Merge pull request #4 from MuriloMorandi/feat/jwt

Autenticação JWT

Author: MuriloMorandi

.env.example

@@ -0,0 +1,6 @@
+NODE_ENV=
+PORT=
+
+JWT_SECRET=""
+
+DATABASE_URL=""

.gitignore

@@ -4,7 +4,6 @@ pnpm-debug.log*
 
 # Environment variables
 .env
-.env.*
 
 # Logs
 logs/

package.json

@@ -22,19 +22,21 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
+    "@fastify/cookie": "^11.0.2",
     "@fastify/cors": "^11.0.1",
+    "@fastify/jwt": "^9.1.0",
     "@prisma/client": "6.10.1",
     "@types/bcryptjs": "^3.0.0",
     "bcryptjs": "^3.0.2",
     "fastify": "^5.4.0",
     "zod": "^3.25.67"
   },
   "devDependencies": {
+    "@biomejs/biome": "2.1.1",
     "@faker-js/faker": "^9.9.0",
     "@types/node": "^24.0.4",
     "@vitest/coverage-v8": "3.2.4",
     "@vitest/ui": "3.2.4",
-    "biome": "^0.3.3",
     "prisma": "^6.10.1",
     "tsup": "^8.5.0",
     "tsx": "^4.20.3",

pnpm-lock.yaml

@@ -0,0 +1,9 @@
+import "@fastify/jwt"
+
+declare module "@fastify/jwt" {
+    interface FastifyJWT {
+        user: {
+            sub: string,
+        }
+    }
+}

src/@types/fastify-jwt.d.ts

@@ -3,7 +3,8 @@ import { z } from 'zod/v4';
 const envSchema = z.object({
     PORT: z.coerce.number().default(3000),
     NODE_ENV: z.enum(['dev', 'test', 'prod']).default('prod'),
-    DATABASE_URL: z.string()
+    DATABASE_URL: z.string(),
+    JWT_SECRET: z.string(),
 });
 
 const _env = envSchema.safeParse(process.env)

src/env.ts

@@ -17,8 +17,30 @@ export const authOrgsController = async (
     try
     {
         const authOrgsUseCase = makeAuthOrgsUseCase();
-        await authOrgsUseCase.execute(bodyData);
+        const { org } = await authOrgsUseCase.execute(bodyData);
 
+        const token = await reply.jwtSign({}, {
+            sign: {
+                sub: org.id
+            }
+        })
+
+        const refreshToken = await reply.jwtSign({}, {
+            sign: {
+                sub: org.id,
+                expiresIn: '7d'
+            }
+        })
+
+        reply
+            .setCookie('refreshToken', refreshToken, {
+                path: '/',
+                secure: true,
+                sameSite: true,
+                httpOnly: true,
+            })
+            .status(200)
+            .send({ token });
     } catch (error)
     {
         if (error instanceof InvalidCredentialsError)
@@ -28,6 +50,4 @@ export const authOrgsController = async (
 
         throw error;
     }
-
-    reply.status(200).send();
 }

src/http/controllers/orgs/authOrgsController.ts

@@ -1,25 +1,22 @@
 import { ResourceNotFoundError } from '@/use-cases/errors/resourceNotFound';
-import { makeAuthOrgsUseCase } from "@/use-cases/factories/makeAuthOrgsUseCase";
 import { makeGetOrgsProfileUseCase } from "@/use-cases/factories/makeGetProfileOrgsUseCase";
 import { FastifyReply, FastifyRequest } from "fastify";
-import { z } from "zod/v4";
 
 export const getOrgsProfileController = async (
     request: FastifyRequest,
     reply: FastifyReply,
 ) => {
-    const getOrgsProfileBodySchema = z.object({
-        orgId: z.string()
-    });
-
-    const paramsData = getOrgsProfileBodySchema.parse(request.params);
+    const orgId = request.user.sub;
 
     try
     {
         const getOrgsProfileUseCase = makeGetOrgsProfileUseCase();
-        const { org } = await getOrgsProfileUseCase.execute(paramsData);
+        const { org } = await getOrgsProfileUseCase.execute({ orgId });
 
-        reply.status(200).send(org);
+        reply.status(200).send({
+            ...org,
+            password: undefined
+        });
     } catch (error)
     {
         if (error instanceof ResourceNotFoundError)

src/http/controllers/orgs/getOrgsProfileController.ts

@@ -2,9 +2,14 @@ import { FastifyInstance } from "fastify";
 import { createOrgsController } from "./createOrgsController";
 import { authOrgsController } from "./authOrgsController";
 import { getOrgsProfileController } from "./getOrgsProfileController";
+import { authMiddleware } from "@/http/middlewares/authMiddleware";
+import { RefreshOrgsController } from "./refreshOrgsController";
 
 export const orgsRoutes = async (app: FastifyInstance) => {
     app.post('/orgs', createOrgsController);
+
     app.post('/orgs/auth', authOrgsController);
-    app.get('/orgs/:orgId', getOrgsProfileController);
+    app.patch('/orgs/refresh', RefreshOrgsController);
+
+    app.get('/orgs/profile', { onRequest: [authMiddleware] }, getOrgsProfileController);
 }

src/http/controllers/orgs/orgsRoutes.ts

@@ -0,0 +1,43 @@
+import { InvalidCredentialsError } from "@/use-cases/errors/invalidCredentialsError";
+import type { FastifyReply, FastifyRequest } from "fastify";
+
+export const RefreshOrgsController = async (
+    request: FastifyRequest,
+    reply: FastifyReply,
+) => {
+    await request.jwtVerify({ onlyCookie: true });
+
+    try
+    {
+        const token = await reply.jwtSign({}, {
+            sign: {
+                sub: request.user.sub
+            }
+        })
+
+        const refreshToken = await reply.jwtSign({}, {
+            sign: {
+                sub: request.user.sub,
+                expiresIn: '7d'
+            }
+        })
+
+        reply
+            .setCookie('refreshToken', refreshToken, {
+                path: '/',
+                secure: true,
+                sameSite: true,
+                httpOnly: true,
+            })
+            .status(200)
+            .send({ token });
+    } catch (error)
+    {
+        if (error instanceof InvalidCredentialsError)
+        {
+            return reply.status(400).send(error.message);
+        }
+
+        throw error;
+    }
+}