antonioandre/nuxt-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: antonioandre:pagina-login
Branches Tags
antonioandre:main antonioandre:pagina-login
...
compare: antonioandre:0dd0716b7cc8376176a3a689ed494bf518a5b151
Branches Tags
antonioandre:main antonioandre:pagina-login

6 Commits
pagina-log ... 0dd0716b7c

Author SHA1 Message Date
Antonio Andre
0dd0716b7c Merge branch 'recuperacao_de_senha' 2026-05-18 19:41:51 -05:00
Antonio Andre
ef9fef66b8 feat: renderiza conteudos nas rotas / e /home 2026-05-18 19:41:33 -05:00
Antonio Andre
5fb43e0087 feat: implementa recuperacao de senha a partir do email 2026-05-18 19:33:10 -05:00
Antonio Andre
c1ad6b4cfe refac: gera url de reset de senha com base no .env 2026-05-18 19:28:14 -05:00
Antonio Andre
7153caa0ac fix: corrige problema de importacao que afeta apenas o ambiente de producao 2026-05-04 20:27:02 -05:00
Antonio Andre
7652c8aad5 Merge branch 'pagina-login' 2026-05-04 18:35:59 -05:00
11 changed files with 578 additions and 138 deletions
Expand all files Collapse all files

1
.env.example
View File

@@ -15,3 +15,4 @@ JWT_PUBLIC_KEY_PEM="<replace-with-escaped-pem>"
REFRESH_TOKEN_PEPPER="change-me" REFRESH_TOKEN_PEPPER="change-me"
PASSWORD_RESET_TTL_SEC="900" PASSWORD_RESET_TTL_SEC="900"
PASSWORD_RESET_TOKEN_PEPPER="change-me" PASSWORD_RESET_TOKEN_PEPPER="change-me"
PASSWORD_RESET_BASE_URL="http://localhost:3000"

