Pular para conteúdo

Auth

Autenticação via magic link + JWT. Fluxo:

  1. create_magic_token() — gera UUID salvo em magic_link_tokens
  2. Email enviado com link /auth/verify?token=<uuid>
  3. verify_magic_token() — valida token (expira em 15 min, uso único)
  4. create_jwt() — gera JWT com broker_id + email
  5. Cookie galgal_token setado no browser

Veja o fluxo de autenticação do Next.js para a perspectiva do frontend.

Core authentication functions for broker magic link and JWT handling.

get_or_create_broker_tenant(session, email, name=None, whatsapp=None) async

Get existing broker by email or create new tenant+broker on first access.

For new brokers: uses provided name/whatsapp if given, otherwise derives name from email. For existing brokers: never overwrites existing data.

create_magic_token(session, broker_id) async

Create a magic link token for a broker, invalidating previous tokens.

verify_magic_token(session, token) async

Verify a magic link token - returns broker if valid and not expired/used, None otherwise.

create_jwt(broker_id, secret, expires_in_minutes=1440)

Create a JWT token for a broker.

decode_jwt(token, secret)

Decode and verify a JWT token, return payload if valid.