@atproto/pds 0.5.5 → 0.5.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (147) hide show
  1. package/CHANGELOG.md +15 -0
  2. package/dist/account-manager/account-manager.d.ts +51 -13
  3. package/dist/account-manager/account-manager.d.ts.map +1 -1
  4. package/dist/account-manager/account-manager.js +86 -26
  5. package/dist/account-manager/account-manager.js.map +1 -1
  6. package/dist/account-manager/db/migrations/005-oauth-account-management.d.ts.map +1 -1
  7. package/dist/account-manager/db/migrations/005-oauth-account-management.js +3 -4
  8. package/dist/account-manager/db/migrations/005-oauth-account-management.js.map +1 -1
  9. package/dist/account-manager/db/schema/authorization-request.d.ts +2 -2
  10. package/dist/account-manager/db/schema/authorization-request.d.ts.map +1 -1
  11. package/dist/account-manager/db/schema/authorization-request.js.map +1 -1
  12. package/dist/account-manager/db/schema/authorized-client.d.ts +2 -2
  13. package/dist/account-manager/db/schema/authorized-client.d.ts.map +1 -1
  14. package/dist/account-manager/db/schema/authorized-client.js.map +1 -1
  15. package/dist/account-manager/db/schema/token.d.ts +2 -2
  16. package/dist/account-manager/db/schema/token.d.ts.map +1 -1
  17. package/dist/account-manager/db/schema/token.js.map +1 -1
  18. package/dist/account-manager/helpers/account-device.d.ts +23 -196
  19. package/dist/account-manager/helpers/account-device.d.ts.map +1 -1
  20. package/dist/account-manager/helpers/account-device.js +3 -3
  21. package/dist/account-manager/helpers/account-device.js.map +1 -1
  22. package/dist/account-manager/helpers/account.d.ts +14 -4
  23. package/dist/account-manager/helpers/account.d.ts.map +1 -1
  24. package/dist/account-manager/helpers/account.js +17 -11
  25. package/dist/account-manager/helpers/account.js.map +1 -1
  26. package/dist/account-manager/helpers/auth.js +1 -1
  27. package/dist/account-manager/helpers/auth.js.map +1 -1
  28. package/dist/account-manager/helpers/authorization-request.d.ts +83 -5
  29. package/dist/account-manager/helpers/authorization-request.d.ts.map +1 -1
  30. package/dist/account-manager/helpers/authorization-request.js +8 -8
  31. package/dist/account-manager/helpers/authorization-request.js.map +1 -1
  32. package/dist/account-manager/helpers/authorized-client.d.ts +5 -4
  33. package/dist/account-manager/helpers/authorized-client.d.ts.map +1 -1
  34. package/dist/account-manager/helpers/authorized-client.js +3 -0
  35. package/dist/account-manager/helpers/authorized-client.js.map +1 -1
  36. package/dist/account-manager/helpers/device.d.ts +9 -3
  37. package/dist/account-manager/helpers/device.d.ts.map +1 -1
  38. package/dist/account-manager/helpers/device.js +4 -4
  39. package/dist/account-manager/helpers/device.js.map +1 -1
  40. package/dist/account-manager/helpers/invite.d.ts +35 -2
  41. package/dist/account-manager/helpers/invite.d.ts.map +1 -1
  42. package/dist/account-manager/helpers/lexicon.d.ts.map +1 -1
  43. package/dist/account-manager/helpers/lexicon.js +6 -0
  44. package/dist/account-manager/helpers/lexicon.js.map +1 -1
  45. package/dist/account-manager/helpers/password.d.ts +1 -0
  46. package/dist/account-manager/helpers/password.d.ts.map +1 -1
  47. package/dist/account-manager/helpers/password.js +3 -0
  48. package/dist/account-manager/helpers/password.js.map +1 -1
  49. package/dist/account-manager/helpers/token.d.ts +72 -1031
  50. package/dist/account-manager/helpers/token.d.ts.map +1 -1
  51. package/dist/account-manager/helpers/token.js +13 -10
  52. package/dist/account-manager/helpers/token.js.map +1 -1
  53. package/dist/account-manager/helpers/used-refresh-token.d.ts +6 -2
  54. package/dist/account-manager/helpers/used-refresh-token.d.ts.map +1 -1
  55. package/dist/account-manager/oauth-store.d.ts +17 -13
  56. package/dist/account-manager/oauth-store.d.ts.map +1 -1
  57. package/dist/account-manager/oauth-store.js +89 -39
  58. package/dist/account-manager/oauth-store.js.map +1 -1
  59. package/dist/actor-store/blob/reader.d.ts.map +1 -1
  60. package/dist/actor-store/blob/reader.js +2 -3
  61. package/dist/actor-store/blob/reader.js.map +1 -1
  62. package/dist/actor-store/record/reader.js +3 -3
  63. package/dist/actor-store/record/reader.js.map +1 -1
  64. package/dist/actor-store/repo/sql-repo-reader.d.ts +5 -1
  65. package/dist/actor-store/repo/sql-repo-reader.d.ts.map +1 -1
  66. package/dist/actor-store/repo/sql-repo-reader.js.map +1 -1
  67. package/dist/api/com/atproto/admin/updateSubjectStatus.d.ts.map +1 -1
  68. package/dist/api/com/atproto/admin/updateSubjectStatus.js +12 -4
  69. package/dist/api/com/atproto/admin/updateSubjectStatus.js.map +1 -1
  70. package/dist/api/com/atproto/server/activateAccount.d.ts.map +1 -1
  71. package/dist/api/com/atproto/server/activateAccount.js +25 -31
  72. package/dist/api/com/atproto/server/activateAccount.js.map +1 -1
  73. package/dist/api/com/atproto/server/deactivateAccount.d.ts.map +1 -1
  74. package/dist/api/com/atproto/server/deactivateAccount.js +3 -4
  75. package/dist/api/com/atproto/server/deactivateAccount.js.map +1 -1
  76. package/dist/api/com/atproto/server/deleteAccount.d.ts.map +1 -1
  77. package/dist/api/com/atproto/server/deleteAccount.js +51 -37
  78. package/dist/api/com/atproto/server/deleteAccount.js.map +1 -1
  79. package/dist/api/com/atproto/server/util.d.ts +25 -6
  80. package/dist/api/com/atproto/server/util.d.ts.map +1 -1
  81. package/dist/api/com/atproto/server/util.js.map +1 -1
  82. package/dist/config/config.d.ts +2 -1
  83. package/dist/config/config.d.ts.map +1 -1
  84. package/dist/config/config.js +4 -1
  85. package/dist/config/config.js.map +1 -1
  86. package/dist/context.d.ts.map +1 -1
  87. package/dist/context.js +1 -1
  88. package/dist/context.js.map +1 -1
  89. package/dist/db/migrator.d.ts +4 -3
  90. package/dist/db/migrator.d.ts.map +1 -1
  91. package/dist/db/migrator.js +1 -1
  92. package/dist/db/migrator.js.map +1 -1
  93. package/dist/db/pagination.d.ts +2 -1
  94. package/dist/db/pagination.d.ts.map +1 -1
  95. package/dist/db/pagination.js +2 -2
  96. package/dist/db/pagination.js.map +1 -1
  97. package/dist/db/util.d.ts +3 -3
  98. package/dist/db/util.d.ts.map +1 -1
  99. package/dist/db/util.js.map +1 -1
  100. package/dist/mailer/index.d.ts +2 -0
  101. package/dist/mailer/index.d.ts.map +1 -1
  102. package/dist/mailer/index.js +2 -0
  103. package/dist/mailer/index.js.map +1 -1
  104. package/dist/scripts/sequencer-recovery/recovery-db.js.map +1 -1
  105. package/dist/sequencer/events.d.ts.map +1 -1
  106. package/dist/sequencer/events.js +6 -13
  107. package/dist/sequencer/events.js.map +1 -1
  108. package/dist/sequencer/sequencer.d.ts +1 -1
  109. package/dist/sequencer/sequencer.d.ts.map +1 -1
  110. package/dist/sequencer/sequencer.js.map +1 -1
  111. package/package.json +13 -13
  112. package/src/account-manager/account-manager.ts +135 -36
  113. package/src/account-manager/db/migrations/005-oauth-account-management.ts +6 -5
  114. package/src/account-manager/db/schema/authorization-request.ts +2 -1
  115. package/src/account-manager/db/schema/authorized-client.ts +6 -2
  116. package/src/account-manager/db/schema/token.ts +2 -2
  117. package/src/account-manager/helpers/account-device.ts +5 -11
  118. package/src/account-manager/helpers/account.ts +39 -16
  119. package/src/account-manager/helpers/auth.ts +2 -2
  120. package/src/account-manager/helpers/authorization-request.ts +12 -8
  121. package/src/account-manager/helpers/authorized-client.ts +12 -6
  122. package/src/account-manager/helpers/device.ts +4 -4
  123. package/src/account-manager/helpers/lexicon.ts +8 -3
  124. package/src/account-manager/helpers/password.ts +6 -0
  125. package/src/account-manager/helpers/token.ts +17 -11
  126. package/src/account-manager/oauth-store.ts +129 -61
  127. package/src/actor-store/blob/reader.ts +8 -5
  128. package/src/actor-store/record/reader.ts +3 -3
  129. package/src/actor-store/repo/sql-repo-reader.ts +1 -1
  130. package/src/api/com/atproto/admin/updateSubjectStatus.ts +16 -4
  131. package/src/api/com/atproto/server/activateAccount.ts +27 -49
  132. package/src/api/com/atproto/server/deactivateAccount.ts +3 -7
  133. package/src/api/com/atproto/server/deleteAccount.ts +60 -43
  134. package/src/api/com/atproto/server/util.ts +24 -7
  135. package/src/config/config.ts +7 -2
  136. package/src/context.ts +2 -3
  137. package/src/db/migrator.ts +2 -1
  138. package/src/db/pagination.ts +7 -7
  139. package/src/db/util.ts +5 -2
  140. package/src/mailer/index.ts +4 -2
  141. package/src/scripts/sequencer-recovery/recovery-db.ts +1 -1
  142. package/src/sequencer/events.ts +8 -13
  143. package/src/sequencer/sequencer.ts +1 -3
  144. package/tests/account-manager.test.ts +79 -0
  145. package/tests/account-status.test.ts +206 -0
  146. package/tests/db.test.ts +3 -3
