@cactus-agents/auth
Serviço de autenticação + lógica de refresh de token. Framework-agnostic.
Instalação
pnpm add @cactus-agents/auth
Uso básico
A forma recomendada é usar createAuthFromClient, que aceita um ApiClient diretamente:
import { createApiClient } from '@cactus-agents/api-client';
import { createAuthFromClient } from '@cactus-agents/auth';
const client = createApiClient({ baseUrl, tenant, language });
const auth = createAuthFromClient(client);
const result = await auth.login({
login: 'user@email.com',
password: 'senha123',
});
// result.access_token
// result.user
// result.userInfo
Uso de baixo nível (fetcher manual)
Se precisar de controle total sobre o adapter HTTP, use createAuthService:
import { createAuthService } from '@cactus-agents/auth';
const authService = createAuthService({
get: (path) => myHttpClient.get(path),
post: (path, body) => myHttpClient.post(path, body),
});
API — AuthService
login(payload)
interface LoginPayload {
login: string; // email ou CPF
password: string;
captcha_token?: string;
app_source?: string;
two_factor_code?: string;
}
interface LoginResponse {
access_token: string;
expires_in: number;
token_type: string;
user: AuthUser;
userInfo: AuthUserInfo;
type?: 'cancelled_account' | 'two_factor_code';
}
logout()
POST /auth/logout — sem body, sem retorno.
getUserProfile()
GET /auth/user-profile?check_spa_again=1
Retorna { user: AuthUser, userInfo: AuthUserInfo }.
refreshToken()
POST /users/refresh-token
Retorna { access_token: string }.
registerSimplified(payload)
interface RegisterSimplifiedPayload {
email: string;
password: string;
country: string;
nationalities: string; // JSON string
optIn: boolean;
ddi?: string;
phone?: string;
name?: string;
birth_date?: string;
number?: string; // documento
captcha_token?: string;
app_source?: string;
affiliation_code?: string;
}
Retorna LoginResponse (mesmo formato do login).
forgotPassword(payload)
interface ForgotPasswordPayload {
login: string;
captcha_token?: string;
}
validateDocument(payload)
interface ValidateDocumentPayload {
number: string;
captcha_token?: string;
}
interface ValidateDocumentResponse {
docnumber?: string;
docnumber_valid?: boolean;
birth_date?: string;
gender?: string;
mother_name?: string;
name?: string;
}
Token Refresh
Funções puras para gerenciar o ciclo de refresh (intervalo de 6h, mesmo do Vue legado):
import {
initialRefreshState,
shouldRefreshToken,
markTokenSaved,
markRefreshStarted,
markRefreshCompleted,
} from '@cactus-agents/auth';
let state = markTokenSaved(); // marca quando token é salvo
// A cada navegação ou intervalo:
if (shouldRefreshToken(state)) {
state = markRefreshStarted(state);
try {
const { access_token } = await authService.refreshToken();
state = markRefreshCompleted(state, true);
} catch {
state = markRefreshCompleted(state, false);
}
}
Tipos principais
AuthUser
interface AuthUser {
id: number;
email: string;
username: string;
name: string;
first_name: string;
last_name: string;
phone: string;
ddi: string;
birth_date: string;
gender: string;
country: string;
language: string;
currency: string;
document: AuthUserDocument;
country_data: AuthUserCountryData;
wallet: AuthUserWallet;
token: string;
is_active: boolean;
cancelled_account: boolean;
bonus_enabled: boolean;
ftd_date: string | null;
ftd_value: number | null;
mother_name: string;
}
AuthUserInfo
interface AuthUserInfo {
validate_email_at: string | null;
login_at: string;
login_attempt_qty: number;
seven_days_since_last_login: boolean;
strong_password: boolean;
force_request_kyc: boolean;
two_factor_enabled: boolean;
two_factor_type?: string;
}