andrea/magricambi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: andrea:71ed95251c0ddebfaa650b90572e1bf6447469d9
Branches Tags
andrea:main
..
compare: andrea:319d8c95e98e4f5bd9b2dfebe695625e4f46b329
Branches Tags
andrea:main

10 commits
71ed95251c ... 319d8c95e9

Author SHA1 Message Date
AV77web
319d8c95e9 Commit di prova per migrazione a Forgejo
Some checks failed
Deploy to VPS / build (push) Has been cancelled
Details
Deploy to VPS / deploy (push) Has been cancelled
Details
2026-05-28 15:25:56 +02:00
AV77web
76095ffff0 ridimensionata l'immagine Home.jpg 2026-05-27 17:13:30 +02:00
AV77web
adf745e28b Merge branch 'main' of github.com:AV77web/magricambi 2026-05-27 17:08:26 +02:00
AV77web
68b8ab31b7 inserito proxy.ts per il login 2026-05-27 17:06:04 +02:00
AV77web
1a81ef0865 modifica a login 2026-05-27 16:58:22 +02:00
AV77web
85e6aad3f1 inserita immagine Home.jpg nella pagina login 2026-05-27 16:46:16 +02:00
AV77web
487983bf3e visualizzazione della NavBar dopo il login 2026-05-27 16:30:40 +02:00
AV77web
cb75c19b8c tolto SignOutButton da layout.ts di management 2026-05-27 16:25:21 +02:00
AV77web
b006ac7f00 inerito SignOuitButton 2026-05-27 16:10:53 +02:00
AV77web
2de9d601f5 inseriti log per verifica login 2026-05-27 15:24:29 +02:00
16 changed files with 308 additions and 68 deletions
Show stats Expand all files Collapse all files

4
docker-compose.yml
View file

@ -7,6 +7,8 @@ services:
restart: always
env_file:
- .env
environment:
MYSQL_HOST: mysql
ports:
- "127.0.0.1:3001:3000"
depends_on:
@ -23,6 +25,8 @@ services:
MYSQL_PASSWORD: ${MYSQL_PASSWORD}
volumes:
- dbdata:/var/lib/mysql
ports:
- "127.0.0.1:3306:3306"
phpmyadmin:
image: phpmyadmin:latest

BIN
immagini/Home.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 227 KiB

BIN
public/Home.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 227 KiB

BIN
public/images/Home.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 227 KiB

22
src/app/(main)/articoli/page.tsx Normal file
View file

@ -0,0 +1,22 @@
export default function ArticoliPage() {
return (
<div className="flex flex-1 flex-col bg-zinc-50 p-6 dark:bg-black">
<div className="mx-auto w-full max-w-6xl">
<header className="mb-8">
<h1 className="text-3xl font-semibold text-zinc-950 dark:text-zinc-50">
Articoli
</h1>
<p className="mt-2 text-zinc-600 dark:text-zinc-400">
Catalogo ricambi e componenti
</p>
</header>
<div className="rounded-lg border border-zinc-200 bg-white p-6 shadow-sm dark:border-zinc-800 dark:bg-zinc-900">
<p className="text-zinc-600 dark:text-zinc-400">
Contenuto della pagina articoli in arrivo...
</p>
</div>
</div>
</div>
);
}

0
src/app/(main)/articoli/pages.ts
View file

17
src/app/(main)/layout.tsx
View file

@ -1,15 +1,28 @@
export default function MainLayout({
import { redirect } from "next/navigation";
import { auth } from "@/src/auth";
import SignOutButton from "@/src/components/auth/SignOutButton";
import Navbar from "@/src/components/Navbar";
export default async function MainLayout({
children,
}: {
children: React.ReactNode;
}) {
const session = await auth();
if (!session?.user) {
redirect("/login");
}
return (
<div>
<Navbar actions={<SignOutButton />} />
<p className="bg-violet-700 text-white w-full text-center py-2">
Sono del layout (main)
</p>
<main>{children}</main>
</div>
);
}
}

22
src/app/(main)/macchine/page.tsx Normal file
View file

@ -0,0 +1,22 @@
export default function MachinePage() {
return (
<div className="flex flex-1 flex-col bg-zinc-50 p-6 dark:bg-black">
<div className="mx-auto w-full max-w-6xl">
<header className="mb-8">
<h1 className="text-3xl font-semibold text-zinc-950 dark:text-zinc-50">
Macchine
</h1>
<p className="mt-2 text-zinc-600 dark:text-zinc-400">
Gestione del parco macchine e attrezzature
</p>
</header>
<div className="rounded-lg border border-zinc-200 bg-white p-6 shadow-sm dark:border-zinc-800 dark:bg-zinc-900">
<p className="text-zinc-600 dark:text-zinc-400">
Contenuto della pagina macchine in arrivo...
</p>
</div>
</div>
</div>
);
}