146
app/pages/(auth)/auth/reset-password/index.vue Normal file
View File

@@ -0,0 +1,146 @@
<template>
<div
class="relative grid min-h-screen place-items-center overflow-hidden bg-[#f5f5f5] px-4 py-12 font-sans text-[#0c0a09] md:py-24">
<div
class="pointer-events-none absolute left-1/2 top-10 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(232,184,196,0.58),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(167,229,211,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(244,197,168,0.5),transparent_34%)] blur-2xl"
aria-hidden="true"></div>
<main
class="relative grid w-full max-w-[1120px] grid-cols-1 items-center gap-8 md:grid-cols-[minmax(0,1fr)_minmax(340px,440px)] md:gap-16"
aria-labelledby="reset-password-title">
<section class="relative pt-2 md:py-8">
<p
class="m-0 inline-flex rounded-full bg-[rgba(232,184,196,0.58)] px-3 py-1 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#0c0a09]">
Nova senha
</p>
<h1 id="reset-password-title"
class="my-5 max-w-[640px] font-serif text-[40px] font-light leading-[1.05] tracking-[-1.2px] text-[#0c0a09] md:text-[64px] md:tracking-[-1.92px]">
Redefina sua senha
</h1>
<p class="m-0 max-w-[520px] text-base font-normal leading-6 tracking-[0.16px] text-[#4e4e4e]">
Use o token gerado na recuperação para definir uma nova senha de acesso.
</p>
</section>
<section
class="grid gap-5 rounded-2xl border border-[#e7e5e4] bg-white p-6 shadow-[0_4px_16px_rgba(0,0,0,0.04)] md:p-8"
aria-label="Formulario de redefinicao de senha">
<div class="mb-1">
<span
class="inline-flex min-h-6 items-center rounded-full bg-[rgba(232,184,196,0.58)] px-2.5 py-1 text-xs font-semibold uppercase leading-none tracking-[0.96px] text-[#0c0a09]">
Reset
</span>
<h2 class="mt-4 font-serif text-3xl font-light leading-[1.13] tracking-[-0.32px] text-[#0c0a09]">
Dados da nova senha
</h2>
</div>
<Form :validation-schema="schema" :initial-values="initialValues" @submit="redefinirSenha" class="grid gap-5">
<div class="grid gap-2">
<label class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
for="new-password">
Nova senha
</label>
<Field name="newPassword" v-slot="{ field, meta }">
<input v-bind="field" :disabled="isLoading"
class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50"
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" type="password"
id="new-password" />
</Field>
<ErrorMessage name="newPassword" class="text-xs text-red-500" />
</div>
<div class="grid gap-2">
<label class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
for="confirm-password">
Confirmar senha
</label>
<Field name="confirmPassword" v-slot="{ field, meta }">
<input v-bind="field" :disabled="isLoading"
class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50"
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" type="password"
id="confirm-password" />
</Field>
<ErrorMessage name="confirmPassword" class="text-xs text-red-500" />
</div>
<p v-if="!resetToken"
class="rounded-lg border border-red-200 bg-red-50 px-3 py-2 text-sm leading-[1.47] text-red-600">
Link de recuperação inválido. Gere uma nova recuperação de senha.
</p>
<button type="submit" :disabled="isLoading || !resetToken"
class="mt-1 inline-flex h-10 items-center justify-center gap-2 rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-70">
<Icon v-if="isLoading" name="mdi:loading" class="animate-spin text-base" />
<span v-else>Redefinir senha</span>
</button>
<p class="text-center text-[15px] leading-[1.47] tracking-[0.15px] text-[#777169]">
Lembrou a sua senha?
<NuxtLink to="/login" class="font-medium text-[#0c0a09] underline-offset-2 hover:underline">
Entrar agora
</NuxtLink>
</p>
</Form>
</section>
</main>
</div>
</template>
<script setup>
import { toTypedSchema } from '@vee-validate/zod'
import { z } from 'zod'
definePageMeta({ middleware: 'guest' })
const route = useRoute()
const { $toast } = useNuxtApp()
const isLoading = ref(false)
const toStr = (val) => (val == null ? '' : String(val))
const resetToken = computed(() => (typeof route.query.token === 'string' ? route.query.token : ''))
const initialValues = {
newPassword: '',
confirmPassword: ''
}
const schema = toTypedSchema(
z
.object({
newPassword: z.preprocess(
toStr,
z.string().min(8, 'A senha deve ter no mínimo 8 caracteres')
),
confirmPassword: z.preprocess(toStr, z.string().min(1, 'Confirme a nova senha'))
})
.refine((data) => data.newPassword === data.confirmPassword, {
message: 'As senhas não conferem',
path: ['confirmPassword']
})
)
async function redefinirSenha({ newPassword }) {
isLoading.value = true
try {
await $fetch('/auth/reset-password', {
method: 'POST',
body: {
token: resetToken.value,
new_password: newPassword
}
})
$toast.success('Senha redefinida com sucesso!', { duration: 8000 })
await navigateTo('/login')
} catch (error) {
const message = error?.data?.statusMessage
$toast.error(message ?? 'Erro ao redefinir senha. Gere um novo token e tente novamente.', {
duration: 8000
})
} finally {
isLoading.value = false
}
}
</script>

