@atproto/pds 0.5.12 → 0.5.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (326) hide show
  1. package/CHANGELOG.md +53 -0
  2. package/dist/api/app/bsky/notification/index.d.ts.map +1 -1
  3. package/dist/api/app/bsky/notification/index.js +2 -0
  4. package/dist/api/app/bsky/notification/index.js.map +1 -1
  5. package/dist/api/app/bsky/notification/unregisterPush.d.ts +4 -0
  6. package/dist/api/app/bsky/notification/unregisterPush.d.ts.map +1 -0
  7. package/dist/api/app/bsky/notification/unregisterPush.js +48 -0
  8. package/dist/api/app/bsky/notification/unregisterPush.js.map +1 -0
  9. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts +6 -0
  10. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts.map +1 -1
  11. package/dist/lexicons/app/bsky/actor/defs.defs.js +1 -0
  12. package/dist/lexicons/app/bsky/actor/defs.defs.js.map +1 -1
  13. package/package.json +42 -38
  14. package/build.templates.cjs +0 -22
  15. package/example.env +0 -42
  16. package/jest.config.cjs +0 -27
  17. package/src/account-manager/account-manager.ts +0 -916
  18. package/src/account-manager/db/index.ts +0 -21
  19. package/src/account-manager/db/migrations/001-init.ts +0 -115
  20. package/src/account-manager/db/migrations/002-account-deactivation.ts +0 -17
  21. package/src/account-manager/db/migrations/003-privileged-app-passwords.ts +0 -12
  22. package/src/account-manager/db/migrations/004-oauth.ts +0 -122
  23. package/src/account-manager/db/migrations/005-oauth-account-management.ts +0 -136
  24. package/src/account-manager/db/migrations/006-oauth-permission-sets.ts +0 -20
  25. package/src/account-manager/db/migrations/007-lexicon-failures-index.ts +0 -14
  26. package/src/account-manager/db/migrations/index.ts +0 -17
  27. package/src/account-manager/db/schema/account-device.ts +0 -14
  28. package/src/account-manager/db/schema/account.ts +0 -16
  29. package/src/account-manager/db/schema/actor.ts +0 -17
  30. package/src/account-manager/db/schema/app-password.ts +0 -13
  31. package/src/account-manager/db/schema/authorization-request.ts +0 -30
  32. package/src/account-manager/db/schema/authorized-client.ts +0 -23
  33. package/src/account-manager/db/schema/device.ts +0 -18
  34. package/src/account-manager/db/schema/email-token.ts +0 -19
  35. package/src/account-manager/db/schema/index.ts +0 -43
  36. package/src/account-manager/db/schema/invite-code.ts +0 -24
  37. package/src/account-manager/db/schema/lexicon.ts +0 -15
  38. package/src/account-manager/db/schema/refresh-token.ts +0 -11
  39. package/src/account-manager/db/schema/repo-root.ts +0 -12
  40. package/src/account-manager/db/schema/token.ts +0 -38
  41. package/src/account-manager/db/schema/used-refresh-token.ts +0 -13
  42. package/src/account-manager/helpers/account-device.ts +0 -63
  43. package/src/account-manager/helpers/account.ts +0 -355
  44. package/src/account-manager/helpers/auth.ts +0 -222
  45. package/src/account-manager/helpers/authorization-request.ts +0 -90
  46. package/src/account-manager/helpers/authorized-client.ts +0 -75
  47. package/src/account-manager/helpers/device.ts +0 -47
  48. package/src/account-manager/helpers/email-token.ts +0 -87
  49. package/src/account-manager/helpers/invite.ts +0 -263
  50. package/src/account-manager/helpers/lexicon.ts +0 -67
  51. package/src/account-manager/helpers/password.ts +0 -136
  52. package/src/account-manager/helpers/repo.ts +0 -24
  53. package/src/account-manager/helpers/scrypt.ts +0 -53
  54. package/src/account-manager/helpers/token.ts +0 -158
  55. package/src/account-manager/helpers/used-refresh-token.ts +0 -30
  56. package/src/account-manager/oauth-store.ts +0 -880
  57. package/src/account-manager/scope-reference-getter.ts +0 -106
  58. package/src/actor-store/actor-store-reader.ts +0 -45
  59. package/src/actor-store/actor-store-resources.ts +0 -8
  60. package/src/actor-store/actor-store-transactor.ts +0 -31
  61. package/src/actor-store/actor-store-writer.ts +0 -17
  62. package/src/actor-store/actor-store.ts +0 -210
  63. package/src/actor-store/blob/reader.ts +0 -160
  64. package/src/actor-store/blob/transactor.ts +0 -383
  65. package/src/actor-store/db/index.ts +0 -20
  66. package/src/actor-store/db/migrations/001-init.ts +0 -105
  67. package/src/actor-store/db/migrations/index.ts +0 -5
  68. package/src/actor-store/db/schema/account-pref.ts +0 -11
  69. package/src/actor-store/db/schema/backlink.ts +0 -9
  70. package/src/actor-store/db/schema/blob.ts +0 -14
  71. package/src/actor-store/db/schema/index.ts +0 -23
  72. package/src/actor-store/db/schema/record-blob.ts +0 -8
  73. package/src/actor-store/db/schema/record.ts +0 -14
  74. package/src/actor-store/db/schema/repo-block.ts +0 -10
  75. package/src/actor-store/db/schema/repo-root.ts +0 -10
  76. package/src/actor-store/migrate.ts +0 -39
  77. package/src/actor-store/preference/reader.ts +0 -48
  78. package/src/actor-store/preference/transactor.ts +0 -55
