@ministerjs/auth 1.0.2 → 2.0.0

package/README.md

@@ -1,6 +1,12 @@
 # @ministerjs/auth
 
-Classe para gerenciar autenticação de usuários em aplicações Vue.
+Biblioteca de autenticação com dois alvos:
+- **Vue (front)** — helpers reativos para estado de autenticação.
+- **NestJS (back)** — módulo com controllers e drivers plugáveis (inclui driver padrão JWT + Prisma + cookies).
+
+## Sumário
+- [Uso no front (Vue)](./src/vue/README.md)
+- [Uso no backend (NestJS)](./src/nestjs/README.md)
 
 ## Instalação
 
@@ -8,114 +14,6 @@ Classe para gerenciar autenticação de usuários em aplicações Vue.
 pnpm add @ministerjs/auth
 ```
 
-## Importação
-
-```ts
-import { Auth } from "@ministerjs/auth/Auth";
-
-```
-
-## Exemplo de Uso
-
-```ts
-import { Auth } from "@ministerjs/auth/Auth";
-
-const auth = new Auth({
-  fetch: window.fetch.bind(window),
-  mapUser: (user) => {
-    // Transformar ou filtrar dados do usuário antes de salvar
-    return {
-      ...user,
-      fullName: `${user.firstName} ${user.lastName}`,
-    };
-  },
-  routes: {
-    login: "/api/login",
-    checkIn: "/api/checkin",
-    logout: "/api/logout",
-  },
-  afterLogout: () => {
-    // Ações após fazer logout
-    console.log("Usuário deslogado!");
-  },
-  afterCheckIn: (result) => {
-    // Ações após verificação do estado de login
-    console.log("CheckIn foi bem-sucedido?", result);
-  },
-});
-```
-
-### Atributos Importantes
-
-- **`auth.user`**: contém os dados do usuário autenticado (ou `null` se não autenticado).
-- **`auth.on`**: booleano que indica se o usuário está logado (`true`/`false`).
-- **`auth.loading`**: booleano que indica se há uma operação de login, checkIn ou logout em andamento.
-- **`auth.checkedIn`**: booleano que indica se o `checkIn()` já foi executado.
-
-### Métodos
-
-#### `login(payload: Record<string, any>)`
-
-- Faz a chamada de login para a rota configurada em `routes.login`.
-- Ao receber resposta:
-  - Define `auth.on` como `true`.
-  - Armazena o usuário em `auth.user`.
-  - Define `auth.loading` como `false`.
-
-**Exemplo**:
-```ts
-await auth.login({ username: "john", password: "1234" });
-console.log(auth.user.value); // Dados do usuário logado
-```
-
-#### `checkIn()`
-
-- Verifica se o usuário já está autenticado (ex.: mantém a sessão em abas novas).
-- Atualiza `auth.user` e `auth.on` conforme o resultado.
-- Chama o callback `afterCheckIn(true|false)` dependendo do sucesso ou falha na verificação.
-- Atualiza `auth.checkedIn` para `true` quando finaliza.
-
-**Exemplo**:
-```ts
-await auth.checkIn();
-console.log(auth.on.value);         // true ou false
-console.log(auth.checkedIn.value);  // true
-```
-
-#### `logout()`
-
-- Faz a chamada de logout para a rota configurada em `routes.logout`.
-- Define `auth.on` como `false`, limpa `auth.user` e chama `afterLogout()` após concluir.
-
-**Exemplo**:
-```ts
-await auth.logout();
-console.log(auth.on.value); // false
-console.log(auth.user.value); // null
-```
-
-### Opções do Construtor
-
-- **`fetch: Fetch`**  
-  Instância de Fetch responsável pelas requisições HTTP.
-
-- **`mapUser?: (user: User) => User`**  
-  Callback para ajustar dados do usuário antes de armazenar em `auth.user`.
-
-- **`routes?: { login?: string; checkIn?: string; logout?: string; }`**  
-  Rotas customizadas para as operações de login, checkIn e logout.
-
-- **`afterLogout?: () => void | Promise<void>`**  
-  Executado logo após o logout.