  147. package/tests/oauth.test.ts +91 -0
@@ -1 +1 @@
1
- {"version":3,"file":"005-oauth-account-management.js","sourceRoot":"","sources":["../../../../src/account-manager/db/migrations/005-oauth-account-management.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAEtC,OAAO,EAAwB,SAAS,EAAE,MAAM,sBAAsB,CAAA;AAEtE,iEAAiE;AACjE,mEAAmE;AACnE,qEAAqE;AACrE,mEAAmE;AACnE,2DAA2D;AAC3D,yBAAyB;AACzB,sEAAsE;AAEtE,MAAM,CAAC,KAAK,UAAU,EAAE,CACtB,EAmBE;IAEF,wEAAwE;IACxE,kDAAkD;IAClD,MAAM,EAAE;SACL,UAAU,CAAC,gBAAgB,CAAC;SAC5B,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;SACzB,KAAK,CAAC,iBAAiB,EAAE,GAAG,EAAE,SAAS,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;SACrE,OAAO,EAAE,CAAA;IAEZ,4BAA4B;IAC5B,qEAAqE;IACrE,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,gBAAgB,CAAC;SAC7B,WAAW,EAAE;SACb,SAAS,CAAC,KAAK,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACnD,SAAS,CAAC,UAAU,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACxD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,uBAAuB,CAAC,mBAAmB,EAAE;QAC5C,UAAU,EAAE,kEAAkE;QAC9E,KAAK;KACN,CAAC;SACD,uBAAuB,CACtB,uBAAuB,EACvB,CAAC,KAAK,CAAC,EACP,SAAS,EACT,CAAC,KAAK,CAAC;IACP,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,uBAAuB,CACtB,6BAA6B,EAC7B,CAAC,UAAU,CAAC,EACZ,QAAQ,EACR,CAAC,IAAI,CAAC;IACN,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,OAAO,EAAE,CAAA;IAEZ,+CAA+C;IAC/C,oEAAoE;IACpE,MAAM,EAAE;SACL,UAAU,CAAC,gBAAgB,CAAC;SAC5B,OAAO,CAAC,CAAC,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;SACtD,UAAU,CACT,EAAE;SACC,UAAU,CAAC,gBAAgB,CAAC;SAC5B,MAAM,CAAC,KAAK,CAAC;SACb,MAAM,CAAC,UAAU,CAAC;SAClB,MAAM,CAAC,8BAA8B,CAAC,CAAC,iBAAiB;SACxD,MAAM,CAAC,8BAA8B,CAAC;SACtC,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;SACzB,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE;IAClB,oDAAoD;IACpD,2DAA2D;IAC3D,EAAE;SACC,UAAU,CAAC,SAAS,CAAC;SACrB,SAAS,EAAE;SACX,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,oBAAoB,CAAC,CACtD,CACJ;SACA,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;SAClC,OAAO,EAAE,CAAA;IAEZ,8EAA8E;IAC9E,uDAAuD;IAEvD,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,wBAAwB,CAAC;SACrC,EAAE,CAAC,gBAAgB,CAAC;SACpB,MAAM,CAAC,KAAK,CAAC;SACb,OAAO,EAAE,CAAA;IAEZ,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,mBAAmB,CAAC;SAChC,SAAS,CAAC,KAAK,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACnD,SAAS,CAAC,UAAU,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACxD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,MAAM,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACpD,uBAAuB,CAAC,sBAAsB,EAAE,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;SACpE,uBAAuB,CACtB,0BAA0B,EAC1B,CAAC,KAAK,CAAC,EACP,SAAS,EACT,CAAC,KAAK,CAAC;IACP,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,OAAO,EAAE,CAAA;IAEZ,4EAA4E;IAC5E,4EAA4E;IAC5E,oCAAoC;AACtC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,EAAmB;IAC5C,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,OAAO,EAAE,CAAA;IACxD,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,OAAO,EAAE,CAAA;AACvD,CAAC","sourcesContent":["import { Kysely } from 'kysely'\nimport { HOUR } from '@atproto/common'\nimport { ClientId, DeviceId } from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded, toDateISO } from '../../../db/index.js'\n\n// @NOTE this migration has been updated to be idempotent through\n// the insertInto('account_device') step. this allows users to roll\n// forward if the migration partially succeeded on first run, failing\n// on a fk constraint during the insertInto('account_device') step.\n// this previously occurred under the following conditions:\n// a. a user was deleted\n// b. this user used oauth functionality with \"remember me\" selected.\n\nexport async function up(\n db: Kysely<{\n account: {\n did: string\n }\n device_account: {\n did: string\n deviceId: DeviceId\n\n remember: 0 | 1\n authenticatedAt: string\n authorizedClients: JsonEncoded<ClientId[]>\n }\n account_device: {\n did: string\n deviceId: DeviceId\n\n createdAt: DateISO\n updatedAt: DateISO\n }\n }>,\n): Promise<void> {\n // Security: Delete any leftover device accounts that are not remembered\n // @NOTE idempotent, see note at top of migration.\n await db\n .deleteFrom('device_account')\n .where('remember', '=', 0)\n .where('authenticatedAt', '<', toDateISO(new Date(Date.now() - HOUR)))\n .execute()\n\n // replaces \"device_account\"\n // @NOTE idempotent from ifNotExists(), see note at top of migration.\n await db.schema\n .createTable('account_device')\n .ifNotExists()\n .addColumn('did', 'varchar', (col) => col.notNull())\n .addColumn('deviceId', 'varchar', (col) => col.notNull())\n .addColumn('createdAt', 'varchar', (col) => col.notNull())\n .addColumn('updatedAt', 'varchar', (col) => col.notNull())\n .addPrimaryKeyConstraint('account_device_pk', [\n 'deviceId', // first because this table will be joined from the \"device\" table\n 'did',\n ])\n .addForeignKeyConstraint(\n 'account_device_did_fk',\n ['did'],\n 'account',\n ['did'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .addForeignKeyConstraint(\n 'account_device_device_id_fk',\n ['deviceId'],\n 'device',\n ['id'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .execute()\n\n // Migrate \"device_account\" to \"account_device\"\n // @NOTE idempotent from onConflict(): see note at top of migration.\n await db\n .insertInto('account_device')\n .columns(['did', 'deviceId', 'createdAt', 'updatedAt'])\n .expression(\n db\n .selectFrom('device_account')\n .select('did')\n .select('deviceId')\n .select('authenticatedAt as createdAt') // Best we can do\n .select('authenticatedAt as updatedAt')\n .where('remember', '=', 1)\n .whereExists((qb) =>\n // device_account does not have fkey on account.did,\n // so we satisfy account_device_did_fk with this condition.\n qb\n .selectFrom('account')\n .selectAll()\n .whereRef('account.did', '=', 'device_account.did'),\n ),\n )\n .onConflict((oc) => oc.doNothing())\n .execute()\n\n // @NOTE No need to create an index on \"deviceId\" for \"account_device\" because\n // it is the first column in the primary key constraint\n\n await db.schema\n .createIndex('account_device_did_idx')\n .on('account_device')\n .column('did')\n .execute()\n\n await db.schema\n .createTable('authorized_client')\n .addColumn('did', 'varchar', (col) => col.notNull())\n .addColumn('clientId', 'varchar', (col) => col.notNull())\n .addColumn('createdAt', 'varchar', (col) => col.notNull())\n .addColumn('updatedAt', 'varchar', (col) => col.notNull())\n .addColumn('data', 'varchar', (col) => col.notNull())\n .addPrimaryKeyConstraint('authorized_client_pk', ['did', 'clientId'])\n .addForeignKeyConstraint(\n 'authorized_client_did_fk',\n ['did'],\n 'account',\n ['did'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .execute()\n\n // We don't migrate the \"device_account\" authorized clients. Users will need\n // to reauthorize the client during the next oauth flow (minor inconvenience\n // for authenticated clients users).\n}\n\nexport async function down(db: Kysely<unknown>): Promise<void> {\n await db.schema.dropTable('authorized_client').execute()\n await db.schema.dropTable('account_device').execute()\n}\n"]}
1
+ {"version":3,"file":"005-oauth-account-management.js","sourceRoot":"","sources":["../../../../src/account-manager/db/migrations/005-oauth-account-management.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAEtC,OAAO,EAAwB,SAAS,EAAE,MAAM,sBAAsB,CAAA;AAEtE,iEAAiE;AACjE,mEAAmE;AACnE,qEAAqE;AACrE,mEAAmE;AACnE,2DAA2D;AAC3D,yBAAyB;AACzB,sEAAsE;AAEtE,MAAM,CAAC,KAAK,UAAU,EAAE,CACtB,EAmBE;IAEF,wEAAwE;IACxE,kDAAkD;IAClD,MAAM,EAAE;SACL,UAAU,CAAC,gBAAgB,CAAC;SAC5B,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;SACzB,KAAK,CAAC,iBAAiB,EAAE,GAAG,EAAE,SAAS,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;SACrE,OAAO,EAAE,CAAA;IAEZ,4BAA4B;IAC5B,qEAAqE;IACrE,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,gBAAgB,CAAC;SAC7B,WAAW,EAAE;SACb,SAAS,CAAC,KAAK,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACnD,SAAS,CAAC,UAAU,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACxD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,uBAAuB,CAAC,mBAAmB,EAAE;QAC5C,UAAU,EAAE,kEAAkE;QAC9E,KAAK;KACN,CAAC;SACD,uBAAuB,CACtB,uBAAuB,EACvB,CAAC,KAAK,CAAC,EACP,SAAS,EACT,CAAC,KAAK,CAAC;IACP,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,uBAAuB,CACtB,6BAA6B,EAC7B,CAAC,UAAU,CAAC,EACZ,QAAQ,EACR,CAAC,IAAI,CAAC;IACN,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,OAAO,EAAE,CAAA;IAEZ,+CAA+C;IAC/C,oEAAoE;IACpE,MAAM,EAAE;SACL,UAAU,CAAC,gBAAgB,CAAC;SAC5B,OAAO,CAAC,CAAC,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;SACtD,UAAU,CACT,EAAE;SACC,UAAU,CAAC,gBAAgB,CAAC;SAC5B,MAAM,CAAC,KAAK,CAAC;SACb,MAAM,CAAC,UAAU,CAAC;SAClB,MAAM,CAAC,8BAA8B,CAAC,CAAC,iBAAiB;SACxD,MAAM,CAAC,8BAA8B,CAAC;SACtC,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;SACzB,KAAK,CAAC,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE;IAChC,oDAAoD;IACpD,2DAA2D;IAC3D,MAAM,CACJ,UAAU,CAAC,SAAS,CAAC;SAClB,SAAS,EAAE;SACX,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,oBAAoB,CAAC,CACtD,CACF,CACJ;SACA,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;SAClC,OAAO,EAAE,CAAA;IAEZ,8EAA8E;IAC9E,uDAAuD;IAEvD,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,wBAAwB,CAAC;SACrC,EAAE,CAAC,gBAAgB,CAAC;SACpB,MAAM,CAAC,KAAK,CAAC;SACb,OAAO,EAAE,CAAA;IAEZ,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,mBAAmB,CAAC;SAChC,SAAS,CAAC,KAAK,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACnD,SAAS,CAAC,UAAU,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACxD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,MAAM,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACpD,uBAAuB,CAAC,sBAAsB,EAAE,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;SACpE,uBAAuB,CACtB,0BAA0B,EAC1B,CAAC,KAAK,CAAC,EACP,SAAS,EACT,CAAC,KAAK,CAAC;IACP,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,OAAO,EAAE,CAAA;IAEZ,4EAA4E;IAC5E,4EAA4E;IAC5E,oCAAoC;AACtC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,EAAmB;IAC5C,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,OAAO,EAAE,CAAA;IACxD,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,OAAO,EAAE,CAAA;AACvD,CAAC","sourcesContent":["import { Kysely } from 'kysely'\nimport { HOUR } from '@atproto/common'\nimport { ClientId, DeviceId } from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded, toDateISO } from '../../../db/index.js'\n\n// @NOTE this migration has been updated to be idempotent through\n// the insertInto('account_device') step. this allows users to roll\n// forward if the migration partially succeeded on first run, failing\n// on a fk constraint during the insertInto('account_device') step.\n// this previously occurred under the following conditions:\n// a. a user was deleted\n// b. this user used oauth functionality with \"remember me\" selected.\n\nexport async function up(\n db: Kysely<{\n account: {\n did: string\n }\n device_account: {\n did: string\n deviceId: DeviceId\n\n remember: 0 | 1\n authenticatedAt: string\n authorizedClients: JsonEncoded<ClientId[]>\n }\n account_device: {\n did: string\n deviceId: DeviceId\n\n createdAt: DateISO\n updatedAt: DateISO\n }\n }>,\n): Promise<void> {\n // Security: Delete any leftover device accounts that are not remembered\n // @NOTE idempotent, see note at top of migration.\n await db\n .deleteFrom('device_account')\n .where('remember', '=', 0)\n .where('authenticatedAt', '<', toDateISO(new Date(Date.now() - HOUR)))\n .execute()\n\n // replaces \"device_account\"\n // @NOTE idempotent from ifNotExists(), see note at top of migration.\n await db.schema\n .createTable('account_device')\n .ifNotExists()\n .addColumn('did', 'varchar', (col) => col.notNull())\n .addColumn('deviceId', 'varchar', (col) => col.notNull())\n .addColumn('createdAt', 'varchar', (col) => col.notNull())\n .addColumn('updatedAt', 'varchar', (col) => col.notNull())\n .addPrimaryKeyConstraint('account_device_pk', [\n 'deviceId', // first because this table will be joined from the \"device\" table\n 'did',\n ])\n .addForeignKeyConstraint(\n 'account_device_did_fk',\n ['did'],\n 'account',\n ['did'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .addForeignKeyConstraint(\n 'account_device_device_id_fk',\n ['deviceId'],\n 'device',\n ['id'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .execute()\n\n // Migrate \"device_account\" to \"account_device\"\n // @NOTE idempotent from onConflict(): see note at top of migration.\n await db\n .insertInto('account_device')\n .columns(['did', 'deviceId', 'createdAt', 'updatedAt'])\n .expression(\n db\n .selectFrom('device_account')\n .select('did')\n .select('deviceId')\n .select('authenticatedAt as createdAt') // Best we can do\n .select('authenticatedAt as updatedAt')\n .where('remember', '=', 1)\n .where(({ exists, selectFrom }) =>\n // device_account does not have fkey on account.did,\n // so we satisfy account_device_did_fk with this condition.\n exists(\n selectFrom('account')\n .selectAll()\n .whereRef('account.did', '=', 'device_account.did'),\n ),\n ),\n )\n .onConflict((oc) => oc.doNothing())\n .execute()\n\n // @NOTE No need to create an index on \"deviceId\" for \"account_device\" because\n // it is the first column in the primary key constraint\n\n await db.schema\n .createIndex('account_device_did_idx')\n .on('account_device')\n .column('did')\n .execute()\n\n await db.schema\n .createTable('authorized_client')\n .addColumn('did', 'varchar', (col) => col.notNull())\n .addColumn('clientId', 'varchar', (col) => col.notNull())\n .addColumn('createdAt', 'varchar', (col) => col.notNull())\n .addColumn('updatedAt', 'varchar', (col) => col.notNull())\n .addColumn('data', 'varchar', (col) => col.notNull())\n .addPrimaryKeyConstraint('authorized_client_pk', ['did', 'clientId'])\n .addForeignKeyConstraint(\n 'authorized_client_did_fk',\n ['did'],\n 'account',\n ['did'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .execute()\n\n // We don't migrate the \"device_account\" authorized clients. Users will need\n // to reauthorize the client during the next oauth flow (minor inconvenience\n // for authenticated clients users).\n}\n\nexport async function down(db: Kysely<unknown>): Promise<void> {\n await db.schema.dropTable('authorized_client').execute()\n await db.schema.dropTable('account_device').execute()\n}\n"]}
@@ -1,9 +1,9 @@
1
1
  import { Selectable } from 'kysely';
2
- import { ClientAuth, ClientAuthLegacy, Code, DeviceId, OAuthAuthorizationRequestParameters, OAuthClientId, RequestId } from '@atproto/oauth-provider';
2
+ import { ClientAuth, ClientAuthLegacy, Code, DeviceId, Did, OAuthAuthorizationRequestParameters, OAuthClientId, RequestId } from '@atproto/oauth-provider';
3
3
  import { DateISO, JsonEncoded } from '../../../db/index.js';
4
4
  export interface AuthorizationRequest {
5
5
  id: RequestId;
6
- did: string | null;
6
+ did: Did | null;
7
7
  deviceId: DeviceId | null;
8
8
  clientId: OAuthClientId;
9
9
  clientAuth: JsonEncoded<null | ClientAuth | ClientAuthLegacy>;
@@ -1 +1 @@
1
- {"version":3,"file":"authorization-request.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorization-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,IAAI,EACJ,QAAQ,EACR,mCAAmC,EACnC,aAAa,EACb,SAAS,EACV,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAE3D,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,SAAS,CAAA;IACb,GAAG,EAAE,MAAM,GAAG,IAAI,CAAA;IAClB,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;IAEzB,QAAQ,EAAE,aAAa,CAAA;IACvB,UAAU,EAAE,WAAW,CAAC,IAAI,GAAG,UAAU,GAAG,gBAAgB,CAAC,CAAA;IAC7D,UAAU,EAAE,WAAW,CAAC,mCAAmC,CAAC,CAAA;IAC5D,SAAS,EAAE,OAAO,CAAA;IAClB,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;CAClB;AAED,MAAM,MAAM,yBAAyB,GAAG,UAAU,CAAC,oBAAoB,CAAC,CAAA;AAExE,eAAO,MAAM,SAAS,0BAA0B,CAAA;AAEhD,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,oBAAoB,CAAA;CAAE,CAAA"}
1
+ {"version":3,"file":"authorization-request.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorization-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,IAAI,EACJ,QAAQ,EACR,GAAG,EACH,mCAAmC,EACnC,aAAa,EACb,SAAS,EACV,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAE3D,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,SAAS,CAAA;IACb,GAAG,EAAE,GAAG,GAAG,IAAI,CAAA;IACf,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;IAEzB,QAAQ,EAAE,aAAa,CAAA;IACvB,UAAU,EAAE,WAAW,CAAC,IAAI,GAAG,UAAU,GAAG,gBAAgB,CAAC,CAAA;IAC7D,UAAU,EAAE,WAAW,CAAC,mCAAmC,CAAC,CAAA;IAC5D,SAAS,EAAE,OAAO,CAAA;IAClB,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;CAClB;AAED,MAAM,MAAM,yBAAyB,GAAG,UAAU,CAAC,oBAAoB,CAAC,CAAA;AAExE,eAAO,MAAM,SAAS,0BAA0B,CAAA;AAEhD,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,oBAAoB,CAAA;CAAE,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"authorization-request.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorization-request.ts"],"names":[],"mappings":"AA0BA,MAAM,CAAC,MAAM,SAAS,GAAG,uBAAuB,CAAA","sourcesContent":["import { Selectable } from 'kysely'\nimport {\n ClientAuth,\n ClientAuthLegacy,\n Code,\n DeviceId,\n OAuthAuthorizationRequestParameters,\n OAuthClientId,\n RequestId,\n} from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/index.js'\n\nexport interface AuthorizationRequest {\n id: RequestId\n did: string | null\n deviceId: DeviceId | null\n\n clientId: OAuthClientId\n clientAuth: JsonEncoded<null | ClientAuth | ClientAuthLegacy>\n parameters: JsonEncoded<OAuthAuthorizationRequestParameters>\n expiresAt: DateISO\n code: Code | null\n}\n\nexport type AuthorizationRequestEntry = Selectable<AuthorizationRequest>\n\nexport const tableName = 'authorization_request'\n\nexport type PartialDB = { [tableName]: AuthorizationRequest }\n"]}
1