202
app/pages/(auth)/login/index.vue
View File

@@ -1,86 +1,88 @@
<template> <template>
<div
class="relative grid min-h-screen place-items-center overflow-hidden bg-[#f5f5f5] px-4 py-12 font-sans text-[#0c0a09] md:py-24">
<div <div
class="relative grid min-h-screen place-items-center overflow-hidden bg-[#f5f5f5] px-4 py-12 font-sans text-[#0c0a09] md:py-24"> class="pointer-events-none absolute left-1/2 top-10 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(167,229,211,0.62),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(244,197,168,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(200,184,224,0.5),transparent_34%)] blur-2xl"
<div class="pointer-events-none absolute left-1/2 top-10 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(167,229,211,0.62),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(244,197,168,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(200,184,224,0.5),transparent_34%)] blur-2xl" aria-hidden="true"></div>
aria-hidden="true"></div> <main
<main class="relative grid w-full max-w-[1120px] grid-cols-1 items-center gap-8 md:grid-cols-[minmax(0,1fr)_minmax(340px,420px)] md:gap-16"
class="relative grid w-full max-w-[1120px] grid-cols-1 items-center gap-8 md:grid-cols-[minmax(0,1fr)_minmax(340px,420px)] md:gap-16" aria-labelledby="create-account-title">
aria-labelledby="create-account-title"> <section class="relative pt-2 md:py-8">
<section class="relative pt-2 md:py-8"> <p
<p class="m-0 inline-flex rounded-full bg-[rgba(200,184,224,0.5)] px-3 py-1 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#0c0a09]">
class="m-0 inline-flex rounded-full bg-[rgba(200,184,224,0.5)] px-3 py-1 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#0c0a09]"> Login
Login </p>
</p> <h1 id="create-account-title"
<h1 id="create-account-title" class="my-5 max-w-[640px] font-serif text-[40px] font-light leading-[1.05] tracking-[-1.2px] text-[#0c0a09] md:text-[64px] md:tracking-[-1.92px]">
class="my-5 max-w-[640px] font-serif text-[40px] font-light leading-[1.05] tracking-[-1.2px] text-[#0c0a09] md:text-[64px] md:tracking-[-1.92px]"> Faça seu login
Faça seu login </h1>
</h1> <p class="m-0 max-w-[520px] text-base font-normal leading-6 tracking-[0.16px] text-[#4e4e4e]">
<p class="m-0 max-w-[520px] text-base font-normal leading-6 tracking-[0.16px] text-[#4e4e4e]"> Faça seu login com email e senha.
Faça seu login com email e senha. </p>
</p> </section>
</section>
<section <section
class="grid gap-5 rounded-2xl border border-[#e7e5e4] bg-white p-6 shadow-[0_4px_16px_rgba(0,0,0,0.04)] md:p-8" class="grid gap-5 rounded-2xl border border-[#e7e5e4] bg-white p-6 shadow-[0_4px_16px_rgba(0,0,0,0.04)] md:p-8"
aria-label="Formulario de criacao de conta"> aria-label="Formulario de criacao de conta">
<div class="mb-1"> <div class="mb-1">
<span <span
class="inline-flex min-h-6 items-center rounded-full bg-[rgba(200,184,224,0.5)] px-2.5 py-1 text-xs font-semibold uppercase leading-none tracking-[0.96px] text-[#0c0a09]"> class="inline-flex min-h-6 items-center rounded-full bg-[rgba(200,184,224,0.5)] px-2.5 py-1 text-xs font-semibold uppercase leading-none tracking-[0.96px] text-[#0c0a09]">
Login Login
</span> </span>
<h2 class="mt-4 font-serif text-3xl font-light leading-[1.13] tracking-[-0.32px] text-[#0c0a09]"> <h2 class="mt-4 font-serif text-3xl font-light leading-[1.13] tracking-[-0.32px] text-[#0c0a09]">
Dados de entrada Dados de entrada
</h2> </h2>
</div> </div>
<Form :validation-schema="schema" @submit="entrarConta" class="grid gap-5"> <Form :validation-schema="schema" @submit="entrarConta" class="grid gap-5">
<div class="grid gap-2"> <div class="grid gap-2">
<label <label class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]" for="email">
for="email"> Email
Email </label>
</label> <Field name="email" v-slot="{ field, meta }">
<Field name="email" v-slot="{ field, meta }"> <input v-bind="field" :disabled="isLoading"
<input v-bind="field" :disabled="isLoading" class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50"
class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50" :class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" type="email" id="email" />
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" </Field>
