npm - @authhero/kysely-adapter - Versions diffs - 10.132.4 → 10.134.0 - Mend

@authhero/kysely-adapter 10.132.4 → 10.134.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/kysely-adapter.cjs +14 -14
package/dist/kysely-adapter.d.ts +331 -1
package/dist/kysely-adapter.mjs +1786 -1583
package/package.json +2 -2

package/dist/kysely-adapter.cjs CHANGED Viewed

@@ -1,4 +1,4 @@
-"use strict";var Le=Object.defineProperty;var Ke=(e,t,a)=>t in e?Le(e,t,{enumerable:!0,configurable:!0,writable:!0,value:a}):e[t]=a;var Q=(e,t,a)=>Ke(e,typeof t!="symbol"?t+"":t,a);Object.defineProperties(exports,{__esModule:{value:!0},[Symbol.toStringTag]:{value:"Module"}});const S=require("nanoid"),T=require("@authhero/adapter-interfaces");require("@hono/zod-openapi");const h=require("kysely"),Be=17,Ue={organization:"org_",connection:"con_",action:"act_",hook:"h_",hook_code:"hc_",rule:"rul_",resource_server:"api_",guardian_factor:"gfa_",invite:"inv_"};function R(e){const n=S.customAlphabet("0123456789abcdefghijklmnopqrstuvwxyz",Be)();return`${Ue[e]}${n}`}function Qe(){return R("organization")}function We(){return R("connection")}function Ye(){return R("action")}function He(){return R("hook")}function Ge(){return R("resource_server")}function Xe(){return R("hook_code")}function Ve(){return R("invite")}function Ze(e){return async(t,a)=>{var r;const n=Date.now(),o=Ye();return await e.insertInto("actions").values({id:o,tenant_id:t,name:a.name,code:a.code,runtime:a.runtime||null,status:"built",secrets:a.secrets?JSON.stringify(a.secrets):null,dependencies:a.dependencies?JSON.stringify(a.dependencies):null,supported_triggers:a.supported_triggers?JSON.stringify(a.supported_triggers):null,created_at_ts:n,updated_at_ts:n}).execute(),{id:o,tenant_id:t,name:a.name,code:a.code,runtime:a.runtime,status:"built",secrets:(r=a.secrets)==null?void 0:r.map(s=>({name:s.name})),dependencies:a.dependencies,supported_triggers:a.supported_triggers,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function B(e){if(e!=null){if(typeof e=="number")return new Date(e).toISOString();if(typeof e=="string"){if(e==="")return;const t=parseFloat(e);return!isNaN(t)&&/^\d+(\.\d+)?$/.test(e)?new Date(t).toISOString():e}}}function F(e,t=new Date(0).toISOString()){return B(e)??t}function C(e){if(!e||e==="")return null;const t=new Date(e);return isNaN(t.getTime())?null:t.getTime()}function oe(){return new Date().toISOString()}function D(e,t,a=[]){const n={};for(const o of t){const r=o.replace(/_ts$/,"");n[r]=F(e[o])}for(const o of a){const r=o.replace(/_ts$/,"");n[r]=B(e[o])}return n}function X(e){if(e)try{return JSON.parse(e)}catch{return}}function et(e){return async(t,a)=>{const n=await e.selectFrom("actions").where("actions.tenant_id","=",t).where("actions.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{created_at_ts:o,updated_at_ts:r,deployed_at_ts:s,secrets:i,dependencies:d,supported_triggers:l,tenant_id:m,...c}=n,u=D({created_at_ts:o,updated_at_ts:r},["created_at_ts","updated_at_ts"]);return{...c,tenant_id:t,...u,runtime:c.runtime??void 0,status:c.status||"built",deployed_at:s?new Date(Number(s)).toISOString():void 0,secrets:X(i),dependencies:X(d),supported_triggers:X(l)}}}function ae(e,t){const a=new Set(t),n=r=>{const s=[];let i="",d=!1;for(let m=0;m<r.length;m++){const c=r[m];c==='"'?(d=!d,i+=c):c===" "&&!d?(i.trim()&&s.push(i.trim()),i=""):i+=c}return i.trim()&&s.push(i.trim()),s.filter(m=>{const c=m.replace(/^([^:]+)=/,"$1:"),u=c.startsWith("-")?c.slice(1):c;if(u.startsWith("_exists_:"))return a.has(u.slice(9));const _=u.indexOf(":");return _>0?a.has(u.slice(0,_)):!0}).join(" ")},o=e.split(/ OR /i);return o.length>1?o.map(n).filter(r=>r.length>0).join(" OR "):n(e)}function N(e,t,a,n){const o=a.split(/ OR /i);if(o.length>1)return t.where(l=>{const m=o.map(c=>{const u=c.trim().match(/^([^:]+):(.+)$/);if(u){const[,_,p]=u;if(!_||!p)return null;const f=p.replace(/^"(.*)"$/,"$1");return l(_.trim(),"=",f.trim())}return null}).filter(Boolean);return l.or(m)});const r=[];let s="",i=!1;for(let l=0;l<a.length;l++){const m=a[l];m==='"'?(i=!i,s+=m):m===" "&&!i?s.trim()&&(r.push(s.trim()),s=""):s+=m}return s.trim()&&r.push(s.trim()),r.map(l=>l.replace(/^([^:]+)=/g,"$1:")).map(l=>{let m=l.startsWith("-"),c=null,u="",_=!1,p;if(l.startsWith("-_exists_:"))c=l.substring(10),_=!0,m=!0;else if(l.startsWith("_exists_:"))c=l.substring(9),_=!0,m=!1;else if(l.includes(":")){const f=m?l.substring(1):l,g=f.indexOf(":");c=f.substring(0,g),u=f.substring(g+1),_=!1,u.startsWith(">=")?(p=">=",u=u.substring(2)):u.startsWith(">")?(p=">",u=u.substring(1)):u.startsWith("<=")?(p="<=",u=u.substring(2)):u.startsWith("<")?(p="<",u=u.substring(1)):p="=",u.startsWith('"')&&u.endsWith('"')&&u.length>1&&(u=u.slice(1,-1))}else c=null,u=l,_=!1;return{key:c,value:u,isNegation:m,isExistsQuery:_,operator:p}}).forEach(({key:l,value:m,isNegation:c,isExistsQuery:u,operator:_})=>{if(l)if(u)c?t=t.where(l,"is",null):t=t.where(l,"is not",null);else if(c)switch(_){case">":t=t.where(l,"<=",m);break;case">=":t=t.where(l,"<",m);break;case"<":t=t.where(l,">=",m);break;case"<=":t=t.where(l,">",m);break;default:t=t.where(l,"!=",m)}else t=t.where(l,_,m);else if(m){const{ref:p}=e.dynamic;t=t.where(f=>f.or(n.map(g=>g==="user_id"?f(p(g),"=",m):f(p(g),"like",`%${m}%`))))}}),t}function P(e){return typeof e=="string"?parseInt(e,10):typeof e=="bigint"?Number(e):e}function V(e){if(e)try{return JSON.parse(e)}catch{return}}function tt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("actions").where("actions.tenant_id","=",t);s&&(i=N(e,i,s,["name"]));const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const{created_at_ts:_,updated_at_ts:p,deployed_at_ts:f,secrets:g,dependencies:v,supported_triggers:x,tenant_id:I,...k}=u,A=D({created_at_ts:_,updated_at_ts:p},["created_at_ts","updated_at_ts"]);return{...k,tenant_id:t,...A,runtime:k.runtime??void 0,status:k.status||"built",deployed_at:f?new Date(Number(f)).toISOString():void 0,secrets:V(g),dependencies:V(v),supported_triggers:V(x)}});if(!r)return{actions:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{actions:m,start:n*o,limit:o,length:P(c)}}}function at(e){if(!e)return[];try{const t=JSON.parse(e);return Array.isArray(t)?t:[]}catch{return[]}}function nt(e){return async(t,a,n)=>{const o={updated_at_ts:Date.now()};if(n.name!==void 0&&(o.name=n.name),n.code!==void 0&&(o.code=n.code),n.runtime!==void 0&&(o.runtime=n.runtime),n.secrets!==void 0){const s=await e.selectFrom("actions").where("actions.id","=",a).where("actions.tenant_id","=",t).select("secrets").executeTakeFirst(),i=new Map(at(s==null?void 0:s.secrets).map(l=>[l.name,l])),d=n.secrets.map(l=>{var m;return l.value===void 0?{name:l.name,value:(m=i.get(l.name))==null?void 0:m.value}:l});o.secrets=JSON.stringify(d)}if(n.dependencies!==void 0&&(o.dependencies=JSON.stringify(n.dependencies)),n.supported_triggers!==void 0&&(o.supported_triggers=JSON.stringify(n.supported_triggers)),n.status!==void 0&&(o.status=n.status),n.deployed_at!==void 0){const s=new Date(n.deployed_at).getTime();Number.isFinite(s)&&(o.deployed_at_ts=s)}return(await e.updateTable("actions").set(o).where("actions.id","=",a).where("actions.tenant_id","=",t).executeTakeFirst()).numUpdatedRows>0}}function ot(e){return async(t,a)=>(await e.deleteFrom("actions").where("actions.id","=",a).where("actions.tenant_id","=",t).executeTakeFirst()).numDeletedRows>0}function rt(e){return{create:Ze(e),get:et(e),list:tt(e),update:nt(e),remove:ot(e)}}var L=class extends Error{constructor(t=500,a){super(a==null?void 0:a.message,{cause:a==null?void 0:a.cause});Q(this,"res");Q(this,"status");this.res=a==null?void 0:a.res,this.status=t}getResponse(){return this.res?new Response(this.res.body,{status:this.status,headers:this.res.headers}):new Response(this.message,{status:this.status})}};function st(e){return async(t,a)=>{const{identities:n,phone_verified:o,password:r,...s}=a,i={...s,login_count:s.login_count??0,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t,email_verified:a.email_verified?1:0,phone_verified:o!==void 0?o?1:0:null,is_social:a.is_social?1:0,app_metadata:JSON.stringify(a.app_metadata),user_metadata:JSON.stringify(a.user_metadata),address:a.address?JSON.stringify(a.address):null};try{const d=async l=>{if(await l.insertInto("users").values(i).execute(),r&&i.user_id){const m={id:S.nanoid(),user_id:i.user_id,password:r.hash,algorithm:r.algorithm,is_current:1,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t};await l.insertInto("passwords").values(m).execute()}};e.isTransaction?await d(e):await e.transaction().execute(d)}catch(d){throw d.code==="SQLITE_CONSTRAINT_UNIQUE"||d.code==="ER_DUP_ENTRY"||d.message.includes("AlreadyExists")?new L(409,{message:"User already exists"}):new L(500,{message:`${d.code}, ${d.message}`})}return{...i,email:i.email||"",email_verified:i.email_verified===1,phone_verified:i.phone_verified!==null?i.phone_verified===1:void 0,is_social:i.is_social===1,address:a.address}}}function y(e){if(e==null||typeof e!="object")return e;if(Array.isArray(e))return e.map(a=>a!==null&&typeof a=="object"?y(a):a);const t={...e};for(const a in t){const n=t[a];n===null?delete t[a]:n!==null&&typeof n=="object"&&(Array.isArray(n)?t[a]=n.map(o=>o!==null&&typeof o=="object"?y(o):o):t[a]=y(n))}return t}const it=["email","email_verified","phone_number","phone_verified","username"];function G(e,t=!1){const a={connection:e.connection,provider:e.provider,user_id:T.parseUserId(e.user_id).id,isSocial:!!e.is_social};for(const n of it)e[n]!==void 0&&e[n]!==null&&(a[n]=n.endsWith("_verified")?!!e[n]:e[n]);if(!t){let n={};try{n=JSON.parse(e.profileData||"{}")}catch(o){console.error("Error parsing profileData",o)}a.profileData={email:e.email,email_verified:!!e.email_verified,...n}}return a}function ct(e){return async(t,a)=>{const[n,o]=await Promise.all([e.selectFrom("users").where("users.tenant_id","=",t).where("users.user_id","=",a).selectAll().executeTakeFirst(),e.selectFrom("users").where("users.tenant_id","=",t).where("users.linked_to","=",a).selectAll().orderBy("created_at","asc").execute()]);if(!n)return null;const{tenant_id:r,...s}=n,i={...s,email:n.email||"",email_verified:n.email_verified===1,phone_verified:n.phone_verified!==null?n.phone_verified===1:void 0,is_social:n.is_social===1,app_metadata:JSON.parse(n.app_metadata),user_metadata:JSON.parse(n.user_metadata),address:n.address?JSON.parse(n.address):void 0,identities:[G(n,!0),...o.map(d=>G(d))]};return y(i)}}const lt=["user_id","email","email_verified","username","phone_number","phone_verified","name","given_name","family_name","nickname","picture","locale","linked_to","provider","connection","is_social","last_ip","last_login","login_count","created_at","updated_at"],dt=["email","name","phone_number","user_id"];function ut(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let d=e.selectFrom("users").where("users.tenant_id","=",t);if(i){const f=ae(i,lt);f&&(d=N(e,d,f,dt))}if(s&&s.sort_by){const{ref:f}=e.dynamic;d=d.orderBy(f(s.sort_by),s.sort_order)}const m=await d.offset(n*o).limit(o).selectAll().execute(),c=m.map(f=>f.user_id),u=c.length?await e.selectFrom("users").selectAll().where("users.tenant_id","=",t).where("users.linked_to","in",c).orderBy("created_at","asc").execute():[],_=m.map(f=>{const g=u.filter(v=>v.linked_to===f.user_id);return y({...f,email_verified:f.email_verified===1,phone_verified:f.phone_verified!==null?f.phone_verified===1:void 0,is_social:f.is_social===1,app_metadata:JSON.parse(f.app_metadata),user_metadata:JSON.parse(f.user_metadata),address:f.address?JSON.parse(f.address):void 0,identities:[G(f,!0),...g.map(v=>G(v))]})});if(!r)return{users:_,start:0,limit:0,length:0};const{count:p}=await d.select(f=>f.fn.countAll().as("count")).executeTakeFirstOrThrow();return{users:_,start:n*o,limit:o,length:P(p)}}}function _t(e){return async(t,a)=>(await e.deleteFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.user_id","in",o=>o.selectFrom("users").select("users.user_id").where("users.tenant_id","=",t).where(r=>r.or([r("users.user_id","=",a),r("users.linked_to","=",a)]))).execute(),await e.deleteFrom("users").where("users.tenant_id","=",t).where("users.linked_to","=",a).execute(),(await e.deleteFrom("users").where("users.tenant_id","=",t).where("users.user_id","=",a).execute()).length===1)}function K(e,t="",a={}){for(let n in e)if(Object.prototype.hasOwnProperty.call(e,n)){const o=t?`${t}_${n}`:n,r=e[n];typeof r=="object"&&r!==null&&!Array.isArray(r)?K(r,o,a):typeof r=="boolean"?a[o]=r?1:0:a[o]=r}return a}function ye(e,t){const a={};for(const[n,o]of Object.entries(e)){const r=t.find(s=>n.startsWith(`${s}_`));if(!r)a[n]=o;else{const s=n.slice(r.length+1);a[r]={...a[r],[s]:o}}}return a}function mt(e){return async(t,a,n)=>{const o=K({...n,updated_at:new Date().toISOString(),app_metadata:n.app_metadata?JSON.stringify(n.app_metadata):void 0,user_metadata:n.user_metadata?JSON.stringify(n.user_metadata):void 0,address:n.address?JSON.stringify(n.address):void 0,phone_verified:n.phone_verified!==void 0?n.phone_verified?1:0:void 0});return(await e.updateTable("users").set(o).where("users.tenant_id","=",t).where("users.user_id","=",a).execute()).length===1}}function ht(e){return async(t,a,n,o)=>{const r={linked_to:null};return(await e.updateTable("users").set(r).where("users.tenant_id","=",t).where("users.user_id","=",`${n}|${o}`).where("users.linked_to","=",`${a}`).execute()).length===1}}function pt(e){const t=st(e);return{create:t,rawCreate:t,remove:_t(e),get:ct(e),list:ut(e),update:mt(e),unlink:ht(e)}}function ft(e){return async(t,a)=>{const n=new Date().toISOString(),o=T.flowSchema.parse({id:`af_${S.nanoid()}`,...a,actions:a.actions||[],created_at:n,updated_at:n});return await e.insertInto("flows").values({...o,tenant_id:t,actions:JSON.stringify(o.actions)}).execute(),o}}function j(e,t){if(!e)return t;try{return JSON.parse(e)}catch{return t}}function ve(e){if(e)try{const t=JSON.parse(e);return t&&typeof t=="object"&&!Array.isArray(t)?t:void 0}catch{return}}function Ce(e,t,a={...e}){for(const n in t)n in e&&(a[n]=j(e[n],t[n]));return a}function gt(e){return async(t,a)=>{const n=await e.selectFrom("flows").selectAll().where("flows.id","=",a).where("tenant_id","=",t).executeTakeFirst();if(!n)return null;const o={...n,actions:j(n.actions,[])};return T.flowSchema.parse(y(o))}}function wt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("flows").where("tenant_id","=",t);s&&(i=N(e,i,s,[]));const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const _={...u,actions:j(u.actions,[])};return T.flowSchema.parse(y(_))});if(!r)return{flows:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{flows:m,start:n*o,limit:o,length:P(c)}}}function yt(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};n.actions!==void 0&&(o.actions=JSON.stringify(n.actions));const{numUpdatedRows:r}=await e.updateTable("flows").set(o).where("id","=",a).where("tenant_id","=",t).executeTakeFirst();if(r===0n)return null;const s=await e.selectFrom("flows").selectAll().where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return s?T.flowSchema.parse({...s,actions:s.actions?JSON.parse(s.actions):[]}):null}}function vt(e){return async(t,a)=>{var o;return(((o=(await e.deleteFrom("flows").where("id","=",a).where("tenant_id","=",t).execute())[0])==null?void 0:o.numDeletedRows)??0n)>0n}}function Ct(e){return{create:ft(e),get:gt(e),list:wt(e),update:yt(e),remove:vt(e)}}function U(e,t,a={...e}){for(const n of t)e[n]!==void 0&&(a[n]=JSON.stringify(e[n]));return a}function xe(e,t,a=e){for(const n of t)e[n]!==void 0&&(a[n]=e[n]?1:0)}function xt(e){const t={};for(const a in e)e[a]!==void 0&&e[a]!==null&&(t[a]=e[a]);return t}function Te(e){const t={...e};return e.session_cookie&&typeof e.session_cookie=="string"&&(t.session_cookie=JSON.parse(e.session_cookie)),e.enabled_locales&&typeof e.enabled_locales=="string"&&(t.enabled_locales=JSON.parse(e.enabled_locales)),e.error_page&&typeof e.error_page=="string"&&(t.error_page=JSON.parse(e.error_page)),e.flags&&typeof e.flags=="string"&&(t.flags=JSON.parse(e.flags)),e.sandbox_versions_available&&typeof e.sandbox_versions_available=="string"&&(t.sandbox_versions_available=JSON.parse(e.sandbox_versions_available)),e.change_password&&typeof e.change_password=="string"&&(t.change_password=JSON.parse(e.change_password)),e.guardian_mfa_page&&typeof e.guardian_mfa_page=="string"&&(t.guardian_mfa_page=JSON.parse(e.guardian_mfa_page)),e.sessions&&typeof e.sessions=="string"&&(t.sessions=JSON.parse(e.sessions)),e.oidc_logout&&typeof e.oidc_logout=="string"&&(t.oidc_logout=JSON.parse(e.oidc_logout)),e.device_flow&&typeof e.device_flow=="string"&&(t.device_flow=JSON.parse(e.device_flow)),e.default_token_quota&&typeof e.default_token_quota=="string"&&(t.default_token_quota=JSON.parse(e.default_token_quota)),e.allowed_logout_urls&&typeof e.allowed_logout_urls=="string"&&(t.allowed_logout_urls=JSON.parse(e.allowed_logout_urls)),e.acr_values_supported&&typeof e.acr_values_supported=="string"&&(t.acr_values_supported=JSON.parse(e.acr_values_supported)),e.mtls&&typeof e.mtls=="string"&&(t.mtls=JSON.parse(e.mtls)),e.mfa&&typeof e.mfa=="string"&&(t.mfa=JSON.parse(e.mfa)),e.attack_protection&&typeof e.attack_protection=="string"&&(t.attack_protection=JSON.parse(e.attack_protection)),e.allow_organization_name_in_authentication_api!==void 0&&(t.allow_organization_name_in_authentication_api=e.allow_organization_name_in_authentication_api===1),e.customize_mfa_in_postlogin_action!==void 0&&(t.customize_mfa_in_postlogin_action=e.customize_mfa_in_postlogin_action===1),e.pushed_authorization_requests_supported!==void 0&&(t.pushed_authorization_requests_supported=e.pushed_authorization_requests_supported===1),e.authorization_response_iss_parameter_supported!==void 0&&(t.authorization_response_iss_parameter_supported=e.authorization_response_iss_parameter_supported===1),y(t)}function Ne(e){const t={...e};return U(e,["session_cookie","enabled_locales","error_page","flags","sandbox_versions_available","change_password","guardian_mfa_page","sessions","oidc_logout","device_flow","default_token_quota","allowed_logout_urls","acr_values_supported","mtls","mfa","attack_protection"],t),e.allow_organization_name_in_authentication_api!==void 0&&(t.allow_organization_name_in_authentication_api=e.allow_organization_name_in_authentication_api?1:0),e.customize_mfa_in_postlogin_action!==void 0&&(t.customize_mfa_in_postlogin_action=e.customize_mfa_in_postlogin_action?1:0),e.pushed_authorization_requests_supported!==void 0&&(t.pushed_authorization_requests_supported=e.pushed_authorization_requests_supported?1:0),e.authorization_response_iss_parameter_supported!==void 0&&(t.authorization_response_iss_parameter_supported=e.authorization_response_iss_parameter_supported?1:0),xt(t)}function Tt(e){return async t=>{var o,r;const a={id:t.id||S.nanoid(),created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...t},n=Ne(a);try{await e.insertInto("tenants").values(n).execute()}catch(s){throw(o=s==null?void 0:s.message)!=null&&o.includes("UNIQUE constraint failed")||(r=s==null?void 0:s.message)!=null&&r.includes("duplicate key")||(s==null?void 0:s.code)==="SQLITE_CONSTRAINT"||(s==null?void 0:s.code)==="ER_DUP_ENTRY"||(s==null?void 0:s.code)==="23505"?new L(409,{message:`Tenant with ID '${a.id}' already exists`}):s}return a}}function Nt(e){return async t=>{const a=await e.selectFrom("tenants").where("tenants.id","=",t).selectAll().executeTakeFirst();return a?Te(a):null}}function bt(e){return async t=>{let a=e.selectFrom("tenants");const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=t||{};if(s&&s.sort_by){const{ref:_}=e.dynamic;a=a.orderBy(_(s.sort_by),s.sort_order)}i&&(a=N(e,a,i,["friendly_name"]));const m=(await a.offset(n*o).limit(o).selectAll().execute()).map(Te);if(!r)return{tenants:m};const{count:c}=await a.select(_=>_.fn.countAll().as("count")).executeTakeFirstOrThrow(),u=P(c);return{tenants:m,start:n*o,limit:o,length:u}}}function St(e){return async(t,a)=>{const o={...Ne(a),id:t,updated_at:new Date().toISOString()};await e.updateTable("tenants").set(o).where("id","=",t).execute()}}function kt(e){return async t=>(await e.deleteFrom("tenants").where("tenants.id","=",t).execute()).length===1}function Ot(e){return{create:Tt(e),get:Nt(e),list:bt(e),update:St(e),remove:kt(e)}}function ce(e){return e?JSON.stringify(e):void 0}const $t=256;function Et(e){return async(t,a)=>{var i,d,l;const n=(i=a.user_agent)==null?void 0:i.slice(0,$t),o=a.log_id||S.nanoid(),{location_info:r,...s}=a;return await e.insertInto("logs").values({...s,log_id:o,tenant_id:t,user_agent:n,description:(d=a.description)==null?void 0:d.substring(0,256),isMobile:a.isMobile?1:0,scope:a.scope,auth0_client:ce(a.auth0_client),details:(l=ce(a.details))==null?void 0:l.substring(0,8192),country_code:r==null?void 0:r.country_code,city_name:r==null?void 0:r.city_name,latitude:r==null?void 0:r.latitude,longitude:r==null?void 0:r.longitude,time_zone:r==null?void 0:r.time_zone,continent_code:r==null?void 0:r.continent_code}).execute(),{...a,log_id:o,user_agent:n}}}function le(e){if(!e)return"";try{return JSON.parse(e)}catch{return e}}function be(e){return{...e,client_id:e.client_id,client_name:"",auth0_client:le(e.auth0_client),details:le(e.details),isMobile:!!e.isMobile,scope:e.scope||void 0,log_id:e.log_id,location_info:e.country_code?