0
src/app/(main)/macchine/pages.ts
View file

3
src/app/(management)/layout.tsx
View file

@ -2,6 +2,7 @@ import { redirect } from "next/navigation";
import { auth } from "@/src/auth";
import SignOutButton from "@/src/components/auth/SignOutButton";
import Navbar from "@/src/components/Navbar";
export default async function ManagementLayout({
children,
@ -16,6 +17,7 @@ export default async function ManagementLayout({
return (
<div>
<Navbar actions={<SignOutButton />} />
<header className="border-b border-zinc-200 bg-white">
<div className="mx-auto flex max-w-6xl items-center justify-between px-4 py-3">
<div>
@ -24,7 +26,6 @@ export default async function ManagementLayout({
{session.user.utente}
</p>
</div>
<SignOutButton />
</div>
</header>
<main className="mx-auto max-w-6xl px-4 py-6">{children}</main>

4
src/app/layout.tsx
View file

@ -1,6 +1,5 @@
import type { Metadata } from "next";
import { Inter, JetBrains_Mono } from "next/font/google";
import Navbar from "../components/Navbar";
import "./globals.css";
/** Stesse variabili CSS di globals.css; Geist non è disponibile in next/font su Next 14. */
@ -19,7 +18,7 @@ export const metadata: Metadata = {
description: "Generated by create next app",
};
export default function RootLayout({
export default async function RootLayout({
children,
}: Readonly<{
children: React.ReactNode;
@ -30,7 +29,6 @@ export default function RootLayout({
<p className="bg-purple-700 text-white w-full text-center py-2">
Sono del layout root
</p>
<Navbar />
{children}
</body>
</html>

129
src/app/login/page.tsx
View file

@ -1,3 +1,4 @@
import Image from "next/image";
import { AuthError } from "next-auth";
import { redirect } from "next/navigation";
@ -5,24 +6,55 @@ import { auth, signIn } from "@/src/auth";
type LoginPageProps = {
searchParams?: Promise<{
callbackUrl?: string;
error?: string;
}>;
};
function getSafeRedirectTo(value: FormDataEntryValue | null): string {
const raw = String(value ?? "/");
if (raw.startsWith("/") && !raw.startsWith("//")) {
return raw;
}
try {
const parsed = new URL(raw);
return `${parsed.pathname}${parsed.search}${parsed.hash}`;
} catch {
return "/";
}
}
async function login(formData: FormData) {
"use server";
const identifier = String(formData.get("identifier") ?? "").trim();
console.log("[login-page] Submit login ricevuto", {
hasIdentifier: Boolean(identifier),
hasPassword: Boolean(formData.get("password")),
});
try {
await signIn("credentials", {
identifier: formData.get("identifier"),
identifier,
password: formData.get("password"),
redirectTo: "/",
redirectTo: getSafeRedirectTo(formData.get("callbackUrl")),
});
} catch (error) {
if (error instanceof AuthError) {
console.log("[login-page] AuthError durante login", {
type: error.type,
cause: error.cause,
});
redirect("/login?error=CredentialsSignin");
}
console.error("[login-page] Errore inatteso durante login", {
error: error instanceof Error ? error.message : String(error),
});
throw error;
}
}
@ -38,51 +70,64 @@ export default async function LoginPage({ searchParams }: LoginPageProps) {
const hasError = params?.error === "CredentialsSignin";
return (
<main className="flex min-h-[calc(100vh-4rem)] items-center justify-center bg-zinc-50 px-4 py-12">
<section className="w-full max-w-sm rounded-lg border border-zinc-200 bg-white p-6 shadow-sm">
<div className="mb-6">
<main className="flex min-h-screen items-center justify-center bg-zinc-50 px-4 py-12">
<section className="w-full max-w-sm overflow-hidden rounded-lg border border-zinc-200 bg-white shadow-sm">
<div className="relative aspect-[3/2] w-full bg-zinc-100">
<Image
src="/images/Home.jpg"
alt="MagRicambi"
fill
priority
className="object-contain"
sizes="(max-width: 640px) 100vw, 384px"
/>
</div>
<div className="p-6">
<div className="mb-6">
<h1 className="text-2xl font-semibold text-zinc-950">Accesso</h1>
<p className="mt-2 text-sm text-zinc-600">
Entra in MagRicambi con utente o email.
</p>
</div>
{hasError ? (
<p className="mb-4 rounded-md border border-red-200 bg-red-50 px-3 py-2 text-sm text-red-700">
Credenziali non valide oppure utente non attivo.
</p>
) : null}
<form action={login} className="space-y-4">
<label className="block">
<span className="text-sm font-medium text-zinc-700">Utente o email</span>
<input
required
autoComplete="username"
name="identifier"
type="text"
className="mt-1 w-full rounded-md border border-zinc-300 px-3 py-2 text-zinc-950 outline-none transition-colors focus:border-zinc-900"
/>
</label>
<label className="block">
<span className="text-sm font-medium text-zinc-700">Password</span>
<input
required
autoComplete="current-password"
name="password"
type="password"
className="mt-1 w-full rounded-md border border-zinc-300 px-3 py-2 text-zinc-950 outline-none transition-colors focus:border-zinc-900"
/>
</label>
<button
type="submit"
className="w-full rounded-md bg-zinc-950 px-4 py-2 font-medium text-white transition-colors hover:bg-zinc-800"
>
Accedi
</button>
</form>
</div>
{hasError ? (
<p className="mb-4 rounded-md border border-red-200 bg-red-50 px-3 py-2 text-sm text-red-700">
Credenziali non valide oppure utente non attivo.
</p>
) : null}
<form action={login} className="space-y-4">
<label className="block">
<span className="text-sm font-medium text-zinc-700">Utente o email</span>
<input
required
autoComplete="username"
name="identifier"
type="text"
className="mt-1 w-full rounded-md border border-zinc-300 px-3 py-2 text-zinc-950 outline-none transition-colors focus:border-zinc-900"
/>
</label>
<label className="block">
<span className="text-sm font-medium text-zinc-700">Password</span>
<input
required
autoComplete="current-password"
name="password"
type="password"
className="mt-1 w-full rounded-md border border-zinc-300 px-3 py-2 text-zinc-950 outline-none transition-colors focus:border-zinc-900"
/>
</label>
<button
type="submit"
className="w-full rounded-md bg-zinc-950 px-4 py-2 font-medium text-white transition-colors hover:bg-zinc-800"
>
Accedi
</button>
</form>
</section>
</main>
);

