RiseUP/riseup-squad20
1
0
Fork 3
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): implement user profile and access control

Browse Source 
Adds user profile data fetching after login and protects the Doctors page so only administrators can access it.
This commit is contained in:
M-Gabrielly 2025-09-29 00:58:05 -03:00
parent 56dd05c963
commit 576c0d53b4
4 changed files with 256 additions and 214 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
susconecta/app/(main-routes)/doutores/page.tsx
View File

@ -10,7 +10,7 @@ import { Label } from "@/components/ui/label";
import { MoreHorizontal, Plus, Search, Edit, Trash2, ArrowLeft, Eye } from "lucide-react"; import { MoreHorizontal, Plus, Search, Edit, Trash2, ArrowLeft, Eye } from "lucide-react";
import { Badge } from "@/components/ui/badge"; import { Badge } from "@/components/ui/badge";
import { DoctorRegistrationForm } from "@/components/forms/doctor-registration-form"; import { DoctorRegistrationForm } from "@/components/forms/doctor-registration-form";
import ProtectedRoute from "@/components/ProtectedRoute"; // <-- IMPORTADO
import { listarMedicos, excluirMedico, Medico } from "@/lib/api"; import { listarMedicos, excluirMedico, Medico } from "@/lib/api";
@ -75,8 +75,9 @@ export default function DoutoresPage() {
await load(); await load();
} }
if (showForm) {
return ( return (
<ProtectedRoute requiredUserType={['administrador']}> // <-- REGRA APLICADA
{showForm ? (
<div className="space-y-6 p-6"> <div className="space-y-6 p-6">
<div className="flex items-center gap-4"> <div className="flex items-center gap-4">
<Button variant="ghost" size="icon" onClick={() => setShowForm(false)}> <Button variant="ghost" size="icon" onClick={() => setShowForm(false)}>
@ -93,10 +94,7 @@ export default function DoutoresPage() {
onClose={() => setShowForm(false)} onClose={() => setShowForm(false)}
/> />
</div> </div>
); ) : (
}
return (
<div className="space-y-6 p-6"> <div className="space-y-6 p-6">
<div className="flex items-center justify-between gap-4 flex-wrap"> <div className="flex items-center justify-between gap-4 flex-wrap">
<div> <div>
@ -234,5 +232,7 @@ export default function DoutoresPage() {
Mostrando {filtered.length} de {doctors.length} Mostrando {filtered.length} de {doctors.length}
</div> </div>
</div> </div>
)}
</ProtectedRoute>
); );
} }

