@archlast/server 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +32 -0
- package/dist/admin/auth.d.ts +79 -0
- package/dist/admin/auth.d.ts.map +1 -0
- package/dist/admin/auth.js +487 -0
- package/dist/admin/auth.js.map +1 -0
- package/dist/admin/schema.d.ts +240 -0
- package/dist/admin/schema.d.ts.map +1 -0
- package/dist/admin/schema.js +521 -0
- package/dist/admin/schema.js.map +1 -0
- package/dist/admin/seed.d.ts +9 -0
- package/dist/admin/seed.d.ts.map +1 -0
- package/dist/admin/seed.js +276 -0
- package/dist/admin/seed.js.map +1 -0
- package/dist/auth/api-key-resolver.d.ts +12 -0
- package/dist/auth/api-key-resolver.d.ts.map +1 -0
- package/dist/auth/api-key-resolver.js +24 -0
- package/dist/auth/api-key-resolver.js.map +1 -0
- package/dist/auth/archlast-auth-adapter.d.ts +22 -0
- package/dist/auth/archlast-auth-adapter.d.ts.map +1 -0
- package/dist/auth/archlast-auth-adapter.js +32 -0
- package/dist/auth/archlast-auth-adapter.js.map +1 -0
- package/dist/auth/audit.d.ts +65 -0
- package/dist/auth/audit.d.ts.map +1 -0
- package/dist/auth/audit.js +138 -0
- package/dist/auth/audit.js.map +1 -0
- package/dist/auth/better-auth-adapter.d.ts +35 -0
- package/dist/auth/better-auth-adapter.d.ts.map +1 -0
- package/dist/auth/better-auth-adapter.js +460 -0
- package/dist/auth/better-auth-adapter.js.map +1 -0
- package/dist/auth/better-auth-admin.d.ts +40 -0
- package/dist/auth/better-auth-admin.d.ts.map +1 -0
- package/dist/auth/better-auth-admin.js +80 -0
- package/dist/auth/better-auth-admin.js.map +1 -0
- package/dist/auth/better-auth-api-key-resolver.d.ts +39 -0
- package/dist/auth/better-auth-api-key-resolver.d.ts.map +1 -0
- package/dist/auth/better-auth-api-key-resolver.js +184 -0
- package/dist/auth/better-auth-api-key-resolver.js.map +1 -0
- package/dist/auth/better-auth-instance.d.ts +2464 -0
- package/dist/auth/better-auth-instance.d.ts.map +1 -0
- package/dist/auth/better-auth-instance.js +251 -0
- package/dist/auth/better-auth-instance.js.map +1 -0
- package/dist/auth/better-auth-seed.d.ts +23 -0
- package/dist/auth/better-auth-seed.d.ts.map +1 -0
- package/dist/auth/better-auth-seed.js +316 -0
- package/dist/auth/better-auth-seed.js.map +1 -0
- package/dist/auth/better-auth-session-adapter.d.ts +49 -0
- package/dist/auth/better-auth-session-adapter.d.ts.map +1 -0
- package/dist/auth/better-auth-session-adapter.js +254 -0
- package/dist/auth/better-auth-session-adapter.js.map +1 -0
- package/dist/auth/errors.d.ts +18 -0
- package/dist/auth/errors.d.ts.map +1 -0
- package/dist/auth/errors.js +27 -0
- package/dist/auth/errors.js.map +1 -0
- package/dist/auth/http/handlers.d.ts +17 -0
- package/dist/auth/http/handlers.d.ts.map +1 -0
- package/dist/auth/http/handlers.js +19 -0
- package/dist/auth/http/handlers.js.map +1 -0
- package/dist/auth/interfaces.d.ts +138 -0
- package/dist/auth/interfaces.d.ts.map +1 -0
- package/dist/auth/interfaces.js +105 -0
- package/dist/auth/interfaces.js.map +1 -0
- package/dist/auth/mfa/index.d.ts +6 -0
- package/dist/auth/mfa/index.d.ts.map +1 -0
- package/dist/auth/mfa/index.js +13 -0
- package/dist/auth/mfa/index.js.map +1 -0
- package/dist/auth/mfa/schema.d.ts +32 -0
- package/dist/auth/mfa/schema.d.ts.map +1 -0
- package/dist/auth/mfa/schema.js +35 -0
- package/dist/auth/mfa/schema.js.map +1 -0
- package/dist/auth/mfa/service.d.ts +65 -0
- package/dist/auth/mfa/service.d.ts.map +1 -0
- package/dist/auth/mfa/service.js +255 -0
- package/dist/auth/mfa/service.js.map +1 -0
- package/dist/auth/oauth-proxy.d.ts +58 -0
- package/dist/auth/oauth-proxy.d.ts.map +1 -0
- package/dist/auth/oauth-proxy.js +298 -0
- package/dist/auth/oauth-proxy.js.map +1 -0
- package/dist/auth/otp/index.d.ts +6 -0
- package/dist/auth/otp/index.d.ts.map +1 -0
- package/dist/auth/otp/index.js +13 -0
- package/dist/auth/otp/index.js.map +1 -0
- package/dist/auth/otp/schema.d.ts +32 -0
- package/dist/auth/otp/schema.d.ts.map +1 -0
- package/dist/auth/otp/schema.js +38 -0
- package/dist/auth/otp/schema.js.map +1 -0
- package/dist/auth/otp/service.d.ts +59 -0
- package/dist/auth/otp/service.d.ts.map +1 -0
- package/dist/auth/otp/service.js +183 -0
- package/dist/auth/otp/service.js.map +1 -0
- package/dist/auth/password-recovery.d.ts +61 -0
- package/dist/auth/password-recovery.d.ts.map +1 -0
- package/dist/auth/password-recovery.js +173 -0
- package/dist/auth/password-recovery.js.map +1 -0
- package/dist/auth/resolver.d.ts +29 -0
- package/dist/auth/resolver.d.ts.map +1 -0
- package/dist/auth/resolver.js +78 -0
- package/dist/auth/resolver.js.map +1 -0
- package/dist/auth/role-helpers.d.ts +56 -0
- package/dist/auth/role-helpers.d.ts.map +1 -0
- package/dist/auth/role-helpers.js +103 -0
- package/dist/auth/role-helpers.js.map +1 -0
- package/dist/auth/session-manager.d.ts +21 -0
- package/dist/auth/session-manager.d.ts.map +1 -0
- package/dist/auth/session-manager.js +30 -0
- package/dist/auth/session-manager.js.map +1 -0
- package/dist/auth/session-security.d.ts +14 -0
- package/dist/auth/session-security.d.ts.map +1 -0
- package/dist/auth/session-security.js +26 -0
- package/dist/auth/session-security.js.map +1 -0
- package/dist/auth/system/better-auth-schema.d.ts +144 -0
- package/dist/auth/system/better-auth-schema.d.ts.map +1 -0
- package/dist/auth/system/better-auth-schema.js +250 -0
- package/dist/auth/system/better-auth-schema.js.map +1 -0
- package/dist/auth/system/constants.d.ts +114 -0
- package/dist/auth/system/constants.d.ts.map +1 -0
- package/dist/auth/system/constants.js +205 -0
- package/dist/auth/system/constants.js.map +1 -0
- package/dist/auth/system/cookies.d.ts +83 -0
- package/dist/auth/system/cookies.d.ts.map +1 -0
- package/dist/auth/system/cookies.js +148 -0
- package/dist/auth/system/cookies.js.map +1 -0
- package/dist/auth/system/crypto.d.ts +53 -0
- package/dist/auth/system/crypto.d.ts.map +1 -0
- package/dist/auth/system/crypto.js +188 -0
- package/dist/auth/system/crypto.js.map +1 -0
- package/dist/auth/system/extended-schema.d.ts +145 -0
- package/dist/auth/system/extended-schema.d.ts.map +1 -0
- package/dist/auth/system/extended-schema.js +86 -0
- package/dist/auth/system/extended-schema.js.map +1 -0
- package/dist/auth/system/schema.d.ts +538 -0
- package/dist/auth/system/schema.d.ts.map +1 -0
- package/dist/auth/system/schema.js +306 -0
- package/dist/auth/system/schema.js.map +1 -0
- package/dist/cache/client.d.ts +77 -0
- package/dist/cache/client.d.ts.map +1 -0
- package/dist/cache/client.js +279 -0
- package/dist/cache/client.js.map +1 -0
- package/dist/cache/index.d.ts +9 -0
- package/dist/cache/index.d.ts.map +1 -0
- package/dist/cache/index.js +14 -0
- package/dist/cache/index.js.map +1 -0
- package/dist/cache/layers.d.ts +125 -0
- package/dist/cache/layers.d.ts.map +1 -0
- package/dist/cache/layers.js +354 -0
- package/dist/cache/layers.js.map +1 -0
- package/dist/cache/manager.d.ts +101 -0
- package/dist/cache/manager.d.ts.map +1 -0
- package/dist/cache/manager.js +423 -0
- package/dist/cache/manager.js.map +1 -0
- package/dist/cache/protocol.d.ts +115 -0
- package/dist/cache/protocol.d.ts.map +1 -0
- package/dist/cache/protocol.js +36 -0
- package/dist/cache/protocol.js.map +1 -0
- package/dist/cache/run-sidecar.d.ts +8 -0
- package/dist/cache/run-sidecar.d.ts.map +1 -0
- package/dist/cache/run-sidecar.js +71 -0
- package/dist/cache/run-sidecar.js.map +1 -0
- package/dist/cache/sidecar-client.d.ts +90 -0
- package/dist/cache/sidecar-client.d.ts.map +1 -0
- package/dist/cache/sidecar-client.js +437 -0
- package/dist/cache/sidecar-client.js.map +1 -0
- package/dist/cache/sidecar-server.d.ts +18 -0
- package/dist/cache/sidecar-server.d.ts.map +1 -0
- package/dist/cache/sidecar-server.js +90 -0
- package/dist/cache/sidecar-server.js.map +1 -0
- package/dist/cache/store.d.ts +90 -0
- package/dist/cache/store.d.ts.map +1 -0
- package/dist/cache/store.js +357 -0
- package/dist/cache/store.js.map +1 -0
- package/dist/cache/strategies.d.ts +52 -0
- package/dist/cache/strategies.d.ts.map +1 -0
- package/dist/cache/strategies.js +13 -0
- package/dist/cache/strategies.js.map +1 -0
- package/dist/cache/utils.d.ts +16 -0
- package/dist/cache/utils.d.ts.map +1 -0
- package/dist/cache/utils.js +101 -0
- package/dist/cache/utils.js.map +1 -0
- package/dist/config/index.d.ts +4 -0
- package/dist/config/index.d.ts.map +1 -0
- package/dist/config/index.js +20 -0
- package/dist/config/index.js.map +1 -0
- package/dist/config/paths.d.ts +16 -0
- package/dist/config/paths.d.ts.map +1 -0
- package/dist/config/paths.js +29 -0
- package/dist/config/paths.js.map +1 -0
- package/dist/config/schema.d.ts +42 -0
- package/dist/config/schema.d.ts.map +1 -0
- package/dist/config/schema.js +62 -0
- package/dist/config/schema.js.map +1 -0
- package/dist/config/service.d.ts +56 -0
- package/dist/config/service.d.ts.map +1 -0
- package/dist/config/service.js +108 -0
- package/dist/config/service.js.map +1 -0
- package/dist/context.d.ts +48 -0
- package/dist/context.d.ts.map +1 -0
- package/dist/context.js +6 -0
- package/dist/context.js.map +1 -0
- package/dist/controllers/admin/admin-tokens.controller.d.ts +159 -0
- package/dist/controllers/admin/admin-tokens.controller.d.ts.map +1 -0
- package/dist/controllers/admin/admin-tokens.controller.js +138 -0
- package/dist/controllers/admin/admin-tokens.controller.js.map +1 -0
- package/dist/controllers/admin/api-keys.controller.d.ts +187 -0
- package/dist/controllers/admin/api-keys.controller.d.ts.map +1 -0
- package/dist/controllers/admin/api-keys.controller.js +124 -0
- package/dist/controllers/admin/api-keys.controller.js.map +1 -0
- package/dist/controllers/admin/app-users.controller.d.ts +376 -0
- package/dist/controllers/admin/app-users.controller.d.ts.map +1 -0
- package/dist/controllers/admin/app-users.controller.js +348 -0
- package/dist/controllers/admin/app-users.controller.js.map +1 -0
- package/dist/controllers/admin/auth.controller.d.ts +285 -0
- package/dist/controllers/admin/auth.controller.d.ts.map +1 -0
- package/dist/controllers/admin/auth.controller.js +221 -0
- package/dist/controllers/admin/auth.controller.js.map +1 -0