{country_code:e.country_code,city_name:e.city_name||"",latitude:e.latitude||"",longitude:e.longitude||"",time_zone:e.time_zone||"",continent_code:e.continent_code||""}:void 0}}function Pt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let d=e.selectFrom("logs").where("logs.tenant_id","=",t);i&&(d=N(e,d,i,["user_id","ip"]));let l=d;if(s&&s.sort_by){const{ref:_}=e.dynamic;l=l.orderBy(_(s.sort_by),s.sort_order)}l=l.offset(n*o).limit(o);const c=(await l.selectAll().execute()).map(be);if(!r)return{logs:c,start:0,limit:0,length:0};const{count:u}=await d.select(_=>_.fn.countAll().as("count")).executeTakeFirstOrThrow();return{logs:c,start:n*o,limit:o,length:P(u)}}}function It(e){return async(t,a)=>{const n=await e.selectFrom("logs").where("logs.tenant_id","=",t).where("logs.log_id","=",a).selectAll().executeTakeFirst();return n?be(n):null}}function zt(e){return{create:Et(e),list:Pt(e),get:It(e)}}function Dt(e){return async(t,a)=>{const n=await e.selectFrom("sessions").where("sessions.tenant_id","=",t).where("sessions.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,device:r,clients:s,created_at_ts:i,updated_at_ts:d,expires_at_ts:l,idle_expires_at_ts:m,authenticated_at_ts:c,last_interaction_at_ts:u,used_at_ts:_,revoked_at_ts:p,...f}=n,g=D({created_at_ts:i,updated_at_ts:d,expires_at_ts:l,idle_expires_at_ts:m,authenticated_at_ts:c,last_interaction_at_ts:u,used_at_ts:_,revoked_at_ts:p},["created_at_ts","updated_at_ts","authenticated_at_ts","last_interaction_at_ts"],["expires_at_ts","idle_expires_at_ts","used_at_ts","revoked_at_ts"]);return{...f,...g,device:JSON.parse(r),clients:JSON.parse(s)}}}function At(e){return async(t,a)=>{const n=Date.now(),o=oe(),r={...a,created_at:o,updated_at:o,authenticated_at:o,last_interaction_at:o},{expires_at:s,idle_expires_at:i,used_at:d,revoked_at:l,device:m,clients:c,...u}=a;return await e.insertInto("sessions").values({...u,tenant_id:t,created_at_ts:n,updated_at_ts:n,authenticated_at_ts:n,last_interaction_at_ts:n,expires_at_ts:C(s),idle_expires_at_ts:C(i),used_at_ts:C(d),revoked_at_ts:C(l),device:JSON.stringify(m),clients:JSON.stringify(c)}).execute(),r}}function Ft(e){return async(t,a)=>!!(await e.deleteFrom("sessions").where("tenant_id","=",t).where("sessions.id","=",a).execute()).length}function jt(e){return async(t,a,n)=>{const o={updated_at_ts:Date.now(),device:n.device?JSON.stringify(n.device):void 0,clients:n.clients?JSON.stringify(n.clients):void 0};return n.expires_at!==void 0&&(o.expires_at_ts=C(n.expires_at)),n.idle_expires_at!==void 0&&(o.idle_expires_at_ts=C(n.idle_expires_at)),n.authenticated_at!==void 0&&(o.authenticated_at_ts=C(n.authenticated_at)),n.last_interaction_at!==void 0&&(o.last_interaction_at_ts=C(n.last_interaction_at)),n.used_at!==void 0&&(o.used_at_ts=C(n.used_at)),n.revoked_at!==void 0&&(o.revoked_at_ts=C(n.revoked_at)),n.user_id!==void 0&&(o.user_id=n.user_id),n.login_session_id!==void 0&&(o.login_session_id=n.login_session_id),!!(await e.updateTable("sessions").set(o).where("tenant_id","=",t).where("sessions.id","=",a).execute()).length}}function Rt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let d=e.selectFrom("sessions").where("sessions.tenant_id","=",t);i&&(d=N(e,d,i,["user_id","session_id"]));let l=d;if(s&&s.sort_by){const{ref:p}=e.dynamic;l=l.orderBy(p(s.sort_by),s.sort_order)}l=l.offset(n*o).limit(o);const c=(await l.selectAll().execute()).map(p=>{const{tenant_id:f,device:g,clients:v,created_at_ts:x,updated_at_ts:I,expires_at_ts:k,idle_expires_at_ts:A,authenticated_at_ts:b,last_interaction_at_ts:M,used_at_ts:Re,revoked_at_ts:Me,...Je}=p,qe=D({created_at_ts:x,updated_at_ts:I,expires_at_ts:k,idle_expires_at_ts:A,authenticated_at_ts:b,last_interaction_at_ts:M,used_at_ts:Re,revoked_at_ts:Me},["created_at_ts","updated_at_ts","authenticated_at_ts","last_interaction_at_ts"],["expires_at_ts","idle_expires_at_ts","used_at_ts","revoked_at_ts"]);return{...Je,...qe,device:JSON.parse(g),clients:JSON.parse(v)}});if(!r)return{sessions:c,start:0,limit:0,length:0};const{count:u}=await d.select(p=>p.fn.countAll().as("count")).executeTakeFirstOrThrow(),_=P(u);return{sessions:c,start:n*o,limit:o,length:_}}}function Mt(e){return{create:At(e),get:Dt(e),list:Rt(e),remove:Ft(e),update:jt(e)}}function Jt(e){return async(t,a)=>{const n=await e.selectFrom("passwords").where("passwords.tenant_id","=",t).where("passwords.user_id","=",a).where("passwords.is_current","=",1).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,...r}=n;return{...r,is_current:!!r.is_current}}}function qt(e){return async(t,a)=>{const n=a.id||S.nanoid(),o=a.is_current??!0,r={id:n,...a,is_current:o,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};return o&&await e.updateTable("passwords").set({is_current:0}).where("user_id","=",a.user_id).where("tenant_id","=",t).where("is_current","=",1).execute(),await e.insertInto("passwords").values({...r,is_current:r.is_current?1:0,tenant_id:t}).execute(),r}}function Lt(e){return async(t,a)=>{let n=e.updateTable("passwords").set({password:a.password,algorithm:a.algorithm,is_current:a.is_current?1:0,updated_at:new Date().toISOString()}).where("tenant_id","=",t).where("user_id","=",a.user_id);return a.id?n=n.where("id","=",a.id):n=n.where("is_current","=",1),(await n.execute()).length===1}}function Kt(e){return async(t,a,n)=>{let o=e.selectFrom("passwords").where("passwords.tenant_id","=",t).where("passwords.user_id","=",a).orderBy("created_at","desc");return n&&(o=o.limit(n)),(await o.selectAll().execute()).map(({tenant_id:s,...i})=>({...i,is_current:!!i.is_current}))}}function Bt(e){return{create:qt(e),update:Lt(e),get:Jt(e),list:Kt(e)}}function Ut(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("codes").where("codes.tenant_id","=",t);s&&(i=N(e,i,s,["code","login_id"]));const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const{tenant_id:_,...p}=u;return T.codeSchema.parse(y(p))});if(!r)return{codes:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{codes:m,start:n*o,limit:o,length:P(c)}}}function Qt(e){return async(t,a)=>{const n={...a,created_at:new Date().toISOString()};return await e.insertInto("codes").values({...n,tenant_id:t}).execute(),n}}function Wt(e){return async(t,a)=>(await e.deleteFrom("codes").where("codes.tenant_id","=",t).where("codes.code_id","=",a).executeTakeFirst()).numDeletedRows>0}function Yt(e){return async(t,a,n)=>{let o=e.selectFrom("codes").where("codes.code_id","=",a).where("codes.code_type","=",n);t.length&&(o=o.where("codes.tenant_id","=",t));const r=await o.selectAll().executeTakeFirst();return r?y(r):null}}function Ht(e){return async(t,a)=>(await e.updateTable("codes").set({used_at:new Date().toISOString()}).where("codes.tenant_id","=",t).where("codes.code_id","=",a).executeTakeFirst()).numUpdatedRows>0}function Gt(e){return async(t,a)=>(await e.updateTable("codes").set({used_at:new Date().toISOString()}).where("codes.tenant_id","=",t).where("codes.code_id","=",a).where("codes.used_at","is",null).executeTakeFirst()).numUpdatedRows>0}function Xt(e){return{create:Qt(e),list:Ut(e),remove:Wt(e),used:Ht(e),consume:Gt(e),get:Yt(e)}}function Vt(e){return async(t,a)=>{const{is_system:n,...o}=a,r={id:o.id||We(),...o,is_system:n?!0:void 0,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};return await e.insertInto("connections").values({...r,is_system:n?1:0,options:JSON.stringify(r.options||{}),tenant_id:t}).execute(),r}}function re(e){const{is_system:t,...a}=e;return y({...a,is_system:t?!0:void 0,options:JSON.parse(e.options)})}function Zt(e){return e.map(re)}function ea(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("connections").where("connections.tenant_id","=",t);s&&(i=N(e,i,s,["user_id","ip"]));const l=await i.offset(n*o).limit(o).selectAll().execute(),m=Zt(l);if(!r)return{connections:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{connections:m,start:n*o,limit:o,length:P(c)}}}function ta(e){return async(t,a)=>(await e.deleteFrom("connections").where("connections.tenant_id","=",t).where("connections.id","=",a).executeTakeFirst()).numDeletedRows>0}function aa(e){return async(t,a)=>{const n=await e.selectFrom("connections").where("connections.tenant_id","=",t).where("connections.id","=",a).selectAll().executeTakeFirst();return n?re(n):null}}function na(e){return async(t,a,n)=>{const{is_system:o,...r}=n,s={...r,is_system:o!==void 0?o?1:0:void 0,updated_at:new Date().toISOString()};return await e.updateTable("connections").set({...s,options:s.options?JSON.stringify(s.options):void 0}).where("connections.id","=",a).where("connections.tenant_id","=",t).execute(),!0}}function oa(e){return{create:Vt(e),get:aa(e),list:ea(e),remove:ta(e),update:na(e)}}function ra(e){return async(t,a)=>{const n=a.client_id??S.nanoid(),o={created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...a,client_id:n,global:a.global??!1,is_first_party:a.is_first_party??!1,oidc_conformant:a.oidc_conformant??!0,auth0_conformant:a.auth0_conformant??!0,sso:a.sso??!1,sso_disabled:a.sso_disabled??!1,cross_origin_authentication:a.cross_origin_authentication??!1,custom_login_page_on:a.custom_login_page_on??!1,require_pushed_authorization_requests:a.require_pushed_authorization_requests??!1,require_proof_of_possession:a.require_proof_of_possession??!1},r={...o,tenant_id:t};return xe(o,["global","is_first_party","oidc_conformant","auth0_conformant","sso","sso_disabled","cross_origin_authentication","custom_login_page_on","require_pushed_authorization_requests","require_proof_of_possession"],r),Object.assign(r,{callbacks:JSON.stringify(a.callbacks||[]),allowed_origins:JSON.stringify(a.allowed_origins||[]),web_origins:JSON.stringify(a.web_origins||[]),client_aliases:JSON.stringify(a.client_aliases||[]),allowed_clients:JSON.stringify(a.allowed_clients||[]),connections:JSON.stringify(a.connections||[]),allowed_logout_urls:JSON.stringify(a.allowed_logout_urls||[]),session_transfer:JSON.stringify(a.session_transfer||{}),oidc_logout:JSON.stringify(a.oidc_logout||{}),grant_types:JSON.stringify(a.grant_types||[]),jwt_configuration:JSON.stringify(a.jwt_configuration||{}),signing_keys:JSON.stringify(a.signing_keys||[]),encryption_key:JSON.stringify(a.encryption_key||{}),addons:JSON.stringify(a.addons||{}),client_metadata:JSON.stringify(a.client_metadata||{}),mobile:JSON.stringify(a.mobile||{}),native_social_login:JSON.stringify(a.native_social_login||{}),refresh_token:JSON.stringify(a.refresh_token||{}),default_organization:JSON.stringify(a.default_organization||{}),client_authentication_methods:JSON.stringify(a.client_authentication_methods||{}),signed_request_object:JSON.stringify(a.signed_request_object||{}),token_quota:JSON.stringify(a.token_quota||{}),owner_user_id:a.owner_user_id??null,registration_type:a.registration_type??null,registration_metadata:a.registration_metadata?JSON.stringify(a.registration_metadata):null}),await e.insertInto("clients").values(r).execute(),o}}function sa(e){return async(t,a)=>{const n=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,...r}=n;return y({...r,global:!!n.global,is_first_party:!!n.is_first_party,oidc_conformant:!!n.oidc_conformant,auth0_conformant:!!n.auth0_conformant,sso:!!n.sso,sso_disabled:!!n.sso_disabled,cross_origin_authentication:!!n.cross_origin_authentication,custom_login_page_on:!!n.custom_login_page_on,require_pushed_authorization_requests:!!n.require_pushed_authorization_requests,require_proof_of_possession:!!n.require_proof_of_possession,callbacks:JSON.parse(n.callbacks),allowed_origins:JSON.parse(n.allowed_origins),web_origins:JSON.parse(n.web_origins),client_aliases:JSON.parse(n.client_aliases),allowed_clients:JSON.parse(n.allowed_clients),connections:JSON.parse(n.connections||"[]"),allowed_logout_urls:JSON.parse(n.allowed_logout_urls),session_transfer:JSON.parse(n.session_transfer),oidc_logout:JSON.parse(n.oidc_logout),grant_types:JSON.parse(n.grant_types),jwt_configuration:JSON.parse(n.jwt_configuration),signing_keys:JSON.parse(n.signing_keys),encryption_key:JSON.parse(n.encryption_key),addons:JSON.parse(n.addons),client_metadata:JSON.parse(n.client_metadata),mobile:JSON.parse(n.mobile),native_social_login:JSON.parse(n.native_social_login),refresh_token:JSON.parse(n.refresh_token),default_organization:JSON.parse(n.default_organization),client_authentication_methods:JSON.parse(n.client_authentication_methods),signed_request_object:JSON.parse(n.signed_request_object),token_quota:JSON.parse(n.token_quota),registration_metadata:n.registration_metadata?JSON.parse(n.registration_metadata):void 0})}}function ia(e){return async t=>{const a=await e.selectFrom("clients").where("clients.client_id","=",t).selectAll().executeTakeFirst();return a?y({...a,global:!!a.global,is_first_party:!!a.is_first_party,oidc_conformant:!!a.oidc_conformant,auth0_conformant:!!a.auth0_conformant,sso:!!a.sso,sso_disabled:!!a.sso_disabled,cross_origin_authentication:!!a.cross_origin_authentication,custom_login_page_on:!!a.custom_login_page_on,require_pushed_authorization_requests:!!a.require_pushed_authorization_requests,require_proof_of_possession:!!a.require_proof_of_possession,callbacks:JSON.parse(a.callbacks),allowed_origins:JSON.parse(a.allowed_origins),web_origins:JSON.parse(a.web_origins),client_aliases:JSON.parse(a.client_aliases),allowed_clients:JSON.parse(a.allowed_clients),connections:JSON.parse(a.connections||"[]"),allowed_logout_urls:JSON.parse(a.allowed_logout_urls),session_transfer:JSON.parse(a.session_transfer),oidc_logout:JSON.parse(a.oidc_logout),grant_types:JSON.parse(a.grant_types),jwt_configuration:JSON.parse(a.jwt_configuration),signing_keys:JSON.parse(a.signing_keys),encryption_key:JSON.parse(a.encryption_key),addons:JSON.parse(a.addons),client_metadata:JSON.parse(a.client_metadata),mobile:JSON.parse(a.mobile),native_social_login:JSON.parse(a.native_social_login),refresh_token:JSON.parse(a.refresh_token),default_organization:JSON.parse(a.default_organization),client_authentication_methods:JSON.parse(a.client_authentication_methods),signed_request_object:JSON.parse(a.signed_request_object),token_quota:JSON.parse(a.token_quota),registration_metadata:a.registration_metadata?JSON.parse(a.registration_metadata):void 0}):null}}function ca(e){return async(t,a)=>{let n=e.selectFrom("clients").where("clients.tenant_id","=",t);const o=new Set(["owner_user_id","registration_type"]);if(a!=null&&a.q){const u=a.q.trim().match(/^([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/);if(u&&o.has(u[1])&&u[2]){const _=u[1];n=n.where(_,"=",u[2])}else n=n.where(_=>_.or([_("name","like",`%${a.q}%`),_("client_id","like",`%${a.q}%`)]))}if(a!=null&&a.sort){const c=a.sort.sort_order==="asc"?"asc":"desc",u=a.sort.sort_by;["name","client_id","created_at","updated_at"].includes(u)?n=n.orderBy(u,c):n=n.orderBy("created_at","desc")}else n=n.orderBy("created_at","desc");if((a==null?void 0:a.from)!==void 0){const c=parseInt(a.from,10);isNaN(c)||(n=n.offset(c))}else if((a==null?void 0:a.page)!==void 0){const c=(a==null?void 0:a.per_page)||(a==null?void 0:a.take)||10,u=a.page*c;n=n.offset(u)}const r=(a==null?void 0:a.take)||(a==null?void 0:a.per_page)||10;n=n.limit(r);const s=await n.selectAll().execute();let i=s.length;if(a!=null&&a.include_totals){let c=e.selectFrom("clients").select(h.sql`count(*)`.as("count")).where("clients.tenant_id","=",t);if(a!=null&&a.q){const p=a.q.trim().match(/^([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/);if(p&&o.has(p[1])&&p[2]){const f=p[1];c=c.where(f,"=",p[2])}else c=c.where(f=>f.or([f("name","like",`%${a.q}%`),f("client_id","like",`%${a.q}%`)]))}const u=await c.executeTakeFirst();i=Number((u==null?void 0:u.count)||0)}const d=s.map(c=>y({...c,global:!!c.global,is_first_party:!!c.is_first_party,oidc_conformant:!!c.oidc_conformant,auth0_conformant:!!c.auth0_conformant,sso:!!c.sso,sso_disabled:!!c.sso_disabled,cross_origin_authentication:!!c.cross_origin_authentication,custom_login_page_on:!!c.custom_login_page_on,require_pushed_authorization_requests:!!c.require_pushed_authorization_requests,require_proof_of_possession:!!c.require_proof_of_possession,callbacks:JSON.parse(c.callbacks),allowed_origins:JSON.parse(c.allowed_origins),web_origins:JSON.parse(c.web_origins),client_aliases:JSON.parse(c.client_aliases),allowed_clients:JSON.parse(c.allowed_clients),connections:JSON.parse(c.connections||"[]"),allowed_logout_urls:JSON.parse(c.allowed_logout_urls),session_transfer:JSON.parse(c.session_transfer),oidc_logout:JSON.parse(c.oidc_logout),grant_types:JSON.parse(c.grant_types),jwt_configuration:JSON.parse(c.jwt_configuration),signing_keys:JSON.parse(c.signing_keys),encryption_key:JSON.parse(c.encryption_key),addons:JSON.parse(c.addons),client_metadata:JSON.parse(c.client_metadata),mobile:JSON.parse(c.mobile),native_social_login:JSON.parse(c.native_social_login),refresh_token:JSON.parse(c.refresh_token),default_organization:JSON.parse(c.default_organization),client_authentication_methods:JSON.parse(c.client_authentication_methods),signed_request_object:JSON.parse(c.signed_request_object),token_quota:JSON.parse(c.token_quota),registration_metadata:c.registration_metadata?JSON.parse(c.registration_metadata):void 0})),l=(a==null?void 0:a.take)||(a==null?void 0:a.per_page)||10,m=a!=null&&a.from?parseInt(a.from,10):a!=null&&a.page?a.page*l:0;return{clients:d,totals:{start:isNaN(m)?0:m,limit:l,length:d.length,total:i}}}}function la(e){return async(t,a)=>(await e.deleteFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",a).executeTakeFirst()).numDeletedRows>0}function da(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};return xe(n,["global","is_first_party","oidc_conformant","auth0_conformant","sso","sso_disabled","cross_origin_authentication","custom_login_page_on","require_pushed_authorization_requests","require_proof_of_possession"],o),U(n,["callbacks","allowed_origins","web_origins","client_aliases","allowed_clients","connections","allowed_logout_urls","session_transfer","oidc_logout","grant_types","jwt_configuration","signing_keys","encryption_key","addons","client_metadata","mobile","native_social_login","refresh_token","default_organization","client_authentication_methods","signed_request_object","token_quota","registration_metadata"],o),(await e.updateTable("clients").set(o).where("clients.tenant_id","=",t).where("clients.client_id","=",a).executeTakeFirst()).numUpdatedRows>0}}function ua(e){return{create:ra(e),get:sa(e),getByClientId:ia(e),list:ca(e),remove:la(e),update:da(e)}}function _a(e){return async(t,a)=>{const n=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",a).select("connections").executeTakeFirst();if(!n)return[];const o=JSON.parse(n.connections||"[]");if(o.length===0)return[];const r=await e.selectFrom("connections").where("connections.tenant_id","=",t).where("connections.id","in",o).selectAll().execute(),s=new Map(r.map(i=>[i.id,re(i)]));return o.map(i=>s.get(i)).filter(i=>i!==void 0)}}function ma(e){return async(t,a,n)=>(await e.updateTable("clients").set({connections:JSON.stringify(n),updated_at:new Date().toISOString()}).where("clients.tenant_id","=",t).where("clients.client_id","=",a).executeTakeFirst()).numUpdatedRows>0}function ha(e){return async(t,a)=>{const n=await e.selectFrom("clients").where("clients.tenant_id","=",t).select(["client_id","connections"]).execute(),o=[];for(const r of n)JSON.parse(r.connections||"[]").includes(a)&&o.push(r.client_id);return o}}function pa(e){return async(t,a,n)=>{const o=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",n).select("connections").executeTakeFirst();if(!o)return!1;const r=JSON.parse(o.connections||"[]");return r.includes(a)?!0:(r.push(a),(await e.updateTable("clients").set({connections:JSON.stringify(r),updated_at:new Date().toISOString()}).where("clients.tenant_id","=",t).where("clients.client_id","=",n).executeTakeFirst()).numUpdatedRows>0)}}function fa(e){return async(t,a,n)=>{const o=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",n).select("connections").executeTakeFirst();if(!o)return!1;const r=JSON.parse(o.connections||"[]"),s=r.filter(i=>i!==a);return s.length!==r.length?