@arch-cadre/core 0.0.41 → 0.0.43

package/dist/core/auth/augment.js

@@ -1,12 +1,4 @@
-"use strict";
 var _a, _b, _c;
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.registerIdentityAugmenter = registerIdentityAugmenter;
-exports.registerSessionAugmenter = registerSessionAugmenter;
-exports.registerPasswordResetSessionAugmenter = registerPasswordResetSessionAugmenter;
-exports.augmentUser = augmentUser;
-exports.augmentSession = augmentSession;
-exports.augmentPasswordResetSession = augmentPasswordResetSession;
 const globalForAugment = globalThis;
 const identityAugmenters = (_a = globalForAugment.__KRYO_IDENTITY_AUGMENTERS__) !== null && _a !== void 0 ? _a : new Set();
 const sessionAugmenters = (_b = globalForAugment.__KRYO_SESSION_AUGMENTERS__) !== null && _b !== void 0 ? _b : new Set();
@@ -15,19 +7,19 @@ globalForAugment.__KRYO_IDENTITY_AUGMENTERS__ = identityAugmenters;
 globalForAugment.__KRYO_SESSION_AUGMENTERS__ = sessionAugmenters;
 globalForAugment.__KRYO_PASSWORD_RESET_SESSION_AUGMENTERS__ =
     passwordResetSessionAugmenters;
-function registerIdentityAugmenter(augmenter) {
+export function registerIdentityAugmenter(augmenter) {
     identityAugmenters.add(augmenter);
 }
-function registerSessionAugmenter(augmenter) {
+export function registerSessionAugmenter(augmenter) {
     sessionAugmenters.add(augmenter);
 }
-function registerPasswordResetSessionAugmenter(augmenter) {
+export function registerPasswordResetSessionAugmenter(augmenter) {
     passwordResetSessionAugmenters.add(augmenter);
 }
 /**
  * EXECUTION FUNCTIONS
  */
-async function augmentUser(user, coreRbacData) {
+export async function augmentUser(user, coreRbacData) {
     let augmentedData = coreRbacData || {};
     for (const augmenter of identityAugmenters) {
         const data = await augmenter(user);
@@ -35,7 +27,7 @@ async function augmentUser(user, coreRbacData) {
     }
     return { ...user, ...augmentedData };
 }
-async function augmentSession(session) {
+export async function augmentSession(session) {
     let augmentedData = {};
     for (const augmenter of sessionAugmenters) {
         const data = await augmenter(session);
@@ -43,7 +35,7 @@ async function augmentSession(session) {
     }
     return { ...session, ...augmentedData };
 }
-async function augmentPasswordResetSession(session) {
+export async function augmentPasswordResetSession(session) {
     let augmentedData = {};
     for (const augmenter of passwordResetSessionAugmenters) {
         const data = await augmenter(session);

package/dist/core/auth/email-verification.js

@@ -1,28 +1,18 @@
-"use strict";
 "use server";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.initEmailVerification = initEmailVerification;
-exports.getUserEmailVerificationRequest = getUserEmailVerificationRequest;
-exports.createEmailVerificationRequest = createEmailVerificationRequest;
-exports.deleteUserEmailVerificationRequest = deleteUserEmailVerificationRequest;
-exports.sendVerificationEmail = sendVerificationEmail;
-exports.setEmailVerificationRequestCookie = setEmailVerificationRequestCookie;
-exports.deleteEmailVerificationRequestCookie = deleteEmailVerificationRequestCookie;
-exports.getUserEmailVerificationRequestFromRequest = getUserEmailVerificationRequestFromRequest;
-const date_fns_1 = require("date-fns");
-const drizzle_orm_1 = require("drizzle-orm");
-const headers_1 = require("next/headers");
-const inject_1 = require("../../server/database/inject");
-const schema_1 = require("../../server/database/schema");
-const index_1 = require("../../server/emails/index");
-const logic_1 = require("./logic");
-const session_1 = require("./session");
-const encode_1 = require("./utils/encode");
+import { addHours } from "date-fns";
+import { and, eq } from "drizzle-orm";
+import { cookies } from "next/headers";
+import { db } from "../../server/database/inject";
+import { emailVerificationTable } from "../../server/database/schema";
+import { sendVerifyEmail } from "../../server/emails/index";
+import { registerSecurityRequirement } from "./logic";
+import { getCurrentSession } from "./session";
+import { generateRandomOTP } from "./utils/encode";
 /**
  * Register Email Verification as a Core Security Requirement.
