@open-mercato/core 0.4.8-develop-6b37dabfa2 → 0.4.8-develop-84f3678a58

package/src/modules/customer_accounts/api/portal/sessions-refresh.ts

@@ -0,0 +1,87 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { CustomerSessionService } from '@open-mercato/core/modules/customer_accounts/services/customerSessionService'
+import { CustomerRbacService } from '@open-mercato/core/modules/customer_accounts/services/customerRbacService'
+
+export const metadata: { path?: string } = {}
+
+function readCookieFromHeader(header: string | null | undefined, name: string): string | undefined {
+  if (!header) return undefined
+  const parts = header.split(';')
+  for (const part of parts) {
+    const trimmed = part.trim()
+    if (trimmed.startsWith(`${name}=`)) {
+      return trimmed.slice(name.length + 1)
+    }
+  }
+  return undefined
+}
+
+export async function POST(req: Request) {
+  const cookieHeader = req.headers.get('cookie') || ''
+  const sessionToken = readCookieFromHeader(cookieHeader, 'customer_session_token')
+  if (!sessionToken) {
+    return NextResponse.json({ ok: false, error: 'No session token' }, { status: 401 })
+  }
+
+  let decodedToken: string
+  try {
+    decodedToken = decodeURIComponent(sessionToken)
+  } catch {
+    decodedToken = sessionToken
+  }
+
+  const container = await createRequestContainer()
+  const customerSessionService = container.resolve('customerSessionService') as CustomerSessionService
+  const customerRbacService = container.resolve('customerRbacService') as CustomerRbacService
+
+  const session = await customerSessionService.findByToken(decodedToken)
+  if (!session) {
+    return NextResponse.json({ ok: false, error: 'Invalid or expired session' }, { status: 401 })
+  }
+
+  const user = session.user as any
+  if (!user || user.deletedAt || !user.isActive) {
+    return NextResponse.json({ ok: false, error: 'Account not active' }, { status: 401 })
+  }
+
+  const acl = await customerRbacService.loadAcl(user.id, {
+    tenantId: user.tenantId,
+    organizationId: user.organizationId,
+  })
+
+  const result = await customerSessionService.refreshSession(decodedToken, acl.features)
+  if (!result) {
+    return NextResponse.json({ ok: false, error: 'Session refresh failed' }, { status: 401 })
+  }
+
+  const res = NextResponse.json({ ok: true, resolvedFeatures: acl.features })
+
+  res.cookies.set('customer_auth_token', result.jwt, {
+    httpOnly: true,
+    path: '/',
+    sameSite: 'lax',
+    secure: process.env.NODE_ENV === 'production',
+    maxAge: 60 * 60 * 8,
+  })
+
+  return res
+}
+
+const successSchema = z.object({ ok: z.literal(true), resolvedFeatures: z.array(z.string()) })
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() })
+
+const methodDoc: OpenApiMethodDoc = {
+  summary: 'Refresh customer JWT from session token',
+  description: 'Uses the session cookie to issue a fresh JWT access token.',
+  tags: ['Customer Portal'],
+  responses: [{ status: 200, description: 'Token refreshed', schema: successSchema }],
+  errors: [{ status: 401, description: 'Invalid session', schema: errorSchema }],
+}
+
+export const openApi: OpenApiRouteDoc = {
+  summary: 'Refresh customer session',
+  methods: { POST: methodDoc },
+}