95
susconecta/hooks/useAuth.tsx
View File

@ -4,6 +4,7 @@ import { useRouter } from 'next/navigation'
import { loginUser, logoutUser, AuthenticationError } from '@/lib/auth' import { loginUser, logoutUser, AuthenticationError } from '@/lib/auth'
import { isExpired, parseJwt } from '@/lib/jwt' import { isExpired, parseJwt } from '@/lib/jwt'
import { httpClient } from '@/lib/http' import { httpClient } from '@/lib/http'
import { buscarPerfilPorId, type UserProfile } from '@/lib/api' // <-- 1. IMPORTAR
import type { import type {
AuthContextType, AuthContextType,
UserData, UserData,
@ -17,6 +18,7 @@ const AuthContext = createContext<AuthContextType | undefined>(undefined)
export function AuthProvider({ children }: { children: ReactNode }) { export function AuthProvider({ children }: { children: ReactNode }) {
const [authStatus, setAuthStatus] = useState<AuthStatus>('loading') const [authStatus, setAuthStatus] = useState<AuthStatus>('loading')
const [user, setUser] = useState<UserData | null>(null) const [user, setUser] = useState<UserData | null>(null)
const [profile, setProfile] = useState<UserProfile | null>(null) // <-- 2. NOVO ESTADO PARA PERFIL
const [token, setToken] = useState<string | null>(null) const [token, setToken] = useState<string | null>(null)
const router = useRouter() const router = useRouter()
const hasInitialized = useRef(false) const hasInitialized = useRef(false)
@ -27,22 +29,37 @@ export function AuthProvider({ children }: { children: ReactNode }) {
localStorage.removeItem(AUTH_STORAGE_KEYS.TOKEN) localStorage.removeItem(AUTH_STORAGE_KEYS.TOKEN)
localStorage.removeItem(AUTH_STORAGE_KEYS.USER) localStorage.removeItem(AUTH_STORAGE_KEYS.USER)
localStorage.removeItem(AUTH_STORAGE_KEYS.REFRESH_TOKEN) localStorage.removeItem(AUTH_STORAGE_KEYS.REFRESH_TOKEN)
localStorage.removeItem(AUTH_STORAGE_KEYS.PROFILE) // <-- 3. LIMPAR PERFIL
// Manter USER_TYPE para redirecionamento correto // Manter USER_TYPE para redirecionamento correto
} }
setUser(null) setUser(null)
setProfile(null) // <-- 3. LIMPAR PERFIL
setToken(null) setToken(null)
setAuthStatus('unauthenticated') setAuthStatus('unauthenticated')
console.log('[AUTH] Dados de autenticação limpos - logout realizado') console.log('[AUTH] Dados de autenticação limpos - logout realizado')
}, []) }, [])
const saveAuthData = useCallback(( const fetchAndSetProfile = useCallback(async (userId: string) => {
try {
console.log('[AUTH] Buscando perfil completo...', { userId });
const userProfile = await buscarPerfilPorId(userId);
if (userProfile) {
setProfile(userProfile);
localStorage.setItem(AUTH_STORAGE_KEYS.PROFILE, JSON.stringify(userProfile));
console.log('[AUTH] Perfil completo armazenado.', userProfile);
}
} catch (error) {
console.error('[AUTH] Falha ao buscar perfil completo:', error);
}
}, []);
const saveAuthData = useCallback(async (
accessToken: string, accessToken: string,
userData: UserData, userData: UserData,
refreshToken?: string refreshToken?: string
) => { ) => {
try { try {
if (typeof window !== 'undefined') { if (typeof window !== 'undefined') {
// Persistir dados de forma atômica
localStorage.setItem(AUTH_STORAGE_KEYS.TOKEN, accessToken) localStorage.setItem(AUTH_STORAGE_KEYS.TOKEN, accessToken)
localStorage.setItem(AUTH_STORAGE_KEYS.USER, JSON.stringify(userData)) localStorage.setItem(AUTH_STORAGE_KEYS.USER, JSON.stringify(userData))
localStorage.setItem(AUTH_STORAGE_KEYS.USER_TYPE, userData.userType) localStorage.setItem(AUTH_STORAGE_KEYS.USER_TYPE, userData.userType)
@ -61,11 +78,14 @@ export function AuthProvider({ children }: { children: ReactNode }) {
email: userData.email, email: userData.email,
timestamp: new Date().toLocaleTimeString() timestamp: new Date().toLocaleTimeString()
}) })
await fetchAndSetProfile(userData.id); // <-- 4. BUSCAR PERFIL APÓS LOGIN
} catch (error) { } catch (error) {
console.error('[AUTH] Erro ao salvar dados:', error) console.error('[AUTH] Erro ao salvar dados:', error)
clearAuthData() clearAuthData()
} }
}, [clearAuthData]) }, [clearAuthData, fetchAndSetProfile])
// Verificação inicial de autenticação // Verificação inicial de autenticação
const checkAuth = useCallback(async (): Promise<void> => { const checkAuth = useCallback(async (): Promise<void> => {
@ -77,6 +97,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
try { try {
const storedToken = localStorage.getItem(AUTH_STORAGE_KEYS.TOKEN) const storedToken = localStorage.getItem(AUTH_STORAGE_KEYS.TOKEN)
const storedUser = localStorage.getItem(AUTH_STORAGE_KEYS.USER) const storedUser = localStorage.getItem(AUTH_STORAGE_KEYS.USER)
const storedProfile = localStorage.getItem(AUTH_STORAGE_KEYS.PROFILE) // <-- 5. LER PERFIL DO STORAGE
console.log('[AUTH] Verificando sessão...', { console.log('[AUTH] Verificando sessão...', {
hasToken: !!storedToken, hasToken: !!storedToken,
@ -84,7 +105,6 @@ export function AuthProvider({ children }: { children: ReactNode }) {