- package/dist/controllers/admin/backup.controller.d.ts +250 -0
- package/dist/controllers/admin/backup.controller.d.ts.map +1 -0
- package/dist/controllers/admin/backup.controller.js +316 -0
- package/dist/controllers/admin/backup.controller.js.map +1 -0
- package/dist/controllers/admin/data.controller.d.ts +250 -0
- package/dist/controllers/admin/data.controller.d.ts.map +1 -0
- package/dist/controllers/admin/data.controller.js +240 -0
- package/dist/controllers/admin/data.controller.js.map +1 -0
- package/dist/controllers/admin/provisioning.controller.d.ts +77 -0
- package/dist/controllers/admin/provisioning.controller.d.ts.map +1 -0
- package/dist/controllers/admin/provisioning.controller.js +141 -0
- package/dist/controllers/admin/provisioning.controller.js.map +1 -0
- package/dist/controllers/admin/settings.controller.d.ts +153 -0
- package/dist/controllers/admin/settings.controller.d.ts.map +1 -0
- package/dist/controllers/admin/settings.controller.js +120 -0
- package/dist/controllers/admin/settings.controller.js.map +1 -0
- package/dist/controllers/admin/setup.controller.d.ts +104 -0
- package/dist/controllers/admin/setup.controller.d.ts.map +1 -0
- package/dist/controllers/admin/setup.controller.js +113 -0
- package/dist/controllers/admin/setup.controller.js.map +1 -0
- package/dist/controllers/admin/tenants.controller.d.ts +275 -0
- package/dist/controllers/admin/tenants.controller.d.ts.map +1 -0
- package/dist/controllers/admin/tenants.controller.js +206 -0
- package/dist/controllers/admin/tenants.controller.js.map +1 -0
- package/dist/controllers/admin/users.controller.d.ts +253 -0
- package/dist/controllers/admin/users.controller.d.ts.map +1 -0
- package/dist/controllers/admin/users.controller.js +186 -0
- package/dist/controllers/admin/users.controller.js.map +1 -0
- package/dist/controllers/auth.controller.d.ts +308 -0
- package/dist/controllers/auth.controller.d.ts.map +1 -0
- package/dist/controllers/auth.controller.js +305 -0
- package/dist/controllers/auth.controller.js.map +1 -0
- package/dist/controllers/crud-generator.controller.d.ts +83 -0
- package/dist/controllers/crud-generator.controller.d.ts.map +1 -0
- package/dist/controllers/crud-generator.controller.js +201 -0
- package/dist/controllers/crud-generator.controller.js.map +1 -0
- package/dist/controllers/deployment-events.controller.d.ts +74 -0
- package/dist/controllers/deployment-events.controller.d.ts.map +1 -0
- package/dist/controllers/deployment-events.controller.js +143 -0
- package/dist/controllers/deployment-events.controller.js.map +1 -0
- package/dist/controllers/index.d.ts +18 -0
- package/dist/controllers/index.d.ts.map +1 -0
- package/dist/controllers/index.js +42 -0
- package/dist/controllers/index.js.map +1 -0
- package/dist/controllers/introspection.controller.d.ts +430 -0
- package/dist/controllers/introspection.controller.d.ts.map +1 -0
- package/dist/controllers/introspection.controller.js +358 -0
- package/dist/controllers/introspection.controller.js.map +1 -0
- package/dist/controllers/invite.controller.d.ts +218 -0
- package/dist/controllers/invite.controller.d.ts.map +1 -0
- package/dist/controllers/invite.controller.js +218 -0
- package/dist/controllers/invite.controller.js.map +1 -0
- package/dist/controllers/mfa.controller.d.ts +211 -0
- package/dist/controllers/mfa.controller.d.ts.map +1 -0
- package/dist/controllers/mfa.controller.js +155 -0
- package/dist/controllers/mfa.controller.js.map +1 -0
- package/dist/controllers/otp.controller.d.ts +220 -0
- package/dist/controllers/otp.controller.d.ts.map +1 -0
- package/dist/controllers/otp.controller.js +223 -0
- package/dist/controllers/otp.controller.js.map +1 -0
- package/dist/controllers/storage.controller.d.ts +297 -0
- package/dist/controllers/storage.controller.d.ts.map +1 -0
- package/dist/controllers/storage.controller.js +304 -0
- package/dist/controllers/storage.controller.js.map +1 -0
- package/dist/controllers/system.controller.d.ts +176 -0
- package/dist/controllers/system.controller.d.ts.map +1 -0
- package/dist/controllers/system.controller.js +222 -0
- package/dist/controllers/system.controller.js.map +1 -0
- package/dist/controllers/tenant.controller.d.ts +316 -0
- package/dist/controllers/tenant.controller.d.ts.map +1 -0
- package/dist/controllers/tenant.controller.js +269 -0
- package/dist/controllers/tenant.controller.js.map +1 -0
- package/dist/db/cachedclient.d.ts +69 -0
- package/dist/db/cachedclient.d.ts.map +1 -0
- package/dist/db/cachedclient.js +331 -0
- package/dist/db/cachedclient.js.map +1 -0
- package/dist/db/distributed-client.d.ts +82 -0
- package/dist/db/distributed-client.d.ts.map +1 -0
- package/dist/db/distributed-client.js +477 -0
- package/dist/db/distributed-client.js.map +1 -0
- package/dist/db/factory.d.ts +19 -0
- package/dist/db/factory.d.ts.map +1 -0
- package/dist/db/factory.js +44 -0
- package/dist/db/factory.js.map +1 -0
- package/dist/db/interfaces.d.ts +67 -0
- package/dist/db/interfaces.d.ts.map +1 -0
- package/dist/db/interfaces.js +3 -0
- package/dist/db/interfaces.js.map +1 -0
- package/dist/db/socket-client.d.ts +122 -0
- package/dist/db/socket-client.d.ts.map +1 -0
- package/dist/db/socket-client.js +1092 -0
- package/dist/db/socket-client.js.map +1 -0
- package/dist/db/store-config.d.ts +19 -0
- package/dist/db/store-config.d.ts.map +1 -0
- package/dist/db/store-config.js +65 -0
- package/dist/db/store-config.js.map +1 -0
- package/dist/deployment/function-extractor.d.ts +11 -0
- package/dist/deployment/function-extractor.d.ts.map +1 -0
- package/dist/deployment/function-extractor.js +101 -0
- package/dist/deployment/function-extractor.js.map +1 -0
- package/dist/deployment/handler.d.ts +174 -0
- package/dist/deployment/handler.d.ts.map +1 -0
- package/dist/deployment/handler.js +1437 -0
- package/dist/deployment/handler.js.map +1 -0
- package/dist/deployment/persistence.d.ts +97 -0
- package/dist/deployment/persistence.d.ts.map +1 -0
- package/dist/deployment/persistence.js +238 -0
- package/dist/deployment/persistence.js.map +1 -0
- package/dist/deployment/protocol.d.ts +34 -0
- package/dist/deployment/protocol.d.ts.map +1 -0
- package/dist/deployment/protocol.js +7 -0
- package/dist/deployment/protocol.js.map +1 -0
- package/dist/di/container.d.ts +58 -0
- package/dist/di/container.d.ts.map +1 -0
- package/dist/di/container.js +121 -0
- package/dist/di/container.js.map +1 -0
- package/dist/di/decorators.d.ts +57 -0
- package/dist/di/decorators.d.ts.map +1 -0
- package/dist/di/decorators.js +80 -0
- package/dist/di/decorators.js.map +1 -0
- package/dist/di/index.d.ts +10 -0
- package/dist/di/index.d.ts.map +1 -0
- package/dist/di/index.js +21 -0
- package/dist/di/index.js.map +1 -0
- package/dist/di/resolver.d.ts +26 -0
- package/dist/di/resolver.d.ts.map +1 -0
- package/dist/di/resolver.js +32 -0
- package/dist/di/resolver.js.map +1 -0
- package/dist/docker/compose.d.ts +3 -0
- package/dist/docker/compose.d.ts.map +1 -0
- package/dist/docker/compose.js +106 -0
- package/dist/docker/compose.js.map +1 -0
- package/dist/docker/index.d.ts +4 -0
- package/dist/docker/index.d.ts.map +1 -0
- package/dist/docker/index.js +8 -0
- package/dist/docker/index.js.map +1 -0
- package/dist/docker/manager.d.ts +14 -0
- package/dist/docker/manager.d.ts.map +1 -0
- package/dist/docker/manager.js +76 -0
- package/dist/docker/manager.js.map +1 -0
- package/dist/docker/types.d.ts +18 -0
- package/dist/docker/types.d.ts.map +1 -0
- package/dist/docker/types.js +3 -0
- package/dist/docker/types.js.map +1 -0
- package/dist/email/index.d.ts +6 -0
- package/dist/email/index.d.ts.map +1 -0
- package/dist/email/index.js +25 -0
- package/dist/email/index.js.map +1 -0
- package/dist/email/service.d.ts +89 -0
- package/dist/email/service.d.ts.map +1 -0
- package/dist/email/service.js +215 -0
- package/dist/email/service.js.map +1 -0
- package/dist/email/templates/MagicLinkEmail.d.ts +8 -0
- package/dist/email/templates/MagicLinkEmail.d.ts.map +1 -0
- package/dist/email/templates/MagicLinkEmail.js +84 -0
- package/dist/email/templates/MagicLinkEmail.js.map +1 -0
- package/dist/email/templates/OtpEmail.d.ts +8 -0
- package/dist/email/templates/OtpEmail.d.ts.map +1 -0
- package/dist/email/templates/OtpEmail.js +72 -0
- package/dist/email/templates/OtpEmail.js.map +1 -0
- package/dist/email/templates/PasswordResetEmail.d.ts +9 -0
- package/dist/email/templates/PasswordResetEmail.d.ts.map +1 -0
- package/dist/email/templates/PasswordResetEmail.js +103 -0
- package/dist/email/templates/PasswordResetEmail.js.map +1 -0
- package/dist/email/templates/WelcomeEmail.d.ts +8 -0
- package/dist/email/templates/WelcomeEmail.d.ts.map +1 -0
- package/dist/email/templates/WelcomeEmail.js +94 -0
- package/dist/email/templates/WelcomeEmail.js.map +1 -0
- package/dist/email/templates/index.d.ts +9 -0
- package/dist/email/templates/index.d.ts.map +1 -0
- package/dist/email/templates/index.js +16 -0
- package/dist/email/templates/index.js.map +1 -0
- package/dist/engine/context.d.ts +9 -0
- package/dist/engine/context.d.ts.map +1 -0
- package/dist/engine/context.js +9 -0
- package/dist/engine/context.js.map +1 -0
- package/dist/engine/runner.d.ts +115 -0
- package/dist/engine/runner.d.ts.map +1 -0
- package/dist/engine/runner.js +617 -0
- package/dist/engine/runner.js.map +1 -0
- package/dist/functions/built-in/auth-apikey.d.ts +21 -0
- package/dist/functions/built-in/auth-apikey.d.ts.map +1 -0
- package/dist/functions/built-in/auth-apikey.js +344 -0
- package/dist/functions/built-in/auth-apikey.js.map +1 -0
- package/dist/functions/built-in/auth-email.d.ts +3 -0
- package/dist/functions/built-in/auth-email.d.ts.map +1 -0
- package/dist/functions/built-in/auth-email.js +63 -0
- package/dist/functions/built-in/auth-email.js.map +1 -0
- package/dist/functions/built-in/auth-invite.d.ts +5 -0
- package/dist/functions/built-in/auth-invite.d.ts.map +1 -0
- package/dist/functions/built-in/auth-invite.js +105 -0
- package/dist/functions/built-in/auth-invite.js.map +1 -0
- package/dist/functions/built-in/auth-password.d.ts +4 -0