package/src/modules/customer_accounts/api/portal/sessions.ts

@@ -0,0 +1,84 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'
+import { getCustomerAuthFromRequest } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { CustomerUserSession } from '@open-mercato/core/modules/customer_accounts/data/entities'
+import { hashToken } from '@open-mercato/core/modules/customer_accounts/lib/tokenGenerator'
+
+export const metadata: { path?: string } = {}
+
+function readCookieFromHeader(header: string | null | undefined, name: string): string | undefined {
+  if (!header) return undefined
+  const parts = header.split(';')
+  for (const part of parts) {
+    const trimmed = part.trim()
+    if (trimmed.startsWith(`${name}=`)) {
+      return trimmed.slice(name.length + 1)
+    }
+  }
+  return undefined
+}
+
+export async function GET(req: Request) {
+  const auth = await getCustomerAuthFromRequest(req)
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })
+  }
+
+  const container = await createRequestContainer()
+  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager
+
+  const sessions = await em.find(CustomerUserSession, {
+    user: auth.sub as any,
+    deletedAt: null,
+    expiresAt: { $gt: new Date() },
+  }, { orderBy: { createdAt: 'DESC' } })
+
+  // Determine current session
+  const cookieHeader = req.headers.get('cookie') || ''
+  const sessionToken = readCookieFromHeader(cookieHeader, 'customer_session_token')
+  let currentSessionHash: string | null = null
+  if (sessionToken) {
+    try {
+      currentSessionHash = hashToken(decodeURIComponent(sessionToken))
+    } catch {
+      currentSessionHash = hashToken(sessionToken)
+    }
+  }
+
+  const items = sessions.map((s) => ({
+    id: s.id,
+    ipAddress: s.ipAddress,
+    userAgent: s.userAgent,
+    lastUsedAt: s.lastUsedAt,
+    createdAt: s.createdAt,
+    expiresAt: s.expiresAt,
+    isCurrent: currentSessionHash ? s.tokenHash === currentSessionHash : false,
+  }))
+
+  return NextResponse.json({ ok: true, sessions: items })
+}
+
+const sessionSchema = z.object({
+  id: z.string().uuid(),
+  ipAddress: z.string().nullable(),
+  userAgent: z.string().nullable(),
+  lastUsedAt: z.string().datetime().nullable(),
+  createdAt: z.string().datetime(),
+  expiresAt: z.string().datetime(),
+  isCurrent: z.boolean(),
+})
+
+const methodDoc: OpenApiMethodDoc = {
+  summary: 'List customer sessions',
+  description: 'Returns active sessions for the authenticated customer user.',
+  tags: ['Customer Portal'],
+  responses: [{ status: 200, description: 'Session list', schema: z.object({ ok: z.literal(true), sessions: z.array(sessionSchema) }) }],
+  errors: [{ status: 401, description: 'Not authenticated', schema: z.object({ ok: z.literal(false), error: z.string() }) }],
+}
+
+export const openApi: OpenApiRouteDoc = {
+  summary: 'Customer sessions',
+  methods: { GET: methodDoc },
+}

