feat: habilitar provisionamento desktop e rotas CORS

2025-10-08 23:07:49 -03:00 · 2025-10-08 23:07:49 -03:00 · 152550a9a0
commit 152550a9a0
parent 7569986ffc
19 changed files with 1806 additions and 211 deletions
--- a/src/app/api/machines/sessions/route.ts
+++ b/src/app/api/machines/sessions/route.ts
@ -1,27 +1,22 @@
 import { NextResponse } from "next/server"
 import { z } from "zod"
-import { ConvexHttpClient } from "convex/browser"
-
-import { api } from "@/convex/_generated/api"
-import type { Id } from "@/convex/_generated/dataModel"
-import { env } from "@/lib/env"
-import { DEFAULT_TENANT_ID } from "@/lib/constants"
-import { ensureMachineAccount } from "@/server/machines-auth"
-import { auth } from "@/lib/auth"
+import { createMachineSession } from "@/server/machines-session"
+import { applyCorsHeaders, createCorsPreflight, jsonWithCors } from "@/server/cors"

 const sessionSchema = z.object({
  machineToken: z.string().min(1),
  rememberMe: z.boolean().optional(),
 })

+const CORS_METHODS = "POST, OPTIONS"
+
+export async function OPTIONS(request: Request) {
+  return createCorsPreflight(request.headers.get("origin"), CORS_METHODS)
+}
+
 export async function POST(request: Request) {
  if (request.method !== "POST") {
-    return NextResponse.json({ error: "Método não permitido" }, { status: 405 })
-  }
-
-  const convexUrl = env.NEXT_PUBLIC_CONVEX_URL
-  if (!convexUrl) {
-    return NextResponse.json({ error: "Convex não configurado" }, { status: 500 })
+    return jsonWithCors({ error: "Método não permitido" }, 405, request.headers.get("origin"), CORS_METHODS)
  }

  let payload
@ -29,68 +24,34 @@ export async function POST(request: Request) {
    const raw = await request.json()
    payload = sessionSchema.parse(raw)
  } catch (error) {
-    return NextResponse.json({ error: "Payload inválido", details: error instanceof Error ? error.message : String(error) }, { status: 400 })
+    return jsonWithCors(
+      { error: "Payload inválido", details: error instanceof Error ? error.message : String(error) },
+      400,
+      request.headers.get("origin"),
+      CORS_METHODS
+    )
  }

-  const client = new ConvexHttpClient(convexUrl)
-
  try {
-    const resolved = await client.mutation(api.machines.resolveToken, { machineToken: payload.machineToken })
-    let machineEmail = resolved.machine.authEmail ?? null
-
-    if (!machineEmail) {
-      const account = await ensureMachineAccount({
-        machineId: resolved.machine._id,
-        tenantId: resolved.machine.tenantId ?? DEFAULT_TENANT_ID,
-        hostname: resolved.machine.hostname,
-        machineToken: payload.machineToken,
-      })
-
-      await client.mutation(api.machines.linkAuthAccount, {
-        machineId: resolved.machine._id as Id<"machines">,
-        authUserId: account.authUserId,
-        authEmail: account.authEmail,
-      })
-
-      machineEmail = account.authEmail
-    }
-
-    const signIn = await auth.api.signInEmail({
-      body: {
-        email: machineEmail,
-        password: payload.machineToken,
-        rememberMe: payload.rememberMe ?? true,
-      },
-      returnHeaders: true,
-    })
-
+    const session = await createMachineSession(payload.machineToken, payload.rememberMe ?? true)
    const response = NextResponse.json(
      {
        ok: true,
-        machine: {
-          id: resolved.machine._id,
-          hostname: resolved.machine.hostname,
-          osName: resolved.machine.osName,
-          osVersion: resolved.machine.osVersion,
-          architecture: resolved.machine.architecture,
-          status: resolved.machine.status,
-          lastHeartbeatAt: resolved.machine.lastHeartbeatAt,
-          companyId: resolved.machine.companyId,
-          companySlug: resolved.machine.companySlug,
-          metadata: resolved.machine.metadata,
-        },
-        session: signIn.response,
+        machine: session.machine,
+        session: session.response,
      },
      { status: 200 }
    )

-    signIn.headers.forEach((value, key) => {
+    session.headers.forEach((value, key) => {
      response.headers.set(key, value)
    })

+    applyCorsHeaders(response, request.headers.get("origin"), CORS_METHODS)
+
    return response
  } catch (error) {
    console.error("[machines.sessions] Falha ao criar sessão", error)
-    return NextResponse.json({ error: "Falha ao autenticar máquina" }, { status: 500 })
+    return jsonWithCors({ error: "Falha ao autenticar máquina" }, 500, request.headers.get("origin"), CORS_METHODS)
  }
 }