@atproto/pds 0.5.4 → 0.5.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (330) hide show
  1. package/CHANGELOG.md +43 -0
  2. package/dist/account-manager/account-manager.d.ts +52 -14
  3. package/dist/account-manager/account-manager.d.ts.map +1 -1
  4. package/dist/account-manager/account-manager.js +86 -26
  5. package/dist/account-manager/account-manager.js.map +1 -1
  6. package/dist/account-manager/db/index.d.ts.map +1 -1
  7. package/dist/account-manager/db/migrations/005-oauth-account-management.d.ts.map +1 -1
  8. package/dist/account-manager/db/migrations/005-oauth-account-management.js +3 -4
  9. package/dist/account-manager/db/migrations/005-oauth-account-management.js.map +1 -1
  10. package/dist/account-manager/db/migrations/index.d.ts.map +1 -1
  11. package/dist/account-manager/db/schema/authorization-request.d.ts +2 -2
  12. package/dist/account-manager/db/schema/authorization-request.d.ts.map +1 -1
  13. package/dist/account-manager/db/schema/authorization-request.js.map +1 -1
  14. package/dist/account-manager/db/schema/authorized-client.d.ts +2 -2
  15. package/dist/account-manager/db/schema/authorized-client.d.ts.map +1 -1
  16. package/dist/account-manager/db/schema/authorized-client.js.map +1 -1
  17. package/dist/account-manager/db/schema/token.d.ts +2 -2
  18. package/dist/account-manager/db/schema/token.d.ts.map +1 -1
  19. package/dist/account-manager/db/schema/token.js.map +1 -1
  20. package/dist/account-manager/helpers/account-device.d.ts +23 -196
  21. package/dist/account-manager/helpers/account-device.d.ts.map +1 -1
  22. package/dist/account-manager/helpers/account-device.js +3 -3
  23. package/dist/account-manager/helpers/account-device.js.map +1 -1
  24. package/dist/account-manager/helpers/account.d.ts +20 -10
  25. package/dist/account-manager/helpers/account.d.ts.map +1 -1
  26. package/dist/account-manager/helpers/account.js +17 -11
  27. package/dist/account-manager/helpers/account.js.map +1 -1
  28. package/dist/account-manager/helpers/auth.d.ts.map +1 -1
  29. package/dist/account-manager/helpers/auth.js +1 -1
  30. package/dist/account-manager/helpers/auth.js.map +1 -1
  31. package/dist/account-manager/helpers/authorization-request.d.ts +83 -5
  32. package/dist/account-manager/helpers/authorization-request.d.ts.map +1 -1
  33. package/dist/account-manager/helpers/authorization-request.js +8 -8
  34. package/dist/account-manager/helpers/authorization-request.js.map +1 -1
  35. package/dist/account-manager/helpers/authorized-client.d.ts +5 -4
  36. package/dist/account-manager/helpers/authorized-client.d.ts.map +1 -1
  37. package/dist/account-manager/helpers/authorized-client.js +3 -0
  38. package/dist/account-manager/helpers/authorized-client.js.map +1 -1
  39. package/dist/account-manager/helpers/device.d.ts +10 -4
  40. package/dist/account-manager/helpers/device.d.ts.map +1 -1
  41. package/dist/account-manager/helpers/device.js +4 -4
  42. package/dist/account-manager/helpers/device.js.map +1 -1
  43. package/dist/account-manager/helpers/email-token.d.ts.map +1 -1
  44. package/dist/account-manager/helpers/invite.d.ts +35 -2
  45. package/dist/account-manager/helpers/invite.d.ts.map +1 -1
  46. package/dist/account-manager/helpers/lexicon.d.ts.map +1 -1
  47. package/dist/account-manager/helpers/lexicon.js +6 -0
  48. package/dist/account-manager/helpers/lexicon.js.map +1 -1
  49. package/dist/account-manager/helpers/password.d.ts +1 -0
  50. package/dist/account-manager/helpers/password.d.ts.map +1 -1
  51. package/dist/account-manager/helpers/password.js +3 -0
  52. package/dist/account-manager/helpers/password.js.map +1 -1
  53. package/dist/account-manager/helpers/repo.d.ts.map +1 -1
  54. package/dist/account-manager/helpers/scrypt.d.ts.map +1 -1
  55. package/dist/account-manager/helpers/token.d.ts +72 -1031
  56. package/dist/account-manager/helpers/token.d.ts.map +1 -1
  57. package/dist/account-manager/helpers/token.js +13 -10
  58. package/dist/account-manager/helpers/token.js.map +1 -1
  59. package/dist/account-manager/helpers/used-refresh-token.d.ts +6 -2
  60. package/dist/account-manager/helpers/used-refresh-token.d.ts.map +1 -1
  61. package/dist/account-manager/oauth-store.d.ts +17 -13
  62. package/dist/account-manager/oauth-store.d.ts.map +1 -1
  63. package/dist/account-manager/oauth-store.js +89 -39
  64. package/dist/account-manager/oauth-store.js.map +1 -1
  65. package/dist/account-manager/scope-reference-getter.d.ts.map +1 -1
  66. package/dist/account-manager/scope-reference-getter.js.map +1 -1
  67. package/dist/actor-store/actor-store-reader.d.ts.map +1 -1
  68. package/dist/actor-store/actor-store-reader.js.map +1 -1
  69. package/dist/actor-store/actor-store-transactor.d.ts.map +1 -1
  70. package/dist/actor-store/actor-store-transactor.js.map +1 -1
  71. package/dist/actor-store/actor-store-writer.d.ts.map +1 -1
  72. package/dist/actor-store/actor-store.d.ts.map +1 -1
  73. package/dist/actor-store/actor-store.js.map +1 -1
  74. package/dist/actor-store/blob/reader.d.ts.map +1 -1
  75. package/dist/actor-store/blob/reader.js +2 -3
  76. package/dist/actor-store/blob/reader.js.map +1 -1
  77. package/dist/actor-store/blob/transactor.d.ts.map +1 -1
  78. package/dist/actor-store/blob/transactor.js.map +1 -1
  79. package/dist/actor-store/db/index.d.ts.map +1 -1
  80. package/dist/actor-store/db/migrations/index.d.ts.map +1 -1
  81. package/dist/actor-store/migrate.d.ts.map +1 -1
  82. package/dist/actor-store/preference/reader.d.ts.map +1 -1
  83. package/dist/actor-store/preference/reader.js.map +1 -1
  84. package/dist/actor-store/preference/transactor.d.ts.map +1 -1
  85. package/dist/actor-store/record/reader.d.ts +3 -3
  86. package/dist/actor-store/record/reader.d.ts.map +1 -1
  87. package/dist/actor-store/record/reader.js +3 -3
  88. package/dist/actor-store/record/reader.js.map +1 -1
  89. package/dist/actor-store/record/transactor.d.ts.map +1 -1
  90. package/dist/actor-store/record/transactor.js.map +1 -1
  91. package/dist/actor-store/repo/reader.d.ts.map +1 -1
  92. package/dist/actor-store/repo/reader.js.map +1 -1
  93. package/dist/actor-store/repo/sql-repo-reader.d.ts +5 -1
  94. package/dist/actor-store/repo/sql-repo-reader.d.ts.map +1 -1
  95. package/dist/actor-store/repo/sql-repo-reader.js.map +1 -1
  96. package/dist/actor-store/repo/sql-repo-transactor.d.ts.map +1 -1
  97. package/dist/actor-store/repo/transactor.d.ts.map +1 -1
  98. package/dist/actor-store/repo/transactor.js.map +1 -1
  99. package/dist/api/app/bsky/util/resolver.d.ts +4 -4
  100. package/dist/api/app/bsky/util/resolver.d.ts.map +1 -1
  101. package/dist/api/com/atproto/admin/getInviteCodes.d.ts.map +1 -1
  102. package/dist/api/com/atproto/admin/updateSubjectStatus.d.ts.map +1 -1
  103. package/dist/api/com/atproto/admin/updateSubjectStatus.js +12 -4