-
-- **`afterCheckIn?: (result: boolean) => void | Promise<void>`**  
-  Executado após a tentativa de checkIn, recebendo `true` ou `false` como resultado.
-
-  
-## Rotas do Backend
-
-Para que a classe Auth funcione corretamente, o backend deve expor as rotas (por padrão: `/api/login`, `/api/checkin`, `/api/logout`). 
-
-- **Login**: recebe as credenciais no corpo da requisição, valida e retorna `{ message, data }`.
-- **CheckIn**: verifica a sessão e retorna `{ message, data }` se o usuário estiver autenticado, ou algum erro/status caso não esteja.
-- **Logout**: invalida a sessão/tokens e retorna `{ message }`.
+Escolha o subpath conforme o lado da aplicação:
+- Front: `@ministerjs/auth/vue`
+- Back: `@ministerjs/auth/nestjs`

package/dist/nestjs.d.mts

@@ -0,0 +1,129 @@
+import { Request, Response, CookieOptions } from 'express';
+import { Type, DynamicModule } from '@nestjs/common';
+import { SignOptions } from 'jsonwebtoken';
+
+type AuthPayload = Record<string, any>;
+interface AuthResponse<User> {
+    message: string;
+    data: User;
+}
+interface LogoutResponse {
+    message: string;
+}
+interface AuthDriver<User = any> {
+    /**
+     * Deve validar o payload recebido e retornar o usuário autenticado.
+     */
+    login(payload: AuthPayload, request: Request, response: Response): Promise<User> | User;
+    /**
+     * Deve recuperar o usuário a partir do contexto (cookies, headers, sessão, etc.).
+     * Retorne `null` ou `undefined` quando não houver sessão ativa.
+     */
+    checkIn(request: Request, response: Response): Promise<User | null | undefined> | User | null | undefined;
+    /**
+     * Deve encerrar a sessão/tokens do usuário.
+     */
+    logout(request: Request, response: Response): Promise<void> | void;
+}
+
+declare const AUTH_DRIVER: unique symbol;
+
+declare class AuthController<User extends Record<string, any> = Record<string, any>> {
+    private readonly driver;
+    constructor(driver: AuthDriver<User>);
+    login(body: AuthPayload, request: Request, response: Response): Promise<AuthResponse<User>>;
+    checkIn(request: Request, response: Response): Promise<AuthResponse<User>>;
+    logout(request: Request, response: Response): Promise<LogoutResponse>;
+}
+
+type DriverProvider<User> = AuthDriver<User> | {
+    useValue: AuthDriver<User>;
+} | {
+    useClass: Type<AuthDriver<User>>;
+} | {
+    useFactory: (...args: any[]) => Promise<AuthDriver<User>> | AuthDriver<User>;
+    inject?: any[];
+} | Type<AuthDriver<User>>;
+interface AuthModuleOptions<User = any> {
+    /**
+     * Provider que implementa a interface AuthDriver.
+     * Aceita instância direta, classe Nest provider ou useFactory.
+     */
+    driver: DriverProvider<User>;
+}
+interface AuthModuleAsyncOptions<User = any> {
+    imports?: any[];
+    /**
+     * Factory que devolve uma instância de AuthDriver.
+     */
+    useFactory: (...args: any[]) => Promise<AuthDriver<User>> | AuthDriver<User>;
+    inject?: any[];
+}
+declare class AuthModule {
+    static register<User = any>(options: AuthModuleOptions<User>): DynamicModule;
+    static registerAsync<User = any>(options: AuthModuleAsyncOptions<User>): DynamicModule;
+    private static normalizeDriverProvider;
+}
+
+type PrismaClientLike = Record<string, any>;
+interface JwtPrismaDriverOptions {
+    prisma: PrismaClientLike;
+    /**
+     * Nome do model Prisma (ex.: "user").
+     */
+    modelName: string;
+    /**
+     * Campo usado como identificador de login (ex.: "email").
+     */
+    identifierField?: string;
+    /**
+     * Campo usado como senha (hash) no banco.