  79. package/src/actor-store/preference/util.ts +0 -39
  80. package/src/actor-store/record/reader.ts +0 -374
  81. package/src/actor-store/record/transactor.ts +0 -111
  82. package/src/actor-store/repo/reader.ts +0 -31
  83. package/src/actor-store/repo/sql-repo-reader.ts +0 -150
  84. package/src/actor-store/repo/sql-repo-transactor.ts +0 -105
  85. package/src/actor-store/repo/transactor.ts +0 -227
  86. package/src/api/app/bsky/actor/getPreferences.ts +0 -57
  87. package/src/api/app/bsky/actor/getProfile.ts +0 -41
  88. package/src/api/app/bsky/actor/getProfiles.ts +0 -51
  89. package/src/api/app/bsky/actor/index.ts +0 -13
  90. package/src/api/app/bsky/actor/putPreferences.ts +0 -62
  91. package/src/api/app/bsky/feed/getActorLikes.ts +0 -63
  92. package/src/api/app/bsky/feed/getAuthorFeed.ts +0 -84
  93. package/src/api/app/bsky/feed/getFeed.ts +0 -47
  94. package/src/api/app/bsky/feed/getPostThread.ts +0 -251
  95. package/src/api/app/bsky/feed/getTimeline.ts +0 -50
  96. package/src/api/app/bsky/feed/index.ts +0 -15
  97. package/src/api/app/bsky/index.ts +0 -11
  98. package/src/api/app/bsky/notification/index.ts +0 -7
  99. package/src/api/app/bsky/notification/registerPush.ts +0 -71
  100. package/src/api/app/bsky/util/resolver.ts +0 -20
  101. package/src/api/com/atproto/admin/deleteAccount.ts +0 -22
  102. package/src/api/com/atproto/admin/disableAccountInvites.ts +0 -18
  103. package/src/api/com/atproto/admin/disableInviteCodes.ts +0 -21
  104. package/src/api/com/atproto/admin/enableAccountInvites.ts +0 -18
  105. package/src/api/com/atproto/admin/getAccountInfo.ts +0 -32
  106. package/src/api/com/atproto/admin/getAccountInfos.ts +0 -34
  107. package/src/api/com/atproto/admin/getInviteCodes.ts +0 -126
  108. package/src/api/com/atproto/admin/getSubjectStatus.ts +0 -76
  109. package/src/api/com/atproto/admin/index.ts +0 -31
  110. package/src/api/com/atproto/admin/sendEmail.ts +0 -47
  111. package/src/api/com/atproto/admin/updateAccountEmail.ts +0 -32
  112. package/src/api/com/atproto/admin/updateAccountHandle.ts +0 -47
  113. package/src/api/com/atproto/admin/updateAccountPassword.ts +0 -34
  114. package/src/api/com/atproto/admin/updateSubjectStatus.ts +0 -68
  115. package/src/api/com/atproto/admin/util.ts +0 -66
  116. package/src/api/com/atproto/identity/getRecommendedDidCredentials.ts +0 -50
  117. package/src/api/com/atproto/identity/index.ts +0 -17
  118. package/src/api/com/atproto/identity/requestPlcOperationSignature.ts +0 -59
  119. package/src/api/com/atproto/identity/resolveHandle.ts +0 -50
  120. package/src/api/com/atproto/identity/signPlcOperation.ts +0 -85
  121. package/src/api/com/atproto/identity/submitPlcOperation.ts +0 -65
  122. package/src/api/com/atproto/identity/updateHandle.ts +0 -66
  123. package/src/api/com/atproto/index.ts +0 -19
  124. package/src/api/com/atproto/moderation/createReport.ts +0 -41
  125. package/src/api/com/atproto/moderation/index.ts +0 -7
  126. package/src/api/com/atproto/repo/applyWrites.ts +0 -226
  127. package/src/api/com/atproto/repo/createRecord.ts +0 -143
  128. package/src/api/com/atproto/repo/deleteRecord.ts +0 -122
  129. package/src/api/com/atproto/repo/describeRepo.ts +0 -43
  130. package/src/api/com/atproto/repo/getRecord.ts +0 -40
  131. package/src/api/com/atproto/repo/importRepo.ts +0 -101
  132. package/src/api/com/atproto/repo/index.ts +0 -25
  133. package/src/api/com/atproto/repo/listMissingBlobs.ts +0 -29
  134. package/src/api/com/atproto/repo/listRecords.ts +0 -36
  135. package/src/api/com/atproto/repo/putRecord.ts +0 -211
  136. package/src/api/com/atproto/repo/uploadBlob.ts +0 -60
  137. package/src/api/com/atproto/server/activateAccount.ts +0 -37
  138. package/src/api/com/atproto/server/checkAccountStatus.ts +0 -51
  139. package/src/api/com/atproto/server/confirmEmail.ts +0 -39
  140. package/src/api/com/atproto/server/createAccount.ts +0 -327
  141. package/src/api/com/atproto/server/createAppPassword.ts +0 -53
  142. package/src/api/com/atproto/server/createInviteCode.ts +0 -38
  143. package/src/api/com/atproto/server/createInviteCodes.ts +0 -42
  144. package/src/api/com/atproto/server/createSession.ts +0 -97
  145. package/src/api/com/atproto/server/deactivateAccount.ts +0 -41
  146. package/src/api/com/atproto/server/deleteAccount.ts +0 -85
  147. package/src/api/com/atproto/server/deleteSession.ts +0 -23
  148. package/src/api/com/atproto/server/describeServer.ts +0 -29
  149. package/src/api/com/atproto/server/getAccountInviteCodes.ts +0 -142
  150. package/src/api/com/atproto/server/getServiceAuth.ts +0 -111
  151. package/src/api/com/atproto/server/getSession.ts +0 -80
  152. package/src/api/com/atproto/server/index.ts +0 -55
  153. package/src/api/com/atproto/server/listAppPasswords.ts +0 -45
  154. package/src/api/com/atproto/server/refreshSession.ts +0 -72
  155. package/src/api/com/atproto/server/requestAccountDelete.ts +0 -66
  156. package/src/api/com/atproto/server/requestEmailConfirmation.ts +0 -68