type="email" id="email" /> <ErrorMessage name="email" class="text-xs text-red-500" />
</Field> </div>
<ErrorMessage name="email" class="text-xs text-red-500" />
</div>
<div class="grid gap-2"> <div class="grid gap-2">
<label <label class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]" for="senha">
for="senha"> Senha
Senha </label>
</label> <Field name="password" v-slot="{ field, meta }">
<Field name="password" v-slot="{ field, meta }"> <input v-bind="field" :disabled="isLoading"
<input v-bind="field" :disabled="isLoading" class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50"
class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50" :class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" type="password"
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" id="senha" />
type="password" id="senha" /> </Field>
</Field> <ErrorMessage name="password" class="text-xs text-red-500" />
<ErrorMessage name="password" class="text-xs text-red-500" /> </div>
</div>
<button type="submit" :disabled="isLoading" <NuxtLink to="/recuperar-senha"
class="mt-1 inline-flex h-10 items-center justify-center gap-2 rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-70"> class="-mt-2 justify-self-end text-sm font-medium text-[#0c0a09] underline-offset-2 hover:underline">
<Icon v-if="isLoading" name="mdi:loading" class="animate-spin text-base" /> Esqueci minha senha
<span v-else>Entrar</span> </NuxtLink>
</button>
<p class="text-center text-[15px] leading-[1.47] tracking-[0.15px] text-[#777169]"> <button type="submit" :disabled="isLoading"
Não tem uma conta? class="mt-1 inline-flex h-10 items-center justify-center gap-2 rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-70">
<NuxtLink to="/criar-conta" <Icon v-if="isLoading" name="mdi:loading" class="animate-spin text-base" />
class="font-medium text-[#0c0a09] underline-offset-2 hover:underline"> <span v-else>Entrar</span>
Criar conta </button>
</NuxtLink>
</p> <p class="text-center text-[15px] leading-[1.47] tracking-[0.15px] text-[#777169]">
</Form> Não tem uma conta?
</section> <NuxtLink to="/criar-conta" class="font-medium text-[#0c0a09] underline-offset-2 hover:underline">
</main> Criar conta
</div> </NuxtLink>
</p>
</Form>
</section>
</main>
</div>
</template> </template>
<script setup> <script setup>
@@ -92,9 +94,9 @@ definePageMeta({ middleware: 'guest' })
const { $toast } = useNuxtApp() const { $toast } = useNuxtApp()
const token = useCookie('token', { const token = useCookie('token', {
secure: true, secure: true,
sameSite: 'lax', sameSite: 'lax',
maxAge: 900 maxAge: 900
}) })
const isLoading = ref(false) const isLoading = ref(false)
@@ -102,32 +104,32 @@ const isLoading = ref(false)
const toStr = (val) => (val == null ? '' : String(val)) const toStr = (val) => (val == null ? '' : String(val))
const schema = toTypedSchema( const schema = toTypedSchema(
z.object({ z.object({
email: z.preprocess(toStr, z.string().min(1, 'Email é obrigatório').email('Email inválido')), email: z.preprocess(toStr, z.string().min(1, 'Email é obrigatório').email('Email inválido')),
password: z.preprocess(toStr, z.string().min(1, 'A senha é obrigatória')), password: z.preprocess(toStr, z.string().min(1, 'A senha é obrigatória'))
}), })
) )
async function entrarConta({ email, password }) { async function entrarConta({ email, password }) {
isLoading.value = true isLoading.value = true
try { try {
const data = await $fetch('/auth/login', { const data = await $fetch('/auth/login', {
method: 'POST', method: 'POST',
body: { email, password }, body: { email, password }
}) })
token.value = data.access_token token.value = data.access_token
$toast.success('Login realizado com sucesso!', { duration: 8000 }) $toast.success('Login realizado com sucesso!', { duration: 8000 })
await navigateTo('/home') await navigateTo('/home')
} catch (error) { } catch (error) {
const message = error?.data?.statusMessage const message = error?.data?.statusMessage
$toast.error(message ?? 'Erro para efetuar o login. Tente novamente.', { $toast.error(message ?? 'Erro para efetuar o login. Tente novamente.', {
duration: 8000, duration: 8000
}) })
} finally { } finally {
isLoading.value = false isLoading.value = false
} }
} }
</script> </script>

