fix(segurança): endurecer autenticação e rotas privadas

2026-05-10 19:21:46 +00:00 · 2026-04-03 18:10:23 +00:00
parent ba369e8a83
commit e4c6a91350
12 changed files with 357 additions and 28 deletions
--- a/src/app/api/transactions/installments/[seriesId]/anticipations/route.ts
+++ b/src/app/api/transactions/installments/[seriesId]/anticipations/route.ts
@@ -0,0 +1,33 @@
+import { NextResponse } from "next/server";
+import { fetchInstallmentAnticipations } from "@/features/transactions/anticipation-queries";
+import { getUserId } from "@/shared/lib/auth/server";
+
+const PRIVATE_RESPONSE_HEADERS = {
+	"Cache-Control": "private, no-store",
+};
+
+export async function GET(
+	_request: Request,
+	{ params }: { params: Promise<{ seriesId: string }> },
+) {
+	try {
+		const [userId, { seriesId }] = await Promise.all([getUserId(), params]);
+		const anticipations = await fetchInstallmentAnticipations(userId, seriesId);
+
+		return NextResponse.json(anticipations, {
+			headers: PRIVATE_RESPONSE_HEADERS,
+		});
+	} catch (error) {
+		console.error("Erro ao carregar histórico de antecipações:", error);
+
+		return NextResponse.json(
+			{
+				error: "Erro ao carregar histórico de antecipações.",
+			},
+			{
+				status: 400,
+				headers: PRIVATE_RESPONSE_HEADERS,
+			},
+		);
+	}
+}