  157. package/src/api/com/atproto/server/requestEmailUpdate.ts +0 -86
  158. package/src/api/com/atproto/server/requestPasswordReset.ts +0 -52
  159. package/src/api/com/atproto/server/reserveSigningKey.ts +0 -15
  160. package/src/api/com/atproto/server/resetPassword.ts +0 -50
  161. package/src/api/com/atproto/server/revokeAppPassword.ts +0 -42
  162. package/src/api/com/atproto/server/updateEmail.ts +0 -52
  163. package/src/api/com/atproto/server/util.ts +0 -136
  164. package/src/api/com/atproto/sync/deprecated/getCheckout.ts +0 -27
  165. package/src/api/com/atproto/sync/deprecated/getHead.ts +0 -33
  166. package/src/api/com/atproto/sync/getBlob.ts +0 -61
  167. package/src/api/com/atproto/sync/getBlocks.ts +0 -37
  168. package/src/api/com/atproto/sync/getLatestCommit.ts +0 -33
  169. package/src/api/com/atproto/sync/getRecord.ts +0 -49
  170. package/src/api/com/atproto/sync/getRepo.ts +0 -75
  171. package/src/api/com/atproto/sync/getRepoStatus.ts +0 -34
  172. package/src/api/com/atproto/sync/index.ts +0 -27
  173. package/src/api/com/atproto/sync/listBlobs.ts +0 -33
  174. package/src/api/com/atproto/sync/listRepos.ts +0 -74
  175. package/src/api/com/atproto/sync/subscribeRepos.ts +0 -73
  176. package/src/api/com/atproto/sync/util.ts +0 -37
  177. package/src/api/com/atproto/temp/checkSignupQueue.ts +0 -34
  178. package/src/api/com/atproto/temp/index.ts +0 -7
  179. package/src/api/index.ts +0 -10
  180. package/src/api/proxy.ts +0 -44
  181. package/src/app-view.ts +0 -24
  182. package/src/auth-output.ts +0 -52
  183. package/src/auth-routes.ts +0 -64
  184. package/src/auth-scope.ts +0 -40
  185. package/src/auth-verifier.ts +0 -668
  186. package/src/background.ts +0 -65
  187. package/src/basic-routes.ts +0 -52
  188. package/src/bsky-app-view.ts +0 -33
  189. package/src/config/config.ts +0 -553
  190. package/src/config/env.ts +0 -167
  191. package/src/config/index.ts +0 -3
  192. package/src/config/secrets.ts +0 -54
  193. package/src/context.ts +0 -523
  194. package/src/crawlers.ts +0 -46
  195. package/src/db/cast.ts +0 -52
  196. package/src/db/db.ts +0 -140
  197. package/src/db/index.ts +0 -4
  198. package/src/db/migrator.ts +0 -40
  199. package/src/db/pagination.ts +0 -132
  200. package/src/db/tables/moderation.ts +0 -80
  201. package/src/db/util.ts +0 -108
  202. package/src/did-cache/db/index.ts +0 -21
  203. package/src/did-cache/db/migrations.ts +0 -17
  204. package/src/did-cache/db/schema.ts +0 -9
  205. package/src/did-cache/index.ts +0 -131
  206. package/src/disk-blobstore.ts +0 -172
  207. package/src/error.ts +0 -19
  208. package/src/handle/explicit-slurs.ts +0 -22
  209. package/src/handle/index.ts +0 -49
  210. package/src/handle/reserved.ts +0 -1059
  211. package/src/image/image-url-builder.ts +0 -16
  212. package/src/index.ts +0 -189
  213. package/src/lexicons.ts +0 -4
  214. package/src/logger.ts +0 -35
  215. package/src/mailer/index.ts +0 -111
  216. package/src/mailer/moderation.ts +0 -33
  217. package/src/mailer/templates/confirm-email.d.ts +0 -4
  218. package/src/mailer/templates/confirm-email.hbs +0 -158
  219. package/src/mailer/templates/delete-account.d.ts +0 -4
  220. package/src/mailer/templates/delete-account.hbs +0 -156
  221. package/src/mailer/templates/plc-operation.d.ts +0 -4
  222. package/src/mailer/templates/plc-operation.hbs +0 -153
  223. package/src/mailer/templates/reset-password.d.ts +0 -4
  224. package/src/mailer/templates/reset-password.hbs +0 -154
  225. package/src/mailer/templates/update-email.d.ts +0 -4
  226. package/src/mailer/templates/update-email.hbs +0 -153
  227. package/src/mailer/templates.ts +0 -17
  228. package/src/pipethrough.ts +0 -716
  229. package/src/rate-limits.ts +0 -59
  230. package/src/read-after-write/index.ts +0 -3
  231. package/src/read-after-write/types.ts +0 -35
  232. package/src/read-after-write/util.ts +0 -101
  233. package/src/read-after-write/viewer.ts +0 -290
  234. package/src/redis.ts +0 -25
  235. package/src/repo/index.ts +0 -2
  236. package/src/repo/prepare.ts +0 -266
  237. package/src/repo/types.ts +0 -65
  238. package/src/scripts/README.md +0 -40
  239. package/src/scripts/index.ts +0 -20
  240. package/src/scripts/publish-identity.ts +0 -60
  241. package/src/scripts/rebuild-repo.ts +0 -119
  242. package/src/scripts/rotate-keys.ts +0 -146
  243. package/src/scripts/sequencer-recovery/index.ts +0 -23
  244. package/src/scripts/sequencer-recovery/recoverer.ts +0 -297
  245. package/src/scripts/sequencer-recovery/recovery-db.ts +0 -65
  246. package/src/scripts/sequencer-recovery/repair-repos.ts +0 -49
  247. package/src/scripts/sequencer-recovery/user-queues.ts +0 -44
  248. package/src/scripts/util.ts +0 -7
  249. package/src/sequencer/db/index.ts +0 -21
  250. package/src/sequencer/db/migrations/001-init.ts +0 -35
  251. package/src/sequencer/db/migrations/index.ts +0 -5
  252. package/src/sequencer/db/schema.ts +0 -19