(await e.updateTable("clients").set({connections:JSON.stringify(s),updated_at:new Date().toISOString()}).where("clients.tenant_id","=",t).where("clients.client_id","=",n).executeTakeFirst()).numUpdatedRows>0:!0}}function ga(e){return{listByClient:_a(e),updateByClient:ma(e),listByConnection:ha(e),addClientToConnection:pa(e),removeClientFromConnection:fa(e)}}function wa(e){return async(t,a)=>{const n=new Date().toISOString(),o=S.nanoid(),{scope:r,authorization_details_types:s,...i}=a,d={id:o,tenant_id:t,...i,scope:r?JSON.stringify(r):"[]",authorization_details_types:s?JSON.stringify(s):"[]",allow_any_organization:i.allow_any_organization!==void 0?i.allow_any_organization?1:0:void 0,is_system:i.is_system!==void 0?i.is_system?1:0:void 0,created_at:n,updated_at:n};return await e.insertInto("client_grants").values(d).execute(),y({id:o,tenant_id:t,...i,scope:r||[],authorization_details_types:s||[],allow_any_organization:i.allow_any_organization??!1,is_system:i.is_system??!1,created_at:n,updated_at:n})}}function ya(e){return async(t,a)=>{const n=await e.selectFrom("client_grants").selectAll().where("client_grants.tenant_id","=",t).where("client_grants.id","=",a).executeTakeFirst();if(!n)return null;const o={id:n.id,client_id:n.client_id,audience:n.audience,scope:n.scope?JSON.parse(n.scope):[],organization_usage:n.organization_usage,allow_any_organization:n.allow_any_organization!==void 0?!!n.allow_any_organization:!1,is_system:n.is_system!==void 0?!!n.is_system:!1,subject_type:n.subject_type,authorization_details_types:n.authorization_details_types?JSON.parse(n.authorization_details_types):[],created_at:n.created_at,updated_at:n.updated_at};return y(o)}}function va(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s,sort:i}=a;let d=e.selectFrom("client_grants").where("client_grants.tenant_id","=",t);if(s){const _=s.trim(),p=_.split(/\s+/),f=p.length===1?p[0]:void 0,g=f?f.match(/^(-)?([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/):null,v=g?g[3]:"",x=/^(>=|>|<=|<)/.test(v||"");if(g&&!x&&v){const I=!!g[1],k=g[2],{ref:A}=e.dynamic,b=A(`client_grants.${k}`);if(k==="allow_any_organization"){const M=v==="true"?1:0;I?d=d.where(b,"!=",M):d=d.where(b,"=",M)}else I?d=d.where(b,"!=",v):d=d.where(b,"=",v)}else d=N(e,d,_,[])}let l=d;if(i){const{ref:_}=e.dynamic;l=l.orderBy(_(i.sort_by),i.sort_order)}else l=l.orderBy("client_grants.created_at","desc");l=l.limit(o).offset(n*o);const c=(await l.selectAll().execute()).map(_=>{const p={id:_.id,client_id:_.client_id,audience:_.audience,scope:_.scope?JSON.parse(_.scope):[],organization_usage:_.organization_usage,allow_any_organization:_.allow_any_organization!==void 0?!!_.allow_any_organization:!1,is_system:_.is_system!==void 0?!!_.is_system:!1,subject_type:_.subject_type,authorization_details_types:_.authorization_details_types?JSON.parse(_.authorization_details_types):[],created_at:_.created_at,updated_at:_.updated_at};return y(p)});if(!r)return{client_grants:c,start:0,limit:0,length:0};const{count:u}=await d.select(_=>_.fn.countAll().as("count")).executeTakeFirstOrThrow();return{client_grants:c,start:n*o,limit:o,length:P(u)}}}function Ca(e){return async(t,a)=>((await e.deleteFrom("client_grants").where("client_grants.tenant_id","=",t).where("client_grants.id","=",a).executeTakeFirst()).numDeletedRows??0n)>0n}function xa(e){return async(t,a,n)=>{const o=new Date().toISOString(),{scope:r,authorization_details_types:s,...i}=n,d={...i,updated_at:o};return r!==void 0&&(d.scope=JSON.stringify(r)),s!==void 0&&(d.authorization_details_types=JSON.stringify(s)),i.allow_any_organization!==void 0&&(d.allow_any_organization=i.allow_any_organization?1:0),i.is_system!==void 0&&(d.is_system=i.is_system?1:0),((await e.updateTable("client_grants").set(d).where("client_grants.tenant_id","=",t).where("client_grants.id","=",a).executeTakeFirst()).numUpdatedRows??0n)>0n}}function Ta(e){return{create:wa(e),get:ya(e),list:va(e),remove:Ca(e),update:xa(e)}}function Na(e){return async(t,a)=>{const n=Date.now();return await e.insertInto("client_registration_tokens").values({id:a.id,tenant_id:t,token_hash:a.token_hash,type:a.type,client_id:a.client_id??null,sub:a.sub??null,constraints:a.constraints?JSON.stringify(a.constraints):null,single_use:a.single_use?1:0,expires_at_ts:C(a.expires_at),created_at_ts:n,used_at_ts:null,revoked_at_ts:null}).execute(),{id:a.id,token_hash:a.token_hash,type:a.type,client_id:a.client_id,sub:a.sub,constraints:a.constraints,single_use:a.single_use,expires_at:a.expires_at,created_at:new Date(n).toISOString()}}}function ba(e){const t=T.clientRegistrationTokenTypeSchema.safeParse(e);if(!t.success)throw new Error(`Unknown client_registration_tokens.type: ${e}`);return t.data}function Sa(e){if(!e)return;let t;try{t=JSON.parse(e)}catch{return}return T.isPlainObject(t)?t:void 0}function se(e){return{id:e.id,token_hash:e.token_hash,type:ba(e.type),client_id:e.client_id??void 0,sub:e.sub??void 0,constraints:Sa(e.constraints),single_use:!!e.single_use,expires_at:B(e.expires_at_ts),used_at:B(e.used_at_ts),revoked_at:B(e.revoked_at_ts),created_at:F(e.created_at_ts)}}function ka(e){return async(t,a)=>{const n=await e.selectFrom("client_registration_tokens").where("tenant_id","=",t).where("id","=",a).selectAll().executeTakeFirst();return n?se(n):null}}function Oa(e){return async(t,a)=>{const n=await e.selectFrom("client_registration_tokens").where("tenant_id","=",t).where("token_hash","=",a).selectAll().executeTakeFirst();return n?se(n):null}}function $a(e){return async(t,a)=>(await e.selectFrom("client_registration_tokens").where("tenant_id","=",t).where("client_id","=",a).orderBy("created_at_ts","desc").selectAll().execute()).map(se)}function Ea(e){return async(t,a,n)=>(await e.updateTable("client_registration_tokens").set({used_at_ts:C(n)}).where("tenant_id","=",t).where("id","=",a).where("used_at_ts","is",null).executeTakeFirst()).numUpdatedRows>0}function Pa(e){return async(t,a,n)=>(await e.updateTable("client_registration_tokens").set({revoked_at_ts:C(n)}).where("tenant_id","=",t).where("id","=",a).where("revoked_at_ts","is",null).executeTakeFirst()).numUpdatedRows>0}function Ia(e){return async(t,a,n)=>{const o=await e.updateTable("client_registration_tokens").set({revoked_at_ts:C(n)}).where("tenant_id","=",t).where("client_id","=",a).where("revoked_at_ts","is",null).executeTakeFirst();return Number(o.numUpdatedRows)}}function za(e){return async(t,a)=>(await e.deleteFrom("client_registration_tokens").where("tenant_id","=",t).where("id","=",a).executeTakeFirst()).numDeletedRows>0}function Da(e){return{create:Na(e),get:ka(e),getByHash:Oa(e),listByClient:$a(e),markUsed:Ea(e),revoke:Pa(e),revokeByClient:Ia(e),remove:za(e)}}function Aa(e){return async(t={})=>{const{page:a=0,per_page:n=100,include_totals:o=!1,sort:r,q:s}=t;let i=e.selectFrom("keys").where(_=>_.or([_("revoked_at",">",new Date().toISOString()),_("revoked_at","is",null)]));s&&(i=N(e,i,s,["kid","connection","fingerprint","thumbprint","type"]));let d=i.select(_=>_.fn.count("kid").as("count"));const l=a*n;i=i.limit(n).offset(l),r&&(i=i.orderBy(r.sort_by,r.sort_order));const m=await i.selectAll().execute();if(!o)return{signingKeys:m,start:0,limit:0,length:0};const c=await d.executeTakeFirst(),u=P((c==null?void 0:c.count)??0);return{signingKeys:m,start:l,limit:n,length:u}}}function Fa(e){return async t=>{await e.insertInto("keys").values({...t,created_at:new Date().toDateString()}).execute()}}function ja(e){return async(t,a)=>!!(await e.updateTable("keys").set(a).where("kid","=",t).execute()).length}function Ra(e){return{create:Fa(e),list:Aa(e),update:ja(e)}}function Ma(e){return async(t,a)=>{const n={custom_domain_id:a.custom_domain_id||S.nanoid(),status:"pending",primary:!1,...a};return await e.insertInto("custom_domains").values({...n,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t,primary:n.primary?1:0,domain_metadata:n.domain_metadata?JSON.stringify(n.domain_metadata):void 0}).execute(),n}}function Ja(e){return async t=>(await e.selectFrom("custom_domains").where("custom_domains.tenant_id","=",t).selectAll().execute()).map(n=>({...n,primary:n.primary===1,domain_metadata:j(n.domain_metadata,void 0)}))}function qa(e){return async(t,a)=>(await e.deleteFrom("custom_domains").where("custom_domains.tenant_id","=",t).where("custom_domains.custom_domain_id","=",a).execute()).length>0}function La(e){return async(t,a)=>{const n=await e.selectFrom("custom_domains").where("custom_domains.tenant_id","=",t).where("custom_domains.custom_domain_id","=",a).selectAll().executeTakeFirst();return n?{...n,primary:n.primary===1,domain_metadata:j(n.domain_metadata,void 0),verification:j(n.verification,void 0)}:null}}function Ka(e){return async(t,a,n)=>{const{verification:o,domain_metadata:r,primary:s,...i}=n,d={...i,updated_at:new Date().toISOString(),...s!==void 0&&{primary:s?1:0},...r!==void 0&&{domain_metadata:JSON.stringify(r)},...o!==void 0&&{verification:JSON.stringify(o)}};return(await e.updateTable("custom_domains").set(d).where("custom_domains.tenant_id","=",t).where("custom_domains.custom_domain_id","=",a).execute()).length>0}}function Ba(e){return async t=>{const a=await e.selectFrom("custom_domains").where("custom_domains.domain","=",t).selectAll().executeTakeFirst();return a?{...a,primary:a.primary===1,domain_metadata:j(a.domain_metadata,void 0)}:null}}function Ua(e){return{create:Ma(e),get:La(e),getByDomain:Ba(e),list:Ja(e),remove:qa(e),update:Ka(e)}}function Qa(e){return async t=>{const[a]=await e.selectFrom("branding").where("branding.tenant_id","=",t).selectAll().execute();if(!a)return null;const{tenant_id:n,colors_primary:o,colors_page_background_type:r,colors_page_background_start:s,colors_page_background_end:i,colors_page_background_angle_dev:d,font_url:l,...m}=a;return y({...m,colors:{primary:o,page_background:{type:r,start:s,end:i,angle_deg:d}},font:l?{url:l}:void 0})}}function Wa(e){return async(t,a)=>{var d,l;const{colors:n,font:o,...r}=a,s=n==null?void 0:n.page_background,i=s&&typeof s=="object"?s:void 0;try{await e.insertInto("branding").values({...r,colors_primary:n==null?void 0:n.primary,colors_page_background_type:i==null?void 0:i.type,colors_page_background_start:i==null?void 0:i.start,colors_page_background_end:i==null?void 0:i.end,colors_page_background_angle_dev:i==null?void 0:i.angle_deg,font_url:(d=a.font)==null?void 0:d.url,tenant_id:t}).execute()}catch{await e.updateTable("branding").set({...r,colors_primary:n==null?void 0:n.primary,colors_page_background_type:i==null?void 0:i.type,colors_page_background_start:i==null?void 0:i.start,colors_page_background_end:i==null?void 0:i.end,colors_page_background_angle_dev:i==null?void 0:i.angle_deg,font_url:(l=a.font)==null?void 0:l.url}).where("tenant_id","=",t).execute()}}}function Ya(e){return{get:Qa(e),set:Wa(e)}}function Ha(e){return async t=>{const a=await e.selectFrom("universal_login_templates").select(["body"]).where("tenant_id","=",t).executeTakeFirst();return a?{body:a.body}:null}}function Ga(e){return async(t,a)=>{const n=Date.now();try{await e.insertInto("universal_login_templates").values({tenant_id:t,body:a.body,created_at_ts:n,updated_at_ts:n}).execute()}catch{await e.updateTable("universal_login_templates").set({body:a.body,updated_at_ts:n}).where("tenant_id","=",t).execute()}}}function Xa(e){return async t=>{await e.deleteFrom("universal_login_templates").where("tenant_id","=",t).execute()}}function Va(e){return{get:Ha(e),set:Ga(e),delete:Xa(e)}}function Za(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("hooks").where("hooks.tenant_id","=",t);s&&(i=N(e,i,s,["url","form_id","template_id","code_id"]));const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const{tenant_id:_,enabled:p,synchronous:f,created_at_ts:g,updated_at_ts:v,metadata:x,...I}=u,k=D({created_at_ts:g,updated_at_ts:v},["created_at_ts","updated_at_ts"]);return y({...I,...k,enabled:!!p,synchronous:!!f,metadata:ve(x)})});if(!r)return{hooks:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{hooks:m,start:n*o,limit:o,length:P(c)}}}function en(e){return async(t,a)=>{const n=await e.selectFrom("hooks").where("hooks.tenant_id","=",t).where("hooks.hook_id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,created_at_ts:r,updated_at_ts:s,metadata:i,...d}=n,l=D({created_at_ts:r,updated_at_ts:s},["created_at_ts","updated_at_ts"]);return y({...d,...l,enabled:!!d.enabled,synchronous:!!d.synchronous,metadata:ve(i)})}}function tn(e){return async(t,a)=>(await e.deleteFrom("hooks").where("hooks.tenant_id","=",t).where("hooks.hook_id","=",a).executeTakeFirst()).numDeletedRows>0}function an(e){return async(t,a)=>{const n=Date.now(),o=a.hook_id||He(),{hook_id:r,enabled:s,synchronous:i,metadata:d,...l}=a;return await e.insertInto("hooks").values({...l,hook_id:o,tenant_id:t,enabled:s?1:0,synchronous:i?1:0,metadata:d?JSON.stringify(d):null,created_at_ts:n,updated_at_ts:n}).execute(),{...l,hook_id:o,enabled:s??!1,synchronous:i??!1,...d?{metadata:d}:{},created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function nn(e){return async(t,a,n)=>{const{hook_id:o,metadata:r,...s}=n,i={...s,updated_at_ts:Date.now(),enabled:n.enabled!==void 0?n.enabled?1:0:void 0,synchronous:n.synchronous!==void 0?n.synchronous?1:0:void 0,...r!==void 0?{metadata:r===null?null:JSON.stringify(r)}:{}};return await e.updateTable("hooks").set(i).where("hooks.hook_id","=",a).where("hooks.tenant_id","=",t).execute(),!0}}function on(e){return{create:an(e),get:en(e),list:Za(e),update:nn(e),remove:tn(e)}}function rn(e){return async(t,a)=>{const n=Date.now(),o=Xe();return await e.insertInto("hook_code").values({id:o,tenant_id:t,code:a.code,secrets:a.secrets?JSON.stringify(a.secrets):null,created_at_ts:n,updated_at_ts:n}).execute(),{id:o,tenant_id:t,code:a.code,secrets:a.secrets,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function sn(e){return async(t,a)=>{const n=await e.selectFrom("hook_code").where("hook_code.tenant_id","=",t).where("hook_code.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{created_at_ts:o,updated_at_ts:r,secrets:s,...i}=n,d=D({created_at_ts:o,updated_at_ts:r},["created_at_ts","updated_at_ts"]);return{...i,...d,secrets:s?(()=>{try{return JSON.parse(s)}catch{console.warn(`Failed to parse secrets for hook_code ${a}`);return}})():void 0}}}function cn(e){return async(t,a,n)=>{const o={updated_at_ts:Date.now()};return n.code!==void 0&&(o.code=n.code),n.secrets!==void 0&&(o.secrets=JSON.stringify(n.secrets)),(await e.updateTable("hook_code").set(o).where("hook_code.id","=",a).where("hook_code.tenant_id","=",t).executeTakeFirst()).numUpdatedRows>0}}function ln(e){return async(t,a)=>(await e.deleteFrom("hook_code").where("hook_code.tenant_id","=",t).where("hook_code.id","=",a).executeTakeFirst()).numDeletedRows>0}function dn(e){return{create:rn(e),get:sn(e),update:cn(e),remove:ln(e)}}function un(e){return async(t,a,n)=>{const o={themeId:n||S.nanoid(),created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...a},r={...o,tenant_id:t};return await e.insertInto("themes").values(K(r)).execute(),o}}function _n(e){return async(t,a)=>(await e.deleteFrom("themes").where("themes.tenant_id","=",t).where("themes.themeId","=",a).executeTakeFirst()).numDeletedRows>0}function mn(e){return async(t,a)=>{const n=await e.selectFrom("themes").where("themes.tenant_id","=",t).where("themes.themeId","=",a).selectAll().executeTakeFirst();if(!n)return null;const o={...n,borders_show_widget_shadow:!!n.borders_show_widget_shadow,fonts_body_text_bold:!!n.fonts_body_text_bold,fonts_buttons_text_bold:!!n.fonts_buttons_text_bold,fonts_input_labels_bold:!!n.fonts_input_labels_bold,fonts_links_bold:!!n.fonts_links_bold,fonts_subtitle_bold:!!n.fonts_subtitle_bold,fonts_title_bold:!!n.fonts_title_bold};return y(ye(o,["widget","colors","borders","fonts","page_background"]))}}function hn(e){return async(t,a,n)=>{const{themeId:o,...r}=n,s=K({...r,updated_at:new Date().toISOString()});return await e.updateTable("themes").set(s).where("themes.themeId","=",a).where("themes.tenant_id","=",t).execute(),!0}}function pn(e){return{create:un(e),get:mn(e),remove:_n(e),update:hn(e)}}function fn(e){return async(t,a)=>{const n=await e.selectFrom("login_sessions").where("login_sessions.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{created_at_ts:o,updated_at_ts:r,expires_at_ts:s,auth_params:i,...d}=n,l=D({created_at_ts:o,updated_at_ts:r,expires_at_ts:s},["created_at_ts","updated_at_ts","expires_at_ts"]),m=ye(y({...d,...l,state:n.state||T.LoginSessionState.PENDING,state_data:n.state_data,failure_reason:n.failure_reason}),["auth_strategy"]);return m.authParams=typeof i=="string"&&i.length>0?JSON.parse(i):{},T.loginSessionSchema.parse(m)}}const ie="0123456789ABCDEFGHJKMNPQRSTVWXYZ",ne=ie.length,gn=10,de=16;function wn(e){let t="";for(let a=gn;a>0;a--)t=ie.charAt(e%ne)+t,e=Math.floor(e/ne);return t}function yn(){const e=new Uint8Array(de);crypto.getRandomValues(e);let t="";for(let a=0;a<de;a++)t+=ie.charAt(e[a]%ne);return t}function Se(){return wn(Date.now())+yn()}function vn(e){return async(t,a)=>{var l;const n=oe(),o={id:Se(),...a,authorization_url:(l=a.authorization_url)==null?void 0:l.slice(0,1024),created_at:n,updated_at:n,state:a.state||T.LoginSessionState.PENDING,state_data:a.state_data,failure_reason:a.failure_reason},{authParams:r,...s}=o,i=Date.now(),d=K(s);return delete d.created_at,delete d.updated_at,delete d.expires_at,await e.insertInto("login_sessions").values({...d,tenant_id:t,auth_params:JSON.stringify(r),created_at_ts:i,updated_at_ts:i,expires_at_ts:a.expires_at?new Date(a.expires_at).getTime():i+1e3*60*60*24}).execute(),o}}function Cn(e){return async(t,a,n)=>{const{created_at:o,updated_at:r,expires_at:s,authParams:i,...d}=n;let l={};if(i!==void 0){const u=await e.selectFrom("login_sessions").where("login_sessions.id","=",a).where("login_sessions.tenant_id","=",t).select(["auth_params"]).executeTakeFirst(),_=u==null?void 0:u.auth_params,p=typeof _=="string"&&_.length>0?JSON.parse(_):{};l={auth_params:JSON.stringify({...p,...i})}}const m=K(d);return delete m.created_at_ts,delete m.updated_at_ts,delete m.expires_at_ts,delete m.id,delete m.tenant_id,(await e.updateTable("login_sessions").set({...m,...l,updated_at_ts:Date.now(),...s!==void 0?{expires_at_ts:C(s)}:{}}).where("login_sessions.id","=",a).where("login_sessions.tenant_id","=",t).execute()).length===1}}function xn(e){return async(t,a)=>(await e.deleteFrom("login_sessions").where("login_sessions.tenant_id","=",t).where("login_sessions.id","=",a).execute()).length>0}function Tn(e){return{create:vn(e),get:fn(e),update:Cn(e),remove:xn(e)}}function Nn(e){return async t=>{const[a]=await e.selectFrom("prompt_settings").where("prompt_settings.tenant_id","=",t).selectAll().execute();return y({identifier_first:!!(a!=null&&a.identifier_first),password_first:!!(a!=null&&a.password_first),webauthn_platform_first_factor:!!(a!=null&&a.webauthn_platform_first_factor),universal_login_experience:(a==null?void 0:a.universal_login_experience)||"new"})}}function ue(e){return y({...e,webauthn_platform_first_factor:e.webauthn_platform_first_factor?!!e.webauthn_platform_first_factor:void 0,identifier_first:e.identifier_first?!!e.identifier_first:void 0,password_first:e.password_first?!!e.password_first:void 0,universal_login_experience:e.universal_login_experience})}function bn(e){return async(t,a)=>{try{const n=T.promptSettingSchema.parse(a);await e.insertInto("prompt_settings").values({...ue(n),tenant_id:t}).execute()}catch{await e.updateTable("prompt_settings").set(ue(a)).where("tenant_id","=",t).execute()}}}function Sn(e){return{get:Nn(e),set:bn(e)}}function kn(e){return async t=>{const[a]=await e.selectFrom("email_providers").where("email_providers.tenant_id","=",t).selectAll().execute();if(!a)return null;const{tenant_id:n,credentials:o,settings:r,enabled:s,...i}=a;return y({...i,credentials:JSON.parse(o),settings:JSON.parse(r),enabled:!!s})}}function On(e){return async(t,a)=>{const{credentials:n,settings:o,enabled:r,...s}=a;await e.updateTable("email_providers").set({...s,credentials:n?JSON.stringify(n):void 0,settings:o?JSON.stringify(o):void 0,enabled:r!==void 0?r?1:0:void 0}).where("tenant_id","=",t).execute()}}function $n(e){return async(t,a)=>{const{credentials:n,settings:o,enabled:r,...s}=a;await e.insertInto("email_providers").values({...s,enabled:r?1:0,credentials:JSON.stringify(n),settings:JSON.stringify(o),tenant_id:t,created_at:new Date().toISOString(),updated_at:new Date().toISOString()}).execute()}}function En(e){return async t=>{await e.deleteFrom("email_providers").where("tenant_id","=",t).execute()}}function Pn(e){return{get:kn(e),create:$n(e),update:On(e),remove:En(e)}}function In(e){return async(t,a)=>{const n=await e.selectFrom("refresh_tokens").where("refresh_tokens.tenant_id","=",t).where("refresh_tokens.