refactor: Deplacement du JWT dans le back

2026-01-29 07:53:23 +00:00 · 2025-02-21 19:22:33 +01:00
parent 214fb186fa
commit eb89a324ab
27 changed files with 145 additions and 156 deletions
--- a/Front-End/src/pages/api/auth/[...nextauth].js
+++ b/Front-End/src/pages/api/auth/[...nextauth].js
@ -1,6 +1,8 @@
 import NextAuth from 'next-auth';
 import CredentialsProvider from 'next-auth/providers/credentials';
-import { BE_AUTH_LOGIN_URL } from '@/utils/Url';
+import { getJWT, refreshJWT } from '@/app/actions/authAction';
+
+import jwt_decode from 'jsonwebtoken';  // Changed import

 const options = {
  providers: [
@ -11,63 +13,66 @@ const options = {
        password: { label: 'Password', type: 'password' }
      },
      authorize: async (credentials, req) => {
-        const response = await fetch(`${BE_AUTH_LOGIN_URL}`, {
-          method: 'POST',
-          headers: { 
-            'Content-Type': 'application/json',
-          },
-          body: JSON.stringify({
+        try {
+          const data = {
            email: credentials.email,
            password: credentials.password
-          }),
-          credentials: 'include'
-        });
-
-        const user = await response.json();
-
-        console.log("API response:", user);
-        if (response.ok && user) {
-          const userData = {
-            id: user.id,
-            role: user.profil,
-            droit: user.droit
          };
-          return userData;
-        } else {
-          throw new Error(user.errorMessage || 'Invalid credentials');
+
+          const user = await getJWT(data);
+
+          if (user) {
+            console.log("API response:", user);
+            return user;
+          }
+
+          throw new Error('Invalid credentials');
+        } catch (error) {
+          throw new Error(error.message || 'Invalid credentials');
        }
      }
    })
  ],
  session: {
-    jwt: true,
-    maxAge: 24 * 60 * 60, // 1 day in seconds
-    updateAge: 24 * 60 * 60 // Update session every day
-  },
-  jwt: {
-    maxAge: 24 * 60 * 60 // 1 day in seconds
+   strategy:"jwt",
  },
  callbacks: {
    async jwt({ token, user }) {
-      console.log("JWT callback called", user);
-      if (user) {
-        token.id = user.id;
-        token.role = user.role;
-        token.droit = user.droit;
+       if (user) {
+        token.token = user.token;
+        token.refresh = user.refresh;
+        token.tokenExpires = jwt_decode.decode(user.token).exp * 1000;
+      }
+       // Vérifie si l'access token a expiré
+      if (Date.now() < token.tokenExpires) {
+        return token;
+      }
+      // Renouvelle le token expiré
+      try {
+        const data = {refresh: token.refresh}
+        const res = await refreshJWT(data);
+        console.log(res);
+        token.token = res.token;
+        token.refresh = res.refresh;
+        token.tokenExpires = jwt_decode.decode(res.token).exp * 1000;
+        console.log("Token refreshed", token);
+        return token;
+      } catch (error) {
+        console.error("Erreur lors du rafraîchissement du token", error);
+        return token;
      }
-      return token;
    },
    async session({ session, token }) {
      console.log("Session callback called", token);
      if (!token) {
        throw new Error('Token not found');
      }
-      session.user = {
-        id: token.id,
-        role: token.role,
-        droit: token.droit
-      };
-      return session;
+      else{
+        const decodedToken =  jwt_decode.decode(token.token);
+        const {user_id,email,droit} = decodedToken;
+        session.user = {id:user_id,email,droit};
+        return session;
+      }
    }
  },
  pages: {
@ -76,7 +81,4 @@ const options = {
  csrf: true
 };

-export default (req, res) => {
-  console.log("NextAuth handler called");
-  return NextAuth(req, res, options);
-};
+export default (req, res) => NextAuth(req, res, options);