Pedro Gomes
1bc837e606
# O que mudou 1 Schema: failedAttempts + lockedUntil em User; migration auth_v0_2_lockout aplicada; crypto.ts com hashSecret/verifySecret (Node scrypt nativo, zero deps) 2 packages/api/src/auth.ts — authenticateCredential com lockout de 5 tentativas 3 Seed reescrito: admin hashed admin1234, operadores hashed 1111/2222/3333 4 Porta das traseiras fechada: AUTH_DEV_AUTOLOGIN ignorado quando NODE_ENV=production, em ambas as apps 5 operator-pwa: Credentials provider usa PIN + allowedRoles:['OPERATOR']; cookies fieldops-op.* 6 Picker em 2 estados: lista → teclado PIN (botões grandes, dots de progresso, mensagem de erro sem dar pistas) 7 admin-web: Auth.js completo (auth.config, auth.ts, route handler, middleware, /login page, AUTH_SECRET no env) com cookies fieldops-admin.* 8 scripts/auth-smoke.ts (11/11 ✓); .env.example e README atualizados
86 lines
2.4 KiB
TypeScript
86 lines
2.4 KiB
TypeScript
import path from 'node:path';
|
|
import { fileURLToPath } from 'node:url';
|
|
import { config as loadEnv } from 'dotenv';
|
|
|
|
// Load repo-root .env so DATABASE_URL is visible when this script runs from
|
|
// any CWD (pnpm invokes it from packages/db).
|
|
const here = path.dirname(fileURLToPath(import.meta.url));
|
|
loadEnv({ path: path.resolve(here, '../../../.env') });
|
|
|
|
const { PrismaClient, UserRole } = await import('@prisma/client');
|
|
const { hashSecret } = await import('../src/crypto.js');
|
|
|
|
const prisma = new PrismaClient();
|
|
|
|
const DEMO_TENANT_NAME = 'Demo Factory';
|
|
const DEMO_ADMIN_EMAIL = 'admin@demo.local';
|
|
const DEMO_ADMIN_PASSWORD = 'admin1234';
|
|
|
|
const OPERATORS = [
|
|
{ email: 'op1@demo.local', pin: '1111' },
|
|
{ email: 'op2@demo.local', pin: '2222' },
|
|
{ email: 'op3@demo.local', pin: '3333' },
|
|
];
|
|
|
|
const WORKSTATIONS = [
|
|
{ code: 'CTR04', name: 'Controlo 04', area: 'Montagem' },
|
|
{ code: 'QVN_RTL_2', name: 'Retificação Visual 2', area: 'Qualidade' },
|
|
{ code: 'MTG_01', name: 'Montagem 01', area: 'Montagem' },
|
|
];
|
|
|
|
async function main() {
|
|
// Idempotent: if a prior run created the demo tenant, wipe it and recreate.
|
|
// Cascade deletes on the relations handle the children.
|
|
const existing = await prisma.tenant.findFirst({ where: { name: DEMO_TENANT_NAME } });
|
|
if (existing) {
|
|
await prisma.tenant.delete({ where: { id: existing.id } });
|
|
}
|
|
|
|
const tenant = await prisma.tenant.create({
|
|
data: { name: DEMO_TENANT_NAME },
|
|
});
|
|
|
|
await prisma.user.create({
|
|
data: {
|
|
tenantId: tenant.id,
|
|
email: DEMO_ADMIN_EMAIL,
|
|
role: UserRole.ADMIN,
|
|
passwordHash: await hashSecret(DEMO_ADMIN_PASSWORD),
|
|
},
|
|
});
|
|
|
|
for (const op of OPERATORS) {
|
|
await prisma.user.create({
|
|
data: {
|
|
tenantId: tenant.id,
|
|
email: op.email,
|
|
role: UserRole.OPERATOR,
|
|
passwordHash: await hashSecret(op.pin),
|
|
},
|
|
});
|
|
}
|
|
|
|
await prisma.workstation.createMany({
|
|
data: WORKSTATIONS.map((ws) => ({ tenantId: tenant.id, ...ws })),
|
|
});
|
|
|
|
console.warn(
|
|
`Seed complete — tenant=${tenant.id} (${tenant.name})`,
|
|
);
|
|
console.warn(
|
|
` admin: ${DEMO_ADMIN_EMAIL} / ${DEMO_ADMIN_PASSWORD}`,
|
|
);
|
|
console.warn(
|
|
` operadores: ${OPERATORS.map((o) => `${o.email}=${o.pin}`).join(' | ')}`,
|
|
);
|
|
}
|
|
|
|
main()
|
|
.catch((err) => {
|
|
console.error('Seed failed:', err);
|
|
process.exit(1);
|
|
})
|
|
.finally(async () => {
|
|
await prisma.$disconnect();
|
|
});
|