antonioandre/nuxt-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: antonioandre:7153caa0ac0772c49ec2be3eac932da8650d573d
Branches Tags
antonioandre:main antonioandre:pagina-login
..
compare: antonioandre:0dd0716b7cc8376176a3a689ed494bf518a5b151
Branches Tags
antonioandre:main antonioandre:pagina-login

4 Commits
7153caa0ac ... 0dd0716b7c

Author SHA1 Message Date
Antonio Andre
0dd0716b7c Merge branch 'recuperacao_de_senha' 2026-05-18 19:41:51 -05:00
Antonio Andre
ef9fef66b8 feat: renderiza conteudos nas rotas / e /home 2026-05-18 19:41:33 -05:00
Antonio Andre
5fb43e0087 feat: implementa recuperacao de senha a partir do email 2026-05-18 19:33:10 -05:00
Antonio Andre
c1ad6b4cfe refac: gera url de reset de senha com base no .env 2026-05-18 19:28:14 -05:00
10 changed files with 578 additions and 122 deletions
Expand all files Collapse all files

1
.env.example
View File

@@ -15,3 +15,4 @@ JWT_PUBLIC_KEY_PEM="<replace-with-escaped-pem>"
REFRESH_TOKEN_PEPPER="change-me"
PASSWORD_RESET_TTL_SEC="900"
PASSWORD_RESET_TOKEN_PEPPER="change-me"
PASSWORD_RESET_BASE_URL="http://localhost:3000"

146
app/pages/(auth)/auth/reset-password/index.vue Normal file
View File

@@ -0,0 +1,146 @@
<template>
<div
class="relative grid min-h-screen place-items-center overflow-hidden bg-[#f5f5f5] px-4 py-12 font-sans text-[#0c0a09] md:py-24">
<div
class="pointer-events-none absolute left-1/2 top-10 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(232,184,196,0.58),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(167,229,211,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(244,197,168,0.5),transparent_34%)] blur-2xl"
aria-hidden="true"></div>
<main
class="relative grid w-full max-w-[1120px] grid-cols-1 items-center gap-8 md:grid-cols-[minmax(0,1fr)_minmax(340px,440px)] md:gap-16"
aria-labelledby="reset-password-title">
<section class="relative pt-2 md:py-8">
<p
class="m-0 inline-flex rounded-full bg-[rgba(232,184,196,0.58)] px-3 py-1 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#0c0a09]">
Nova senha
</p>
<h1 id="reset-password-title"
class="my-5 max-w-[640px] font-serif text-[40px] font-light leading-[1.05] tracking-[-1.2px] text-[#0c0a09] md:text-[64px] md:tracking-[-1.92px]">
Redefina sua senha
</h1>
<p class="m-0 max-w-[520px] text-base font-normal leading-6 tracking-[0.16px] text-[#4e4e4e]">
Use o token gerado na recuperação para definir uma nova senha de acesso.
</p>
</section>
<section
class="grid gap-5 rounded-2xl border border-[#e7e5e4] bg-white p-6 shadow-[0_4px_16px_rgba(0,0,0,0.04)] md:p-8"
aria-label="Formulario de redefinicao de senha">
<div class="mb-1">
<span
class="inline-flex min-h-6 items-center rounded-full bg-[rgba(232,184,196,0.58)] px-2.5 py-1 text-xs font-semibold uppercase leading-none tracking-[0.96px] text-[#0c0a09]">
Reset
</span>
<h2 class="mt-4 font-serif text-3xl font-light leading-[1.13] tracking-[-0.32px] text-[#0c0a09]">
Dados da nova senha
</h2>
</div>
<Form :validation-schema="schema" :initial-values="initialValues" @submit="redefinirSenha" class="grid gap-5">
<div class="grid gap-2">
<label class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
for="new-password">
Nova senha
</label>
<Field name="newPassword" v-slot="{ field, meta }">
<input v-bind="field" :disabled="isLoading"
class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50"
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" type="password"
id="new-password" />
</Field>
<ErrorMessage name="newPassword" class="text-xs text-red-500" />
</div>
<div class="grid gap-2">
<label class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
for="confirm-password">
Confirmar senha
</label>
<Field name="confirmPassword" v-slot="{ field, meta }">
<input v-bind="field" :disabled="isLoading"
class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50"
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" type="password"
id="confirm-password" />
</Field>
<ErrorMessage name="confirmPassword" class="text-xs text-red-500" />
</div>
<p v-if="!resetToken"
class="rounded-lg border border-red-200 bg-red-50 px-3 py-2 text-sm leading-[1.47] text-red-600">
Link de recuperação inválido. Gere uma nova recuperação de senha.
</p>
<button type="submit" :disabled="isLoading || !resetToken"
class="mt-1 inline-flex h-10 items-center justify-center gap-2 rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-70">
<Icon v-if="isLoading" name="mdi:loading" class="animate-spin text-base" />
<span v-else>Redefinir senha</span>
</button>
<p class="text-center text-[15px] leading-[1.47] tracking-[0.15px] text-[#777169]">
Lembrou a sua senha?
<NuxtLink to="/login" class="font-medium text-[#0c0a09] underline-offset-2 hover:underline">
Entrar agora
</NuxtLink>
</p>
</Form>
</section>
</main>
</div>
</template>
<script setup>
import { toTypedSchema } from '@vee-validate/zod'
import { z } from 'zod'
definePageMeta({ middleware: 'guest' })
const route = useRoute()
const { $toast } = useNuxtApp()
const isLoading = ref(false)
const toStr = (val) => (val == null ? '' : String(val))
const resetToken = computed(() => (typeof route.query.token === 'string' ? route.query.token : ''))
const initialValues = {
newPassword: '',
confirmPassword: ''
}
const schema = toTypedSchema(
z
.object({
newPassword: z.preprocess(
toStr,
z.string().min(8, 'A senha deve ter no mínimo 8 caracteres')
),
confirmPassword: z.preprocess(toStr, z.string().min(1, 'Confirme a nova senha'))
})
.refine((data) => data.newPassword === data.confirmPassword, {
message: 'As senhas não conferem',
path: ['confirmPassword']
})
)
async function redefinirSenha({ newPassword }) {
isLoading.value = true
try {
await $fetch('/auth/reset-password', {
method: 'POST',
body: {
token: resetToken.value,
new_password: newPassword
}
})
$toast.success('Senha redefinida com sucesso!', { duration: 8000 })
await navigateTo('/login')
} catch (error) {
const message = error?.data?.statusMessage
$toast.error(message ?? 'Erro ao redefinir senha. Gere um novo token e tente novamente.', {
duration: 8000
})
} finally {
isLoading.value = false
}
}
</script>

