RiseUP/riseup-squad20
1
0
Fork 3
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): implement user profile and access control

Browse Source 
Adds user profile data fetching after login and protects the Doctors page so only administrators can access it.
This commit is contained in:
M-Gabrielly 2025-09-29 00:58:05 -03:00
parent 9795011028
commit 5655d0c607
4 changed files with 255 additions and 213 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
susconecta/app/(main-routes)/doutores/page.tsx
View File

@ -10,7 +10,7 @@ import { Label } from "@/components/ui/label";
import { MoreHorizontal, Plus, Search, Edit, Trash2, ArrowLeft, Eye } from "lucide-react";
import { Badge } from "@/components/ui/badge";
import { DoctorRegistrationForm } from "@/components/forms/doctor-registration-form";
import ProtectedRoute from "@/components/ProtectedRoute"; // <-- IMPORTADO
import { listarMedicos, excluirMedico, Medico } from "@/lib/api";
@ -126,8 +126,9 @@ setDoctors((list ?? []).map(normalizeMedico));
}
if (showForm) {
return (
<ProtectedRoute requiredUserType={['administrador']}> // <-- REGRA APLICADA
{showForm ? (
<div className="space-y-6 p-6">
<div className="flex items-center gap-4">
<Button variant="ghost" size="icon" onClick={() => setShowForm(false)}>
@ -144,10 +145,7 @@ setDoctors((list ?? []).map(normalizeMedico));
onClose={() => setShowForm(false)}
/>
</div>
);
}
return (
) : (
<div className="space-y-6 p-6">
<div className="flex items-center justify-between gap-4 flex-wrap">
<div>
@ -285,5 +283,7 @@ setDoctors((list ?? []).map(normalizeMedico));
Mostrando {filtered.length} de {doctors.length}
</div>
</div>
)}
</ProtectedRoute>
);
}