  253. package/src/sequencer/events.ts +0 -199
  254. package/src/sequencer/index.ts +0 -3
  255. package/src/sequencer/outbox.ts +0 -123
  256. package/src/sequencer/sequencer.ts +0 -290
  257. package/src/util/compression.ts +0 -16
  258. package/src/util/debug.ts +0 -10
  259. package/src/util/http.ts +0 -31
  260. package/src/util/types.ts +0 -7
  261. package/src/well-known.ts +0 -30
  262. package/test.env +0 -2
  263. package/tests/__snapshots__/takedown-appeal.test.ts.snap +0 -43
  264. package/tests/_oauth_client_assets_middleware.ts +0 -23
  265. package/tests/_puppeteer.ts +0 -147
  266. package/tests/_types.d.ts +0 -16
  267. package/tests/_util.ts +0 -191
  268. package/tests/account-deactivation.test.ts +0 -204
  269. package/tests/account-deletion.test.ts +0 -300
  270. package/tests/account-manager.test.ts +0 -462
  271. package/tests/account-migration.test.ts +0 -221
  272. package/tests/account-status.test.ts +0 -206
  273. package/tests/account.test.ts +0 -595
  274. package/tests/app-passwords.test.ts +0 -262
  275. package/tests/auth.test.ts +0 -405
  276. package/tests/blob-deletes.test.ts +0 -204
  277. package/tests/create-post.test.ts +0 -79
  278. package/tests/crud.test.ts +0 -1595
  279. package/tests/db.test.ts +0 -170
  280. package/tests/email-confirmation.test.ts +0 -227
  281. package/tests/entryway-mock.ts +0 -323
  282. package/tests/entryway.test.ts +0 -145
  283. package/tests/file-uploads.test.ts +0 -301
  284. package/tests/get-service-auth.test.ts +0 -81
  285. package/tests/handle-validation.test.ts +0 -56
  286. package/tests/handles.test.ts +0 -274
  287. package/tests/invite-codes.test.ts +0 -367
  288. package/tests/invites-admin.test.ts +0 -252
  289. package/tests/moderation.test.ts +0 -280
  290. package/tests/moderator-auth.test.ts +0 -177
  291. package/tests/oauth.test.ts +0 -334
  292. package/tests/plc-operations.test.ts +0 -239
  293. package/tests/preferences.test.ts +0 -352
  294. package/tests/proxied/__snapshots__/admin.test.ts.snap +0 -516
  295. package/tests/proxied/__snapshots__/feedgen.test.ts.snap +0 -215
  296. package/tests/proxied/__snapshots__/views.test.ts.snap +0 -4456
  297. package/tests/proxied/admin.test.ts +0 -340
  298. package/tests/proxied/feedgen.test.ts +0 -66
  299. package/tests/proxied/notif.test.ts +0 -85
  300. package/tests/proxied/procedures.test.ts +0 -175
  301. package/tests/proxied/proxy-catchall.test.ts +0 -256
  302. package/tests/proxied/proxy-header.test.ts +0 -239
  303. package/tests/proxied/proxy-oauth-aud.test.ts +0 -182
  304. package/tests/proxied/read-after-write.test.ts +0 -382
  305. package/tests/proxied/views.test.ts +0 -608
  306. package/tests/races.test.ts +0 -89
  307. package/tests/rate-limits.test.ts +0 -70
  308. package/tests/recovery.test.ts +0 -180
  309. package/tests/seeds/basic.ts +0 -165
  310. package/tests/seeds/follows.ts +0 -57
  311. package/tests/seeds/likes.ts +0 -14
  312. package/tests/seeds/reposts.ts +0 -18
  313. package/tests/seeds/thread.ts +0 -40
  314. package/tests/seeds/users-bulk.ts +0 -246
  315. package/tests/seeds/users.ts +0 -67
  316. package/tests/sequencer.test.ts +0 -251
  317. package/tests/server.test.ts +0 -151
  318. package/tests/sync/invertible-ops.test.ts +0 -99
  319. package/tests/sync/list.test.ts +0 -43
  320. package/tests/sync/subscribe-repos.test.ts +0 -672
  321. package/tests/sync/sync.test.ts +0 -316
  322. package/tests/takedown-appeal.test.ts +0 -166
  323. package/tsconfig.build.json +0 -9
  324. package/tsconfig.build.tsbuildinfo +0 -1
  325. package/tsconfig.json +0 -7
  326. package/tsconfig.tests.json +0 -8
@@ -1,21 +0,0 @@
1
- import { Database, Migrator } from '../../db/index.js'
2
- import migrations from './migrations/index.js'
3
- import { DatabaseSchema } from './schema/index.js'
4
-
5
- export * from './schema/index.js'
6
-
7
- export type AccountDb = Database<DatabaseSchema>
8
-
9
- export const getDb = (
10
- location: string,
11
- disableWalAutoCheckpoint = false,
12
- ): AccountDb => {
13
- const pragmas: Record<string, string> = disableWalAutoCheckpoint
14
- ? { wal_autocheckpoint: '0' }
15
- : {}
16
- return Database.sqlite(location, { pragmas })
17
- }
18
-
19
- export const getMigrator = (db: AccountDb) => {
20
- return new Migrator(db.db, migrations)
21
- }
@@ -1,115 +0,0 @@
1
- import { Kysely, sql } from 'kysely'
2
-
3
- export async function up(db: Kysely<unknown>): Promise<void> {
4
- await db.schema
5
- .createTable('app_password')
6
- .addColumn('did', 'varchar', (col) => col.notNull())
7
- .addColumn('name', 'varchar', (col) => col.notNull())
8
- .addColumn('passwordScrypt', 'varchar', (col) => col.notNull())
9
- .addColumn('createdAt', 'varchar', (col) => col.notNull())
10
- .addPrimaryKeyConstraint('app_password_pkey', ['did', 'name'])
11
- .execute()
12
-
13
- await db.schema
14
- .createTable('invite_code')
15
- .addColumn('code', 'varchar', (col) => col.primaryKey())
16
- .addColumn('availableUses', 'integer', (col) => col.notNull())
