test

2025-09-06 00:14:34 +02:00 · 2025-09-06 00:14:34 +02:00 · d1b1ebac98
commit d1b1ebac98
parent fdbea29b82
2 changed files with 41 additions and 18 deletions
--- a/index.js
+++ b/index.js
@ -32,9 +32,7 @@ function sendMail(to, subject, html) {
    .catch(error => console.error('Error sending email:', error));
 }

-function authenticateToken(req, res, next) {
-  const authHeader = req.headers['authorization'];
-  const token = authHeader && authHeader.split(' ')[1];
+function authenticateToken(token) {
  if (!token) return res.sendStatus(401);

  jwt.verify(token, process.env.JWT_SECRET, (err, user) => {
@ -98,8 +96,15 @@ app.get('/', (req, res) => {
 );

 // Exemple d'utilisation :
-app.get('/api/loginToken', authenticateToken, (req, res) => {
-  res.json({ message: 'Accès autorisé', user: req.user });
+app.get('/api/loginToken', async (req, res) => {
+
+  if (!req.cookies) return res.sendStatus(401);
+
+  if (!req.cookies.auth_token) return res.sendStatus(401);
+
+  const token = req.cookies.auth_token;
+
+  authenticateToken(token);
 });

 app.post('/api/login', async (req, res) => {
@ -128,7 +133,14 @@ app.post('/api/login', async (req, res) => {
      { expiresIn: process.env.JWT_EXPIRATION }
    );

-    res.status(200).json({ message: 'Login successful', token });
+    res.cookie("auth_token", token,
+      {
+        httpOnly: true,
+        sameSite: 'Strict'
+      }
+    )
+
+    // res.status(200).json({ message: 'Login successful', token });
  } catch (err) {
    console.error('Database error:', err);
    res.status(500).json({ message: 'Internal server error' });
--- a/public/scripts/index.js
+++ b/public/scripts/index.js
@ -18,11 +18,7 @@ loginForm.addEventListener('submit', async (event) => {
    });

    if (response.ok) {
-      const responseData = await response.json();
-
-      console.log('Login successful:', responseData);
-
-      localStorage.setItem('token', responseData.token);
+      // localStorage.setItem('token', responseData.token);

      displayLoginSuccess();
    } else {
@ -37,21 +33,36 @@ loginForm.addEventListener('submit', async (event) => {
 );

 async function isLoggedInFunction() {
-  const token = localStorage.getItem('token');
-  if (!token) return false;
+  // const token = localStorage.getItem('token');
+  // if (!token) return false;
+
+  // try {
+  //   const response = await fetch('/api/loginToken', {
+  //     method: 'GET',
+  //     headers: {
+  //       'Authorization': `Bearer ${token}`
+  //     }
+  //   });
+
+  //   if (response.ok) {
+  //     return true;
+  //   } else {
+  //     localStorage.removeItem('token');
+  //     return false;
+  //   }
+  // } catch (error) {
+  //   console.error('Error checking login status:', error);
+  //   return false;
+  // }

  try {
    const response = await fetch('/api/loginToken', {
-      method: 'GET',
-      headers: {
-        'Authorization': `Bearer ${token}`
-      }
+      method: 'GET'
    });

    if (response.ok) {
      return true;
    } else {
-      localStorage.removeItem('token');
      return false;
    }
  } catch (error) {