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:d,revoked_at_ts:l,rotated_at_ts:m,...c}=n,u=D({created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:d,revoked_at_ts:l,rotated_at_ts:m},["created_at_ts"],["expires_at_ts","idle_expires_at_ts","last_exchanged_at_ts","revoked_at_ts","rotated_at_ts"]);return{...c,...u,rotating:!!n.rotating,device:n.device?JSON.parse(n.device):{},resource_servers:n.resource_servers?JSON.parse(n.resource_servers):[]}}}function zn(e){return async(t,a)=>{const n=await e.selectFrom("refresh_tokens").where("refresh_tokens.tenant_id","=",t).where("refresh_tokens.token_lookup","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:d,revoked_at_ts:l,rotated_at_ts:m,...c}=n,u=D({created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:d,revoked_at_ts:l,rotated_at_ts:m},["created_at_ts"],["expires_at_ts","idle_expires_at_ts","last_exchanged_at_ts","revoked_at_ts","rotated_at_ts"]);return{...c,...u,rotating:!!n.rotating,device:n.device?JSON.parse(n.device):{},resource_servers:n.resource_servers?JSON.parse(n.resource_servers):[]}}}function Dn(e){return async(t,a)=>{const n=oe(),o={...a,created_at:n},{expires_at:r,idle_expires_at:s,last_exchanged_at:i,rotated_at:d,device:l,resource_servers:m,rotating:c,...u}=a,_=Date.now(),p=C(r),f=s?C(s):null,g=Math.max(p??0,f??0);return await e.transaction().execute(async v=>{await v.insertInto("refresh_tokens").values({...u,tenant_id:t,rotating:c?1:0,device:JSON.stringify(l),resource_servers:JSON.stringify(m),created_at_ts:_,expires_at_ts:p,idle_expires_at_ts:f,last_exchanged_at_ts:i?C(i):null,rotated_at_ts:d?C(d):null}).execute(),g>0&&a.login_id&&await v.updateTable("login_sessions").set({expires_at_ts:g,updated_at_ts:_}).where("tenant_id","=",t).where("id","=",a.login_id).where("expires_at_ts","<",g).execute()}),{...a,...o}}}function An(e){return async(t,a)=>!!(await e.deleteFrom("refresh_tokens").where("tenant_id","=",t).where("refresh_tokens.id","=",a).execute()).length}function Fn(e){return async(t,a,n)=>{const o=C(n),r=await e.updateTable("refresh_tokens").set({revoked_at_ts:o}).where("tenant_id","=",t).where("login_id","=",a).where("revoked_at_ts","is",null).executeTakeFirst();return Number(r.numUpdatedRows??0)}}function jn(e){return async(t,a,n)=>{const o=C(n),r=await e.updateTable("refresh_tokens").set({revoked_at_ts:o}).where("tenant_id","=",t).where("family_id","=",a).where("revoked_at_ts","is",null).executeTakeFirst();return Number(r.numUpdatedRows??0)}}function Rn(e){return async(t,a,n,o)=>{const{created_at:r,expires_at:s,idle_expires_at:i,last_exchanged_at:d,revoked_at:l,rotated_at:m,device:c,resource_servers:u,rotating:_,...p}=n,f={...p,device:c?JSON.stringify(c):void 0,resource_servers:u?JSON.stringify(u):void 0,rotating:_!==void 0?_?1:0:void 0,expires_at_ts:s!==void 0?C(s):void 0,idle_expires_at_ts:i!==void 0?C(i):void 0,last_exchanged_at_ts:d!==void 0?C(d):void 0,revoked_at_ts:l!==void 0?C(l):void 0,rotated_at_ts:m!==void 0?C(m):void 0},g=o==null?void 0:o.loginSessionBump,v=g?C(g.expires_at):null,x=await e.updateTable("refresh_tokens").set(f).where("tenant_id","=",t).where("refresh_tokens.id","=",a).executeTakeFirst();return g!=null&&g.login_id&&v&&v>0&&await e.updateTable("login_sessions").set({expires_at_ts:v,updated_at_ts:Date.now()}).where("tenant_id","=",t).where("id","=",g.login_id).where("expires_at_ts","<",v).execute().catch(()=>{}),((x==null?void 0:x.numUpdatedRows)??0n)>0n}}function Mn(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let d=e.selectFrom("refresh_tokens").where("refresh_tokens.tenant_id","=",t);i&&(d=N(e,d,i,["token","login_id"]));let l=d;if(s&&s.sort_by){const{ref:p}=e.dynamic;l=l.orderBy(p(s.sort_by),s.sort_order)}l=l.offset(n*o).limit(o);const c=(await l.selectAll().execute()).map(p=>{const{tenant_id:f,created_at_ts:g,expires_at_ts:v,idle_expires_at_ts:x,last_exchanged_at_ts:I,revoked_at_ts:k,rotated_at_ts:A,...b}=p,M=D({created_at_ts:g,expires_at_ts:v,idle_expires_at_ts:x,last_exchanged_at_ts:I,revoked_at_ts:k,rotated_at_ts:A},["created_at_ts"],["expires_at_ts","idle_expires_at_ts","last_exchanged_at_ts","revoked_at_ts","rotated_at_ts"]);return{...b,...M,rotating:!!p.rotating,device:p.device?JSON.parse(p.device):{},resource_servers:p.resource_servers?JSON.parse(p.resource_servers):[]}});if(!r)return{refresh_tokens:c,start:0,limit:0,length:0};const{count:u}=await d.select(p=>p.fn.countAll().as("count")).executeTakeFirstOrThrow(),_=P(u);return{refresh_tokens:c,start:n*o,limit:o,length:_}}}function Jn(e){return{create:Dn(e),get:In(e),getByLookup:zn(e),list:Mn(e),remove:An(e),revokeByLoginSession:Fn(e),revokeFamily:jn(e),update:Rn(e)}}const qn=7*24*60*60*1e3;function Ln(e){return async t=>{var i,d,l;const{tenant_id:a,user_id:n}=t||{},r=Date.now()-qn,s=1e3;try{let m=0;for(;;){let _=e.deleteFrom("refresh_tokens").where(g=>g.or([g("expires_at_ts","<",r),g("idle_expires_at_ts","<",r)]));a&&(_=_.where("tenant_id","=",a)),n&&(_=_.where("user_id","=",n));const p=await _.limit(s).execute(),f=Number(((i=p[0])==null?void 0:i.numDeletedRows)??0);if(m+=f,f<s)break}let c=0;for(;;){let _=e.deleteFrom("sessions").where(g=>g.or([g("expires_at_ts","<",r),g("idle_expires_at_ts","<",r)]));a&&(_=_.where("tenant_id","=",a)),n&&(_=_.where("user_id","=",n));const p=await _.limit(s).execute(),f=Number(((d=p[0])==null?void 0:d.numDeletedRows)??0);if(c+=f,f<s)break}let u=0;for(;;){let _=e.deleteFrom("login_sessions").where("expires_at_ts","<",r);a&&(_=_.where("tenant_id","=",a)),n&&(_=_.where("user_id","=",n));const p=await _.limit(s).execute(),f=Number(((l=p[0])==null?void 0:l.numDeletedRows)??0);if(u+=f,f<s)break}(m>0||c>0||u>0)&&console.log(`Session cleanup: deleted ${m} refresh_tokens, ${c} sessions, ${u} login_sessions`)}catch(m){console.error("Error during session cleanup:",m)}}}function Kn(e){return async(t,a)=>{const n=T.formSchema.parse({id:S.nanoid(),...a,created_at:new Date().toISOString(),updated_at:new Date().toISOString()});return await e.insertInto("forms").values({...n,nodes:JSON.stringify(n.nodes||[]),start:JSON.stringify(n.start||{}),ending:JSON.stringify(n.ending||{}),tenant_id:t}).execute(),T.formSchema.parse(n)}}function Bn(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("forms").where("tenant_id","=",t);s&&(i=N(e,i,s,[]));const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const _={...u};if(typeof _.nodes=="string")try{_.nodes=JSON.parse(_.nodes)}catch{}if(typeof _.start=="string")try{_.start=JSON.parse(_.start)}catch{}if(typeof _.ending=="string")try{_.ending=JSON.parse(_.ending)}catch{}return T.formSchema.parse(y(_))});if(!r)return{forms:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{forms:m,start:n*o,limit:o,length:P(c)}}}function Un(e){return async(t,a)=>{const{numDeletedRows:n}=await e.deleteFrom("forms").where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return n>0}}function Qn(e){return async(t,a)=>{const n=await e.selectFrom("forms").selectAll().where("forms.id","=",a).where("tenant_id","=",t).executeTakeFirst();if(!n)return null;const o={...n};if(typeof o.nodes=="string")try{o.nodes=JSON.parse(o.nodes)}catch{}if(typeof o.start=="string")try{o.start=JSON.parse(o.start)}catch{}if(typeof o.ending=="string")try{o.ending=JSON.parse(o.ending)}catch{}return T.formSchema.parse(y(o))}}function Wn(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};U(n,["nodes","start","ending"],o);const{numUpdatedRows:r}=await e.updateTable("forms").set(o).where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return r>0}}function Yn(e){return{create:Kn(e),get:Qn(e),list:Bn(e),remove:Un(e),update:Wn(e)}}function Hn(e){return async(t,a)=>{const n=new Date().toISOString(),o={id:Ge(),...a,created_at:n,updated_at:n},r=T.resourceServerSchema.parse(o),{verificationKey:s,scopes:i,options:d,skip_consent_for_verifiable_first_party_clients:l,allow_offline_access:m,is_system:c,metadata:u,..._}=r,p={..._,tenant_id:t,scopes:i?JSON.stringify(i):"[]",options:d?JSON.stringify(d):"{}",skip_consent_for_verifiable_first_party_clients:l?1:0,allow_offline_access:m?1:0,is_system:c?1:0,metadata:u?JSON.stringify(u):void 0,verification_key:s,created_at:n,updated_at:n};return await e.insertInto("resource_servers").values(p).execute(),y(r)}}function Gn(e){return async(t,a)=>{const n=await e.selectFrom("resource_servers").selectAll().where("tenant_id","=",t).where("id","=",a).executeTakeFirst();if(!n)return null;const o=n,{verification_key:r,scopes:s,options:i,skip_consent_for_verifiable_first_party_clients:d,allow_offline_access:l,is_system:m,metadata:c,...u}=o,_=y({...u,scopes:s?JSON.parse(s):[],options:i?JSON.parse(i):{},skip_consent_for_verifiable_first_party_clients:!!d,allow_offline_access:!!l,is_system:m?!0:void 0,metadata:c?JSON.parse(c):void 0,verificationKey:r});return _.token_lifetime??(_.token_lifetime=86400),_.token_lifetime_for_web??(_.token_lifetime_for_web=7200),_}}function Xn(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("resource_servers").where("resource_servers.tenant_id","=",t);if(s){const u=s.trim(),_=u.split(/\s+/),p=_.length===1?_[0]:void 0,f=p?p.match(/^(-)?(name|identifier):(.*)$/):null,g=f?f[3]:"",v=/^(>=|>|<=|<)/.test(g||"");if(f&&!v){const x=!!f[1],I=f[2]==="name"?"resource_servers.name":"resource_servers.identifier";i=x?i.where(I,"not like",`%${g}%`):i.where(I,"like",`%${g}%`)}else i=N(e,i,u,["resource_servers.name","resource_servers.identifier"])}const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const _=u,{verification_key:p,scopes:f,options:g,skip_consent_for_verifiable_first_party_clients:v,allow_offline_access:x,is_system:I,metadata:k,...A}=_,b=y({...A,scopes:f?JSON.parse(f):[],options:g?JSON.parse(g):{},skip_consent_for_verifiable_first_party_clients:!!v,allow_offline_access:!!x,is_system:I?!0:void 0,metadata:k?JSON.parse(k):void 0,verificationKey:p});return b.token_lifetime??(b.token_lifetime=86400),b.token_lifetime_for_web??(b.token_lifetime_for_web=7200),b});if(!r)return{resource_servers:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{resource_servers:m,start:n*o,limit:o,length:P(c)}}}function Vn(e){return async(t,a)=>{const n=await e.deleteFrom("resource_servers").where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return Number(n.numDeletedRows)>0}}function Zn(e){return async(t,a,n)=>{const{verificationKey:o,scopes:r,options:s,skip_consent_for_verifiable_first_party_clients:i,allow_offline_access:d,is_system:l,metadata:m,...c}=n,u={...c,updated_at:new Date().toISOString()};if(o!==void 0&&(u.verification_key=o),r!==void 0&&(u.scopes=JSON.stringify(r)),s!==void 0){const p=await e.selectFrom("resource_servers").select("options").where("tenant_id","=",t).where("id","=",a).executeTakeFirst(),g={...p!=null&&p.options?JSON.parse(p.options):{},...s};u.options=JSON.stringify(g)}m!==void 0&&(u.metadata=JSON.stringify(m)),i!==void 0&&(u.skip_consent_for_verifiable_first_party_clients=i?1:0),d!==void 0&&(u.allow_offline_access=d?1:0),l!==void 0&&(u.is_system=l?1:0);const _=await e.updateTable("resource_servers").set(u).where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return Number(_.numUpdatedRows)>0}}function eo(e){return{create:Hn(e),get:Gn(e),list:Xn(e),remove:Vn(e),update:Zn(e)}}function to(e){return async(t,a)=>{const n=new Date().toISOString(),o=a.id||S.nanoid(),{is_system:r,id:s,metadata:i,...d}=a,l={id:o,...d,tenant_id:t,is_system:r?1:0,metadata:i?JSON.stringify(i):void 0,created_at:n,updated_at:n};return await e.insertInto("roles").values(l).execute(),{id:o,...d,is_system:r?!0:void 0,metadata:i,created_at:n,updated_at:n}}}function ao(e){return async(t,a)=>{const n=await e.selectFrom("roles").selectAll().where("roles.tenant_id","=",t).where("roles.id","=",a).executeTakeFirst();if(!n)return null;const o=n,{is_system:r,tenant_id:s,metadata:i,...d}=o;return{...d,is_system:r?!0:void 0,metadata:i?JSON.parse(i):void 0}}}function no(e){return async(t,a)=>{let n=e.selectFrom("roles").where("roles.tenant_id","=",t);const{page:o=0,per_page:r=50,include_totals:s=!1}=a;a.q&&(n=N(e,n,a.q,["name"]));const l=(await n.offset(o*r).limit(r).selectAll().execute()).map(c=>{const u=c,{is_system:_,tenant_id:p,metadata:f,...g}=u;return{...g,is_system:_?!0:void 0,metadata:f?JSON.parse(f):void 0}});if(!s)return{roles:l,start:o*r,limit:r,length:l.length};const{count:m}=await n.select(c=>c.fn.countAll().as("count")).executeTakeFirstOrThrow();return{roles:l,start:o*r,limit:r,length:P(m)}}}function oo(e){return async(t,a,n)=>{const{is_system:o,metadata:r,...s}=n,i={...s,is_system:o!==void 0?o?1:0:void 0,metadata:r!==void 0?JSON.stringify(r):void 0,updated_at:new Date().toISOString()},d=await e.updateTable("roles").set(i).where("roles.tenant_id","=",t).where("roles.id","=",a).executeTakeFirst();return Number(d.numUpdatedRows)>0}}function ro(e){return async(t,a)=>{const n=await e.deleteFrom("roles").where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return Number(n.numDeletedRows)>0}}function so(e){return{create:to(e),get:ao(e),list:no(e),update:oo(e),remove:ro(e)}}function io(e){return async(t,a,n)=>{if(n.length===0)return!0;const o=new Date().toISOString();try{for(const r of n){if(r.role_id!==a)throw new Error(`Permission role_id ${r.role_id} does not match expected role_id ${a}`);const s={tenant_id:t,role_id:r.role_id,resource_server_identifier:r.resource_server_identifier,permission_name:r.permission_name,created_at:o};try{await e.insertInto("role_permissions").values(s).execute()}catch(i){if(i.code==="SQLITE_CONSTRAINT_PRIMARYKEY"||i.code==="SQLITE_CONSTRAINT_UNIQUE"||i.code==="ER_DUP_ENTRY")continue;throw i}}return!0}catch(r){return console.error("Error assigning role permissions:",r),!1}}}function co(e){return async(t,a,n)=>{if(n.length===0)return!0;try{return(await Promise.all(n.map(r=>e.deleteFrom("role_permissions").where("tenant_id","=",t).where("role_id","=",a).where("resource_server_identifier","=",r.resource_server_identifier).where("permission_name","=",r.permission_name).executeTakeFirst()))).some(r=>Number(r.numDeletedRows)>0)}catch(o){return console.error("Error removing role permissions:",o),!1}}}function lo(e){return async(t,a,n={})=>{const{page:o=0,per_page:r=50,include_totals:s=!1}=n;let i=e.selectFrom("role_permissions").leftJoin("resource_servers",c=>c.onRef("role_permissions.tenant_id","=","resource_servers.tenant_id").onRef("role_permissions.resource_server_identifier","=","resource_servers.id")).select(["role_permissions.role_id","role_permissions.resource_server_identifier","role_permissions.permission_name","role_permissions.created_at","resource_servers.name as resource_server_name"]).where("role_permissions.tenant_id","=",t).where("role_permissions.role_id","=",a);const m=(await i.offset(o*r).limit(r).execute()).map(c=>({role_id:c.role_id,resource_server_identifier:c.resource_server_identifier,resource_server_name:c.resource_server_name||c.resource_server_identifier,permission_name:c.permission_name,description:null,created_at:c.created_at}));return s&&await i.select(c=>c.fn.countAll().as("count")).executeTakeFirstOrThrow(),m}}function uo(e){return{assign:io(e),remove:co(e),list:lo(e)}}function _o(e){return async(t,a,n,o)=>{const r=new Date().toISOString();try{const s={tenant_id:t,user_id:a,resource_server_identifier:n.resource_server_identifier,permission_name:n.permission_name,organization_id:o||n.organization_id||"",created_at:r};return await e.insertInto("user_permissions").values(s).execute(),!0}catch(s){return s.code==="SQLITE_CONSTRAINT_PRIMARYKEY"||s.code==="SQLITE_CONSTRAINT_UNIQUE"||s.code==="SQLITE_CONSTRAINT"||s.code==="ER_DUP_ENTRY"||s.message&&s.message.includes("UNIQUE constraint failed")||s.message&&s.message.includes("PRIMARY KEY constraint failed")?!0:(console.error("Error creating user permission:",s),!1)}}}function mo(e){return async(t,a,n,o)=>{try{let r=e.deleteFrom("user_permissions").where("tenant_id","=",t).where("user_id","=",a).where("resource_server_identifier","=",n.resource_server_identifier).where("permission_name","=",n.permission_name);return o!==void 0?r=r.where("organization_id","=",o):r=r.where("organization_id","=",""),await r.execute(),!0}catch(r){return console.error("Error removing user permission:",r),!1}}}function ho(e){return async(t,a,n,o)=>{let r=e.selectFrom("user_permissions").leftJoin("resource_servers",i=>i.onRef("user_permissions.tenant_id","=","resource_servers.tenant_id").onRef("user_permissions.resource_server_identifier","=","resource_servers.id")).select(["user_permissions.resource_server_identifier","user_permissions.permission_name","resource_servers.name as resource_server_name","user_permissions.user_id","user_permissions.created_at","user_permissions.organization_id"]).where("user_permissions.tenant_id","=",t).where("user_permissions.user_id","=",a);return o!==void 0&&(r=r.where("user_permissions.organization_id","=",o)),(await r.execute()).map(i=>({resource_server_identifier:i.resource_server_identifier,permission_name:i.permission_name,description:null,resource_server_name:i.resource_server_name||i.resource_server_identifier,user_id:i.user_id,created_at:i.created_at,organization_id:i.organization_id===""?void 0:i.organization_id}))}}function po(e){return{create:_o(e),remove:mo(e),list:ho(e)}}function fo(e){const t=po(e);return{create:(a,n,o,r)=>t.create(a,n,o,r),remove:(a,n,o,r)=>t.remove(a,n,o,r),list:(a,n,o,r)=>t.list(a,n,o,r)}}function go(e){return async(t,a,n,o)=>{let r=e.selectFrom("user_roles as ur").innerJoin("roles as r",i=>i.onRef("ur.role_id","=","r.id").onRef("ur.tenant_id","=","r.tenant_id")).select(["r.id","r.name","r.description","r.created_at","r.updated_at"]).where("ur.tenant_id","=",t).where("ur.user_id","=",a);return o!==void 0&&(r=r.where("ur.organization_id","=",o)),await r.execute()}}function wo(e){return async(t,a,n,o)=>{const r=new Date().toISOString();try{return await e.insertInto("user_roles").values({tenant_id:t,user_id:a,role_id:n,organization_id:o||"",created_at:r}).execute(),!0}catch(s){return s.code==="SQLITE_CONSTRAINT_PRIMARYKEY"||s.code==="SQLITE_CONSTRAINT_UNIQUE"||s.code==="SQLITE_CONSTRAINT"||s.code==="ER_DUP_ENTRY"||s.message&&s.message.includes("UNIQUE constraint failed")||s.message&&s.message.includes("PRIMARY KEY constraint failed")?!0:(console.error("Error creating user role:",s),!1)}}}function yo(e){return async(t,a,n,o)=>{try{let r=e.deleteFrom("user_roles").where("tenant_id","=",t).where("user_id","=",a).where("role_id","=",n);return o!==void 0?r=r.where("organization_id","=",o):r=r.where("organization_id","=",""),await r.execute(),!0}catch(r){return console.error("Error removing user roles:",r),!1}}}function vo(e){return{list:go(e),create:wo(e),remove:yo(e)}}function Co(e){const t=vo(e);return{list:(a,n,o,r)=>t.list(a,n,o,r),create:(a,n,o,r)=>t.create(a,n,o,r),remove:(a,n,o,r)=>t.remove(a,n,o,r)}}function xo(e){return async(t,a)=>{const n={...a,id:a.id||Qe(),tenant_id:t,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),branding:JSON.stringify(a.branding||{}),metadata:JSON.stringify(a.metadata||{}),enabled_connections:JSON.stringify(a.enabled_connections||[]),token_quota:JSON.stringify(a.token_quota||{})};try{await e.insertInto("organizations").values(n).execute()}catch(o){throw o.code==="SQLITE_CONSTRAINT_UNIQUE"||o.code==="ER_DUP_ENTRY"||o.message.includes("AlreadyExists")?new L(409,{message:"Organization already exists"}):o}return{...a,id:n.id,created_at:n.created_at,updated_at:n.updated_at}}}function To(e){return async(t,a)=>{let n=await e.selectFrom("organizations").selectAll().where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return n||(n=await e.selectFrom("organizations").selectAll().where("tenant_id","=",t).where("name","=",a).executeTakeFirst()),n?y({...n,branding:n.branding?JSON.parse(n.branding):{},metadata:n.metadata?JSON.parse(n.metadata):{},enabled_connections:n.enabled_connections?JSON.parse(n.enabled_connections):[],token_quota:n.token_quota?JSON.parse(n.token_quota):{}}):null}}const W=["name","display_name"];function No(e){return async(t,a)=>{let n=e.selectFrom("organizations").where("tenant_id","=",t);if(a!=null&&a.q){const c=ae(a.q,W);c&&(n=N(e,n,c,W))}if(a!=null&&a.sort){const c=a.sort.sort_order==="asc"?"asc":"desc",u=a.sort.sort_by;["name","display_name","created_at"].includes(u)?n=n.orderBy(u,c):n=n.orderBy("created_at","desc")}else n=n.orderBy("created_at","desc");const o=(a==null?void 0:a.take)??(a==null?void 0:a.per_page),r=typeof o=="number"&&Number.isFinite(o)?Math.floor(o):NaN,s=r>=1?r:10;let i=0;if((a==null?void 0:a.from)!==void 0){const c=parseInt(a.from,10);Number.isNaN(c)||(i=Math.max(0,c))}else typeof(a==null?void 0:a.page)=="number"&&Number.isFinite(a.page)&&(i=Math.max(0,Math.floor(a.page)*s));i>0&&(n=n.offset(i)),n=n.limit(s);const d=await n.selectAll().execute();let l=d.length;if(a!