17
- .addColumn('disabled', 'int2', (col) => col.defaultTo(0))
18
- .addColumn('forAccount', 'varchar', (col) => col.notNull())
19
- .addColumn('createdBy', 'varchar', (col) => col.notNull())
20
- .addColumn('createdAt', 'varchar', (col) => col.notNull())
21
- .execute()
22
- await db.schema
23
- .createIndex('invite_code_for_account_idx')
24
- .on('invite_code')
25
- .column('forAccount')
26
- .execute()
27
-
28
- await db.schema
29
- .createTable('invite_code_use')
30
- .addColumn('code', 'varchar', (col) => col.notNull())
31
- .addColumn('usedBy', 'varchar', (col) => col.notNull())
32
- .addColumn('usedAt', 'varchar', (col) => col.notNull())
33
- .addPrimaryKeyConstraint(`invite_code_use_pkey`, ['code', 'usedBy'])
34
- .execute()
35
-
36
- await db.schema
37
- .createTable('refresh_token')
38
- .addColumn('id', 'varchar', (col) => col.primaryKey())
39
- .addColumn('did', 'varchar', (col) => col.notNull())
40
- .addColumn('expiresAt', 'varchar', (col) => col.notNull())
41
- .addColumn('nextId', 'varchar')
42
- .addColumn('appPasswordName', 'varchar')
43
- .execute()
44
- await db.schema // Aids in refresh token cleanup
45
- .createIndex('refresh_token_did_idx')
46
- .on('refresh_token')
47
- .column('did')
48
- .execute()
49
-
50
- await db.schema
51
- .createTable('repo_root')
52
- .addColumn('did', 'varchar', (col) => col.primaryKey())
53
- .addColumn('cid', 'varchar', (col) => col.notNull())
54
- .addColumn('rev', 'varchar', (col) => col.notNull())
55
- .addColumn('indexedAt', 'varchar', (col) => col.notNull())
56
- .execute()
57
-
58
- await db.schema
59
- .createTable('actor')
60
- .addColumn('did', 'varchar', (col) => col.primaryKey())
61
- .addColumn('handle', 'varchar')
62
- .addColumn('createdAt', 'varchar', (col) => col.notNull())
63
- .addColumn('takedownRef', 'varchar')
64
- .execute()
65
- await db.schema
66
- .createIndex(`actor_handle_lower_idx`)
67
- .unique()
68
- .on('actor')
69
- .expression(sql`lower("handle")`)
70
- .execute()
71
- await db.schema
72
- .createIndex('actor_cursor_idx')
73
- .on('actor')
74
- .columns(['createdAt', 'did'])
75
- .execute()
76
-
77
- await db.schema
78
- .createTable('account')
79
- .addColumn('did', 'varchar', (col) => col.primaryKey())
80
- .addColumn('email', 'varchar', (col) => col.notNull())
81
- .addColumn('passwordScrypt', 'varchar', (col) => col.notNull())
82
- .addColumn('emailConfirmedAt', 'varchar')
83
- .addColumn('invitesDisabled', 'int2', (col) => col.notNull().defaultTo(0))
84
- .execute()
85
- await db.schema
86
- .createIndex(`account_email_lower_idx`)
87
- .unique()
88
- .on('account')
89
- .expression(sql`lower("email")`)
90
- .execute()
91
-
92
- await db.schema
93
- .createTable('email_token')
94
- .addColumn('purpose', 'varchar', (col) => col.notNull())
95
- .addColumn('did', 'varchar', (col) => col.notNull())
96
- .addColumn('token', 'varchar', (col) => col.notNull())
97
- .addColumn('requestedAt', 'varchar', (col) => col.notNull())
98
- .addPrimaryKeyConstraint('email_token_pkey', ['purpose', 'did'])
99
- .addUniqueConstraint('email_token_purpose_token_unique', [
100
- 'purpose',
101
- 'token',
102
- ])
103
- .execute()
104
- }
105
-
106
- export async function down(db: Kysely<unknown>): Promise<void> {
107
- await db.schema.dropTable('email_token').execute()
108
- await db.schema.dropTable('account').execute()
109
- await db.schema.dropTable('actor').execute()
110
- await db.schema.dropTable('repo_root').execute()
111
- await db.schema.dropTable('refresh_token').execute()
112
- await db.schema.dropTable('invite_code_use').execute()
113
- await db.schema.dropTable('invite_code').execute()
114
- await db.schema.dropTable('app_password').execute()
115
- }
@@ -1,17 +0,0 @@
1
- import { Kysely } from 'kysely'
2
-
3
- export async function up(db: Kysely<unknown>): Promise<void> {
4
- await db.schema
5
- .alterTable('actor')
6
- .addColumn('deactivatedAt', 'varchar')
7
- .execute()
8
- await db.schema
9
- .alterTable('actor')
10
- .addColumn('deleteAfter', 'varchar')
11
- .execute()
12
- }
13
-
14
- export async function down(db: Kysely<unknown>): Promise<void> {
15
- await db.schema.alterTable('actor').dropColumn('deactivatedAt').execute()
16
- await db.schema.alterTable('actor').dropColumn('deleteAfter').execute()
17
- }
@@ -1,12 +0,0 @@
1
- import { Kysely } from 'kysely'
2
-
3
- export async function up(db: Kysely<unknown>): Promise<void> {
4
- await db.schema
5
- .alterTable('app_password')
6
- .addColumn('privileged', 'integer', (col) => col.notNull().defaultTo(0))
7
- .execute()
8
- }
9
-
10
- export async function down(db: Kysely<unknown>): Promise<void> {
11
- await db.schema.alterTable('app_password').dropColumn('privileged').execute()
12
- }
@@ -1,122 +0,0 @@
1
- import { Kysely, sql } from 'kysely'
2
-
3
- export async function up(db: Kysely<unknown>): Promise<void> {
4
- await db.schema
5
- .createTable('authorization_request')
6
- .addColumn('id', 'varchar', (col) => col.primaryKey())