  */
-async function initEmailVerification() {
-    (0, logic_1.registerSecurityRequirement)(async (_session, user) => {
+export async function initEmailVerification() {
+    registerSecurityRequirement(async (_session, user) => {
         if (!user.emailVerifiedAt) {
             return {
                 satisfied: false,
@@ -35,26 +25,26 @@ async function initEmailVerification() {
 /**
  * Retrieves a specific email verification request for a user.
  */
-async function getUserEmailVerificationRequest(userId, id) {
-    const [session] = await inject_1.db
+export async function getUserEmailVerificationRequest(userId, id) {
+    const [session] = await db
         .select()
-        .from(schema_1.emailVerificationTable)
-        .where((0, drizzle_orm_1.and)((0, drizzle_orm_1.eq)(schema_1.emailVerificationTable.id, id), (0, drizzle_orm_1.eq)(schema_1.emailVerificationTable.userId, userId)));
+        .from(emailVerificationTable)
+        .where(and(eq(emailVerificationTable.id, id), eq(emailVerificationTable.userId, userId)));
     return session;
 }
 /**
  * Creates a new email verification request, deleting any existing one for the user.
  */
-async function createEmailVerificationRequest(userId, email) {
+export async function createEmailVerificationRequest(userId, email) {
     await deleteUserEmailVerificationRequest(userId);
-    const code = (0, encode_1.generateRandomOTP)();
-    const [verificationRequest] = await inject_1.db
-        .insert(schema_1.emailVerificationTable)
+    const code = generateRandomOTP();
+    const [verificationRequest] = await db
+        .insert(emailVerificationTable)
         .values({
         userId,
         code,
         email,
-        expiresAt: new Date((0, date_fns_1.addHours)(new Date(), 1)),
+        expiresAt: new Date(addHours(new Date(), 1)),
     })
         .returning();
     return verificationRequest;
@@ -62,22 +52,22 @@ async function createEmailVerificationRequest(userId, email) {
 /**
  * Deletes all email verification requests for a user.
  */
-async function deleteUserEmailVerificationRequest(userId) {
-    await inject_1.db
-        .delete(schema_1.emailVerificationTable)
-        .where((0, drizzle_orm_1.eq)(schema_1.emailVerificationTable.userId, userId));
+export async function deleteUserEmailVerificationRequest(userId) {
+    await db
+        .delete(emailVerificationTable)
+        .where(eq(emailVerificationTable.userId, userId));
 }
 /**
  * Sends a verification email with the OTP code.
  */
-async function sendVerificationEmail(email, code) {
-    await (0, index_1.sendVerifyEmail)(email, code);
+export async function sendVerificationEmail(email, code) {
+    await sendVerifyEmail(email, code);
 }
 /**
  * Sets the email verification request ID in a cookie.
  */
-async function setEmailVerificationRequestCookie(request) {
-    const cookieStore = await (0, headers_1.cookies)();
+export async function setEmailVerificationRequestCookie(request) {
+    const cookieStore = await cookies();
     cookieStore.set("email_verification", request.id, {
         httpOnly: true,
         path: "/",
@@ -89,20 +79,20 @@ async function setEmailVerificationRequestCookie(request) {
 /**
  * Removes the email verification request cookie.