package/src/modules/customer_accounts/api/portal/users/[id]/roles.ts

@@ -0,0 +1,106 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'
+import { getCustomerAuthFromRequest, requireCustomerFeature } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { CustomerUser, CustomerUserRole, CustomerRole } from '@open-mercato/core/modules/customer_accounts/data/entities'
+import { CustomerRbacService } from '@open-mercato/core/modules/customer_accounts/services/customerRbacService'
+import { assignRolesSchema } from '@open-mercato/core/modules/customer_accounts/data/validators'
+
+export const metadata: { path?: string } = {}
+
+export async function PUT(req: Request, { params }: { params: { id: string } }) {
+  const auth = await getCustomerAuthFromRequest(req)
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })
+  }
+
+  try {
+    requireCustomerFeature(auth, ['portal.users.roles.manage'])
+  } catch (response) {
+    return response as NextResponse
+  }
+
+  if (!auth.customerEntityId) {
+    return NextResponse.json({ ok: false, error: 'No company association' }, { status: 403 })
+  }
+
+  let body: unknown
+  try {
+    body = await req.json()
+  } catch {
+    return NextResponse.json({ ok: false, error: 'Invalid request body' }, { status: 400 })
+  }
+
+  const parsed = assignRolesSchema.safeParse(body)
+  if (!parsed.success) {
+    return NextResponse.json({ ok: false, error: 'Validation failed' }, { status: 400 })
+  }
+
+  const container = await createRequestContainer()
+  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager
+  const customerRbacService = container.resolve('customerRbacService') as CustomerRbacService
+
+  // Verify target user belongs to same company
+  const targetUser = await em.findOne(CustomerUser, {
+    id: params.id,
+    customerEntityId: auth.customerEntityId,
+    tenantId: auth.tenantId,
+    deletedAt: null,
+  })
+  if (!targetUser) {
+    return NextResponse.json({ ok: false, error: 'User not found' }, { status: 404 })
+  }
+
+  // Validate all roles are customer_assignable
+  for (const roleId of parsed.data.roleIds) {
+    const role = await em.findOne(CustomerRole, { id: roleId, tenantId: auth.tenantId, deletedAt: null })
+    if (!role || !role.customerAssignable) {
+      return NextResponse.json({ ok: false, error: 'Role not found or not assignable' }, { status: 400 })
+    }
+  }
+
+  // Remove existing roles
+  await em.nativeDelete(CustomerUserRole, { user: targetUser.id as any })
+
+  // Assign new roles
+  for (const roleId of parsed.data.roleIds) {
+    const role = await em.findOne(CustomerRole, { id: roleId })
+    if (role) {
+      const userRole = em.create(CustomerUserRole, {
+        user: targetUser,
+        role,
+        createdAt: new Date(),
+      } as any)
+      em.persist(userRole)
+    }
+  }
+  await em.flush()
+
+  await customerRbacService.invalidateUserCache(targetUser.id)
+
+  return NextResponse.json({ ok: true })
+}
+
+const successSchema = z.object({ ok: z.literal(true) })
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() })
+
+const methodDoc: OpenApiMethodDoc = {
+  summary: 'Update portal user roles',
+  description: 'Assigns new roles to a company portal user.',
+  tags: ['Customer Portal'],
+  requestBody: { schema: assignRolesSchema },
+  responses: [{ status: 200, description: 'Roles updated', schema: successSchema }],
+  errors: [
+    { status: 400, description: 'Validation failed', schema: errorSchema },
+    { status: 401, description: 'Not authenticated', schema: errorSchema },
+    { status: 403, description: 'Insufficient permissions', schema: errorSchema },
+    { status: 404, description: 'User not found', schema: errorSchema },
+  ],
+}
+
+export const openApi: OpenApiRouteDoc = {
+  summary: 'Update portal user roles',
+  pathParams: z.object({ id: z.string().uuid() }),
+  methods: { PUT: methodDoc },
+}

package/src/modules/customer_accounts/api/portal/users/[id].ts

@@ -0,0 +1,81 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'
+import { getCustomerAuthFromRequest, requireCustomerFeature } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { CustomerUser } from '@open-mercato/core/modules/customer_accounts/data/entities'
+import { CustomerUserService } from '@open-mercato/core/modules/customer_accounts/services/customerUserService'
+import { CustomerSessionService } from '@open-mercato/core/modules/customer_accounts/services/customerSessionService'
+import { emitCustomerAccountsEvent } from '@open-mercato/core/modules/customer_accounts/events'
+
+export const metadata: { path?: string } = {}
+
+export async function DELETE(req: Request, { params }: { params: { id: string } }) {
+  const auth = await getCustomerAuthFromRequest(req)
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })
+  }
+
+  try {
+    requireCustomerFeature(auth, ['portal.users.manage'])
+  } catch (response) {
+    return response as NextResponse
+  }
+
+  if (!auth.customerEntityId) {
+    return NextResponse.json({ ok: false, error: 'No company association' }, { status: 403 })
+  }
+
+  if (params.id === auth.sub) {
+    return NextResponse.json({ ok: false, error: 'Cannot delete your own account' }, { status: 400 })
+  }
+
+  const container = await createRequestContainer()
+  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager
+  const customerUserService = container.resolve('customerUserService') as CustomerUserService
+  const customerSessionService = container.resolve('customerSessionService') as CustomerSessionService
+
+  const targetUser = await em.findOne(CustomerUser, {
+    id: params.id,
+    customerEntityId: auth.customerEntityId,
+    tenantId: auth.tenantId,
+    deletedAt: null,
+  })
+  if (!targetUser) {
+    return NextResponse.json({ ok: false, error: 'User not found' }, { status: 404 })
+  }
+
+  await customerUserService.softDelete(targetUser.id)
+  await customerSessionService.revokeAllUserSessions(targetUser.id)
+
+  void emitCustomerAccountsEvent('customer_accounts.user.deleted', {
+    id: targetUser.id,
+    email: targetUser.email,
+    tenantId: auth.tenantId,
+    organizationId: auth.orgId,
+  }).catch(() => undefined)
+
+  return NextResponse.json({ ok: true })
+}
+
+const successSchema = z.object({ ok: z.literal(true) })
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() })
+
+const methodDoc: OpenApiMethodDoc = {
+  summary: 'Delete a company portal user',
+  description: 'Soft deletes a portal user and revokes all their sessions.',
+  tags: ['Customer Portal'],
+  responses: [{ status: 200, description: 'User deleted', schema: successSchema }],
+  errors: [
+    { status: 400, description: 'Cannot delete self', schema: errorSchema },
+    { status: 401, description: 'Not authenticated', schema: errorSchema },
+    { status: 403, description: 'Insufficient permissions', schema: errorSchema },
+    { status: 404, description: 'User not found', schema: errorSchema },
+  ],
+}
+
+export const openApi: OpenApiRouteDoc = {
+  summary: 'Delete portal user',
+  pathParams: z.object({ id: z.string().uuid() }),
+  methods: { DELETE: methodDoc },
+}

