bolsa-node.js-nestjs-back-end/src/auth/auth.controller.ts at 0a5b671912175a0a68ec22bde056bfb0aec28f4f · dbfcode/bolsa-node.js-nestjs-back-end · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
import { Controller, Post, Body, Get, Res, HttpCode } from "@nestjs/common";
import { type Response } from "express";
import {
  ApiBadRequestResponse,
  ApiBody,
  ApiCookieAuth,
  ApiOkResponse,
  ApiOperation,
  ApiTags,
  ApiUnauthorizedResponse,
} from "@nestjs/swagger";
import { AuthService } from "./auth.service";
import { LoginDto } from "./dto/login.dto";
import { Public } from "./decorators/public.decorator";
// import { CurrentUser } from "./decorators/current-user.decorator";

@ApiTags("Auth")
@Controller("auth")
export class AuthController {
  constructor(private readonly authService: AuthService) {}

  @Public()
  @Post("login")
  @HttpCode(200)
  @ApiOperation({
    summary: "Realiza login com email e senha",
    description:
      "Retorna o usuário autenticado e envia o token JWT via cookie httpOnly.",
  })
  @ApiBody({
    type: LoginDto,
    examples: {
      exemplo: {
        summary: "Corpo do login",
        value: {
          email: "admin@bolsa.com",
          password: "admin123",
        },
      },
    },
  })
  @ApiOkResponse({
    description: "Login realizado com sucesso",
    schema: {
      example: {
        user: {
          id: 1,
          email: "admin@bolsa.com",
          role: "user",
        },
      },
    },
  })
  @ApiBadRequestResponse({
    description: "Erro de validação no DTO",
    schema: {
      example: {
        statusCode: 400,
        message: [
          "email must be an email",
          "password must be longer than or equal to 3 characters",
        ],
        error: "Bad Request",
      },
    },
  })
  @ApiUnauthorizedResponse({
    description: "Credenciais inválidas",
    schema: {
      example: {
        statusCode: 401,
        message: "Email ou senha incorretos",
        error: "Unauthorized",
      },
    },
  })
  async login(
    @Body() dto: LoginDto,
    @Res({ passthrough: true }) res: Response
  ) {
    const { token, user } = await this.authService.login(
      dto.email,
      dto.password
    );

    const isProd = process.env.NODE_ENV === "production";

    res.cookie("token_httpOnly", token, {
      httpOnly: true,
      secure: isProd, // true somente em produção HTTPS
      sameSite: "none",
      path: "/",
    });

    return { user };
  }

  // @Get("profile")
  // @ApiCookieAuth()
  // @ApiOperation({
  //   summary: "Retorna dados do usuário autenticado",
  //   description: "Endpoint protegido por JWT via cookie httpOnly.",
  // })
  // @ApiOkResponse({
  //   description: "Retorna o usuário logado",
  //   schema: {
  //     example: {
  //       message: "Dados do usuário autenticado",
  //       user: {
  //         id: 1,
  //         email: "admin@bolsa.com",
  //         role: "user",
  //       },
  //     },
  //   },
  // })
  // @ApiUnauthorizedResponse({
  //   description: "Token inválido ou ausente",
  //   schema: {
  //     example: {
  //       statusCode: 401,
  //       message: "Unauthorized",
  //     },
  //   },
  // })
  // async getProfile(@CurrentUser() user: any) {
  //   return {
  //     message: "Dados do usuário autenticado",
  //     user: {
  //       id: user.userId,
  //       email: user.email,
  //       role: user.role,
  //     },
  //   };
  // }
}