first commit

server/routes/dashboard.get.ts

@@ -0,0 +1,30 @@
+import { createError, getRequestHeader } from 'h3'
+
+import { requireAuthContext } from '../utils/require-auth'
+
+/**
+ * Exemplo de orquestração A -> B.
+ * Reaproveita o mesmo Authorization para chamar `/profile/me`.
+ */
+export default defineEventHandler(async (event) => {
+  const auth = requireAuthContext(event)
+
+  const authorization = getRequestHeader(event, 'authorization')
+
+  if (!authorization) {
+    throw createError({ statusCode: 401, statusMessage: 'Missing Authorization header' })
+  }
+
+  const profileFromService = await $fetch('/profile/me', {
+    headers: {
+      Authorization: authorization
+    }
+  })
+
+  return {
+    sub_from_api_a: auth.id,
+    sub_from_api_b: profileFromService.id,
+    same_subject: profileFromService.id === auth.id,
+    profile: profileFromService
+  }
+})