32
app/pages/(auth)/login/index.vue
View File

@@ -1,7 +1,8 @@
<template>
<div
class="relative grid min-h-screen place-items-center overflow-hidden bg-[#f5f5f5] px-4 py-12 font-sans text-[#0c0a09] md:py-24">
<div class="pointer-events-none absolute left-1/2 top-10 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(167,229,211,0.62),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(244,197,168,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(200,184,224,0.5),transparent_34%)] blur-2xl"
<div
class="pointer-events-none absolute left-1/2 top-10 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(167,229,211,0.62),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(244,197,168,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(200,184,224,0.5),transparent_34%)] blur-2xl"
aria-hidden="true"></div>
<main
class="relative grid w-full max-w-[1120px] grid-cols-1 items-center gap-8 md:grid-cols-[minmax(0,1fr)_minmax(340px,420px)] md:gap-16"
@@ -35,35 +36,37 @@
<Form :validation-schema="schema" @submit="entrarConta" class="grid gap-5">
<div class="grid gap-2">
<label
class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
<label class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
for="email">
Email
</label>
<Field name="email" v-slot="{ field, meta }">
<input v-bind="field" :disabled="isLoading"
class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50"
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'"
type="email" id="email" />
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" type="email" id="email" />
</Field>
<ErrorMessage name="email" class="text-xs text-red-500" />
</div>
<div class="grid gap-2">
<label
class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
<label class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
for="senha">
Senha
</label>
<Field name="password" v-slot="{ field, meta }">
<input v-bind="field" :disabled="isLoading"
class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50"
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'"
type="password" id="senha" />
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" type="password"
id="senha" />
</Field>
<ErrorMessage name="password" class="text-xs text-red-500" />
</div>
<NuxtLink to="/recuperar-senha"
class="-mt-2 justify-self-end text-sm font-medium text-[#0c0a09] underline-offset-2 hover:underline">
Esqueci minha senha
</NuxtLink>
<button type="submit" :disabled="isLoading"
class="mt-1 inline-flex h-10 items-center justify-center gap-2 rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-70">
<Icon v-if="isLoading" name="mdi:loading" class="animate-spin text-base" />
@@ -72,8 +75,7 @@
<p class="text-center text-[15px] leading-[1.47] tracking-[0.15px] text-[#777169]">
Não tem uma conta?
<NuxtLink to="/criar-conta"
class="font-medium text-[#0c0a09] underline-offset-2 hover:underline">
<NuxtLink to="/criar-conta" class="font-medium text-[#0c0a09] underline-offset-2 hover:underline">
Criar conta
</NuxtLink>
</p>
@@ -104,8 +106,8 @@ const toStr = (val) => (val == null ? '' : String(val))
const schema = toTypedSchema(
z.object({
email: z.preprocess(toStr, z.string().min(1, 'Email é obrigatório').email('Email inválido')),
password: z.preprocess(toStr, z.string().min(1, 'A senha é obrigatória')),
}),
password: z.preprocess(toStr, z.string().min(1, 'A senha é obrigatória'))
})
)
async function entrarConta({ email, password }) {
@@ -113,7 +115,7 @@ async function entrarConta({ email, password }) {
try {
const data = await $fetch('/auth/login', {
method: 'POST',
body: { email, password },
body: { email, password }
})
token.value = data.access_token
@@ -124,7 +126,7 @@ async function entrarConta({ email, password }) {
} catch (error) {
const message = error?.data?.statusMessage
$toast.error(message ?? 'Erro para efetuar o login. Tente novamente.', {
duration: 8000,
duration: 8000
})
} finally {
isLoading.value = false