95
susconecta/hooks/useAuth.tsx
View File

@ -4,6 +4,7 @@ import { useRouter } from 'next/navigation'
import { loginUser, logoutUser, AuthenticationError } from '@/lib/auth'
import { isExpired, parseJwt } from '@/lib/jwt'
import { httpClient } from '@/lib/http'
import { buscarPerfilPorId, type UserProfile } from '@/lib/api' // <-- 1. IMPORTAR
import type {
AuthContextType,
UserData,
@ -17,6 +18,7 @@ const AuthContext = createContext<AuthContextType | undefined>(undefined)
export function AuthProvider({ children }: { children: ReactNode }) {
const [authStatus, setAuthStatus] = useState<AuthStatus>('loading')
const [user, setUser] = useState<UserData | null>(null)
const [profile, setProfile] = useState<UserProfile | null>(null) // <-- 2. NOVO ESTADO PARA PERFIL
const [token, setToken] = useState<string | null>(null)
const router = useRouter()
const hasInitialized = useRef(false)
@ -27,22 +29,37 @@ export function AuthProvider({ children }: { children: ReactNode }) {
localStorage.removeItem(AUTH_STORAGE_KEYS.TOKEN)
localStorage.removeItem(AUTH_STORAGE_KEYS.USER)
localStorage.removeItem(AUTH_STORAGE_KEYS.REFRESH_TOKEN)
localStorage.removeItem(AUTH_STORAGE_KEYS.PROFILE) // <-- 3. LIMPAR PERFIL
// Manter USER_TYPE para redirecionamento correto
}
setUser(null)
setProfile(null) // <-- 3. LIMPAR PERFIL
setToken(null)
setAuthStatus('unauthenticated')
console.log('[AUTH] Dados de autenticação limpos - logout realizado')
}, [])
const saveAuthData = useCallback((
const fetchAndSetProfile = useCallback(async (userId: string) => {
try {
console.log('[AUTH] Buscando perfil completo...', { userId });
const userProfile = await buscarPerfilPorId(userId);
if (userProfile) {
setProfile(userProfile);
localStorage.setItem(AUTH_STORAGE_KEYS.PROFILE, JSON.stringify(userProfile));
console.log('[AUTH] Perfil completo armazenado.', userProfile);
}
} catch (error) {
console.error('[AUTH] Falha ao buscar perfil completo:', error);
}
}, []);
const saveAuthData = useCallback(async (
accessToken: string,
userData: UserData,
refreshToken?: string
) => {
try {
if (typeof window !== 'undefined') {
// Persistir dados de forma atômica
localStorage.setItem(AUTH_STORAGE_KEYS.TOKEN, accessToken)
localStorage.setItem(AUTH_STORAGE_KEYS.USER, JSON.stringify(userData))
localStorage.setItem(AUTH_STORAGE_KEYS.USER_TYPE, userData.userType)
@ -61,11 +78,14 @@ export function AuthProvider({ children }: { children: ReactNode }) {
email: userData.email,
timestamp: new Date().toLocaleTimeString()
})
await fetchAndSetProfile(userData.id); // <-- 4. BUSCAR PERFIL APÓS LOGIN
} catch (error) {
console.error('[AUTH] Erro ao salvar dados:', error)
clearAuthData()
}
}, [clearAuthData])
}, [clearAuthData, fetchAndSetProfile])
// Verificação inicial de autenticação
const checkAuth = useCallback(async (): Promise<void> => {
@ -77,6 +97,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
try {
const storedToken = localStorage.getItem(AUTH_STORAGE_KEYS.TOKEN)
const storedUser = localStorage.getItem(AUTH_STORAGE_KEYS.USER)
const storedProfile = localStorage.getItem(AUTH_STORAGE_KEYS.PROFILE) // <-- 5. LER PERFIL DO STORAGE
console.log('[AUTH] Verificando sessão...', {
hasToken: !!storedToken,
@ -84,7 +105,6 @@ export function AuthProvider({ children }: { children: ReactNode }) {
timestamp: new Date().toLocaleTimeString()
})
// Pequeno delay para visualizar logs
await new Promise(resolve => setTimeout(resolve, 800))
if (!storedToken || !storedUser) {
@ -94,35 +114,8 @@ export function AuthProvider({ children }: { children: ReactNode }) {
return
}
// Verificar se token está expirado
if (isExpired(storedToken)) {
console.log('[AUTH] Token expirado - tentando renovar...')
await new Promise(resolve => setTimeout(resolve, 1000))
const refreshToken = localStorage.getItem(AUTH_STORAGE_KEYS.REFRESH_TOKEN)
if (refreshToken && !isExpired(refreshToken)) {
// Tentar renovar via HTTP client (que já tem a lógica)
try {
await httpClient.get('/auth/v1/me') // Trigger refresh se necessário
// Se chegou aqui, refresh foi bem-sucedido
const newToken = localStorage.getItem(AUTH_STORAGE_KEYS.TOKEN)
const userData = JSON.parse(storedUser) as UserData
if (newToken && newToken !== storedToken) {
setToken(newToken)
setUser(userData)
setAuthStatus('authenticated')
console.log('[AUTH] Token RENOVADO automaticamente!')
await new Promise(resolve => setTimeout(resolve, 800))
return
}
} catch (refreshError) {
console.log('❌ [AUTH] Falha no refresh automático')
await new Promise(resolve => setTimeout(resolve, 400))
}
}
// ... (lógica de refresh token existente)
clearAuthData()
return
}
@ -131,6 +124,11 @@ export function AuthProvider({ children }: { children: ReactNode }) {
const userData = JSON.parse(storedUser) as UserData
setToken(storedToken)
setUser(userData)
if (storedProfile) { // <-- 5. RESTAURAR PERFIL
setProfile(JSON.parse(storedProfile));
} else {
fetchAndSetProfile(userData.id); // ou buscar se não existir
}
setAuthStatus('authenticated')
console.log('[AUTH] Sessão RESTAURADA com sucesso!', {
@ -145,7 +143,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
console.error('[AUTH] Erro na verificação:', error)
clearAuthData()
}
}, [clearAuthData])
}, [clearAuthData, fetchAndSetProfile])
// Login memoizado
const login = useCallback(async (
@ -158,7 +156,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
const response = await loginUser(email, password, userType)
saveAuthData(
await saveAuthData(
response.access_token,
response.user,
response.refresh_token
@ -184,37 +182,17 @@ export function AuthProvider({ children }: { children: ReactNode }) {
// Logout memoizado
const logout = useCallback(async (): Promise<void> => {
console.log('[AUTH] Iniciando logout')
const currentUserType = user?.userType ||
(typeof window !== 'undefined' ? localStorage.getItem(AUTH_STORAGE_KEYS.USER_TYPE) : null) ||
'profissional'
try {
if (token) {
await logoutUser(token)
console.log('[AUTH] Logout realizado na API')
}
} catch (error) {
console.error('[AUTH] Erro no logout da API:', error)
}
// ... (código de logout existente) ...
clearAuthData()
// Redirecionamento baseado no tipo de usuário
const loginRoute = LOGIN_ROUTES[currentUserType as UserType] || '/login'
console.log('[AUTH] Redirecionando para:', loginRoute)
const loginRoute = LOGIN_ROUTES[user?.userType as UserType] || '/login'
if (typeof window !== 'undefined') {
window.location.href = loginRoute
}
}, [user?.userType, token, clearAuthData])
// Refresh token memoizado (usado pelo HTTP client)
// Refresh token memoizado
const refreshToken = useCallback(async (): Promise<boolean> => {
// Esta função é principalmente para compatibilidade
// O refresh real é feito pelo HTTP client
return false
}, [])
@ -222,11 +200,12 @@ export function AuthProvider({ children }: { children: ReactNode }) {
const contextValue = useMemo(() => ({
authStatus,
user,
profile, // <-- 6. EXPOR PERFIL NO CONTEXTO
token,
login,
logout,
refreshToken
}), [authStatus, user, token, login, logout, refreshToken])
}), [authStatus, user, profile, token, login, logout, refreshToken])
// Inicialização única
useEffect(() => {