package/src/modules/customer_accounts/api/portal/users-invite.ts

@@ -0,0 +1,103 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'
+import { getCustomerAuthFromRequest, requireCustomerFeature } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { CustomerInvitationService } from '@open-mercato/core/modules/customer_accounts/services/customerInvitationService'
+import { CustomerRole } from '@open-mercato/core/modules/customer_accounts/data/entities'
+import { inviteUserSchema } from '@open-mercato/core/modules/customer_accounts/data/validators'
+
+export const metadata: { path?: string } = {}
+
+export async function POST(req: Request) {
+  const auth = await getCustomerAuthFromRequest(req)
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })
+  }
+
+  try {
+    requireCustomerFeature(auth, ['portal.users.manage'])
+  } catch (response) {
+    return response as NextResponse
+  }
+
+  if (!auth.customerEntityId) {
+    return NextResponse.json({ ok: false, error: 'No company association' }, { status: 403 })
+  }
+
+  let body: unknown
+  try {
+    body = await req.json()
+  } catch {
+    return NextResponse.json({ ok: false, error: 'Invalid request body' }, { status: 400 })
+  }
+
+  const parsed = inviteUserSchema.safeParse(body)
+  if (!parsed.success) {
+    return NextResponse.json({ ok: false, error: 'Validation failed', details: parsed.error.flatten().fieldErrors }, { status: 400 })
+  }
+
+  const container = await createRequestContainer()
+  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager
+
+  // Validate all roles are customer_assignable
+  for (const roleId of parsed.data.roleIds) {
+    const role = await em.findOne(CustomerRole, { id: roleId, tenantId: auth.tenantId, deletedAt: null })
+    if (!role) {
+      return NextResponse.json({ ok: false, error: `Role ${roleId} not found` }, { status: 400 })
+    }
+    if (!role.customerAssignable) {
+      return NextResponse.json({ ok: false, error: `Role "${role.name}" cannot be assigned by portal users` }, { status: 403 })
+    }
+  }
+
+  const customerInvitationService = container.resolve('customerInvitationService') as CustomerInvitationService
+
+  const { invitation } = await customerInvitationService.createInvitation(
+    parsed.data.email,
+    { tenantId: auth.tenantId, organizationId: auth.orgId },
+    {
+      customerEntityId: auth.customerEntityId,
+      roleIds: parsed.data.roleIds,
+      invitedByCustomerUserId: auth.sub,
+      displayName: parsed.data.displayName || null,
+    },
+  )
+
+  return NextResponse.json({
+    ok: true,
+    invitation: {
+      id: invitation.id,
+      email: invitation.email,
+      expiresAt: invitation.expiresAt,
+    },
+  }, { status: 201 })
+}
+
+const successSchema = z.object({
+  ok: z.literal(true),
+  invitation: z.object({
+    id: z.string().uuid(),
+    email: z.string(),
+    expiresAt: z.string().datetime(),
+  }),
+})
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() })
+
+const methodDoc: OpenApiMethodDoc = {
+  summary: 'Invite a user to the company portal',
+  description: 'Creates an invitation for a new user to join the company portal.',
+  tags: ['Customer Portal'],
+  requestBody: { schema: inviteUserSchema },
+  responses: [{ status: 201, description: 'Invitation created', schema: successSchema }],
+  errors: [
+    { status: 400, description: 'Validation failed', schema: errorSchema },
+    { status: 401, description: 'Not authenticated', schema: errorSchema },
+    { status: 403, description: 'Insufficient permissions or non-assignable role', schema: errorSchema },
+  ],
+}
+
+export const openApi: OpenApiRouteDoc = {
+  summary: 'Invite portal user',
+  methods: { POST: methodDoc },
+}