+     */
+    passwordField?: string;
+    /**
+     * Campo de ID primário (usado no payload do token).
+     */
+    idField?: string;
+    /**
+     * Segredo para assinar/verificar JWT.
+     */
+    jwtSecret: string;
+    /**
+     * Tempo de expiração (aceita formato jsonwebtoken, ex.: "7d").
+     */
+    jwtExpiresIn?: SignOptions["expiresIn"];
+    /**
+     * Nome do cookie que armazena o token.
+     */
+    cookieName?: string;
+    /**
+     * Opções do cookie (secure, sameSite etc).
+     */
+    cookieOptions?: Partial<CookieOptions>;
+    /**
+     * Função de comparação de senha (p.ex. bcrypt.compare).
+     */
+    comparePassword?: (provided: string, stored: unknown) => Promise<boolean> | boolean;
+    /**
+     * Permite alterar a shape do usuário retornado.
+     */
+    transformUser?: <T extends Record<string, any>>(user: T) => any;
+}
+declare class JwtPrismaCookieAuthDriver<User extends Record<string, any>> implements AuthDriver<User> {
+    private readonly prismaModel;
+    private readonly identifierField;
+    private readonly passwordField;
+    private readonly idField;
+    private readonly jwtSecret;
+    private readonly jwtExpiresIn;
+    private readonly cookieName;
+    private readonly cookieOptions;
+    private readonly comparePassword;
+    private readonly transformUser;
+    constructor(options: JwtPrismaDriverOptions);
+    login(payload: AuthPayload, _req: Request, res: Response): Promise<User>;
+    checkIn(req: Request, res: Response): Promise<User | null>;
+    logout(_req: Request, res: Response): Promise<void>;
+}
+
+export { AUTH_DRIVER, AuthController, type AuthDriver, AuthModule, type AuthModuleAsyncOptions, type AuthModuleOptions, type AuthPayload, type AuthResponse, type DriverProvider, JwtPrismaCookieAuthDriver, type JwtPrismaDriverOptions, type LogoutResponse };

package/dist/nestjs.d.ts

@@ -0,0 +1,129 @@
+import { Request, Response, CookieOptions } from 'express';
+import { Type, DynamicModule } from '@nestjs/common';
+import { SignOptions } from 'jsonwebtoken';
+
+type AuthPayload = Record<string, any>;
+interface AuthResponse<User> {
+    message: string;
+    data: User;
+}
+interface LogoutResponse {
+    message: string;
+}
+interface AuthDriver<User = any> {
+    /**
+     * Deve validar o payload recebido e retornar o usuário autenticado.
+     */
+    login(payload: AuthPayload, request: Request, response: Response): Promise<User> | User;
+    /**
+     * Deve recuperar o usuário a partir do contexto (cookies, headers, sessão, etc.).
+     * Retorne `null` ou `undefined` quando não houver sessão ativa.
+     */
+    checkIn(request: Request, response: Response): Promise<User | null | undefined> | User | null | undefined;
+    /**
+     * Deve encerrar a sessão/tokens do usuário.
+     */
+    logout(request: Request, response: Response): Promise<void> | void;
+}
+
+declare const AUTH_DRIVER: unique symbol;
+
+declare class AuthController<User extends Record<string, any> = Record<string, any>> {
+    private readonly driver;
+    constructor(driver: AuthDriver<User>);
+    login(body: AuthPayload, request: Request, response: Response): Promise<AuthResponse<User>>;
+    checkIn(request: Request, response: Response): Promise<AuthResponse<User>>;
+    logout(request: Request, response: Response): Promise<LogoutResponse>;
+}
+
+type DriverProvider<User> = AuthDriver<User> | {
+    useValue: AuthDriver<User>;
+} | {
+    useClass: Type<AuthDriver<User>>;
+} | {
+    useFactory: (...args: any[]) => Promise<AuthDriver<User>> | AuthDriver<User>;
+    inject?: any[];
+} | Type<AuthDriver<User>>;
+interface AuthModuleOptions<User = any> {
+    /**
+     * Provider que implementa a interface AuthDriver.
