Files
scoreodonto.com/backend/dist/modules/auth/auth.routes.js
T

121 lines
4.0 KiB
JavaScript

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.authRouter = void 0;
const express_1 = require("express");
const zod_1 = require("zod");
const auth_service_1 = require("./auth.service");
const auth_middleware_1 = require("../../shared/middlewares/auth.middleware");
const service = new auth_service_1.AuthService();
// ─── Schemas de validação ─────────────────────────────────────────────────────
const registerSchema = zod_1.z.object({
name: zod_1.z.string().min(2).max(100),
email: zod_1.z.string().email(),
password: zod_1.z.string().min(8).max(128),
planId: zod_1.z.string().uuid().optional(),
});
const loginSchema = zod_1.z.object({
email: zod_1.z.string().email(),
password: zod_1.z.string().min(1),
});
const refreshSchema = zod_1.z.object({
refreshToken: zod_1.z.string().min(1),
});
const changePasswordSchema = zod_1.z.object({
currentPassword: zod_1.z.string().min(1),
newPassword: zod_1.z.string().min(8).max(128),
});
// ─── Helper para erros de validação / serviço ─────────────────────────────────
function handleError(res, err) {
if (err instanceof zod_1.z.ZodError) {
res.status(400).json({ error: 'Dados inválidos', details: err.flatten().fieldErrors });
return;
}
const e = err;
res.status(e.statusCode ?? 500).json({ error: e.message ?? 'Erro interno' });
}
// ─── Router ───────────────────────────────────────────────────────────────────
exports.authRouter = (0, express_1.Router)();
/**
* POST /api/auth/register
* Cria novo tenant (usuário com role USER).
* Retorna access + refresh token e dados do usuário.
*/
exports.authRouter.post('/register', async (req, res) => {
try {
const body = registerSchema.parse(req.body);
const result = await service.register(body);
res.status(201).json(result);
}
catch (err) {
handleError(res, err);
}
});
/**
* POST /api/auth/login
* Autentica usuário. Retorna access + refresh token.
*/
exports.authRouter.post('/login', async (req, res) => {
try {
const body = loginSchema.parse(req.body);
const result = await service.login(body);
res.json(result);
}
catch (err) {
handleError(res, err);
}
});
/**
* POST /api/auth/refresh
* Renova o access token usando o refresh token.
*/
exports.authRouter.post('/refresh', async (req, res) => {
try {
const { refreshToken } = refreshSchema.parse(req.body);
const result = await service.refresh(refreshToken);
res.json(result);
}
catch (err) {
handleError(res, err);
}
});
/**
* POST /api/auth/logout
* Revoga o refresh token do usuário autenticado.
*/
exports.authRouter.post('/logout', auth_middleware_1.authMiddleware, async (req, res) => {
try {
await service.logout(req.tenantId);
res.json({ message: 'Sessão encerrada' });
}
catch (err) {
handleError(res, err);
}
});
/**
* GET /api/auth/me
* Retorna dados do usuário autenticado + dias restantes do trial.
*/
exports.authRouter.get('/me', auth_middleware_1.authMiddleware, async (req, res) => {
try {
const user = await service.me(req.tenantId);
res.json(user);
}
catch (err) {
handleError(res, err);
}
});
/**
* PATCH /api/auth/password
* Altera a senha do usuário autenticado.
*/
exports.authRouter.patch('/password', auth_middleware_1.authMiddleware, async (req, res) => {
try {
const body = changePasswordSchema.parse(req.body);
await service.changePassword(req.tenantId, body);
res.json({ message: 'Senha alterada com sucesso' });
}
catch (err) {
handleError(res, err);
}
});