  104. package/dist/api/com/atproto/admin/updateSubjectStatus.js.map +1 -1
  105. package/dist/api/com/atproto/server/activateAccount.d.ts.map +1 -1
  106. package/dist/api/com/atproto/server/activateAccount.js +25 -31
  107. package/dist/api/com/atproto/server/activateAccount.js.map +1 -1
  108. package/dist/api/com/atproto/server/deactivateAccount.d.ts.map +1 -1
  109. package/dist/api/com/atproto/server/deactivateAccount.js +3 -4
  110. package/dist/api/com/atproto/server/deactivateAccount.js.map +1 -1
  111. package/dist/api/com/atproto/server/deleteAccount.d.ts.map +1 -1
  112. package/dist/api/com/atproto/server/deleteAccount.js +51 -37
  113. package/dist/api/com/atproto/server/deleteAccount.js.map +1 -1
  114. package/dist/api/com/atproto/server/util.d.ts +25 -6
  115. package/dist/api/com/atproto/server/util.d.ts.map +1 -1
  116. package/dist/api/com/atproto/server/util.js.map +1 -1
  117. package/dist/api/com/atproto/sync/getRepo.d.ts.map +1 -1
  118. package/dist/api/com/atproto/sync/listRepos.d.ts.map +1 -1
  119. package/dist/api/com/atproto/sync/util.d.ts.map +1 -1
  120. package/dist/api/proxy.d.ts.map +1 -1
  121. package/dist/app-view.d.ts.map +1 -1
  122. package/dist/auth-routes.d.ts.map +1 -1
  123. package/dist/auth-verifier.d.ts.map +1 -1
  124. package/dist/background.d.ts.map +1 -1
  125. package/dist/basic-routes.d.ts.map +1 -1
  126. package/dist/bsky-app-view.d.ts.map +1 -1
  127. package/dist/config/config.d.ts +2 -1
  128. package/dist/config/config.d.ts.map +1 -1
  129. package/dist/config/config.js +4 -1
  130. package/dist/config/config.js.map +1 -1
  131. package/dist/config/env.d.ts.map +1 -1
  132. package/dist/config/secrets.d.ts.map +1 -1
  133. package/dist/context.d.ts.map +1 -1
  134. package/dist/context.js +1 -1
  135. package/dist/context.js.map +1 -1
  136. package/dist/crawlers.d.ts.map +1 -1
  137. package/dist/db/db.d.ts.map +1 -1
  138. package/dist/db/migrator.d.ts +4 -3
  139. package/dist/db/migrator.d.ts.map +1 -1
  140. package/dist/db/migrator.js +1 -1
  141. package/dist/db/migrator.js.map +1 -1
  142. package/dist/db/pagination.d.ts +3 -2
  143. package/dist/db/pagination.d.ts.map +1 -1
  144. package/dist/db/pagination.js +2 -2
  145. package/dist/db/pagination.js.map +1 -1
  146. package/dist/db/util.d.ts +3 -3
  147. package/dist/db/util.d.ts.map +1 -1
  148. package/dist/db/util.js.map +1 -1
  149. package/dist/did-cache/db/index.d.ts.map +1 -1
  150. package/dist/did-cache/db/migrations.d.ts.map +1 -1
  151. package/dist/did-cache/index.d.ts.map +1 -1
  152. package/dist/did-cache/index.js.map +1 -1
  153. package/dist/disk-blobstore.d.ts.map +1 -1
  154. package/dist/disk-blobstore.js.map +1 -1
  155. package/dist/handle/explicit-slurs.d.ts.map +1 -1
  156. package/dist/handle/index.d.ts.map +1 -1
  157. package/dist/image/image-url-builder.d.ts.map +1 -1
  158. package/dist/image/image-url-builder.js.map +1 -1
  159. package/dist/index.d.ts.map +1 -1
  160. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts +75 -155
  161. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts.map +1 -1
  162. package/dist/lexicons/app/bsky/actor/profile.defs.d.ts +100 -300
  163. package/dist/lexicons/app/bsky/actor/profile.defs.d.ts.map +1 -1
  164. package/dist/lexicons/app/bsky/actor/status.defs.d.ts +40 -40
  165. package/dist/lexicons/app/bsky/actor/status.defs.d.ts.map +1 -1
  166. package/dist/lexicons/app/bsky/authCreatePosts.defs.d.ts +1 -1
  167. package/dist/lexicons/app/bsky/authDeleteContent.defs.d.ts +1 -1
  168. package/dist/lexicons/app/bsky/authFullApp.defs.d.ts +1 -1
  169. package/dist/lexicons/app/bsky/authManageFeedDeclarations.defs.d.ts +1 -1
  170. package/dist/lexicons/app/bsky/authManageLabelerService.defs.d.ts +1 -1
  171. package/dist/lexicons/app/bsky/authManageModeration.defs.d.ts +1 -1
  172. package/dist/lexicons/app/bsky/authManageNotifications.defs.d.ts +1 -1
  173. package/dist/lexicons/app/bsky/authManageProfile.defs.d.ts +1 -1
  174. package/dist/lexicons/app/bsky/authViewAll.defs.d.ts +1 -1
  175. package/dist/lexicons/app/bsky/draft/defs.defs.d.ts +4 -4
  176. package/dist/lexicons/app/bsky/draft/defs.defs.d.ts.map +1 -1
  177. package/dist/lexicons/app/bsky/embed/external.defs.d.ts +10 -10
  178. package/dist/lexicons/app/bsky/embed/gallery.defs.d.ts +10 -42
  179. package/dist/lexicons/app/bsky/embed/gallery.defs.d.ts.map +1 -1
  180. package/dist/lexicons/app/bsky/embed/images.defs.d.ts +10 -10
  181. package/dist/lexicons/app/bsky/embed/record.defs.d.ts +10 -10
  182. package/dist/lexicons/app/bsky/embed/recordWithMedia.defs.d.ts +10 -10
  183. package/dist/lexicons/app/bsky/embed/video.defs.d.ts +50 -162
  184. package/dist/lexicons/app/bsky/embed/video.defs.d.ts.map +1 -1
  185. package/dist/lexicons/app/bsky/feed/generator.defs.d.ts +80 -160
  186. package/dist/lexicons/app/bsky/feed/generator.defs.d.ts.map +1 -1
  187. package/dist/lexicons/app/bsky/feed/like.defs.d.ts +30 -30
  188. package/dist/lexicons/app/bsky/feed/like.defs.d.ts.map +1 -1
  189. package/dist/lexicons/app/bsky/feed/post.defs.d.ts +80 -200
  190. package/dist/lexicons/app/bsky/feed/post.defs.d.ts.map +1 -1
  191. package/dist/lexicons/app/bsky/feed/postgate.defs.d.ts +40 -80
  192. package/dist/lexicons/app/bsky/feed/postgate.defs.d.ts.map +1 -1
  193. package/dist/lexicons/app/bsky/feed/repost.defs.d.ts +30 -30
  194. package/dist/lexicons/app/bsky/feed/repost.defs.d.ts.map +1 -1
  195. package/dist/lexicons/app/bsky/feed/threadgate.defs.d.ts +30 -30
  196. package/dist/lexicons/app/bsky/feed/threadgate.defs.d.ts.map +1 -1
  197. package/dist/lexicons/app/bsky/graph/block.defs.d.ts +20 -20
  198. package/dist/lexicons/app/bsky/graph/block.defs.d.ts.map +1 -1
  199. package/dist/lexicons/app/bsky/graph/follow.defs.d.ts +30 -30
  200. package/dist/lexicons/app/bsky/graph/follow.defs.d.ts.map +1 -1
  201. package/dist/lexicons/app/bsky/graph/list.defs.d.ts +60 -60
  202. package/dist/lexicons/app/bsky/graph/list.defs.d.ts.map +1 -1
  203. package/dist/lexicons/app/bsky/graph/listblock.defs.d.ts +20 -20
  204. package/dist/lexicons/app/bsky/graph/listblock.defs.d.ts.map +1 -1
  205. package/dist/lexicons/app/bsky/graph/listitem.defs.d.ts +20 -20
  206. package/dist/lexicons/app/bsky/graph/listitem.defs.d.ts.map +1 -1
  207. package/dist/lexicons/app/bsky/graph/starterpack.defs.d.ts +50 -90
  208. package/dist/lexicons/app/bsky/graph/starterpack.defs.d.ts.map +1 -1
  209. package/dist/lexicons/app/bsky/graph/verification.defs.d.ts +30 -30
  210. package/dist/lexicons/app/bsky/graph/verification.defs.d.ts.map +1 -1
  211. package/dist/lexicons/app/bsky/labeler/service.defs.d.ts +50 -130
  212. package/dist/lexicons/app/bsky/labeler/service.defs.d.ts.map +1 -1
  213. package/dist/lexicons/app/bsky/notification/declaration.defs.d.ts +10 -10