113
app/pages/(auth)/recuperar-senha/index.vue Normal file
View File

@@ -0,0 +1,113 @@
<template>
<div
class="relative grid min-h-screen place-items-center overflow-hidden bg-[#f5f5f5] px-4 py-12 font-sans text-[#0c0a09] md:py-24">
<div
class="pointer-events-none absolute left-1/2 top-10 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(167,229,211,0.62),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(168,200,232,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(232,184,196,0.5),transparent_34%)] blur-2xl"
aria-hidden="true"></div>
<main
class="relative grid w-full max-w-[1120px] grid-cols-1 items-center gap-8 md:grid-cols-[minmax(0,1fr)_minmax(340px,440px)] md:gap-16"
aria-labelledby="recover-password-title">
<section class="relative pt-2 md:py-8">
<p
class="m-0 inline-flex rounded-full bg-[rgba(168,200,232,0.56)] px-3 py-1 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#0c0a09]">
Recuperação
</p>
<h1 id="recover-password-title"
class="my-5 max-w-[640px] font-serif text-[40px] font-light leading-[1.05] tracking-[-1.2px] text-[#0c0a09] md:text-[64px] md:tracking-[-1.92px]">
Recupere sua senha
</h1>
<p class="m-0 max-w-[520px] text-base font-normal leading-6 tracking-[0.16px] text-[#4e4e4e]">
Informe seu email para recuperar a sua senha.
</p>
</section>
<section
class="grid gap-5 rounded-2xl border border-[#e7e5e4] bg-white p-6 shadow-[0_4px_16px_rgba(0,0,0,0.04)] md:p-8"
aria-label="Formulario de recuperacao de senha">
<div class="mb-1">
<span
class="inline-flex min-h-6 items-center rounded-full bg-[rgba(168,200,232,0.56)] px-2.5 py-1 text-xs font-semibold uppercase leading-none tracking-[0.96px] text-[#0c0a09]">
Senha
</span>
<h2 class="mt-4 font-serif text-3xl font-light leading-[1.13] tracking-[-0.32px] text-[#0c0a09]">
Email da conta
</h2>
</div>
<Form :validation-schema="schema" @submit="solicitarRecuperacao" class="grid gap-5">
<div class="grid gap-2">
<label class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
for="email">
Email
</label>
<Field name="email" v-slot="{ field, meta }">
<input v-bind="field" :disabled="isLoading"
class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50"
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" type="email" id="email" />
</Field>
<ErrorMessage name="email" class="text-xs text-red-500" />
</div>
<button type="submit" :disabled="isLoading"
class="mt-1 inline-flex h-10 items-center justify-center gap-2 rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-70">
<Icon v-if="isLoading" name="mdi:loading" class="animate-spin text-base" />
<span v-else>Gerar recuperação</span>
</button>
<p class="text-center text-[15px] leading-[1.47] tracking-[0.15px] text-[#777169]">
Lembrou a senha?
<NuxtLink to="/login" class="font-medium text-[#0c0a09] underline-offset-2 hover:underline">
Fazer login
</NuxtLink>
</p>
</Form>
</section>
</main>
</div>
</template>
<script setup>
import { toTypedSchema } from '@vee-validate/zod'
import { z } from 'zod'
definePageMeta({ middleware: 'guest' })
const { $toast } = useNuxtApp()
const isLoading = ref(false)
const toStr = (val) => (val == null ? '' : String(val))
const schema = toTypedSchema(
z.object({
email: z.preprocess(toStr, z.string().min(1, 'Email é obrigatório').email('Email inválido'))
})
)
async function solicitarRecuperacao({ email }) {
isLoading.value = true
try {
const data = await $fetch('/auth/forgot-password', {
method: 'POST',
body: { email }
})
const resetUrl = data?.recovery?.reset_url
if (!resetUrl) {
throw new Error('Reset URL was not returned')
}
$toast.success('Recuperação gerada com sucesso!', { duration: 8000 })
await navigateTo(resetUrl, { external: true })
} catch (error) {
const message = error?.data?.statusMessage
$toast.error(message ?? 'Erro ao gerar recuperação de senha. Tente novamente.', {
duration: 8000
})
} finally {
isLoading.value = false
}
}
</script>