123
src/auth.ts
View file

@ -8,34 +8,92 @@ import type { DbUser, UserRole } from "@/src/types/user";
type DbUserRow = DbUser & RowDataPacket;
function maskIdentifier(identifier: string): string {
if (identifier.includes("@")) {
const [name = "", domain = ""] = identifier.split("@");
const visibleName = name.slice(0, 2);
return `${visibleName}${"*".repeat(Math.max(name.length - 2, 1))}@${domain}`;
}
if (identifier.length <= 2) {
return "*".repeat(identifier.length);
}
return `${identifier.slice(0, 2)}${"*".repeat(identifier.length - 2)}`;
}
function authLog(message: string, details?: Record<string, unknown>): void {
console.log(`[auth] ${message}`, details ?? "");
}
function authError(message: string, error: unknown, details?: Record<string, unknown>): void {
console.error(`[auth] ${message}`, {
...details,
error: error instanceof Error ? error.message : String(error),
});
}
function isUserRole(value: string): value is UserRole {
return ["admin", "manager", "user", "sviluppo"].includes(value);
}
async function findActiveUser(identifier: string): Promise<DbUser | null> {
const [rows] = await db.execute<DbUserRow[]>(
`SELECT id, utente, mail, password, ruolo, attivo, last_login
FROM utenti
WHERE attivo = 1
AND (utente = :identifier OR mail = :identifier)
LIMIT 1`,
{ identifier },
);
let rows: DbUserRow[];
try {
[rows] = await db.execute<DbUserRow[]>(
`SELECT id, utente, mail, password, ruolo, attivo, last_login
FROM utenti
WHERE attivo = 1
AND (utente = :identifier OR mail = :identifier)
LIMIT 1`,
{ identifier },
);
} catch (error) {
authError("Errore durante la query utente attivo", error, {
identifier: maskIdentifier(identifier),
});
throw error;
}
const user = rows[0];
if (!user || !isUserRole(user.ruolo)) {
if (!user) {
authLog("Nessun utente attivo trovato", {
identifier: maskIdentifier(identifier),
});
return null;
}
if (!isUserRole(user.ruolo)) {
authLog("Utente trovato con ruolo non valido", {
userId: user.id,
ruolo: user.ruolo,
});
return null;
}
authLog("Utente attivo trovato", {
userId: user.id,
utente: user.utente,
ruolo: user.ruolo,
});
return user;
}
async function updateLastLogin(userId: number): Promise<void> {
await db.execute<ResultSetHeader>(
"UPDATE utenti SET last_login = NOW() WHERE id = :userId",
{ userId },
);
try {
await db.execute<ResultSetHeader>(
"UPDATE utenti SET last_login = NOW() WHERE id = :userId",
{ userId },
);
authLog("last_login aggiornato", { userId });
} catch (error) {
authError("Errore durante aggiornamento last_login", error, { userId });
throw error;
}
}
export const { handlers, auth, signIn, signOut } = NextAuth({
@ -53,27 +111,64 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
password: { label: "Password", type: "password" },
},
async authorize(credentials) {
const startedAt = Date.now();
const identifier = String(credentials?.identifier ?? "").trim();
const password = String(credentials?.password ?? "");
const maskedIdentifier = maskIdentifier(identifier);
authLog("Tentativo login ricevuto", {
identifier: maskedIdentifier,
hasIdentifier: Boolean(identifier),