  */
-async function deleteEmailVerificationRequestCookie() {
-    const cookieStore = await (0, headers_1.cookies)();
+export async function deleteEmailVerificationRequestCookie() {
+    const cookieStore = await cookies();
     cookieStore.delete("email_verification");
 }
 /**
  * Retrieves the current email verification request based on session and cookie.
  */
-async function getUserEmailVerificationRequestFromRequest() {
+export async function getUserEmailVerificationRequestFromRequest() {
     var _a, _b;
-    const { user } = await (0, session_1.getCurrentSession)();
+    const { user } = await getCurrentSession();
     if (!user) {
         return null;
     }
-    const cookieStore = await (0, headers_1.cookies)();
+    const cookieStore = await cookies();
     const id = (_b = (_a = cookieStore.get("email_verification")) === null || _a === void 0 ? void 0 : _a.value) !== null && _b !== void 0 ? _b : null;
     if (!id) {
         return null;

package/dist/core/auth/events.js

@@ -1,2 +1 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
+export {};

package/dist/core/auth/logic.js

@@ -1,68 +1,48 @@
-"use strict";
 "use server";
 var _a, _b, _c, _d;
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.augmentSession = exports.augmentUser = exports.registerPasswordResetSessionAugmenter = exports.registerSessionAugmenter = exports.registerIdentityAugmenter = void 0;
-exports.registerAuthValidator = registerAuthValidator;
-exports.registerPasswordResetValidator = registerPasswordResetValidator;
-exports.registerEmailVerificationValidator = registerEmailVerificationValidator;
-exports.registerSecurityRequirement = registerSecurityRequirement;
-exports.runPasswordResetValidators = runPasswordResetValidators;
-exports.runEmailVerificationValidators = runEmailVerificationValidators;
-exports.performFullUserAugmentation = performFullUserAugmentation;
-exports.checkSecurity = checkSecurity;
-exports.signIn = signIn;
-exports.signUp = signUp;
-exports.finalizeLogin = finalizeLogin;
-exports.signOut = signOut;
-const drizzle_orm_1 = require("drizzle-orm");
-const password_1 = require("../../server/auth/password");
-const user_1 = require("../../server/auth/user");
-const inject_1 = require("../../server/database/inject");
-const schema_1 = require("../../server/database/schema");
-const event_bus_1 = require("../event-bus");
-const augment_1 = require("./augment");
-Object.defineProperty(exports, "augmentSession", { enumerable: true, get: function () { return augment_1.augmentSession; } });
-Object.defineProperty(exports, "augmentUser", { enumerable: true, get: function () { return augment_1.augmentUser; } });
-Object.defineProperty(exports, "registerIdentityAugmenter", { enumerable: true, get: function () { return augment_1.registerIdentityAugmenter; } });
-Object.defineProperty(exports, "registerPasswordResetSessionAugmenter", { enumerable: true, get: function () { return augment_1.registerPasswordResetSessionAugmenter; } });
-Object.defineProperty(exports, "registerSessionAugmenter", { enumerable: true, get: function () { return augment_1.registerSessionAugmenter; } });
-const email_verification_1 = require("./email-verification");
-const session_1 = require("./session");
-const validation_1 = require("./validation");
+import { eq, inArray } from "drizzle-orm";
+import { verifyPasswordHash, verifyPasswordStrength, } from "../../server/auth/password";
+import { createUser, getUserById, getUserFromEmail, getUserPasswordHash, verifyUsernameInput, } from "../../server/auth/user";
+import { db } from "../../server/database/inject";
+import { permissionsTable, rolesTable, rolesToPermissionsTable, usersToPermissionsTable, usersToRolesTable, } from "../../server/database/schema";
