feat(front): jwt included in session and linked to every query that uses useQuery

2024-07-24 00:22:02 +02:00
parent 231db52718
commit 94ce4f548e
3 changed files with 49 additions and 8 deletions
--- a/front/src/modules/auth/configs/auth.options.ts
+++ b/front/src/modules/auth/configs/auth.options.ts
@@ -1,4 +1,4 @@
-import { AuthOptions, User } from "next-auth";
+import { AuthOptions, Role, User } from "next-auth";
 import CredentialsProvider from "next-auth/providers/credentials";

 export const authOptions: AuthOptions = {
@@ -16,16 +16,50 @@ export const authOptions: AuthOptions = {
        password: { label: "Password", type: "password" },
      },
      async authorize(credentials, req) {
+        const response = await fetch("http://localhost:3000/auth/login", {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+          },
+          body: JSON.stringify({
+            username: credentials?.username,
+            password: credentials?.password,
+          }),
+        });
+
+        type LoginResponse = {
+          access_token: string;
+        };
+
+        if (response.status < 200 || response.status > 399) return null;
+
+        const response_body = (await response.json()) as LoginResponse;
+
+        type TokenPayload = {
+          sub: string;
+          username: string;
+          roles: Role[];
+          iat: number;
+          exp: number;
+        };
+
+        const token_payload = JSON.parse(
+          atob(response_body.access_token.split(".")[1]),
+        ) as TokenPayload;
+
        const user: User = {
-          id: credentials?.password ?? "asdf",
-          role: "admin",
-          image: "none",
-          name: credentials?.username,
+          id: token_payload.username,
+          roles: token_payload.roles,
+          image: "https://randomuser.me/api/portraits/women/92.jpg",
+          name: token_payload.username,
          apiSession: {
-            accessToken: credentials?.password ?? "asdf",
+            accessToken: response_body.access_token,
          },
        };
-        return credentials?.password === "secure-password" ? user : null;
+
+        console.log("__loged:", user);
+
+        return user;
      },
    }),
  ],
--- a/front/src/modules/auth/types/next-auth.d.ts
+++ b/front/src/modules/auth/types/next-auth.d.ts
@@ -9,7 +9,7 @@ declare module "next-auth" {
  }
  interface User {
    id: string;
-    role: Role;
+    roles: Role[];
    image?: string;
    name?: string;
    apiSession?: ApiSession;
--- a/front/src/modules/common/hooks/api/useQuery.ts
+++ b/front/src/modules/common/hooks/api/useQuery.ts
@@ -1,5 +1,6 @@
 import { useEffect, useState } from "react";
 import { timedFetch } from "../../utils/timedFetch";
+import { useSession } from "next-auth/react";

 type QueryReturn<T> = {
  data?: T;
@@ -26,6 +27,12 @@ export function useQuery<DataType>({
  const [isLoading, setIsLoading] = useState<boolean>(true);
  const [isError, setIsError] = useState<boolean>(false);

+  const session = useSession();
+  const token = session.data?.apiSession?.accessToken;
+  if (token) {
+    options.headers = { ...options.headers, Authorization: "Bearer " + token };
+  }
+
  useEffect(() => {
    setIsLoading(true);
    setIsError(false);