+     * Aceita instância direta, classe Nest provider ou useFactory.
+     */
+    driver: DriverProvider<User>;
+}
+interface AuthModuleAsyncOptions<User = any> {
+    imports?: any[];
+    /**
+     * Factory que devolve uma instância de AuthDriver.
+     */
+    useFactory: (...args: any[]) => Promise<AuthDriver<User>> | AuthDriver<User>;
+    inject?: any[];
+}
+declare class AuthModule {
+    static register<User = any>(options: AuthModuleOptions<User>): DynamicModule;
+    static registerAsync<User = any>(options: AuthModuleAsyncOptions<User>): DynamicModule;
+    private static normalizeDriverProvider;
+}
+
+type PrismaClientLike = Record<string, any>;
+interface JwtPrismaDriverOptions {
+    prisma: PrismaClientLike;
+    /**
+     * Nome do model Prisma (ex.: "user").
+     */
+    modelName: string;
+    /**
+     * Campo usado como identificador de login (ex.: "email").
+     */
+    identifierField?: string;
+    /**
+     * Campo usado como senha (hash) no banco.
+     */
+    passwordField?: string;
+    /**
+     * Campo de ID primário (usado no payload do token).
+     */
+    idField?: string;
+    /**
+     * Segredo para assinar/verificar JWT.
+     */
+    jwtSecret: string;
+    /**
+     * Tempo de expiração (aceita formato jsonwebtoken, ex.: "7d").
+     */
+    jwtExpiresIn?: SignOptions["expiresIn"];
+    /**
+     * Nome do cookie que armazena o token.
+     */
+    cookieName?: string;
+    /**
+     * Opções do cookie (secure, sameSite etc).
+     */
+    cookieOptions?: Partial<CookieOptions>;
+    /**
+     * Função de comparação de senha (p.ex. bcrypt.compare).
+     */
+    comparePassword?: (provided: string, stored: unknown) => Promise<boolean> | boolean;
+    /**
+     * Permite alterar a shape do usuário retornado.
+     */
+    transformUser?: <T extends Record<string, any>>(user: T) => any;
+}
+declare class JwtPrismaCookieAuthDriver<User extends Record<string, any>> implements AuthDriver<User> {
+    private readonly prismaModel;
+    private readonly identifierField;
+    private readonly passwordField;
+    private readonly idField;
+    private readonly jwtSecret;
+    private readonly jwtExpiresIn;
+    private readonly cookieName;
+    private readonly cookieOptions;
+    private readonly comparePassword;
+    private readonly transformUser;
+    constructor(options: JwtPrismaDriverOptions);
+    login(payload: AuthPayload, _req: Request, res: Response): Promise<User>;
+    checkIn(req: Request, res: Response): Promise<User | null>;
+    logout(_req: Request, res: Response): Promise<void>;
+}
+
+export { AUTH_DRIVER, AuthController, type AuthDriver, AuthModule, type AuthModuleAsyncOptions, type AuthModuleOptions, type AuthPayload, type AuthResponse, type DriverProvider, JwtPrismaCookieAuthDriver, type JwtPrismaDriverOptions, type LogoutResponse };

package/dist/nestjs.js

@@ -0,0 +1,237 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __decorateClass = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  for (var i = decorators.length - 1, decorator; i >= 0; i--)
+    if (decorator = decorators[i])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result) __defProp(target, key, result);
+  return result;
+};
+var __decorateParam = (index, decorator) => (target, key) => decorator(target, key, index);
+
+// src/nestjs/index.ts
+var nestjs_exports = {};
+__export(nestjs_exports, {
+  AUTH_DRIVER: () => AUTH_DRIVER,
+  AuthController: () => AuthController,
+  AuthModule: () => AuthModule,
+  JwtPrismaCookieAuthDriver: () => JwtPrismaCookieAuthDriver
+});
+module.exports = __toCommonJS(nestjs_exports);
+
+// src/nestjs/token.ts