hasPassword: Boolean(password),
});
if (!identifier || !password) {
authLog("Login respinto: campi mancanti", {
identifier: maskedIdentifier,
hasIdentifier: Boolean(identifier),
hasPassword: Boolean(password),
});
return null;
}
const user = await findActiveUser(identifier);
if (!user) {
authLog("Login respinto: utente non trovato o non valido", {
identifier: maskedIdentifier,
durationMs: Date.now() - startedAt,
});
return null;
}
const passwordMatches = await bcrypt.compare(password, user.password);
let passwordMatches = false;
try {
passwordMatches = await bcrypt.compare(password, user.password);
} catch (error) {
authError("Errore durante confronto password bcrypt", error, {
userId: user.id,
durationMs: Date.now() - startedAt,
});
throw error;
}
if (!passwordMatches) {
authLog("Login respinto: password non valida", {
userId: user.id,
durationMs: Date.now() - startedAt,
});
return null;
}
await updateLastLogin(user.id);
authLog("Login riuscito", {
userId: user.id,
ruolo: user.ruolo,
durationMs: Date.now() - startedAt,
});
return {
id: String(user.id),
name: user.utente,

14
src/components/Navbar.tsx
View file

@ -5,7 +5,7 @@
// @version: "1.0.0 2026-05-07"
//====================================
"use client"
import { useState , MouseEvent} from "react";
import { useState , MouseEvent, ReactNode} from "react";
import Link from "next/link";
interface NavLink {
@ -34,7 +34,7 @@ const serviceLinks: ServiceLink[] = [
]
export default function Navbar() {
export default function Navbar({ actions }: { actions?: ReactNode }) {
const [ isServicesOpen, setIsServicesOpen] = useState<boolean>(false);
@ -56,7 +56,7 @@ export default function Navbar() {
</Link>
{/* Navigation */}
<div className="flex space-x-8">
<div className="flex items-center space-x-8">
{/* Link normali */}
{navLinks.map((link) => (
@ -117,8 +117,14 @@ export default function Navbar() {
</div>
</div>
{actions ? (
<div className="flex items-center">
{actions}
</div>
) : null}
</div>
</div>
</nav>
);
}
}

11
src/lib/db/connection.ts
View file

@ -58,8 +58,15 @@ function getPool(): Pool {
}
export const db = new Proxy({} as Pool, {
get(_target, property, receiver) {
return Reflect.get(getPool(), property, receiver);
get(_target, property) {
const pool = getPool();
const value = Reflect.get(pool, property);
if (typeof value === "function") {
return value.bind(pool);
}
return value;
},
});

27
src/proxy.ts Normal file
View file

@ -0,0 +1,27 @@
import { NextResponse } from "next/server";
import { auth } from "@/src/auth";
export default auth((request) => {
const isLoggedIn = Boolean(request.auth);
const isLoginPage = request.nextUrl.pathname === "/login";
if (!isLoggedIn && !isLoginPage) {
const loginUrl = new URL("/login", request.nextUrl);
loginUrl.searchParams.set("callbackUrl", request.nextUrl.href);
return NextResponse.redirect(loginUrl);
}
if (isLoggedIn && isLoginPage) {
return NextResponse.redirect(new URL("/", request.nextUrl));
}
return NextResponse.next();
});
export const config = {
matcher: [
"/((?!api/auth|_next/static|_next/image|favicon.ico|images|.*\\..*).*)",
],
};