  214. package/dist/lexicons/app/bsky/notification/declaration.defs.d.ts.map +1 -1
  215. package/dist/lexicons/app/bsky/richtext/facet.defs.d.ts +10 -10
  216. package/dist/lexicons/chat/bsky/actor/declaration.defs.d.ts +20 -20
  217. package/dist/lexicons/chat/bsky/actor/declaration.defs.d.ts.map +1 -1
  218. package/dist/lexicons/chat/bsky/authFullChatClient.defs.d.ts +1 -1
  219. package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts +17 -0
  220. package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts.map +1 -1
  221. package/dist/lexicons/chat/bsky/convo/defs.defs.js +11 -0
  222. package/dist/lexicons/chat/bsky/convo/defs.defs.js.map +1 -1
  223. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.d.ts +1 -1
  224. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.d.ts.map +1 -1
  225. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.js +1 -0
  226. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.js.map +1 -1
  227. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.d.ts +1 -1
  228. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.d.ts.map +1 -1
  229. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.js +1 -0
  230. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.js.map +1 -1
  231. package/dist/lexicons/chat/bsky/embed/joinLink.defs.d.ts +10 -42
  232. package/dist/lexicons/chat/bsky/embed/joinLink.defs.d.ts.map +1 -1
  233. package/dist/lexicons/com/atproto/lexicon/schema.defs.d.ts +10 -10
  234. package/dist/lexicons/com/atproto/lexicon/schema.defs.d.ts.map +1 -1
  235. package/dist/lexicons/com/atproto/repo/strongRef.defs.d.ts +10 -10
  236. package/dist/lexicons/com/germnetwork/declaration.defs.d.ts +40 -120
  237. package/dist/lexicons/com/germnetwork/declaration.defs.d.ts.map +1 -1
  238. package/dist/lexicons/site/standard/document.defs.d.ts +130 -450
  239. package/dist/lexicons/site/standard/document.defs.d.ts.map +1 -1
  240. package/dist/lexicons/site/standard/graph/recommend.defs.d.ts +10 -10
  241. package/dist/lexicons/site/standard/graph/recommend.defs.d.ts.map +1 -1
  242. package/dist/lexicons/site/standard/graph/subscription.defs.d.ts +20 -60
  243. package/dist/lexicons/site/standard/graph/subscription.defs.d.ts.map +1 -1
  244. package/dist/lexicons/site/standard/publication.defs.d.ts +60 -220
  245. package/dist/lexicons/site/standard/publication.defs.d.ts.map +1 -1
  246. package/dist/lexicons/site/standard/theme/basic.defs.d.ts +10 -10
  247. package/dist/lexicons/site/standard/theme/basic.defs.d.ts.map +1 -1
  248. package/dist/lexicons/tools/ozone/moderation/queryStatuses.defs.d.ts +2 -2
  249. package/dist/lexicons/tools/ozone/set/querySets.defs.d.ts +2 -2
  250. package/dist/logger.d.ts +14 -14
  251. package/dist/logger.d.ts.map +1 -1
  252. package/dist/mailer/index.d.ts +2 -0
  253. package/dist/mailer/index.d.ts.map +1 -1
  254. package/dist/mailer/index.js +2 -0
  255. package/dist/mailer/index.js.map +1 -1
  256. package/dist/mailer/moderation.d.ts.map +1 -1
  257. package/dist/pipethrough.d.ts +1 -1
  258. package/dist/pipethrough.d.ts.map +1 -1
  259. package/dist/pipethrough.js.map +1 -1
  260. package/dist/rate-limits.d.ts.map +1 -1
  261. package/dist/read-after-write/util.d.ts.map +1 -1
  262. package/dist/read-after-write/viewer.d.ts +8 -8
  263. package/dist/read-after-write/viewer.d.ts.map +1 -1
  264. package/dist/read-after-write/viewer.js.map +1 -1
  265. package/dist/redis.d.ts.map +1 -1
  266. package/dist/repo/prepare.d.ts.map +1 -1
  267. package/dist/repo/types.d.ts.map +1 -1
  268. package/dist/repo/types.js.map +1 -1
  269. package/dist/scripts/index.d.ts.map +1 -1
  270. package/dist/scripts/publish-identity.d.ts.map +1 -1
  271. package/dist/scripts/rebuild-repo.d.ts.map +1 -1
  272. package/dist/scripts/rotate-keys.d.ts.map +1 -1
  273. package/dist/scripts/sequencer-recovery/index.d.ts.map +1 -1
  274. package/dist/scripts/sequencer-recovery/recoverer.d.ts.map +1 -1
  275. package/dist/scripts/sequencer-recovery/recoverer.js.map +1 -1
  276. package/dist/scripts/sequencer-recovery/recovery-db.d.ts.map +1 -1
  277. package/dist/scripts/sequencer-recovery/recovery-db.js.map +1 -1
  278. package/dist/scripts/sequencer-recovery/repair-repos.d.ts.map +1 -1
  279. package/dist/scripts/sequencer-recovery/user-queues.d.ts.map +1 -1
  280. package/dist/scripts/util.d.ts.map +1 -1
  281. package/dist/sequencer/db/index.d.ts.map +1 -1
  282. package/dist/sequencer/db/migrations/index.d.ts.map +1 -1
  283. package/dist/sequencer/events.d.ts +19 -19
  284. package/dist/sequencer/events.d.ts.map +1 -1
  285. package/dist/sequencer/events.js +6 -13
  286. package/dist/sequencer/events.js.map +1 -1
  287. package/dist/sequencer/outbox.d.ts.map +1 -1
  288. package/dist/sequencer/outbox.js.map +1 -1
  289. package/dist/sequencer/sequencer.d.ts +1 -1
  290. package/dist/sequencer/sequencer.d.ts.map +1 -1
  291. package/dist/sequencer/sequencer.js.map +1 -1
  292. package/dist/util/debug.d.ts.map +1 -1
  293. package/dist/well-known.d.ts.map +1 -1
  294. package/package.json +26 -27
  295. package/src/account-manager/account-manager.ts +135 -36
  296. package/src/account-manager/db/migrations/005-oauth-account-management.ts +6 -5
  297. package/src/account-manager/db/schema/authorization-request.ts +2 -1
  298. package/src/account-manager/db/schema/authorized-client.ts +6 -2
  299. package/src/account-manager/db/schema/token.ts +2 -2
  300. package/src/account-manager/helpers/account-device.ts +5 -11
  301. package/src/account-manager/helpers/account.ts +39 -16
  302. package/src/account-manager/helpers/auth.ts +2 -2
  303. package/src/account-manager/helpers/authorization-request.ts +12 -8
  304. package/src/account-manager/helpers/authorized-client.ts +12 -6
  305. package/src/account-manager/helpers/device.ts +4 -4
  306. package/src/account-manager/helpers/lexicon.ts +8 -3
  307. package/src/account-manager/helpers/password.ts +6 -0
  308. package/src/account-manager/helpers/token.ts +17 -11
  309. package/src/account-manager/oauth-store.ts +129 -61
  310. package/src/actor-store/blob/reader.ts +8 -5
  311. package/src/actor-store/record/reader.ts +3 -3
  312. package/src/actor-store/repo/sql-repo-reader.ts +1 -1
  313. package/src/api/com/atproto/admin/updateSubjectStatus.ts +16 -4
  314. package/src/api/com/atproto/server/activateAccount.ts +27 -49
  315. package/src/api/com/atproto/server/deactivateAccount.ts +3 -7
  316. package/src/api/com/atproto/server/deleteAccount.ts +60 -43
  317. package/src/api/com/atproto/server/util.ts +24 -7
  318. package/src/config/config.ts +7 -2
  319. package/src/context.ts +2 -3
  320. package/src/db/migrator.ts +2 -1
  321. package/src/db/pagination.ts +7 -7
  322. package/src/db/util.ts +5 -2
  323. package/src/mailer/index.ts +4 -2
  324. package/src/scripts/sequencer-recovery/recovery-db.ts +1 -1
