feat(auth): implementa endpoint de registro de usuario

2026-04-14 19:59:00 -05:00
parent 068576cf4b
commit 11dc1266a2
3 changed files with 91 additions and 2 deletions
--- a/server/utils/auth-service.ts
+++ b/server/utils/auth-service.ts
@@ -1,8 +1,9 @@
-import { createError, readBody, type H3Event } from 'h3'
+import { Prisma } from '@prisma/client'
+import { createError, readBody, setResponseStatus, type H3Event } from 'h3'

 import { signAccessToken } from './jwt'
 import { getAuthRuntimeConfig } from './auth-config'
-import { verifyPassword } from './password'
+import { hashPassword, verifyPassword } from './password'
 import { prisma } from './prisma'
 import { issueRefreshToken, rotateRefreshToken } from './refresh-token'

@@ -15,6 +16,11 @@ interface RefreshBody {
  refresh_token?: unknown
 }

+interface RegisterBody {
+  email?: unknown
+  password?: unknown
+}
+
 /**
 * Valida e normaliza email/senha enviados no login.
 *
@@ -33,6 +39,26 @@ function parseCredentialBody(body: LoginBody) {
  return { email, password }
 }

+/**
+ * Valida os dados de cadastro e aplica regra mínima de senha.
+ *
+ * @param body Corpo bruto da requisição de cadastro.
+ * @returns Email normalizado e senha pronta para persistência.
+ * @throws {H3Error} Quando os dados forem inválidos.
+ */
+function parseRegisterBody(body: RegisterBody) {
+  const { email, password } = parseCredentialBody(body)
+
+  if (password.length < 6) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: 'password must have at least 6 characters'
+    })
+  }
+
+  return { email, password }
+}
+
 /**
 * Valida o refresh token enviado no corpo da requisição.
 *
@@ -50,6 +76,57 @@ function parseRefreshBody(body: RefreshBody): string {
  return refreshToken
 }

+/**
+ * Executa o fluxo de cadastro:
+ * valida entrada, cria usuário e retorna dados básicos sem autenticar.
+ *
+ * @param event Evento HTTP da requisição.
+ * @returns Usuário criado no formato público.
+ * @throws {H3Error} Quando houver dados inválidos ou email já cadastrado.
+ */
+export async function handleRegister(event: H3Event) {
+  const body = await readBody<RegisterBody>(event)
+  const { email, password } = parseRegisterBody(body ?? {})
+
+  try {
+    const createdUser = await prisma.user.create({
+      data: {
+        email,
+        passwordHash: hashPassword(password)
+      },
+      select: {
+        id: true,
+        email: true,
+        createdAt: true,
+        updatedAt: true
+      }
+    })
+
+    setResponseStatus(event, 201)
+
+    return {
+      id: createdUser.id,
+      email: createdUser.email,
+      created_at: createdUser.createdAt.toISOString(),
+      updated_at: createdUser.updatedAt.toISOString()
+    }
+  } catch (error) {
+    if (
+      error instanceof Prisma.PrismaClientKnownRequestError &&
+      error.code === 'P2002' &&
+      Array.isArray(error.meta?.target) &&
+      error.meta.target.includes('email')
+    ) {
+      throw createError({
+        statusCode: 409,
+        statusMessage: 'Email já cadastrado'
+      })
+    }
+
+    throw error
+  }
+}
+
 /**
 * Executa o fluxo de login:
 * valida credenciais, gera access token e emite refresh token.