=null&&a.include_totals){let c=e.selectFrom("organizations").where("tenant_id","=",t);if(a!=null&&a.q){const _=ae(a.q,W);_&&(c=N(e,c,_,W))}const u=await c.select(h.sql`count(*)`.as("count")).executeTakeFirst();l=Number((u==null?void 0:u.count)||0)}const m=d.map(c=>y({...c,branding:c.branding?JSON.parse(c.branding):{},metadata:c.metadata?JSON.parse(c.metadata):{},enabled_connections:c.enabled_connections?JSON.parse(c.enabled_connections):[],token_quota:c.token_quota?JSON.parse(c.token_quota):{}}));return{organizations:m,start:i,limit:s,length:m.length,total:l}}}function bo(e){return async(t,a)=>(await e.deleteFrom("organizations").where("tenant_id","=",t).where("id","=",a).execute()).length>0}function So(e){return async(t,a,n)=>{const{branding:o,metadata:r,enabled_connections:s,token_quota:i,...d}=n,l={...d,updated_at:new Date().toISOString()};return U(n,["branding","metadata","enabled_connections","token_quota"],l),(await e.updateTable("organizations").set(l).where("tenant_id","=",t).where("id","=",a).execute()).length>0}}function ko(e){return{create:xo(e),get:To(e),list:No(e),remove:bo(e),update:So(e)}}function Y(e,t){return{connection_id:e.connection_id,assign_membership_on_login:!!e.assign_membership_on_login,show_as_button:!!e.show_as_button,is_signup_enabled:!!e.is_signup_enabled,connection:t?{name:t.name,strategy:t.strategy}:void 0,created_at:e.created_at,updated_at:e.updated_at}}async function H(e,t,a){const n=await e.selectFrom("connections").select(["name","strategy"]).where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return n?{name:n.name,strategy:n.strategy??void 0}:void 0}function Oo(e){return{async create(t,a,n){const o=new Date().toISOString(),r={tenant_id:t,organization_id:a,connection_id:n.connection_id,assign_membership_on_login:n.assign_membership_on_login?1:0,show_as_button:n.show_as_button===!1?0:1,is_signup_enabled:n.is_signup_enabled===!1?0:1,created_at:o,updated_at:o};await e.insertInto("organization_connections").values(r).execute();const s=await H(e,t,n.connection_id);return Y(r,s)},async list(t,a){const n=await e.selectFrom("organization_connections").selectAll().where("tenant_id","=",t).where("organization_id","=",a).execute(),o=[];for(const r of n){const s=await H(e,t,r.connection_id);o.push(Y(r,s))}return o},async get(t,a,n){const o=await e.selectFrom("organization_connections").selectAll().where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();if(!o)return null;const r=await H(e,t,n);return Y(o,r)},async update(t,a,n,o){const r={updated_at:new Date().toISOString()};o.assign_membership_on_login!==void 0&&(r.assign_membership_on_login=o.assign_membership_on_login?1:0),o.show_as_button!==void 0&&(r.show_as_button=o.show_as_button?1:0),o.is_signup_enabled!==void 0&&(r.is_signup_enabled=o.is_signup_enabled?1:0);const s=await e.updateTable("organization_connections").set(r).where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();if(Number(s.numUpdatedRows??0)===0)return null;const i=await e.selectFrom("organization_connections").selectAll().where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();if(!i)return null;const d=await H(e,t,n);return Y(i,d)},async remove(t,a,n){const o=await e.deleteFrom("organization_connections").where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();return Number(o.numDeletedRows??0)>0}}}function $o(e){return async(t,a)=>{const n={id:S.nanoid(),tenant_id:t,user_id:a.user_id,organization_id:a.organization_id,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};try{await e.insertInto("user_organizations").values(n).execute()}catch(o){throw o.code==="SQLITE_CONSTRAINT_UNIQUE"||o.code==="ER_DUP_ENTRY"?new L(409,{message:"User is already a member of this organization"}):o}return{...n}}}function Eo(e){return async(t,a)=>{const n=await e.selectFrom("user_organizations").selectAll().where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return n?{id:n.id,user_id:n.user_id,organization_id:n.organization_id,created_at:n.created_at,updated_at:n.updated_at}:null}}function Po(e){return async(t,a)=>{const n=(a==null?void 0:a.page)||0,o=(a==null?void 0:a.per_page)||50,r=n*o;let s=e.selectFrom("user_organizations").selectAll().where("tenant_id","=",t);if(a!=null&&a.q){if(a.q.startsWith("user_id:")){const c=a.q.replace("user_id:","");s=s.where("user_id","=",c)}else if(a.q.startsWith("organization_id:")){const c=a.q.replace("organization_id:","");s=s.where("organization_id","=",c)}}s=s.orderBy("created_at","desc"),o>0&&(s=s.limit(o).offset(r));const i=await s.execute();let d=e.selectFrom("user_organizations").select(e.fn.count("id").as("count")).where("tenant_id","=",t);if(a!=null&&a.q){if(a.q.startsWith("user_id:")){const c=a.q.replace("user_id:","");d=d.where("user_id","=",c)}else if(a.q.startsWith("organization_id:")){const c=a.q.replace("organization_id:","");d=d.where("organization_id","=",c)}}const l=await d.executeTakeFirst();return{userOrganizations:i.map(c=>({id:c.id,user_id:c.user_id,organization_id:c.organization_id,created_at:c.created_at,updated_at:c.updated_at})),start:r,limit:o,length:Number((l==null?void 0:l.count)||0)}}}function Io(e){return async(t,a,n)=>{const o=(n==null?void 0:n.page)||0,r=(n==null?void 0:n.per_page)||50,s=o*r;let i=e.selectFrom("user_organizations").innerJoin("organizations",c=>c.onRef("organizations.id","=","user_organizations.organization_id").on("organizations.tenant_id","=",t)).select(["organizations.id","organizations.name","organizations.display_name","organizations.branding","organizations.metadata","organizations.enabled_connections","organizations.token_quota","organizations.created_at","organizations.updated_at","user_organizations.created_at as joined_at"]).where("user_organizations.tenant_id","=",t).where("user_organizations.user_id","=",a);i=i.orderBy("user_organizations.created_at","desc"),r>0&&(i=i.limit(r).offset(s));const d=await i.execute(),l=await e.selectFrom("user_organizations").innerJoin("organizations",c=>c.onRef("organizations.id","=","user_organizations.organization_id").on("organizations.tenant_id","=",t)).select(e.fn.count("user_organizations.id").as("count")).where("user_organizations.tenant_id","=",t).where("user_organizations.user_id","=",a).executeTakeFirst();return{organizations:d.map(c=>({id:c.id,name:c.name,display_name:c.display_name,branding:c.branding?JSON.parse(c.branding):void 0,metadata:c.metadata?JSON.parse(c.metadata):{},enabled_connections:c.enabled_connections?JSON.parse(c.enabled_connections):[],token_quota:c.token_quota?JSON.parse(c.token_quota):void 0,created_at:c.created_at,updated_at:c.updated_at,joined_at:c.joined_at})),start:s,limit:r,length:Number((l==null?void 0:l.count)||0)}}}function zo(e){return async(t,a)=>(await e.deleteFrom("user_organizations").where("id","=",a).where("tenant_id","=",t).execute()).length>0}function Do(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};return(await e.updateTable("user_organizations").set(o).where("id","=",a).where("tenant_id","=",t).execute()).length>0}}function Ao(e){return{create:$o(e),get:Eo(e),list:Po(e),listUserOrganizations:Io(e),remove:zo(e),update:Do(e)}}function Fo(e){return async(t,a)=>{const n=Ve(),o=new Date().toISOString(),r=a.ttl_sec||604800,s=new Date(Date.now()+r*1e3).toISOString(),i=U({id:n,tenant_id:t,organization_id:a.organization_id,inviter:a.inviter||{},invitee:a.invitee||{},client_id:a.client_id,connection_id:a.connection_id||null,invitation_url:a.invitation_url,created_at:o,expires_at:s,app_metadata:a.app_metadata||{},user_metadata:a.user_metadata||{},roles:a.roles||[],ticket_id:null,ttl_sec:r,send_invitation_email:a.send_invitation_email??!0?1:0},["inviter","invitee","app_metadata","user_metadata","roles"]);try{await e.insertInto("invites").values(i).execute()}catch(d){throw d.code==="SQLITE_CONSTRAINT_UNIQUE"||d.code==="ER_DUP_ENTRY"||d.message.includes("AlreadyExists")?new L(409,{message:"Invite already exists"}):d}return{id:n,organization_id:i.organization_id,inviter:a.inviter,invitee:a.invitee,client_id:a.client_id,connection_id:a.connection_id,invitation_url:a.invitation_url,created_at:o,expires_at:s,app_metadata:a.app_metadata||{},user_metadata:a.user_metadata||{},roles:a.roles||[],ticket_id:i.ticket_id||void 0,ttl_sec:r,send_invitation_email:a.send_invitation_email??!0}}}function jo(e){return async(t,a)=>{const n=await e.selectFrom("invites").selectAll().where("tenant_id","=",t).where("id","=",a).executeTakeFirst();if(!n)return null;const o=Ce(n,{inviter:{},invitee:{},app_metadata:{},user_metadata:{},roles:[]});return y({...o,send_invitation_email:n.send_invitation_email===1})}}function Ro(e){return async(t,a)=>{let n=e.selectFrom("invites").selectAll().where("tenant_id","=",t).orderBy("created_at","desc");if(a!=null&&a.per_page&&(n=n.limit(a.per_page)),a!=null&&a.page){const s=(a.page-1)*(a.per_page||10);n=n.offset(s)}const r=(await n.execute()).map(s=>{const i=Ce(s,{inviter:{},invitee:{},app_metadata:{},user_metadata:{},roles:[]});return y({...i,send_invitation_email:s.send_invitation_email===1})});return{invites:r,start:a!=null&&a.page?(a.page-1)*(a.per_page||10):0,limit:(a==null?void 0:a.per_page)||r.length,length:r.length}}}function Mo(e){return async(t,a)=>(await e.deleteFrom("invites").where("tenant_id","=",t).where("id","=",a).executeTakeFirst()).numDeletedRows>0n}function Jo(e){return async(t,a,n)=>{const o={};return n.inviter!==void 0&&(o.inviter=JSON.stringify(n.inviter)),n.invitee!==void 0&&(o.invitee=JSON.stringify(n.invitee)),n.client_id!==void 0&&(o.client_id=n.client_id),n.connection_id!==void 0&&(o.connection_id=n.connection_id),n.app_metadata!==void 0&&(o.app_metadata=JSON.stringify(n.app_metadata)),n.user_metadata!==void 0&&(o.user_metadata=JSON.stringify(n.user_metadata)),n.roles!==void 0&&(o.roles=JSON.stringify(n.roles)),n.ttl_sec!==void 0&&(o.ttl_sec=n.ttl_sec,o.expires_at=new Date(Date.now()+n.ttl_sec*1e3).toISOString()),n.send_invitation_email!==void 0&&(o.send_invitation_email=n.send_invitation_email?1:0),Object.keys(o).length===0?!0:(await e.updateTable("invites").set(o).where("tenant_id","=",t).where("id","=",a).executeTakeFirst()).numUpdatedRows>0n}}function qo(e){return{create:Fo(e),get:jo(e),list:Ro(e),remove:Mo(e),update:Jo(e)}}const _e=["s","seacft","seccft","sepft","sertft","ssa"],Lo=["pwd_leak","signup_pwd_leak","reset_pwd_leak"];function me(e){return`${e.slice(0,4)}-${e.slice(4,6)}-${e.slice(6,8)}`}function he(e){return e.toISOString().split("T")[0]}function Ko(e){return{async getDaily(t,a={}){const{from:n,to:o}=a,r=new Date,s=new Date(r);s.setDate(s.getDate()-30);const i=n?me(n):he(s),d=o?me(o):he(r),l=h.sql`DATE(logs.date)`;return(await e.selectFrom("logs").where("tenant_id","=",t).where(l,">=",i).where(l,"<=",d).select(c=>[l.as("date"),c.fn.sum(c.case().when("type","in",_e).then(1).else(0).end()).as("logins"),c.fn.sum(c.case().when("type","=","ss").then(1).else(0).end()).as("signups"),c.fn.sum(c.case().when("type","in",Lo).then(1).else(0).end()).as("leaked_passwords"),c.fn.min("date").as("first_event"),c.fn.max("date").as("last_event")]).groupBy(l).orderBy("date","asc").execute()).map(c=>({date:c.date,logins:Number(c.logins)||0,signups:Number(c.signups)||0,leaked_passwords:Number(c.leaked_passwords)||0,created_at:c.first_event||new Date().toISOString(),updated_at:c.last_event||new Date().toISOString()}))},async getActiveUsers(t){const a=new Date;return a.setDate(a.getDate()-30),(await e.selectFrom("logs").where("tenant_id","=",t).where("date",">=",a.toISOString()).where("type","in",_e).where("user_id","is not",null).select(o=>o.fn.count("user_id").distinct().as("count")).executeTakeFirstOrThrow()).count||0}}}function Bo(e){return{async get(t,a,n){const o=await e.selectFrom("custom_text").selectAll().where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).executeTakeFirst();if(!o)return null;try{return JSON.parse(o.custom_text)}catch{return null}},async set(t,a,n,o){const r=Date.now(),s=JSON.stringify(o);await e.selectFrom("custom_text").select("tenant_id").where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).executeTakeFirst()?await e.updateTable("custom_text").set({custom_text:s,updated_at_ts:r}).where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).execute():await e.insertInto("custom_text").values({tenant_id:t,prompt:a,language:n,custom_text:s,created_at_ts:r,updated_at_ts:r}).execute()},async delete(t,a,n){await e.deleteFrom("custom_text").where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).execute()},async list(t){return(await e.selectFrom("custom_text").select(["prompt","language"]).where("tenant_id","=",t).execute()).map(n=>({prompt:n.prompt,language:n.language}))}}}function Uo(e){return async(t,a)=>{const n=Date.now(),o=Se();return await e.insertInto("authentication_methods").values({id:o,tenant_id:t,user_id:a.user_id,type:a.type,phone_number:a.phone_number,totp_secret:a.totp_secret,credential_id:a.credential_id,public_key:a.public_key,sign_count:a.sign_count,credential_backed_up:a.credential_backed_up==null?void 0:a.credential_backed_up?1:0,transports:a.transports?JSON.stringify(a.transports):void 0,friendly_name:a.friendly_name,confirmed:a.confirmed?1:0,created_at_ts:n,updated_at_ts:n}).execute(),{id:o,user_id:a.user_id,type:a.type,phone_number:a.phone_number,totp_secret:a.totp_secret,credential_id:a.credential_id,public_key:a.public_key,sign_count:a.sign_count,credential_backed_up:a.credential_backed_up,transports:a.transports,friendly_name:a.friendly_name,confirmed:a.confirmed??!1,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function ke(e){return async(t,a)=>{const n=await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.id","=",a).selectAll().executeTakeFirst();return n?{id:n.id,user_id:n.user_id,type:n.type,phone_number:n.phone_number??void 0,totp_secret:n.totp_secret??void 0,credential_id:n.credential_id??void 0,public_key:n.public_key??void 0,sign_count:n.sign_count??void 0,credential_backed_up:n.credential_backed_up!=null?n.credential_backed_up===1:void 0,transports:n.transports?JSON.parse(n.transports):void 0,friendly_name:n.friendly_name??void 0,confirmed:n.confirmed===1,created_at:F(n.created_at_ts),updated_at:F(n.updated_at_ts)}:null}}function Qo(e){return async(t,a)=>{const n=await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.credential_id","=",a).selectAll().executeTakeFirst();return n?{id:n.id,user_id:n.user_id,type:n.type,phone_number:n.phone_number??void 0,totp_secret:n.totp_secret??void 0,credential_id:n.credential_id??void 0,public_key:n.public_key??void 0,sign_count:n.sign_count??void 0,credential_backed_up:n.credential_backed_up!=null?n.credential_backed_up===1:void 0,transports:n.transports?JSON.parse(n.transports):void 0,friendly_name:n.friendly_name??void 0,confirmed:n.confirmed===1,created_at:F(n.created_at_ts),updated_at:F(n.updated_at_ts)}:null}}function Wo(e){return async(t,a)=>(await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.user_id","=",a).selectAll().execute()).map(o=>({id:o.id,user_id:o.user_id,type:o.type,phone_number:o.phone_number??void 0,totp_secret:o.totp_secret??void 0,credential_id:o.credential_id??void 0,public_key:o.public_key??void 0,sign_count:o.sign_count??void 0,credential_backed_up:o.credential_backed_up!=null?o.credential_backed_up===1:void 0,transports:o.transports?JSON.parse(o.transports):void 0,friendly_name:o.friendly_name??void 0,confirmed:o.confirmed===1,created_at:F(o.created_at_ts),updated_at:F(o.updated_at_ts)}))}function Yo(e){return async(t,a,n)=>{const r={updated_at_ts:Date.now()};n.phone_number!==void 0&&(r.phone_number=n.phone_number),n.totp_secret!==void 0&&(r.totp_secret=n.totp_secret),n.credential_id!==void 0&&(r.credential_id=n.credential_id),n.public_key!==void 0&&(r.public_key=n.public_key),n.sign_count!==void 0&&(r.sign_count=n.sign_count),n.credential_backed_up!==void 0&&(r.credential_backed_up=n.credential_backed_up?1:0),n.transports!==void 0&&(r.transports=JSON.stringify(n.transports)),n.friendly_name!==void 0&&(r.friendly_name=n.friendly_name),n.confirmed!==void 0&&(r.confirmed=n.confirmed?1:0),await e.updateTable("authentication_methods").set(r).where("authentication_methods.tenant_id","=",t).where("authentication_methods.id","=",a).execute();const s=await ke(e)(t,a);if(!s)throw new Error(`Authentication method ${a} not found`);return s}}function Ho(e){return async(t,a)=>(await e.deleteFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.id","=",a).executeTakeFirst()).numDeletedRows>0}function Go(e){return{create:Uo(e),get:ke(e),getByCredentialId:Qo(e),list:Wo(e),update:Yo(e),remove:Ho(e)}}function Xo(e){return async(t,a)=>{const n=S.nanoid();return await e.insertInto("outbox_events").values({id:n,tenant_id:t,event_type:a.event_type,log_type:a.log_type,aggregate_type:a.target.type,aggregate_id:a.target.id,payload:JSON.stringify({...a,id:n}),created_at:new Date().toISOString(),processed_at:null,retry_count:0,next_retry_at:null,error:null}).execute(),n}}function Vo(e){return async t=>t.length===0?[]:(await e.selectFrom("outbox_events").selectAll().where("id","in",t).execute()).map(n=>({...JSON.parse(n.payload),id:n.id,created_at:n.created_at,processed_at:n.processed_at,retry_count:n.retry_count,next_retry_at:n.next_retry_at,error:n.error}))}function Zo(e){return async t=>{const a=new Date().toISOString();return(await e.selectFrom("outbox_events").selectAll().where("processed_at","is",null).where(o=>o.or([o("next_retry_at","is",null),o("next_retry_at","<=",a)])).where(o=>o.or([o("claimed_by","is",null),o("claim_expires_at","<=",a)])).orderBy("created_at","asc").orderBy("id","asc").limit(t).execute()).map(o=>({...JSON.parse(o.payload),id:o.id,created_at:o.created_at,processed_at:o.processed_at,retry_count:o.retry_count,next_retry_at:o.next_retry_at,error:o.error}))}}function er(e){return async(t,a,n)=>{if(t.length===0)return[];const o=new Date().toISOString(),r=new Date(Date.now()+n).toISOString();return await e.updateTable("outbox_events").set({claimed_by:a,claim_expires_at:r}).where("id","in",t).where("processed_at","is",null).where(i=>i.or([i("claimed_by","is",null),i("claim_expires_at","<=",o)])).execute(),(await e.selectFrom("outbox_events").select("id").where("id","in",t).where("claimed_by","=",a).where("claim_expires_at","=",r).execute()).map(i=>i.id)}}function tr(e){return async t=>{if(t.length===0)return;const a=new Date().toISOString();await e.updateTable("outbox_events").set({processed_at:a}).where("id","in",t).execute()}}function ar(e){return async(t,a,n)=>{await e.updateTable("outbox_events").set({error:a,next_retry_at:n,retry_count:h.sql`retry_count + 1`,claimed_by:null,claim_expires_at:null}).where("id","=",t).execute()}}function nr(e){return async(t,a)=>{const n=new Date().toISOString();await e.updateTable("outbox_events").set({processed_at:n,dead_lettered_at:n,final_error:a}).where("id","=",t).execute()}}function or(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1}=a,i=(await e.selectFrom("outbox_events").selectAll().where("tenant_id","=",t).where("dead_lettered_at","is not",null).orderBy("dead_lettered_at","desc").orderBy("id","asc").offset(n*o).limit(o).execute()).flatMap(l=>{let m;try{m=JSON.parse(l.payload)}catch(c){return console.error(`Failed to parse outbox payload for event ${l.id}`,c),[]}return[{...m,id:l.id,created_at:l.created_at,processed_at:l.processed_at,retry_count:l.retry_count,next_retry_at:l.next_retry_at,error:l.error,dead_lettered_at:l.dead_lettered_at,final_error:l.final_error}]});let d=i.length;if(r){const[l]=await e.selectFrom("outbox_events").select(m=>m.fn.countAll().as("total")).where("tenant_id","=",t).where("dead_lettered_at","is not",null).execute();d=Number((l==null?void 0:l.total)??i.length)}return{events:i,start:n*o,limit:o,length:d}}}function rr(e){return async(t,a)=>{const n=await e.updateTable("outbox_events").set({processed_at:null,dead_lettered_at:null,final_error:null,retry_count:0,next_retry_at:null,error:null}).where("id","=",t).where("tenant_id","=",a).where("dead_lettered_at","is not",null).executeTakeFirst();return Number(n.numUpdatedRows)>0}}function sr(e){return async t=>{const a=await e.deleteFrom("outbox_events").where("processed_at","is not",null).where("processed_at","<",t).executeTakeFirst();return Number(a.numDeletedRows)}}function ir(e){return{create:Xo(e),getByIds:Vo(e),getUnprocessed:Zo(e),claimEvents:er(e),markProcessed:tr(e),markRetry:ar(e),deadLetter:nr(e),listFailed:or(e),replay:rr(e),cleanup:sr(e)}}function Z(e){return{id:e.id,name:e.name,type:e.type,status:e.status,sink:JSON.parse(e.sink),filters:e.filters?JSON.parse(e.filters):void 0,isPriority:e.is_priority==null?void 0:e.is_priority===1,created_at:e.created_at,updated_at:e.updated_at}}function cr(e){return{async create(t,a){const n=new Date().toISOString(),r={id:`lst_${S.nanoid()}`,tenant_id:t,name:a.name,type:a.type,status:a.status??"active",sink:JSON.stringify(a.sink),filters:a.filters?JSON.stringify(a.filters):null,is_priority:a.isPriority===void 0?null:a.isPriority?1:0,created_at:n,updated_at:n};return await e.insertInto("log_streams").values(r).execute(),Z(r)},async get(t,a){const n=await e.selectFrom("log_streams").where("tenant_id","=",t).where("id","=",a).selectAll().executeTakeFirst();return n?Z(n):null},async list(t){return(await e.selectFrom("log_streams").where("tenant_id","=",t).selectAll().execute()).map(Z)},async update(t,a,n){const o={updated_at:new Date().toISOString()};n.name!