133
app/pages/(protected)/home/index.vue
View File

@@ -1,6 +1,79 @@
<template>
<div
class="relative min-h-screen overflow-hidden bg-[#f5f5f5] px-4 py-10 font-sans text-[#0c0a09] md:px-8 md:py-16"
>
<div
class="pointer-events-none absolute left-1/2 top-8 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(167,229,211,0.62),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(168,200,232,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(232,184,196,0.5),transparent_34%)] blur-2xl"
aria-hidden="true"
></div>
<main class="relative mx-auto grid w-full max-w-[960px] gap-8" aria-labelledby="home-title">
<header class="flex flex-col gap-5 sm:flex-row sm:items-end sm:justify-between">
<div>
<h1>OOOIII SOU A HOMEEE</h1>
<p
class="m-0 inline-flex rounded-full bg-[rgba(168,200,232,0.56)] px-3 py-1 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#0c0a09]"
>
Conta
</p>
<h1
id="home-title"
class="my-5 max-w-[680px] font-serif text-[40px] font-light leading-[1.08] tracking-[-0.96px] text-[#0c0a09] md:text-[48px]"
>
Olá, você está autenticado!
</h1>
<p
class="m-0 max-w-[540px] text-base font-normal leading-6 tracking-[0.16px] text-[#4e4e4e]"
>
Estes são os dados retornados pelo perfil da sua sessão atual.
</p>
</div>
<button
type="button"
:disabled="isLeaving"
@click="sair"
class="inline-flex h-10 items-center justify-center gap-2 rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-70"
>
<Icon v-if="isLeaving" name="mdi:loading" class="animate-spin text-base" />
<span v-else>Sair</span>
</button>
</header>
<section
class="grid gap-5 rounded-2xl border border-[#e7e5e4] bg-white p-6 shadow-[0_4px_16px_rgba(0,0,0,0.04)] md:p-8"
aria-label="Dados do perfil autenticado"
>
<div>
<span
class="inline-flex min-h-6 items-center rounded-full bg-[rgba(167,229,211,0.62)] px-2.5 py-1 text-xs font-semibold uppercase leading-none tracking-[0.96px] text-[#0c0a09]"
>
Perfil
</span>
<h2
class="mt-4 font-serif text-3xl font-light leading-[1.13] tracking-[-0.32px] text-[#0c0a09]"
>
Dados da conta
</h2>
</div>
<dl class="grid gap-4">
<div
v-for="item in profileRows"
:key="item.label"
class="grid gap-1 border-t border-[#e7e5e4] pt-4 sm:grid-cols-[160px_minmax(0,1fr)] sm:gap-5"
>
<dt
class="text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
>
{{ item.label }}
</dt>
<dd class="m-0 break-words text-base leading-6 tracking-[0.16px] text-[#0c0a09]">
{{ item.value }}
</dd>
</div>
</dl>
</section>
</main>
</div>
</template>
@@ -8,4 +81,62 @@
definePageMeta({
middleware: 'auth'
})
const { $toast } = useNuxtApp()
const token = useCookie('token', {
secure: true,
sameSite: 'lax',
maxAge: 900
})
const isLeaving = ref(false)
const clearToken = () => {
token.value = null
}
const { data: profile, error } = await useAsyncData('profile-me', () =>
$fetch('/profile/me', {
headers: {
Authorization: `Bearer ${token.value}`
}
})
)
if (error.value) {
clearToken()
if (import.meta.client) {
$toast.error('Sua sessão expirou. Faça login novamente.', { duration: 8000 })
}
await navigateTo('/login')
}
const profileRows = computed(() => [
{
label: 'user_id',
value: profile.value?.user_id ?? profile.value?.id ?? '-'
},
{
label: 'email',
value: profile.value?.email ?? '-'
},
{
label: 'created_at',
value: profile.value?.created_at ?? '-'
},
{
label: 'updated_at',
value: profile.value?.updated_at ?? '-'
}
])
async function sair() {
isLeaving.value = true
clearToken()
$toast.success('Sessão encerrada com sucesso.', { duration: 8000 })
await navigateTo('/login')
}
</script>

