145 lines
3.5 KiB
JavaScript
145 lines
3.5 KiB
JavaScript
// src/stores/authStore.js
|
|
import { defineStore } from 'pinia'
|
|
import api from 'src/services/api'
|
|
import { usePermissionStore } from 'stores/permissionStore'
|
|
|
|
function normalizeRoleCode (value) {
|
|
return String(value || '').trim().toLowerCase()
|
|
}
|
|
|
|
function roleCodeFromUser (user) {
|
|
if (!user || typeof user !== 'object') return ''
|
|
|
|
return normalizeRoleCode(
|
|
user.role_code ??
|
|
user.roleCode ??
|
|
user.RoleCode
|
|
)
|
|
}
|
|
|
|
function decodeJwtPayload (token) {
|
|
const raw = String(token || '').trim()
|
|
if (!raw) return null
|
|
|
|
const parts = raw.split('.')
|
|
if (parts.length !== 3) return null
|
|
|
|
try {
|
|
const base64 = parts[1]
|
|
.replace(/-/g, '+')
|
|
.replace(/_/g, '/')
|
|
.padEnd(Math.ceil(parts[1].length / 4) * 4, '=')
|
|
|
|
const json = atob(base64)
|
|
return JSON.parse(json)
|
|
} catch {
|
|
return null
|
|
}
|
|
}
|
|
|
|
export const useAuthStore = defineStore('auth', {
|
|
state: () => {
|
|
let user = null
|
|
|
|
try {
|
|
const raw = localStorage.getItem('user')
|
|
if (raw && raw !== 'undefined' && raw !== 'null') {
|
|
user = JSON.parse(raw)
|
|
}
|
|
} catch {
|
|
console.warn('⚠️ Invalid user in localStorage, cleared')
|
|
localStorage.removeItem('user')
|
|
}
|
|
|
|
return {
|
|
token: localStorage.getItem('token'),
|
|
user,
|
|
forcePasswordChange: localStorage.getItem('forcePasswordChange') === '1'
|
|
}
|
|
},
|
|
|
|
getters: {
|
|
isAuthenticated: s => !!s.token,
|
|
mustChangePassword: s => !!s.forcePasswordChange,
|
|
|
|
// 🔥 TEK ADMIN KURALI
|
|
isAdmin: s => {
|
|
const fromUser = roleCodeFromUser(s.user)
|
|
if (fromUser) return fromUser === 'admin'
|
|
|
|
const payload = decodeJwtPayload(s.token)
|
|
return normalizeRoleCode(payload?.role_code) === 'admin'
|
|
}
|
|
},
|
|
|
|
actions: {
|
|
/* =========================================================
|
|
🔐 SESSION
|
|
========================================================= */
|
|
setSession ({ token, user }) {
|
|
this.token = token
|
|
this.user = user || null
|
|
this.forcePasswordChange = !!user?.force_password_change
|
|
|
|
localStorage.setItem('token', token)
|
|
|
|
if (user) {
|
|
localStorage.setItem('user', JSON.stringify(user))
|
|
} else {
|
|
localStorage.removeItem('user')
|
|
}
|
|
|
|
localStorage.setItem(
|
|
'forcePasswordChange',
|
|
this.forcePasswordChange ? '1' : '0'
|
|
)
|
|
},
|
|
|
|
clearSession () {
|
|
this.token = null
|
|
this.user = null
|
|
this.forcePasswordChange = false
|
|
|
|
localStorage.removeItem('token')
|
|
localStorage.removeItem('user')
|
|
localStorage.removeItem('forcePasswordChange')
|
|
|
|
usePermissionStore().clear()
|
|
},
|
|
|
|
/* =========================================================
|
|
🔐 LOGIN
|
|
========================================================= */
|
|
async login (username, password) {
|
|
const res = await api.post('/auth/login', { username, password })
|
|
|
|
const token =
|
|
res?.token ||
|
|
res?.data?.token ||
|
|
res?.access_token ||
|
|
res?.data?.access_token
|
|
|
|
const user =
|
|
res?.user ||
|
|
res?.data?.user
|
|
|
|
// ✅ JWT doğrulama
|
|
const tokenStr = typeof token === 'string' ? token.trim() : ''
|
|
const looksLikeJwt = tokenStr.split('.').length === 3
|
|
|
|
if (!tokenStr || !looksLikeJwt) {
|
|
console.error('❌ LOGIN RESPONSE (unexpected):', res)
|
|
throw new Error('Invalid login token')
|
|
}
|
|
|
|
this.setSession({ token: tokenStr, user })
|
|
|
|
// 🔥 PERMISSIONS
|
|
const perm = usePermissionStore()
|
|
await perm.fetchPermissions()
|
|
|
|
return true
|
|
}
|
|
}
|
|
})
|