==void 0&&(o.name=n.name),n.type!==void 0&&(o.type=n.type),n.status!==void 0&&(o.status=n.status),n.sink!==void 0&&(o.sink=JSON.stringify(n.sink)),n.filters!==void 0&&(o.filters=n.filters?JSON.stringify(n.filters):null),n.isPriority!==void 0&&(o.is_priority=n.isPriority?1:0);const r=await e.updateTable("log_streams").set(o).where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return((r==null?void 0:r.numUpdatedRows)??0n)>0n},async remove(t,a){const n=await e.deleteFrom("log_streams").where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return((n==null?void 0:n.numDeletedRows)??0n)>0n}}}class Oe{constructor(t){Q(this,"migrations");this.migrations=t}async getMigrations(){return this.migrations}}async function lr(e){await e.schema.createTable("tenants").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("name","varchar(255)").addColumn("audience","varchar(255)").addColumn("sender_email","varchar(255)").addColumn("sender_name","varchar(255)").addColumn("language","varchar(255)").addColumn("logo","varchar(255)").addColumn("primary_color","varchar(255)").addColumn("secondary_color","varchar(255)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("users").addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("email","varchar(255)").addColumn("given_name","varchar(255)").addColumn("family_name","varchar(255)").addColumn("nickname","varchar(255)").addColumn("name","varchar(255)").addColumn("picture","varchar(2083)").addColumn("tags","varchar(255)").addColumn("phone_number","varchar(17)").addColumn("phone_verified","boolean").addColumn("username","varchar(128)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).addPrimaryKeyConstraint("users_tenants",["user_id","tenant_id"]).addColumn("linked_to","varchar(255)").addForeignKeyConstraint("linked_to_constraint",["linked_to","tenant_id"],"users",["user_id","tenant_id"]).addColumn("last_ip","varchar(255)").addColumn("login_count","integer",t=>t.notNull()).addColumn("last_login","varchar(255)").addColumn("provider","varchar(255)",t=>t.notNull()).addColumn("connection","varchar(255)").addColumn("email_verified","boolean",t=>t.notNull()).addColumn("is_social","boolean",t=>t.notNull()).addColumn("app_metadata","varchar(4096)",t=>t.defaultTo("{}").notNull()).addColumn("user_metadata","varchar(4096)",t=>t.defaultTo("{}").notNull()).addUniqueConstraint("unique_email_provider",["email","provider","tenant_id"]).addUniqueConstraint("unique_phone_provider",["phone_number","provider","tenant_id"]).execute(),await e.schema.createTable("members").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("sub","varchar(255)").addColumn("email","varchar(255)").addColumn("name","varchar(255)").addColumn("status","varchar(255)").addColumn("role","varchar(255)").addColumn("picture","varchar(2083)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("applications").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("client_secret","varchar(255)").addColumn("allowed_logout_urls","varchar(255)").addColumn("authentication_settings","varchar(255)").addColumn("addons","varchar(4096)",t=>t.notNull().defaultTo("{}")).addColumn("callbacks","varchar(1024)",t=>t.notNull().defaultTo("[]")).addColumn("allowed_origins","varchar(1024)",t=>t.notNull().defaultTo("[]")).addColumn("web_origins","varchar(1024)",t=>t.notNull().defaultTo("[]")).addColumn("allowed_clients","varchar(1024)",t=>t.defaultTo("[]").notNull()).addColumn("options_kid","varchar(32)").addColumn("options_team_id","varchar(32)").addColumn("options_client_id","varchar(128)").addColumn("options_client_secret","varchar(255)").addColumn("options_scope","varchar(255)").addColumn("options_realms","varchar(255)").addColumn("options_app_secret","varchar(1024)").addColumn("email_validation","varchar(255)").addColumn("disable_sign_ups","boolean",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("connections").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("response_type","varchar(255)").addColumn("response_mode","varchar(255)").addColumn("strategy","varchar(64)").addColumn("options","varchar(2048)",t=>t.defaultTo("{}").notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("migrations").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("provider","varchar(255)").addColumn("client_id","varchar(255)").addColumn("origin","varchar(255)").addColumn("domain","varchar(255)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("domains").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("email_service","varchar(255)").addColumn("email_api_key","varchar(255)").addColumn("dkim_private_key","varchar(2048)").addColumn("dkim_public_key","varchar(2048)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute()}async function dr(e){await e.schema.dropTable("domains").execute(),await e.schema.dropTable("members").execute(),await e.schema.dropTable("users").execute(),await e.schema.dropTable("connections").execute(),await e.schema.dropTable("applications").execute(),await e.schema.dropTable("migrations").execute(),await e.schema.dropTable("tenants").execute()}const ur=Object.freeze(Object.defineProperty({__proto__:null,down:dr,up:lr},Symbol.toStringTag,{value:"Module"}));async function _r(e){await e.schema.alterTable("tenants").addColumn("support_url","varchar(255)").execute()}async function mr(e){await e.schema.alterTable("tenants").dropColumn("support_url").execute()}const hr=Object.freeze(Object.defineProperty({__proto__:null,down:mr,up:_r},Symbol.toStringTag,{value:"Module"}));async function pr(e){}async function fr(e){}const gr=Object.freeze(Object.defineProperty({__proto__:null,down:fr,up:pr},Symbol.toStringTag,{value:"Module"}));async function wr(e){await e.schema.createTable("logs").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("category","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(64)").addColumn("user_id","varchar(64)").addForeignKeyConstraint("tenant_id_constraint",["tenant_id"],"tenants",["id"],t=>t.onDelete("cascade")).addColumn("ip","varchar(255)").addColumn("type","varchar(8)",t=>t.notNull()).addColumn("date","varchar(25)",t=>t.notNull()).addColumn("client_id","varchar(255)").addColumn("client_name","varchar(255)").addColumn("user_agent","varchar(255)").addColumn("description","varchar(255)").addColumn("details","varchar(2048)").execute()}async function yr(e){await e.schema.dropTable("logs").execute()}const vr=Object.freeze(Object.defineProperty({__proto__:null,down:yr,up:wr},Symbol.toStringTag,{value:"Module"}));async function Cr(e){}async function xr(e){}const Tr=Object.freeze(Object.defineProperty({__proto__:null,down:xr,up:Cr},Symbol.toStringTag,{value:"Module"}));async function Nr(e){await e.schema.createTable("sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("tickets").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createTable("otps").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("user_id","varchar(255)").addColumn("send","varchar(255)").addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createIndex("otps_email_index").on("otps").column("email").execute(),await e.schema.createIndex("otps_expires_at_index").on("otps").column("expires_at").execute()}async function br(e){await e.schema.dropTable("sessions").execute(),await e.schema.dropTable("tickets").execute(),await e.schema.dropTable("otps").execute()}const Sr=Object.freeze(Object.defineProperty({__proto__:null,down:br,up:Nr},Symbol.toStringTag,{value:"Module"}));async function kr(e){await e.schema.createTable("passwords").addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addPrimaryKeyConstraint("passwords_pkey",["user_id","tenant_id"]).addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(255)").addColumn("updated_at","varchar(255)").execute(),await e.schema.createTable("codes").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("user_id","varchar(255)").addColumn("tenant_id","varchar(255)").addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createIndex("codes_expires_at_index").on("codes").column("expires_at").execute()}async function Or(e){await e.schema.dropTable("passwords").execute(),await e.schema.dropTable("codes").execute()}const $r=Object.freeze(Object.defineProperty({__proto__:null,down:Or,up:kr},Symbol.toStringTag,{value:"Module"}));async function Er(e){}async function Pr(e){}const Ir=Object.freeze(Object.defineProperty({__proto__:null,down:Pr,up:Er},Symbol.toStringTag,{value:"Module"}));async function zr(e){await e.schema.alterTable("passwords").addColumn("password","varchar(255)",t=>t.notNull()).execute()}async function Dr(e){await e.schema.alterTable("passwords").dropColumn("password").execute()}const Ar=Object.freeze(Object.defineProperty({__proto__:null,down:Dr,up:zr},Symbol.toStringTag,{value:"Module"}));async function Fr(e){}async function jr(e){}const Rr=Object.freeze(Object.defineProperty({__proto__:null,down:jr,up:Fr},Symbol.toStringTag,{value:"Module"}));async function Mr(e){}async function Jr(e){}const qr=Object.freeze(Object.defineProperty({__proto__:null,down:Jr,up:Mr},Symbol.toStringTag,{value:"Module"}));async function Lr(e){}async function Kr(e){}const Br=Object.freeze(Object.defineProperty({__proto__:null,down:Kr,up:Lr},Symbol.toStringTag,{value:"Module"}));async function Ur(e){await e.schema.createIndex("users_email_index").on("users").column("email").execute()}async function Qr(e){await e.schema.dropIndex("users_email_index").execute()}const Wr=Object.freeze(Object.defineProperty({__proto__:null,down:Qr,up:Ur},Symbol.toStringTag,{value:"Module"}));async function Yr(e){await e.schema.alterTable("users").addColumn("profileData","varchar(2048)").execute()}async function Hr(e){await e.schema.alterTable("users").dropColumn("profileData").execute()}const Gr=Object.freeze(Object.defineProperty({__proto__:null,down:Hr,up:Yr},Symbol.toStringTag,{value:"Module"}));async function Xr(e){await e.schema.createIndex("users_linked_to_index").on("users").column("linked_to").execute()}async function Vr(e){await e.schema.dropIndex("users_linked_to_index")}const Zr=Object.freeze(Object.defineProperty({__proto__:null,down:Vr,up:Xr},Symbol.toStringTag,{value:"Module"}));async function es(e){await e.schema.alterTable("users").addColumn("locale","varchar(255)").execute()}async function ts(e){await e.schema.alterTable("users").dropColumn("locale").execute()}const as=Object.freeze(Object.defineProperty({__proto__:null,down:ts,up:es},Symbol.toStringTag,{value:"Module"}));async function ns(e){await e.schema.createTable("keys").addColumn("kid","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade")).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("revoked_at","varchar(255)").addColumn("cert","varchar(4096)").addColumn("pkcs7","varchar(4096)").addColumn("fingerprint","varchar(256)").addColumn("thumbprint","varchar(256)").addColumn("current_since","varchar(256)").addColumn("current_until","varchar(256)").addColumn("type","varchar(50)",t=>t.notNull().defaultTo("jwt_signing")).addColumn("connection","varchar(255)",t=>t.references("connections.id").onDelete("cascade")).execute()}async function os(e){await e.schema.dropTable("keys").execute()}const rs=Object.freeze(Object.defineProperty({__proto__:null,down:os,up:ns},Symbol.toStringTag,{value:"Module"}));async function ss(e){}async function is(e){}const cs=Object.freeze(Object.defineProperty({__proto__:null,down:is,up:ss},Symbol.toStringTag,{value:"Module"}));async function ls(e){}async function ds(e){}const us=Object.freeze(Object.defineProperty({__proto__:null,down:ds,up:ls},Symbol.toStringTag,{value:"Module"}));async function _s(e){await e.schema.alterTable("otps").addColumn("audience","varchar(255)").execute()}async function ms(e){await e.schema.alterTable("otps").dropColumn("audience").execute()}const hs=Object.freeze(Object.defineProperty({__proto__:null,down:ms,up:_s},Symbol.toStringTag,{value:"Module"}));async function ps(e){}async function fs(e){}const gs=Object.freeze(Object.defineProperty({__proto__:null,down:fs,up:ps},Symbol.toStringTag,{value:"Module"}));async function ws(e){await e.schema.alterTable("logs").dropColumn("category").execute()}async function ys(e){await e.schema.alterTable("logs").addColumn("category","varchar(255)",t=>t.notNull()).execute()}const vs=Object.freeze(Object.defineProperty({__proto__:null,down:ys,up:ws},Symbol.toStringTag,{value:"Module"}));async function Cs(e){await e.schema.alterTable("users").dropColumn("tags").execute()}async function xs(e){await e.schema.alterTable("users").addColumn("tags","varchar(255)").execute()}const Ts=Object.freeze(Object.defineProperty({__proto__:null,down:xs,up:Cs},Symbol.toStringTag,{value:"Module"}));async function Ns(e){await e.schema.createIndex("logs_user_id").on("logs").column("user_id").execute(),await e.schema.createIndex("logs_tenant_id").on("logs").column("tenant_id").execute(),await e.schema.createIndex("logs_date").on("logs").column("date").execute()}async function bs(e){await e.schema.dropIndex("logs_user_id"),await e.schema.dropIndex("logs_tenant_id"),await e.schema.dropIndex("logs_date")}const Ss=Object.freeze(Object.defineProperty({__proto__:null,down:bs,up:Ns},Symbol.toStringTag,{value:"Module"}));async function ks(e){await e.schema.alterTable("logs").dropColumn("details").execute(),await e.schema.alterTable("logs").addColumn("details","varchar(8192)").execute()}async function Os(e){await e.schema.alterTable("logs").dropColumn("details").execute(),await e.schema.alterTable("logs").addColumn("details","varchar(2048)").execute()}const $s=Object.freeze(Object.defineProperty({__proto__:null,down:Os,up:ks},Symbol.toStringTag,{value:"Module"}));async function Es(e){await e.schema.alterTable("logs").addColumn("user_name","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("auth0_client","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("isMobile","boolean").execute(),await e.schema.alterTable("logs").addColumn("connection","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("connection_id","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("audience","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("scope","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("strategy","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("strategy_type","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("hostname","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("session_connection","varchar(255)").execute()}async function Ps(e){await e.schema.alterTable("logs").dropColumn("user_name").execute(),await e.schema.alterTable("logs").dropColumn("auth0_client").execute(),await e.schema.alterTable("logs").dropColumn("isMobile").execute(),await e.schema.alterTable("logs").dropColumn("connection").execute(),await e.schema.alterTable("logs").dropColumn("connection_id").execute(),await e.schema.alterTable("logs").dropColumn("audience").execute(),await e.schema.alterTable("logs").dropColumn("scope").execute(),await e.schema.alterTable("logs").dropColumn("strategy").execute(),await e.schema.alterTable("logs").dropColumn("strategy_type").execute(),await e.schema.alterTable("logs").dropColumn("hostname").execute(),await e.schema.alterTable("logs").dropColumn("session_connection").execute()}const Is=Object.freeze(Object.defineProperty({__proto__:null,down:Ps,up:Es},Symbol.toStringTag,{value:"Module"}));async function zs(e){await e.schema.createIndex("users_name_index").on("users").column("name").execute()}async function Ds(e){await e.schema.dropIndex("users_name_index").execute()}const As=Object.freeze(Object.defineProperty({__proto__:null,down:Ds,up:zs},Symbol.toStringTag,{value:"Module"}));async function Fs(e){}async function js(e){await e.schema.alterTable("users").dropConstraint("unique_email_provider").execute()}const Rs=Object.freeze(Object.defineProperty({__proto__:null,down:js,up:Fs},Symbol.toStringTag,{value:"Module"}));async function Ms(e){await e.schema.alterTable("otps").dropColumn("state").execute(),await e.schema.alterTable("otps").addColumn("state","varchar(8192)").execute()}async function Js(e){await e.schema.alterTable("otps").dropColumn("state").execute(),await e.schema.alterTable("otps").addColumn("state","varchar(1024)").execute()}const qs=Object.freeze(Object.defineProperty({__proto__:null,down:Js,up:Ms},Symbol.toStringTag,{value:"Module"}));async function Ls(e){await e.schema.alterTable("tickets").dropColumn("state").execute(),await e.schema.alterTable("tickets").addColumn("state","varchar(8192)").execute()}async function Ks(e){await e.schema.alterTable("tickets").dropColumn("state").execute(),await e.schema.alterTable("tickets").addColumn("state","varchar(1024)").execute()}const Bs=Object.freeze(Object.defineProperty({__proto__:null,down:Ks,up:Ls},Symbol.toStringTag,{value:"Module"}));async function Us(e){await e.schema.createTable("branding").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull().primaryKey()).addColumn("logo_url","varchar(512)").addColumn("favicon_url","varchar(512)").addColumn("font_url","varchar(512)").addColumn("colors_primary","varchar(8)").addColumn("colors_page_background_type","varchar(32)").addColumn("colors_page_background_start","varchar(8)").addColumn("colors_page_background_end","varchar(8)").addColumn("colors_page_background_angle_dev","integer").execute()}async function Qs(e){await e.schema.dropTable("branding").execute()}const Ws=Object.freeze(Object.defineProperty({__proto__:null,down:Qs,up:Us},Symbol.toStringTag,{value:"Module"}));async function Ys(e){}async function Hs(e){}const Gs=Object.freeze(Object.defineProperty({__proto__:null,down:Hs,up:Ys},Symbol.toStringTag,{value:"Module"}));async function Xs(e){}async function Vs(e){}const Zs=Object.freeze(Object.defineProperty({__proto__:null,down:Vs,up:Xs},Symbol.toStringTag,{value:"Module"}));async function ei(e){}async function ti(e){}const ai=Object.freeze(Object.defineProperty({__proto__:null,down:ti,up:ei},Symbol.toStringTag,{value:"Module"}));async function ni(e){}async function oi(e){}const ri=Object.freeze(Object.defineProperty({__proto__:null,down:oi,up:ni},Symbol.toStringTag,{value:"Module"}));async function si(e){await e.schema.createTable("authentication_codes").