+ {"version":3,"file":"authorization-request.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorization-request.ts"],"names":[],"mappings":"AA2BA,MAAM,CAAC,MAAM,SAAS,GAAG,uBAAuB,CAAA","sourcesContent":["import { Selectable } from 'kysely'\nimport {\n ClientAuth,\n ClientAuthLegacy,\n Code,\n DeviceId,\n Did,\n OAuthAuthorizationRequestParameters,\n OAuthClientId,\n RequestId,\n} from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/index.js'\n\nexport interface AuthorizationRequest {\n id: RequestId\n did: Did | null\n deviceId: DeviceId | null\n\n clientId: OAuthClientId\n clientAuth: JsonEncoded<null | ClientAuth | ClientAuthLegacy>\n parameters: JsonEncoded<OAuthAuthorizationRequestParameters>\n expiresAt: DateISO\n code: Code | null\n}\n\nexport type AuthorizationRequestEntry = Selectable<AuthorizationRequest>\n\nexport const tableName = 'authorization_request'\n\nexport type PartialDB = { [tableName]: AuthorizationRequest }\n"]}
@@ -1,8 +1,8 @@
1
1
  import { Selectable } from 'kysely';
2
- import { AuthorizedClientData, OAuthClientId } from '@atproto/oauth-provider';
2
+ import { AuthorizedClientData, Did, OAuthClientId } from '@atproto/oauth-provider';
3
3
  import { DateISO, JsonEncoded } from '../../../db/index.js';
4
4
  export interface AuthorizedClient {
5
- did: string;
5
+ did: Did;
6
6
  clientId: OAuthClientId;
7
7
  createdAt: DateISO;
8
8
  updatedAt: DateISO;
@@ -1 +1 @@
1
- {"version":3,"file":"authorized-client.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorized-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EAAE,oBAAoB,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAA;AAC7E,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAE3D,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,MAAM,CAAA;IACX,QAAQ,EAAE,aAAa,CAAA;IAEvB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAElB,IAAI,EAAE,WAAW,CAAC,oBAAoB,CAAC,CAAA;CACxC;AAED,MAAM,MAAM,qBAAqB,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAA;AAEhE,eAAO,MAAM,SAAS,sBAAsB,CAAA;AAE5C,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,gBAAgB,CAAA;CAAE,CAAA"}
1
+ {"version":3,"file":"authorized-client.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorized-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EACL,oBAAoB,EACpB,GAAG,EACH,aAAa,EACd,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAE3D,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,GAAG,CAAA;IACR,QAAQ,EAAE,aAAa,CAAA;IAEvB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAElB,IAAI,EAAE,WAAW,CAAC,oBAAoB,CAAC,CAAA;CACxC;AAED,MAAM,MAAM,qBAAqB,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAA;AAEhE,eAAO,MAAM,SAAS,sBAAsB,CAAA;AAE5C,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,gBAAgB,CAAA;CAAE,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"authorized-client.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorized-client.ts"],"names":[],"mappings":"AAgBA,MAAM,CAAC,MAAM,SAAS,GAAG,mBAAmB,CAAA","sourcesContent":["import { Selectable } from 'kysely'\nimport { AuthorizedClientData, OAuthClientId } from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/index.js'\n\nexport interface AuthorizedClient {\n did: string\n clientId: OAuthClientId\n\n createdAt: DateISO\n updatedAt: DateISO\n\n data: JsonEncoded<AuthorizedClientData>\n}\n\nexport type AuthorizedClientEntry = Selectable<AuthorizedClient>\n\nexport const tableName = 'authorized_client'\n\nexport type PartialDB = { [tableName]: AuthorizedClient }\n"]}
1
+ {"version":3,"file":"authorized-client.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorized-client.ts"],"names":[],"mappings":"AAoBA,MAAM,CAAC,MAAM,SAAS,GAAG,mBAAmB,CAAA","sourcesContent":["import { Selectable } from 'kysely'\nimport {\n AuthorizedClientData,\n Did,\n OAuthClientId,\n} from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/index.js'\n\nexport interface AuthorizedClient {\n did: Did\n clientId: OAuthClientId\n\n createdAt: DateISO\n updatedAt: DateISO\n\n data: JsonEncoded<AuthorizedClientData>\n}\n\nexport type AuthorizedClientEntry = Selectable<AuthorizedClient>\n\nexport const tableName = 'authorized_client'\n\nexport type PartialDB = { [tableName]: AuthorizedClient }\n"]}
@@ -1,9 +1,9 @@
1
1
  import { Generated, Selectable } from 'kysely';
2
- import { ClientAuth, ClientAuthLegacy, Code, DeviceId, OAuthAuthorizationDetails, OAuthAuthorizationRequestParameters, OAuthClientId, RefreshToken, Sub, TokenId } from '@atproto/oauth-provider';
2
+ import { ClientAuth, ClientAuthLegacy, Code, DeviceId, Did, OAuthAuthorizationDetails, OAuthAuthorizationRequestParameters, OAuthClientId, RefreshToken, TokenId } from '@atproto/oauth-provider';
3
3
  import { DateISO, JsonEncoded } from '../../../db/cast.js';
4
4
  export interface Token {
5
5
  id: Generated<number>;
6
- did: Sub;
6
+ did: Did;
7
7
  tokenId: TokenId;
8
8
  createdAt: DateISO;
9
9
  updatedAt: DateISO;
@@ -1 +1 @@
1
- {"version":3,"file":"token.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAC9C,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,IAAI,EACJ,QAAQ,EACR,yBAAyB,EACzB,mCAAmC,EACnC,aAAa,EACb,YAAY,EACZ,GAAG,EACH,OAAO,EACR,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AAE1D,MAAM,WAAW,KAAK;IACpB,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,CAAA;IACrB,GAAG,EAAE,GAAG,CAAA;IAER,OAAO,EAAE,OAAO,CAAA;IAChB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,QAAQ,EAAE,aAAa,CAAA;IACvB,UAAU,EAAE,WAAW,CAAC,UAAU,GAAG,gBAAgB,CAAC,CAAA;IACtD,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;IACzB,UAAU,EAAE,WAAW,CAAC,mCAAmC,CAAC,CAAA;IAC5D,OAAO,EAAE,WAAW,CAAC,yBAAyB,CAAC,GAAG,IAAI,CAAA;IACtD,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;IACjB,mBAAmB,EAAE,YAAY,GAAG,IAAI,CAAA;IACxC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;CACrB;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,CAAC,KAAK,CAAC,CAAA;AAE1C,eAAO,MAAM,SAAS,UAAU,CAAA;AAEhC,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,KAAK,CAAA;CAAE,CAAA"}
1
+ {"version":3,"file":"token.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAC9C,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,IAAI,EACJ,QAAQ,EACR,GAAG,EACH,yBAAyB,EACzB,mCAAmC,EACnC,aAAa,EACb,YAAY,EACZ,OAAO,EACR,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AAE1D,MAAM,WAAW,KAAK;IACpB,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,CAAA;IACrB,GAAG,EAAE,GAAG,CAAA;IAER,OAAO,EAAE,OAAO,CAAA;IAChB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,QAAQ,EAAE,aAAa,CAAA;IACvB,UAAU,EAAE,WAAW,CAAC,UAAU,GAAG,gBAAgB,CAAC,CAAA;IACtD,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;IACzB,UAAU,EAAE,WAAW,CAAC,mCAAmC,CAAC,CAAA;IAC5D,OAAO,EAAE,WAAW,CAAC,yBAAyB,CAAC,GAAG,IAAI,CAAA;IACtD,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;IACjB,mBAAmB,EAAE,YAAY,GAAG,IAAI,CAAA;IACxC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;CACrB;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,CAAC,KAAK,CAAC,CAAA;AAE1C,eAAO,MAAM,SAAS,UAAU,CAAA;AAEhC,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,KAAK,CAAA;CAAE,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"token.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/token.ts"],"names":[],"mappings":"AAmCA,MAAM,CAAC,MAAM,SAAS,GAAG,OAAO,CAAA","sourcesContent":["import { Generated, Selectable } from 'kysely'\nimport {\n ClientAuth,\n ClientAuthLegacy,\n Code,\n DeviceId,\n OAuthAuthorizationDetails,\n OAuthAuthorizationRequestParameters,\n OAuthClientId,\n RefreshToken,\n Sub,\n TokenId,\n} from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/cast.js'\n\nexport interface Token {\n id: Generated<number>\n did: Sub\n\n tokenId: TokenId\n createdAt: DateISO\n updatedAt: DateISO\n expiresAt: DateISO\n clientId: OAuthClientId\n clientAuth: JsonEncoded<ClientAuth | ClientAuthLegacy>\n deviceId: DeviceId | null\n parameters: JsonEncoded<OAuthAuthorizationRequestParameters>\n details: JsonEncoded<OAuthAuthorizationDetails> | null\n code: Code | null\n currentRefreshToken: RefreshToken | null\n scope: string | null\n}\n\nexport type TokenEntry = Selectable<Token>\n\nexport const tableName = 'token'\n\nexport type PartialDB = { [tableName]: Token }\n"]}
1
+ {"version":3,"file":"token.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/token.ts"],"names":[],"mappings":"AAmCA,MAAM,CAAC,MAAM,SAAS,GAAG,OAAO,CAAA","sourcesContent":["import { Generated, Selectable } from 'kysely'\nimport {\n ClientAuth,\n ClientAuthLegacy,\n Code,\n DeviceId,\n Did,\n OAuthAuthorizationDetails,\n OAuthAuthorizationRequestParameters,\n OAuthClientId,\n RefreshToken,\n TokenId,\n} from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/cast.js'\n\nexport interface Token {\n id: Generated<number>\n did: Did\n\n tokenId: TokenId\n createdAt: DateISO\n updatedAt: DateISO\n expiresAt: DateISO\n clientId: OAuthClientId\n clientAuth: JsonEncoded<ClientAuth | ClientAuthLegacy>\n deviceId: DeviceId | null\n parameters: JsonEncoded<OAuthAuthorizationRequestParameters>\n details: JsonEncoded<OAuthAuthorizationDetails> | null\n code: Code | null\n currentRefreshToken: RefreshToken | null\n scope: string | null\n}\n\nexport type TokenEntry = Selectable<Token>\n\nexport const tableName = 'token'\n\nexport type PartialDB = { [tableName]: Token }\n"]}