+var AUTH_DRIVER = Symbol("AUTH_DRIVER");
+
+// src/nestjs/AuthController.ts
+var import_common = require("@nestjs/common");
+var AuthController = class {
+  constructor(driver) {
+    this.driver = driver;
+  }
+  async login(body, request, response) {
+    const user = await this.driver.login(body, request, response);
+    return { message: "ok", data: user };
+  }
+  async checkIn(request, response) {
+    const user = await this.driver.checkIn(request, response);
+    if (!user) {
+      throw new import_common.UnauthorizedException("Not authenticated");
+    }
+    return { message: "ok", data: user };
+  }
+  async logout(request, response) {
+    await this.driver.logout(request, response);
+    return { message: "ok" };
+  }
+};
+__decorateClass([
+  (0, import_common.Post)("/login"),
+  (0, import_common.HttpCode)(200),
+  __decorateParam(0, (0, import_common.Body)()),
+  __decorateParam(1, (0, import_common.Req)()),
+  __decorateParam(2, (0, import_common.Res)({ passthrough: true }))
+], AuthController.prototype, "login", 1);
+__decorateClass([
+  (0, import_common.Post)("/checkin"),
+  (0, import_common.HttpCode)(200),
+  __decorateParam(0, (0, import_common.Req)()),
+  __decorateParam(1, (0, import_common.Res)({ passthrough: true }))
+], AuthController.prototype, "checkIn", 1);
+__decorateClass([
+  (0, import_common.Post)("/logout"),
+  (0, import_common.HttpCode)(200),
+  __decorateParam(0, (0, import_common.Req)()),
+  __decorateParam(1, (0, import_common.Res)({ passthrough: true }))
+], AuthController.prototype, "logout", 1);
+AuthController = __decorateClass([
+  (0, import_common.Controller)(),
+  __decorateParam(0, (0, import_common.Inject)(AUTH_DRIVER))
+], AuthController);
+
+// src/nestjs/AuthModule.ts
+var import_common2 = require("@nestjs/common");
+var AuthModule = class {
+  static register(options) {
+    const driverProvider = this.normalizeDriverProvider(options.driver);
+    return {
+      module: AuthModule,
+      controllers: [AuthController],
+      providers: [driverProvider],
+      exports: [driverProvider]
+    };
+  }
+  static registerAsync(options) {
+    const driverProvider = {
+      provide: AUTH_DRIVER,
+      useFactory: options.useFactory,
+      inject: options.inject ?? []
+    };
+    return {
+      module: AuthModule,
+      imports: options.imports ?? [],
+      controllers: [AuthController],
+      providers: [driverProvider],
+      exports: [driverProvider]
+    };
+  }
+  static normalizeDriverProvider(driver) {
+    if (typeof driver === "function") {
+      return { provide: AUTH_DRIVER, useClass: driver };
+    }
+    if ("useClass" in driver) {
+      return { provide: AUTH_DRIVER, useClass: driver.useClass };
+    }
+    if ("useFactory" in driver) {
+      return {
+        provide: AUTH_DRIVER,
+        useFactory: driver.useFactory,
+        inject: driver.inject ?? []
+      };
+    }
+    if ("useValue" in driver) {
+      return { provide: AUTH_DRIVER, useValue: driver.useValue };
+    }
+    return { provide: AUTH_DRIVER, useValue: driver };
+  }
+};
+AuthModule = __decorateClass([
+  (0, import_common2.Module)({})
+], AuthModule);
+
+// src/nestjs/JwtPrismaCookieAuthDriver.ts
+var import_common3 = require("@nestjs/common");
+var import_jsonwebtoken = require("jsonwebtoken");
+var defaultCookieOptions = {
+  httpOnly: true,
+  sameSite: "lax",
+  path: "/"
+};
+var JwtPrismaCookieAuthDriver = class {
+  prismaModel;
+  identifierField;
+  passwordField;
+  idField;
+  jwtSecret;
+  jwtExpiresIn;
+  cookieName;
+  cookieOptions;
+  comparePassword;
+  transformUser;
+  constructor(options) {
+    this.prismaModel = options.prisma[options.modelName];