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(8192)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}async function ii(e){await e.schema.dropTable("authentication_codes").execute()}const ci=Object.freeze(Object.defineProperty({__proto__:null,down:ii,up:si},Symbol.toStringTag,{value:"Module"}));async function li(e){}async function di(e){}const ui=Object.freeze(Object.defineProperty({__proto__:null,down:di,up:li},Symbol.toStringTag,{value:"Module"}));async function _i(e){await e.schema.alterTable("otps").addColumn("ip","varchar(64)").execute()}async function mi(e){await e.schema.alterTable("otps").dropColumn("ip").execute()}const hi=Object.freeze(Object.defineProperty({__proto__:null,down:mi,up:_i},Symbol.toStringTag,{value:"Module"}));async function pi(e){await e.schema.alterTable("logs").dropColumn("user_agent").execute(),await e.schema.alterTable("logs").addColumn("user_agent","varchar(1024)").execute()}async function fi(e){await e.schema.alterTable("logs").dropColumn("user_agent").execute(),await e.schema.alterTable("logs").addColumn("user_agent","varchar(255)").execute()}const gi=Object.freeze(Object.defineProperty({__proto__:null,down:fi,up:pi},Symbol.toStringTag,{value:"Module"}));async function wi(e){}async function yi(e){}const vi=Object.freeze(Object.defineProperty({__proto__:null,down:yi,up:wi},Symbol.toStringTag,{value:"Module"}));async function Ci(e){await e.schema.createTable("hooks").addColumn("hook_id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("url","varchar(512)",t=>t.notNull()).addColumn("trigger_id","varchar(255)",t=>t.notNull()).addColumn("enabled","boolean",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).addColumn("synchronous","boolean",t=>t.defaultTo(!1).notNull()).addColumn("priority","integer").execute()}async function xi(e){await e.schema.dropTable("hooks").execute()}const Ti=Object.freeze(Object.defineProperty({__proto__:null,down:xi,up:Ci},Symbol.toStringTag,{value:"Module"}));async function Ni(e){}async function bi(e){}const Si=Object.freeze(Object.defineProperty({__proto__:null,down:bi,up:Ni},Symbol.toStringTag,{value:"Module"}));async function ki(e){}async function Oi(e){}const $i=Object.freeze(Object.defineProperty({__proto__:null,down:Oi,up:ki},Symbol.toStringTag,{value:"Module"}));async function Ei(e){await e.schema.createTable("logins").addColumn("login_id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("authParams_client_id","varchar(255)",t=>t.notNull()).addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","varchar(511)").addColumn("authParams_state","varchar(511)").addColumn("authParams_code_challenge_method","varchar(256)").addColumn("authParams_code_challenge","varchar(256)").addColumn("authParams_redirect_uri","varchar(256)").addColumn("authParams_organization","varchar(256)").addColumn("authorization_url","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("ip","varchar(255)").addColumn("useragent","varchar(512)").execute(),await e.schema.alterTable("passwords").addColumn("algorithm","varchar(16)").execute(),await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("code_id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)").addColumn("login_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("code_type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}async function Pi(e){await e.schema.dropTable("logins").execute(),await e.schema.alterTable("passwords").dropColumn("algorithm").execute(),await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("code","varchar(255)",t=>t.notNull()).addColumn("user_id","varchar(255)").addColumn("tenant_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const Ii=Object.freeze(Object.defineProperty({__proto__:null,down:Pi,up:Ei},Symbol.toStringTag,{value:"Module"}));async function zi(e){}async function Di(e){}const Ai=Object.freeze(Object.defineProperty({__proto__:null,down:Di,up:zi},Symbol.toStringTag,{value:"Module"}));async function Fi(e){await e.schema.alterTable("logins").addColumn("auth0Client","varchar(256)").execute()}async function ji(e){await e.schema.alterTable("logins").dropColumn("auth0Client").execute()}const Ri=Object.freeze(Object.defineProperty({__proto__:null,down:ji,up:Fi},Symbol.toStringTag,{value:"Module"}));async function Mi(e){await e.schema.alterTable("logins").dropColumn("authParams_state").execute(),await e.schema.alterTable("logins").addColumn("authParams_state","varchar(8192)").execute()}async function Ji(e){await e.schema.alterTable("logins").dropColumn("authParams_state").execute(),await e.schema.alterTable("logins").addColumn("authParams_state","varchar(511)").execute()}const qi=Object.freeze(Object.defineProperty({__proto__:null,down:Ji,up:Mi},Symbol.toStringTag,{value:"Module"}));async function Li(e){}async function Ki(e){}const Bi=Object.freeze(Object.defineProperty({__proto__:null,down:Ki,up:Li},Symbol.toStringTag,{value:"Module"}));async function Ui(e){}async function Qi(e){}const Wi=Object.freeze(Object.defineProperty({__proto__:null,down:Qi,up:Ui},Symbol.toStringTag,{value:"Module"}));async function Yi(e){await e.schema.alterTable("logins").addColumn("authParams_nonce","varchar(255)").execute()}async function Hi(e){await e.schema.alterTable("logins").dropColumn("nonce").execute()}const Gi=Object.freeze(Object.defineProperty({__proto__:null,down:Hi,up:Yi},Symbol.toStringTag,{value:"Module"}));async function Xi(e){}async function Vi(e){}const Zi=Object.freeze(Object.defineProperty({__proto__:null,down:Vi,up:Xi},Symbol.toStringTag,{value:"Module"}));async function ec(e){}async function tc(e){}const ac=Object.freeze(Object.defineProperty({__proto__:null,down:tc,up:ec},Symbol.toStringTag,{value:"Module"}));async function nc(e){await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("code_id","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)").addColumn("login_id","varchar(255)").addColumn("connection_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("code_type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").addPrimaryKeyConstraint("PK_codes_code_id_code_type",["code_id","code_type"]).execute()}async function oc(e){await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("code_id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)").addColumn("connection_id","varchar(255)").addColumn("login_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("code_type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const rc=Object.freeze(Object.defineProperty({__proto__:null,down:oc,up:nc},Symbol.toStringTag,{value:"Module"}));async function sc(e){await e.schema.dropTable("otps").execute(),await e.schema.dropTable("authentication_codes").execute()}async function ic(e){await e.schema.alterTable("keys").addColumn("private_key","varchar(2048)").addColumn("public_key","varchar(2048)").execute(),await e.schema.createTable("otps").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("user_id","varchar(255)").addColumn("send","varchar(255)").addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createTable("authentication_codes").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(8192)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const cc=Object.freeze(Object.defineProperty({__proto__:null,down:ic,up:sc},Symbol.toStringTag,{value:"Module"}));async function lc(e){await e.schema.createIndex("IDX_logs_tenant_date_type_user").on("logs").columns(["tenant_id","date","type","user_id"]).execute()}async function dc(e){await e.schema.dropIndex("IDX_logs_tenant_date_type_user").on("logs").execute()}const uc=Object.freeze(Object.defineProperty({__proto__:null,down:dc,up:lc},Symbol.toStringTag,{value:"Module"}));async function _c(e){}async function mc(e){}const hc=Object.freeze(Object.defineProperty({__proto__:null,down:mc,up:_c},Symbol.toStringTag,{value:"Module"}));async function pc(e){await e.schema.createTable("prompt_settings").addColumn("tenant_id","varchar(64)",t=>t.primaryKey()).addColumn("universal_login_experience","varchar(16)",t=>t.defaultTo("new").notNull()).addColumn("identifier_first","boolean",t=>t.defaultTo(!0).notNull()).addColumn("password_first","boolean",t=>t.defaultTo(!1).notNull()).addColumn("webauthn_platform_first_factor","boolean",t=>t.defaultTo(!1).notNull()).execute()}async function fc(e){await e.schema.dropTable("prompt_settings").execute()}const gc=Object.freeze(Object.defineProperty({__proto__:null,down:fc,up:pc},Symbol.toStringTag,{value:"Module"}));async function wc(e){}async function yc(e){}const vc=Object.freeze(Object.defineProperty({__proto__:null,down:yc,up:wc},Symbol.toStringTag,{value:"Module"}));async function Cc(e){}async function xc(e){}const Tc=Object.freeze(Object.defineProperty({__proto__:null,down:xc,up:Cc},Symbol.toStringTag,{value:"Module"}));async function Nc(e){}async function bc(e){}const Sc=Object.freeze(Object.defineProperty({__proto__:null,down:bc,up:Nc},Symbol.toStringTag,{value:"Module"}));async function kc(e){await e.schema.alterTable("logins").addColumn("authParams_ui_locales","varchar(32)").execute()}async function Oc(e){await e.schema.alterTable("logins").dropColumn("authParams_ui_locales").execute()}const $c=Object.freeze(Object.defineProperty({__proto__:null,down:Oc,up:kc},Symbol.toStringTag,{value:"Module"}));async function Ec(e){await e.schema.alterTable("logins").addColumn("authParams_prompt","varchar(16)").execute()}async function Pc(e){await e.schema.alterTable("logins").dropColumn("authParams_prompt").execute()}const Ic=Object.freeze(Object.defineProperty({__proto__:null,down:Pc,up:Ec},Symbol.toStringTag,{value:"Module"}));async function zc(e){}async function Dc(e){}const Ac=Object.freeze(Object.defineProperty({__proto__:null,down:Dc,up:zc},Symbol.toStringTag,{value:"Module"}));async function Fc(e){await e.schema.alterTable("logins").addColumn("authParams_act_as","varchar(255)").execute()}async function jc(e){await e.schema.alterTable("logins").dropColumn("authParam_act_as").execute()}const Rc=Object.freeze(Object.defineProperty({__proto__:null,down:jc,up:Fc},Symbol.toStringTag,{value:"Module"}));async function Mc(e){await e.schema.alterTable("codes").addColumn("code_verifier","varchar(128)").execute()}async function Jc(e){await e.schema.alterTable("codes").dropColumn("code_verifier").execute()}const qc=Object.freeze(Object.defineProperty({__proto__:null,down:Jc,up:Mc},Symbol.toStringTag,{value:"Module"}));async function Lc(e){await e.schema.createTable("email_providers").addColumn("tenant_id","varchar(255)",t=>t.primaryKey()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("enabled","boolean",t=>t.notNull()).addColumn("default_from_address","varchar(255)").addColumn("credentials","varchar(2048)",t=>t.notNull().defaultTo("{}")).addColumn("settings","varchar(2048)",t=>t.notNull().defaultTo("{}")).addColumn("created_at","varchar(29)",t=>t.notNull()).addColumn("updated_at","varchar(29)",t=>t.notNull()).execute()}async function Kc(e){await e.schema.dropTable("email_providers").execute()}const Bc=Object.freeze(Object.defineProperty({__proto__:null,down:Kc,up:Lc},Symbol.toStringTag,{value:"Module"}));async function Uc(e){await e.schema.dropTable("tickets").execute()}async function Qc(e){await e.schema.createTable("tickets").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const Wc=Object.freeze(Object.defineProperty({__proto__:null,down:Qc,up:Uc},Symbol.toStringTag,{value:"Module"}));async function Yc(e){}async function Hc(e){await e.schema.alterTable("logins").dropColumn("ip").dropColumn("useragent").execute()}const Gc=Object.freeze(Object.defineProperty({__proto__:null,down:Hc,up:Yc},Symbol.toStringTag,{value:"Module"}));async function Xc(e){await e.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}async function Vc(e){await e.schema.dropTable("refresh_tokens").execute()}const Zc=Object.freeze(Object.defineProperty({__proto__:null,down:Vc,up:Xc},Symbol.toStringTag,{value:"Module"}));async function el(e){}async function tl(e){}const al=Object.freeze(Object.defineProperty({__proto__:null,down:tl,up:el},Symbol.toStringTag,{value:"Module"}));async function nl(e){await e.schema.dropTable("sessions").execute(),await e.schema.dropTable("refresh_tokens").execute()}async function ol(e){await e.schema.createTable("sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("sessions_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("refresh_tokens_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}const rl=Object.freeze(Object.defineProperty({__proto__:null,down:ol,up:nl},Symbol.toStringTag,{value:"Module"}));async function sl(e){await e.schema.createTable("sessions_2").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("sessions_2_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("refresh_tokens_2").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("refresh_tokens_2_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}async function il(e){await e.schema.dropTable("sessions_2").execute(),await e.schema.dropTable("refresh_tokens_2").execute()}const cl=Object.freeze(Object.defineProperty({__proto__:null,down:il,up:sl},Symbol.toStringTag,{value:"Module"}));async function ll(e){await e.schema.createTable("custom_domains").addColumn("custom_domain_id","varchar(21)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("primary","boolean",t=>t.notNull()).addColumn("status","varchar(50)",t=>t.notNull()).addColumn("type","varchar(50)",t=>t.notNull()).addColumn("origin_domain_name","varchar(255)").addColumn("verification","varchar(2048)").addColumn("custom_client_ip_header","varchar(50)").addColumn("tls_policy","varchar(50)").addColumn("domain_metadata","varchar(2048)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.dropTable("domains").execute()}async function dl(e){await e.schema.dropTable("custom_domains").execute(),await e.schema.createTable("domains").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("email_service","varchar(255)").addColumn("email_api_key","varchar(255)").addColumn("dkim_private_key","varchar(2048)").addColumn("dkim_public_key","varchar(2048)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute()}const ul=Object.freeze(Object.defineProperty({__proto__:null,down:dl,up:ll},Symbol.toStringTag,{value:"Module"}));async function _l(e){}async function ml(e){await e.schema.alterTable("logins").dropColumn("authParams_organization").dropColumn("authorization_url").execute()}const hl=Object.freeze(Object.defineProperty({__proto__:null,down:ml,up:_l},Symbol.toStringTag,{value:"Module"}));async function pl(e){await e.schema.alterTable("logins").dropColumn("authorization_url").execute(),await e.schema.alterTable("logins").addColumn("authorization_url","varchar(2048)").execute()}async function fl(e){await e.schema.alterTable("logins").dropColumn("authorization_url").execute(),await e.schema.alterTable("logins").addColumn("authorization_url","varchar(1024)").execute()}const gl=Object.freeze(Object.defineProperty({__proto__:null,down:fl,up:pl},Symbol.toStringTag,{value:"Module"}));async function wl(e){}async function yl(e){}const vl=Object.freeze(Object.defineProperty({__proto__:null,down:yl,up:wl},Symbol.toStringTag,{value:"Module"}));async function Cl(e){await e.schema.createTable("sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("sessions_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("login_sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)",t=>t.references("sessions.id").onDelete("cascade")).addColumn("csrf_token","varchar(21)",t=>t.notNull()).addColumn("authParams_client_id","varchar(255)",t=>t.notNull()).addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","varchar(511)").addColumn("authParams_state","varchar(2048)").addColumn("authParams_nonce","varchar(255)").addColumn("authParams_code_challenge_method","varchar(255)").addColumn("authParams_code_challenge","varchar(255)").addColumn("authParams_redirect_uri","varchar(255)").addColumn("authParams_organization","varchar(255)").addColumn("authParams_prompt","varchar(32)").addColumn("authParams_act_as","varchar(256)").addColumn("authParams_ui_locales","varchar(32)").addColumn("authorization_url","varchar(1024)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)",t=>t.notNull()).addColumn("ip","varchar(39)").addColumn("useragent","varchar(1024)").addColumn("auth0Client","varchar(255)").execute(),await e.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("refresh_tokens_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}async function xl(e){await e.schema.dropTable("sessions").execute(),await e.schema.dropTable("login_sessions").execute(),await e.schema.dropTable("refresh_tokens").execute()}const Tl=Object.freeze(Object.defineProperty({__proto__:null,down:xl,up:Cl},Symbol.toStringTag,{value:"Module"}));async function Nl(e){await e.schema.dropTable("logins").execute(),await e.schema.dropTable("sessions_2").execute(),await e.schema.dropTable("refresh_tokens_2").execute()}async function bl(e){}const Sl=Object.freeze(Object.defineProperty({__proto__:null,down:bl,up:Nl},Symbol.toStringTag,{value:"Module"}));async function kl(e){await e.schema.dropTable("custom_domains").execute(),await e.schema.createTable("custom_domains").addColumn("custom_domain_id","varchar(256)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("primary","boolean",t=>t.notNull()).addColumn("status","varchar(50)",t=>t.notNull()).addColumn("type","varchar(50)",t=>t.notNull()).addColumn("origin_domain_name","varchar(255)").addColumn("verification","varchar(2048)").addColumn("custom_client_ip_header","varchar(50)").addColumn("tls_policy","varchar(50)").addColumn("domain_metadata","varchar(2048)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute()}async function Ol(e){}const $l=Object.freeze(Object.defineProperty({__proto__:null,down:Ol,up:kl},Symbol.toStringTag,{value:"Module"}));async function El(e){}async function Pl(e){await e.schema.alterTable("users").dropColumn("phone_number").dropColumn("phone_verified").dropColumn("username").execute()}const Il=Object.freeze(Object.defineProperty({__proto__:null,down:Pl,up:El},Symbol.toStringTag,{value:"Module"}));async function zl(e){await e.schema.createTable("forms").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(255)",t=>t.notNull()).addColumn("messages","varchar(255)").addColumn("languages","varchar(255)").addColumn("translations","varchar(4096)").addColumn("nodes","varchar(4096)").addColumn("start","varchar(255)").addColumn("ending","varchar(255)").addColumn("style","varchar(1042)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createIndex("forms_tenant_id_idx").on("forms").column("tenant_id").execute()}async function Dl(e){await e.schema.dropTable("forms").execute()}const Al=Object.freeze(Object.defineProperty({__proto__:null,down:Dl,up:zl},Symbol.toStringTag,{value:"Module"}));async function Fl(e){await e.schema.alterTable("hooks").addColumn("form_id","text").execute(),await e.schema.alterTable("hooks").addColumn("url_tmp","varchar(512)").execute(),await e.updateTable("hooks").set(t=>({url_tmp:t.ref("url")})).execute(),await e.schema.alterTable("hooks").dropColumn("url").execute(),await e.schema.alterTable("hooks").renameColumn("url_tmp","url").execute()}async function jl(e){await e.schema.dropTable("hooks").ifExists().execute(),await e.schema.createTable("hooks").addColumn("hook_id","text",t=>t.primaryKey()).addColumn("tenant_id","text",t=>t.notNull()).addColumn("trigger_id","text",t=>t.notNull()).addColumn("enabled","integer",t=>t.notNull().defaultTo(0)).addColumn("url","varchar(512)",t=>t.notNull()).addColumn("synchronous","integer",t=>t.notNull().defaultTo(0)).addColumn("priority","integer").addColumn("created_at","text",t=>t.notNull()).addColumn("updated_at","text",t=>t.notNull()).execute()}const Rl=Object.freeze(Object.defineProperty({__proto__:null,down:jl,up:Fl},Symbol.toStringTag,{value:"Module"}));async function Ml(e){await e.schema.alterTable("login_sessions").addColumn("login_completed","boolean",t=>t.notNull().defaultTo(0)).execute()}async function Jl(e){await e.schema.alterTable("login_sessions").dropColumn("login_completed").execute()}const ql=Object.freeze(Object.defineProperty({__proto__:null,down:Jl,up:Ml},Symbol.toStringTag,{value:"Module"}));async function Ll(e){await e.schema.alterTable("sessions").addColumn("login_session_id","varchar(21)",t=>t.references("login_sessions.id").onDelete("set null")).execute()}async function Kl(e){await e.schema.alterTable("sessions").dropColumn("login_session_id").execute()}const Bl=Object.freeze(Object.defineProperty({__proto__:null,down:Kl,up:Ll},Symbol.toStringTag,{value:"Module"}));async function Ul(e){await e.schema.createIndex("IDX_sessions_login_session_id").on("sessions").column("login_session_id").execute()}async function Ql(e){await e.schema.dropIndex("IDX_sessions_login_session_id").on("sessions").execute()}const Wl=Object.freeze(Object.defineProperty({__proto__:null,down:Ql,up:Ul},Symbol.toStringTag,{value:"Module"}));async function Yl(e){await e.schema.alterTable("codes").addColumn("code_challenge","varchar(128)").execute(),await e.schema.alterTable("codes").addColumn("code_challenge_method","varchar(5)").execute()}async function Hl(e){await e.schema.alterTable("codes").dropColumn("code_challenge").execute(),await e.schema.alterTable("codes").dropColumn("code_challenge_method").execute()}const Gl=Object.freeze(Object.defineProperty({__proto__:null,down:Hl,up:Yl},Symbol.toStringTag,{value:"Module"}));async function Xl(e){await e.schema.alterTable("codes").addColumn("redirect_uri","varchar(1024)").execute()}async function Vl(e){await e.schema.alterTable("codes").dropColumn("redirect_uri").execute()}const Zl=Object.freeze(Object.defineProperty({__proto__:null,down:Vl,up:Xl},Symbol.toStringTag,{value:"Module"}));async function ed(e){await e.schema.alterTable("codes").addColumn("nonce","varchar(1024)").execute(),await e.schema.alterTable("codes").addColumn("state","varchar(2048)").execute()}async function td(e){await e.schema.alterTable("codes").dropColumn("nonce").execute(),await e.schema.alterTable("codes").dropColumn("state").execute()}const ad=Object.freeze(Object.defineProperty({__proto__:null,down:td,up:ed},Symbol.toStringTag,{value:"Module"}));async function nd(e){await e.schema.createTable("themes").