62
app/pages/index.vue
View File

@@ -1,5 +1,63 @@
<template>
<div>
<h1>Welcome to the Home Page</h1>
<div
class="relative grid min-h-screen place-items-center overflow-hidden bg-[#f5f5f5] px-4 py-12 font-sans text-[#0c0a09] md:py-24"
>
<div
class="pointer-events-none absolute left-1/2 top-10 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(167,229,211,0.62),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(244,197,168,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(200,184,224,0.5),transparent_34%)] blur-2xl"
aria-hidden="true"
></div>
<main
class="relative grid w-full max-w-[960px] gap-8 rounded-2xl border border-[#e7e5e4] bg-white p-6 shadow-[0_4px_16px_rgba(0,0,0,0.04)] md:grid-cols-[minmax(0,1fr)_auto] md:items-end md:p-8"
aria-labelledby="landing-title"
>
<section>
<p
class="m-0 inline-flex rounded-full bg-[rgba(167,229,211,0.62)] px-3 py-1 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#0c0a09]"
>
Autenticação
</p>
<h1
id="landing-title"
class="my-5 max-w-[640px] font-serif text-[40px] font-light leading-[1.05] tracking-[-1.2px] text-[#0c0a09] md:text-[64px] md:tracking-[-1.92px]"
>
Acesse sua conta
</h1>
<p
class="m-0 max-w-[520px] text-base font-normal leading-6 tracking-[0.16px] text-[#4e4e4e]"
>
Entre para ver sua área autenticada ou crie uma conta nova com email e senha.
</p>
</section>
<nav class="flex flex-col gap-3 sm:flex-row md:flex-col" aria-label="Acesso a conta">
<NuxtLink
v-if="hasToken"
to="/home"
class="inline-flex h-10 items-center justify-center rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09]"
>
Ir para home
</NuxtLink>
<NuxtLink
v-else
to="/login"
class="inline-flex h-10 items-center justify-center rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09]"
>
Entrar na conta
</NuxtLink>
<NuxtLink
to="/criar-conta"
class="inline-flex h-10 items-center justify-center rounded-full border border-[#d6d3d1] bg-transparent px-5 text-[15px] font-medium leading-none text-[#0c0a09] transition hover:border-[#0c0a09]"
>
Criar conta
</NuxtLink>
</nav>
</main>
</div>
</template>
<script setup>
const token = useCookie('token')
const hasToken = computed(() => Boolean(token.value))
</script>