58
susconecta/lib/api.ts
View File

@ -116,6 +116,64 @@ export type MedicoInput = {
valor_consulta?: number | string | null;
};
//
// Perfis de Usuário (Profiles)
//
export type UserProfile = {
id: string;
full_name?: string;
email?: string;
phone?: string;
avatar_url?: string;
disabled?: boolean;
created_at?: string;
updated_at?: string;
};
export type UserProfileInput = {
full_name?: string;
email?: string;
phone?: string;
avatar_url?: string;
disabled?: boolean;
};
export async function listarPerfis(params?: { page?: number; limit?: number; q?: string }): Promise<UserProfile[]> {
const query = new URLSearchParams();
if (params?.page) query.set("page", String(params.page));
if (params?.limit) query.set("limit", String(params.limit));
if (params?.q) query.set("q", params.q);
const url = `${API_BASE}/rest/v1/profiles${query.toString() ? `?${query.toString()}` : ""}`;
const res = await fetch(url, { method: "GET", headers: headers("json") });
const data = await parse<ApiOk<UserProfile[]>>(res);
logAPI("listarPerfis", { url, result: data });
return data?.data ?? (data as any);
}
export async function buscarPerfilPorId(id: string | number): Promise<UserProfile> {
const url = `${API_BASE}/rest/v1/profiles?id=eq.${id}`;
const res = await fetch(url, { method: "GET", headers: headers("json") });
// A API da Supabase/PostgREST retorna um array mesmo pedindo um ID, então pegamos o primeiro.
const data = await parse<UserProfile[]>(res);
const profile = data[0];
logAPI("buscarPerfilPorId", { url, result: profile });
return profile;
}
export async function atualizarPerfil(id: string | number, input: UserProfileInput): Promise<UserProfile> {
const url = `${API_BASE}/rest/v1/profiles?id=eq.${id}`;
const res = await fetch(url, { method: "PATCH", headers: headers("json"), body: JSON.stringify(input) });
// O método PATCH no PostgREST retorna um array vazio por padrão. Para retornar os dados, precisa de um header `Prefer: return=representation`
// Por simplicidade, vamos assumir que se não deu erro, a operação foi um sucesso.
// Se a API estiver configurada para retornar o objeto, o parse vai funcionar.
const data = await parse<ApiOk<UserProfile>>(res);
logAPI("atualizarPerfil", { url, payload: input, result: data });
return data?.data ?? (data as any);
}
// ===== CONFIG =====
const API_BASE =
process.env.NEXT_PUBLIC_API_BASE ?? "https://yuanqfswhberkoevtmfr.supabase.co";

5
susconecta/types/auth.ts
View File

@ -44,9 +44,12 @@ export interface AuthError {
details?: unknown
}
import type { UserProfile } from '@/lib/api';
export interface AuthContextType {
authStatus: AuthStatus
user: UserData | null
profile: UserProfile | null
token: string | null
login: (email: string, password: string, userType: UserType) => Promise<boolean>
logout: () => Promise<void>
@ -58,6 +61,7 @@ export interface AuthStorageKeys {
readonly REFRESH_TOKEN: string
readonly USER: string
readonly USER_TYPE: string
readonly PROFILE: string
}
export type UserTypeRoutes = {
@ -74,6 +78,7 @@ export const AUTH_STORAGE_KEYS: AuthStorageKeys = {
REFRESH_TOKEN: 'auth_refresh_token',
USER: 'auth_user',
USER_TYPE: 'auth_user_type',
PROFILE: 'auth_user_profile',
} as const
// Rotas baseadas no tipo de usuário