+import { eventBus } from "../event-bus";
+import { augmentSession, augmentUser, registerIdentityAugmenter, registerPasswordResetSessionAugmenter, registerSessionAugmenter, } from "./augment";
+import { createEmailVerificationRequest, sendVerificationEmail, setEmailVerificationRequestCookie, } from "./email-verification";
+import { createSession, deleteSessionTokenCookie, generateSessionToken, getCurrentSession, invalidateSession, setSessionTokenCookie, } from "./session";
+import { loginSchema, registerSchema, } from "./validation";
 /**
  * Podstawowy moduł rozszerzający tożsamość dla ról i uprawnień
  */
 async function coreRbacAugmenter(user) {
     try {
         // 1. Fetch direct roles
-        const userRoles = await inject_1.db
-            .select({ name: schema_1.rolesTable.name })
-            .from(schema_1.usersToRolesTable)
-            .innerJoin(schema_1.rolesTable, (0, drizzle_orm_1.eq)(schema_1.usersToRolesTable.roleId, schema_1.rolesTable.id))
-            .where((0, drizzle_orm_1.eq)(schema_1.usersToRolesTable.userId, user.id));
+        const userRoles = await db
+            .select({ name: rolesTable.name })
+            .from(usersToRolesTable)
+            .innerJoin(rolesTable, eq(usersToRolesTable.roleId, rolesTable.id))
+            .where(eq(usersToRolesTable.userId, user.id));
         const roles = userRoles.map((r) => r.name);
         // 2. Fetch direct permissions
-        const userDirectPerms = await inject_1.db
-            .select({ name: schema_1.permissionsTable.name })
-            .from(schema_1.usersToPermissionsTable)
-            .innerJoin(schema_1.permissionsTable, (0, drizzle_orm_1.eq)(schema_1.usersToPermissionsTable.permissionId, schema_1.permissionsTable.id))
-            .where((0, drizzle_orm_1.eq)(schema_1.usersToPermissionsTable.userId, user.id));
+        const userDirectPerms = await db
+            .select({ name: permissionsTable.name })
+            .from(usersToPermissionsTable)
+            .innerJoin(permissionsTable, eq(usersToPermissionsTable.permissionId, permissionsTable.id))
+            .where(eq(usersToPermissionsTable.userId, user.id));
         const directPerms = userDirectPerms.map((p) => p.name);
         // 3. Fetch permissions from roles
         let rolePerms = [];
         if (roles.length > 0) {
-            const roleIdsResult = await inject_1.db
-                .select({ id: schema_1.rolesTable.id })
-                .from(schema_1.rolesTable)
-                .where((0, drizzle_orm_1.inArray)(schema_1.rolesTable.name, roles));
+            const roleIdsResult = await db
+                .select({ id: rolesTable.id })
+                .from(rolesTable)
+                .where(inArray(rolesTable.name, roles));
             const roleIds = roleIdsResult.map((r) => r.id);
             if (roleIds.length > 0) {
-                const rolePermsData = await inject_1.db
-                    .select({ name: schema_1.permissionsTable.name })
-                    .from(schema_1.rolesToPermissionsTable)
-                    .innerJoin(schema_1.permissionsTable, (0, drizzle_orm_1.eq)(schema_1.rolesToPermissionsTable.permissionId, schema_1.permissionsTable.id))
-                    .where((0, drizzle_orm_1.inArray)(schema_1.rolesToPermissionsTable.roleId, roleIds));
+                const rolePermsData = await db
+                    .select({ name: permissionsTable.name })
+                    .from(rolesToPermissionsTable)
+                    .innerJoin(permissionsTable, eq(rolesToPermissionsTable.permissionId, permissionsTable.id))
+                    .where(inArray(rolesToPermissionsTable.roleId, roleIds));
                 rolePerms = rolePermsData.map((p) => p.name);
             }
         }