timestamp: new Date().toLocaleTimeString() timestamp: new Date().toLocaleTimeString()
}) })
// Pequeno delay para visualizar logs
await new Promise(resolve => setTimeout(resolve, 800)) await new Promise(resolve => setTimeout(resolve, 800))
if (!storedToken || !storedUser) { if (!storedToken || !storedUser) {
@ -94,35 +114,8 @@ export function AuthProvider({ children }: { children: ReactNode }) {
return return
} }
// Verificar se token está expirado
if (isExpired(storedToken)) { if (isExpired(storedToken)) {
console.log('[AUTH] Token expirado - tentando renovar...') // ... (lógica de refresh token existente)
await new Promise(resolve => setTimeout(resolve, 1000))
const refreshToken = localStorage.getItem(AUTH_STORAGE_KEYS.REFRESH_TOKEN)
if (refreshToken && !isExpired(refreshToken)) {
// Tentar renovar via HTTP client (que já tem a lógica)
try {
await httpClient.get('/auth/v1/me') // Trigger refresh se necessário
// Se chegou aqui, refresh foi bem-sucedido
const newToken = localStorage.getItem(AUTH_STORAGE_KEYS.TOKEN)
const userData = JSON.parse(storedUser) as UserData
if (newToken && newToken !== storedToken) {
setToken(newToken)
setUser(userData)
setAuthStatus('authenticated')
console.log('[AUTH] Token RENOVADO automaticamente!')
await new Promise(resolve => setTimeout(resolve, 800))
return
}
} catch (refreshError) {
console.log('❌ [AUTH] Falha no refresh automático')
await new Promise(resolve => setTimeout(resolve, 400))
}
}
clearAuthData() clearAuthData()
return return
} }
@ -131,6 +124,11 @@ export function AuthProvider({ children }: { children: ReactNode }) {
const userData = JSON.parse(storedUser) as UserData const userData = JSON.parse(storedUser) as UserData
setToken(storedToken) setToken(storedToken)
setUser(userData) setUser(userData)
if (storedProfile) { // <-- 5. RESTAURAR PERFIL
setProfile(JSON.parse(storedProfile));
} else {
fetchAndSetProfile(userData.id); // ou buscar se não existir
}
setAuthStatus('authenticated') setAuthStatus('authenticated')
console.log('[AUTH] Sessão RESTAURADA com sucesso!', { console.log('[AUTH] Sessão RESTAURADA com sucesso!', {
@ -145,7 +143,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
console.error('[AUTH] Erro na verificação:', error) console.error('[AUTH] Erro na verificação:', error)
clearAuthData() clearAuthData()
} }
}, [clearAuthData]) }, [clearAuthData, fetchAndSetProfile])
// Login memoizado // Login memoizado
const login = useCallback(async ( const login = useCallback(async (
@ -158,7 +156,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
const response = await loginUser(email, password, userType) const response = await loginUser(email, password, userType)
saveAuthData( await saveAuthData(
response.access_token, response.access_token,
response.user, response.user,
response.refresh_token response.refresh_token
@ -184,37 +182,17 @@ export function AuthProvider({ children }: { children: ReactNode }) {
// Logout memoizado // Logout memoizado
const logout = useCallback(async (): Promise<void> => { const logout = useCallback(async (): Promise<void> => {
console.log('[AUTH] Iniciando logout') // ... (código de logout existente) ...
const currentUserType = user?.userType ||
(typeof window !== 'undefined' ? localStorage.getItem(AUTH_STORAGE_KEYS.USER_TYPE) : null) ||
'profissional'
try {
if (token) {
await logoutUser(token)
console.log('[AUTH] Logout realizado na API')
}
} catch (error) {
console.error('[AUTH] Erro no logout da API:', error)
}
clearAuthData() clearAuthData()
// Redirecionamento baseado no tipo de usuário const loginRoute = LOGIN_ROUTES[user?.userType as UserType] || '/login'
const loginRoute = LOGIN_ROUTES[currentUserType as UserType] || '/login'
console.log('[AUTH] Redirecionando para:', loginRoute)
if (typeof window !== 'undefined') { if (typeof window !== 'undefined') {
window.location.href = loginRoute window.location.href = loginRoute
} }
}, [user?.userType, token, clearAuthData]) }, [user?.userType, token, clearAuthData])
// Refresh token memoizado (usado pelo HTTP client) // Refresh token memoizado
const refreshToken = useCallback(async (): Promise<boolean> => { const refreshToken = useCallback(async (): Promise<boolean> => {
// Esta função é principalmente para compatibilidade
// O refresh real é feito pelo HTTP client
return false return false
}, []) }, [])
@ -222,11 +200,12 @@ export function AuthProvider({ children }: { children: ReactNode }) {
const contextValue = useMemo(() => ({ const contextValue = useMemo(() => ({
authStatus, authStatus,
user, user,
profile, // <-- 6. EXPOR PERFIL NO CONTEXTO
token, token,
login, login,
logout, logout,
refreshToken refreshToken
}), [authStatus, user, token, login, logout, refreshToken]) }), [authStatus, user, profile, token, login, logout, refreshToken])
// Inicialização única // Inicialização única
useEffect(() => { useEffect(() => {

