feat: Initial login / logout API endpoints

wp-content/themes/headless/server/api/login.gql

@@ -0,0 +1,23 @@
+fragment AuthUser on User {
+  id
+  email @nonNull
+  roles @nonNull {
+    nodes {
+      name @nonNull
+    }
+  }
+}
+
+fragment AuthPayload on LoginPayload {
+  authToken
+  refreshToken
+  user {
+    ...AuthUser
+  }
+}
+
+mutation AuthLogin($username: String!, $password: String!) {
+  login(input: { provider: PASSWORD, credentials: { username: $username, password: $password } }) {
+    ...AuthPayload
+  }
+}

wp-content/themes/headless/server/api/login.post.ts

@@ -0,0 +1,27 @@
+export default defineEventHandler(async (event) => {
+  try {
+    // Validate the request body against the schema
+    const variables = authLoginFormSchema.parse(await readBody(event));
+
+    // Execute the GraphQL operation to authenticate the user
+    const { data, error } = await executeSchemaOperation(event, {
+      operationName: "AuthLogin",
+      variables,
+    });
+
+    // Handle errors and validate the response data
+    if (error) throw error;
+    if (!data?.login) throw new Error("Identifiants invalides. Veuillez réessayer.");
+
+    // Handle the login process by setting the session data
+    if (!(await handleLogin(event, data.login))) {
+      throw new Error("Une erreur est survenue lors de la connexion.");
+    }
+
+    return { success: true, message: "Connexion réussie" };
+  } catch (error) {
+    const message =
+      error instanceof Error ? error.message : "Une erreur est survenue lors de la connexion.";
+    return { success: false, message };
+  }
+});

wp-content/themes/headless/server/api/logout.post.ts

@@ -0,0 +1,13 @@
+import { defineEventHandler } from "h3";
+
+export default defineEventHandler(async (event) => {
+  try {
+    await handleLogout(event);
+
+    return { success: true, message: "Déconnexion réussie" };
+  } catch (error) {
+    const message =
+      error instanceof Error ? error.message : "Une erreur est survenue lors de la déconnexion.";
+    return { success: false, message };
+  }
+});

wp-content/themes/headless/server/graphql/context.ts

@@ -0,0 +1,3 @@
+export default defineGraphQLContext(async (event) => {
+  return {};
+});

wp-content/themes/headless/server/utils/auth.ts

@@ -0,0 +1,49 @@
+import type { AuthPayloadFragment, AuthUserFragment } from "#graphql/types";
+import type { H3Event } from "h3";
+
+/**
+ * Handle user login by setting the session data with the provided authentication information.
+ *
+ * @param event The H3 event object.
+ * @param payload The authentication payload containing user and token information.
+ * @return A promise that resolves to true if the login was successful, or false if there was an error.
+ */
+export async function handleLogin(
+  event: H3Event,
+  { user, authToken, refreshToken }: AuthPayloadFragment,
+) {
+  if (!user || !authToken || !refreshToken) {
+    return false;
+  }
+
+  await setUserSession(event, {
+    user: getAuthUser(user),
+    secure: { authToken, refreshToken },
+    loggedInAt: new Date().toISOString(),
+  });
+
+  return true;
+}
+
+/**
+ * Handle user logout by clearing the session data.
+ *
+ * @param event The H3 event object.
+ * @returns A promise that resolves when the session has been cleared.
+ */
+export async function handleLogout(event: H3Event) {
+  await clearUserSession(event);
+}
+
+/**
+ * Convert the AuthUserFragment to a User object expected by nuxt-auth-utils
+ *
+ * @param user The AuthUserFragment containing user data from the GraphQL response
+ * @returns A User object with the expected structure for nuxt-auth-utils, including an array of role names
+ */
+function getAuthUser(user: AuthUserFragment) {
+  return {
+    ...user,
+    roles: user.roles.nodes.map(({ name }) => name) || [],
+  };
+}