oimer/GTA
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

changement au niveau de requetes adaptés aux collaborateurs AD

Browse Source
This commit is contained in:
Ouijdane IMER
2025-08-27 09:40:17 +02:00
parent 9fb0c0a27f
commit ed4a7c02ca
29 changed files with 1741 additions and 548 deletions
Download Patch File Download Diff File Expand all files Collapse all files

289
project/src/context/AuthContext.jsx
View File

@@ -1,5 +1,6 @@
import React, { createContext, useContext, useState, useEffect } from 'react';
import * as msal from '@azure/msal-browser';
import { msalConfig, loginRequest } from '../AuthConfig';
const AuthContext = createContext();
@@ -11,70 +12,196 @@ export const useAuth = () => {
return context;
};
const msalConfig = {
auth: {
clientId: '4bb4cc24-bac3-427c-b02c-5d14fc67b561',
authority: 'https://login.microsoftonline.com/9840a2a0-6ae1-4688-b03d-d2ec291be0f9',
redirectUri: window.location.origin,
},
};
const msalInstance = new msal.PublicClientApplication(msalConfig);
export const AuthProvider = ({ children }) => {
const [user, setUser] = useState(null);
const [isLoading, setIsLoading] = useState(true);
const [userGroups, setUserGroups] = useState([]);
const [isAuthorized, setIsAuthorized] = useState(false);
// Initialise MSAL au montage
// Fonction pour obtenir l'URL de l'API backend
const getApiUrl = (endpoint) => {
const possibleUrls = [
'http://localhost/GTA/project/public/php/',
'http://localhost:80/GTA/project/public/php/',
'http://localhost/GTA/public/php/',
'http://localhost/public/php/'
];
return possibleUrls[0] + endpoint; // Utilisez votre URL préférée
};
// Vérifier les groupes utilisateur via l'API backend
const checkUserAuthorization = async (userPrincipalName, accessToken) => {
try {
const response = await fetch(getApiUrl('check-user-groups.php'), {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': `Bearer ${accessToken}`
},
body: JSON.stringify({ userPrincipalName })
});
if (response.ok) {
const data = await response.json();
setUserGroups(data.groups || []);
setIsAuthorized(data.authorized || false);
return data;
}
return { authorized: false, groups: [] };
} catch (error) {
console.error('Erreur vérification groupes:', error);
return { authorized: false, groups: [] };
}
};
// Synchroniser l'utilisateur avec la base locale
const syncUserToDatabase = async (entraUser, accessToken) => {
try {
const response = await fetch(getApiUrl('check-user-groups.php'), {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': `Bearer ${accessToken}`
},
body: JSON.stringify({
entraUserId: entraUser.id,
userPrincipalName: entraUser.userPrincipalName,
email: entraUser.mail || entraUser.userPrincipalName,
displayName: entraUser.displayName,
givenName: entraUser.givenName,
surname: entraUser.surname,
jobTitle: entraUser.jobTitle,
department: entraUser.department,
officeLocation: entraUser.officeLocation
})
});
if (response.ok) {
return await response.json();
}
} catch (error) {
console.error('Erreur synchronisation utilisateur:', error);
}
return null;
};
// Initialisation MSAL
useEffect(() => {
const initializeMsal = async () => {
try {
await msalInstance.initialize();
// Vérifier si il y a un utilisateur connecté
const accounts = msalInstance.getAllAccounts();
if (accounts.length > 0) {
// Essayer de récupérer un token silencieusement
try {
const response = await msalInstance.acquireTokenSilent({
...loginRequest,
account: accounts[0]
});
await handleSuccessfulAuth(response);
} catch (error) {
console.log('Token silent acquisition failed:', error);
}
}
} catch (error) {
console.error("Erreur d'initialisation MSAL:", error);
} finally {
setIsLoading(false);
}
};
initializeMsal();
const savedUser = localStorage.getItem('user');
if (savedUser) {
try {
setUser(JSON.parse(savedUser));
} catch (error) {
console.error("Erreur parsing utilisateur sauvegardé:", error);
localStorage.removeItem('user');
}
}
setIsLoading(false);
}, []);
const login = async (email, password) => {
// Gérer l'authentification réussie
const handleSuccessfulAuth = async (authResponse) => {
try {
const possibleUrls = [
'http://localhost/GTA/project/public/php/login.php',
'http://localhost:80/GTA/project/public/php/login.php',
'http://localhost/GTA/public/php/login.php',
'http://localhost/public/php/login.php'
];
const account = authResponse.account;
const accessToken = authResponse.accessToken;
let response = null;
for (const url of possibleUrls) {
// Récupérer profil Microsoft Graph
const graphResponse = await fetch('https://graph.microsoft.com/v1.0/me', {
headers: { 'Authorization': `Bearer ${accessToken}` }
});
let entraUser = {
id: account.homeAccountId,