@@ -86,19 +66,20 @@ globalForAuth.__KRYO_SECURITY_REQUIREMENTS__ = securityRequirements;
 globalForAuth.__KRYO_PASSWORD_RESET_VALIDATORS__ = passwordResetValidators;
 globalForAuth.__KRYO_EMAIL_VERIFICATION_VALIDATORS__ =
     emailVerificationValidators;
-async function registerAuthValidator(validator) {
+export async function registerAuthValidator(validator) {
     authValidators.add(validator);
 }
-async function registerPasswordResetValidator(validator) {
+export async function registerPasswordResetValidator(validator) {
     passwordResetValidators.add(validator);
 }
-async function registerEmailVerificationValidator(validator) {
+export async function registerEmailVerificationValidator(validator) {
     emailVerificationValidators.add(validator);
 }
-async function registerSecurityRequirement(requirement) {
+export { registerIdentityAugmenter, registerSessionAugmenter, registerPasswordResetSessionAugmenter, augmentUser, augmentSession, };
+export async function registerSecurityRequirement(requirement) {
     securityRequirements.add(requirement);
 }
-async function runPasswordResetValidators(userId) {
+export async function runPasswordResetValidators(userId) {
     for (const validator of passwordResetValidators) {
         const interception = await validator(userId);
         if (interception)
@@ -106,7 +87,7 @@ async function runPasswordResetValidators(userId) {
     }
     return null;
 }
-async function runEmailVerificationValidators(userId) {
+export async function runEmailVerificationValidators(userId) {
     for (const validator of emailVerificationValidators) {
         const interception = await validator(userId);
         if (interception)
@@ -118,14 +99,14 @@ async function runEmailVerificationValidators(userId) {
  * Augments a base user with data from all registered modules.
  * This is now just a wrapper that includes core RBAC data.
  */
-async function performFullUserAugmentation(user) {
+export async function performFullUserAugmentation(user) {
     const coreRbacData = await coreRbacAugmenter(user);
-    return await (0, augment_1.augmentUser)(user, coreRbacData);
+    return await augmentUser(user, coreRbacData);
 }
 /**
  * Checks if the current session satisfies all registered security requirements.
  */
-async function checkSecurity(session, user, requiredRoles, requiredPermissions, fallbackRedirect) {
+export async function checkSecurity(session, user, requiredRoles, requiredPermissions, fallbackRedirect) {
     var _a;
     if (!user) {
         console.warn("User is required for security check");
@@ -179,14 +160,14 @@ async function checkSecurity(session, user, requiredRoles, requiredPermissions,
 /**
  * Sign In Logic
  */
-async function signIn(data) {
-    const { email, password } = await validation_1.loginSchema.parseAsync(data);
-    const user = await (0, user_1.getUserFromEmail)(email);
+export async function signIn(data) {
+    const { email, password } = await loginSchema.parseAsync(data);
+    const user = await getUserFromEmail(email);
     if (!user) {
         return { status: "ERROR", message: "Invalid email or password" };
     }
-    const passwordHash = await (0, user_1.getUserPasswordHash)(user.id);
-    if (!passwordHash || !(await (0, password_1.verifyPasswordHash)(passwordHash, password))) {
+    const passwordHash = await getUserPasswordHash(user.id);
+    if (!passwordHash || !(await verifyPasswordHash(passwordHash, password))) {
         return { status: "ERROR", message: "Invalid email or password" };
     }
     // Interception Layer
@@ -196,11 +177,11 @@ async function signIn(data) {
             return interception;
     }
     const sessionFlags = {};
-    const sessionToken = await (0, session_1.generateSessionToken)();
