3 changed files with 28 additions and 1 deletions
--- a/server/api/auth/login.post.ts
+++ b/server/api/auth/login.post.ts
@ -3,6 +3,8 @@ import { z } from 'zod'
 const bodySchema = z.object({
    documento: z.string().trim().min(11).max(20).optional(),
    returnTo: z.string().startsWith('/').max(200).optional(),
+    primary: z.string().regex(/^[0-9a-fA-F]{6}$/).optional(),
+    dark: z.boolean().optional(),
 })

 export default defineEventHandler(async (event) => {
@ -26,6 +28,8 @@ export default defineEventHandler(async (event) => {
        state,
        redirectUri,
        loginHint: body.data.documento?.replace(/\D/g, ''),
+        primary: body.data.primary,
+        dark: body.data.dark,
    })

    return { authUrl }
--- a/server/utils/keycloak.ts
+++ b/server/utils/keycloak.ts
@ -18,6 +18,8 @@ export function buildAuthUrl(opts: {
    state: string
    redirectUri: string
    loginHint?: string
+    primary?: string
+    dark?: boolean
 }): string {
    const cfg = useRuntimeConfig()
    const params = new URLSearchParams({
@ -30,6 +32,8 @@ export function buildAuthUrl(opts: {
        state: opts.state,
    })
    if (opts.loginHint) params.set('login_hint', opts.loginHint)
+    if (opts.primary)   params.set('primary', opts.primary)
+    if (opts.dark !== undefined) params.set('dark', String(opts.dark))
    return `${realmBase()}/protocol/openid-connect/auth?${params.toString()}`
 }

--- a/src/composables/useAuth.ts
+++ b/src/composables/useAuth.ts
@ -1,5 +1,6 @@
 import { computed } from 'vue'
 import { useAuthStore } from '@/stores/authStore'
+import { usePrefeituraStore } from '@/stores/prefeituraStore'

 interface MeResponse {
    name: string
@ -10,15 +11,33 @@ interface MeResponse {

 const FETCH_HEADERS = { 'X-Requested-With': 'fetch' }

+const TEMPLATE_COLORS: Record<string, string> = {
+    tutoia: 'f97316',
+    amber: 'f59e0b',
+    blue: '3b82f6',
+    indigo: '6366f1',
+    violet: '8b5cf6',
+    emerald: '10b981',
+    teal: '14b8a6',
+    rose: 'f43f5e',
+    zinc: '71717a',
+}
+
 export function useAuth() {
    const store = useAuthStore()
    const router = useRouter()

    async function login(documento?: string, returnTo?: string) {
+        const template = usePrefeituraStore().template as string | null
+        const primary = template ? (TEMPLATE_COLORS[template] ?? '') : ''
+        const dark = import.meta.client
+            ? (window.matchMedia?.('(prefers-color-scheme: dark)').matches ?? false)
+            : false
+
        const res = await $fetch<{ authUrl: string }>('/api/auth/login', {
            method: 'POST',
            headers: FETCH_HEADERS,
-            body: { documento, returnTo },
+            body: { documento, returnTo, primary: primary || undefined, dark },
        })
        if (import.meta.client) {
            window.location.href = res.authUrl