7
- .addColumn('did', 'varchar')
8
- .addColumn('deviceId', 'varchar')
9
- .addColumn('clientId', 'varchar', (col) => col.notNull())
10
- .addColumn('clientAuth', 'varchar', (col) => col.notNull())
11
- .addColumn('parameters', 'varchar', (col) => col.notNull())
12
- .addColumn('expiresAt', 'varchar', (col) => col.notNull())
13
- .addColumn('code', 'varchar')
14
- .execute()
15
-
16
- await db.schema
17
- .createIndex('authorization_request_code_idx')
18
- .unique()
19
- .on('authorization_request')
20
- // https://github.com/kysely-org/kysely/issues/302
21
- .expression(sql`code DESC) WHERE (code IS NOT NULL`)
22
- .execute()
23
-
24
- await db.schema
25
- .createIndex('authorization_request_expires_at_idx')
26
- .on('authorization_request')
27
- .column('expiresAt')
28
- .execute()
29
-
30
- await db.schema
31
- .createTable('device')
32
- .addColumn('id', 'varchar', (col) => col.primaryKey())
33
- .addColumn('sessionId', 'varchar', (col) => col.notNull())
34
- .addColumn('userAgent', 'varchar')
35
- .addColumn('ipAddress', 'varchar', (col) => col.notNull())
36
- .addColumn('lastSeenAt', 'varchar', (col) => col.notNull())
37
- .addUniqueConstraint('device_session_id_idx', ['sessionId'])
38
- .execute()
39
-
40
- await db.schema
41
- .createTable('device_account')
42
- .addColumn('did', 'varchar', (col) => col.notNull())
43
- .addColumn('deviceId', 'varchar', (col) => col.notNull())
44
- .addColumn('authenticatedAt', 'varchar', (col) => col.notNull())
45
- .addColumn('remember', 'boolean', (col) => col.notNull())
46
- .addColumn('authorizedClients', 'varchar', (col) => col.notNull())
47
- .addPrimaryKeyConstraint('device_account_pk', [
48
- 'deviceId', // first because this table will be joined from the "device" table
49
- 'did',
50
- ])
51
- .addForeignKeyConstraint(
52
- 'device_account_device_id_fk',
53
- ['deviceId'],
54
- 'device',
55
- ['id'],
56
- (qb) => qb.onDelete('cascade').onUpdate('cascade'),
57
- )
58
- .execute()
59
-
60
- await db.schema
61
- .createTable('token')
62
- .addColumn('id', 'integer', (col) => col.primaryKey().autoIncrement())
63
- .addColumn('did', 'varchar', (col) => col.notNull())
64
- .addColumn('tokenId', 'varchar', (col) => col.notNull())
65
- .addColumn('createdAt', 'varchar', (col) => col.notNull())
66
- .addColumn('updatedAt', 'varchar', (col) => col.notNull())
67
- .addColumn('expiresAt', 'varchar', (col) => col.notNull())
68
- .addColumn('clientId', 'varchar', (col) => col.notNull())
69
- .addColumn('clientAuth', 'varchar', (col) => col.notNull())
70
- .addColumn('deviceId', 'varchar')
71
- .addColumn('parameters', 'varchar', (col) => col.notNull())
72
- .addColumn('details', 'varchar')
73
- .addColumn('code', 'varchar')
74
- .addColumn('currentRefreshToken', 'varchar')
75
- .addUniqueConstraint('token_current_refresh_token_unique_idx', [
76
- 'currentRefreshToken',
77
- ])
78
- .addUniqueConstraint('token_id_unique_idx', ['tokenId'])
79
- .execute()
80
-
81
- await db.schema
82
- .createIndex('token_did_idx')
83
- .on('token')
84
- .column('did')
85
- .execute()
86
-
87
- await db.schema
88
- .createIndex('token_code_idx')
89
- .unique()
90
- .on('token')
91
- // https://github.com/kysely-org/kysely/issues/302
92
- .expression(sql`code DESC) WHERE (code IS NOT NULL`)
93
- .execute()
94
-
95
- await db.schema
96
- .createTable('used_refresh_token')
97
- .addColumn('refreshToken', 'varchar', (col) => col.primaryKey())
98
- .addColumn('tokenId', 'integer', (col) => col.notNull())
99
- .addForeignKeyConstraint(
100
- 'used_refresh_token_fk',
101
- ['tokenId'],
102
- 'token',
103
- ['id'],
104
- // uses "used_refresh_token_id_idx" index (when cascading)
105
- (qb) => qb.onDelete('cascade').onUpdate('cascade'),
106
- )
107
- .execute()
108
-
109
- await db.schema
110
- .createIndex('used_refresh_token_id_idx')
111
- .on('used_refresh_token')
112
- .column('tokenId')
113
- .execute()
114
- }
115
-
116
- export async function down(db: Kysely<unknown>): Promise<void> {
117
- await db.schema.dropTable('used_refresh_token').execute()
118
- await db.schema.dropTable('token').execute()
119
- await db.schema.dropTable('device_account').execute()
120
- await db.schema.dropTable('device').execute()
121
- await db.schema.dropTable('authorization_request').execute()
122
- }
@@ -1,136 +0,0 @@
1
- import { Kysely } from 'kysely'
2
- import { HOUR } from '@atproto/common'
3
- import { ClientId, DeviceId } from '@atproto/oauth-provider'
4
- import { DateISO, JsonEncoded, toDateISO } from '../../../db/index.js'
5
-
6
- // @NOTE this migration has been updated to be idempotent through
7
- // the insertInto('account_device') step. this allows users to roll
8
- // forward if the migration partially succeeded on first run, failing
9
- // on a fk constraint during the insertInto('account_device') step.
10
- // this previously occurred under the following conditions:
11
- // a. a user was deleted
12
- // b. this user used oauth functionality with "remember me" selected.
