241 lines
7.3 KiB
TypeScript
241 lines
7.3 KiB
TypeScript
import { getServerSession } from "next-auth";
|
|
import { authOptions } from "@/app/api/auth/[...nextauth]/route";
|
|
import { NextResponse } from "next/server";
|
|
|
|
// Helper function to delete user from Leantime
|
|
async function deleteLeantimeUser(email: string): Promise<{ success: boolean; error?: string }> {
|
|
try {
|
|
// First, get all users from Leantime
|
|
const getUsersResponse = await fetch('https://agilite.slm-lab.net/api/jsonrpc', {
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/json',
|
|
'X-API-Key': process.env.LEANTIME_TOKEN || '',
|
|
},
|
|
body: JSON.stringify({
|
|
method: 'leantime.rpc.Users.Users.getAll',
|
|
jsonrpc: '2.0',
|
|
id: 1,
|
|
params: {}
|
|
})
|
|
});
|
|
|
|
const getUsersData = await getUsersResponse.json();
|
|
console.log('Leantime get users response:', getUsersData);
|
|
|
|
if (!getUsersResponse.ok || !getUsersData.result) {
|
|
console.error('Failed to get Leantime users:', getUsersData);
|
|
return {
|
|
success: false,
|
|
error: getUsersData.error?.message || 'Failed to get users in Leantime'
|
|
};
|
|
}
|
|
|
|
// Find the user with matching email
|
|
const user = getUsersData.result.find((u: any) => u.username === email);
|
|
if (!user) {
|
|
console.log('User not found in Leantime, might have been already deleted');
|
|
return { success: true }; // Consider it a success if user doesn't exist
|
|
}
|
|
|
|
// Now delete the user using their Leantime ID
|
|
const deleteResponse = await fetch('https://agilite.slm-lab.net/api/jsonrpc', {
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/json',
|
|
'X-API-Key': process.env.LEANTIME_TOKEN || '',
|
|
},
|
|
body: JSON.stringify({
|
|
method: 'leantime.rpc.Users.Users.deleteUser',
|
|
jsonrpc: '2.0',
|
|
id: 1,
|
|
params: {
|
|
id: user.id
|
|
}
|
|
})
|
|
});
|
|
|
|
const deleteData = await deleteResponse.json();
|
|
console.log('Leantime delete response:', deleteData);
|
|
|
|
if (!deleteResponse.ok || !deleteData.result) {
|
|
console.error('Leantime user deletion failed:', deleteData);
|
|
return {
|
|
success: false,
|
|
error: deleteData.error?.message || 'Failed to delete user in Leantime'
|
|
};
|
|
}
|
|
|
|
return { success: true };
|
|
} catch (error) {
|
|
console.error('Error deleting Leantime user:', error);
|
|
return {
|
|
success: false,
|
|
error: 'Error deleting user in Leantime'
|
|
};
|
|
}
|
|
}
|
|
|
|
//TODO: Ajouter la suppression automatique du compte Nextcloud
|
|
export async function DELETE(
|
|
req: Request,
|
|
{ params }: { params: { userId: string } }
|
|
) {
|
|
const session = await getServerSession(authOptions);
|
|
|
|
if (!session) {
|
|
return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
|
|
}
|
|
|
|
try {
|
|
// First get an admin token using client credentials
|
|
const tokenResponse = await fetch(
|
|
`${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`,
|
|
{
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded',
|
|
},
|
|
body: new URLSearchParams({
|
|
grant_type: 'client_credentials',
|
|
client_id: process.env.KEYCLOAK_CLIENT_ID!,
|
|
client_secret: process.env.KEYCLOAK_CLIENT_SECRET!,
|
|
}),
|
|
}
|
|
);
|
|
|
|
const tokenData = await tokenResponse.json();
|
|
|
|
if (!tokenResponse.ok) {
|
|
console.error("Failed to get admin token:", tokenData);
|
|
return NextResponse.json(
|
|
{ error: "Erreur d'authentification" },
|
|
{ status: 401 }
|
|
);
|
|
}
|
|
|
|
// Get user details before deletion to get their email
|
|
const userResponse = await fetch(