113
app/pages/(auth)/recuperar-senha/index.vue Normal file
View File

@@ -0,0 +1,113 @@
<template>
<div
class="relative grid min-h-screen place-items-center overflow-hidden bg-[#f5f5f5] px-4 py-12 font-sans text-[#0c0a09] md:py-24">
<div
class="pointer-events-none absolute left-1/2 top-10 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(167,229,211,0.62),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(168,200,232,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(232,184,196,0.5),transparent_34%)] blur-2xl"
aria-hidden="true"></div>
<main
class="relative grid w-full max-w-[1120px] grid-cols-1 items-center gap-8 md:grid-cols-[minmax(0,1fr)_minmax(340px,440px)] md:gap-16"
aria-labelledby="recover-password-title">
<section class="relative pt-2 md:py-8">
<p
class="m-0 inline-flex rounded-full bg-[rgba(168,200,232,0.56)] px-3 py-1 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#0c0a09]">
Recuperação
</p>
<h1 id="recover-password-title"
class="my-5 max-w-[640px] font-serif text-[40px] font-light leading-[1.05] tracking-[-1.2px] text-[#0c0a09] md:text-[64px] md:tracking-[-1.92px]">
Recupere sua senha
</h1>
<p class="m-0 max-w-[520px] text-base font-normal leading-6 tracking-[0.16px] text-[#4e4e4e]">
Informe seu email para recuperar a sua senha.
</p>
</section>
<section
class="grid gap-5 rounded-2xl border border-[#e7e5e4] bg-white p-6 shadow-[0_4px_16px_rgba(0,0,0,0.04)] md:p-8"
aria-label="Formulario de recuperacao de senha">
<div class="mb-1">
<span
class="inline-flex min-h-6 items-center rounded-full bg-[rgba(168,200,232,0.56)] px-2.5 py-1 text-xs font-semibold uppercase leading-none tracking-[0.96px] text-[#0c0a09]">
Senha
</span>
<h2 class="mt-4 font-serif text-3xl font-light leading-[1.13] tracking-[-0.32px] text-[#0c0a09]">
Email da conta
</h2>
</div>
<Form :validation-schema="schema" @submit="solicitarRecuperacao" class="grid gap-5">
<div class="grid gap-2">
<label class="m-0 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
for="email">
Email
</label>
<Field name="email" v-slot="{ field, meta }">
<input v-bind="field" :disabled="isLoading"
class="h-11 w-full rounded-lg border bg-white px-4 py-3 text-base leading-6 tracking-[0.16px] text-[#0c0a09] outline-none transition focus:border-2 focus:border-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-50"
:class="meta.touched && !meta.valid ? 'border-red-400' : 'border-[#d6d3d1]'" type="email" id="email" />
</Field>
<ErrorMessage name="email" class="text-xs text-red-500" />
</div>
<button type="submit" :disabled="isLoading"
class="mt-1 inline-flex h-10 items-center justify-center gap-2 rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-70">
<Icon v-if="isLoading" name="mdi:loading" class="animate-spin text-base" />
<span v-else>Gerar recuperação</span>
</button>
<p class="text-center text-[15px] leading-[1.47] tracking-[0.15px] text-[#777169]">
Lembrou a senha?
<NuxtLink to="/login" class="font-medium text-[#0c0a09] underline-offset-2 hover:underline">
Fazer login
</NuxtLink>
</p>
</Form>
</section>
</main>
</div>
</template>
<script setup>
import { toTypedSchema } from '@vee-validate/zod'
import { z } from 'zod'
definePageMeta({ middleware: 'guest' })
const { $toast } = useNuxtApp()
const isLoading = ref(false)
const toStr = (val) => (val == null ? '' : String(val))
const schema = toTypedSchema(
z.object({
email: z.preprocess(toStr, z.string().min(1, 'Email é obrigatório').email('Email inválido'))
})
)
async function solicitarRecuperacao({ email }) {
isLoading.value = true
try {
const data = await $fetch('/auth/forgot-password', {
method: 'POST',
body: { email }
})
const resetUrl = data?.recovery?.reset_url
if (!resetUrl) {
throw new Error('Reset URL was not returned')
}
$toast.success('Recuperação gerada com sucesso!', { duration: 8000 })
await navigateTo(resetUrl, { external: true })
} catch (error) {
const message = error?.data?.statusMessage
$toast.error(message ?? 'Erro ao gerar recuperação de senha. Tente novamente.', {
duration: 8000
})
} finally {
isLoading.value = false
}
}
</script>

