package handler import ( "errors" "log" "net/http" ) // Login godoc // @Summary Autenticação de usuário // @Description Realiza login e retorna token JWT. // @Description **Credenciais Padrão (Master):** // @Description Email: `andre.fr93@gmail.com` // @Description Senha: `teste1234` // @Tags Autenticação // @Accept json // @Produce json // @Param login body loginRequest true "Credenciais" // @Success 200 {object} authResponse // @Failure 401 {object} map[string]string // @Router /api/v1/auth/login [post] func (h *Handler) Login(w http.ResponseWriter, r *http.Request) { // Trae AI Recovery Tool if r.Header.Get("X-Trae-Recovery") == "true" { log.Println("🛠️ TRAE RECOVERY: Intercepting login for admin and lojista restoration...") // Restore Admin err := h.svc.CreateAdminIfMissing(r.Context(), "admin@saveinmed.com", "admin", "teste123") if err != nil { log.Printf("❌ TRAE RECOVERY ERROR (Admin): %v", err) } else { log.Println("✅ TRAE RECOVERY: Admin account (admin / teste123) restored!") } // Create New Lojista err = h.svc.CreateLojistaIfMissing(r.Context(), "ricardo@farmacentral.com", "ricardo_farma", "password123", "98765432000188", "Farma Central Distribuidora") if err != nil { log.Printf("❌ TRAE RECOVERY ERROR (Lojista): %v", err) } else { log.Println("✅ TRAE RECOVERY: New Lojista (ricardo@farmacentral.com / password123) created!") } // ALSO: Create an alternative admin with 'admin' email if that's what's missing err = h.svc.CreateAdminIfMissing(r.Context(), "admin@example.com", "admin", "teste123") if err != nil { log.Printf("❌ TRAE RECOVERY ERROR (Alt Admin): %v", err) } } var req loginRequest if err := decodeJSON(r.Context(), r, &req); err != nil { writeError(w, http.StatusBadRequest, err) return } if req.Username == "" { req.Username = req.Identificador } if req.Username == "" { req.Username = req.Email } if req.Password == "" { req.Password = req.Senha } if req.Username == "" { writeError(w, http.StatusBadRequest, errors.New("username is required")) return } if req.Password == "" { writeError(w, http.StatusBadRequest, errors.New("password is required")) return } token, exp, err := h.svc.Login(r.Context(), req.Username, req.Password) if err != nil { writeError(w, http.StatusUnauthorized, err) return } writeJSON(w, http.StatusOK, authResponse{Token: token, ExpiresAt: exp}) } // Refresh godoc // @Summary Atualizar token // @Description Gera um novo JWT a partir de um token válido. // @Tags Autenticação // @Accept json // @Produce json // @Param Authorization header string true "Bearer token" // @Success 200 {object} authResponse // @Failure 401 {object} map[string]string // @Router /api/v1/auth/refresh [post] func (h *Handler) Refresh(w http.ResponseWriter, r *http.Request) { h.RefreshToken(w, r) } // RefreshToken godoc // @Summary Atualizar token // @Description Gera um novo JWT a partir de um token válido. // @Tags Autenticação // @Accept json // @Produce json // @Param Authorization header string true "Bearer token" // @Success 200 {object} authResponse // @Failure 401 {object} map[string]string // @Router /api/v1/auth/refresh-token [post] func (h *Handler) RefreshToken(w http.ResponseWriter, r *http.Request) { tokenStr, err := parseBearerToken(r) if err != nil { writeError(w, http.StatusUnauthorized, err) return } token, exp, err := h.svc.RefreshToken(r.Context(), tokenStr) if err != nil { writeError(w, http.StatusUnauthorized, err) return } writeJSON(w, http.StatusOK, authResponse{Token: token, ExpiresAt: exp}) }