From a1e9600ad5b914750e4b05483488714472eda653 Mon Sep 17 00:00:00 2001 From: admin Date: Wed, 1 Oct 2025 15:44:57 +0700 Subject: [PATCH] =?UTF-8?q?=E0=B8=9B=E0=B8=A3=E0=B8=B1=E0=B8=9A=20frontend?= =?UTF-8?q?/app/(protected)/layout.jsx?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- frontend/app/(protected)/layout.jsx | 194 ++++++++-------------------- 1 file changed, 51 insertions(+), 143 deletions(-) diff --git a/frontend/app/(protected)/layout.jsx b/frontend/app/(protected)/layout.jsx index 245a7b6c..3b7fedba 100755 --- a/frontend/app/(protected)/layout.jsx +++ b/frontend/app/(protected)/layout.jsx @@ -1,16 +1,44 @@ // frontend/app/(protected)/layout.jsx import Link from "next/link"; import { redirect } from "next/navigation"; -import { getSession } from "@/lib/auth"; +import { cookies, headers } from "next/headers"; import { can } from "@/lib/rbac"; export const metadata = { title: "DMS | Protected" }; +const API_BASE = (process.env.NEXT_PUBLIC_API_BASE || "").replace(/\/$/, ""); + +async function fetchSessionFromAPI() { + const cookieStore = await cookies(); // ✅ ต้อง await + const cookieHeader = cookieStore.toString(); + const hdrs = await headers(); // ✅ ต้อง await + const hostHdr = hdrs.get("host"); + const protoHdr = hdrs.get("x-forwarded-proto") || "https"; + + const res = await fetch(`${API_BASE}/api/auth/me`, { + method: "GET", + headers: { + Cookie: cookieHeader, + "X-Forwarded-Host": hostHdr || "", + "X-Forwarded-Proto": protoHdr, + Accept: "application/json", + }, + cache: "no-store", + }); + + if (!res.ok) return null; + try { + const data = await res.json(); + return data?.ok ? data : null; + } catch { + return null; + } +} + export default async function ProtectedLayout({ children }) { - // ตรวจ session ฝั่งเซิร์ฟเวอร์ ด้วยคุกกี้จริง - const session = await getSession(); + const session = await fetchSessionFromAPI(); if (!session) { - redirect("/login"); + redirect("/login?next=/dashboard"); } const { user } = session; @@ -23,73 +51,17 @@ export default async function ProtectedLayout({ children }) { @@ -98,81 +70,17 @@ export default async function ProtectedLayout({ children }) { {/* System / Quick Actions */}
- Document Management System — LCP3 Phase 3 + Document Management System — LCBP3 Phase 3
- {can(user, "admin:view") && ( - - Admin - - )} - {can(user, "users:manage") && ( - - ผู้ใช้/บทบาท - - )} - {can(user, "health:view") && ( - - Health - - )} - {can(user, "workflow:view") && ( - - Workflow - - )} - {can(user, "rfa:create") && ( - - + RFA - - )} - {can(user, "drawing:upload") && ( - - + Upload Drawing - - )} - {can(user, "transmittal:create") && ( - - + Transmittal - - )} - {can(user, "correspondence:create") && ( - - + หนังสือสื่อสาร - - )} + {can(user, "admin:view") && Admin} + {can(user, "users:manage") && ผู้ใช้/บทบาท} + {can(user, "health:view") && Health} + {can(user, "workflow:view") && Workflow} + {can(user, "rfa:create") && + RFA} + {can(user, "drawing:upload") && + Upload Drawing} + {can(user, "transmittal:create") && + Transmittal} + {can(user, "correspondence:create") && + หนังสือสื่อสาร}
{children}