-    const session = await (0, session_1.createSession)(sessionToken, user.id, sessionFlags);
-    await (0, session_1.setSessionTokenCookie)(sessionToken, session.expiresAt);
+    const sessionToken = await generateSessionToken();
+    const session = await createSession(sessionToken, user.id, sessionFlags);
+    await setSessionTokenCookie(sessionToken, session.expiresAt);
     const fullUser = await performFullUserAugmentation(user);
-    await event_bus_1.eventBus.publish("auth:session-created", { session, user: fullUser });
+    await eventBus.publish("auth:session-created", { session, user: fullUser });
     return {
         status: "SUCCESS",
         session: { ...session },
@@ -210,24 +191,24 @@ async function signIn(data) {
 /**
  * Sign Up Logic
  */
-async function signUp(data) {
-    const { email, username, password } = validation_1.registerSchema.parse(data);
-    if (!(await (0, user_1.verifyUsernameInput)(username))) {
+export async function signUp(data) {
+    const { email, username, password } = registerSchema.parse(data);
+    if (!(await verifyUsernameInput(username))) {
         throw new Error("Invalid username");
     }
-    if (!(await (0, password_1.verifyPasswordStrength)(password))) {
+    if (!(await verifyPasswordStrength(password))) {
         throw new Error("Weak password");
     }
-    const user = await (0, user_1.createUser)(email, username, password);
-    const verificationRequest = await (0, email_verification_1.createEmailVerificationRequest)(user.id, user.email);
-    await (0, email_verification_1.sendVerificationEmail)(verificationRequest.email, verificationRequest.code);
-    await (0, email_verification_1.setEmailVerificationRequestCookie)(verificationRequest);
+    const user = await createUser(email, username, password);
+    const verificationRequest = await createEmailVerificationRequest(user.id, user.email);
+    await sendVerificationEmail(verificationRequest.email, verificationRequest.code);
+    await setEmailVerificationRequestCookie(verificationRequest);
     const sessionFlags = {};
-    const sessionToken = await (0, session_1.generateSessionToken)();
-    const session = await (0, session_1.createSession)(sessionToken, user.id, sessionFlags);
-    await (0, session_1.setSessionTokenCookie)(sessionToken, session.expiresAt);
+    const sessionToken = await generateSessionToken();
+    const session = await createSession(sessionToken, user.id, sessionFlags);
+    await setSessionTokenCookie(sessionToken, session.expiresAt);
     const fullUser = await performFullUserAugmentation(user);
-    await event_bus_1.eventBus.publish("auth:session-created", { session, user: fullUser });
+    await eventBus.publish("auth:session-created", { session, user: fullUser });
     return {
         session: { ...session },
         user: { ...fullUser },
@@ -236,13 +217,13 @@ async function signUp(data) {
 /**
  * Finalizes login after a challenge
  */
-async function finalizeLogin(userId, flags) {
-    const sessionToken = await (0, session_1.generateSessionToken)();
-    const session = await (0, session_1.createSession)(sessionToken, userId, flags);
-    await (0, session_1.setSessionTokenCookie)(sessionToken, session.expiresAt);
-    const user = await (0, user_1.getUserById)(userId);
+export async function finalizeLogin(userId, flags) {
+    const sessionToken = await generateSessionToken();
+    const session = await createSession(sessionToken, userId, flags);
+    await setSessionTokenCookie(sessionToken, session.expiresAt);
+    const user = await getUserById(userId);
     if (user) {
-        await event_bus_1.eventBus.publish("auth:session-created", { session, user });
+        await eventBus.publish("auth:session-created", { session, user });
     }
     return {