- package/dist/functions/built-in/auth-password.d.ts.map +1 -0
- package/dist/functions/built-in/auth-password.js +107 -0
- package/dist/functions/built-in/auth-password.js.map +1 -0
- package/dist/functions/built-in/auth-session.d.ts +18 -0
- package/dist/functions/built-in/auth-session.d.ts.map +1 -0
- package/dist/functions/built-in/auth-session.js +221 -0
- package/dist/functions/built-in/auth-session.js.map +1 -0
- package/dist/functions/built-in/auth-signin.d.ts +20 -0
- package/dist/functions/built-in/auth-signin.d.ts.map +1 -0
- package/dist/functions/built-in/auth-signin.js +198 -0
- package/dist/functions/built-in/auth-signin.js.map +1 -0
- package/dist/functions/built-in/auth-signout.d.ts +18 -0
- package/dist/functions/built-in/auth-signout.d.ts.map +1 -0
- package/dist/functions/built-in/auth-signout.js +78 -0
- package/dist/functions/built-in/auth-signout.js.map +1 -0
- package/dist/functions/built-in/auth-signup.d.ts +21 -0
- package/dist/functions/built-in/auth-signup.d.ts.map +1 -0
- package/dist/functions/built-in/auth-signup.js +147 -0
- package/dist/functions/built-in/auth-signup.js.map +1 -0
- package/dist/functions/built-in/auth-tenant.d.ts +3 -0
- package/dist/functions/built-in/auth-tenant.d.ts.map +1 -0
- package/dist/functions/built-in/auth-tenant.js +86 -0
- package/dist/functions/built-in/auth-tenant.js.map +1 -0
- package/dist/functions/built-in/index.d.ts +55 -0
- package/dist/functions/built-in/index.d.ts.map +1 -0
- package/dist/functions/built-in/index.js +181 -0
- package/dist/functions/built-in/index.js.map +1 -0
- package/dist/functions/built-in/system-cache.d.ts +10 -0
- package/dist/functions/built-in/system-cache.d.ts.map +1 -0
- package/dist/functions/built-in/system-cache.js +98 -0
- package/dist/functions/built-in/system-cache.js.map +1 -0
- package/dist/functions/built-in/system-data.d.ts +13 -0
- package/dist/functions/built-in/system-data.d.ts.map +1 -0
- package/dist/functions/built-in/system-data.js +133 -0
- package/dist/functions/built-in/system-data.js.map +1 -0
- package/dist/functions/built-in/system-jobs.d.ts +22 -0
- package/dist/functions/built-in/system-jobs.d.ts.map +1 -0
- package/dist/functions/built-in/system-jobs.js +82 -0
- package/dist/functions/built-in/system-jobs.js.map +1 -0
- package/dist/functions/built-in/system-notifications.d.ts +41 -0
- package/dist/functions/built-in/system-notifications.d.ts.map +1 -0
- package/dist/functions/built-in/system-notifications.js +72 -0
- package/dist/functions/built-in/system-notifications.js.map +1 -0
- package/dist/functions/built-in/system-performance.d.ts +25 -0
- package/dist/functions/built-in/system-performance.d.ts.map +1 -0
- package/dist/functions/built-in/system-performance.js +83 -0
- package/dist/functions/built-in/system-performance.js.map +1 -0
- package/dist/functions/built-in-registry.d.ts +101 -0
- package/dist/functions/built-in-registry.d.ts.map +1 -0
- package/dist/functions/built-in-registry.js +165 -0
- package/dist/functions/built-in-registry.js.map +1 -0
- package/dist/functions/definition.d.ts +206 -0
- package/dist/functions/definition.d.ts.map +1 -0
- package/dist/functions/definition.js +178 -0
- package/dist/functions/definition.js.map +1 -0
- package/dist/functions/types.d.ts +151 -0
- package/dist/functions/types.d.ts.map +1 -0
- package/dist/functions/types.js +3 -0
- package/dist/functions/types.js.map +1 -0
- package/dist/http/context-helper.d.ts +60 -0
- package/dist/http/context-helper.d.ts.map +1 -0
- package/dist/http/context-helper.js +161 -0
- package/dist/http/context-helper.js.map +1 -0
- package/dist/http/definition.d.ts +76 -0
- package/dist/http/definition.d.ts.map +1 -0
- package/dist/http/definition.js +46 -0
- package/dist/http/definition.js.map +1 -0
- package/dist/http/index.d.ts +7 -0
- package/dist/http/index.d.ts.map +1 -0
- package/dist/http/index.js +12 -0
- package/dist/http/index.js.map +1 -0
- package/dist/http/plugins/auth.d.ts +71 -0
- package/dist/http/plugins/auth.d.ts.map +1 -0
- package/dist/http/plugins/auth.js +67 -0
- package/dist/http/plugins/auth.js.map +1 -0
- package/dist/http/plugins/better-auth.d.ts +67 -0
- package/dist/http/plugins/better-auth.d.ts.map +1 -0
- package/dist/http/plugins/better-auth.js +48 -0
- package/dist/http/plugins/better-auth.js.map +1 -0
- package/dist/http/router.d.ts +59 -0
- package/dist/http/router.d.ts.map +1 -0
- package/dist/http/router.js +371 -0
- package/dist/http/router.js.map +1 -0
- package/dist/http/server.d.ts +15 -0
- package/dist/http/server.d.ts.map +1 -0
- package/dist/http/server.js +217 -0
- package/dist/http/server.js.map +1 -0
- package/dist/http/types.d.ts +142 -0
- package/dist/http/types.d.ts.map +1 -0
- package/dist/http/types.js +7 -0
- package/dist/http/types.js.map +1 -0
- package/dist/index.d.mts +2 -0
- package/dist/index.d.mts.map +1 -0
- package/dist/index.mjs +116 -0
- package/dist/index.mjs.map +1 -0
- package/dist/ipc/run-sidecar.d.ts +8 -0
- package/dist/ipc/run-sidecar.d.ts.map +1 -0
- package/dist/ipc/run-sidecar.js +127 -0
- package/dist/ipc/run-sidecar.js.map +1 -0
- package/dist/ipc/socket-bridge.d.ts +114 -0
- package/dist/ipc/socket-bridge.d.ts.map +1 -0
- package/dist/ipc/socket-bridge.js +724 -0
- package/dist/ipc/socket-bridge.js.map +1 -0
- package/dist/jobs/index.d.ts +7 -0
- package/dist/jobs/index.d.ts.map +1 -0
- package/dist/jobs/index.js +10 -0
- package/dist/jobs/index.js.map +1 -0
- package/dist/jobs/queue.d.ts +62 -0
- package/dist/jobs/queue.d.ts.map +1 -0
- package/dist/jobs/queue.js +192 -0
- package/dist/jobs/queue.js.map +1 -0
- package/dist/jobs/run-scheduler.d.ts +2 -0
- package/dist/jobs/run-scheduler.d.ts.map +1 -0
- package/dist/jobs/run-scheduler.js +245 -0
- package/dist/jobs/run-scheduler.js.map +1 -0
- package/dist/jobs/run-worker.d.ts +2 -0
- package/dist/jobs/run-worker.d.ts.map +1 -0
- package/dist/jobs/run-worker.js +123 -0
- package/dist/jobs/run-worker.js.map +1 -0
- package/dist/jobs/runtime-loader.d.ts +14 -0
- package/dist/jobs/runtime-loader.d.ts.map +1 -0
- package/dist/jobs/runtime-loader.js +122 -0
- package/dist/jobs/runtime-loader.js.map +1 -0
- package/dist/jobs/scheduler-client.d.ts +33 -0
- package/dist/jobs/scheduler-client.d.ts.map +1 -0
- package/dist/jobs/scheduler-client.js +69 -0
- package/dist/jobs/scheduler-client.js.map +1 -0
- package/dist/jobs/scheduler.d.ts +73 -0
- package/dist/jobs/scheduler.d.ts.map +1 -0
- package/dist/jobs/scheduler.js +297 -0
- package/dist/jobs/scheduler.js.map +1 -0
- package/dist/jobs/worker-thread.d.ts +27 -0
- package/dist/jobs/worker-thread.d.ts.map +1 -0
- package/dist/jobs/worker-thread.js +173 -0
- package/dist/jobs/worker-thread.js.map +1 -0
- package/dist/jobs/worker.d.ts +30 -0
- package/dist/jobs/worker.d.ts.map +1 -0
- package/dist/jobs/worker.js +262 -0
- package/dist/jobs/worker.js.map +1 -0
- package/dist/jobs/ws-client.d.ts +23 -0
- package/dist/jobs/ws-client.d.ts.map +1 -0
- package/dist/jobs/ws-client.js +105 -0
- package/dist/jobs/ws-client.js.map +1 -0
- package/dist/linq/async-enumerable.d.ts +91 -0
- package/dist/linq/async-enumerable.d.ts.map +1 -0
- package/dist/linq/async-enumerable.js +176 -0
- package/dist/linq/async-enumerable.js.map +1 -0
- package/dist/linq/enumerable.d.ts +94 -0
- package/dist/linq/enumerable.d.ts.map +1 -0
- package/dist/linq/enumerable.js +210 -0
- package/dist/linq/enumerable.js.map +1 -0
- package/dist/linq/index.d.ts +25 -0
- package/dist/linq/index.d.ts.map +1 -0
- package/dist/linq/index.js +27 -0
- package/dist/linq/index.js.map +1 -0
- package/dist/linq/interfaces.d.ts +23 -0
- package/dist/linq/interfaces.d.ts.map +1 -0
- package/dist/linq/interfaces.js +3 -0
- package/dist/linq/interfaces.js.map +1 -0
- package/dist/logging/logger.d.ts +85 -0
- package/dist/logging/logger.d.ts.map +1 -0
- package/dist/logging/logger.js +217 -0
- package/dist/logging/logger.js.map +1 -0
- package/dist/query/builder.d.ts +91 -0
- package/dist/query/builder.d.ts.map +1 -0
- package/dist/query/builder.js +103 -0
- package/dist/query/builder.js.map +1 -0
- package/dist/query/types.d.ts +112 -0
- package/dist/query/types.d.ts.map +1 -0
- package/dist/query/types.js +3 -0
- package/dist/query/types.js.map +1 -0
- package/dist/reactivity/graph.d.ts +8 -0
- package/dist/reactivity/graph.d.ts.map +1 -0
- package/dist/reactivity/graph.js +51 -0
- package/dist/reactivity/graph.js.map +1 -0
- package/dist/repository/db-set.d.ts +220 -0
- package/dist/repository/db-set.d.ts.map +1 -0
- package/dist/repository/db-set.js +515 -0
- package/dist/repository/db-set.js.map +1 -0
- package/dist/repository/ef-core.d.ts +177 -0
- package/dist/repository/ef-core.d.ts.map +1 -0
- package/dist/repository/ef-core.js +404 -0
- package/dist/repository/ef-core.js.map +1 -0
- package/dist/repository/factory.d.ts +117 -0
- package/dist/repository/factory.d.ts.map +1 -0
- package/dist/repository/factory.js +183 -0
- package/dist/repository/factory.js.map +1 -0
- package/dist/repository/interfaces.d.ts +449 -0
- package/dist/repository/interfaces.d.ts.map +1 -0
- package/dist/repository/interfaces.js +21 -0
- package/dist/repository/interfaces.js.map +1 -0
- package/dist/repository/provider.d.ts +16 -0
- package/dist/repository/provider.d.ts.map +1 -0
- package/dist/repository/provider.js +674 -0
- package/dist/repository/provider.js.map +1 -0
- package/dist/repository/queryable.d.ts +111 -0
- package/dist/repository/queryable.d.ts.map +1 -0
- package/dist/repository/queryable.js +566 -0
- package/dist/repository/queryable.js.map +1 -0
- package/dist/rpc/adapter.d.ts +18 -0
- package/dist/rpc/adapter.d.ts.map +1 -0
- package/dist/rpc/adapter.js +101 -0
- package/dist/rpc/adapter.js.map +1 -0
- package/dist/rpc/router.d.ts +82 -0
- package/dist/rpc/router.d.ts.map +1 -0
- package/dist/rpc/router.js +177 -0
- package/dist/rpc/router.js.map +1 -0
- package/dist/schema/definition.d.ts +51 -0
- package/dist/schema/definition.d.ts.map +1 -0
- package/dist/schema/definition.js +79 -0
- package/dist/schema/definition.js.map +1 -0
