v1.4: Segurança multi-tenant, file serving via API e UX humanizada

-  Validação cross-tenant no login e rotas protegidas
-  File serving via /api/files/{bucket}/{path} (eliminação DNS)
-  Mensagens de erro humanizadas inline (sem pop-ups)
-  Middleware tenant detection via headers customizados
-  Upload de logos retorna URLs via API
-  README atualizado com changelog v1.4 completo

front-end-agency/app/api/tenant/public-config/route.ts

@@ -0,0 +1,51 @@
+import { NextRequest, NextResponse } from 'next/server';
+
+const API_BASE_URL = process.env.API_INTERNAL_URL || 'http://backend:8080';
+
+export async function GET(request: NextRequest) {
+    try {
+        const { searchParams } = new URL(request.url);
+        const subdomain = searchParams.get('subdomain');
+
+        if (!subdomain) {
+            return NextResponse.json(
+                { error: 'Subdomain is required' },
+                { status: 400 }
+            );
+        }
+
+        // Buscar configuração pública do tenant
+        const response = await fetch(
+            `${API_BASE_URL}/api/tenant/config?subdomain=${subdomain}`,
+            {
+                cache: 'no-store',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+            }
+        );
+
+        if (!response.ok) {
+            return NextResponse.json(
+                { error: 'Tenant not found' },
+                { status: 404 }
+            );
+        }
+
+        const data = await response.json();
+
+        // Retornar apenas dados públicos
+        return NextResponse.json({
+            name: data.name,
+            primary_color: data.primary_color,
+            secondary_color: data.secondary_color,
+            logo_url: data.logo_url,
+        });
+    } catch (error) {
+        console.error('Error fetching tenant config:', error);
+        return NextResponse.json(
+            { error: 'Internal server error' },
+            { status: 500 }
+        );
+    }
+}