Pedro Gomes
1bc837e606
# O que mudou 1 Schema: failedAttempts + lockedUntil em User; migration auth_v0_2_lockout aplicada; crypto.ts com hashSecret/verifySecret (Node scrypt nativo, zero deps) 2 packages/api/src/auth.ts — authenticateCredential com lockout de 5 tentativas 3 Seed reescrito: admin hashed admin1234, operadores hashed 1111/2222/3333 4 Porta das traseiras fechada: AUTH_DEV_AUTOLOGIN ignorado quando NODE_ENV=production, em ambas as apps 5 operator-pwa: Credentials provider usa PIN + allowedRoles:['OPERATOR']; cookies fieldops-op.* 6 Picker em 2 estados: lista → teclado PIN (botões grandes, dots de progresso, mensagem de erro sem dar pistas) 7 admin-web: Auth.js completo (auth.config, auth.ts, route handler, middleware, /login page, AUTH_SECRET no env) com cookies fieldops-admin.* 8 scripts/auth-smoke.ts (11/11 ✓); .env.example e README atualizados
28 lines
793 B
TypeScript
28 lines
793 B
TypeScript
import { createEnv } from '@t3-oss/env-nextjs';
|
|
import { z } from 'zod';
|
|
|
|
export const env = createEnv({
|
|
server: {
|
|
DATABASE_URL: z.string().url(),
|
|
AUTH_SECRET: z.string().min(1, 'AUTH_SECRET is required'),
|
|
AUTH_DEV_AUTOLOGIN: z
|
|
.string()
|
|
.optional()
|
|
.transform((v) => v === 'true'),
|
|
LOG_LEVEL: z
|
|
.enum(['fatal', 'error', 'warn', 'info', 'debug', 'trace'])
|
|
.default('info'),
|
|
},
|
|
client: {
|
|
NEXT_PUBLIC_APP_URL: z.string().url().optional(),
|
|
},
|
|
runtimeEnv: {
|
|
DATABASE_URL: process.env.DATABASE_URL,
|
|
AUTH_SECRET: process.env.AUTH_SECRET,
|
|
AUTH_DEV_AUTOLOGIN: process.env.AUTH_DEV_AUTOLOGIN,
|
|
LOG_LEVEL: process.env.LOG_LEVEL,
|
|
NEXT_PUBLIC_APP_URL: process.env.NEXT_PUBLIC_APP_URL,
|
|
},
|
|
emptyStringAsUndefined: true,
|
|
});
|