- package/dist/schema/input-types.d.ts +88 -0
- package/dist/schema/input-types.d.ts.map +1 -0
- package/dist/schema/input-types.js +81 -0
- package/dist/schema/input-types.js.map +1 -0
- package/dist/schema/modifiers.d.ts +173 -0
- package/dist/schema/modifiers.d.ts.map +1 -0
- package/dist/schema/modifiers.js +218 -0
- package/dist/schema/modifiers.js.map +1 -0
- package/dist/schema/relationship-types.d.ts +109 -0
- package/dist/schema/relationship-types.d.ts.map +1 -0
- package/dist/schema/relationship-types.js +11 -0
- package/dist/schema/relationship-types.js.map +1 -0
- package/dist/schema/type-helpers.d.ts +105 -0
- package/dist/schema/type-helpers.d.ts.map +1 -0
- package/dist/schema/type-helpers.js +215 -0
- package/dist/schema/type-helpers.js.map +1 -0
- package/dist/schema/types.d.ts +144 -0
- package/dist/schema/types.d.ts.map +1 -0
- package/dist/schema/types.js +12 -0
- package/dist/schema/types.js.map +1 -0
- package/dist/schema/validators.d.ts +127 -0
- package/dist/schema/validators.d.ts.map +1 -0
- package/dist/schema/validators.js +164 -0
- package/dist/schema/validators.js.map +1 -0
- package/dist/services/admin/app-users.service.d.ts +138 -0
- package/dist/services/admin/app-users.service.d.ts.map +1 -0
- package/dist/services/admin/app-users.service.js +435 -0
- package/dist/services/admin/app-users.service.js.map +1 -0
- package/dist/services/admin/auth.service.d.ts +104 -0
- package/dist/services/admin/auth.service.d.ts.map +1 -0
- package/dist/services/admin/auth.service.js +208 -0
- package/dist/services/admin/auth.service.js.map +1 -0
- package/dist/services/admin/backup/BackupOrchestrator.d.ts +38 -0
- package/dist/services/admin/backup/BackupOrchestrator.d.ts.map +1 -0
- package/dist/services/admin/backup/BackupOrchestrator.js +350 -0
- package/dist/services/admin/backup/BackupOrchestrator.js.map +1 -0
- package/dist/services/admin/backup/DataStreamer.d.ts +11 -0
- package/dist/services/admin/backup/DataStreamer.d.ts.map +1 -0
- package/dist/services/admin/backup/DataStreamer.js +85 -0
- package/dist/services/admin/backup/DataStreamer.js.map +1 -0
- package/dist/services/admin/backup/LegacyAdapter.d.ts +28 -0
- package/dist/services/admin/backup/LegacyAdapter.d.ts.map +1 -0
- package/dist/services/admin/backup/LegacyAdapter.js +35 -0
- package/dist/services/admin/backup/LegacyAdapter.js.map +1 -0
- package/dist/services/admin/backup/SqliteGenerator.d.ts +15 -0
- package/dist/services/admin/backup/SqliteGenerator.d.ts.map +1 -0
- package/dist/services/admin/backup/SqliteGenerator.js +152 -0
- package/dist/services/admin/backup/SqliteGenerator.js.map +1 -0
- package/dist/services/admin/backup/StorageStreamer.d.ts +17 -0
- package/dist/services/admin/backup/StorageStreamer.d.ts.map +1 -0
- package/dist/services/admin/backup/StorageStreamer.js +117 -0
- package/dist/services/admin/backup/StorageStreamer.js.map +1 -0
- package/dist/services/admin/backup/ZipComposer.d.ts +17 -0
- package/dist/services/admin/backup/ZipComposer.d.ts.map +1 -0
- package/dist/services/admin/backup/ZipComposer.js +95 -0
- package/dist/services/admin/backup/ZipComposer.js.map +1 -0
- package/dist/services/admin/backup/ZipExtractor.d.ts +24 -0
- package/dist/services/admin/backup/ZipExtractor.d.ts.map +1 -0
- package/dist/services/admin/backup/ZipExtractor.js +135 -0
- package/dist/services/admin/backup/ZipExtractor.js.map +1 -0
- package/dist/services/admin/backup/index.d.ts +9 -0
- package/dist/services/admin/backup/index.d.ts.map +1 -0
- package/dist/services/admin/backup/index.js +18 -0
- package/dist/services/admin/backup/index.js.map +1 -0
- package/dist/services/admin/backup/types.d.ts +48 -0
- package/dist/services/admin/backup/types.d.ts.map +1 -0
- package/dist/services/admin/backup/types.js +3 -0
- package/dist/services/admin/backup/types.js.map +1 -0
- package/dist/services/admin/backup.service.d.ts +117 -0
- package/dist/services/admin/backup.service.d.ts.map +1 -0
- package/dist/services/admin/backup.service.js +709 -0
- package/dist/services/admin/backup.service.js.map +1 -0
- package/dist/services/admin/data.service.d.ts +109 -0
- package/dist/services/admin/data.service.d.ts.map +1 -0
- package/dist/services/admin/data.service.js +734 -0
- package/dist/services/admin/data.service.js.map +1 -0
- package/dist/services/admin/tenants.service.d.ts +99 -0
- package/dist/services/admin/tenants.service.d.ts.map +1 -0
- package/dist/services/admin/tenants.service.js +173 -0
- package/dist/services/admin/tenants.service.js.map +1 -0
- package/dist/services/auth.service.d.ts +155 -0
- package/dist/services/auth.service.d.ts.map +1 -0
- package/dist/services/auth.service.js +401 -0
- package/dist/services/auth.service.js.map +1 -0
- package/dist/services/introspection.service.d.ts +262 -0
- package/dist/services/introspection.service.d.ts.map +1 -0
- package/dist/services/introspection.service.js +400 -0
- package/dist/services/introspection.service.js.map +1 -0
- package/dist/services/invite.service.d.ts +87 -0
- package/dist/services/invite.service.d.ts.map +1 -0
- package/dist/services/invite.service.js +216 -0
- package/dist/services/invite.service.js.map +1 -0
- package/dist/services/storage.service.d.ts +79 -0
- package/dist/services/storage.service.d.ts.map +1 -0
- package/dist/services/storage.service.js +209 -0
- package/dist/services/storage.service.js.map +1 -0
- package/dist/services/system.service.d.ts +60 -0
- package/dist/services/system.service.d.ts.map +1 -0
- package/dist/services/system.service.js +176 -0
- package/dist/services/system.service.js.map +1 -0
- package/dist/services/tenant.service.d.ts +112 -0
- package/dist/services/tenant.service.d.ts.map +1 -0
- package/dist/services/tenant.service.js +359 -0
- package/dist/services/tenant.service.js.map +1 -0
- package/dist/settings/index.d.ts +6 -0
- package/dist/settings/index.d.ts.map +1 -0
- package/dist/settings/index.js +13 -0
- package/dist/settings/index.js.map +1 -0
- package/dist/settings/schema.d.ts +39 -0
- package/dist/settings/schema.d.ts.map +1 -0
- package/dist/settings/schema.js +41 -0
- package/dist/settings/schema.js.map +1 -0
- package/dist/settings/service.d.ts +28 -0
- package/dist/settings/service.d.ts.map +1 -0
- package/dist/settings/service.js +133 -0
- package/dist/settings/service.js.map +1 -0
- package/dist/startup/bootstrap.d.ts +13 -0
- package/dist/startup/bootstrap.d.ts.map +1 -0
- package/dist/startup/bootstrap.js +262 -0
- package/dist/startup/bootstrap.js.map +1 -0
- package/dist/startup/cluster-manager.d.ts +59 -0
- package/dist/startup/cluster-manager.d.ts.map +1 -0
- package/dist/startup/cluster-manager.js +238 -0
- package/dist/startup/cluster-manager.js.map +1 -0
- package/dist/startup/process-manager.d.ts +46 -0
- package/dist/startup/process-manager.d.ts.map +1 -0
- package/dist/startup/process-manager.js +288 -0
- package/dist/startup/process-manager.js.map +1 -0
- package/dist/startup/processes.d.mts +15 -0
- package/dist/startup/processes.d.mts.map +1 -0
- package/dist/startup/processes.mjs +162 -0
- package/dist/startup/processes.mjs.map +1 -0
- package/dist/startup.js +42 -0
- package/dist/storage/fs-backend.d.ts +38 -0
- package/dist/storage/fs-backend.d.ts.map +1 -0
- package/dist/storage/fs-backend.js +129 -0
- package/dist/storage/fs-backend.js.map +1 -0
- package/dist/storage/manager.d.ts +88 -0
- package/dist/storage/manager.d.ts.map +1 -0
- package/dist/storage/manager.js +416 -0
- package/dist/storage/manager.js.map +1 -0
- package/dist/storage/s3-backend.d.ts +30 -0
- package/dist/storage/s3-backend.d.ts.map +1 -0
- package/dist/storage/s3-backend.js +65 -0
- package/dist/storage/s3-backend.js.map +1 -0
- package/dist/storage/types.d.ts +56 -0
- package/dist/storage/types.d.ts.map +1 -0
- package/dist/storage/types.js +3 -0
- package/dist/storage/types.js.map +1 -0
- package/dist/utils/http.d.ts +16 -0
- package/dist/utils/http.d.ts.map +1 -0
- package/dist/utils/http.js +61 -0
- package/dist/utils/http.js.map +1 -0
- package/dist/utils/introspection-helpers.d.ts +35 -0
- package/dist/utils/introspection-helpers.d.ts.map +1 -0
- package/dist/utils/introspection-helpers.js +246 -0
- package/dist/utils/introspection-helpers.js.map +1 -0
- package/dist/webhook/definition.d.ts +79 -0
- package/dist/webhook/definition.d.ts.map +1 -0
- package/dist/webhook/definition.js +33 -0
- package/dist/webhook/definition.js.map +1 -0
- package/dist/webhook/guard.d.ts +34 -0
- package/dist/webhook/guard.d.ts.map +1 -0
- package/dist/webhook/guard.js +86 -0
- package/dist/webhook/guard.js.map +1 -0
- package/dist/webhook/index.d.ts +9 -0
- package/dist/webhook/index.d.ts.map +1 -0
- package/dist/webhook/index.js +19 -0
- package/dist/webhook/index.js.map +1 -0
- package/dist/webhook/verifier.d.ts +24 -0
- package/dist/webhook/verifier.d.ts.map +1 -0
- package/dist/webhook/verifier.js +107 -0
- package/dist/webhook/verifier.js.map +1 -0
- package/dist/websocket/server.d.ts +74 -0
- package/dist/websocket/server.d.ts.map +1 -0
- package/dist/websocket/server.js +693 -0
- package/dist/websocket/server.js.map +1 -0
- package/dist/websocket/types.d.ts +53 -0
- package/dist/websocket/types.d.ts.map +1 -0
- package/dist/websocket/types.js +3 -0
- package/dist/websocket/types.js.map +1 -0
- package/dist/websocket/ws-compat.d.ts +26 -0
- package/dist/websocket/ws-compat.d.ts.map +1 -0
- package/dist/websocket/ws-compat.js +35 -0
- package/dist/websocket/ws-compat.js.map +1 -0
- package/docker/README.md +5 -0
- package/package.json +210 -0
- package/scripts/postinstall.js +31 -0
- package/templates/.env.example +55 -0
- package/templates/archlast.config.js +36 -0
- package/templates/docker-compose.dev.yml +8 -0
- package/templates/docker-compose.prod.yml +15 -0
- package/templates/docker-compose.yml +33 -0
|
@@ -0,0 +1,298 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* OAuth Proxy Service
|
|
4
|
+
*
|
|
5
|
+
* Acts as an internal HTTP service that handles OAuth flows for external providers
|
|
6
|
+
* (Google, GitHub) and maps their profiles to the internal auth_users schema.