@@ -1,8 +1,8 @@
1
- import { DeviceId } from '@atproto/oauth-provider';
1
+ import { DeviceId, Did } from '@atproto/oauth-provider';
2
2
  import { AccountDb } from '../db/index.js';
3
3
  export declare function upsertQB(db: AccountDb, deviceId: DeviceId, did: string): import("kysely").InsertQueryBuilder<import("../db/index.js").DatabaseSchema, "account_device", import("kysely").InsertResult>;
4
4
  export declare function selectQB(db: AccountDb, filter: {
5
- sub?: string;
5
+ did?: Did;
6
6
  deviceId?: DeviceId;
7
7
  }): import("kysely").SelectQueryBuilder<{
8
8
  account: import("kysely").Nullable<import("../db/index.js").Account>;
@@ -20,198 +20,25 @@ export declare function selectQB(db: AccountDb, filter: {
20
20
  repo_root: import("../db/index.js").RepoRoot;
21
21
  token: import("../db/index.js").Token;
22
22
  used_refresh_token: import("../db/index.js").UsedRefreshToken;
23
- }, "account" | "account_device" | "actor" | "device", import("kysely/dist/esm/util/type-utils.js").MergePartial<import("kysely/dist/esm/util/type-utils.js").MergePartial<Partial<Omit<{}, never>> & Partial<Omit<Partial<Omit<{}, never>>, never>> & import("kysely").Selection<{
24
- account: import("kysely").Nullable<import("../db/index.js").Account>;
25
- account_device: import("../db/index.js").AccountDevice;
26
- actor: import("../db/index.js").Actor;
27
- app_password: import("../db/index.js").AppPassword;
28
- authorization_request: import("../db/index.js").AuthorizationRequest;
29
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
30
- device: import("../db/index.js").Device;
31
- email_token: import("../db/index.js").EmailToken;
32
- invite_code: import("../db/index.js").InviteCode;
33
- invite_code_use: import("../db/index.js").InviteCodeUse;
34
- lexicon: import("../db/index.js").Lexicon;
35
- refresh_token: import("../db/index.js").RefreshToken;
36
- repo_root: import("../db/index.js").RepoRoot;
37
- token: import("../db/index.js").Token;
38
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
39
- }, "account" | "actor", "account.email" | "account.emailConfirmedAt" | "account.invitesDisabled" | "actor.createdAt" | "actor.deactivatedAt" | "actor.deleteAfter" | "actor.did" | "actor.handle" | "actor.takedownRef"> & import("kysely").Selection<{
40
- account: import("kysely").Nullable<import("../db/index.js").Account>;
41
- account_device: import("../db/index.js").AccountDevice;
42
- actor: import("../db/index.js").Actor;
43
- app_password: import("../db/index.js").AppPassword;
44
- authorization_request: import("../db/index.js").AuthorizationRequest;
45
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
46
- device: import("../db/index.js").Device;
47
- email_token: import("../db/index.js").EmailToken;
48
- invite_code: import("../db/index.js").InviteCode;
49
- invite_code_use: import("../db/index.js").InviteCodeUse;
50
- lexicon: import("../db/index.js").Lexicon;
51
- refresh_token: import("../db/index.js").RefreshToken;
52
- repo_root: import("../db/index.js").RepoRoot;
53
- token: import("../db/index.js").Token;
54
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
55
- }, "account" | "account_device" | "actor", "account_device.createdAt as adCreatedAt" | "account_device.deviceId" | "account_device.updatedAt as adUpdatedAt"> & import("kysely").Selection<{
56
- account: import("kysely").Nullable<import("../db/index.js").Account>;
57
- account_device: import("../db/index.js").AccountDevice;
58
- actor: import("../db/index.js").Actor;
59
- app_password: import("../db/index.js").AppPassword;
60
- authorization_request: import("../db/index.js").AuthorizationRequest;
61
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
62
- device: import("../db/index.js").Device;
63
- email_token: import("../db/index.js").EmailToken;
64
- invite_code: import("../db/index.js").InviteCode;
65
- invite_code_use: import("../db/index.js").InviteCodeUse;
66
- lexicon: import("../db/index.js").Lexicon;
67
- refresh_token: import("../db/index.js").RefreshToken;
68
- repo_root: import("../db/index.js").RepoRoot;
69
- token: import("../db/index.js").Token;
70
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
71
- }, "account" | "account_device" | "actor" | "device", "device.ipAddress" | "device.lastSeenAt" | "device.sessionId" | "device.userAgent">, Partial<Omit<{}, never>> & Partial<Omit<Partial<Omit<{}, never>>, never>> & import("kysely").Selection<{
72
- account: import("kysely").Nullable<import("../db/index.js").Account>;
73
- account_device: import("../db/index.js").AccountDevice;
74
- actor: import("../db/index.js").Actor;
75
- app_password: import("../db/index.js").AppPassword;
76
- authorization_request: import("../db/index.js").AuthorizationRequest;
77
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
78
- device: import("../db/index.js").Device;
79
- email_token: import("../db/index.js").EmailToken;
80
- invite_code: import("../db/index.js").InviteCode;
81
- invite_code_use: import("../db/index.js").InviteCodeUse;
82
- lexicon: import("../db/index.js").Lexicon;
83
- refresh_token: import("../db/index.js").RefreshToken;
84
- repo_root: import("../db/index.js").RepoRoot;
85
- token: import("../db/index.js").Token;
86
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
87
- }, "account" | "actor", "account.email" | "account.emailConfirmedAt" | "account.invitesDisabled" | "actor.createdAt" | "actor.deactivatedAt" | "actor.deleteAfter" | "actor.did" | "actor.handle" | "actor.takedownRef"> & import("kysely").Selection<{
88
- account: import("kysely").Nullable<import("../db/index.js").Account>;
89
- account_device: import("../db/index.js").AccountDevice;
90
- actor: import("../db/index.js").Actor;
91
- app_password: import("../db/index.js").AppPassword;
92
- authorization_request: import("../db/index.js").AuthorizationRequest;
93
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
94
- device: import("../db/index.js").Device;
95
- email_token: import("../db/index.js").EmailToken;
96
- invite_code: import("../db/index.js").InviteCode;
97
- invite_code_use: import("../db/index.js").InviteCodeUse;
98
- lexicon: import("../db/index.js").Lexicon;
99
- refresh_token: import("../db/index.js").RefreshToken;
100
- repo_root: import("../db/index.js").RepoRoot;
101
- token: import("../db/index.js").Token;
102
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
103
- }, "account" | "account_device" | "actor", "account_device.createdAt as adCreatedAt" | "account_device.deviceId" | "account_device.updatedAt as adUpdatedAt"> & import("kysely").Selection<{
104
- account: import("kysely").Nullable<import("../db/index.js").Account>;
105
- account_device: import("../db/index.js").AccountDevice;
106
- actor: import("../db/index.js").Actor;
107
- app_password: import("../db/index.js").AppPassword;
108
- authorization_request: import("../db/index.js").AuthorizationRequest;
109
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
110
- device: import("../db/index.js").Device;
111
- email_token: import("../db/index.js").EmailToken;
112
- invite_code: import("../db/index.js").InviteCode;
113
- invite_code_use: import("../db/index.js").InviteCodeUse;
114
- lexicon: import("../db/index.js").Lexicon;
115
- refresh_token: import("../db/index.js").RefreshToken;
116
- repo_root: import("../db/index.js").RepoRoot;
117
- token: import("../db/index.js").Token;
118
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
119
- }, "account" | "account_device" | "actor" | "device", "device.ipAddress" | "device.lastSeenAt" | "device.sessionId" | "device.userAgent">>, import("kysely/dist/esm/util/type-utils.js").MergePartial<Partial<Omit<{}, never>> & Partial<Omit<Partial<Omit<{}, never>>, never>> & import("kysely").Selection<{
120
- account: import("kysely").Nullable<import("../db/index.js").Account>;
121
- account_device: import("../db/index.js").AccountDevice;
122
- actor: import("../db/index.js").Actor;
123
- app_password: import("../db/index.js").AppPassword;
124
- authorization_request: import("../db/index.js").AuthorizationRequest;
125
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
126
- device: import("../db/index.js").Device;
127
- email_token: import("../db/index.js").EmailToken;
128
- invite_code: import("../db/index.js").InviteCode;
129
- invite_code_use: import("../db/index.js").InviteCodeUse;
130
- lexicon: import("../db/index.js").Lexicon;
131
- refresh_token: import("../db/index.js").RefreshToken;
132
- repo_root: import("../db/index.js").RepoRoot;
133
- token: import("../db/index.js").Token;
134
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
135
- }, "account" | "actor", "account.email" | "account.emailConfirmedAt" | "account.invitesDisabled" | "actor.createdAt" | "actor.deactivatedAt" | "actor.deleteAfter" | "actor.did" | "actor.handle" | "actor.takedownRef"> & import("kysely").Selection<{
136
- account: import("kysely").Nullable<import("../db/index.js").Account>;