+    if (!this.prismaModel) {
+      throw new Error(
+        `Model "${options.modelName}" n\xE3o encontrado no PrismaClient.`
+      );
+    }
+    this.identifierField = options.identifierField ?? "email";
+    this.passwordField = options.passwordField ?? "password";
+    this.idField = options.idField ?? "id";
+    this.jwtSecret = options.jwtSecret;
+    this.jwtExpiresIn = options.jwtExpiresIn ?? "7d";
+    this.cookieName = options.cookieName ?? "auth_token";
+    this.cookieOptions = {
+      ...defaultCookieOptions,
+      ...options.cookieOptions ?? {}
+    };
+    this.comparePassword = options.comparePassword ?? ((provided, stored) => String(stored) === provided);
+    this.transformUser = options.transformUser ?? ((user) => {
+      const clone = { ...user };
+      delete clone[this.passwordField];
+      return clone;
+    });
+  }
+  async login(payload, _req, res) {
+    const identifier = payload[this.identifierField];
+    const user = await this.prismaModel.findUnique({
+      where: { [this.identifierField]: identifier }
+    });
+    if (!user) {
+      throw new import_common3.UnauthorizedException("Invalid credentials");
+    }
+    const ok = await this.comparePassword(
+      payload[this.passwordField],
+      user[this.passwordField]
+    );
+    if (!ok) {
+      throw new import_common3.UnauthorizedException("Invalid credentials");
+    }
+    const token = (0, import_jsonwebtoken.sign)(
+      { sub: user[this.idField] },
+      this.jwtSecret,
+      { expiresIn: this.jwtExpiresIn }
+    );
+    res.cookie(this.cookieName, token, this.cookieOptions);
+    return this.transformUser(user);
+  }
+  async checkIn(req, res) {
+    const token = req.cookies?.[this.cookieName];
+    if (!token) {
+      return null;
+    }
+    let payload;
+    try {
+      payload = (0, import_jsonwebtoken.verify)(token, this.jwtSecret);
+    } catch {
+      return null;
+    }
+    const user = await this.prismaModel.findUnique({
+      where: { [this.idField]: payload.sub }
+    });
+    if (!user) {
+      return null;
+    }
+    res.cookie(this.cookieName, token, this.cookieOptions);
+    return this.transformUser(user);
+  }
+  async logout(_req, res) {
+    res.clearCookie(this.cookieName, {
+      ...this.cookieOptions,
+      maxAge: 0
+    });
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AUTH_DRIVER,
+  AuthController,
+  AuthModule,
+  JwtPrismaCookieAuthDriver
+});

package/dist/nestjs.mjs

@@ -0,0 +1,219 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __decorateClass = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  for (var i = decorators.length - 1, decorator; i >= 0; i--)
+    if (decorator = decorators[i])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result) __defProp(target, key, result);
+  return result;
+};
+var __decorateParam = (index, decorator) => (target, key) => decorator(target, key, index);
+
+// src/nestjs/token.ts
+var AUTH_DRIVER = Symbol("AUTH_DRIVER");
+
+// src/nestjs/AuthController.ts
+import {
+  Body,
+  Controller,
+  HttpCode,
+  Inject,
+  Post,
+  Req,
+  Res,
+  UnauthorizedException
+} from "@nestjs/common";
+var AuthController = class {
+  constructor(driver) {
+    this.driver = driver;
+  }
+  async login(body, request, response) {
+    const user = await this.driver.login(body, request, response);
+    return { message: "ok", data: user };
+  }
+  async checkIn(request, response) {
+    const user = await this.driver.checkIn(request, response);
+    if (!user) {
+      throw new UnauthorizedException("Not authenticated");
+    }
+    return { message: "ok", data: user };
+  }
