Fix admin login endpoint to accept JSON instead of form data

2025-11-30 22:49:39 +01:00 · 2025-11-30 22:49:39 +01:00 · dfd45d9f07
commit dfd45d9f07
parent 80318a8d43
2 changed files with 10 additions and 11 deletions
--- a/frontend/src/app/admin/login/page.tsx
+++ b/frontend/src/app/admin/login/page.tsx
@ -40,7 +40,8 @@ function AdminLoginContent() {
      const redirect = searchParams.get("redirect") || "/admin";
      router.push(redirect);
    } catch (err: any) {
-      setError(err.message || "Erreur de connexion");
+      const errorMessage = typeof err.message === 'string' ? err.message : "Erreur de connexion";
+      setError(errorMessage);
    } finally {
      setLoading(false);
    }
--- a/main.py
+++ b/main.py
@ -8,6 +8,7 @@ from fastapi.responses import FileResponse, JSONResponse
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.staticfiles import StaticFiles
 from fastapi.security import HTTPBasic, HTTPBasicCredentials
+from pydantic import BaseModel
 from contextlib import asynccontextmanager
 from pathlib import Path
 from typing import Optional
@ -858,20 +859,16 @@ async def reconstruct_document(

 # ============== SaaS Management Endpoints ==============

+class AdminLoginRequest(BaseModel):
+    password: str
+
@app.post("/admin/login")
-async def admin_login(
-    username: str = Form(...),
-    password: str = Form(...)
-):
+async def admin_login(request: AdminLoginRequest):
    """
    Admin login endpoint
    Returns a bearer token for authenticated admin access
    """
-    if username != ADMIN_USERNAME:
-        logger.warning(f"Failed admin login attempt with username: {username}")
-        raise HTTPException(status_code=401, detail="Invalid credentials")
-    
-    if not verify_admin_password(password):
+    if not verify_admin_password(request.password):
        logger.warning(f"Failed admin login attempt - wrong password")
        raise HTTPException(status_code=401, detail="Invalid credentials")
    
@ -880,7 +877,8 @@ async def admin_login(
    
    return {
        "status": "success",
-        "token": token,
+        "access_token": token,
+        "token_type": "bearer",
        "expires_in": 86400,  # 24 hours in seconds
        "message": "Login successful"
    }