137
- account_device: import("../db/index.js").AccountDevice;
138
- actor: import("../db/index.js").Actor;
139
- app_password: import("../db/index.js").AppPassword;
140
- authorization_request: import("../db/index.js").AuthorizationRequest;
141
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
142
- device: import("../db/index.js").Device;
143
- email_token: import("../db/index.js").EmailToken;
144
- invite_code: import("../db/index.js").InviteCode;
145
- invite_code_use: import("../db/index.js").InviteCodeUse;
146
- lexicon: import("../db/index.js").Lexicon;
147
- refresh_token: import("../db/index.js").RefreshToken;
148
- repo_root: import("../db/index.js").RepoRoot;
149
- token: import("../db/index.js").Token;
150
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
151
- }, "account" | "account_device" | "actor", "account_device.createdAt as adCreatedAt" | "account_device.deviceId" | "account_device.updatedAt as adUpdatedAt"> & import("kysely").Selection<{
152
- account: import("kysely").Nullable<import("../db/index.js").Account>;
153
- account_device: import("../db/index.js").AccountDevice;
154
- actor: import("../db/index.js").Actor;
155
- app_password: import("../db/index.js").AppPassword;
156
- authorization_request: import("../db/index.js").AuthorizationRequest;
157
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
158
- device: import("../db/index.js").Device;
159
- email_token: import("../db/index.js").EmailToken;
160
- invite_code: import("../db/index.js").InviteCode;
161
- invite_code_use: import("../db/index.js").InviteCodeUse;
162
- lexicon: import("../db/index.js").Lexicon;
163
- refresh_token: import("../db/index.js").RefreshToken;
164
- repo_root: import("../db/index.js").RepoRoot;
165
- token: import("../db/index.js").Token;
166
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
167
- }, "account" | "account_device" | "actor" | "device", "device.ipAddress" | "device.lastSeenAt" | "device.sessionId" | "device.userAgent">, Partial<Omit<{}, never>> & Partial<Omit<Partial<Omit<{}, never>>, never>> & import("kysely").Selection<{
168
- account: import("kysely").Nullable<import("../db/index.js").Account>;
169
- account_device: import("../db/index.js").AccountDevice;
170
- actor: import("../db/index.js").Actor;
171
- app_password: import("../db/index.js").AppPassword;
172
- authorization_request: import("../db/index.js").AuthorizationRequest;
173
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
174
- device: import("../db/index.js").Device;
175
- email_token: import("../db/index.js").EmailToken;
176
- invite_code: import("../db/index.js").InviteCode;
177
- invite_code_use: import("../db/index.js").InviteCodeUse;
178
- lexicon: import("../db/index.js").Lexicon;
179
- refresh_token: import("../db/index.js").RefreshToken;
180
- repo_root: import("../db/index.js").RepoRoot;
181
- token: import("../db/index.js").Token;
182
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
183
- }, "account" | "actor", "account.email" | "account.emailConfirmedAt" | "account.invitesDisabled" | "actor.createdAt" | "actor.deactivatedAt" | "actor.deleteAfter" | "actor.did" | "actor.handle" | "actor.takedownRef"> & import("kysely").Selection<{
184
- account: import("kysely").Nullable<import("../db/index.js").Account>;
185
- account_device: import("../db/index.js").AccountDevice;
186
- actor: import("../db/index.js").Actor;
187
- app_password: import("../db/index.js").AppPassword;
188
- authorization_request: import("../db/index.js").AuthorizationRequest;
189
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
190
- device: import("../db/index.js").Device;
191
- email_token: import("../db/index.js").EmailToken;
192
- invite_code: import("../db/index.js").InviteCode;
193
- invite_code_use: import("../db/index.js").InviteCodeUse;
194
- lexicon: import("../db/index.js").Lexicon;
195
- refresh_token: import("../db/index.js").RefreshToken;
196
- repo_root: import("../db/index.js").RepoRoot;
197
- token: import("../db/index.js").Token;
198
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
199
- }, "account" | "account_device" | "actor", "account_device.createdAt as adCreatedAt" | "account_device.deviceId" | "account_device.updatedAt as adUpdatedAt"> & import("kysely").Selection<{
200
- account: import("kysely").Nullable<import("../db/index.js").Account>;
201
- account_device: import("../db/index.js").AccountDevice;
202
- actor: import("../db/index.js").Actor;
203
- app_password: import("../db/index.js").AppPassword;
204
- authorization_request: import("../db/index.js").AuthorizationRequest;
205
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
206
- device: import("../db/index.js").Device;
207
- email_token: import("../db/index.js").EmailToken;
208
- invite_code: import("../db/index.js").InviteCode;
209
- invite_code_use: import("../db/index.js").InviteCodeUse;
210
- lexicon: import("../db/index.js").Lexicon;
211
- refresh_token: import("../db/index.js").RefreshToken;
212
- repo_root: import("../db/index.js").RepoRoot;
213
- token: import("../db/index.js").Token;
214
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
215
- }, "account" | "account_device" | "actor" | "device", "device.ipAddress" | "device.lastSeenAt" | "device.sessionId" | "device.userAgent">>>>;
216
- export declare function removeQB(db: AccountDb, deviceId: DeviceId, did: string): import("kysely").DeleteQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "account_device">, "account_device", import("kysely").DeleteResult>;
23
+ }, "account" | "account_device" | "actor" | "device", Partial<Omit<unknown, never>> & {
24
+ createdAt: string;
25
+ deactivatedAt: string | null;
26
+ deleteAfter: string | null;
27
+ did: `did:${string}:${string}`;
28
+ email: string | null;
29
+ emailConfirmedAt: import("@atproto/syntax").DatetimeString | null;
30
+ handle: `${string}.${string}` | null;
31
+ invitesDisabled: 0 | 1 | null;
32
+ takedownRef: string | null;
33
+ } & {
34
+ adCreatedAt: `${string}T${string}Z`;
35
+ adUpdatedAt: `${string}T${string}Z`;
36
+ deviceId: `dev-${string}`;
37
+ } & {
38
+ ipAddress: string;
39
+ lastSeenAt: `${string}T${string}Z`;
40
+ sessionId: `ses-${string}`;
41
+ userAgent: string | null;
42
+ } & Partial<Omit<unknown, "adCreatedAt" | "adUpdatedAt" | "createdAt" | "deactivatedAt" | "deleteAfter" | "deviceId" | "did" | "email" | "emailConfirmedAt" | "handle" | "invitesDisabled" | "ipAddress" | "lastSeenAt" | "sessionId" | "takedownRef" | "userAgent">>>;
43
+ export declare function removeQB(db: AccountDb, deviceId: DeviceId, did: string): import("kysely").DeleteQueryBuilder<import("../db/index.js").DatabaseSchema, "account_device", import("kysely").DeleteResult>;
217
44
  //# sourceMappingURL=account-device.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"account-device.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/account-device.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AAGlD,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAG1C,wBAAgB,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,iIAiBtE;AAED,wBAAgB,QAAQ,CACtB,EAAE,EAAE,SAAS,EACb,MAAM,EAAE;IACN,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,QAAQ,CAAC,EAAE,QAAQ,CAAA;CACpB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;6IA8BF;AAED,wBAAgB,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,0MAKtE"}
1
+ {"version":3,"file":"account-device.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/account-device.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAEvD,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAG1C,wBAAgB,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,iIAiBtE;AAED,wBAAgB,QAAQ,CACtB,EAAE,EAAE,SAAS,EACb,MAAM,EAAE;IAAE,GAAG,CAAC,EAAE,GAAG,CAAC;IAAC,QAAQ,CAAC,EAAE,QAAQ,CAAA;CAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;uQA4B3C;AAED,wBAAgB,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,iIAKtE"}
@@ -18,7 +18,7 @@ export function upsertQB(db, deviceId, did) {
18
18
  }));
19
19
  }
20
20
  export function selectQB(db, filter) {
21
- assert(filter.sub != null || filter.deviceId != null, 'Either sub or deviceId must be provided');
21
+ assert(filter.did != null || filter.deviceId != null, 'Either sub or deviceId must be provided');
22
22
  return (selectAccountQB(db, { includeDeactivated: true })
23
23
  // note: query planner should use "account_device_pk" index
24
24
  .innerJoin('account_device', 'account_device.did', 'actor.did')
@@ -34,8 +34,8 @@ export function selectQB(db, filter) {
34
34
  'device.ipAddress',
35
35
  'device.lastSeenAt',
36
36
  ])
37
- .if(filter.sub != null, (qb) => qb.where('actor.did', '=', filter.sub))
38
- .if(filter.deviceId != null, (qb) => qb.where('account_device.deviceId', '=', filter.deviceId)));
37
+ .$if(filter.did != null, (qb) => qb.where('actor.did', '=', filter.did))
38
+ .$if(filter.deviceId != null, (qb) => qb.where('account_device.deviceId', '=', filter.deviceId)));
39
39