139
app/pages/(protected)/home/index.vue
View File

@@ -1,11 +1,142 @@
<template> <template>
<div> <div
<h1>OOOIII SOU A HOMEEE</h1> class="relative min-h-screen overflow-hidden bg-[#f5f5f5] px-4 py-10 font-sans text-[#0c0a09] md:px-8 md:py-16"
</div> >
<div
class="pointer-events-none absolute left-1/2 top-8 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(167,229,211,0.62),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(168,200,232,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(232,184,196,0.5),transparent_34%)] blur-2xl"
aria-hidden="true"
></div>
<main class="relative mx-auto grid w-full max-w-[960px] gap-8" aria-labelledby="home-title">
<header class="flex flex-col gap-5 sm:flex-row sm:items-end sm:justify-between">
<div>
<p
class="m-0 inline-flex rounded-full bg-[rgba(168,200,232,0.56)] px-3 py-1 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#0c0a09]"
>
Conta
</p>
<h1
id="home-title"
class="my-5 max-w-[680px] font-serif text-[40px] font-light leading-[1.08] tracking-[-0.96px] text-[#0c0a09] md:text-[48px]"
>
Olá, você está autenticado!
</h1>
<p
class="m-0 max-w-[540px] text-base font-normal leading-6 tracking-[0.16px] text-[#4e4e4e]"
>
Estes são os dados retornados pelo perfil da sua sessão atual.
</p>
</div>
<button
type="button"
:disabled="isLeaving"
@click="sair"
class="inline-flex h-10 items-center justify-center gap-2 rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09] disabled:cursor-not-allowed disabled:opacity-70"
>
<Icon v-if="isLeaving" name="mdi:loading" class="animate-spin text-base" />
<span v-else>Sair</span>
</button>
</header>
<section
class="grid gap-5 rounded-2xl border border-[#e7e5e4] bg-white p-6 shadow-[0_4px_16px_rgba(0,0,0,0.04)] md:p-8"
aria-label="Dados do perfil autenticado"
>
<div>
<span
class="inline-flex min-h-6 items-center rounded-full bg-[rgba(167,229,211,0.62)] px-2.5 py-1 text-xs font-semibold uppercase leading-none tracking-[0.96px] text-[#0c0a09]"
>
Perfil
</span>
<h2
class="mt-4 font-serif text-3xl font-light leading-[1.13] tracking-[-0.32px] text-[#0c0a09]"
>
Dados da conta
</h2>
</div>
<dl class="grid gap-4">
<div
v-for="item in profileRows"
:key="item.label"
class="grid gap-1 border-t border-[#e7e5e4] pt-4 sm:grid-cols-[160px_minmax(0,1fr)] sm:gap-5"
>
<dt
class="text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#777169]"
>
{{ item.label }}
</dt>
<dd class="m-0 break-words text-base leading-6 tracking-[0.16px] text-[#0c0a09]">
{{ item.value }}
</dd>
</div>
</dl>
</section>
</main>
</div>
</template> </template>
<script setup> <script setup>
definePageMeta({ definePageMeta({
middleware: 'auth' middleware: 'auth'
}) })
const { $toast } = useNuxtApp()
const token = useCookie('token', {
secure: true,
sameSite: 'lax',
maxAge: 900
})
const isLeaving = ref(false)
const clearToken = () => {
token.value = null
}
const { data: profile, error } = await useAsyncData('profile-me', () =>
$fetch('/profile/me', {
headers: {
Authorization: `Bearer ${token.value}`
}
})
)
if (error.value) {
clearToken()
if (import.meta.client) {
$toast.error('Sua sessão expirou. Faça login novamente.', { duration: 8000 })
}
await navigateTo('/login')
}
const profileRows = computed(() => [
{
label: 'user_id',
value: profile.value?.user_id ?? profile.value?.id ?? '-'
},
{
label: 'email',
value: profile.value?.email ?? '-'
},
{
label: 'created_at',
value: profile.value?.created_at ?? '-'
},
{
label: 'updated_at',
value: profile.value?.updated_at ?? '-'
}
])
async function sair() {
isLeaving.value = true
clearToken()
$toast.success('Sessão encerrada com sucesso.', { duration: 8000 })
await navigateTo('/login')
}
</script> </script>

62
app/pages/index.vue
View File

@@ -1,5 +1,63 @@
<template> <template>
<div> <div
<h1>Welcome to the Home Page</h1> class="relative grid min-h-screen place-items-center overflow-hidden bg-[#f5f5f5] px-4 py-12 font-sans text-[#0c0a09] md:py-24"
>
<div
class="pointer-events-none absolute left-1/2 top-10 h-[420px] w-[min(92vw,760px)] -translate-x-1/2 rounded-[48px] bg-[radial-gradient(circle_at_20%_30%,rgba(167,229,211,0.62),transparent_28%),radial-gradient(circle_at_72%_24%,rgba(244,197,168,0.56),transparent_30%),radial-gradient(circle_at_52%_78%,rgba(200,184,224,0.5),transparent_34%)] blur-2xl"
aria-hidden="true"
></div>
<main
class="relative grid w-full max-w-[960px] gap-8 rounded-2xl border border-[#e7e5e4] bg-white p-6 shadow-[0_4px_16px_rgba(0,0,0,0.04)] md:grid-cols-[minmax(0,1fr)_auto] md:items-end md:p-8"
aria-labelledby="landing-title"
>
<section>
<p
class="m-0 inline-flex rounded-full bg-[rgba(167,229,211,0.62)] px-3 py-1 text-xs font-semibold uppercase leading-[1.4] tracking-[0.96px] text-[#0c0a09]"
>
Autenticação
</p>
<h1
id="landing-title"
class="my-5 max-w-[640px] font-serif text-[40px] font-light leading-[1.05] tracking-[-1.2px] text-[#0c0a09] md:text-[64px] md:tracking-[-1.92px]"
>
Acesse sua conta
</h1>
<p
class="m-0 max-w-[520px] text-base font-normal leading-6 tracking-[0.16px] text-[#4e4e4e]"
>
Entre para ver sua área autenticada ou crie uma conta nova com email e senha.
</p>
</section>
<nav class="flex flex-col gap-3 sm:flex-row md:flex-col" aria-label="Acesso a conta">
<NuxtLink
v-if="hasToken"
to="/home"
class="inline-flex h-10 items-center justify-center rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09]"
>
Ir para home
</NuxtLink>
<NuxtLink
v-else
to="/login"
class="inline-flex h-10 items-center justify-center rounded-full bg-[#292524] px-5 text-[15px] font-medium leading-none text-white transition hover:bg-[#0c0a09] active:bg-[#0c0a09]"
>
Entrar na conta
</NuxtLink>
<NuxtLink
to="/criar-conta"
class="inline-flex h-10 items-center justify-center rounded-full border border-[#d6d3d1] bg-transparent px-5 text-[15px] font-medium leading-none text-[#0c0a09] transition hover:border-[#0c0a09]"
>
Criar conta
</NuxtLink>
</nav>
</main>
</div> </div>
</template> </template>
<script setup>
const token = useCookie('token')
const hasToken = computed(() => Boolean(token.value))
</script>

