Initial commit: BI Agentes platform

Independent dashboard for CambioReal agents with local SQLite auth
and read-only RDS connection. Features login, per-agent transaction
filtering, KPIs, charts (Chart.js), and detailed transaction table.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

src/auth.js

@@ -0,0 +1,30 @@
+/**
+ * Autenticação — login/logout com bcrypt + express-session
+ */
+const bcrypt = require('bcrypt');
+const db = require('./db-local');
+
+const SALT_ROUNDS = 10;
+
+async function createAgente(email, senha, agenteId, nome) {
+  const hash = await bcrypt.hash(senha, SALT_ROUNDS);
+  return db.prepare(
+    'INSERT INTO agentes (email, senha_hash, agente_id, nome) VALUES (?, ?, ?, ?)'
+  ).run(email, hash, agenteId, nome);
+}
+
+async function authenticate(email, senha) {
+  const row = db.prepare(
+    'SELECT * FROM agentes WHERE email = ? AND ativo = 1'
+  ).get(email);
+  if (!row) return null;
+  const match = await bcrypt.compare(senha, row.senha_hash);
+  return match ? row : null;
+}
+
+function requireAuth(req, res, next) {
+  if (req.session && req.session.agente) return next();
+  res.redirect('/login');
+}
+
+module.exports = { createAgente, authenticate, requireAuth };