  }
40
40
  export function removeQB(db, deviceId, did) {
41
41
  return db.db
@@ -1 +1 @@
1
- {"version":3,"file":"account-device.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/account-device.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAA;AAGhC,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAE9C,MAAM,UAAU,QAAQ,CAAC,EAAa,EAAE,QAAkB,EAAE,GAAW;IACrE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IAEtB,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,gBAAgB,CAAC;SAC5B,MAAM,CAAC;QACN,GAAG;QACH,QAAQ;QACR,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;QACzB,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;KAC1B,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE;IACjB,UAAU;IACV,EAAE,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC;QAC1C,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;KAC1B,CAAC,CACH,CAAA;AACL,CAAC;AAED,MAAM,UAAU,QAAQ,CACtB,EAAa,EACb,MAGC;IAED,MAAM,CACJ,MAAM,CAAC,GAAG,IAAI,IAAI,IAAI,MAAM,CAAC,QAAQ,IAAI,IAAI,EAC7C,yCAAyC,CAC1C,CAAA;IAED,OAAO,CACL,eAAe,CAAC,EAAE,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC;QAC/C,2DAA2D;SAC1D,SAAS,CAAC,gBAAgB,EAAE,oBAAoB,EAAE,WAAW,CAAC;SAC9D,MAAM,CAAC;QACN,yBAAyB;QACzB,yCAAyC;QACzC,yCAAyC;KAC1C,CAAC;SACD,SAAS,CAAC,QAAQ,EAAE,WAAW,EAAE,yBAAyB,CAAC;SAC3D,MAAM,CAAC;QACN,kBAAkB;QAClB,kBAAkB;QAClB,kBAAkB;QAClB,mBAAmB;KACpB,CAAC;SACD,EAAE,CAAC,MAAM,CAAC,GAAG,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAC7B,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,CAAC,GAAiB,CAAC,CACrD;SACA,EAAE,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAClC,EAAE,CAAC,KAAK,CAAC,yBAAyB,EAAE,GAAG,EAAE,MAAM,CAAC,QAAS,CAAC,CAC3D,CACJ,CAAA;AACH,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,EAAa,EAAE,QAAkB,EAAE,GAAW;IACrE,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,gBAAgB,CAAC;SAC5B,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,QAAQ,CAAC;SAChC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;AAC3B,CAAC","sourcesContent":["import assert from 'node:assert'\nimport { DeviceId } from '@atproto/oauth-provider'\nimport { DidString } from '@atproto/syntax'\nimport { toDateISO } from '../../db/index.js'\nimport { AccountDb } from '../db/index.js'\nimport { selectAccountQB } from './account.js'\n\nexport function upsertQB(db: AccountDb, deviceId: DeviceId, did: string) {\n const now = new Date()\n\n return db.db\n .insertInto('account_device')\n .values({\n did,\n deviceId,\n createdAt: toDateISO(now),\n updatedAt: toDateISO(now),\n })\n .onConflict((oc) =>\n // uses pk\n oc.columns(['deviceId', 'did']).doUpdateSet({\n updatedAt: toDateISO(now),\n }),\n )\n}\n\nexport function selectQB(\n db: AccountDb,\n filter: {\n sub?: string\n deviceId?: DeviceId\n },\n) {\n assert(\n filter.sub != null || filter.deviceId != null,\n 'Either sub or deviceId must be provided',\n )\n\n return (\n selectAccountQB(db, { includeDeactivated: true })\n // note: query planner should use \"account_device_pk\" index\n .innerJoin('account_device', 'account_device.did', 'actor.did')\n .select([\n 'account_device.deviceId',\n 'account_device.createdAt as adCreatedAt',\n 'account_device.updatedAt as adUpdatedAt',\n ])\n .innerJoin('device', 'device.id', 'account_device.deviceId')\n .select([\n 'device.sessionId',\n 'device.userAgent',\n 'device.ipAddress',\n 'device.lastSeenAt',\n ])\n .if(filter.sub != null, (qb) =>\n qb.where('actor.did', '=', filter.sub! as DidString),\n )\n .if(filter.deviceId != null, (qb) =>\n qb.where('account_device.deviceId', '=', filter.deviceId!),\n )\n )\n}\n\nexport function removeQB(db: AccountDb, deviceId: DeviceId, did: string) {\n return db.db\n .deleteFrom('account_device')\n .where('deviceId', '=', deviceId)\n .where('did', '=', did)\n}\n"]}
1
+ {"version":3,"file":"account-device.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/account-device.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAA;AAEhC,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAE9C,MAAM,UAAU,QAAQ,CAAC,EAAa,EAAE,QAAkB,EAAE,GAAW;IACrE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IAEtB,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,gBAAgB,CAAC;SAC5B,MAAM,CAAC;QACN,GAAG;QACH,QAAQ;QACR,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;QACzB,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;KAC1B,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE;IACjB,UAAU;IACV,EAAE,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC;QAC1C,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;KAC1B,CAAC,CACH,CAAA;AACL,CAAC;AAED,MAAM,UAAU,QAAQ,CACtB,EAAa,EACb,MAA0C;IAE1C,MAAM,CACJ,MAAM,CAAC,GAAG,IAAI,IAAI,IAAI,MAAM,CAAC,QAAQ,IAAI,IAAI,EAC7C,yCAAyC,CAC1C,CAAA;IAED,OAAO,CACL,eAAe,CAAC,EAAE,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC;QAC/C,2DAA2D;SAC1D,SAAS,CAAC,gBAAgB,EAAE,oBAAoB,EAAE,WAAW,CAAC;SAC9D,MAAM,CAAC;QACN,yBAAyB;QACzB,yCAAyC;QACzC,yCAAyC;KAC1C,CAAC;SACD,SAAS,CAAC,QAAQ,EAAE,WAAW,EAAE,yBAAyB,CAAC;SAC3D,MAAM,CAAC;QACN,kBAAkB;QAClB,kBAAkB;QAClB,kBAAkB;QAClB,mBAAmB;KACpB,CAAC;SACD,GAAG,CAAC,MAAM,CAAC,GAAG,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,CAAC,GAAI,CAAC,CAAC;SACxE,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CACnC,EAAE,CAAC,KAAK,CAAC,yBAAyB,EAAE,GAAG,EAAE,MAAM,CAAC,QAAS,CAAC,CAC3D,CACJ,CAAA;AACH,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,EAAa,EAAE,QAAkB,EAAE,GAAW;IACrE,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,gBAAgB,CAAC;SAC5B,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,QAAQ,CAAC;SAChC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;AAC3B,CAAC","sourcesContent":["import assert from 'node:assert'\nimport { DeviceId, Did } from '@atproto/oauth-provider'\nimport { toDateISO } from '../../db/index.js'\nimport { AccountDb } from '../db/index.js'\nimport { selectAccountQB } from './account.js'\n\nexport function upsertQB(db: AccountDb, deviceId: DeviceId, did: string) {\n const now = new Date()\n\n return db.db\n .insertInto('account_device')\n .values({\n did,\n deviceId,\n createdAt: toDateISO(now),\n updatedAt: toDateISO(now),\n })\n .onConflict((oc) =>\n // uses pk\n oc.columns(['deviceId', 'did']).doUpdateSet({\n updatedAt: toDateISO(now),\n }),\n )\n}\n\nexport function selectQB(\n db: AccountDb,\n filter: { did?: Did; deviceId?: DeviceId },\n) {\n assert(\n filter.did != null || filter.deviceId != null,\n 'Either sub or deviceId must be provided',\n )\n\n return (\n selectAccountQB(db, { includeDeactivated: true })\n // note: query planner should use \"account_device_pk\" index\n .innerJoin('account_device', 'account_device.did', 'actor.did')\n .select([\n 'account_device.deviceId',\n 'account_device.createdAt as adCreatedAt',\n 'account_device.updatedAt as adUpdatedAt',\n ])\n .innerJoin('device', 'device.id', 'account_device.deviceId')\n .select([\n 'device.sessionId',\n 'device.userAgent',\n 'device.ipAddress',\n 'device.lastSeenAt',\n ])\n .$if(filter.did != null, (qb) => qb.where('actor.did', '=', filter.did!))\n .$if(filter.deviceId != null, (qb) =>\n qb.where('account_device.deviceId', '=', filter.deviceId!),\n )\n )\n}\n\nexport function removeQB(db: AccountDb, deviceId: DeviceId, did: string) {\n return db.db\n .deleteFrom('account_device')\n .where('deviceId', '=', deviceId)\n .where('did', '=', did)\n}\n"]}
@@ -21,7 +21,7 @@ export declare enum AccountStatus {
21
21
  Deleted = "deleted",
22
22
  Deactivated = "deactivated"
23
23
  }
24
- export declare const selectAccountQB: (db: AccountDb, flags?: AvailabilityFlags) => import("kysely").QueryBuilderWithSelection<{
24
+ export declare const selectAccountQB: (db: AccountDb, flags?: AvailabilityFlags) => import("kysely").SelectQueryBuilder<{
25
25
  account: import("kysely").Nullable<import("../db/index.js").Account>;
26
26
  account_device: import("../db/index.js").AccountDevice;
27
27
  actor: import("../db/index.js").Actor;
@@ -37,7 +37,17 @@ export declare const selectAccountQB: (db: AccountDb, flags?: AvailabilityFlags)
37
37
  repo_root: import("../db/index.js").RepoRoot;
38
38
  token: import("../db/index.js").Token;
39
39
  used_refresh_token: import("../db/index.js").UsedRefreshToken;
40
- }, "account" | "actor", import("kysely/dist/esm/util/type-utils.js").MergePartial<Partial<Omit<{}, never>>, Partial<Omit<{}, never>>>, "account.email" | "account.emailConfirmedAt" | "account.invitesDisabled" | "actor.createdAt" | "actor.deactivatedAt" | "actor.deleteAfter" | "actor.did" | "actor.handle" | "actor.takedownRef">;
40
+ }, "account" | "actor", Partial<Omit<unknown, never>> & {
41
+ createdAt: string;
42
+ deactivatedAt: string | null;
43
+ deleteAfter: string | null;
44
+ did: `did:${string}:${string}`;
45
+ email: string | null;
46
+ emailConfirmedAt: DatetimeString | null;
47
+ handle: `${string}.${string}` | null;
48
+ invitesDisabled: 0 | 1 | null;
49
+ takedownRef: string | null;
50
+ }>;
41
51
  export declare const getAccount: (db: AccountDb, handleOrDid: AtIdentifierString, flags?: AvailabilityFlags) => Promise<ActorAccount | null>;
