acasini/n3wt-school
1
0
Fork 0
mirror of https://git.v0id.ovh/n3wt-innov/n3wt-school.git synced 2026-01-29 07:53:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Suite de la gestion des sessions

Browse Source
This commit is contained in:
N3WT DE COMPET
2025-02-17 16:11:15 +01:00
parent 65d5b8c424
commit 8ea68bbad0
18 changed files with 113 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
Front-End/src/pages/api/auth/[...nextauth].js
View File

@ -1,7 +1,6 @@
import NextAuth from 'next-auth';
import CredentialsProvider from 'next-auth/providers/credentials';
import jwt from 'jsonwebtoken';
import { csrfMiddleware } from '@/csrfMiddleware'; // Importez le middleware csrfMiddleware
import { BE_AUTH_LOGIN_URL } from '@/utils/Url';
const options = {
providers: [
@ -11,43 +10,32 @@ const options = {
email: { label: 'Email', type: 'email' },
password: { label: 'Password', type: 'password' }
},
authorize: (credentials, req) => {
console.log('Credentials:', credentials); // Vérifiez si ce log s'affiche
// Utilisez le token CSRF injecté par le middleware
const csrfToken = req.csrfToken;
console.log("data to send : ", JSON.stringify({
email: credentials.email,
password: credentials.password
}), "csrfToken : ", csrfToken);
return fetch(`${process.env.NEXT_PUBLIC_API_URL}/Auth/login`, {
authorize: async (credentials, req) => {
const response = await fetch(`${BE_AUTH_LOGIN_URL}`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-CSRFToken': csrfToken // Utiliser le token CSRF ici
},
body: JSON.stringify({
email: credentials.email,
password: credentials.password
}),
credentials: 'include'
})
.then(response => response.text())
.then(text => {
console.log('Response Text:', text); // Loggez la réponse
const user = JSON.parse(text); // Parsez la réponse en JSON
if (response.ok && user) {
return user;
} else {
throw new Error(user.errorMessage || 'Invalid credentials');
}
})
.catch(error => {
console.error('Error during authentication:', error);
throw new Error('Authentication failed');
});
const user = await response.json();
console.log("API response:", user);
if (response.ok && user) {
const userData = {
id: user.id,
role: user.profil,
droit: user.droit
};
return userData;
} else {
throw new Error(user.errorMessage || 'Invalid credentials');
}
}
})
],
@ -55,25 +43,35 @@ const options = {
jwt: true
},
callbacks: {
async jwt(token, user) {
async jwt({ token, user }) {
console.log("JWT callback called", user);
if (user) {
token.id = user.id;
token.email = user.email;
token.role = user.role;
token.droit = user.droit;
}
return token;
},
async session(session, token) {
session.user.id = token.id;
session.user.email = token.email;
session.user.role = token.role;
async session({ session, token }) {
console.log("Session callback called", token);
if (!token) {
throw new Error('Token not found');
}
session.user = {
id: token.id,
role: token.role,
droit: token.droit
};
return session;
}
},
pages: {
signIn: '/[locale]/users/login'
},
csrf: false // Désactiver la gestion CSRF de NextAuth.js
csrf: true
};
export default csrfMiddleware((req, res) => NextAuth(req, res, options));
export default (req, res) => {
console.log("NextAuth handler called");
return NextAuth(req, res, options);
};

42
Front-End/src/pages/protected-page.js
View File

@ -1,42 +0,0 @@
import { useSession, getSession } from 'next-auth/react';
import { useRouter } from 'next/router';
import { useEffect } from 'react';
export default function ProtectedPage() {
const [session, loading] = useSession();
const router = useRouter();
useEffect(() => {
if (!loading && !session) {
router.push('/auth/signin');
}
}, [loading, session, router]);
if (loading || !session) {
return <p>Loading...</p>;
}
return (
<div>
<h1>Protected Page</h1>
<p>Welcome, {session.user.email}</p>
</div>
);
}
export async function getServerSideProps(context) {
const session = await getSession(context);
if (!session) {
return {
redirect: {
destination: '/auth/signin',
permanent: false
}
};
}
return {
props: { session }
};
}