Pedro Gomes
1bc837e606
# O que mudou 1 Schema: failedAttempts + lockedUntil em User; migration auth_v0_2_lockout aplicada; crypto.ts com hashSecret/verifySecret (Node scrypt nativo, zero deps) 2 packages/api/src/auth.ts — authenticateCredential com lockout de 5 tentativas 3 Seed reescrito: admin hashed admin1234, operadores hashed 1111/2222/3333 4 Porta das traseiras fechada: AUTH_DEV_AUTOLOGIN ignorado quando NODE_ENV=production, em ambas as apps 5 operator-pwa: Credentials provider usa PIN + allowedRoles:['OPERATOR']; cookies fieldops-op.* 6 Picker em 2 estados: lista → teclado PIN (botões grandes, dots de progresso, mensagem de erro sem dar pistas) 7 admin-web: Auth.js completo (auth.config, auth.ts, route handler, middleware, /login page, AUTH_SECRET no env) com cookies fieldops-admin.* 8 scripts/auth-smoke.ts (11/11 ✓); .env.example e README atualizados
27 lines
691 B
TypeScript
27 lines
691 B
TypeScript
import NextAuth from 'next-auth';
|
|
import { authConfig } from './lib/auth.config';
|
|
|
|
const { auth } = NextAuth(authConfig);
|
|
|
|
export default auth((req) => {
|
|
const isLoggedIn = !!req.auth?.user;
|
|
const isAutologin =
|
|
process.env['AUTH_DEV_AUTOLOGIN'] === 'true' && process.env.NODE_ENV !== 'production';
|
|
const { pathname } = req.nextUrl;
|
|
|
|
if (pathname === '/login') {
|
|
if (isLoggedIn) return Response.redirect(new URL('/maintenance', req.url));
|
|
return;
|
|
}
|
|
|
|
if (!isLoggedIn && !isAutologin) {
|
|
return Response.redirect(new URL('/login', req.url));
|
|
}
|
|
});
|
|
|
|
export const config = {
|
|
matcher: [
|
|
'/((?!api/auth|api/trpc|_next/static|_next/image|favicon.ico).*)',
|
|
],
|
|
};
|