15
lib/prisma.ts
View File

@@ -1,15 +0,0 @@
import { PrismaClient } from '@prisma/client'
const prismaClientSingleton = () => {
return new PrismaClient()
}
declare const globalThis: {
prismaGlobal: ReturnType<typeof prismaClientSingleton>
} & typeof global
const prisma = globalThis.prismaGlobal ?? prismaClientSingleton()
export default prisma
if (process.env.NODE_ENV !== 'production') globalThis.prismaGlobal = prisma

22
nuxt.config.ts
View File

@@ -2,7 +2,13 @@
export default defineNuxtConfig({ export default defineNuxtConfig({
compatibilityDate: '2025-07-15', compatibilityDate: '2025-07-15',
devtools: { enabled: true }, devtools: { enabled: true },
modules: ['@nuxtjs/tailwindcss', '@pinia/nuxt', '@prisma/nuxt', '@vee-validate/nuxt', 'vue-sonner/nuxt', '@nuxt/icon'], modules: [
'@nuxtjs/tailwindcss',
'@pinia/nuxt',
'@vee-validate/nuxt',
'vue-sonner/nuxt',
'@nuxt/icon'
],
runtimeConfig: { runtimeConfig: {
databaseUrl: process.env.DATABASE_URL, databaseUrl: process.env.DATABASE_URL,
jwtIssuer: process.env.JWT_ISSUER ?? 'https://auth.local', jwtIssuer: process.env.JWT_ISSUER ?? 'https://auth.local',
@@ -14,18 +20,12 @@ export default defineNuxtConfig({
jwtKid: process.env.JWT_KID ?? 'auth-key-1', jwtKid: process.env.JWT_KID ?? 'auth-key-1',
refreshTokenPepper: process.env.REFRESH_TOKEN_PEPPER ?? '', refreshTokenPepper: process.env.REFRESH_TOKEN_PEPPER ?? '',
passwordResetTtlSec: process.env.PASSWORD_RESET_TTL_SEC ?? '900', passwordResetTtlSec: process.env.PASSWORD_RESET_TTL_SEC ?? '900',
passwordResetTokenPepper: process.env.PASSWORD_RESET_TOKEN_PEPPER ?? '' passwordResetTokenPepper: process.env.PASSWORD_RESET_TOKEN_PEPPER ?? '',
passwordResetBaseUrl: process.env.PASSWORD_RESET_BASE_URL ?? ''
}, },
vite: { vite: {
optimizeDeps: { optimizeDeps: {
include: [ include: ['@vue/devtools-core', '@vue/devtools-kit', 'zod', '@vee-validate/zod', 'vue-sonner']
'@vue/devtools-core',
'@vue/devtools-kit',
'@prisma/nuxt > @prisma/client',
'zod',
'@vee-validate/zod',
'vue-sonner',
]
} }
} }
}) })