+  async logout(request, response) {
+    await this.driver.logout(request, response);
+    return { message: "ok" };
+  }
+};
+__decorateClass([
+  Post("/login"),
+  HttpCode(200),
+  __decorateParam(0, Body()),
+  __decorateParam(1, Req()),
+  __decorateParam(2, Res({ passthrough: true }))
+], AuthController.prototype, "login", 1);
+__decorateClass([
+  Post("/checkin"),
+  HttpCode(200),
+  __decorateParam(0, Req()),
+  __decorateParam(1, Res({ passthrough: true }))
+], AuthController.prototype, "checkIn", 1);
+__decorateClass([
+  Post("/logout"),
+  HttpCode(200),
+  __decorateParam(0, Req()),
+  __decorateParam(1, Res({ passthrough: true }))
+], AuthController.prototype, "logout", 1);
+AuthController = __decorateClass([
+  Controller(),
+  __decorateParam(0, Inject(AUTH_DRIVER))
+], AuthController);
+
+// src/nestjs/AuthModule.ts
+import { Module } from "@nestjs/common";
+var AuthModule = class {
+  static register(options) {
+    const driverProvider = this.normalizeDriverProvider(options.driver);
+    return {
+      module: AuthModule,
+      controllers: [AuthController],
+      providers: [driverProvider],
+      exports: [driverProvider]
+    };
+  }
+  static registerAsync(options) {
+    const driverProvider = {
+      provide: AUTH_DRIVER,
+      useFactory: options.useFactory,
+      inject: options.inject ?? []
+    };
+    return {
+      module: AuthModule,
+      imports: options.imports ?? [],
+      controllers: [AuthController],
+      providers: [driverProvider],
+      exports: [driverProvider]
+    };
+  }
+  static normalizeDriverProvider(driver) {
+    if (typeof driver === "function") {
+      return { provide: AUTH_DRIVER, useClass: driver };
+    }
+    if ("useClass" in driver) {
+      return { provide: AUTH_DRIVER, useClass: driver.useClass };
+    }
+    if ("useFactory" in driver) {
+      return {
+        provide: AUTH_DRIVER,
+        useFactory: driver.useFactory,
+        inject: driver.inject ?? []
+      };
+    }
+    if ("useValue" in driver) {
+      return { provide: AUTH_DRIVER, useValue: driver.useValue };
+    }
+    return { provide: AUTH_DRIVER, useValue: driver };
+  }
+};
+AuthModule = __decorateClass([
+  Module({})
+], AuthModule);
+
+// src/nestjs/JwtPrismaCookieAuthDriver.ts
+import { UnauthorizedException as UnauthorizedException2 } from "@nestjs/common";
+import { sign, verify } from "jsonwebtoken";
+var defaultCookieOptions = {
+  httpOnly: true,
+  sameSite: "lax",
+  path: "/"
+};
+var JwtPrismaCookieAuthDriver = class {
+  prismaModel;
+  identifierField;
+  passwordField;
+  idField;
+  jwtSecret;
+  jwtExpiresIn;
+  cookieName;
+  cookieOptions;
+  comparePassword;
+  transformUser;
+  constructor(options) {
+    this.prismaModel = options.prisma[options.modelName];
+    if (!this.prismaModel) {
+      throw new Error(
+        `Model "${options.modelName}" n\xE3o encontrado no PrismaClient.`
+      );
+    }
+    this.identifierField = options.identifierField ?? "email";
+    this.passwordField = options.passwordField ?? "password";
+    this.idField = options.idField ?? "id";
+    this.jwtSecret = options.jwtSecret;
+    this.jwtExpiresIn = options.jwtExpiresIn ?? "7d";
+    this.cookieName = options.cookieName ?? "auth_token";
+    this.cookieOptions = {
+      ...defaultCookieOptions,
+      ...options.cookieOptions ?? {}
+    };
+    this.comparePassword = options.comparePassword ?? ((provided, stored) => String(stored) === provided);
+    this.transformUser = options.transformUser ?? ((user) => {
+      const clone = { ...user };
+      delete clone[this.passwordField];
+      return clone;
+    });
+  }