42
52
  export declare const getAccounts: (db: AccountDb, dids: DidString[], flags?: AvailabilityFlags) => Promise<Map<string, ActorAccount>>;
43
53
  export declare const getAccountByEmail: (db: AccountDb, email: string, flags?: AvailabilityFlags) => Promise<ActorAccount | null>;
@@ -60,8 +70,8 @@ export declare const getAccountAdminStatus: (db: AccountDb, did: DidString) => P
60
70
  deactivated: com.atproto.admin.defs.StatusAttr;
61
71
  } | null>;
62
72
  export declare const updateAccountTakedownStatus: (db: AccountDb, did: DidString, takedown: com.atproto.admin.defs.StatusAttr) => Promise<void>;
63
- export declare const deactivateAccount: (db: AccountDb, did: DidString, deleteAfter: string | null) => Promise<void>;
64
- export declare const activateAccount: (db: AccountDb, did: DidString) => Promise<void>;
73
+ export declare const deactivateAccount: (db: AccountDb, did: DidString, deleteAfter: string | null) => Promise<boolean>;
74
+ export declare const activateAccount: (db: AccountDb, did: DidString, flags?: AvailabilityFlags) => Promise<boolean>;
65
75
  export declare const formatAccountStatus: (account: null | {
66
76
  takedownRef: string | null;
67
77
  deactivatedAt: string | null;
@@ -1 +1 @@
1
- {"version":3,"file":"account.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/account.ts"],"names":[],"mappings":"AACA,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,SAAS,EACT,YAAY,EAGb,MAAM,cAAc,CAAA;AAErB,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAEtD,qBAAa,sBAAuB,SAAQ,KAAK;IAC/C,IAAI,SAA2B;IAC/B,YACE,OAAO,SAAwE,EAC/E,OAAO,CAAC,EAAE,YAAY,EAGvB;CACF;AAED,MAAM,MAAM,YAAY,GAAG,UAAU,GAAG;IACtC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAA;IAC/B,eAAe,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAC7B,CAAA;AAED,oBAAY,aAAa;IACvB,MAAM,WAAW;IACjB,SAAS,cAAc;IACvB,SAAS,cAAc;IACvB,OAAO,YAAY;IACnB,WAAW,gBAAgB;CAC5B;AAED,eAAO,MAAM,eAAe,OAAQ,SAAS,UAAU,iBAAiB;;;;;;;;;;;;;;;;uUAqBvE,CAAA;AAED,eAAO,MAAM,UAAU,OACjB,SAAS,eACA,kBAAkB,UACvB,iBAAiB,KACxB,OAAO,CAAC,YAAY,GAAG,IAAI,CAW7B,CAAA;AAED,eAAO,MAAM,WAAW,OAClB,SAAS,QACP,SAAS,EAAE,UACT,iBAAiB,KACxB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,CAgBnC,CAAA;AAED,eAAO,MAAM,iBAAiB,OACxB,SAAS,SACN,MAAM,UACL,iBAAiB,KACxB,OAAO,CAAC,YAAY,GAAG,IAAI,CAK7B,CAAA;AAED,eAAO,MAAM,aAAa,OACpB,SAAS,QACP;IACJ,GAAG,EAAE,SAAS,CAAA;IACd,MAAM,EAAE,YAAY,CAAA;IACpB,WAAW,CAAC,EAAE,OAAO,CAAA;CACtB,kBAqBF,CAAA;AAED,eAAO,MAAM,eAAe,OACtB,SAAS,QACP;IACJ,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,CAAA;IACb,cAAc,EAAE,MAAM,CAAA;CACvB,kBAiBF,CAAA;AAED,eAAO,MAAM,aAAa,OACpB,SAAS,OACR,SAAS,KACb,OAAO,CAAC,IAAI,CAkBd,CAAA;AAED,eAAO,MAAM,YAAY,OACnB,SAAS,OACR,SAAS,UACN,YAAY,kBAsBrB,CAAA;AAED,eAAO,MAAM,WAAW,OAClB,SAAS,OACR,SAAS,SACP,MAAM,kBAkBd,CAAA;AAED,eAAO,MAAM,mBAAmB,OAC1B,SAAS,OACR,SAAS,oBACI,cAAc,kBAQjC,CAAA;AAED,eAAO,MAAM,qBAAqB,OAC5B,SAAS,OACR,SAAS,KACb,OAAO,CAAC;IACT,QAAQ,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAA;IAC3C,WAAW,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAA;CAC/C,GAAG,IAAI,CAYP,CAAA;AAED,eAAO,MAAM,2BAA2B,OAClC,SAAS,OACR,SAAS,YACJ,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,kBAQ5C,CAAA;AAED,eAAO,MAAM,iBAAiB,OACxB,SAAS,OACR,SAAS,eACD,MAAM,GAAG,IAAI,kBAW3B,CAAA;AAED,eAAO,MAAM,eAAe,OAAc,SAAS,OAAO,SAAS,kBAUlE,CAAA;AAED,eAAO,MAAM,mBAAmB,YACrB,IAAI,GAAG;IACd,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,aAAa,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7B;;;;;;;;;;;;CAWF,CAAA"}
1
+ {"version":3,"file":"account.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/account.ts"],"names":[],"mappings":"AACA,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,SAAS,EACT,YAAY,EAGb,MAAM,cAAc,CAAA;AAErB,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAEtD,qBAAa,sBAAuB,SAAQ,KAAK;IAC/C,IAAI,SAA2B;IAC/B,YACE,OAAO,SAAwE,EAC/E,OAAO,CAAC,EAAE,YAAY,EAGvB;CACF;AAED,MAAM,MAAM,YAAY,GAAG,UAAU,GAAG;IACtC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAA;IAC/B,eAAe,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAC7B,CAAA;AAED,oBAAY,aAAa;IACvB,MAAM,WAAW;IACjB,SAAS,cAAc;IACvB,SAAS,cAAc;IACvB,OAAO,YAAY;IACnB,WAAW,gBAAgB;CAC5B;AAED,eAAO,MAAM,eAAe,OAAQ,SAAS,UAAU,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;EAuBvE,CAAA;AAED,eAAO,MAAM,UAAU,OACjB,SAAS,eACA,kBAAkB,UACvB,iBAAiB,KACxB,OAAO,CAAC,YAAY,GAAG,IAAI,CAW7B,CAAA;AAED,eAAO,MAAM,WAAW,OAClB,SAAS,QACP,SAAS,EAAE,UACT,iBAAiB,KACxB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,CAgBnC,CAAA;AAED,eAAO,MAAM,iBAAiB,OACxB,SAAS,SACN,MAAM,UACL,iBAAiB,KACxB,OAAO,CAAC,YAAY,GAAG,IAAI,CAK7B,CAAA;AAED,eAAO,MAAM,aAAa,OACpB,SAAS,QACP;IACJ,GAAG,EAAE,SAAS,CAAA;IACd,MAAM,EAAE,YAAY,CAAA;IACpB,WAAW,CAAC,EAAE,OAAO,CAAA;CACtB,kBAqBF,CAAA;AAED,eAAO,MAAM,eAAe,OACtB,SAAS,QACP;IACJ,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,CAAA;IACb,cAAc,EAAE,MAAM,CAAA;CACvB,kBAiBF,CAAA;AAED,eAAO,MAAM,aAAa,OACpB,SAAS,OACR,SAAS,KACb,OAAO,CAAC,IAAI,CAkBd,CAAA;AAED,eAAO,MAAM,YAAY,OACnB,SAAS,OACR,SAAS,UACN,YAAY,kBA0BrB,CAAA;AAED,eAAO,MAAM,WAAW,OAClB,SAAS,OACR,SAAS,SACP,MAAM,kBAkBd,CAAA;AAED,eAAO,MAAM,mBAAmB,OAC1B,SAAS,OACR,SAAS,oBACI,cAAc,kBAQjC,CAAA;AAED,eAAO,MAAM,qBAAqB,OAC5B,SAAS,OACR,SAAS,KACb,OAAO,CAAC;IACT,QAAQ,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAA;IAC3C,WAAW,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAA;CAC/C,GAAG,IAAI,CAYP,CAAA;AAED,eAAO,MAAM,2BAA2B,OAClC,SAAS,OACR,SAAS,YACJ,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,kBAQ5C,CAAA;AAED,eAAO,MAAM,iBAAiB,OACxB,SAAS,OACR,SAAS,eACD,MAAM,GAAG,IAAI,KACzB,OAAO,CAAC,OAAO,CAYjB,CAAA;AAED,eAAO,MAAM,eAAe,OACtB,SAAS,OACR,SAAS,UACN,iBAAiB,KACxB,OAAO,CAAC,OAAO,CAqBjB,CAAA;AAED,eAAO,MAAM,mBAAmB,YACrB,IAAI,GAAG;IACd,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,aAAa,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7B;;;;;;;;;;;;CAWF,CAAA"}
@@ -21,8 +21,8 @@ export const selectAccountQB = (db, flags) => {
21
21
  return db.db
22
22
  .selectFrom('actor')
23
23
  .leftJoin('account', 'actor.did', 'account.did')
24
- .if(!includeTakenDown, (qb) => qb.where(notSoftDeletedClause(ref('actor'))))
25
- .if(!includeDeactivated, (qb) => qb.where('actor.deactivatedAt', 'is', null))
24
+ .$if(!includeTakenDown, (qb) => qb.where(notSoftDeletedClause(ref('actor'))))
25
+ .$if(!includeDeactivated, (qb) => qb.where('actor.deactivatedAt', 'is', null))
26
26
  .select([
27
27
  'actor.did',
28
28
  'actor.handle',
@@ -37,12 +37,12 @@ export const selectAccountQB = (db, flags) => {
37
37
  };
38
38
  export const getAccount = async (db, handleOrDid, flags) => {
39
39
  const found = await selectAccountQB(db, flags)
40
- .where((qb) => {
40
+ .where((eb) => {
41
41
  if (isDidIdentifier(handleOrDid)) {
42
- return qb.where('actor.did', '=', handleOrDid);
42
+ return eb('actor.did', '=', handleOrDid);
43
43
  }
44
44
  else {
45
- return qb.where('actor.handle', '=', handleOrDid);
45
+ return eb('actor.handle', '=', handleOrDid);
46
46
  }
47
47
  })
48
48
  .executeTakeFirst();
@@ -117,11 +117,11 @@ export const updateHandle = async (db, did, handle) => {
117
117
  .updateTable('actor')
118
118
  .set({ handle })
119
119
  .where('did', '=', did)
120
- .whereNotExists(db.db
120
+ .where(({ not, exists }) => not(exists(db.db
121
121
  .selectFrom('actor')
122
122
  .where('handle', '=', handle)
123
123
  .where('did', '!=', did)
124
- .selectAll()));
124
+ .selectAll()))));
125
125
  if (res.numUpdatedRows < 1) {
126
126
  throw new UserAlreadyExistsError('Handle is already in use, please choose a different handle.');
127
127
  }
@@ -170,22 +170,28 @@ export const updateAccountTakedownStatus = async (db, did, takedown) => {
170
170
  await db.executeWithRetry(db.db.updateTable('actor').set({ takedownRef }).where('did', '=', did));
171
171
  };
172
172
  export const deactivateAccount = async (db, did, deleteAfter) => {
173
- await db.executeWithRetry(db.db
173
+ const [res] = await db.executeWithRetry(db.db
174
174
  .updateTable('actor')
175
175
  .set({
176
176
  deactivatedAt: currentDatetimeString(),
177
177
  deleteAfter,
178
178
  })
179
179
  .where('did', '=', did));
180
+ return res.numUpdatedRows > 0;
180
181
  };
181
- export const activateAccount = async (db, did) => {
182
- await db.executeWithRetry(db.db
182
+ export const activateAccount = async (db, did, flags) => {
183
+ const { includeTakenDown = false, includeDeactivated = true } = flags ?? {};
184
+ const { ref } = db.db.dynamic;
185
+ const [res] = await db.executeWithRetry(db.db
183
186
  .updateTable('actor')
184
187
  .set({
185
188
  deactivatedAt: null,
186
189
  deleteAfter: null,
187
190
  })
188
- .where('did', '=', did));
191
+ .where('did', '=', did)
192
+ .$if(!includeTakenDown, (q) => q.where(notSoftDeletedClause(ref('actor'))))
193
+ .$if(!includeDeactivated, (q) => q.where('actor.deactivatedAt', 'is not', null)));
194
+ return res.numUpdatedRows > 0;
189
195
  };
190
196
  export const formatAccountStatus = (account) => {
191
197
  if (!account) {