feat: Suite de la gestion des sessions

Front-End/src/pages/api/auth/[...nextauth].js

@@ -1,7 +1,6 @@
 import NextAuth from 'next-auth';
 import CredentialsProvider from 'next-auth/providers/credentials';
-import jwt from 'jsonwebtoken';
-import { csrfMiddleware } from '@/csrfMiddleware'; // Importez le middleware csrfMiddleware
+import { BE_AUTH_LOGIN_URL } from '@/utils/Url';
 
 const options = {
   providers: [
@@ -11,43 +10,32 @@ const options = {
         email: { label: 'Email', type: 'email' },
         password: { label: 'Password', type: 'password' }
       },
-      authorize: (credentials, req) => {
-        console.log('Credentials:', credentials); // Vérifiez si ce log s'affiche
-
-        // Utilisez le token CSRF injecté par le middleware
-        const csrfToken = req.csrfToken;
-        console.log("data to send : ", JSON.stringify({
-          email: credentials.email,
-          password: credentials.password
-        }), "csrfToken : ", csrfToken);
-
-        return fetch(`${process.env.NEXT_PUBLIC_API_URL}/Auth/login`, {
+      authorize: async (credentials, req) => {
+        const response = await fetch(`${BE_AUTH_LOGIN_URL}`, {
           method: 'POST',
           headers: { 
             'Content-Type': 'application/json',
-            'X-CSRFToken': csrfToken // Utiliser le token CSRF ici
           },
           body: JSON.stringify({
             email: credentials.email,
             password: credentials.password
           }),
           credentials: 'include'
-        })
-        .then(response => response.text())
-        .then(text => {
-          console.log('Response Text:', text); // Loggez la réponse
-          const user = JSON.parse(text); // Parsez la réponse en JSON
-
-          if (response.ok && user) {
-            return user;
-          } else {
-            throw new Error(user.errorMessage || 'Invalid credentials');
-          }
-        })
-        .catch(error => {
-          console.error('Error during authentication:', error);
-          throw new Error('Authentication failed');
         });
+
+        const user = await response.json();
+
+        console.log("API response:", user);
+        if (response.ok && user) {
+          const userData = {
+            id: user.id,
+            role: user.profil,
+            droit: user.droit
+          };
+          return userData;
+        } else {
+          throw new Error(user.errorMessage || 'Invalid credentials');
+        }
       }
     })
   ],
@@ -55,25 +43,35 @@ const options = {
     jwt: true
   },
   callbacks: {
-    async jwt(token, user) {
+    async jwt({ token, user }) {
+      console.log("JWT callback called", user);
       if (user) {
         token.id = user.id;
-        token.email = user.email;
         token.role = user.role;
+        token.droit = user.droit;
       }
       return token;
     },
-    async session(session, token) {
-      session.user.id = token.id;
-      session.user.email = token.email;
-      session.user.role = token.role;
+    async session({ session, token }) {
+      console.log("Session callback called", token);
+      if (!token) {
+        throw new Error('Token not found');
+      }
+      session.user = {
+        id: token.id,
+        role: token.role,
+        droit: token.droit
+      };
       return session;
     }
   },
   pages: {
     signIn: '/[locale]/users/login'
   },
-  csrf: false // Désactiver la gestion CSRF de NextAuth.js
+  csrf: true
 };
 
-export default csrfMiddleware((req, res) => NextAuth(req, res, options));
+export default (req, res) => {
+  console.log("NextAuth handler called");
+  return NextAuth(req, res, options);
+};