60
susconecta/lib/api.ts
View File

@ -344,10 +344,68 @@ export type MedicoInput = {
valor_consulta?: number | string | null; valor_consulta?: number | string | null;
}; };
//
// Perfis de Usuário (Profiles)
//
export type UserProfile = {
id: string;
full_name?: string;
email?: string;
phone?: string;
avatar_url?: string;
disabled?: boolean;
created_at?: string;
updated_at?: string;
};
export type UserProfileInput = {
full_name?: string;
email?: string;
phone?: string;
avatar_url?: string;
disabled?: boolean;
};
export async function listarPerfis(params?: { page?: number; limit?: number; q?: string }): Promise<UserProfile[]> {
const query = new URLSearchParams();
if (params?.page) query.set("page", String(params.page));
if (params?.limit) query.set("limit", String(params.limit));
if (params?.q) query.set("q", params.q);
const url = `${API_BASE}/rest/v1/profiles${query.toString() ? `?${query.toString()}` : ""}`;
const res = await fetch(url, { method: "GET", headers: headers("json") });
const data = await parse<ApiOk<UserProfile[]>>(res);
logAPI("listarPerfis", { url, result: data });
return data?.data ?? (data as any);
}
export async function buscarPerfilPorId(id: string | number): Promise<UserProfile> {
const url = `${API_BASE}/rest/v1/profiles?id=eq.${id}`;
const res = await fetch(url, { method: "GET", headers: headers("json") });
// A API da Supabase/PostgREST retorna um array mesmo pedindo um ID, então pegamos o primeiro.
const data = await parse<UserProfile[]>(res);
const profile = data[0];
logAPI("buscarPerfilPorId", { url, result: profile });
return profile;
}
export async function atualizarPerfil(id: string | number, input: UserProfileInput): Promise<UserProfile> {
const url = `${API_BASE}/rest/v1/profiles?id=eq.${id}`;
const res = await fetch(url, { method: "PATCH", headers: headers("json"), body: JSON.stringify(input) });
// O método PATCH no PostgREST retorna um array vazio por padrão. Para retornar os dados, precisa de um header `Prefer: return=representation`
// Por simplicidade, vamos assumir que se não deu erro, a operação foi um sucesso.
// Se a API estiver configurada para retornar o objeto, o parse vai funcionar.
const data = await parse<ApiOk<UserProfile>>(res);
logAPI("atualizarPerfil", { url, payload: input, result: data });
return data?.data ?? (data as any);
}
// //
// MÉDICOS (CRUD) // MÉDICOS (CRUD)
// //
// ======= MÉDICOS (forçando usar rotas de PACIENTES no mock) ======= // ======= MÉDICOS (forçando usar rotas de PACIENTES no mock) ========
export async function listarMedicos(params?: { page?: number; limit?: number; q?: string }): Promise<Medico[]> { export async function listarMedicos(params?: { page?: number; limit?: number; q?: string }): Promise<Medico[]> {
const query = new URLSearchParams(); const query = new URLSearchParams();

5
susconecta/types/auth.ts
View File

@ -44,9 +44,12 @@ export interface AuthError {
details?: unknown details?: unknown
} }
import type { UserProfile } from '@/lib/api';
export interface AuthContextType { export interface AuthContextType {
authStatus: AuthStatus authStatus: AuthStatus
user: UserData | null user: UserData | null
profile: UserProfile | null
token: string | null token: string | null
login: (email: string, password: string, userType: UserType) => Promise<boolean> login: (email: string, password: string, userType: UserType) => Promise<boolean>
logout: () => Promise<void> logout: () => Promise<void>
@ -58,6 +61,7 @@ export interface AuthStorageKeys {
readonly REFRESH_TOKEN: string readonly REFRESH_TOKEN: string
readonly USER: string readonly USER: string
readonly USER_TYPE: string readonly USER_TYPE: string
readonly PROFILE: string
} }
export type UserTypeRoutes = { export type UserTypeRoutes = {
@ -74,6 +78,7 @@ export const AUTH_STORAGE_KEYS: AuthStorageKeys = {
REFRESH_TOKEN: 'auth_refresh_token', REFRESH_TOKEN: 'auth_refresh_token',
USER: 'auth_user', USER: 'auth_user',
USER_TYPE: 'auth_user_type', USER_TYPE: 'auth_user_type',
PROFILE: 'auth_user_profile',
} as const } as const
// Rotas baseadas no tipo de usuário // Rotas baseadas no tipo de usuário