displayName: account.name,
userPrincipalName: account.username,
mail: account.username
};
if (graphResponse.ok) {
const graphData = await graphResponse.json();
entraUser = { ...entraUser, ...graphData };
}
// 🔹 Synchroniser lutilisateur dans la DB
const syncResult = await syncUserToDatabase(entraUser, accessToken);
// 🚀 NEW : si admin → lancer full-sync.php
if (syncResult?.role === "Admin") {
try {
console.log("Test URL:", url);
response = await fetch(url, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email, mot_de_passe: password }),
const syncResp = await fetch(getApiUrl('full-sync.php'), {
method: "POST",
headers: { "Authorization": `Bearer ${accessToken}` }
});
if (response.ok) break;
} catch {
continue;
const syncData = await syncResp.json();
console.log("Résultat Full Sync:", syncData);
} catch (err) {
console.error("Erreur synchronisation groupes:", err);
}
}
if (!response || !response.ok) {
throw new Error('Aucune URL de connexion accessible');
// 🔹 Vérifier autorisation via groupes DB
const authResult = await checkUserAuthorization(entraUser.userPrincipalName, accessToken);
if (authResult.authorized) {
const userData = {
id: syncResult?.localUserId || entraUser.id,
entraUserId: entraUser.id,
name: entraUser.displayName,
prenom: entraUser.givenName || entraUser.displayName?.split(' ')[0] || '',
nom: entraUser.surname || entraUser.displayName?.split(' ')[1] || '',
email: entraUser.mail || entraUser.userPrincipalName,
userPrincipalName: entraUser.userPrincipalName,
role: syncResult?.role || 'Employe',
service: syncResult?.service || 'Non défini',
jobTitle: entraUser.jobTitle,
department: entraUser.department,
officeLocation: entraUser.officeLocation,
groups: authResult.groups
};
setUser(userData);
setIsAuthorized(true);
return true;
} else {
throw new Error('Utilisateur non autorisé - pas membre des groupes requis');
}
} catch (error) {
console.error('Erreur lors de la gestion de l\'authentification:', error);
throw error;
}
};
// Connexion classique (email/mot de passe)
const login = async (email, password) => {
try {
const response = await fetch(getApiUrl('login.php'), {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email, mot_de_passe: password }),
});
if (!response.ok) {
throw new Error('Erreur de connexion');
}
const text = await response.text();
@@ -98,49 +225,79 @@ export const AuthProvider = ({ children }) => {
};
setUser(userData);
localStorage.setItem('user', JSON.stringify(userData));
setIsAuthorized(true);
return true;
} else {
console.error("Échec connexion:", data.message);
return false;
}
return false;
} catch (error) {
console.error("Erreur de connexion:", error);
return false;
}
};
// Connexion Office 365
const loginWithO365 = async () => {
try {
const loginResponse = await msalInstance.loginPopup({
scopes: ["user.read"]
});
const account = loginResponse.account;
if (account) {
const userData = {
id: account.homeAccountId,
name: account.name,
email: account.username,
role: 'Employe',
service: 'Non défini',
};
setUser(userData);
localStorage.setItem('user', JSON.stringify(userData));
return true;
}
return false;
const authResponse = await msalInstance.loginPopup(loginRequest);
await handleSuccessfulAuth(authResponse);
return true;
} catch (error) {
console.error('Erreur login Office 365:', error);
return false;
if (error.message?.includes('non autorisé')) {
throw new Error('Accès refusé: Vous n\'êtes pas membre d\'un groupe autorisé.');
}
throw error;
}
};
const logout = () => {
setUser(null);
localStorage.removeItem('user');
// Déconnexion
const logout = async () => {
try {
const accounts = msalInstance.getAllAccounts();
if (accounts.length > 0) {
await msalInstance.logoutPopup({
account: accounts[0]
});
}
} catch (error) {
console.error('Erreur lors de la déconnexion:', error);
} finally {
setUser(null);
setUserGroups([]);
setIsAuthorized(false);
}
};
const value = { user, login, loginWithO365, logout, isLoading };
// Obtenir un token pour l'API
const getAccessToken = async () => {
try {
const accounts = msalInstance.getAllAccounts();
if (accounts.length === 0) {
throw new Error('Aucun compte connecté');
}
const response = await msalInstance.acquireTokenSilent({
...loginRequest,
account: accounts[0]
});
return response.accessToken;
} catch (error) {
console.error('Erreur obtention token:', error);
return null;
}
};
const value = {
user,
userGroups,
isAuthorized,
login,
loginWithO365,
logout,
isLoading,
getAccessToken
};
return (
<AuthContext.Provider value={value}>
@@ -149,4 +306,4 @@ export const AuthProvider = ({ children }) => {
);
};
export default AuthContext;
export default AuthContext;