         session: session ? { ...session } : null,
@@ -252,13 +233,13 @@ async function finalizeLogin(userId, flags) {
 /**
  * Sign Out
  */
-async function signOut() {
-    const { session, user } = await (0, session_1.getCurrentSession)();
+export async function signOut() {
+    const { session, user } = await getCurrentSession();
     if (session) {
         if (user) {
-            await event_bus_1.eventBus.publish("auth:signed-out", { userId: user.id });
+            await eventBus.publish("auth:signed-out", { userId: user.id });
         }
-        await (0, session_1.invalidateSession)(session.id);
-        await (0, session_1.deleteSessionTokenCookie)();
+        await invalidateSession(session.id);
+        await deleteSessionTokenCookie();
     }
 }

package/dist/core/auth/password-reset.js

@@ -1,37 +1,27 @@
-"use strict";
 "use server";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createPasswordResetSession = createPasswordResetSession;
-exports.validatePasswordResetSessionToken = validatePasswordResetSessionToken;
-exports.setPasswordResetSessionAsEmailVerified = setPasswordResetSessionAsEmailVerified;
-exports.invalidateUserPasswordResetSessions = invalidateUserPasswordResetSessions;
-exports.getCurrentPasswordResetSession = getCurrentPasswordResetSession;
-exports.setPasswordResetSessionTokenCookie = setPasswordResetSessionTokenCookie;
-exports.deletePasswordResetSessionTokenCookie = deletePasswordResetSessionTokenCookie;
-exports.sendPasswordResetEmail = sendPasswordResetEmail;
-const sha2_1 = require("@oslojs/crypto/sha2");
-const encoding_1 = require("@oslojs/encoding");
-const date_fns_1 = require("date-fns");
-const drizzle_orm_1 = require("drizzle-orm");
-const headers_1 = require("next/headers");
-const inject_1 = require("../../server/database/inject");
-const schema_1 = require("../../server/database/schema");
-const index_1 = require("../../server/emails/index");
-const augment_1 = require("./augment");
-const logic_1 = require("./logic");
-const encode_1 = require("./utils/encode");
+import { sha256 } from "@oslojs/crypto/sha2";
+import { encodeHexLowerCase } from "@oslojs/encoding";
+import { addHours } from "date-fns";
+import { eq } from "drizzle-orm";
+import { cookies } from "next/headers";
+import { db } from "../../server/database/inject";
+import { passwordResetSessionTable, userTable, } from "../../server/database/schema";
+import { sendResetPassword } from "../../server/emails/index";
+import { augmentPasswordResetSession } from "./augment";
+import { performFullUserAugmentation } from "./logic";
+import { generateRandomOTP } from "./utils/encode";
 /**
  * Creates a new password reset session.
  */
-async function createPasswordResetSession(token, userId, email) {
-    const sessionId = (0, encoding_1.encodeHexLowerCase)((0, sha2_1.sha256)(new TextEncoder().encode(token)));
-    const [session] = await inject_1.db
-        .insert(schema_1.passwordResetSessionTable)
+export async function createPasswordResetSession(token, userId, email) {
+    const sessionId = encodeHexLowerCase(sha256(new TextEncoder().encode(token)));
+    const [session] = await db
+        .insert(passwordResetSessionTable)
         .values({
         id: sessionId,
         email: email,
-        code: (0, encode_1.generateRandomOTP)(),
-        expiresAt: new Date((0, date_fns_1.addHours)(new Date(), 1)),
+        code: generateRandomOTP(),
+        expiresAt: new Date(addHours(new Date(), 1)),
         userId: userId,
     })
         .returning();
@@ -41,59 +31,59 @@ async function createPasswordResetSession(token, userId, email) {
  * Validates the password reset session token and retrieves user data.
  * The user data is augmented by registered modules (e.g. 2FA).
