feat: Création d'un profile selector [#37,#38]

2026-01-28 23:43:22 +00:00 · 2025-04-12 16:07:30 +02:00
parent 4c2e2f8756
commit 89b01b79db
16 changed files with 237 additions and 286 deletions
--- a/Back-End/Auth/models.py
+++ b/Back-End/Auth/models.py
@ -9,7 +9,7 @@ class Profile(AbstractUser):

    USERNAME_FIELD = 'email'
    REQUIRED_FIELDS = ('password', )
-
+    roleIndexLoginDefault = models.IntegerField(default=0)
    code = models.CharField(max_length=200, default="", blank=True)
    datePeremption = models.CharField(max_length=200, default="", blank=True)

--- a/Back-End/Auth/serializers.py
+++ b/Back-End/Auth/serializers.py
@ -14,7 +14,7 @@ class ProfileSerializer(serializers.ModelSerializer):

    class Meta:
        model = Profile
-        fields = ['id', 'password', 'email', 'code', 'datePeremption', 'username', 'roles']
+        fields = ['id', 'password', 'email', 'code', 'datePeremption', 'username', 'roles', 'roleIndexLoginDefault']
        extra_kwargs = {'password': {'write_only': True}}

    def get_roles(self, obj):
@ -53,10 +53,10 @@ class ProfileSerializer(serializers.ModelSerializer):
    def update(self, instance, validated_data):
        password = validated_data.pop('password', None)
        instance = super().update(instance, validated_data)
-        
+
        if password:
            instance.set_password(password)
-        
+
        instance.full_clean()
        instance.save()
        return instance
@ -114,7 +114,7 @@ class ProfileRoleSerializer(serializers.ModelSerializer):
        if obj.profile:
            return obj.profile.email
        return None
-    
+
    def get_associated_person(self, obj):
        if obj.role_type == ProfileRole.RoleType.PROFIL_PARENT:
            guardian = Guardian.objects.filter(profile_role=obj).first()
--- a/Back-End/Auth/views.py
+++ b/Back-End/Auth/views.py
@ -54,6 +54,7 @@ class SessionView(APIView):
                'user': openapi.Schema(type=openapi.TYPE_OBJECT, properties={
                    'id': openapi.Schema(type=openapi.TYPE_INTEGER),
                    'email': openapi.Schema(type=openapi.TYPE_STRING),
+                    'roleIndexLoginDefault': openapi.Schema(type=openapi.TYPE_INTEGER),
                    'roles': openapi.Schema(type=openapi.TYPE_ARRAY, items=openapi.Items(type=openapi.TYPE_OBJECT, properties={
                        'role_type': openapi.Schema(type=openapi.TYPE_STRING),
                        'establishment': openapi.Schema(type=openapi.TYPE_STRING)
@ -65,18 +66,16 @@ class SessionView(APIView):
    )
    def get(self, request):
        token = request.META.get('HTTP_AUTHORIZATION', '').split('Bearer ')[-1]
-
        try:
            decoded_token = jwt.decode(token, settings.SECRET_KEY, algorithms=['HS256'])
            userid = decoded_token.get('user_id')
            user = Profile.objects.get(id=userid)
-
            roles = ProfileRole.objects.filter(profile=user).values('role_type', 'establishment__name')
-
            response_data = {
                'user': {
                    'id': user.id,
                    'email': user.email,
+                    'roleIndexLoginDefault': user.roleIndexLoginDefault,
                    'roles': list(roles)
                }
            }
@ -157,11 +156,10 @@ class LoginView(APIView):
        operation_description="Connexion utilisateur",
        request_body=openapi.Schema(
            type=openapi.TYPE_OBJECT,
-            required=['email', 'password', 'role_type'],
+            required=['email', 'password'],
            properties={
                'email': openapi.Schema(type=openapi.TYPE_STRING),
-                'password': openapi.Schema(type=openapi.TYPE_STRING),
-                'role_type': openapi.Schema(type=openapi.TYPE_STRING)
+                'password': openapi.Schema(type=openapi.TYPE_STRING)
            }
        ),
        responses={
@ -194,38 +192,15 @@ class LoginView(APIView):
                password=data.get('password'),
            )
            if user is not None:
-                role_type = data.get('role_type')
-                primary_role = ProfileRole.objects.filter(profile=user, role_type=role_type, is_active=True).first()
-
-                if not primary_role:
+                # Vérifier si l'utilisateur a un role actif
+                has_active_role = ProfileRole.objects.filter(profile=user, is_active=True).first()
+                if not has_active_role:
                    return JsonResponse({"errorMessage": "Profil inactif"}, status=status.HTTP_401_UNAUTHORIZED)

