From 5a49f3f099fd2605c463aef1dfda5604d16de03c Mon Sep 17 00:00:00 2001
From: Alma <alma@MacBook-Air-de-Alma.local>
Date: Sun, 13 Apr 2025 00:47:30 +0200
Subject: [PATCH] widget parole 16

---
 app/api/rocket-chat/messages/route.ts | 47 ++++++++++++++++-----------
 1 file changed, 28 insertions(+), 19 deletions(-)

diff --git a/app/api/rocket-chat/messages/route.ts b/app/api/rocket-chat/messages/route.ts
index 35486cb6..d6c19b3e 100644
--- a/app/api/rocket-chat/messages/route.ts
+++ b/app/api/rocket-chat/messages/route.ts
@@ -51,15 +51,14 @@ export async function GET(request: Request) {
 
     console.log('Using Rocket.Chat base URL:', baseUrl);
 
-    // Use admin token to get messages
+    // Step 1: Use admin token to authenticate
     const adminHeaders = {
       'X-Auth-Token': process.env.ROCKET_CHAT_TOKEN!,
       'X-User-Id': process.env.ROCKET_CHAT_USER_ID!,
-      'Content-Type': 'application/json',
-      'Accept': 'application/json'
+      'Content-Type': 'application/json'
     };
 
-    // First, get the user's Rocket.Chat ID using their email
+    // Step 2: Get the current user's Rocket.Chat ID
     const username = session.user.email.split('@')[0];
     if (!username) {
       console.error('No username found in session email');
@@ -74,8 +73,6 @@ export async function GET(request: Request) {
 
     if (!usersResponse.ok) {
       console.error('Failed to get users list:', usersResponse.status);
-      const errorText = await usersResponse.text();
-      console.error('Users list error details:', errorText);
       return NextResponse.json({ messages: [] }, { status: 200 });
     }
 
@@ -101,16 +98,35 @@ export async function GET(request: Request) {
       id: currentUser._id
     });
 
-    // Get user's subscriptions using admin token
+    // Step 3: Create a user token for the current user using admin token
+    const createTokenResponse = await fetch(`${baseUrl}/api/v1/users.createToken`, {
+      method: 'POST',
+      headers: adminHeaders,
+      body: JSON.stringify({
+        userId: currentUser._id
+      })
+    });
+
+    if (!createTokenResponse.ok) {
+      console.error('Failed to create user token:', createTokenResponse.status);
+      return NextResponse.json({ messages: [] }, { status: 200 });
+    }
+
+    const tokenData = await createTokenResponse.json();
+    const userHeaders = {
+      'X-Auth-Token': tokenData.data.authToken,
+      'X-User-Id': currentUser._id,
+      'Content-Type': 'application/json'
+    };
+
+    // Step 4: Get user's subscriptions using user token
     const subscriptionsResponse = await fetch(`${baseUrl}/api/v1/subscriptions.get`, {
       method: 'GET',
-      headers: adminHeaders
+      headers: userHeaders
     });
 
     if (!subscriptionsResponse.ok) {
       console.error('Failed to get subscriptions:', subscriptionsResponse.status);
-      const errorText = await subscriptionsResponse.text();
-      console.error('Subscriptions error details:', errorText);
       return NextResponse.json({ messages: [] }, { status: 200 });
     }
 
@@ -152,7 +168,7 @@ export async function GET(request: Request) {
     const messages: any[] = [];
     const processedRooms = new Set();
 
-    // Fetch messages using admin token
+    // Step 5: Fetch messages using user token
     for (const subscription of userSubscriptions) {
       if (messages.length >= 7 || processedRooms.has(subscription._id)) continue;
       processedRooms.add(subscription._id);
@@ -165,7 +181,7 @@ export async function GET(request: Request) {
         const messagesResponse = await fetch(
           `${baseUrl}/api/v1/${endpoint}?roomId=${subscription.rid}&count=1`, {
           method: 'GET',
-          headers: adminHeaders
+          headers: userHeaders
         });
 
         if (!messagesResponse.ok) {
@@ -175,13 +191,6 @@ export async function GET(request: Request) {
           continue;
         }
 
-        // Check if response is JSON
-        const contentType = messagesResponse.headers.get('content-type');
-        if (!contentType?.includes('application/json')) {
-          console.error(`Non-JSON response for room ${subscription.name}:`, contentType);
-          continue;
-        }
-
         const messageData = await messagesResponse.json();
         console.log(`Messages for room ${subscription.name}:`, {
           success: messageData.success,