|
|
7
|
+
*
|
|
8
|
+
* Design:
|
|
9
|
+
* - Providers are configured via environment variables.
|
|
10
|
+
* - The proxy handles the callback, exchanges the code for tokens, and fetches the profile.
|
|
11
|
+
* - It creates or links the user in auth_users and auth_accounts.
|
|
12
|
+
* - Returns a session token via SessionManager.
|
|
13
|
+
*/
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.OAuthProxy = void 0;
|
|
16
|
+
const cuid2_1 = require("@paralleldrive/cuid2");
|
|
17
|
+
const constants_js_1 = require("./system/constants.js");
|
|
18
|
+
const logger_js_1 = require("../logging/logger.js");
|
|
19
|
+
class OAuthProxy {
|
|
20
|
+
db;
|
|
21
|
+
sessionManager;
|
|
22
|
+
config;
|
|
23
|
+
constructor(db, sessionManager, config) {
|
|
24
|
+
this.db = db;
|
|
25
|
+
this.sessionManager = sessionManager;
|
|
26
|
+
this.config = config ?? {
|
|
27
|
+
google: this.loadProviderConfig("google"),
|
|
28
|
+
github: this.loadProviderConfig("github"),
|
|
29
|
+
};
|
|
30
|
+
}
|
|
31
|
+
loadProviderConfig(provider) {
|
|
32
|
+
const prefix = `ARCHLAST_OAUTH_${provider.toUpperCase()}`;
|
|
33
|
+
const clientId = process.env[`${prefix}_CLIENT_ID`];
|
|
34
|
+
const clientSecret = process.env[`${prefix}_CLIENT_SECRET`];
|
|
35
|
+
const redirectUri = process.env[`${prefix}_REDIRECT_URI`];
|
|
36
|
+
if (clientId && clientSecret && redirectUri) {
|
|
37
|
+
return { clientId, clientSecret, redirectUri };
|
|
38
|
+
}
|
|
39
|
+
return undefined;
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Generate the OAuth authorization URL for a provider.
|
|
43
|
+
*/
|
|
44
|
+
getAuthorizationUrl(provider, state) {
|
|
45
|
+
const cfg = this.config[provider];
|
|
46
|
+
if (!cfg)
|
|
47
|
+
return null;
|
|
48
|
+
const params = new URLSearchParams();
|
|
49
|
+
params.set("client_id", cfg.clientId);
|
|
50
|
+
params.set("redirect_uri", cfg.redirectUri);
|
|
51
|
+
params.set("state", state);
|
|
52
|
+
params.set("response_type", "code");
|
|
53
|
+
if (provider === "google") {
|
|
54
|
+
params.set("scope", "openid email profile");
|
|
55
|
+
return `https://accounts.google.com/o/oauth2/v2/auth?${params.toString()}`;
|
|
56
|
+
}
|
|
57
|
+
if (provider === "github") {
|
|
58
|
+
params.set("scope", "user:email");
|
|
59
|
+
return `https://github.com/login/oauth/authorize?${params.toString()}`;
|
|
60
|
+
}
|
|
61
|
+
return null;
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* Handle the OAuth callback: exchange code for tokens, fetch profile, create/link user.
|
|
65
|
+
*/
|
|
66
|
+
async handleCallback(provider, code) {
|
|
67
|
+
const cfg = this.config[provider];
|
|
68
|
+
if (!cfg) {
|
|
69
|
+
logger_js_1.logger.log({
|
|
70
|
+
timestamp: Date.now(),
|
|
71
|
+
level: "error",
|
|
72
|
+
kind: "system",
|
|
73
|
+
message: `[OAuthProxy] Provider ${provider} is not configured`,
|
|
74
|
+
});
|
|
75
|
+
return null;
|
|
76
|
+
}
|
|
77
|
+
try {
|
|
78
|
+
// Exchange code for tokens
|
|
79
|
+
const tokens = await this.exchangeCodeForTokens(provider, cfg, code);
|
|
80
|
+
if (!tokens)
|
|
81
|
+
return null;
|
|
82
|
+
// Fetch user profile
|
|
83
|
+
const profile = await this.fetchProfile(provider, tokens.accessToken);
|
|
84
|
+
if (!profile)
|
|
85
|
+
return null;
|
|
86
|
+
const fullProfile = {
|
|
87
|
+
provider,
|
|
88
|
+
...profile,
|
|
89
|
+
accessToken: tokens.accessToken,
|
|
90
|
+
refreshToken: tokens.refreshToken,
|
|
91
|
+
expiresAt: tokens.expiresAt,
|
|
92
|
+
};
|
|
93
|
+
// Create or link user
|
|
94
|
+
const { userId, isNewUser, tenantId } = await this.createOrLinkUser(fullProfile);
|
|
95
|
+
// Issue session
|
|
96
|
+
const session = await this.sessionManager.issueSession({ userId, tenantId });
|
|
97
|
+
return { token: session.token, userId, isNewUser };
|
|
98
|
+
}
|
|
99
|
+
catch (err) {
|
|
100
|
+
logger_js_1.logger.log({
|
|
101
|
+
timestamp: Date.now(),
|
|
102
|
+
level: "error",
|
|
103
|
+
kind: "system",
|
|
104
|
+
message: `[OAuthProxy] Callback error for ${provider}`,
|
|
105
|
+
context: { err },
|
|
106
|
+
});
|
|
107
|
+
return null;
|
|
108
|
+
}
|
|
109
|
+
}
|
|
110
|
+
async exchangeCodeForTokens(provider, cfg, code) {
|
|
111
|
+
let tokenUrl;
|
|
112
|
+
const body = new URLSearchParams();
|
|
113
|
+
body.set("code", code);
|
|
114
|
+
body.set("client_id", cfg.clientId);
|
|
115
|
+
body.set("client_secret", cfg.clientSecret);
|
|
116
|
+
body.set("redirect_uri", cfg.redirectUri);
|
|
117
|
+
body.set("grant_type", "authorization_code");
|
|
118
|
+
if (provider === "google") {
|
|
119
|
+
tokenUrl = "https://oauth2.googleapis.com/token";
|
|
120
|
+
}
|
|
121
|
+
else if (provider === "github") {
|
|
122
|
+
tokenUrl = "https://github.com/login/oauth/access_token";
|
|
123
|
+
}
|
|
124
|
+
else {
|
|
125
|
+
return null;
|
|
126
|
+
}
|
|
127
|
+
const headers = {
|
|
128
|
+
"Content-Type": "application/x-www-form-urlencoded",
|
|
129
|
+
};
|
|
130
|
+
if (provider === "github") {
|
|
131
|
+
headers["Accept"] = "application/json";
|
|
132
|
+
}
|
|
133
|
+
const res = await fetch(tokenUrl, {
|
|
134
|
+
method: "POST",
|
|
135
|
+
headers,
|
|
136
|
+
body: body.toString(),
|
|
137
|
+
});
|
|
138
|
+
if (!res.ok) {
|
|
139
|
+
logger_js_1.logger.log({
|
|
140
|
+
timestamp: Date.now(),
|
|
141
|
+
level: "error",
|
|
142
|
+
kind: "system",
|
|
143
|
+
message: `[OAuthProxy] Token exchange failed for ${provider}`,
|
|
144
|
+
context: { status: res.status },
|
|
145
|
+
});
|
|
146
|
+
return null;
|
|
147
|
+
}
|
|
148
|
+
const data = await res.json();
|
|
149
|
+
const accessToken = data.access_token;
|
|
150
|
+
const refreshToken = data.refresh_token;
|
|
151
|
+
const expiresIn = data.expires_in;
|
|
152
|
+
const expiresAt = expiresIn ? Date.now() + expiresIn * 1000 : undefined;
|
|
153
|
+
if (!accessToken)
|
|
154
|
+
return null;
|
|
155
|
+
return { accessToken, refreshToken, expiresAt };
|
|
156
|
+
}
|
|
157
|
+
async fetchProfile(provider, accessToken) {
|
|
158
|
+
if (provider === "google") {
|
|
159
|
+
const res = await fetch("https://www.googleapis.com/oauth2/v3/userinfo", {
|
|
160
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
161
|
+
});
|
|
162
|
+
if (!res.ok)
|
|
163
|
+
return null;
|
|
164
|
+
const data = await res.json();
|
|
165
|
+
return {
|
|
166
|
+
providerAccountId: data.sub,
|
|
167
|
+
email: data.email,
|
|
168
|
+
emailVerified: data.email_verified ?? false,
|
|
169
|
+
name: data.name,
|
|
170
|
+
imageUrl: data.picture,
|
|
171
|
+
};
|
|
172
|
+
}
|
|
173
|
+
if (provider === "github") {
|
|
174
|
+
const res = await fetch("https://api.github.com/user", {
|
|
175
|
+
headers: { Authorization: `Bearer ${accessToken}`, "User-Agent": "Archlast-OAuth" },
|
|
176
|
+
});
|
|
177
|
+
if (!res.ok)
|
|
178
|
+
return null;
|
|
179
|
+
const data = await res.json();
|
|
180
|
+
// Fetch primary email
|
|
181
|
+
const emailRes = await fetch("https://api.github.com/user/emails", {
|
|
182
|
+
headers: { Authorization: `Bearer ${accessToken}`, "User-Agent": "Archlast-OAuth" },
|
|
183
|
+
});
|
|
184
|
+
let email = "";
|
|
185
|
+
let emailVerified = false;
|
|
186
|
+
if (emailRes.ok) {
|
|
187
|
+
const emails = await emailRes.json();
|
|
188
|
+
const primary = emails.find((e) => e.primary);
|
|
189
|
+
if (primary) {
|
|
190
|
+
email = primary.email;
|
|
191
|
+
emailVerified = primary.verified ?? false;
|
|
192
|
+
}
|
|
193
|
+
}
|
|
194
|
+
return {
|
|
195
|
+
providerAccountId: String(data.id),
|
|
196
|
+
email,
|
|
197
|
+
emailVerified,
|
|
198
|
+
name: data.name || data.login,
|
|
199
|
+
imageUrl: data.avatar_url,
|
|
200
|
+
};
|
|
201
|
+
}
|
|
202
|
+
return null;
|
|
203
|
+
}
|
|
204
|
+
async createOrLinkUser(profile) {
|
|
205
|
+
// Check if account already exists
|
|
206
|
+
const existingAccount = await this.db.findFirst(constants_js_1.AUTH_COLLECTIONS.accounts, {
|
|
207
|
+
where: {
|
|
208
|
+
and: [
|
|
209
|
+
{ provider: { eq: profile.provider } },
|
|
210
|
+
{ providerAccountId: { eq: profile.providerAccountId } },
|
|
211
|
+
],
|
|
212
|
+
},
|
|
213
|
+
});
|
|
214
|
+
if (existingAccount) {
|
|
215
|
+
const userId = existingAccount.userId;
|
|
216
|
+
// Update tokens
|
|
217
|
+
await this.db.patch(constants_js_1.AUTH_COLLECTIONS.accounts, existingAccount._id, {
|
|
218
|
+
accessToken: profile.accessToken,
|
|
219
|
+
refreshToken: profile.refreshToken,
|
|
220
|
+
expiresAt: profile.expiresAt,
|
|
221
|
+
updatedAt: Date.now(),
|
|
222
|
+
});
|
|
223
|
+
// Get tenant
|
|
224
|
+
const membership = await this.db.findFirst(constants_js_1.AUTH_COLLECTIONS.memberships, {
|
|
225
|
+
where: { userId: { eq: userId } },
|
|
226
|
+
});
|
|
227
|
+
return {
|
|
228
|
+
userId,
|
|
229
|
+
isNewUser: false,
|
|
230
|
+
tenantId: membership?.tenantId ?? "",
|
|
231
|
+
};
|
|
232
|
+
}
|
|
233
|
+
// Check if user with same email exists
|
|
234
|
+