                login(request, user)
                user.save()
                retour = ''
-
-                # Récupérer tous les rôles de l'utilisateur avec le type spécifié
-                roles = ProfileRole.objects.filter(profile=user, role_type=role_type).values('role_type', 'establishment__id', 'establishment__name')
-
-                # Générer le JWT avec la bonne syntaxe datetime
-                access_payload = {
-                    'user_id': user.id,
-                    'email': user.email,
-                    'roles': list(roles),
-                    'type': 'access',
-                    'exp': datetime.utcnow() + settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME'],
-                    'iat': datetime.utcnow(),
-                }
-
-                access_token = jwt.encode(access_payload, settings.SIMPLE_JWT['SIGNING_KEY'], algorithm=settings.SIMPLE_JWT['ALGORITHM'])
-                # Générer le Refresh Token (exp: 7 jours)
-                refresh_payload = {
-                    'user_id': user.id,
-                    'type': 'refresh',
-                    'exp': datetime.utcnow() + settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME'],
-                    'iat': datetime.utcnow(),
-                }
-                refresh_token = jwt.encode(refresh_payload, settings.SIMPLE_JWT['SIGNING_KEY'], algorithm=settings.SIMPLE_JWT['ALGORITHM'])
+                access_token, refresh_token = makeToken(user)

                return JsonResponse({
                    'token': access_token,
@ -299,35 +274,10 @@ class RefreshJWTView(APIView):

            # Récupérer les informations utilisateur
            user = Profile.objects.get(id=payload['user_id'])
-            role_type = payload.get('role_type')
+            if not user:
+                return JsonResponse({'errorMessage': 'Utilisateur non trouvé'}, status=404)

-            # Récupérer le rôle principal de l'utilisateur
-            primary_role = ProfileRole.objects.filter(profile=user, role_type=role_type, is_active=True).first()
-
-            if not primary_role:
-                return JsonResponse({'errorMessage': 'Profil inactif'}, status=400)
-
-            # Générer un nouveau Access Token avec les informations complètes
-            new_access_payload = {
-                'user_id': user.id,
-                'email': user.email,
-                'role_type': primary_role.get_role_type_display(),
-                'establishment': primary_role.establishment.id,
-                'type': 'access',
-                'exp': datetime.utcnow() + settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME'],
-                'iat': datetime.utcnow(),
-            }
-
-            new_access_token = jwt.encode(new_access_payload, settings.SIMPLE_JWT['SIGNING_KEY'], algorithm=settings.SIMPLE_JWT['ALGORITHM'])
-
-            new_refresh_payload = {
-                'user_id': user.id,
-                'role_type': role_type,
-                'type': 'refresh',
-                'exp': datetime.utcnow() + settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME'],
-                'iat': datetime.utcnow(),
-            }
-            new_refresh_token = jwt.encode(new_refresh_payload, settings.SIMPLE_JWT['SIGNING_KEY'], algorithm=settings.SIMPLE_JWT['ALGORITHM'])
+            new_access_payload, new_refresh_token = makeToken(user)

            return JsonResponse({'token': new_access_token, 'refresh': new_refresh_token}, status=200)

@ -341,6 +291,38 @@ class RefreshJWTView(APIView):
            logger.error(f"Erreur inattendue: {str(e)}")
            return JsonResponse({'errorMessage': f'Erreur inattendue: {str(e)}'}, status=400)

+def makeToken(user):
+    """
+    Fonction pour créer un token JWT pour l'utilisateur donné.
+    """
+    try:
+        # Récupérer tous les rôles de l'utilisateur actifs
+        roles = ProfileRole.objects.filter(profile=user, is_active=True).values('role_type', 'establishment__id', 'establishment__name')
+
+        # Générer le JWT avec la bonne syntaxe datetime
+        access_payload = {
+            'user_id': user.id,
+            'email': user.email,
+            'roleIndexLoginDefault':user.roleIndexLoginDefault,
+            'roles': list(roles),
+            'type': 'access',
+            'exp': datetime.utcnow() + settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME'],
+            'iat': datetime.utcnow(),
+        }
+
+        access_token = jwt.encode(access_payload, settings.SIMPLE_JWT['SIGNING_KEY'], algorithm=settings.SIMPLE_JWT['ALGORITHM'])
+        # Générer le Refresh Token (exp: 7 jours)
+        refresh_payload = {
+            'user_id': user.id,
+            'type': 'refresh',
+            'exp': datetime.utcnow() + settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME'],
+            'iat': datetime.utcnow(),
+        }
+        refresh_token = jwt.encode(refresh_payload, settings.SIMPLE_JWT['SIGNING_KEY'], algorithm=settings.SIMPLE_JWT['ALGORITHM'])
+        return access_token, refresh_token
+    except Exception as e:
+        logger.error(f"Erreur lors de la création du token: {str(e)}")
+        return None

@method_decorator(csrf_protect, name='dispatch')
@method_decorator(ensure_csrf_cookie, name='dispatch')