  */
-async function validatePasswordResetSessionToken(token) {
-    const sessionId = (0, encoding_1.encodeHexLowerCase)((0, sha2_1.sha256)(new TextEncoder().encode(token)));
-    const [row] = await inject_1.db
+export async function validatePasswordResetSessionToken(token) {
+    const sessionId = encodeHexLowerCase(sha256(new TextEncoder().encode(token)));
+    const [row] = await db
         .select({
-        session: schema_1.passwordResetSessionTable,
-        user: schema_1.userTable,
+        session: passwordResetSessionTable,
+        user: userTable,
     })
-        .from(schema_1.passwordResetSessionTable)
-        .innerJoin(schema_1.userTable, (0, drizzle_orm_1.eq)(schema_1.passwordResetSessionTable.userId, schema_1.userTable.id))
-        .where((0, drizzle_orm_1.eq)(schema_1.passwordResetSessionTable.id, sessionId));
+        .from(passwordResetSessionTable)
+        .innerJoin(userTable, eq(passwordResetSessionTable.userId, userTable.id))
+        .where(eq(passwordResetSessionTable.id, sessionId));
     if (!row || !row.user) {
         return { session: null, user: null };
     }
     const { session: baseSession, user: baseUser } = row;
     // Check for expiration
     if (new Date() > baseSession.expiresAt) {
-        await inject_1.db
-            .delete(schema_1.passwordResetSessionTable)
-            .where((0, drizzle_orm_1.eq)(schema_1.passwordResetSessionTable.id, baseSession.id));
+        await db
+            .delete(passwordResetSessionTable)
+            .where(eq(passwordResetSessionTable.id, baseSession.id));
         return { session: null, user: null };
     }
     // STRICTLY remove non-serializable and sensitive fields
     const { password, recovery_code, ...safeUser } = baseUser;
     // AUGMENT (EXTENSIBILITY POINTS)
-    const user = await (0, logic_1.performFullUserAugmentation)(safeUser);
-    const session = await (0, augment_1.augmentPasswordResetSession)(baseSession);
+    const user = await performFullUserAugmentation(safeUser);
+    const session = await augmentPasswordResetSession(baseSession);
     return { session, user };
 }
 /**
  * Marks the password reset session as email verified.
  */
-async function setPasswordResetSessionAsEmailVerified(sessionId) {
-    await inject_1.db
-        .update(schema_1.passwordResetSessionTable)
+export async function setPasswordResetSessionAsEmailVerified(sessionId) {
+    await db
+        .update(passwordResetSessionTable)
         .set({
         emailVerified: true,
     })
-        .where((0, drizzle_orm_1.eq)(schema_1.passwordResetSessionTable.id, sessionId));
+        .where(eq(passwordResetSessionTable.id, sessionId));
 }
 /**
  * Invalidates all password reset sessions for a user.
  */
-async function invalidateUserPasswordResetSessions(userId) {
-    await inject_1.db
-        .delete(schema_1.passwordResetSessionTable)
-        .where((0, drizzle_orm_1.eq)(schema_1.passwordResetSessionTable.userId, userId));
+export async function invalidateUserPasswordResetSessions(userId) {
+    await db
+        .delete(passwordResetSessionTable)
+        .where(eq(passwordResetSessionTable.userId, userId));
 }
 /**
  * Validates the current password reset session from cookies.
  */
-async function getCurrentPasswordResetSession() {
+export async function getCurrentPasswordResetSession() {
     var _a, _b;
-    const cookieStore = await (0, headers_1.cookies)();
+    const cookieStore = await cookies();
     const token = (_b = (_a = cookieStore.get("password_reset_session")) === null || _a === void 0 ? void 0 : _a.value) !== null && _b !== void 0 ? _b : null;
     if (token === null) {
         return { session: null, user: null };
@@ -107,8 +97,8 @@ async function getCurrentPasswordResetSession() {
 /**
  * Sets the password reset session token cookie.
  */
-async function setPasswordResetSessionTokenCookie(token, expiresAt) {
-    const cookieStore = await (0, headers_1.cookies)();
+export async function setPasswordResetSessionTokenCookie(token, expiresAt) {
+    const cookieStore = await cookies();
     cookieStore.set("password_reset_session", token, {
         expires: expiresAt,
         sameSite: "lax",
@@ -120,13 +110,13 @@ async function setPasswordResetSessionTokenCookie(token, expiresAt) {
 /**
  * Deletes the password reset session token cookie.
  */
-async function deletePasswordResetSessionTokenCookie() {
-    const cookieStore = await (0, headers_1.cookies)();
+export async function deletePasswordResetSessionTokenCookie() {
+    const cookieStore = await cookies();
     cookieStore.delete("password_reset_session");
 }
 /**
  * Sends a password reset email with the OTP code.
  */
-async function sendPasswordResetEmail(email, code) {
-    await (0, index_1.sendResetPassword)(email, code);
+export async function sendPasswordResetEmail(email, code) {
+    await sendResetPassword(email, code);
 }