let userId;
|
|
235
|
+
let tenantId;
|
|
236
|
+
let isNewUser = true;
|
|
237
|
+
const existingUser = await this.db.findFirst(constants_js_1.AUTH_COLLECTIONS.users, {
|
|
238
|
+
where: { email: { eq: profile.email } },
|
|
239
|
+
});
|
|
240
|
+
if (existingUser) {
|
|
241
|
+
userId = existingUser._id;
|
|
242
|
+
isNewUser = false;
|
|
243
|
+
const membership = await this.db.findFirst(constants_js_1.AUTH_COLLECTIONS.memberships, {
|
|
244
|
+
where: { userId: { eq: userId } },
|
|
245
|
+
});
|
|
246
|
+
tenantId = membership?.tenantId ?? "";
|
|
247
|
+
}
|
|
248
|
+
else {
|
|
249
|
+
// Create new user
|
|
250
|
+
const now = Date.now();
|
|
251
|
+
userId = (0, cuid2_1.createId)();
|
|
252
|
+
await this.db.insert(constants_js_1.AUTH_COLLECTIONS.users, {
|
|
253
|
+
_id: userId,
|
|
254
|
+
email: profile.email,
|
|
255
|
+
emailVerified: profile.emailVerified,
|
|
256
|
+
name: profile.name,
|
|
257
|
+
imageUrl: profile.imageUrl,
|
|
258
|
+
createdAt: now,
|
|
259
|
+
updatedAt: now,
|
|
260
|
+
});
|
|
261
|
+
// Create default tenant
|
|
262
|
+
tenantId = (0, cuid2_1.createId)();
|
|
263
|
+
await this.db.insert(constants_js_1.AUTH_COLLECTIONS.tenants, {
|
|
264
|
+
_id: tenantId,
|
|
265
|
+
name: `${profile.name || profile.email}'s Workspace`,
|
|
266
|
+
ownerId: userId,
|
|
267
|
+
createdAt: now,
|
|
268
|
+
updatedAt: now,
|
|
269
|
+
});
|
|
270
|
+
// Create membership
|
|
271
|
+
await this.db.insert(constants_js_1.AUTH_COLLECTIONS.memberships, {
|
|
272
|
+
_id: (0, cuid2_1.createId)(),
|
|
273
|
+
tenantId,
|
|
274
|
+
userId,
|
|
275
|
+
role: constants_js_1.TENANT_ROLES.owner,
|
|
276
|
+
permissions: [],
|
|
277
|
+
createdAt: now,
|
|
278
|
+
updatedAt: now,
|
|
279
|
+
});
|
|
280
|
+
}
|
|
281
|
+
// Create account record
|
|
282
|
+
const now = Date.now();
|
|
283
|
+
await this.db.insert(constants_js_1.AUTH_COLLECTIONS.accounts, {
|
|
284
|
+
_id: (0, cuid2_1.createId)(),
|
|
285
|
+
userId,
|
|
286
|
+
provider: profile.provider,
|
|
287
|
+
providerAccountId: profile.providerAccountId,
|
|
288
|
+
accessToken: profile.accessToken,
|
|
289
|
+
refreshToken: profile.refreshToken,
|
|
290
|
+
expiresAt: profile.expiresAt,
|
|
291
|
+
createdAt: now,
|
|
292
|
+
updatedAt: now,
|
|
293
|
+
});
|
|
294
|
+
return { userId, isNewUser, tenantId };
|
|
295
|
+
}
|
|
296
|
+
}
|
|
297
|
+
exports.OAuthProxy = OAuthProxy;
|
|
298
|
+
//# sourceMappingURL=oauth-proxy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-proxy.js","sourceRoot":"","sources":["../../src/auth/oauth-proxy.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAEH,gDAAgD;AAEhD,wDAAuE;AAGvE,oDAA8C;AA2B9C,MAAa,UAAU;IACF,EAAE,CAAkB;IACpB,cAAc,CAAiB;IAC/B,MAAM,CAAmB;IAE1C,YAAY,EAAmB,EAAE,cAA8B,EAAE,MAAyB;QACtF,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI;YACpB,MAAM,EAAE,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC;YACzC,MAAM,EAAE,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC;SAC5C,CAAC;IACN,CAAC;IAEO,kBAAkB,CAAC,QAAuB;QAC9C,MAAM,MAAM,GAAG,kBAAkB,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC;QAC1D,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,YAAY,CAAC,CAAC;QACpD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,gBAAgB,CAAC,CAAC;QAC5D,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,eAAe,CAAC,CAAC;QAE1D,IAAI,QAAQ,IAAI,YAAY,IAAI,WAAW,EAAE,CAAC;YAC1C,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC;QACnD,CAAC;QACD,OAAO,SAAS,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,QAAuB,EAAE,KAAa;QACtD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QAEtB,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAEpC,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACxB,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;YAC5C,OAAO,gDAAgD,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;QAC/E,CAAC;QAED,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACxB,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YAClC,OAAO,4CAA4C,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;QAC3E,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAChB,QAAuB,EACvB,IAAY;QAEZ,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,CAAC,GAAG,EAAE,CAAC;YACP,kBAAM,CAAC,GAAG,CAAC;gBACP,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,KAAK,EAAE,OAAO;gBACd,IAAI,EAAE,QAAQ;gBACd,OAAO,EAAE,yBAAyB,QAAQ,oBAAoB;aACjE,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACD,2BAA2B;YAC3B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;YACrE,IAAI,CAAC,MAAM;gBAAE,OAAO,IAAI,CAAC;YAEzB,qBAAqB;YACrB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;YACtE,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC;YAE1B,MAAM,WAAW,GAAyB;gBACtC,QAAQ;gBACR,GAAG,OAAO;gBACV,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,SAAS,EAAE,MAAM,CAAC,SAAS;aAC9B,CAAC;YAEF,sBAAsB;YACtB,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;YAEjF,gBAAgB;YAChB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;YAE7E,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;QACvD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,kBAAM,CAAC,GAAG,CAAC;gBACP,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,KAAK,EAAE,OAAO;gBACd,IAAI,EAAE,QAAQ;gBACd,OAAO,EAAE,mCAAmC,QAAQ,EAAE;gBACtD,OAAO,EAAE,EAAE,GAAG,EAAE;aACnB,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,qBAAqB,CAC/B,QAAuB,EACvB,GAAgB,EAChB,IAAY;QAEZ,IAAI,QAAgB,CAAC;QACrB,MAAM,IAAI,GAAG,IAAI,eAAe,EAAE,CAAC;QACnC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;QACpC,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC;QAC5C,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;QAC1C,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,oBAAoB,CAAC,CAAC;QAE7C,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACxB,QAAQ,GAAG,qCAAqC,CAAC;QACrD,CAAC;aAAM,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC/B,QAAQ,GAAG,6CAA6C,CAAC;QAC7D,CAAC;aAAM,CAAC;YACJ,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,OAAO,GAA2B;YACpC,cAAc,EAAE,mCAAmC;SACtD,CAAC;QACF,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACxB,OAAO,CAAC,QAAQ,CAAC,GAAG,kBAAkB,CAAC;QAC3C,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;YAC9B,MAAM,EAAE,MAAM;YACd,OAAO;YACP,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;SACxB,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACV,kBAAM,CAAC,GAAG,CAAC;gBACP,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,KAAK,EAAE,OAAO;gBACd,IAAI,EAAE,QAAQ;gBACd,OAAO,EAAE,0CAA0C,QAAQ,EAAE;gBAC7D,OAAO,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE;aAClC,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC;QACtC,MAAM,YAAY,GAAG,IAAI,CAAC,aAAa,CAAC;QACxC,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC;QAClC,MAAM,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;QAExE,IAAI,CAAC,WAAW;YAAE,OAAO,IAAI,CAAC;QAE9B,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;IACpD,CAAC;IAEO,KAAK,CAAC,YAAY,CACtB,QAAuB,EACvB,WAAmB;QAQnB,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,+CAA+C,EAAE;gBACrE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;aACtD,CAAC,CAAC;YACH,IAAI,CAAC,GAAG,CAAC,EAAE;gBAAE,OAAO,IAAI,CAAC;YACzB,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;YAC9B,OAAO;gBACH,iBAAiB,EAAE,IAAI,CAAC,GAAG;gBAC3B,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,aAAa,EAAE,IAAI,CAAC,cAAc,IAAI,KAAK;gBAC3C,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,QAAQ,EAAE,IAAI,CAAC,OAAO;aACzB,CAAC;QACN,CAAC;QAED,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,6BAA6B,EAAE;gBACnD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,YAAY,EAAE,gBAAgB,EAAE;aACtF,CAAC,CAAC;YACH,IAAI,CAAC,GAAG,CAAC,EAAE;gBAAE,OAAO,IAAI,CAAC;YACzB,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;YAE9B,sBAAsB;YACtB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,oCAAoC,EAAE;gBAC/D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,YAAY,EAAE,gBAAgB,EAAE;aACtF,CAAC,CAAC;YACH,IAAI,KAAK,GAAG,EAAE,CAAC;YACf,IAAI,aAAa,GAAG,KAAK,CAAC;YAC1B,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACd,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACrC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;gBACnD,IAAI,OAAO,EAAE,CAAC;oBACV,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;oBACtB,aAAa,GAAG,OAAO,CAAC,QAAQ,IAAI,KAAK,CAAC;gBAC9C,CAAC;YACL,CAAC;YAED,OAAO;gBACH,iBAAiB,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClC,KAAK;gBACL,aAAa;gBACb,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK;gBAC7B,QAAQ,EAAE,IAAI,CAAC,UAAU;aAC5B,CAAC;QACN,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAC1B,OAA6B;QAE7B,kCAAkC;QAClC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,+BAAgB,CAAC,QAAQ,EAAE;YACvE,KAAK,EAAE;gBACH,GAAG,EAAE;oBACD,EAAE,QAAQ,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,EAAE;oBACtC,EAAE,iBAAiB,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,iBAAiB,EAAE,EAAE;iBAC3D;aACJ;SACJ,CAAC,CAAC;QAEH,IAAI,eAAe,EAAE,CAAC;YAClB,MAAM,MAAM,GAAI,eAAuB,CAAC,MAAM,CAAC;YAC/C,gBAAgB;YAChB,