  325. package/src/sequencer/events.ts +8 -13
  326. package/src/sequencer/sequencer.ts +1 -3
  327. package/tests/account-manager.test.ts +79 -0
  328. package/tests/account-status.test.ts +206 -0
  329. package/tests/oauth.test.ts +91 -0
  330. package/tsconfig.build.tsbuildinfo +1 -1
@@ -1,6 +1,6 @@
1
1
  import { DatetimeString, DidString } from '@atproto/lex';
2
2
  import { com } from '../../lexicons/index.js';
3
- import { AccountDb } from '../db/index.js';
3
+ import { AccountDb, InviteCode } from '../db/index.js';
4
4
  export type CodeDetail = com.atproto.server.defs.InviteCode;
5
5
  export type CodeUse = com.atproto.server.defs.InviteCodeUse;
6
6
  export declare const createInviteCodes: (db: AccountDb, toCreate: {
@@ -14,7 +14,40 @@ export declare const recordInviteUse: (db: AccountDb, opts: {
14
14
  now: DatetimeString;
15
15
  }) => Promise<void>;
16
16
  export declare const ensureInviteIsAvailable: (db: AccountDb, inviteCode: string) => Promise<void>;
17
- export declare const selectInviteCodesQb: (db: AccountDb) => import("kysely/dist/esm/parser/select-parser.js").SelectAllQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, import("kysely").AliasedQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "invite_code">, "invite_code", import("kysely").Selection<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "invite_code">, "invite_code", "invite_code.code as code" | "invite_code.availableUses as available" | "invite_code.disabled as disabled" | "invite_code.forAccount as forAccount" | "invite_code.createdBy as createdBy" | "invite_code.createdAt as createdAt" | import("kysely").AliasedQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "invite_code_use">, "invite_code_use", import("kysely").Selection<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "invite_code_use">, "invite_code_use", import("kysely").AliasedRawBuilder<number, "count">>, "uses">>, "codes">>, "codes", {}, "codes">;
17
+ export declare const selectInviteCodesQb: (db: AccountDb) => import("kysely").SelectQueryBuilder<{
18
+ account: import("../db/index.js").Account;
19
+ account_device: import("../db/index.js").AccountDevice;
20
+ actor: import("../db/index.js").Actor;
21
+ app_password: import("../db/index.js").AppPassword;
22
+ authorization_request: import("../db/index.js").AuthorizationRequest;
23
+ authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
24
+ codes: {
25
+ available: number;
26
+ code: string;
27
+ createdAt: DatetimeString;
28
+ createdBy: string;
29
+ disabled: 0 | 1;
30
+ forAccount: string;
31
+ uses: number | null;
32
+ };
33
+ device: import("../db/index.js").Device;
34
+ email_token: import("../db/index.js").EmailToken;
35
+ invite_code: InviteCode;
36
+ invite_code_use: import("../db/index.js").InviteCodeUse;
37
+ lexicon: import("../db/index.js").Lexicon;
38
+ refresh_token: import("../db/index.js").RefreshToken;
39
+ repo_root: import("../db/index.js").RepoRoot;
40
+ token: import("../db/index.js").Token;
41
+ used_refresh_token: import("../db/index.js").UsedRefreshToken;
42
+ }, "codes", {
43
+ available: number;
44
+ code: string;
45
+ createdAt: DatetimeString;
46
+ createdBy: string;
47
+ disabled: 0 | 1;
48
+ forAccount: string;
49
+ uses: number | null;
50
+ }>;
18
51
  export declare const getAccountsInviteCodes: (db: AccountDb, dids: string[]) => Promise<Map<string, CodeDetail[]>>;
19
52
  export declare const getInviteCodesUses: (db: AccountDb, codes: string[]) => Promise<Record<string, CodeUse[]>>;
20
53
  export declare const getInvitedByForAccounts: (db: AccountDb, dids: DidString[]) => Promise<Record<string, CodeDetail>>;
@@ -1 +1 @@
1
- {"version":3,"file":"invite.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/invite.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,SAAS,EAAyB,MAAM,cAAc,CAAA;AAG/E,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAc,MAAM,gBAAgB,CAAA;AAEtD,MAAM,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAA;AAC3D,MAAM,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAA;AAE3D,eAAO,MAAM,iBAAiB,GAC5B,IAAI,SAAS,EACb,UAAU;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,EAAE,CAAA;CAAE,EAAE,EAChD,UAAU,MAAM,kBAkBjB,CAAA;AAED,eAAO,MAAM,wBAAwB,GACnC,IAAI,SAAS,EACb,YAAY,MAAM,EAClB,OAAO,MAAM,EAAE,EACf,eAAe,MAAM,EACrB,UAAU,CAAC,GAAG,CAAC,KACd,OAAO,CAAC,UAAU,EAAE,CA+BtB,CAAA;AAED,eAAO,MAAM,eAAe,GAC1B,IAAI,SAAS,EACb,MAAM;IACJ,GAAG,EAAE,SAAS,CAAA;IACd,UAAU,EAAE,MAAM,GAAG,SAAS,CAAA;IAC9B,GAAG,EAAE,cAAc,CAAA;CACpB,kBAUF,CAAA;AAED,eAAO,MAAM,uBAAuB,GAClC,IAAI,SAAS,EACb,YAAY,MAAM,KACjB,OAAO,CAAC,IAAI,CA4Bd,CAAA;AAED,eAAO,MAAM,mBAAmB,GAAI,IAAI,SAAS,wnCAkBhD,CAAA;AAED,eAAO,MAAM,sBAAsB,GACjC,IAAI,SAAS,EACb,MAAM,MAAM,EAAE,KACb,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC,CAqBnC,CAAA;AAED,eAAO,MAAM,kBAAkB,GAC7B,IAAI,SAAS,EACb,OAAO,MAAM,EAAE,KACd,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,CAgBnC,CAAA;AAED,eAAO,MAAM,uBAAuB,GAClC,IAAI,SAAS,EACb,MAAM,SAAS,EAAE,KAChB,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAiCpC,CAAA;AAED,eAAO,MAAM,kBAAkB,GAC7B,IAAI,SAAS,EACb,MAAM;IAAE,KAAK,EAAE,MAAM,EAAE,CAAC;IAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;CAAE,kBAmB9C,CAAA;AAED,eAAO,MAAM,yBAAyB,GACpC,IAAI,SAAS,EACb,KAAK,SAAS,EACd,UAAU,OAAO,kBAQlB,CAAA"}
1
+ {"version":3,"file":"invite.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/invite.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,SAAS,EAAyB,MAAM,cAAc,CAAA;AAG/E,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAEtD,MAAM,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAA;AAC3D,MAAM,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAA;AAE3D,eAAO,MAAM,iBAAiB,OACxB,SAAS,YACH;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,EAAE,CAAA;CAAE,EAAE,YACtC,MAAM,kBAkBjB,CAAA;AAED,eAAO,MAAM,wBAAwB,OAC/B,SAAS,cACD,MAAM,SACX,MAAM,EAAE,iBACA,MAAM,YACX,CAAC,GAAG,CAAC,KACd,OAAO,CAAC,UAAU,EAAE,CA+BtB,CAAA;AAED,eAAO,MAAM,eAAe,OACtB,SAAS,QACP;IACJ,GAAG,EAAE,SAAS,CAAA;IACd,UAAU,EAAE,MAAM,GAAG,SAAS,CAAA;IAC9B,GAAG,EAAE,cAAc,CAAA;CACpB,kBAUF,CAAA;AAED,eAAO,MAAM,uBAAuB,OAC9B,SAAS,cACD,MAAM,KACjB,OAAO,CAAC,IAAI,CA4Bd,CAAA;AAED,eAAO,MAAM,mBAAmB,OAAQ,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAkBhD,CAAA;AAED,eAAO,MAAM,sBAAsB,OAC7B,SAAS,QACP,MAAM,EAAE,KACb,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC,CAqBnC,CAAA;AAED,eAAO,MAAM,kBAAkB,OACzB,SAAS,SACN,MAAM,EAAE,KACd,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,CAgBnC,CAAA;AAED,eAAO,MAAM,uBAAuB,OAC9B,SAAS,QACP,SAAS,EAAE,KAChB,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAiCpC,CAAA;AAED,eAAO,MAAM,kBAAkB,OACzB,SAAS,QACP;IAAE,KAAK,EAAE,MAAM,EAAE,CAAC;IAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;CAAE,kBAmB9C,CAAA;AAED,eAAO,MAAM,yBAAyB,OAChC,SAAS,OACR,SAAS,YACJ,OAAO,kBAQlB,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"lexicon.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/lexicon.ts"],"names":[],"mappings":"AACA,OAAO,EAA6B,WAAW,EAAE,MAAM,yBAAyB,CAAA;AAEhF,OAAO,EAAE,SAAS,EAAW,MAAM,gBAAgB,CAAA;AAEnD,wBAAsB,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,iBA8B1E;AAED,wBAAsB,IAAI,CACxB,EAAE,EAAE,SAAS,EACb,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAiB7B;AAED,wBAAsB,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,iBAEvD"}