19
nuxt.config.ts
View File

@@ -2,7 +2,13 @@
export default defineNuxtConfig({
compatibilityDate: '2025-07-15',
devtools: { enabled: true },
modules: ['@nuxtjs/tailwindcss', '@pinia/nuxt', '@vee-validate/nuxt', 'vue-sonner/nuxt', '@nuxt/icon'],
modules: [
'@nuxtjs/tailwindcss',
'@pinia/nuxt',
'@vee-validate/nuxt',
'vue-sonner/nuxt',
'@nuxt/icon'
],
runtimeConfig: {
databaseUrl: process.env.DATABASE_URL,
jwtIssuer: process.env.JWT_ISSUER ?? 'https://auth.local',
@@ -14,17 +20,12 @@ export default defineNuxtConfig({
jwtKid: process.env.JWT_KID ?? 'auth-key-1',
refreshTokenPepper: process.env.REFRESH_TOKEN_PEPPER ?? '',
passwordResetTtlSec: process.env.PASSWORD_RESET_TTL_SEC ?? '900',
passwordResetTokenPepper: process.env.PASSWORD_RESET_TOKEN_PEPPER ?? ''
passwordResetTokenPepper: process.env.PASSWORD_RESET_TOKEN_PEPPER ?? '',
passwordResetBaseUrl: process.env.PASSWORD_RESET_BASE_URL ?? ''
},
vite: {
optimizeDeps: {
include: [
'@vue/devtools-core',
'@vue/devtools-kit',
'zod',
'@vee-validate/zod',
'vue-sonner',
]
include: ['@vue/devtools-core', '@vue/devtools-kit', 'zod', '@vee-validate/zod', 'vue-sonner']
}
}
})

5
server/utils/auth-config.ts
View File

@@ -11,6 +11,7 @@ export interface AuthRuntimeConfig {
kid: string
refreshTokenPepper: string
passwordResetTokenPepper: string
passwordResetBaseUrl: string
}
/**
@@ -85,6 +86,7 @@ export function getAuthRuntimeConfig(event?: H3Event): AuthRuntimeConfig {
const refreshTokenPepper = String(runtimeConfig.refreshTokenPepper ?? '').trim()
const passwordResetTokenPepper =
String(runtimeConfig.passwordResetTokenPepper ?? '').trim() || refreshTokenPepper
const passwordResetBaseUrl = String(runtimeConfig.passwordResetBaseUrl ?? '').trim()
return {
issuer,
@@ -99,6 +101,7 @@ export function getAuthRuntimeConfig(event?: H3Event): AuthRuntimeConfig {
privateKeyPem: normalizePem(String(runtimeConfig.jwtPrivateKeyPem ?? ''), 'JWT private key'),
publicKeyPem: normalizePem(String(runtimeConfig.jwtPublicKeyPem ?? ''), 'JWT public key'),
refreshTokenPepper,
passwordResetTokenPepper
passwordResetTokenPepper,
passwordResetBaseUrl
}
}

5
server/utils/auth-service.ts
View File

@@ -1,5 +1,5 @@
import { Prisma } from '@prisma/client'
import { createError, readBody, setResponseStatus, type H3Event } from 'h3'
import { createError, getRequestURL, readBody, setResponseStatus, type H3Event } from 'h3'
import { signAccessToken } from './jwt'
import { getAuthRuntimeConfig } from './auth-config'
@@ -202,6 +202,7 @@ export async function handleForgotPassword(event: H3Event) {
const expiresAt = new Date(now.getTime() + config.passwordResetTtlSec * 1000)
const rawResetToken = generateRawPasswordResetToken()
const tokenHash = hashPasswordResetToken(rawResetToken, config.passwordResetTokenPepper)
const resetBaseUrl = config.passwordResetBaseUrl || getRequestURL(event).origin
const user = await prisma.user.findUnique({
where: { email },
@@ -233,7 +234,7 @@ export async function handleForgotPassword(event: H3Event) {
message: 'If the email exists, recovery instructions were generated',
recovery: {
reset_token: rawResetToken,
reset_url: buildPasswordResetPreviewUrl(config.issuer, rawResetToken),
reset_url: buildPasswordResetPreviewUrl(resetBaseUrl, rawResetToken),
expires_in: config.passwordResetTtlSec
}
}

6
server/utils/password-reset-token.ts
View File

@@ -23,13 +23,13 @@ export function generateRawPasswordResetToken(): string {
/**
* Monta uma URL de preview para facilitar testes locais sem SMTP.
*
* @param issuer Base do serviço de auth.
* @param baseUrl URL pública usada para abrir a tela de redefinição.
* @param token Token bruto de recuperação.
* @returns URL completa (ou fallback relativo) com o token.
*/
export function buildPasswordResetPreviewUrl(issuer: string, token: string): string {
export function buildPasswordResetPreviewUrl(baseUrl: string, token: string): string {
try {
const url = new URL('/auth/reset-password', issuer)
const url = new URL('/auth/reset-password', baseUrl)
url.searchParams.set('token', token)
return url.toString()