MAAM,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,+BAAgB,CAAC,QAAQ,EAAG,eAAuB,CAAC,GAAG,EAAE;gBACzE,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,YAAY,EAAE,OAAO,CAAC,YAAY;gBAClC,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACxB,CAAC,CAAC;YAEH,aAAa;YACb,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,+BAAgB,CAAC,WAAW,EAAE;gBACrE,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE;aACpC,CAAC,CAAC;YAEH,OAAO;gBACH,MAAM;gBACN,SAAS,EAAE,KAAK;gBAChB,QAAQ,EAAG,UAAkB,EAAE,QAAQ,IAAI,EAAE;aAChD,CAAC;QACN,CAAC;QAED,uCAAuC;QACvC,IAAI,MAAc,CAAC;QACnB,IAAI,QAAgB,CAAC;QACrB,IAAI,SAAS,GAAG,IAAI,CAAC;QAErB,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,+BAAgB,CAAC,KAAK,EAAE;YACjE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,KAAK,EAAE,EAAE;SAC1C,CAAC,CAAC;QAEH,IAAI,YAAY,EAAE,CAAC;YACf,MAAM,GAAI,YAAoB,CAAC,GAAG,CAAC;YACnC,SAAS,GAAG,KAAK,CAAC;YAElB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,+BAAgB,CAAC,WAAW,EAAE;gBACrE,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE;aACpC,CAAC,CAAC;YACH,QAAQ,GAAI,UAAkB,EAAE,QAAQ,IAAI,EAAE,CAAC;QACnD,CAAC;aAAM,CAAC;YACJ,kBAAkB;YAClB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,MAAM,GAAG,IAAA,gBAAQ,GAAE,CAAC;YAEpB,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,+BAAgB,CAAC,KAAK,EAAE;gBACzC,GAAG,EAAE,MAAM;gBACX,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,SAAS,EAAE,GAAG;gBACd,SAAS,EAAE,GAAG;aACjB,CAAC,CAAC;YAEH,wBAAwB;YACxB,QAAQ,GAAG,IAAA,gBAAQ,GAAE,CAAC;YACtB,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,+BAAgB,CAAC,OAAO,EAAE;gBAC3C,GAAG,EAAE,QAAQ;gBACb,IAAI,EAAE,GAAG,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,KAAK,cAAc;gBACpD,OAAO,EAAE,MAAM;gBACf,SAAS,EAAE,GAAG;gBACd,SAAS,EAAE,GAAG;aACjB,CAAC,CAAC;YAEH,oBAAoB;YACpB,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,+BAAgB,CAAC,WAAW,EAAE;gBAC/C,GAAG,EAAE,IAAA,gBAAQ,GAAE;gBACf,QAAQ;gBACR,MAAM;gBACN,IAAI,EAAE,2BAAY,CAAC,KAAK;gBACxB,WAAW,EAAE,EAAE;gBACf,SAAS,EAAE,GAAG;gBACd,SAAS,EAAE,GAAG;aACjB,CAAC,CAAC;QACP,CAAC;QAED,wBAAwB;QACxB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,+BAAgB,CAAC,QAAQ,EAAE;YAC5C,GAAG,EAAE,IAAA,gBAAQ,GAAE;YACf,MAAM;YACN,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;YAC5C,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,GAAG;SACjB,CAAC,CAAC;QAEH,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;IAC3C,CAAC;CACJ;AAtUD,gCAsUC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/auth/otp/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,SAAS,EAAE,KAAK,OAAO,EAAE,MAAM,aAAa,CAAC;AAClF,OAAO,EAAE,gBAAgB,EAAE,KAAK,UAAU,EAAE,MAAM,cAAc,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* OTP Module Exports
|
|
4
|
+
*/
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.createOtpService = exports.OTP_TYPES = exports.OTP_COLLECTIONS = exports.otpSchema = void 0;
|
|
7
|
+
var schema_js_1 = require("./schema.js");
|
|
8
|
+
Object.defineProperty(exports, "otpSchema", { enumerable: true, get: function () { return schema_js_1.otpSchema; } });
|
|
9
|
+
Object.defineProperty(exports, "OTP_COLLECTIONS", { enumerable: true, get: function () { return schema_js_1.OTP_COLLECTIONS; } });
|
|
10
|
+
Object.defineProperty(exports, "OTP_TYPES", { enumerable: true, get: function () { return schema_js_1.OTP_TYPES; } });
|
|
11
|
+
var service_js_1 = require("./service.js");
|
|
12
|
+
Object.defineProperty(exports, "createOtpService", { enumerable: true, get: function () { return service_js_1.createOtpService; } });
|
|
13
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/auth/otp/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,yCAAkF;AAAzE,sGAAA,SAAS,OAAA;AAAE,4GAAA,eAAe,OAAA;AAAE,sGAAA,SAAS,OAAA;AAC9C,2CAAiE;AAAxD,8GAAA,gBAAgB,OAAA"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* OTP (One-Time Password) Schema
|
|
3
|
+
* Supports magic links and email verification codes
|
|
4
|
+
*/
|
|
5
|
+
export declare const OTP_COLLECTIONS: {
|
|
6
|
+
readonly codes: "_auth_otp_codes";
|
|
7
|
+
};
|
|
8
|
+
export declare const otpSchema: {
|
|
9
|
+
tables: {
|
|
10
|
+
/**
|
|
11
|
+
* _auth_otp_codes
|
|
12
|
+
* Stores OTP/magic link tokens
|
|
13
|
+
*/
|
|
14
|
+
_auth_otp_codes: import("../../schema/definition.js").TableDefinition<{
|
|
15
|
+
_id: import("../../schema/validators.js").FieldSchema<import("zod").ZodString>;
|
|
16
|
+
userId: import("../../schema/validators.js").FieldSchema<import("zod").ZodOptional<import("zod").ZodString>>;
|
|
17
|
+
email: import("../../schema/validators.js").FieldSchema<import("zod").ZodString>;
|
|
18
|
+
code: import("../../schema/validators.js").FieldSchema<import("zod").ZodString>;
|
|
19
|
+
type: import("../../schema/validators.js").FieldSchema<import("zod").ZodString>;
|
|
20
|
+
expiresAt: import("../../schema/validators.js").FieldSchema<import("zod").ZodNumber>;
|
|
21
|
+
usedAt: import("../../schema/validators.js").FieldSchema<import("zod").ZodOptional<import("zod").ZodNumber>>;
|
|
22
|
+
createdAt: import("../../schema/validators.js").FieldSchema<import("zod").ZodNumber>;
|
|
23
|
+
}>;
|
|
24
|
+
};
|
|
25
|
+
};
|
|
26
|
+
export declare const OTP_TYPES: {
|
|
27
|
+
readonly MAGIC_LINK: "magic_link";
|
|
28
|
+
readonly EMAIL_VERIFICATION: "email_verification";
|
|
29
|
+
readonly PASSWORD_RESET: "password_reset";
|
|
30
|
+
};
|
|
31
|
+
export type OtpType = (typeof OTP_TYPES)[keyof typeof OTP_TYPES];
|
|
32
|
+
//# sourceMappingURL=schema.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../src/auth/otp/schema.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,eAAO,MAAM,eAAe;;CAElB,CAAC;AAEX,eAAO,MAAM,SAAS;;QAClB;;;WAGG;;;;;;;;;;;;CAmBL,CAAC;AAEH,eAAO,MAAM,SAAS;;;;CAIZ,CAAC;AAEX,MAAM,MAAM,OAAO,GAAG,CAAC,OAAO,SAAS,CAAC,CAAC,MAAM,OAAO,SAAS,CAAC,CAAC"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* OTP (One-Time Password) Schema
|
|
4
|
+
* Supports magic links and email verification codes
|
|
5
|
+
*/
|
|
6
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
+
exports.OTP_TYPES = exports.otpSchema = exports.OTP_COLLECTIONS = void 0;
|
|
8
|
+
const definition_js_1 = require("../../schema/definition.js");
|
|
9
|
+
exports.OTP_COLLECTIONS = {
|
|
10
|
+
codes: "_auth_otp_codes",
|
|
11
|
+
};
|
|
12
|
+
exports.otpSchema = (0, definition_js_1.defineSchema)({
|
|
13
|
+
/**
|
|
14
|
+
* _auth_otp_codes
|
|
15
|
+
* Stores OTP/magic link tokens
|
|
16
|
+
*/
|
|
17
|
+
[exports.OTP_COLLECTIONS.codes]: (0, definition_js_1.defineTable)({
|
|
18
|
+
_id: definition_js_1.v.id().primaryKey(),
|
|
19
|
+
userId: definition_js_1.v.string().optional(), // null for signups
|
|
20
|
+
email: definition_js_1.v.string(),
|
|
21
|
+
code: definition_js_1.v.string(), // hashed
|
|
22
|
+
type: definition_js_1.v.string(), // "magic_link" | "email_verification" | "password_reset"
|
|
23
|
+
expiresAt: definition_js_1.v.number(),
|
|
24
|
+
usedAt: definition_js_1.v.number().optional(),
|
|
25
|
+
createdAt: definition_js_1.v.number(),
|
|
26
|
+
}, {
|
|
27
|
+
indexes: [
|
|
28
|
+
{ fields: ["email", "type"], name: "idx_otp_email_type" },
|
|
29
|
+
{ fields: ["code"], name: "idx_otp_code" },
|
|
30
|
+
],
|
|
31
|
+
}),
|
|
32
|
+
});
|
|
33
|
+
exports.OTP_TYPES = {
|
|
34
|
+
MAGIC_LINK: "magic_link",
|
|
35
|
+
EMAIL_VERIFICATION: "email_verification",
|
|
36
|
+
PASSWORD_RESET: "password_reset",
|
|
37
|
+
};
|
|
38
|
+
//# sourceMappingURL=schema.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../../src/auth/otp/schema.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,8DAA0E;AAE7D,QAAA,eAAe,GAAG;IAC3B,KAAK,EAAE,iBAAiB;CAClB,CAAC;AAEE,QAAA,SAAS,GAAG,IAAA,4BAAY,EAAC;IAClC;;;OAGG;IACH,CAAC,uBAAe,CAAC,KAAK,CAAC,EAAE,IAAA,2BAAW,EAChC;QACI,GAAG,EAAE,iBAAC,CAAC,EAAE,EAAE,CAAC,UAAU,EAAE;QACxB,MAAM,EAAE,iBAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,mBAAmB;QAClD,KAAK,EAAE,iBAAC,CAAC,MAAM,EAAE;QACjB,IAAI,EAAE,iBAAC,CAAC,MAAM,EAAE,EAAE,SAAS;QAC3B,IAAI,EAAE,iBAAC,CAAC,MAAM,EAAE,EAAE,yDAAyD;QAC3E,SAAS,EAAE,iBAAC,CAAC,MAAM,EAAE;QACrB,MAAM,EAAE,iBAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC7B,SAAS,EAAE,iBAAC,CAAC,MAAM,EAAE;KACxB,EACD;QACI,OAAO,EAAE;YACL,EAAE,MAAM,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE,IAAI,EAAE,oBAAoB,EAAE;YACzD,EAAE,MAAM,EAAE,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE;SAC7C;KACJ,CACJ;CACJ,CAAC,CAAC;AAEU,QAAA,SAAS,GAAG;IACrB,UAAU,EAAE,YAAY;IACxB,kBAAkB,EAAE,oBAAoB;IACxC,cAAc,EAAE,gBAAgB;CAC1B,CAAC"}
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* OTP Service
|
|
3
|
+
* Generates and validates one-time passwords and magic links
|
|
4
|
+
*/
|
|
5
|
+
import type { IDatabaseClient } from "../../db/interfaces.js";
|
|
6
|
+
import { type OtpType } from "./schema.js";
|
|
7
|
+
export interface OtpService {
|
|
8
|
+
/**
|
|
9
|
+
* Create an OTP code for email verification
|
|
10
|
+
*/
|
|
11
|
+
createOtp(options: {
|
|
12
|
+
email: string;
|
|
13
|
+
userId?: string;
|
|
14
|
+
type: OtpType;
