 60 * 60; // 30 jours
|
|
|
|
/**
|
|
* GET /api/auth - Récupère l'utilisateur actuel depuis le cookie
|
|
*/
|
|
export async function GET() {
|
|
try {
|
|
const cookieStore = await cookies();
|
|
const userUuid = cookieStore.get(COOKIE_NAME)?.value;
|
|
|
|
if (!userUuid) {
|
|
return NextResponse.json({ user: null }, { status: 200 });
|
|
}
|
|
|
|
const evaluationService = new EvaluationService();
|
|
const userProfile = await evaluationService.getUserByUuid(userUuid);
|
|
|
|
if (!userProfile) {
|
|
// Cookie invalide, le supprimer
|
|
const response = NextResponse.json({ user: null }, { status: 200 });
|
|
response.cookies.set(COOKIE_NAME, "", { maxAge: 0 });
|
|
return response;
|
|
}
|
|
|
|
return NextResponse.json({ user: userProfile }, { status: 200 });
|
|
} catch (error) {
|
|
console.error("Error getting current user:", error);
|
|
return NextResponse.json(
|
|
{ error: "Failed to get current user" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* POST /api/auth - Authentifie un utilisateur et créé/met à jour le cookie
|
|
*/
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const profile: UserProfile = await request.json();
|
|
|
|
if (!profile.firstName || !profile.lastName || !profile.teamId) {
|
|
return NextResponse.json(
|
|
{ error: "Missing required fields" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
const evaluationService = new EvaluationService();
|
|
const userUuid = await evaluationService.upsertUserUuid(profile);
|
|
|
|
// Créer la réponse avec le cookie
|
|
const response = NextResponse.json(
|
|
{
|
|
user: { ...profile, uuid: userUuid },
|
|
userUuid,
|
|
},
|
|
{ status: 200 }
|
|
);
|
|
|
|
// Définir le cookie avec l'UUID utilisateur (plus sécurisé)
|
|
response.cookies.set(COOKIE_NAME, userUuid, {
|
|
maxAge: COOKIE_MAX_AGE,
|
|
httpOnly: true,
|
|
secure: process.env.NODE_ENV === "production",
|
|
sameSite: "lax",
|
|
path: "/",
|
|
});
|
|
|
|
return response;
|
|
} catch (error) {
|
|
console.error("Error authenticating user:", error);
|
|
return NextResponse.json(
|
|
{ error: "Failed to authenticate user" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* DELETE /api/auth - Déconnecte l'utilisateur (supprime le cookie)
|
|
*/
|
|
export async function DELETE() {
|
|
try {
|
|
const response = NextResponse.json({ success: true }, { status: 200 });
|
|
response.cookies.set(COOKIE_NAME, "", { maxAge: 0 });
|
|
return response;
|
|
} catch (error) {
|
|
console.error("Error logging out user:", error);
|
|
return NextResponse.json({ error: "Failed to logout" }, { status: 500 });
|
|
}
|
|
}
|