1
+ {"version":3,"file":"lexicon.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/lexicon.ts"],"names":[],"mappings":"AAAA,OAAO,EAA6B,WAAW,EAAE,MAAM,yBAAyB,CAAA;AAEhF,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAE1C,wBAAsB,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,iBAoC1E;AAED,wBAAsB,IAAI,CACxB,EAAE,EAAE,SAAS,EACb,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAiB7B;AAED,wBAAsB,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,iBAEvD"}
@@ -1,6 +1,12 @@
1
1
  import { LEXICON_REFRESH_FREQUENCY } from '@atproto/oauth-provider';
2
2
  import { fromDateISO, fromJson, toDateISO, toJson } from '../../db/index.js';
3
3
  export async function upsert(db, nsid, data) {
4
+ // @TODO not annotated as `Omit<Insertable<Lexicon>, 'nsid'>`. Insertable's
5
+ // nullable/non-nullable key partition evaluates `IsNullable<InsertType<…>>`
6
+ // per column, which for the recursive `JsonEncoded<LexiconDocument>` column
7
+ // overflows the tsgo (TS7) checker's instantiation depth (TS2589). The older
8
+ // tsc handled it; the `.values()`/`.doUpdateSet()` calls below still
9
+ // type-check this object against the insert type regardless.
4
10
  const updates = {
5
11
  ...data,
6
12
  createdAt: toDateISO(data.createdAt),
@@ -1 +1 @@
1
- {"version":3,"file":"lexicon.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/lexicon.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,yBAAyB,EAAe,MAAM,yBAAyB,CAAA;AAChF,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAG5E,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,EAAa,EAAE,IAAY,EAAE,IAAiB;IACzE,MAAM,OAAO,GAAsC;QACjD,GAAG,IAAI;QACP,SAAS,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC;QACpC,SAAS,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC;QACpC,eAAe,EAAE,IAAI,CAAC,eAAe;YACnC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC;YACjC,CAAC,CAAC,IAAI;QACR,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI;KACpD,CAAA;IAED,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,SAAS,CAAC;SACrB,MAAM,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,CAAC;SAC5B,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAC9D,CAAA;IAED,4DAA4D;IAC5D,8BAA8B;IAC9B,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,SAAS,CAAC;SACrB,KAAK,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC;SAC5B,KAAK,CACJ,WAAW,EACX,GAAG,EACH,SAAS,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,yBAAyB,CAAC,CAAC,CAC5D,CACJ,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI,CACxB,EAAa,EACb,IAAY;IAEZ,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,SAAS,CAAC;SACrB,SAAS,EAAE;SACX,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;SACxB,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAA;IAErB,OAAO;QACL,GAAG,GAAG;QACN,SAAS,EAAE,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC;QACrC,SAAS,EAAE,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC;QACrC,eAAe,EAAE,GAAG,CAAC,eAAe;YAClC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,eAAe,CAAC;YAClC,CAAC,CAAC,IAAI;QACR,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI;KACpD,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,EAAa,EAAE,IAAY;IACtD,MAAM,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,OAAO,EAAE,CAAA;AACtE,CAAC","sourcesContent":["import { Insertable } from 'kysely'\nimport { LEXICON_REFRESH_FREQUENCY, LexiconData } from '@atproto/oauth-provider'\nimport { fromDateISO, fromJson, toDateISO, toJson } from '../../db/index.js'\nimport { AccountDb, Lexicon } from '../db/index.js'\n\nexport async function upsert(db: AccountDb, nsid: string, data: LexiconData) {\n const updates: Omit<Insertable<Lexicon>, 'nsid'> = {\n ...data,\n createdAt: toDateISO(data.createdAt),\n updatedAt: toDateISO(data.updatedAt),\n lastSucceededAt: data.lastSucceededAt\n ? toDateISO(data.lastSucceededAt)\n : null,\n lexicon: data.lexicon ? toJson(data.lexicon) : null,\n }\n\n await db.executeWithRetry(\n db.db\n .insertInto('lexicon')\n .values({ ...updates, nsid })\n .onConflict((oc) => oc.column('nsid').doUpdateSet(updates)),\n )\n\n // Garbage collection: remove old, never resolved, lexicons.\n // Uses \"lexicon_failures_idx\"\n await db.executeWithRetry(\n db.db\n .deleteFrom('lexicon')\n .where('lexicon', 'is', null)\n .where(\n 'updatedAt',\n '<',\n toDateISO(new Date(Date.now() - LEXICON_REFRESH_FREQUENCY)),\n ),\n )\n}\n\nexport async function find(\n db: AccountDb,\n nsid: string,\n): Promise<LexiconData | null> {\n const row = await db.db\n .selectFrom('lexicon')\n .selectAll()\n .where('nsid', '=', nsid)\n .executeTakeFirst()\n if (!row) return null\n\n return {\n ...row,\n createdAt: fromDateISO(row.createdAt),\n updatedAt: fromDateISO(row.updatedAt),\n lastSucceededAt: row.lastSucceededAt\n ? fromDateISO(row.lastSucceededAt)\n : null,\n lexicon: row.lexicon ? fromJson(row.lexicon) : null,\n }\n}\n\nexport async function remove(db: AccountDb, nsid: string) {\n await db.db.deleteFrom('lexicon').where('nsid', '=', nsid).execute()\n}\n"]}
1
+ {"version":3,"file":"lexicon.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/lexicon.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,yBAAyB,EAAe,MAAM,yBAAyB,CAAA;AAChF,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAG5E,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,EAAa,EAAE,IAAY,EAAE,IAAiB;IACzE,2EAA2E;IAC3E,4EAA4E;IAC5E,4EAA4E;IAC5E,6EAA6E;IAC7E,qEAAqE;IACrE,6DAA6D;IAC7D,MAAM,OAAO,GAAG;QACd,GAAG,IAAI;QACP,SAAS,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC;QACpC,SAAS,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC;QACpC,eAAe,EAAE,IAAI,CAAC,eAAe;YACnC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC;YACjC,CAAC,CAAC,IAAI;QACR,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI;KACpD,CAAA;IAED,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,SAAS,CAAC;SACrB,MAAM,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,CAAC;SAC5B,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAC9D,CAAA;IAED,4DAA4D;IAC5D,8BAA8B;IAC9B,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,SAAS,CAAC;SACrB,KAAK,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC;SAC5B,KAAK,CACJ,WAAW,EACX,GAAG,EACH,SAAS,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,yBAAyB,CAAC,CAAC,CAC5D,CACJ,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI,CACxB,EAAa,EACb,IAAY;IAEZ,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,SAAS,CAAC;SACrB,SAAS,EAAE;SACX,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;SACxB,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAA;IAErB,OAAO;QACL,GAAG,GAAG;QACN,SAAS,EAAE,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC;QACrC,SAAS,EAAE,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC;QACrC,eAAe,EAAE,GAAG,CAAC,eAAe;YAClC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,eAAe,CAAC;YAClC,CAAC,CAAC,IAAI;QACR,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI;KACpD,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,EAAa,EAAE,IAAY;IACtD,MAAM,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,OAAO,EAAE,CAAA;AACtE,CAAC","sourcesContent":["import { LEXICON_REFRESH_FREQUENCY, LexiconData } from '@atproto/oauth-provider'\nimport { fromDateISO, fromJson, toDateISO, toJson } from '../../db/index.js'\nimport { AccountDb } from '../db/index.js'\n\nexport async function upsert(db: AccountDb, nsid: string, data: LexiconData) {\n // @TODO not annotated as `Omit<Insertable<Lexicon>, 'nsid'>`. Insertable's\n // nullable/non-nullable key partition evaluates `IsNullable<InsertType<…>>`\n // per column, which for the recursive `JsonEncoded<LexiconDocument>` column\n // overflows the tsgo (TS7) checker's instantiation depth (TS2589). The older\n // tsc handled it; the `.values()`/`.doUpdateSet()` calls below still\n // type-check this object against the insert type regardless.\n const updates = {\n ...data,\n createdAt: toDateISO(data.createdAt),\n updatedAt: toDateISO(data.updatedAt),\n lastSucceededAt: data.lastSucceededAt\n ? toDateISO(data.lastSucceededAt)\n : null,\n lexicon: data.lexicon ? toJson(data.lexicon) : null,\n }\n\n await db.executeWithRetry(\n db.db\n .insertInto('lexicon')\n .values({ ...updates, nsid })\n .onConflict((oc) => oc.column('nsid').doUpdateSet(updates)),\n )\n\n // Garbage collection: remove old, never resolved, lexicons.\n // Uses \"lexicon_failures_idx\"\n await db.executeWithRetry(\n db.db\n .deleteFrom('lexicon')\n .where('lexicon', 'is', null)\n .where(\n 'updatedAt',\n '<',\n toDateISO(new Date(Date.now() - LEXICON_REFRESH_FREQUENCY)),\n ),\n )\n}\n\nexport async function find(\n db: AccountDb,\n nsid: string,\n): Promise<LexiconData | null> {\n const row = await db.db\n .selectFrom('lexicon')\n .selectAll()\n .where('nsid', '=', nsid)\n .executeTakeFirst()\n if (!row) return null\n\n return {\n ...row,\n createdAt: fromDateISO(row.createdAt),\n updatedAt: fromDateISO(row.updatedAt),\n lastSucceededAt: row.lastSucceededAt\n ? fromDateISO(row.lastSucceededAt)\n : null,\n lexicon: row.lexicon ? fromJson(row.lexicon) : null,\n }\n}\n\nexport async function remove(db: AccountDb, nsid: string) {\n await db.db.deleteFrom('lexicon').where('nsid', '=', nsid).execute()\n}\n"]}
@@ -18,4 +18,5 @@ export declare const listAppPasswords: (db: AccountDb, did: string) => Promise<{
18
18
  privileged: boolean;
19
19
  }[]>;
20
20
  export declare const deleteAppPassword: (db: AccountDb, did: string, name: string) => Promise<void>;
21
+ export declare const deleteAllAppPasswords: (db: AccountDb, did: string) => Promise<void>;
21
22
  //# sourceMappingURL=password.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"password.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/password.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAyB,MAAM,cAAc,CAAA;AAEpE,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAG1C,MAAM,MAAM,eAAe,GAAG;IAC5B,IAAI,EAAE,MAAM,CAAA;IACZ,UAAU,EAAE,OAAO,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,qBAAqB,GAChC,IAAI,SAAS,EACb,KAAK,MAAM,EACX,UAAU,MAAM,KACf,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,iBAAiB,GAC5B,IAAI,SAAS,EACb,KAAK,MAAM,EACX,UAAU,MAAM,KACf,OAAO,CAAC,eAAe,GAAG,IAAI,CAahC,CAAA;AAED,eAAO,MAAM,kBAAkB,GAC7B,IAAI,SAAS,EACb,MAAM;IACJ,GAAG,EAAE,MAAM,CAAA;IACX,cAAc,EAAE,MAAM,CAAA;CACvB,kBAQF,CAAA;AAED,eAAO,MAAM,iBAAiB,GAC5B,IAAI,SAAS,EACb,KAAK,MAAM,EACX,MAAM,MAAM,EACZ,YAAY,OAAO,KAClB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC,WAAW,CAiC1D,CAAA;AAED,eAAO,MAAM,gBAAgB,GAC3B,IAAI,SAAS,EACb,KAAK,MAAM,KACV,OAAO,CACR;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,cAAc,CAAC;IAAC,UAAU,EAAE,OAAO,CAAA;CAAE,EAAE,CAanE,CAAA;AAED,eAAO,MAAM,iBAAiB,GAC5B,IAAI,SAAS,EACb,KAAK,MAAM,EACX,MAAM,MAAM,kBAQb,CAAA"}
1
+ {"version":3,"file":"password.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/password.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAyB,MAAM,cAAc,CAAA;AAEpE,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAG1C,MAAM,MAAM,eAAe,GAAG;IAC5B,IAAI,EAAE,MAAM,CAAA;IACZ,UAAU,EAAE,OAAO,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,qBAAqB,OAC5B,SAAS,OACR,MAAM,YACD,MAAM,KACf,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,iBAAiB,OACxB,SAAS,OACR,MAAM,YACD,MAAM,KACf,OAAO,CAAC,eAAe,GAAG,IAAI,CAahC,CAAA;AAED,eAAO,MAAM,kBAAkB,OACzB,SAAS,QACP;IACJ,GAAG,EAAE,MAAM,CAAA;IACX,cAAc,EAAE,MAAM,CAAA;CACvB,kBAQF,CAAA;AAED,eAAO,MAAM,iBAAiB,OACxB,SAAS,OACR,MAAM,QACL,MAAM,cACA,OAAO,KAClB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC,WAAW,CAiC1D,CAAA;AAED,eAAO,MAAM,gBAAgB,OACvB,SAAS,OACR,MAAM,KACV,OAAO,CACR;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,cAAc,CAAC;IAAC,UAAU,EAAE,OAAO,CAAA;CAAE,EAAE,CAanE,CAAA;AAED,eAAO,MAAM,iBAAiB,OACxB,SAAS,OACR,MAAM,QACL,MAAM,kBAQb,CAAA;AAED,eAAO,MAAM,qBAAqB,OAAc,SAAS,OAAO,MAAM,kBAIrE,CAAA"}
@@ -82,4 +82,7 @@ export const deleteAppPassword = async (db, did, name) => {
82
82
  .where('did', '=', did)
83
83
  .where('name', '=', name));
84
84
  };
85
+ export const deleteAllAppPasswords = async (db, did) => {
86
+ await db.executeWithRetry(db.db.deleteFrom('app_password').where('did', '=', did));
87
+ };
85
88
  //# sourceMappingURL=password.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"password.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/password.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAkB,qBAAqB,EAAE,MAAM,cAAc,CAAA;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAA;AAG1D,OAAO,KAAK,MAAM,MAAM,aAAa,CAAA;AAOrC,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EACxC,EAAa,EACb,GAAW,EACX,QAAgB,EACE,EAAE;IACpB,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,EAAE;SACtB,UAAU,CAAC,SAAS,CAAC;SACrB,SAAS,EAAE;SACX,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,gBAAgB,EAAE,CAAA;IACrB,OAAO,KAAK,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;AAC5E,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,GAAW,EACX,QAAgB,EACiB,EAAE;IACnC,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;IAClE,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,EAAE;SACtB,UAAU,CAAC,cAAc,CAAC;SAC1B,SAAS,EAAE;SACX,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,gBAAgB,EAAE,GAAG,EAAE,cAAc,CAAC;SAC5C,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAA;IACvB,OAAO;QACL,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,UAAU,EAAE,KAAK,CAAC,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK;KAClD,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,EACrC,EAAa,EACb,IAGC,EACD,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,SAAS,CAAC;SACtB,GAAG,CAAC,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,CAAC;SAC5C,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAC/B,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,GAAW,EACX,IAAY,EACZ,UAAmB,EACwC,EAAE;IAC7D,sCAAsC;IACtC,sBAAsB;IACtB,MAAM,GAAG,GAAG,SAAS,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAChD,MAAM,MAAM,GAAG;QACb,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QACf,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QACf,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QAChB,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC;KAClB,CAAA;IACD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACjC,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;IAClE,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACrC,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,cAAc,CAAC;SAC1B,MAAM,CAAC;QACN,GAAG;QACH,IAAI;QACJ,cAAc;QACd,SAAS,EAAE,qBAAqB,EAAE;QAClC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;KAC/B,CAAC;SACD,YAAY,EAAE,CAClB,CAAA;IACD,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,mBAAmB,CAAC,wCAAwC,CAAC,CAAA;IACzE,CAAC;IACD,OAAO;QACL,IAAI;QACJ,QAAQ;QACR,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,UAAU;KACX,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,EACnC,EAAa,EACb,GAAW,EAGX,EAAE;IACF,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,cAAc,CAAC;SAC1B,MAAM,CAAC,CAAC,MAAM,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC;SAC3C,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC;SAC5B,OAAO,EAAE,CAAA;IACZ,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACvB,IAAI,EAAE,GAAG,CAAC,IAAI;QACd,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,UAAU,EAAE,GAAG,CAAC,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK;KAChD,CAAC,CAAC,CAAA;AACL,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,GAAW,EACX,IAAY,EACZ,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,cAAc,CAAC;SAC1B,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAC5B,CAAA;AACH,CAAC,CAAA","sourcesContent":["import { randomStr } from '@atproto/crypto'\nimport { DatetimeString, currentDatetimeString } from '@atproto/lex'\nimport { InvalidRequestError } from '@atproto/xrpc-server'\nimport { com } from '../../lexicons/index.js'\nimport { AccountDb } from '../db/index.js'\nimport * as scrypt from './scrypt.js'\n\nexport type AppPassDescript = {\n name: string\n privileged: boolean\n}\n\nexport const verifyAccountPassword = async (\n db: AccountDb,\n did: string,\n password: string,\n): Promise<boolean> => {\n const found = await db.db\n .selectFrom('account')\n .selectAll()\n .where('did', '=', did)\n .executeTakeFirst()\n return found ? await scrypt.verify(password, found.passwordScrypt) : false\n}\n\nexport const verifyAppPassword = async (\n db: AccountDb,\n did: string,\n password: string,\n): Promise<AppPassDescript | null> => {\n const passwordScrypt = await scrypt.hashAppPassword(did, password)\n const found = await db.db\n .selectFrom('app_password')\n .selectAll()\n .where('did', '=', did)\n .where('passwordScrypt', '=', passwordScrypt)\n .executeTakeFirst()\n if (!found) return null\n return {\n name: found.name,\n privileged: found.privileged === 1 ? true : false,\n }\n}\n\nexport const updateUserPassword = async (\n db: AccountDb,\n opts: {\n did: string\n passwordScrypt: string\n },\n) => {\n await db.executeWithRetry(\n db.db\n .updateTable('account')\n .set({ passwordScrypt: opts.passwordScrypt })\n .where('did', '=', opts.did),\n )\n}\n\nexport const createAppPassword = async (\n db: AccountDb,\n did: string,\n name: string,\n privileged: boolean,\n): Promise<com.atproto.server.createAppPassword.AppPassword> => {\n // create an app password with format:\n // 1234-abcd-5678-efgh\n const str = randomStr(16, 'base32').slice(0, 16)\n const chunks = [\n str.slice(0, 4),\n str.slice(4, 8),\n str.slice(8, 12),\n str.slice(12, 16),\n ]\n const password = chunks.join('-')\n const passwordScrypt = await scrypt.hashAppPassword(did, password)\n const [got] = await db.executeWithRetry(\n db.db\n .insertInto('app_password')\n .values({\n did,\n name,\n passwordScrypt,\n createdAt: currentDatetimeString(),\n privileged: privileged ? 1 : 0,\n })\n .returningAll(),\n )\n if (!got) {\n throw new InvalidRequestError('could not create app-specific password')\n }\n return {\n name,\n password,\n createdAt: got.createdAt,\n privileged,\n }\n}\n\nexport const listAppPasswords = async (\n db: AccountDb,\n did: string,\n): Promise<\n { name: string; createdAt: DatetimeString; privileged: boolean }[]\n> => {\n const res = await db.db\n .selectFrom('app_password')\n .select(['name', 'createdAt', 'privileged'])\n .where('did', '=', did)\n .orderBy('createdAt', 'desc')\n .execute()\n return res.map((row) => ({\n name: row.name,\n createdAt: row.createdAt,\n privileged: row.privileged === 1 ? true : false,\n }))\n}\n\nexport const deleteAppPassword = async (\n db: AccountDb,\n did: string,\n name: string,\n) => {\n await db.executeWithRetry(\n db.db\n .deleteFrom('app_password')\n .where('did', '=', did)\n .where('name', '=', name),\n )\n}\n"]}
1
+ {"version":3,"file":"password.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/password.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAkB,qBAAqB,EAAE,MAAM,cAAc,CAAA;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAA;AAG1D,OAAO,KAAK,MAAM,MAAM,aAAa,CAAA;AAOrC,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EACxC,EAAa,EACb,GAAW,EACX,QAAgB,EACE,EAAE;IACpB,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,EAAE;SACtB,UAAU,CAAC,SAAS,CAAC;SACrB,SAAS,EAAE;SACX,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,gBAAgB,EAAE,CAAA;IACrB,OAAO,KAAK,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;AAC5E,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,GAAW,EACX,QAAgB,EACiB,EAAE;IACnC,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;IAClE,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,EAAE;SACtB,UAAU,CAAC,cAAc,CAAC;SAC1B,SAAS,EAAE;SACX,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,gBAAgB,EAAE,GAAG,EAAE,cAAc,CAAC;SAC5C,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAA;IACvB,OAAO;QACL,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,UAAU,EAAE,KAAK,CAAC,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK;KAClD,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,EACrC,EAAa,EACb,IAGC,EACD,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,SAAS,CAAC;SACtB,GAAG,CAAC,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,CAAC;SAC5C,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAC/B,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,GAAW,EACX,IAAY,EACZ,UAAmB,EACwC,EAAE;IAC7D,sCAAsC;IACtC,sBAAsB;IACtB,MAAM,GAAG,GAAG,SAAS,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAChD,MAAM,MAAM,GAAG;QACb,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QACf,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QACf,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QAChB,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC;KAClB,CAAA;IACD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACjC,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;IAClE,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACrC,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,cAAc,CAAC;SAC1B,MAAM,CAAC;QACN,GAAG;QACH,IAAI;QACJ,cAAc;QACd,SAAS,EAAE,qBAAqB,EAAE;QAClC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;KAC/B,CAAC;SACD,YAAY,EAAE,CAClB,CAAA;IACD,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,mBAAmB,CAAC,wCAAwC,CAAC,CAAA;IACzE,CAAC;IACD,OAAO;QACL,IAAI;QACJ,QAAQ;QACR,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,UAAU;KACX,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,EACnC,EAAa,EACb,GAAW,EAGX,EAAE;IACF,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,cAAc,CAAC;SAC1B,MAAM,CAAC,CAAC,MAAM,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC;SAC3C,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC;SAC5B,OAAO,EAAE,CAAA;IACZ,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACvB,IAAI,EAAE,GAAG,CAAC,IAAI;QACd,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,UAAU,EAAE,GAAG,CAAC,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK;KAChD,CAAC,CAAC,CAAA;AACL,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,GAAW,EACX,IAAY,EACZ,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,cAAc,CAAC;SAC1B,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAC5B,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EAAE,EAAa,EAAE,GAAW,EAAE,EAAE;IACxE,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACxD,CAAA;AACH,CAAC,CAAA","sourcesContent":["import { randomStr } from '@atproto/crypto'\nimport { DatetimeString, currentDatetimeString } from '@atproto/lex'\nimport { InvalidRequestError } from '@atproto/xrpc-server'\nimport { com } from '../../lexicons/index.js'\nimport { AccountDb } from '../db/index.js'\nimport * as scrypt from './scrypt.js'\n\nexport type AppPassDescript = {\n name: string\n privileged: boolean\n}\n\nexport const verifyAccountPassword = async (\n db: AccountDb,\n did: string,\n password: string,\n): Promise<boolean> => {\n const found = await db.db\n .selectFrom('account')\n .selectAll()\n .where('did', '=', did)\n .executeTakeFirst()\n return found ? await scrypt.verify(password, found.passwordScrypt) : false\n}\n\nexport const verifyAppPassword = async (\n db: AccountDb,\n did: string,\n password: string,\n): Promise<AppPassDescript | null> => {\n const passwordScrypt = await scrypt.hashAppPassword(did, password)\n const found = await db.db\n .selectFrom('app_password')\n .selectAll()\n .where('did', '=', did)\n .where('passwordScrypt', '=', passwordScrypt)\n .executeTakeFirst()\n if (!found) return null\n return {\n name: found.name,\n privileged: found.privileged === 1 ? true : false,\n }\n}\n\nexport const updateUserPassword = async (\n db: AccountDb,\n opts: {\n did: string\n passwordScrypt: string\n },\n) => {\n await db.executeWithRetry(\n db.db\n .updateTable('account')\n .set({ passwordScrypt: opts.passwordScrypt })\n .where('did', '=', opts.did),\n )\n}\n\nexport const createAppPassword = async (\n db: AccountDb,\n did: string,\n name: string,\n privileged: boolean,\n): Promise<com.atproto.server.createAppPassword.AppPassword> => {\n // create an app password with format:\n // 1234-abcd-5678-efgh\n const str = randomStr(16, 'base32').slice(0, 16)\n const chunks = [\n str.slice(0, 4),\n str.slice(4, 8),\n str.slice(8, 12),\n str.slice(12, 16),\n ]\n const password = chunks.join('-')\n const passwordScrypt = await scrypt.hashAppPassword(did, password)\n const [got] = await db.executeWithRetry(\n db.db\n .insertInto('app_password')\n .values({\n did,\n name,\n passwordScrypt,\n createdAt: currentDatetimeString(),\n privileged: privileged ? 1 : 0,\n })\n .returningAll(),\n )\n if (!got) {\n throw new InvalidRequestError('could not create app-specific password')\n }\n return {\n name,\n password,\n createdAt: got.createdAt,\n privileged,\n }\n}\n\nexport const listAppPasswords = async (\n db: AccountDb,\n did: string,\n): Promise<\n { name: string; createdAt: DatetimeString; privileged: boolean }[]\n> => {\n const res = await db.db\n .selectFrom('app_password')\n .select(['name', 'createdAt', 'privileged'])\n .where('did', '=', did)\n .orderBy('createdAt', 'desc')\n .execute()\n return res.map((row) => ({\n name: row.name,\n createdAt: row.createdAt,\n privileged: row.privileged === 1 ? true : false,\n }))\n}\n\nexport const deleteAppPassword = async (\n db: AccountDb,\n did: string,\n name: string,\n) => {\n await db.executeWithRetry(\n db.db\n .deleteFrom('app_password')\n .where('did', '=', did)\n .where('name', '=', name),\n )\n}\n\nexport const deleteAllAppPasswords = async (db: AccountDb, did: string) => {\n await db.executeWithRetry(\n db.db.deleteFrom('app_password').where('did', '=', did),\n )\n}\n"]}
@@ -1 +1 @@
1
- {"version":3,"file":"repo.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/repo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAyB,MAAM,cAAc,CAAA;AACzD,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAE1C,eAAO,MAAM,UAAU,GACrB,IAAI,SAAS,EACb,KAAK,MAAM,EACX,KAAK,GAAG,EACR,KAAK,MAAM,kBAgBZ,CAAA"}
1
+ {"version":3,"file":"repo.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/repo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAyB,MAAM,cAAc,CAAA;AACzD,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAE1C,eAAO,MAAM,UAAU,OACjB,SAAS,OACR,MAAM,OACN,GAAG,OACH,MAAM,kBAgBZ,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"scrypt.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/scrypt.ts"],"names":[],"mappings":"AAIA,eAAO,MAAM,uBAAuB,MAAM,CAAA;AAC1C,eAAO,MAAM,uBAAuB,MAAM,CAAA;AAE1C,eAAO,MAAM,cAAc,GAAI,UAAU,MAAM,KAAG,OAAO,CAAC,MAAM,CAG/D,CAAA;AAED,eAAO,MAAM,YAAY,GACvB,UAAU,MAAM,EAChB,MAAM,MAAM,KACX,OAAO,CAAC,MAAM,CAOhB,CAAA;AAED,eAAO,MAAM,MAAM,GACjB,UAAU,MAAM,EAChB,YAAY,MAAM,KACjB,OAAO,CAAC,OAAO,CAIjB,CAAA;AAED,eAAO,MAAM,cAAc,GACzB,UAAU,MAAM,EAChB,MAAM,MAAM,KACX,OAAO,CAAC,MAAM,CAOhB,CAAA;AAED,eAAO,MAAM,eAAe,GAC1B,KAAK,MAAM,EACX,UAAU,MAAM,KACf,OAAO,CAAC,MAAM,CAIhB,CAAA"}
1
+ {"version":3,"file":"scrypt.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/scrypt.ts"],"names":[],"mappings":"AAIA,eAAO,MAAM,uBAAuB,MAAM,CAAA;AAC1C,eAAO,MAAM,uBAAuB,MAAM,CAAA;AAE1C,eAAO,MAAM,cAAc,aAAc,MAAM,KAAG,OAAO,CAAC,MAAM,CAG/D,CAAA;AAED,eAAO,MAAM,YAAY,aACb,MAAM,QACV,MAAM,KACX,OAAO,CAAC,MAAM,CAOhB,CAAA;AAED,eAAO,MAAM,MAAM,aACP,MAAM,cACJ,MAAM,KACjB,OAAO,CAAC,OAAO,CAIjB,CAAA;AAED,eAAO,MAAM,cAAc,aACf,MAAM,QACV,MAAM,KACX,OAAO,CAAC,MAAM,CAOhB,CAAA;AAED,eAAO,MAAM,eAAe,QACrB,MAAM,YACD,MAAM,KACf,OAAO,CAAC,MAAM,CAIhB,CAAA"}