+  async login(payload, _req, res) {
+    const identifier = payload[this.identifierField];
+    const user = await this.prismaModel.findUnique({
+      where: { [this.identifierField]: identifier }
+    });
+    if (!user) {
+      throw new UnauthorizedException2("Invalid credentials");
+    }
+    const ok = await this.comparePassword(
+      payload[this.passwordField],
+      user[this.passwordField]
+    );
+    if (!ok) {
+      throw new UnauthorizedException2("Invalid credentials");
+    }
+    const token = sign(
+      { sub: user[this.idField] },
+      this.jwtSecret,
+      { expiresIn: this.jwtExpiresIn }
+    );
+    res.cookie(this.cookieName, token, this.cookieOptions);
+    return this.transformUser(user);
+  }
+  async checkIn(req, res) {
+    const token = req.cookies?.[this.cookieName];
+    if (!token) {
+      return null;
+    }
+    let payload;
+    try {
+      payload = verify(token, this.jwtSecret);
+    } catch {
+      return null;
+    }
+    const user = await this.prismaModel.findUnique({
+      where: { [this.idField]: payload.sub }
+    });
+    if (!user) {
+      return null;
+    }
+    res.cookie(this.cookieName, token, this.cookieOptions);
+    return this.transformUser(user);
+  }
+  async logout(_req, res) {
+    res.clearCookie(this.cookieName, {
+      ...this.cookieOptions,
+      maxAge: 0
+    });
+  }
+};
+export {
+  AUTH_DRIVER,
+  AuthController,
+  AuthModule,
+  JwtPrismaCookieAuthDriver
+};

package/dist/{Auth.js → vue.js}

@@ -17,12 +17,14 @@ var __copyProps = (to, from, except, desc) => {
 };
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
-// src/Auth.ts
-var Auth_exports = {};
-__export(Auth_exports, {
+// src/vue/index.ts
+var vue_exports = {};
+__export(vue_exports, {
   Auth: () => Auth
 });
-module.exports = __toCommonJS(Auth_exports);
+module.exports = __toCommonJS(vue_exports);
+
+// src/vue/VueAuth.ts
 var import_vue = require("vue");
 var Auth = class {
   user = (0, import_vue.ref)(null);

package/dist/{Auth.mjs → vue.mjs}

@@ -1,4 +1,4 @@
-// src/Auth.ts
+// src/vue/VueAuth.ts
 import { ref } from "vue";
 var Auth = class {
   user = ref(null);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ministerjs/auth",
-  "version": "1.0.2",
+  "version": "2.0.0",
   "license": "UNLICENSED",
   "private": false,
   "publishConfig": {
@@ -10,28 +10,51 @@
     "dist/*"
   ],
   "exports": {
-    "./Auth": {
-      "types": "./dist/Auth.d.ts",
-      "import": "./dist/Auth.mjs",
-      "require": "./dist/Auth.js"
+    "./vue": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    },
+    "./nestjs": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
     }
   },
   "peerDependencies": {
-    "vue": "^3.5.12"
+    "vue": "^3.5.12",
+    "@nestjs/common": "^11.0.11",
+    "@prisma/client": "^6.5.0",
+    "jsonwebtoken": "^9.0.2"
+  },
+  "peerDependenciesMeta": {
+    "@nestjs/common": {
+      "optional": true
+    },
+    "@prisma/client": {
+      "optional": true
+    },
+    "jsonwebtoken": {
+      "optional": true
+    }
   },
   "devDependencies": {
     "@ministerjs/build": "^2.1.2",
     "@ministerjs/resource": "1.2.0",
     "@types/node": "^22.13.10",
+    "@types/express": "^4.17.21",
     "cross-env": "^7.0.3",
     "eslint": "^9.22.0",
     "globals": "^15.15.0",
     "prettier": "3.5.3",
     "tsup": "^8.4.0",
     "tsx": "^4.19.3",
-    "typescript": "latest",
+    "typescript": "~5.8.3",
     "vitest": "^3.0.9",
-    "vue": "^3.5.13"
+    "vue": "^3.5.13",
+    "@nestjs/common": "^11.0.11",
+    "@types/jsonwebtoken": "^9.0.6",
+    "jsonwebtoken": "^9.0.2"
   },
   "scripts": {
     "dev": "tsup --watch",