From 54497bb7ebe095aa4a6155fe47724b957f4ccfc3 Mon Sep 17 00:00:00 2001
From: "gabriel.pereira" <gabriel.pereira@sothis.com.br>
Date: Mon, 20 Oct 2025 15:57:41 -0300
Subject: [PATCH] =?UTF-8?q?FEAT:=20implementar=20redirecionamento=20condic?=
 =?UTF-8?q?ional=20na=20rota=20raiz=20e=20aprimorar=20middleware=20de=20au?=
 =?UTF-8?q?tentica=C3=A7=C3=A3o?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app.js               | 33 ++++++++++++++++-----------------
 routes/authRoutes.js | 10 +++-------
 2 files changed, 19 insertions(+), 24 deletions(-)

diff --git a/app.js b/app.js
index 8151d3b..21cc986 100644
--- a/app.js
+++ b/app.js
@@ -40,21 +40,27 @@ function createApp() {
     })
   );
 
-  // redirect raiz para /login
-  app.get("/", (req, res) => {
-    return res.redirect("/login");
-  });
+// redirect raiz
+app.get("/", (req, res) => {
+  if (req.session?.user?.authenticated) {
+    return res.redirect("/public/index.html");
+  }
+  return res.redirect("/login");
+});
 
   // middleware que protege rotas que exigem login
   function requireAuth(req, res, next) {
-    if (req.session && req.session.user) return next();
-    // se for chamada XHR, responda 401 em vez de redirect (útil para API)
-    if (req.xhr || req.headers.accept?.includes("application/json")) {
-      return res.status(401).json({ error: "not_authenticated" });
-    }
-    return res.redirect("/login");
+  if (req.session?.user?.authenticated) {
+    return next();
   }
 
+  if (req.xhr || req.headers.accept?.includes("application/json")) {
+    return res.status(401).json({ error: "not_authenticated" });
+  }
+
+  return res.redirect("/login");
+}
+
 
   // proteger demais rotas (ex.: /upload, /consulta)
   app.use((req, res, next) => {
@@ -592,13 +598,6 @@ function createApp() {
     // servir /public APENAS quando autenticado
   app.use("/public", requireAuth, express.static(path.join(__dirname, "public")));
 
-  // Middleware para proteger rotas
-  app.use((req, res, next) => {
-    if (!req.session.user && req.path !== "/login" && !req.path.startsWith("/auth")) {
-      return res.redirect("/login");
-    }
-    next();
-  });
 
   /////////////////////////////////////////////////////
 
diff --git a/routes/authRoutes.js b/routes/authRoutes.js
index e56ff5b..7c8656d 100644
--- a/routes/authRoutes.js
+++ b/routes/authRoutes.js
@@ -3,12 +3,10 @@ const { getAuthUrl, getTokenFromCode } = require("../service/authService");
 
 const router = express.Router();
 
-// Rota para iniciar o fluxo de autenticação
 router.get("/login", (req, res) => {
   return res.redirect(getAuthUrl());
 });
 
-// Rota de callback após autenticação
 router.get("/auth/callback", async (req, res) => {
   console.log("[auth callback] query:", req.query);
   const code = req.query.code;
@@ -21,12 +19,10 @@ router.get("/auth/callback", async (req, res) => {
   try {
     const tokens = await getTokenFromCode(code);
 
-    // assegura sessão e marca usuário como autenticado
-    if (!req.session) req.session = {};
+    // sessão já existe (criada pelo express-session)
     req.session.tokens = tokens;
-    req.session.user = { authenticated: true }; // flag simples; adicione info real se quiser
+    req.session.user = { authenticated: true };
 
-    // salva session antes do redirect
     req.session.save((err) => {
       if (err) {
         console.error("[auth callback] erro ao salvar sessão:", err);
@@ -41,4 +37,4 @@ router.get("/auth/callback", async (req, res) => {
   }
 });
 
-module.exports = router;
\ No newline at end of file
+module.exports = router;