13
-
14
- export async function up(
15
- db: Kysely<{
16
- account: {
17
- did: string
18
- }
19
- device_account: {
20
- did: string
21
- deviceId: DeviceId
22
-
23
- remember: 0 | 1
24
- authenticatedAt: string
25
- authorizedClients: JsonEncoded<ClientId[]>
26
- }
27
- account_device: {
28
- did: string
29
- deviceId: DeviceId
30
-
31
- createdAt: DateISO
32
- updatedAt: DateISO
33
- }
34
- }>,
35
- ): Promise<void> {
36
- // Security: Delete any leftover device accounts that are not remembered
37
- // @NOTE idempotent, see note at top of migration.
38
- await db
39
- .deleteFrom('device_account')
40
- .where('remember', '=', 0)
41
- .where('authenticatedAt', '<', toDateISO(new Date(Date.now() - HOUR)))
42
- .execute()
43
-
44
- // replaces "device_account"
45
- // @NOTE idempotent from ifNotExists(), see note at top of migration.
46
- await db.schema
47
- .createTable('account_device')
48
- .ifNotExists()
49
- .addColumn('did', 'varchar', (col) => col.notNull())
50
- .addColumn('deviceId', 'varchar', (col) => col.notNull())
51
- .addColumn('createdAt', 'varchar', (col) => col.notNull())
52
- .addColumn('updatedAt', 'varchar', (col) => col.notNull())
53
- .addPrimaryKeyConstraint('account_device_pk', [
54
- 'deviceId', // first because this table will be joined from the "device" table
55
- 'did',
56
- ])
57
- .addForeignKeyConstraint(
58
- 'account_device_did_fk',
59
- ['did'],
60
- 'account',
61
- ['did'],
62
- // cascade on delete, future-proofing on update (fk can't be altered)
63
- (qb) => qb.onDelete('cascade').onUpdate('cascade'),
64
- )
65
- .addForeignKeyConstraint(
66
- 'account_device_device_id_fk',
67
- ['deviceId'],
68
- 'device',
69
- ['id'],
70
- // cascade on delete, future-proofing on update (fk can't be altered)
71
- (qb) => qb.onDelete('cascade').onUpdate('cascade'),
72
- )
73
- .execute()
74
-
75
- // Migrate "device_account" to "account_device"
76
- // @NOTE idempotent from onConflict(): see note at top of migration.
77
- await db
78
- .insertInto('account_device')
79
- .columns(['did', 'deviceId', 'createdAt', 'updatedAt'])
80
- .expression(
81
- db
82
- .selectFrom('device_account')
83
- .select('did')
84
- .select('deviceId')
85
- .select('authenticatedAt as createdAt') // Best we can do
86
- .select('authenticatedAt as updatedAt')
87
- .where('remember', '=', 1)
88
- .where(({ exists, selectFrom }) =>
89
- // device_account does not have fkey on account.did,
90
- // so we satisfy account_device_did_fk with this condition.
91
- exists(
92
- selectFrom('account')
93
- .selectAll()
94
- .whereRef('account.did', '=', 'device_account.did'),
95
- ),
96
- ),
97
- )
98
- .onConflict((oc) => oc.doNothing())
99
- .execute()
100
-
101
- // @NOTE No need to create an index on "deviceId" for "account_device" because
102
- // it is the first column in the primary key constraint
103
-
104
- await db.schema
105
- .createIndex('account_device_did_idx')
106
- .on('account_device')
107
- .column('did')
108
- .execute()
109
-
110
- await db.schema
111
- .createTable('authorized_client')
112
- .addColumn('did', 'varchar', (col) => col.notNull())
113
- .addColumn('clientId', 'varchar', (col) => col.notNull())
114
- .addColumn('createdAt', 'varchar', (col) => col.notNull())
115
- .addColumn('updatedAt', 'varchar', (col) => col.notNull())
116
- .addColumn('data', 'varchar', (col) => col.notNull())
117
- .addPrimaryKeyConstraint('authorized_client_pk', ['did', 'clientId'])
118
- .addForeignKeyConstraint(
119
- 'authorized_client_did_fk',
120
- ['did'],
121
- 'account',
122
- ['did'],
123
- // cascade on delete, future-proofing on update (fk can't be altered)
124
- (qb) => qb.onDelete('cascade').onUpdate('cascade'),
125
- )
126
- .execute()
127
-
128
- // We don't migrate the "device_account" authorized clients. Users will need
129
- // to reauthorize the client during the next oauth flow (minor inconvenience
130
- // for authenticated clients users).
