update

Level237 · Level237 · commit 6a9ddfc53938 · 2025-11-07T10:47:39.000+01:00
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
@@ -32,6 +32,16 @@ public function login(Request $request){
             if($request->role_id != $loginUser['role_id']){
                 return response()->json(['message'=>"vous n'avez pas les droits d'acces à cette application"], 403);
             }
+            if($request->role_id==1 || $request->role_id==3){
+                $accessTokenName="accessToken";
+                $refreshTokenName="refreshToken";
+            }else if ($request->role_id==2){
+                $accessTokenName="accessTokenSeller";
+                $refreshTokenName="refreshTokenSeller";
+            }else{
+                $accessTokenName="accessTokenDelivery";
+                $refreshTokenName="refreshTokenDelivery";
+            }
             $tokenUser=(new GenerateTokenUserService())->generate($client,$loginUser,$data['password'],$request);
             
             $tokenData = json_decode($tokenUser->getContent(), true);
@@ -43,10 +53,10 @@ public function login(Request $request){
                 $domain = (config('app.env') === 'production') ? '.akevas.com' : null;
                 $secure = config('app.env') === 'production';
 
-                return response()->noContent(204)->cookie('accessToken', $accessToken, 
+                return response()->noContent(204)->cookie($accessTokenName, $accessToken, 
                 Carbon::now()->addMinutes(config('passport.token_ttl'))->timestamp, 
                 '/', $domain, $secure, true, false, 'none')
-            ->cookie('refreshToken', $refreshToken, 
+            ->cookie($refreshTokenName, $refreshToken, 
                 Carbon::now()->addDays(30)->timestamp,
                 '/', $domain, $secure, true, false, 'none');
             }
diff --git a/app/Http/Controllers/Auth/LogoutController.php b/app/Http/Controllers/Auth/LogoutController.php
@@ -16,17 +16,27 @@ public function logout(){
         $domain = (config('app.env') === 'production') ? '.akevas.com' : null;
     $secure = config('app.env') === 'production';
     
+    if($user->role_id==1 || $user->role_id==3){
+        $accessTokenName="accessToken";
+        $refreshTokenName="refreshToken";
+    }else if ($user->role_id==2){
+        $accessTokenName="accessTokenSeller";
+        $refreshTokenName="refreshTokenSeller";
+    }else{
+        $accessTokenName="accessTokenDelivery";
+        $refreshTokenName="refreshTokenDelivery";
+    }
     // 3. Définir la date d'expiration dans le passé (expire immédiatement)
     $pastExpiration = Carbon::now()->subMinutes(5)->timestamp;
 
     // 4. Construire la réponse (statut 204 No Content est courant pour le logout)
     return response()->noContent(204)
         // 5. Faire expirer l'accessToken
-        ->cookie('accessToken', null, 
+        ->cookie($accessTokenName, null, 
             $pastExpiration, 
             '/', $domain, $secure, true, false, 'none') // Utiliser les mêmes paramètres que la pose
         // 6. Faire expirer le refreshToken
-        ->cookie('refreshToken', null, 
+        ->cookie($refreshTokenName, null, 
             $pastExpiration, 
             '/', $domain, $secure, true, false, 'none');
     }
diff --git a/app/Http/Controllers/Auth/SocialAuthController.php b/app/Http/Controllers/Auth/SocialAuthController.php
@@ -51,6 +51,17 @@ public function handleGoogleCallback(): RedirectResponse
             return redirect("{$frontendUrl}/login?code=401");
         }
 
+        if($user->role_id==1 || $user->role_id==3){
+            $accessTokenName="accessToken";
+            $refreshTokenName="refreshToken";
+        }else if ($user->role_id==2){
+            $accessTokenName="accessTokenSeller";
+            $refreshTokenName="refreshTokenSeller";
+        }else{
+            $accessTokenName="accessTokenDelivery";
+            $refreshTokenName="refreshTokenDelivery";
+        }
+
         $scope = $this->getUserScope($user->role_id);
         $tokenResult = $user->createToken('GoogleAuthToken', [$scope]);
         $accessToken = $tokenResult->accessToken;
@@ -62,10 +73,10 @@ public function handleGoogleCallback(): RedirectResponse
         $secure = config('app.env') === 'production';
 
         
-        return redirect("{$frontendUrl}/authenticate")->cookie('accessToken', $accessToken, 
+        return redirect("{$frontendUrl}/authenticate")->cookie($accessTokenName, $accessToken, 
         Carbon::now()->addMinutes(config('passport.token_ttl'))->timestamp, 
         '/', $domain, $secure, true, false, 'none') // ttl, path, domain, secure, httpOnly, raw, sameSite
-    ->cookie('refreshToken', $refreshToken, 
+    ->cookie($refreshTokenName, $refreshToken, 
         Carbon::now()->addDays(30)->timestamp, // Longue durée de vie
         '/', $domain, $secure, true, false, 'none');
     }