|
|
`${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${params.userId}`,
|
|
{
|
|
headers: {
|
|
Authorization: `Bearer ${tokenData.access_token}`,
|
|
},
|
|
}
|
|
);
|
|
|
|
if (!userResponse.ok) {
|
|
console.error("Failed to get user details:", await userResponse.text());
|
|
return NextResponse.json(
|
|
{ error: "Erreur lors de la récupération des détails de l'utilisateur" },
|
|
{ status: userResponse.status }
|
|
);
|
|
}
|
|
|
|
const userDetails = await userResponse.json();
|
|
|
|
// Delete user from Keycloak
|
|
const deleteResponse = await fetch(
|
|
`${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${params.userId}`,
|
|
{
|
|
method: "DELETE",
|
|
headers: {
|
|
Authorization: `Bearer ${tokenData.access_token}`,
|
|
},
|
|
}
|
|
);
|
|
|
|
console.log("Keycloak delete response:", {
|
|
status: deleteResponse.status,
|
|
ok: deleteResponse.ok
|
|
});
|
|
|
|
if (!deleteResponse.ok) {
|
|
const errorText = await deleteResponse.text();
|
|
console.error("Delete error:", errorText);
|
|
return NextResponse.json(
|
|
{ error: "Erreur lors de la suppression", details: errorText },
|
|
{ status: deleteResponse.status }
|
|
);
|
|
}
|
|
|
|
// Delete user from Leantime
|
|
const leantimeResult = await deleteLeantimeUser(userDetails.email);
|
|
|
|
if (!leantimeResult.success) {
|
|
console.error("Leantime user deletion failed:", leantimeResult.error);
|
|
// We don't return an error here since Keycloak user was deleted successfully
|
|
// We just log the error and continue
|
|
}
|
|
|
|
return NextResponse.json({ success: true });
|
|
} catch (error) {
|
|
console.error("Error deleting user:", error);
|
|
return NextResponse.json(
|
|
{ error: "Erreur serveur", details: error },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|
|
|
|
export async function PUT(
|
|
req: Request,
|
|
{ params }: { params: { userId: string } }
|
|
) {
|
|
const session = await getServerSession(authOptions);
|
|
|
|
if (!session) {
|
|
return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
|
|
}
|
|
|
|
try {
|
|
const body = await req.json();
|
|
|
|
// Get client credentials token
|
|
const tokenResponse = await fetch(
|
|
`${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`,
|
|
{
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded',
|
|
},
|
|
body: new URLSearchParams({
|
|
grant_type: 'client_credentials',
|
|
client_id: process.env.KEYCLOAK_CLIENT_ID!,
|
|
client_secret: process.env.KEYCLOAK_CLIENT_SECRET!,
|
|
}),
|
|
}
|
|
);
|
|
|
|
const tokenData = await tokenResponse.json();
|
|
|
|
if (!tokenResponse.ok) {
|
|
console.error("Failed to get token:", tokenData);
|
|
return NextResponse.json({ error: "Failed to get token" }, { status: 500 });
|
|
}
|
|
|
|
// Update user
|
|
const updateResponse = await fetch(
|
|
`${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${params.userId}`,
|
|
{
|
|
method: 'PUT',
|
|
headers: {
|
|
'Authorization': `Bearer ${tokenData.access_token}`,
|
|
'Content-Type': 'application/json',
|
|
},
|
|
body: JSON.stringify(body),
|
|
}
|
|
);
|
|
|
|
if (!updateResponse.ok) {
|
|
const errorData = await updateResponse.json();
|
|
console.error("Failed to update user:", errorData);
|
|
return NextResponse.json({ error: "Failed to update user" }, { status: updateResponse.status });
|
|
}
|
|
|
|
return NextResponse.json({ success: true });
|
|
} catch (error) {
|
|
console.error("Error in PUT user:", error);
|
|
return NextResponse.json({ error: "Internal server error" }, { status: 500 });
|
|
}
|
|
}
|