rede5/saveinmed
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(marketplace): filter own products by company_id from JWT

Browse source 
- Add companyId field to AuthUser interface in AuthContext
- Extract company_id from JWT payload in Login.tsx
- Use user.companyId to filter products where seller_id matches
- This properly excludes own store products using UUID comparison
This commit is contained in:
Tiago Yamamoto 2025-12-23 16:31:46 -03:00
parent 2bbb715ebb
commit 352ef86617
3 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
marketplace/src/context/AuthContext.tsx
View file

@ -10,6 +10,7 @@ export interface AuthUser {
name: string name: string
username?: string username?: string
email?: string email?: string
companyId?: string
role: UserRole role: UserRole
token: string token: string
} }
@ -17,7 +18,7 @@ export interface AuthUser {
interface AuthContextValue { interface AuthContextValue {
user: AuthUser | null user: AuthUser | null
loading: boolean loading: boolean
login: (token: string, role: UserRole, name: string, id: string, email?: string, username?: string) => void login: (token: string, role: UserRole, name: string, id: string, companyId?: string, email?: string, username?: string) => void
logout: () => void logout: () => void
setUser: (user: AuthUser) => void setUser: (user: AuthUser) => void
} }
@ -48,8 +49,8 @@ export function AuthProvider({ children }: { children: ReactNode }) {
} }
}, [user]) }, [user])
const login = (token: string, role: UserRole, name: string, id: string, email?: string, username?: string) => { const login = (token: string, role: UserRole, name: string, id: string, companyId?: string, email?: string, username?: string) => {
setUser({ token, role, name, id, email, username }) setUser({ token, role, name, id, companyId, email, username })
// Redirect based on role // Redirect based on role
switch (role) { switch (role) {

4
marketplace/src/pages/Login.tsx
View file

@ -68,13 +68,13 @@ export function LoginPage() {
throw new Error('Resposta de login inválida. Verifique o usuário e a senha.') throw new Error('Resposta de login inválida. Verifique o usuário e a senha.')
} }
const payload = decodeJwtPayload<{ role?: string, sub: string }>(token) const payload = decodeJwtPayload<{ role?: string, sub: string, company_id?: string }>(token)
logger.debug('🔐 [Login] JWT payload decoded:', payload) logger.debug('🔐 [Login] JWT payload decoded:', payload)
const role = resolveRole(payload?.role) const role = resolveRole(payload?.role)
logger.info('🔐 [Login] Role resolved:', role) logger.info('🔐 [Login] Role resolved:', role)
login(token, role, username, payload?.sub || '', undefined, username) login(token, role, username, payload?.sub || '', payload?.company_id, undefined, username)
logger.info('🔐 [Login] Login successful!') logger.info('🔐 [Login] Login successful!')
} catch (error) { } catch (error) {
logger.error('🔐 [Login] ERROR caught:', error) logger.error('🔐 [Login] ERROR caught:', error)

7
marketplace/src/pages/ProductSearch.tsx
View file

@ -64,11 +64,10 @@ const ProductSearch = () => {
// Filter out products from the logged-in user's pharmacy and group by name // Filter out products from the logged-in user's pharmacy and group by name
const groupedProducts = useMemo(() => { const groupedProducts = useMemo(() => {
// Filter out own products - for owners/sellers, products at 0km are from their own store // Filter out own products using company_id (seller_id === company_id)
const isOwnerOrSeller = user?.role === 'owner' || user?.role === 'seller'
const filteredProducts = products.filter(p => { const filteredProducts = products.filter(p => {
// Exclude products at exactly 0km distance for owners (own store) // Exclude products from user's own company
if (isOwnerOrSeller && p.distance_km === 0) { if (user?.companyId && p.seller_id === user.companyId) {
return false return false
} }
return true return true