Skip to main content

Autenticacao

Login no gateway

POST {NEXT_PUBLIC_GATEWAY_HOST_WEB}/auth-service/auth
Headers: 
app-name: nextmed-web
Content-Type: application/json
Body: 
{
  "type": "USERPASS",
  "platform": "WEB",
  "email": "medico@example.com",
  "password": "senha"
}
Resposta esperada pelo frontend: 
type SignInOutput = {
  token: string;
  refreshToken: string;
  authToken: string;
  user: User;
};
Depois do login:
  • token e usado no header Authorization.
  • authToken autentica o usuario no Firebase via signInWithCustomToken.
  • o frontend chama POST /api/update-token para persistir cookies.

Persistir sessao

POST /api/update-token
Body para persistir tokens ja obtidos: 
{
  "data": {
    "user_id": "user-id",
    "token": "jwt",
    "refresh_token": "refresh-token"
  }
}
Body para renovar token via gateway: 
{
  "url": "auth-service/refresh-token",
  "data": {
    "refresh_token": "refresh-token"
  }
}
Resposta: 
{
  "token": "jwt",
  "refreshToken": "refresh-token"
}
Efeitos colaterais:
  • grava cookies TOKEN, REFRESH_TOKEN e, quando informado, USER_ID.
  • atualiza o header default do Axios.
  • em erro, remove sessao e retorna 401.

Logout

POST /api/sign-out
Comportamento:
  • remove todos os cookies definidos em AuthenticationTokens.
  • redireciona para / com status 301.

Cadastro

POST /auth-service/signup
Body: 
type SignUpMutationInput = {
  notificationProviderType: string;
  firstName: string;
  lastName: string;
  birthDate: string;
  phone: string;
  acceptTerms: boolean;
  gender: string;
  auth: {
    email: string;
    password: string;
    type: "USERPASS";
  };
  profiles: Array<{
    documentDoctor: string;
    documentDoctorState: string;
    documentDoctorUpdatedAt: string;
    specialties: Array<{
      description: string;
      document: string;
    }>;
    type: string;
  }>;
};

Codigo de ativacao

Endpoints externos observados: 
GET /auth-service/activation-code?ownerRef={userId}
POST /auth-service/change-phone
POST /auth-service/signup-model