131
- }
132
-
133
- export async function down(db: Kysely<unknown>): Promise<void> {
134
- await db.schema.dropTable('authorized_client').execute()
135
- await db.schema.dropTable('account_device').execute()
136
- }
@@ -1,20 +0,0 @@
1
- import { Kysely } from 'kysely'
2
-
3
- export async function up(db: Kysely<unknown>): Promise<void> {
4
- await db.schema.alterTable('token').addColumn('scope', 'varchar').execute()
5
-
6
- await db.schema
7
- .createTable('lexicon')
8
- .addColumn('nsid', 'varchar', (col) => col.primaryKey())
9
- .addColumn('createdAt', 'varchar', (col) => col.notNull())
10
- .addColumn('updatedAt', 'varchar', (col) => col.notNull())
11
- .addColumn('lastSucceededAt', 'varchar')
12
- .addColumn('uri', 'varchar')
13
- .addColumn('lexicon', 'varchar')
14
- .execute()
15
- }
16
-
17
- export async function down(db: Kysely<unknown>): Promise<void> {
18
- await db.schema.dropTable('lexicon').execute()
19
- await db.schema.alterTable('token').dropColumn('scope').execute()
20
- }
@@ -1,14 +0,0 @@
1
- import { Kysely, sql } from 'kysely'
2
-
3
- export async function up(db: Kysely<unknown>): Promise<void> {
4
- await db.schema
5
- .createIndex('lexicon_failures_idx')
6
- .on('lexicon')
7
- // https://github.com/kysely-org/kysely/issues/302
8
- .expression(sql`"updatedAt" DESC) WHERE ("lexicon" is NULL`)
9
- .execute()
10
- }
11
-
12
- export async function down(db: Kysely<unknown>): Promise<void> {
13
- await db.schema.dropIndex('lexicon_failures_idx').execute()
14
- }
@@ -1,17 +0,0 @@
1
- import * as mig001 from './001-init.js'
2
- import * as mig002 from './002-account-deactivation.js'
3
- import * as mig003 from './003-privileged-app-passwords.js'
4
- import * as mig004 from './004-oauth.js'
5
- import * as mig005 from './005-oauth-account-management.js'
6
- import * as mig006 from './006-oauth-permission-sets.js'
7
- import * as mig007 from './007-lexicon-failures-index.js'
8
-
9
- export default {
10
- '001': mig001,
11
- '002': mig002,
12
- '003': mig003,
13
- '004': mig004,
14
- '005': mig005,
15
- '006': mig006,
16
- '007': mig007,
17
- }
@@ -1,14 +0,0 @@
1
- import { DeviceId } from '@atproto/oauth-provider'
2
- import { DateISO } from '../../../db/index.js'
3
-
4
- export interface AccountDevice {
5
- did: string
6
- deviceId: DeviceId
7
-
8
- createdAt: DateISO
9
- updatedAt: DateISO
10
- }
11
-
12
- export const tableName = 'account_device'
13
-
14
- export type PartialDB = { [tableName]: AccountDevice }
@@ -1,16 +0,0 @@
1
- import { Generated, Selectable } from 'kysely'
2
- import { DatetimeString } from '@atproto/lex'
3
-
4
- export interface Account {
5
- did: string
6
- email: string
7
- passwordScrypt: string
8
- emailConfirmedAt: DatetimeString | null
9
- invitesDisabled: Generated<0 | 1>
10
- }
11
-
12
- export type AccountEntry = Selectable<Account>
13
-
14
- export const tableName = 'account'
15
-
16
- export type PartialDB = { [tableName]: Account }
@@ -1,17 +0,0 @@
1
- import { Selectable } from 'kysely'
2
- import { DidString, HandleString } from '@atproto/syntax'
3
-
4
- export interface Actor {
5
- did: DidString
6
- handle: HandleString | null
7
- createdAt: string
8
- takedownRef: string | null
9
- deactivatedAt: string | null
10
- deleteAfter: string | null
11
- }
12
-
13
- export type ActorEntry = Selectable<Actor>
14
-
15
- export const tableName = 'actor'
16
-
17
- export type PartialDB = { [tableName]: Actor }
@@ -1,13 +0,0 @@
1
- import { DatetimeString } from '@atproto/lex'
2
-
3
- export interface AppPassword {
4
- did: string
5
- name: string
6
- passwordScrypt: string
7
- createdAt: DatetimeString
8
- privileged: 0 | 1
9
- }
10
-
11
- export const tableName = 'app_password'
12
-
13
- export type PartialDB = { [tableName]: AppPassword }
@@ -1,30 +0,0 @@
1
- import { Selectable } from 'kysely'
2
- import {
3
- ClientAuth,
4
- ClientAuthLegacy,
5
- Code,
6
- DeviceId,
7
- Did,
8
- OAuthAuthorizationRequestParameters,
9
- OAuthClientId,
10
- RequestId,
11
- } from '@atproto/oauth-provider'
12
- import { DateISO, JsonEncoded } from '../../../db/index.js'
13
-
14
- export interface AuthorizationRequest {
15
- id: RequestId
16
- did: Did | null
17
- deviceId: DeviceId | null
18
-
19
- clientId: OAuthClientId
20
- clientAuth: JsonEncoded<null | ClientAuth | ClientAuthLegacy>
21
- parameters: JsonEncoded<OAuthAuthorizationRequestParameters>
22
- expiresAt: DateISO
23
- code: Code | null
24
- }
25
-
26
- export type AuthorizationRequestEntry = Selectable<AuthorizationRequest>
27
-
28
- export const tableName = 'authorization_request'
29
-
30
- export type PartialDB = { [tableName]: AuthorizationRequest }
@@ -1,23 +0,0 @@
1
- import { Selectable } from 'kysely'
2
- import {
3
- AuthorizedClientData,
4
- Did,
5
- OAuthClientId,
6
- } from '@atproto/oauth-provider'
7
- import { DateISO, JsonEncoded } from '../../../db/index.js'
8
-
9
- export interface AuthorizedClient {
10
- did: Did
11
- clientId: OAuthClientId
12
-
13
- createdAt: DateISO
14
- updatedAt: DateISO
15
-
16
- data: JsonEncoded<AuthorizedClientData>
17
- }
18
-
19
- export type AuthorizedClientEntry = Selectable<AuthorizedClient>
20
-
21
- export const tableName = 'authorized_client'
22
-
23
- export type PartialDB = { [tableName]: AuthorizedClient }
@@ -1,18 +0,0 @@
1
- import { Selectable } from 'kysely'
2
- import { DeviceId, SessionId } from '@atproto/oauth-provider'
3
- import { DateISO } from '../../../db/index.js'
4
-
5
- export interface Device {
6
- id: DeviceId
7
- sessionId: SessionId
8
-
9
- userAgent: string | null
10
- ipAddress: string
11
- lastSeenAt: DateISO
12
- }
13
-
14
- export type DeviceEntry = Selectable<Device>
15
-
16
- export const tableName = 'device'
17
-
18
- export type PartialDB = { [tableName]: Device }
@@ -1,19 +0,0 @@
1
- import { DidString } from '@atproto/syntax'
2
-
3
- export type EmailTokenPurpose =
4
- | 'confirm_email'
5
- | 'update_email'
6
- | 'reset_password'
7
- | 'delete_account'
8
- | 'plc_operation'
9
-
10
- export interface EmailToken {
11
- purpose: EmailTokenPurpose
12
- did: DidString
13
- token: string
14
- requestedAt: string
15
- }
16
-
17
- export const tableName = 'email_token'
18
-
19
- export type PartialDB = { [tableName]: EmailToken }