pedrogomes/FieldOps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
FieldOps/apps/admin-web/lib/auth.config.ts
Pedro Gomes 1bc837e606 MAI CALL - auth v0.2 
# O que mudou
1 Schema: failedAttempts + lockedUntil em User; migration auth_v0_2_lockout aplicada; crypto.ts com hashSecret/verifySecret (Node scrypt nativo, zero deps)
2 packages/api/src/auth.ts — authenticateCredential com lockout de 5 tentativas
3 Seed reescrito: admin hashed admin1234, operadores hashed 1111/2222/3333
4 Porta das traseiras fechada: AUTH_DEV_AUTOLOGIN ignorado quando NODE_ENV=production, em ambas as apps
5 operator-pwa: Credentials provider usa PIN + allowedRoles:['OPERATOR']; cookies fieldops-op.*
6 Picker em 2 estados: lista → teclado PIN (botões grandes, dots de progresso, mensagem de erro sem dar pistas)
7 admin-web: Auth.js completo (auth.config, auth.ts, route handler, middleware, /login page, AUTH_SECRET no env) com cookies fieldops-admin.*
8 scripts/auth-smoke.ts (11/11 ✓); .env.example e README atualizados
2026-05-30 11:54:38 +01:00

45 lines
1.4 KiB
TypeScript
Raw Blame History

import type { NextAuthConfig } from 'next-auth';
/**
* Edge-safe portion of the Auth.js config for admin-web.
* Imported by middleware — no Credentials provider, no Prisma.
*/
export const authConfig = {
trustHost: true,
session: { strategy: 'jwt' },
pages: {
signIn: '/login',
},
// Distinct cookie names prevent session collision with operator-pwa on localhost
// (cookies are not isolated by port — only by name and domain).
cookies: {
sessionToken: { name: 'fieldops-admin.session-token' },
callbackUrl: { name: 'fieldops-admin.callback-url' },
csrfToken: { name: 'fieldops-admin.csrf-token' },
},
callbacks: {
async jwt({ token, user }) {
if (user) {
// eslint-disable-next-line @typescript-eslint/no-explicit-any
const u = user as any;
token.id = u.id;
token.role = u.role;
token.tenantId = u.tenantId;
}
return token;
},
async session({ session, token }) {
if (token && session.user) {
// eslint-disable-next-line @typescript-eslint/no-explicit-any
(session.user as any).id = token.id;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
(session.user as any).role = token.role;
// eslint-disable-next-line @typescript-eslint/no-explicit-any
(session.user as any).tenantId = token.tenantId;
}
return session;
},
},
providers: [],
} satisfies NextAuthConfig;
Reference in New Issue View Git Blame Copy Permalink