5
server/utils/auth-config.ts
View File

@@ -11,6 +11,7 @@ export interface AuthRuntimeConfig {
kid: string kid: string
refreshTokenPepper: string refreshTokenPepper: string
passwordResetTokenPepper: string passwordResetTokenPepper: string
passwordResetBaseUrl: string
} }
/** /**
@@ -85,6 +86,7 @@ export function getAuthRuntimeConfig(event?: H3Event): AuthRuntimeConfig {
const refreshTokenPepper = String(runtimeConfig.refreshTokenPepper ?? '').trim() const refreshTokenPepper = String(runtimeConfig.refreshTokenPepper ?? '').trim()
const passwordResetTokenPepper = const passwordResetTokenPepper =
String(runtimeConfig.passwordResetTokenPepper ?? '').trim() || refreshTokenPepper String(runtimeConfig.passwordResetTokenPepper ?? '').trim() || refreshTokenPepper
const passwordResetBaseUrl = String(runtimeConfig.passwordResetBaseUrl ?? '').trim()
return { return {
issuer, issuer,
@@ -99,6 +101,7 @@ export function getAuthRuntimeConfig(event?: H3Event): AuthRuntimeConfig {
privateKeyPem: normalizePem(String(runtimeConfig.jwtPrivateKeyPem ?? ''), 'JWT private key'), privateKeyPem: normalizePem(String(runtimeConfig.jwtPrivateKeyPem ?? ''), 'JWT private key'),
publicKeyPem: normalizePem(String(runtimeConfig.jwtPublicKeyPem ?? ''), 'JWT public key'), publicKeyPem: normalizePem(String(runtimeConfig.jwtPublicKeyPem ?? ''), 'JWT public key'),
refreshTokenPepper, refreshTokenPepper,
passwordResetTokenPepper passwordResetTokenPepper,
passwordResetBaseUrl
} }
} }

5
server/utils/auth-service.ts
View File

@@ -1,5 +1,5 @@
import { Prisma } from '@prisma/client' import { Prisma } from '@prisma/client'
import { createError, readBody, setResponseStatus, type H3Event } from 'h3' import { createError, getRequestURL, readBody, setResponseStatus, type H3Event } from 'h3'
import { signAccessToken } from './jwt' import { signAccessToken } from './jwt'
import { getAuthRuntimeConfig } from './auth-config' import { getAuthRuntimeConfig } from './auth-config'
@@ -202,6 +202,7 @@ export async function handleForgotPassword(event: H3Event) {
const expiresAt = new Date(now.getTime() + config.passwordResetTtlSec * 1000) const expiresAt = new Date(now.getTime() + config.passwordResetTtlSec * 1000)
const rawResetToken = generateRawPasswordResetToken() const rawResetToken = generateRawPasswordResetToken()
const tokenHash = hashPasswordResetToken(rawResetToken, config.passwordResetTokenPepper) const tokenHash = hashPasswordResetToken(rawResetToken, config.passwordResetTokenPepper)
const resetBaseUrl = config.passwordResetBaseUrl || getRequestURL(event).origin
const user = await prisma.user.findUnique({ const user = await prisma.user.findUnique({
where: { email }, where: { email },
@@ -233,7 +234,7 @@ export async function handleForgotPassword(event: H3Event) {
message: 'If the email exists, recovery instructions were generated', message: 'If the email exists, recovery instructions were generated',
recovery: { recovery: {
reset_token: rawResetToken, reset_token: rawResetToken,
reset_url: buildPasswordResetPreviewUrl(config.issuer, rawResetToken), reset_url: buildPasswordResetPreviewUrl(resetBaseUrl, rawResetToken),
expires_in: config.passwordResetTtlSec expires_in: config.passwordResetTtlSec
} }
} }

6
server/utils/password-reset-token.ts
View File

@@ -23,13 +23,13 @@ export function generateRawPasswordResetToken(): string {
/** /**
* Monta uma URL de preview para facilitar testes locais sem SMTP. * Monta uma URL de preview para facilitar testes locais sem SMTP.
* *
* @param issuer Base do serviço de auth. * @param baseUrl URL pública usada para abrir a tela de redefinição.
* @param token Token bruto de recuperação. * @param token Token bruto de recuperação.
* @returns URL completa (ou fallback relativo) com o token. * @returns URL completa (ou fallback relativo) com o token.
*/ */
export function buildPasswordResetPreviewUrl(issuer: string, token: string): string { export function buildPasswordResetPreviewUrl(baseUrl: string, token: string): string {
try { try {
const url = new URL('/auth/reset-password', issuer) const url = new URL('/auth/reset-password', baseUrl)
url.searchParams.set('token', token) url.searchParams.set('token', token)
return url.toString() return url.toString()