package/src/modules/customer_accounts/api/portal/users.ts

@@ -0,0 +1,86 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'
+import { getCustomerAuthFromRequest, requireCustomerFeature } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { CustomerUser, CustomerUserRole } from '@open-mercato/core/modules/customer_accounts/data/entities'
+
+export const metadata: { path?: string } = {}
+
+export async function GET(req: Request) {
+  const auth = await getCustomerAuthFromRequest(req)
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })
+  }
+
+  try {
+    requireCustomerFeature(auth, ['portal.users.view'])
+  } catch (response) {
+    return response as NextResponse
+  }
+
+  if (!auth.customerEntityId) {
+    return NextResponse.json({ ok: false, error: 'No company association' }, { status: 403 })
+  }
+
+  const container = await createRequestContainer()
+  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager
+
+  const users = await em.find(CustomerUser, {
+    customerEntityId: auth.customerEntityId,
+    tenantId: auth.tenantId,
+    deletedAt: null,
+  }, { orderBy: { createdAt: 'DESC' } })
+
+  const items = await Promise.all(users.map(async (user) => {
+    const userRoles = await em.find(CustomerUserRole, {
+      user: user.id as any,
+      deletedAt: null,
+    }, { populate: ['role'] })
+    const roles = userRoles.map((ur) => ({
+      id: (ur.role as any).id,
+      name: (ur.role as any).name,
+      slug: (ur.role as any).slug,
+    }))
+
+    return {
+      id: user.id,
+      email: user.email,
+      displayName: user.displayName,
+      emailVerified: !!user.emailVerifiedAt,
+      isActive: user.isActive,
+      lastLoginAt: user.lastLoginAt,
+      createdAt: user.createdAt,
+      roles,
+    }
+  }))
+
+  return NextResponse.json({ ok: true, users: items })
+}
+
+const userSchema = z.object({
+  id: z.string().uuid(),
+  email: z.string(),
+  displayName: z.string(),
+  emailVerified: z.boolean(),
+  isActive: z.boolean(),
+  lastLoginAt: z.string().datetime().nullable(),
+  createdAt: z.string().datetime(),
+  roles: z.array(z.object({ id: z.string().uuid(), name: z.string(), slug: z.string() })),
+})
+
+const methodDoc: OpenApiMethodDoc = {
+  summary: 'List company portal users',
+  description: 'Lists all portal users associated with the same company.',
+  tags: ['Customer Portal'],
+  responses: [{ status: 200, description: 'User list', schema: z.object({ ok: z.literal(true), users: z.array(userSchema) }) }],
+  errors: [
+    { status: 401, description: 'Not authenticated', schema: z.object({ ok: z.literal(false), error: z.string() }) },
+    { status: 403, description: 'Insufficient permissions', schema: z.object({ ok: z.literal(false), error: z.string() }) },
+  ],
+}
+
+export const openApi: OpenApiRouteDoc = {
+  summary: 'List company portal users',
+  methods: { GET: methodDoc },
+}

