121 lines
4.0 KiB
JavaScript
121 lines
4.0 KiB
JavaScript
"use strict";
|
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
exports.authRouter = void 0;
|
|
const express_1 = require("express");
|
|
const zod_1 = require("zod");
|
|
const auth_service_1 = require("./auth.service");
|
|
const auth_middleware_1 = require("../../shared/middlewares/auth.middleware");
|
|
const service = new auth_service_1.AuthService();
|
|
// ─── Schemas de validação ─────────────────────────────────────────────────────
|
|
const registerSchema = zod_1.z.object({
|
|
name: zod_1.z.string().min(2).max(100),
|
|
email: zod_1.z.string().email(),
|
|
password: zod_1.z.string().min(8).max(128),
|
|
planId: zod_1.z.string().uuid().optional(),
|
|
});
|
|
const loginSchema = zod_1.z.object({
|
|
email: zod_1.z.string().email(),
|
|
password: zod_1.z.string().min(1),
|
|
});
|
|
const refreshSchema = zod_1.z.object({
|
|
refreshToken: zod_1.z.string().min(1),
|
|
});
|
|
const changePasswordSchema = zod_1.z.object({
|
|
currentPassword: zod_1.z.string().min(1),
|
|
newPassword: zod_1.z.string().min(8).max(128),
|
|
});
|
|
// ─── Helper para erros de validação / serviço ─────────────────────────────────
|
|
function handleError(res, err) {
|
|
if (err instanceof zod_1.z.ZodError) {
|
|
res.status(400).json({ error: 'Dados inválidos', details: err.flatten().fieldErrors });
|
|
return;
|
|
}
|
|
const e = err;
|
|
res.status(e.statusCode ?? 500).json({ error: e.message ?? 'Erro interno' });
|
|
}
|
|
// ─── Router ───────────────────────────────────────────────────────────────────
|
|
exports.authRouter = (0, express_1.Router)();
|
|
/**
|
|
* POST /api/auth/register
|
|
* Cria novo tenant (usuário com role USER).
|
|
* Retorna access + refresh token e dados do usuário.
|
|
*/
|
|
exports.authRouter.post('/register', async (req, res) => {
|
|
try {
|
|
const body = registerSchema.parse(req.body);
|
|
const result = await service.register(body);
|
|
res.status(201).json(result);
|
|
}
|
|
catch (err) {
|
|
handleError(res, err);
|
|
}
|
|
});
|
|
/**
|
|
* POST /api/auth/login
|
|
* Autentica usuário. Retorna access + refresh token.
|
|
*/
|
|
exports.authRouter.post('/login', async (req, res) => {
|
|
try {
|
|
const body = loginSchema.parse(req.body);
|
|
const result = await service.login(body);
|
|
res.json(result);
|
|
}
|
|
catch (err) {
|
|
handleError(res, err);
|
|
}
|
|
});
|
|
/**
|
|
* POST /api/auth/refresh
|
|
* Renova o access token usando o refresh token.
|
|
*/
|
|
exports.authRouter.post('/refresh', async (req, res) => {
|
|
try {
|
|
const { refreshToken } = refreshSchema.parse(req.body);
|
|
const result = await service.refresh(refreshToken);
|
|
res.json(result);
|
|
}
|
|
catch (err) {
|
|
handleError(res, err);
|
|
}
|
|
});
|
|
/**
|
|
* POST /api/auth/logout
|
|
* Revoga o refresh token do usuário autenticado.
|
|
*/
|
|
exports.authRouter.post('/logout', auth_middleware_1.authMiddleware, async (req, res) => {
|
|
try {
|
|
await service.logout(req.tenantId);
|
|
res.json({ message: 'Sessão encerrada' });
|
|
}
|
|
catch (err) {
|
|
handleError(res, err);
|
|
}
|
|
});
|
|
/**
|
|
* GET /api/auth/me
|
|
* Retorna dados do usuário autenticado + dias restantes do trial.
|
|
*/
|
|
exports.authRouter.get('/me', auth_middleware_1.authMiddleware, async (req, res) => {
|
|
try {
|
|
const user = await service.me(req.tenantId);
|
|
res.json(user);
|
|
}
|
|
catch (err) {
|
|
handleError(res, err);
|
|
}
|
|
});
|
|
/**
|
|
* PATCH /api/auth/password
|
|
* Altera a senha do usuário autenticado.
|
|
*/
|
|
exports.authRouter.patch('/password', auth_middleware_1.authMiddleware, async (req, res) => {
|
|
try {
|
|
const body = changePasswordSchema.parse(req.body);
|
|
await service.changePassword(req.tenantId, body);
|
|
res.json({ message: 'Senha alterada com sucesso' });
|
|
}
|
|
catch (err) {
|
|
handleError(res, err);
|
|
}
|
|
});
|