diff --git a/frontend/src/app/admin/login/page.tsx b/frontend/src/app/admin/login/page.tsx index 4c6d076..a5fd7b3 100644 --- a/frontend/src/app/admin/login/page.tsx +++ b/frontend/src/app/admin/login/page.tsx @@ -40,7 +40,8 @@ function AdminLoginContent() { const redirect = searchParams.get("redirect") || "/admin"; router.push(redirect); } catch (err: any) { - setError(err.message || "Erreur de connexion"); + const errorMessage = typeof err.message === 'string' ? err.message : "Erreur de connexion"; + setError(errorMessage); } finally { setLoading(false); } diff --git a/main.py b/main.py index 6cd4c4b..df23e51 100644 --- a/main.py +++ b/main.py @@ -8,6 +8,7 @@ from fastapi.responses import FileResponse, JSONResponse from fastapi.middleware.cors import CORSMiddleware from fastapi.staticfiles import StaticFiles from fastapi.security import HTTPBasic, HTTPBasicCredentials +from pydantic import BaseModel from contextlib import asynccontextmanager from pathlib import Path from typing import Optional @@ -858,20 +859,16 @@ async def reconstruct_document( # ============== SaaS Management Endpoints ============== +class AdminLoginRequest(BaseModel): + password: str + @app.post("/admin/login") -async def admin_login( - username: str = Form(...), - password: str = Form(...) -): +async def admin_login(request: AdminLoginRequest): """ Admin login endpoint Returns a bearer token for authenticated admin access """ - if username != ADMIN_USERNAME: - logger.warning(f"Failed admin login attempt with username: {username}") - raise HTTPException(status_code=401, detail="Invalid credentials") - - if not verify_admin_password(password): + if not verify_admin_password(request.password): logger.warning(f"Failed admin login attempt - wrong password") raise HTTPException(status_code=401, detail="Invalid credentials") @@ -880,7 +877,8 @@ async def admin_login( return { "status": "success", - "token": token, + "access_token": token, + "token_type": "bearer", "expires_in": 86400, # 24 hours in seconds "message": "Login successful" }