package/src/modules/customer_accounts/api/signup.ts

@@ -0,0 +1,136 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'
+import { signupSchema } from '@open-mercato/core/modules/customer_accounts/data/validators'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { CustomerUserService } from '@open-mercato/core/modules/customer_accounts/services/customerUserService'
+import { CustomerTokenService } from '@open-mercato/core/modules/customer_accounts/services/customerTokenService'
+import { CustomerRole, CustomerUserRole } from '@open-mercato/core/modules/customer_accounts/data/entities'
+import { Organization } from '@open-mercato/core/modules/directory/data/entities'
+import { emitCustomerAccountsEvent } from '@open-mercato/core/modules/customer_accounts/events'
+import { rateLimitErrorSchema } from '@open-mercato/shared/lib/ratelimit/helpers'
+import {
+  checkAuthRateLimit,
+  customerSignupRateLimitConfig,
+  customerSignupIpRateLimitConfig,
+} from '@open-mercato/core/modules/customer_accounts/lib/rateLimiter'
+
+export const metadata: { path?: string } = {}
+
+export async function POST(req: Request) {
+  const { error: rateLimitError } = await checkAuthRateLimit({
+    req,
+    ipConfig: customerSignupIpRateLimitConfig,
+    compoundConfig: customerSignupRateLimitConfig,
+    compoundIdentifier: '',
+  })
+  if (rateLimitError) return rateLimitError
+
+  let body: unknown
+  try {
+    body = await req.json()
+  } catch {
+    return NextResponse.json({ ok: false, error: 'Invalid request body' }, { status: 400 })
+  }
+
+  const parsed = signupSchema.safeParse(body)
+  if (!parsed.success) {
+    return NextResponse.json({ ok: false, error: 'Validation failed', details: parsed.error.flatten().fieldErrors }, { status: 400 })
+  }
+
+  const { email, password, displayName, tenantId, organizationId } = parsed.data
+  if (!tenantId || !organizationId) {
+    return NextResponse.json({ ok: false, error: 'tenantId and organizationId are required' }, { status: 400 })
+  }
+
+  const container = await createRequestContainer()
+  const customerUserService = container.resolve('customerUserService') as CustomerUserService
+  const customerTokenService = container.resolve('customerTokenService') as CustomerTokenService
+  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager
+
+  const org = await em.findOne(Organization, { id: organizationId, deletedAt: null })
+  if (!org) {
+    return NextResponse.json({ ok: false, error: 'Registration could not be completed' }, { status: 400 })
+  }
+
+  const existing = await customerUserService.findByEmail(email, tenantId)
+  if (existing) {
+    return NextResponse.json({ ok: false, error: 'Registration could not be completed' }, { status: 400 })
+  }
+
+  const user = await customerUserService.createUser(email, password, displayName, { tenantId, organizationId })
+
+  const defaultRole = await em.findOne(CustomerRole, {
+    tenantId,
+    isDefault: true,
+    deletedAt: null,
+  })
+  if (defaultRole) {
+    const userRole = em.create(CustomerUserRole, {
+      user,
+      role: defaultRole,
+      createdAt: new Date(),
+    } as any)
+    em.persist(userRole)
+  }
+
+  await em.persistAndFlush(user)
+
+  await customerTokenService.createEmailVerification(user.id, tenantId)
+
+  void emitCustomerAccountsEvent('customer_accounts.user.created', {
+    id: user.id,
+    email: user.email,
+    tenantId,
+    organizationId,
+  }).catch(() => undefined)
+
+  return NextResponse.json({
+    ok: true,
+    user: {
+      id: user.id,
+      email: user.email,
+      displayName: user.displayName,
+      emailVerified: false,
+    },
+  }, { status: 201 })
+}
+
+const signupSuccessSchema = z.object({
+  ok: z.literal(true),
+  user: z.object({
+    id: z.string().uuid(),
+    email: z.string().email(),
+    displayName: z.string(),
+    emailVerified: z.boolean(),
+  }),
+})
+
+const errorSchema = z.object({
+  ok: z.literal(false),
+  error: z.string(),
+})
+
+const methodDoc: OpenApiMethodDoc = {
+  summary: 'Register a new customer account',
+  description: 'Creates a new customer user account and sends an email verification token.',
+  tags: ['Customer Authentication'],
+  requestBody: {
+    schema: signupSchema,
+    description: 'Signup payload with email, password, and display name.',
+  },
+  responses: [
+    { status: 201, description: 'Account created successfully', schema: signupSuccessSchema },
+  ],
+  errors: [
+    { status: 400, description: 'Validation failed', schema: errorSchema },
+    { status: 409, description: 'Email already registered', schema: errorSchema },
+    { status: 429, description: 'Too many signup attempts', schema: rateLimitErrorSchema },
+  ],
+}
+
+export const openApi: OpenApiRouteDoc = {
+  summary: 'Customer account registration',
+  description: 'Handles customer self-registration.',
+  methods: { POST: methodDoc },
+}