|
|
15
|
+
expiryMinutes?: number;
|
|
16
|
+
}): Promise<{
|
|
17
|
+
code: string;
|
|
18
|
+
expiresAt: number;
|
|
19
|
+
}>;
|
|
20
|
+
/**
|
|
21
|
+
* Create a magic link token
|
|
22
|
+
*/
|
|
23
|
+
createMagicLink(options: {
|
|
24
|
+
email: string;
|
|
25
|
+
userId?: string;
|
|
26
|
+
expiryMinutes?: number;
|
|
27
|
+
}): Promise<{
|
|
28
|
+
token: string;
|
|
29
|
+
expiresAt: number;
|
|
30
|
+
}>;
|
|
31
|
+
/**
|
|
32
|
+
* Verify an OTP code
|
|
33
|
+
*/
|
|
34
|
+
verifyOtp(options: {
|
|
35
|
+
email: string;
|
|
36
|
+
code: string;
|
|
37
|
+
type: OtpType;
|
|
38
|
+
}): Promise<{
|
|
39
|
+
valid: boolean;
|
|
40
|
+
userId?: string;
|
|
41
|
+
}>;
|
|
42
|
+
/**
|
|
43
|
+
* Verify a magic link token
|
|
44
|
+
*/
|
|
45
|
+
verifyMagicLink(token: string): Promise<{
|
|
46
|
+
valid: boolean;
|
|
47
|
+
email?: string;
|
|
48
|
+
userId?: string;
|
|
49
|
+
}>;
|
|
50
|
+
/**
|
|
51
|
+
* Cleanup expired OTPs
|
|
52
|
+
*/
|
|
53
|
+
cleanupExpired(): Promise<number>;
|
|
54
|
+
}
|
|
55
|
+
/**
|
|
56
|
+
* Create OTP Service instance
|
|
57
|
+
*/
|
|
58
|
+
export declare function createOtpService(db: IDatabaseClient): OtpService;
|
|
59
|
+
//# sourceMappingURL=service.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../../../src/auth/otp/service.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAC9D,OAAO,EAA8B,KAAK,OAAO,EAAE,MAAM,aAAa,CAAC;AA8BvE,MAAM,WAAW,UAAU;IACvB;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE;QACf,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,IAAI,EAAE,OAAO,CAAC;QACd,aAAa,CAAC,EAAE,MAAM,CAAC;KAC1B,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAEjD;;OAEG;IACH,eAAe,CAAC,OAAO,EAAE;QACrB,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,aAAa,CAAC,EAAE,MAAM,CAAC;KAC1B,GAAG,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAElD;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE;QACf,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,OAAO,CAAC;KACjB,GAAG,OAAO,CAAC;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAEjD;;OAEG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAE7F;;OAEG;IACH,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CACrC;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,EAAE,EAAE,eAAe,GAAG,UAAU,CA2LhE"}
|
|
@@ -0,0 +1,183 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* OTP Service
|
|
4
|
+
* Generates and validates one-time passwords and magic links
|
|
5
|
+
*/
|
|
6
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
+
exports.createOtpService = createOtpService;
|
|
8
|
+
const cuid2_1 = require("@paralleldrive/cuid2");
|
|
9
|
+
const crypto_1 = require("crypto");
|
|
10
|
+
const schema_js_1 = require("./schema.js");
|
|
11
|
+
const OTP_CODE_LENGTH = 6;
|
|
12
|
+
const MAGIC_LINK_LENGTH = 32;
|
|
13
|
+
const DEFAULT_EXPIRY_MINUTES = 10;
|
|
14
|
+
/**
|
|
15
|
+
* Hash a code for secure storage
|
|
16
|
+
*/
|
|
17
|
+
function hashCode(code) {
|
|
18
|
+
return (0, crypto_1.createHash)("sha256").update(code).digest("hex");
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Generate a numeric OTP code
|
|
22
|
+
*/
|
|
23
|
+
function generateOtpCode() {
|
|
24
|
+
const bytes = (0, crypto_1.randomBytes)(4);
|
|
25
|
+
const num = bytes.readUInt32BE(0);
|
|
26
|
+
const code = String(num % 1000000).padStart(OTP_CODE_LENGTH, "0");
|
|
27
|
+
return code;
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Generate a magic link token
|
|
31
|
+
*/
|
|
32
|
+
function generateMagicToken() {
|
|
33
|
+
return (0, crypto_1.randomBytes)(MAGIC_LINK_LENGTH).toString("base64url");
|
|
34
|
+
}
|
|
35
|
+
/**
|
|
36
|
+
* Create OTP Service instance
|
|
37
|
+
*/
|
|
38
|
+
function createOtpService(db) {
|
|
39
|
+
async function createOtp(options) {
|
|
40
|
+
const code = generateOtpCode();
|
|
41
|
+
const expiryMinutes = options.expiryMinutes ?? DEFAULT_EXPIRY_MINUTES;
|
|
42
|
+
const now = Date.now();
|
|
43
|
+
const expiresAt = now + expiryMinutes * 60 * 1000;
|
|
44
|
+
// Invalidate any existing codes for this email/type
|
|
45
|
+
const existing = await db.findMany(schema_js_1.OTP_COLLECTIONS.codes, {
|
|
46
|
+
where: {
|
|
47
|
+
and: [
|
|
48
|
+
{ email: { eq: options.email } },
|
|
49
|
+
{ type: { eq: options.type } },
|
|
50
|
+
{ usedAt: { eq: null } },
|
|
51
|
+
],
|
|
52
|
+
},
|
|
53
|
+
});
|
|
54
|
+
for (const record of existing) {
|
|
55
|
+
await db.patch(schema_js_1.OTP_COLLECTIONS.codes, record._id, {
|
|
56
|
+
usedAt: now, // Mark as used/invalidated
|
|
57
|
+
});
|
|
58
|
+
}
|
|
59
|
+
// Create new OTP
|
|
60
|
+
await db.insert(schema_js_1.OTP_COLLECTIONS.codes, {
|
|
61
|
+
_id: (0, cuid2_1.createId)(),
|
|
62
|
+
userId: options.userId || null,
|
|
63
|
+
email: options.email,
|
|
64
|
+
code: hashCode(code),
|
|
65
|
+
type: options.type,
|
|
66
|
+
expiresAt,
|
|
67
|
+
usedAt: null,
|
|
68
|
+
createdAt: now,
|
|
69
|
+
});
|
|
70
|
+
return { code, expiresAt };
|
|
71
|
+
}
|
|
72
|
+
async function createMagicLink(options) {
|
|
73
|
+
const token = generateMagicToken();
|
|
74
|
+
const expiryMinutes = options.expiryMinutes ?? 15;
|
|
75
|
+
const now = Date.now();
|
|
76
|
+
const expiresAt = now + expiryMinutes * 60 * 1000;
|
|
77
|
+
// Invalidate existing magic links
|
|
78
|
+
const existing = await db.findMany(schema_js_1.OTP_COLLECTIONS.codes, {
|
|
79
|
+
where: {
|
|
80
|
+
and: [
|
|
81
|
+
{ email: { eq: options.email } },
|
|
82
|
+
{ type: { eq: schema_js_1.OTP_TYPES.MAGIC_LINK } },
|
|
83
|
+
{ usedAt: { eq: null } },
|
|
84
|
+
],
|
|
85
|
+
},
|
|
86
|
+
});
|
|
87
|
+
for (const record of existing) {
|
|
88
|
+
await db.patch(schema_js_1.OTP_COLLECTIONS.codes, record._id, {
|
|
89
|
+
usedAt: now,
|
|
90
|
+
});
|
|
91
|
+
}
|
|
92
|
+
// Create new magic link
|
|
93
|
+
await db.insert(schema_js_1.OTP_COLLECTIONS.codes, {
|
|
94
|
+
_id: (0, cuid2_1.createId)(),
|
|
95
|
+
userId: options.userId || null,
|
|
96
|
+
email: options.email,
|
|
97
|
+
code: hashCode(token),
|
|
98
|
+
type: schema_js_1.OTP_TYPES.MAGIC_LINK,
|
|
99
|
+
expiresAt,
|
|
100
|
+
usedAt: null,
|
|
101
|
+
createdAt: now,
|
|
102
|
+
});
|
|
103
|
+
return { token, expiresAt };
|
|
104
|
+
}
|
|
105
|
+
async function verifyOtp(options) {
|
|
106
|
+
const hashedCode = hashCode(options.code);
|
|
107
|
+
const now = Date.now();
|
|
108
|
+
const records = await db.findMany(schema_js_1.OTP_COLLECTIONS.codes, {
|
|
109
|
+
where: {
|
|
110
|
+
and: [
|
|
111
|
+
{ email: { eq: options.email } },
|
|
112
|
+
{ type: { eq: options.type } },
|
|
113
|
+
{ code: { eq: hashedCode } },
|
|
114
|
+
{ usedAt: { eq: null } },
|
|
115
|
+
],
|
|
116
|
+
},
|
|
117
|
+
take: 1,
|
|
118
|
+
});
|
|
119
|
+
const record = records[0];
|
|
120
|
+
if (!record) {
|
|
121
|
+
return { valid: false };
|
|
122
|
+
}
|
|
123
|
+
if (record.expiresAt < now) {
|
|
124
|
+
return { valid: false };
|
|
125
|
+
}
|
|
126
|
+
// Mark as used
|
|
127
|
+
await db.patch(schema_js_1.OTP_COLLECTIONS.codes, record._id, {
|
|
128
|
+
usedAt: now,
|
|
129
|
+
});
|
|
130
|
+
return { valid: true, userId: record.userId || undefined };
|
|
131
|
+
}
|
|
132
|
+
async function verifyMagicLink(token) {
|
|
133
|
+
const hashedToken = hashCode(token);
|
|
134
|
+
const now = Date.now();
|
|
135
|
+
const records = await db.findMany(schema_js_1.OTP_COLLECTIONS.codes, {
|
|
136
|
+
where: {
|
|
137
|
+
and: [
|
|
138
|
+
{ type: { eq: schema_js_1.OTP_TYPES.MAGIC_LINK } },
|
|
139
|
+
{ code: { eq: hashedToken } },
|
|
140
|
+
{ usedAt: { eq: null } },
|
|
141
|
+
],
|
|
142
|
+
},
|
|
143
|
+
take: 1,
|
|
144
|
+
});
|
|
145
|
+
const record = records[0];
|
|
146
|
+
if (!record) {
|
|
147
|
+
return { valid: false };
|
|
148
|
+
}
|
|
149
|
+
if (record.expiresAt < now) {
|
|
150
|
+
return { valid: false };
|
|
151
|
+
}
|
|
152
|
+
// Mark as used
|
|
153
|
+
await db.patch(schema_js_1.OTP_COLLECTIONS.codes, record._id, {
|
|
154
|
+
usedAt: now,
|
|
155
|
+
});
|
|
156
|
+
return {
|
|
157
|
+
valid: true,
|
|
158
|
+
email: record.email,
|
|
159
|
+
userId: record.userId || undefined,
|
|
160
|
+
};
|
|
161
|
+
}
|
|
162
|
+
async function cleanupExpired() {
|
|
163
|
+
const now = Date.now();
|
|
164
|
+
const cutoff = now - 24 * 60 * 60 * 1000; // Delete codes older than 24h
|
|
165
|
+
const expired = await db.findMany(schema_js_1.OTP_COLLECTIONS.codes, {
|
|
166
|
+
where: {
|
|
167
|
+
or: [{ expiresAt: { lt: now } }, { createdAt: { lt: cutoff } }],
|
|
168
|
+
},
|
|
169
|
+
});
|
|
170
|
+
for (const record of expired) {
|
|
171
|
+
await db.delete(schema_js_1.OTP_COLLECTIONS.codes, record._id);
|
|
172
|
+
}
|
|
173
|
+
return expired.length;
|
|
174
|
+
}
|
|
175
|
+
return {
|
|
176
|
+
createOtp,
|
|
177
|
+
createMagicLink,
|
|
178
|
+
verifyOtp,
|
|
179
|
+
verifyMagicLink,
|
|
180
|
+
cleanupExpired,
|
|
181
|
+
};
|
|
182
|
+
}
|
|
183
|
+
//# sourceMappingURL=service.js.map
|