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("themeId","varchar(255)",t=>t.notNull()).addColumn("displayName","varchar(255)",t=>t.notNull()).addColumn("colors_primary_button_label","varchar(24)",t=>t.notNull()).addColumn("colors_primary_button","varchar(24)",t=>t.notNull()).addColumn("colors_secondary_button_border","varchar(24)",t=>t.notNull()).addColumn("colors_secondary_button_label","varchar(24)",t=>t.notNull()).addColumn("colors_base_focus_color","varchar(24)",t=>t.notNull()).addColumn("colors_base_hover_color","varchar(24)",t=>t.notNull()).addColumn("colors_body_text","varchar(24)",t=>t.notNull()).addColumn("colors_captcha_widget_theme","varchar(24)",t=>t.notNull()).addColumn("colors_error","varchar(24)",t=>t.notNull()).addColumn("colors_header","varchar(24)",t=>t.notNull()).addColumn("colors_icons","varchar(24)",t=>t.notNull()).addColumn("colors_input_background","varchar(24)",t=>t.notNull()).addColumn("colors_input_border","varchar(24)",t=>t.notNull()).addColumn("colors_input_filled_text","varchar(24)",t=>t.notNull()).addColumn("colors_input_labels_placeholders","varchar(24)",t=>t.notNull()).addColumn("colors_links_focused_components","varchar(24)",t=>t.notNull()).addColumn("colors_success","varchar(24)",t=>t.notNull()).addColumn("colors_widget_background","varchar(24)",t=>t.notNull()).addColumn("colors_widget_border","varchar(24)",t=>t.notNull()).addColumn("borders_button_border_radius","integer",t=>t.notNull()).addColumn("borders_button_border_weight","integer",t=>t.notNull()).addColumn("borders_buttons_style","varchar(24)",t=>t.notNull()).addColumn("borders_input_border_radius","integer",t=>t.notNull()).addColumn("borders_input_border_weight","integer",t=>t.notNull()).addColumn("borders_inputs_style","varchar(24)",t=>t.notNull()).addColumn("borders_show_widget_shadow","boolean",t=>t.notNull()).addColumn("borders_widget_border_weight","integer",t=>t.notNull()).addColumn("borders_widget_corner_radius","integer",t=>t.notNull()).addColumn("fonts_body_text_bold","integer",t=>t.notNull()).addColumn("fonts_body_text_size","integer",t=>t.notNull()).addColumn("fonts_buttons_text_bold","integer",t=>t.notNull()).addColumn("fonts_buttons_text_size","integer",t=>t.notNull()).addColumn("fonts_font_url","varchar(255)",t=>t.notNull()).addColumn("fonts_input_labels_bold","integer",t=>t.notNull()).addColumn("fonts_input_labels_size","integer",t=>t.notNull()).addColumn("fonts_links_bold","boolean",t=>t.notNull()).addColumn("fonts_links_size","integer",t=>t.notNull()).addColumn("fonts_links_style","varchar(24)",t=>t.notNull()).addColumn("fonts_reference_text_size","integer",t=>t.notNull()).addColumn("fonts_subtitle_bold","boolean",t=>t.notNull()).addColumn("fonts_subtitle_size","integer",t=>t.notNull()).addColumn("fonts_title_bold","boolean",t=>t.notNull()).addColumn("fonts_title_size","integer",t=>t.notNull()).addColumn("page_background_background_color","varchar(24)",t=>t.notNull()).addColumn("page_background_background_image_url","varchar(255)",t=>t.notNull()).addColumn("page_background_page_layout","varchar(24)",t=>t.notNull()).addColumn("widget_header_text_alignment","varchar(24)",t=>t.notNull()).addColumn("widget_logo_height","integer",t=>t.notNull()).addColumn("widget_logo_position","varchar(24)",t=>t.notNull()).addColumn("widget_logo_url","varchar(255)",t=>t.notNull()).addColumn("widget_social_buttons_layout","varchar(24)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("themes_pkey",["tenant_id","themeId"]).execute(),await e.schema.createIndex("themes_tenant_id_idx").on("themes").column("tenant_id").execute()}async function od(e){await e.schema.dropTable("themes").execute()}const rd=Object.freeze(Object.defineProperty({__proto__:null,down:od,up:nd},Symbol.toStringTag,{value:"Module"}));async function sd(e){await e.schema.createTable("resource_servers").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("identifier","varchar(191)",t=>t.notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("scopes","varchar(4096)").addColumn("signing_alg","varchar(64)").addColumn("signing_secret","varchar(2048)").addColumn("token_lifetime","integer").addColumn("token_lifetime_for_web","integer").addColumn("skip_consent_for_verifiable_first_party_clients","integer").addColumn("allow_offline_access","integer").addColumn("verification_key","varchar(4096)").addColumn("options","varchar(4096)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("resource_servers_pk",["tenant_id","id"]).execute(),await e.schema.createIndex("resource_servers_tenant_identifier_uq").on("resource_servers").columns(["tenant_id","identifier"]).unique().execute(),await e.schema.createTable("roles").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(50)",t=>t.notNull()).addColumn("description","varchar(255)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("roles_pk",["tenant_id","id"]).execute(),await e.schema.createIndex("roles_tenant_name_uq").on("roles").columns(["tenant_id","name"]).unique().execute()}async function id(e){await e.schema.dropTable("roles").execute(),await e.schema.dropTable("resource_servers").execute()}const cd=Object.freeze(Object.defineProperty({__proto__:null,down:id,up:sd},Symbol.toStringTag,{value:"Module"}));async function ld(e){await e.schema.createTable("role_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(191)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("role_permissions_pk",["tenant_id","role_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("role_permissions_role_fk").on("role_permissions").columns(["tenant_id","role_id"]).execute(),await e.schema.createIndex("role_permissions_permission_fk").on("role_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createTable("user_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(191)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_permissions_pk",["tenant_id","user_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("user_permissions_user_fk").on("user_permissions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_permissions_permission_fk").on("user_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute()}async function dd(e){await e.schema.dropTable("user_permissions").execute(),await e.schema.dropTable("role_permissions").execute()}const ud=Object.freeze(Object.defineProperty({__proto__:null,down:dd,up:ld},Symbol.toStringTag,{value:"Module"}));async function _d(e){await e.schema.createTable("user_roles").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_roles_pk",["tenant_id","user_id","role_id"]).execute(),await e.schema.createIndex("user_roles_user_fk").on("user_roles").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_roles_role_fk").on("user_roles").columns(["tenant_id","role_id"]).execute()}async function md(e){await e.schema.dropTable("user_roles").execute()}const hd=Object.freeze(Object.defineProperty({__proto__:null,down:md,up:_d},Symbol.toStringTag,{value:"Module"}));async function pd(e){}async function fd(e){await e.schema.alterTable("keys").dropColumn("connection").execute(),await e.schema.alterTable("keys").modifyColumn("cert","varchar(2048)").execute(),await e.schema.alterTable("keys").modifyColumn("pkcs7","varchar(2048)").execute(),await e.schema.alterTable("keys").dropColumn("type").execute()}const gd=Object.freeze(Object.defineProperty({__proto__:null,down:fd,up:pd},Symbol.toStringTag,{value:"Module"}));async function wd(e){await e.schema.createTable("organizations").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(256)",t=>t.notNull()).addColumn("display_name","varchar(256)").addColumn("branding","text").addColumn("metadata","text").addColumn("enabled_connections","text").addColumn("token_quota","text").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.createIndex("idx_organizations_tenant_id").on("organizations").column("tenant_id").execute(),await e.schema.createIndex("idx_organizations_tenant_name_unique").on("organizations").columns(["tenant_id","name"]).unique().execute()}async function yd(e){await e.schema.dropTable("organizations").execute()}const vd=Object.freeze(Object.defineProperty({__proto__:null,down:yd,up:wd},Symbol.toStringTag,{value:"Module"}));async function Cd(e){await e.schema.createTable("user_organizations").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addUniqueConstraint("user_organizations_unique",["tenant_id","user_id","organization_id"]).execute(),await e.schema.createIndex("idx_user_organizations_tenant_id").on("user_organizations").column("tenant_id").execute(),await e.schema.createIndex("idx_user_organizations_user_id").on("user_organizations").column("user_id").execute(),await e.schema.createIndex("idx_user_organizations_organization_id").on("user_organizations").column("organization_id").execute()}async function xd(e){await e.schema.dropTable("user_organizations").execute()}const Td=Object.freeze(Object.defineProperty({__proto__:null,down:xd,up:Cd},Symbol.toStringTag,{value:"Module"}));async function Nd(e){await e.schema.dropTable("user_permissions").execute(),await e.schema.dropTable("user_roles").execute(),await e.schema.createTable("user_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(21)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull().defaultTo("")).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_permissions_pk",["tenant_id","user_id","resource_server_identifier","permission_name","organization_id"]).execute(),await e.schema.createIndex("user_permissions_user_fk").on("user_permissions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_permissions_permission_fk").on("user_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("user_permissions_organization_fk").on("user_permissions").column("organization_id").execute(),await e.schema.createTable("user_roles").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("organization_id","varchar(191)",t=>t.notNull().defaultTo("")).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_roles_pk",["tenant_id","user_id","role_id","organization_id"]).execute(),await e.schema.createIndex("user_roles_user_fk").on("user_roles").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_roles_role_fk").on("user_roles").columns(["tenant_id","role_id"]).execute(),await e.schema.createIndex("user_roles_organization_fk").on("user_roles").column("organization_id").execute()}async function bd(e){await e.schema.dropTable("user_permissions").execute(),await e.schema.dropTable("user_roles").execute(),await e.schema.createTable("user_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(191)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_permissions_pk",["tenant_id","user_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("user_permissions_user_fk").on("user_permissions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_permissions_permission_fk").on("user_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createTable("user_roles").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_roles_pk",["tenant_id","user_id","role_id"]).execute(),await e.schema.createIndex("user_roles_user_fk").on("user_roles").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_roles_role_fk").on("user_roles").columns(["tenant_id","role_id"]).execute()}const Sd=Object.freeze(Object.defineProperty({__proto__:null,down:bd,up:Nd},Symbol.toStringTag,{value:"Module"}));async function kd(e){await e.schema.createTable("clients").addColumn("client_id","varchar(191)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("description","varchar(140)").addColumn("global","integer",t=>t.defaultTo(0).notNull()).addColumn("client_secret","varchar(255)").addColumn("app_type","varchar(64)",t=>t.defaultTo("regular_web")).addColumn("logo_uri","varchar(2083)").addColumn("is_first_party","integer",t=>t.defaultTo(0).notNull()).addColumn("oidc_conformant","integer",t=>t.defaultTo(1).notNull()).addColumn("callbacks","text",t=>t.notNull()).addColumn("allowed_origins","text",t=>t.notNull()).addColumn("web_origins","text",t=>t.notNull()).addColumn("client_aliases","text",t=>t.notNull()).addColumn("allowed_clients","text",t=>t.notNull()).addColumn("allowed_logout_urls","text",t=>t.notNull()).addColumn("session_transfer","text",t=>t.notNull()).addColumn("oidc_logout","text",t=>t.notNull()).addColumn("grant_types","text",t=>t.notNull()).addColumn("jwt_configuration","text",t=>t.notNull()).addColumn("signing_keys","text",t=>t.notNull()).addColumn("encryption_key","text",t=>t.notNull()).addColumn("sso","integer",t=>t.defaultTo(0).notNull()).addColumn("sso_disabled","integer",t=>t.defaultTo(1).notNull()).addColumn("cross_origin_authentication","integer",t=>t.defaultTo(0).notNull()).addColumn("cross_origin_loc","varchar(2083)").addColumn("custom_login_page_on","integer",t=>t.defaultTo(0).notNull()).addColumn("custom_login_page","text").addColumn("custom_login_page_preview","text").addColumn("form_template","text").addColumn("addons","text",t=>t.notNull()).addColumn("token_endpoint_auth_method","varchar(64)",t=>t.defaultTo("client_secret_basic")).addColumn("client_metadata","text",t=>t.notNull()).addColumn("mobile","text",t=>t.notNull()).addColumn("initiate_login_uri","varchar(2083)").addColumn("native_social_login","text",t=>t.notNull()).addColumn("refresh_token","text",t=>t.notNull()).addColumn("default_organization","text",t=>t.notNull()).addColumn("organization_usage","varchar(32)",t=>t.defaultTo("deny")).addColumn("organization_require_behavior","varchar(32)",t=>t.defaultTo("no_prompt")).addColumn("client_authentication_methods","text",t=>t.notNull()).addColumn("require_pushed_authorization_requests","integer",t=>t.defaultTo(0).notNull()).addColumn("require_proof_of_possession","integer",t=>t.defaultTo(0).notNull()).addColumn("signed_request_object","text",t=>t.notNull()).addColumn("compliance_level","varchar(64)").addColumn("par_request_expiry","integer").addColumn("token_quota","text",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("clients_tenant_id_client_id",["tenant_id","client_id"]).execute()}async function Od(e){await e.schema.dropTable("clients").execute()}const $d=Object.freeze(Object.defineProperty({__proto__:null,down:Od,up:kd},Symbol.toStringTag,{value:"Module"}));let $e=!1;function Ee(e){$e=e}function w(...e){$e&&console.log(...e)}function z(...e){console.warn(...e)}async function Pe(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function Ed(e){await Pe(e)==="mysql"?await Pd(e):await Id(e)}async function Pd(e){await e.transaction().execute(async t=>{const a=await h.sql`
+"use strict";var Ue=Object.defineProperty;var Qe=(e,t,a)=>t in e?Ue(e,t,{enumerable:!0,configurable:!0,writable:!0,value:a}):e[t]=a;var Q=(e,t,a)=>Qe(e,typeof t!="symbol"?t+"":t,a);Object.defineProperties(exports,{__esModule:{value:!0},[Symbol.toStringTag]:{value:"Module"}});const S=require("nanoid"),x=require("@authhero/adapter-interfaces");require("@hono/zod-openapi");const h=require("kysely"),We=17,Ye={organization:"org_",connection:"con_",action:"act_",action_version:"ver_",hook:"h_",hook_code:"hc_",rule:"rul_",resource_server:"api_",guardian_factor:"gfa_",invite:"inv_"};function j(e){const n=S.customAlphabet("0123456789abcdefghijklmnopqrstuvwxyz",We)();return`${Ye[e]}${n}`}function He(){return j("organization")}function Ge(){return j("connection")}function Ve(){return j("action")}function Xe(){return j("action_version")}function Ze(){return j("hook")}function et(){return j("resource_server")}function tt(){return j("hook_code")}function at(){return j("invite")}function nt(e){return async(t,a)=>{var r;const n=Date.now(),o=Ve();return await e.insertInto("actions").values({id:o,tenant_id:t,name:a.name,code:a.code,runtime:a.runtime||null,status:"built",secrets:a.secrets?JSON.stringify(a.secrets):null,dependencies:a.dependencies?JSON.stringify(a.dependencies):null,supported_triggers:a.supported_triggers?JSON.stringify(a.supported_triggers):null,created_at_ts:n,updated_at_ts:n}).execute(),{id:o,tenant_id:t,name:a.name,code:a.code,runtime:a.runtime,status:"built",secrets:(r=a.secrets)==null?void 0:r.map(s=>({name:s.name})),dependencies:a.dependencies,supported_triggers:a.supported_triggers,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function B(e){if(e!=null){if(typeof e=="number")return new Date(e).toISOString();if(typeof e=="string"){if(e==="")return;const t=parseFloat(e);return!isNaN(t)&&/^\d+(\.\d+)?$/.test(e)?new Date(t).toISOString():e}}}function F(e,t=new Date(0).toISOString()){return B(e)??t}function C(e){if(!e||e==="")return null;const t=new Date(e);return isNaN(t.getTime())?null:t.getTime()}function re(){return new Date().toISOString()}function D(e,t,a=[]){const n={};for(const o of t){const r=o.replace(/_ts$/,"");n[r]=F(e[o])}for(const o of a){const r=o.replace(/_ts$/,"");n[r]=B(e[o])}return n}function V(e){if(e)try{return JSON.parse(e)}catch{return}}function ot(e){return async(t,a)=>{const n=await e.selectFrom("actions").where("actions.tenant_id","=",t).where("actions.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{created_at_ts:o,updated_at_ts:r,deployed_at_ts:s,secrets:i,dependencies:d,supported_triggers:l,tenant_id:m,...c}=n,u=D({created_at_ts:o,updated_at_ts:r},["created_at_ts","updated_at_ts"]);return{...c,tenant_id:t,...u,runtime:c.runtime??void 0,status:c.status||"built",deployed_at:s?new Date(Number(s)).toISOString():void 0,secrets:V(i),dependencies:V(d),supported_triggers:V(l)}}}function ne(e,t){const a=new Set(t),n=r=>{const s=[];let i="",d=!1;for(let m=0;m<r.length;m++){const c=r[m];c==='"'?(d=!d,i+=c):c===" "&&!d?(i.trim()&&s.push(i.trim()),i=""):i+=c}return i.trim()&&s.push(i.trim()),s.filter(m=>{const c=m.replace(/^([^:]+)=/,"$1:"),u=c.startsWith("-")?c.slice(1):c;if(u.startsWith("_exists_:"))return a.has(u.slice(9));const _=u.indexOf(":");return _>0?a.has(u.slice(0,_)):!0}).join(" ")},o=e.split(/ OR /i);return o.length>1?o.map(n).filter(r=>r.length>0).join(" OR "):n(e)}function N(e,t,a,n){const o=a.split(/ OR /i);if(o.length>1)return t.where(l=>{const m=o.map(c=>{const u=c.trim().match(/^([^:]+):(.+)$/);if(u){const[,_,p]=u;if(!_||!p)return null;const f=p.replace(/^"(.*)"$/,"$1");return l(_.trim(),"=",f.trim())}return null}).filter(Boolean);return l.or(m)});const r=[];let s="",i=!1;for(let l=0;l<a.length;l++){const m=a[l];m==='"'?(i=!i,s+=m):m===" "&&!i?s.trim()&&(r.push(s.trim()),s=""):s+=m}return s.trim()&&r.push(s.trim()),r.filter(l=>l!=="AND").map(l=>l.replace(/^([^:]+)=/g,"$1:")).map(l=>{let m=l.startsWith("-"),c=null,u="",_=!1,p;if(l.startsWith("-_exists_:"))c=l.substring(10),_=!0,m=!0;else if(l.startsWith("_exists_:"))c=l.substring(9),_=!0,m=!1;else if(l.includes(":")){const f=m?l.substring(1):l,g=f.indexOf(":");c=f.substring(0,g),u=f.substring(g+1),_=!1,u.startsWith(">=")?(p=">=",u=u.substring(2)):u.startsWith(">")?(p=">",u=u.substring(1)):u.startsWith("<=")?(p="<=",u=u.substring(2)):u.startsWith("<")?(p="<",u=u.substring(1)):p="=",u.startsWith('"')&&u.endsWith('"')&&u.length>1&&(u=u.slice(1,-1))}else c=null,u=l,_=!1;return{key:c,value:u,isNegation:m,isExistsQuery:_,operator:p}}).forEach(({key:l,value:m,isNegation:c,isExistsQuery:u,operator:_})=>{if(l)if(u)c?t=t.where(l,"is",null):t=t.where(l,"is not",null);else if(c)switch(_){case">":t=t.where(l,"<=",m);break;case">=":t=t.where(l,"<",m);break;case"<":t=t.where(l,">=",m);break;case"<=":t=t.where(l,">",m);break;default:t=t.where(l,"!=",m)}else t=t.where(l,_,m);else if(m){const{ref:p}=e.dynamic;t=t.where(f=>f.or(n.map(g=>g==="user_id"?f(p(g),"=",m):f(p(g),"like",`%${m}%`))))}}),t}function k(e){return typeof e=="string"?parseInt(e,10):typeof e=="bigint"?Number(e):e}function X(e){if(e)try{return JSON.parse(e)}catch{return}}function rt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("actions").where("actions.tenant_id","=",t);s&&(i=N(e,i,s,["name"]));const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const{created_at_ts:_,updated_at_ts:p,deployed_at_ts:f,secrets:g,dependencies:v,supported_triggers:T,tenant_id:I,...O}=u,A=D({created_at_ts:_,updated_at_ts:p},["created_at_ts","updated_at_ts"]);return{...O,tenant_id:t,...A,runtime:O.runtime??void 0,status:O.status||"built",deployed_at:f?new Date(Number(f)).toISOString():void 0,secrets:X(g),dependencies:X(v),supported_triggers:X(T)}});if(!r)return{actions:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{actions:m,start:n*o,limit:o,length:k(c)}}}function st(e){if(!e)return[];try{const t=JSON.parse(e);return Array.isArray(t)?t:[]}catch{return[]}}function it(e){return async(t,a,n)=>{const o={updated_at_ts:Date.now()};if(n.name!==void 0&&(o.name=n.name),n.code!==void 0&&(o.code=n.code),n.runtime!==void 0&&(o.runtime=n.runtime),n.secrets!==void 0){const s=await e.selectFrom("actions").where("actions.id","=",a).where("actions.tenant_id","=",t).select("secrets").executeTakeFirst(),i=new Map(st(s==null?void 0:s.secrets).map(l=>[l.name,l])),d=n.secrets.map(l=>{var m;return l.value===void 0?{name:l.name,value:(m=i.get(l.name))==null?void 0:m.value}:l});o.secrets=JSON.stringify(d)}if(n.dependencies!==void 0&&(o.dependencies=JSON.stringify(n.dependencies)),n.supported_triggers!==void 0&&(o.supported_triggers=JSON.stringify(n.supported_triggers)),n.status!==void 0&&(o.status=n.status),n.deployed_at!==void 0){const s=new Date(n.deployed_at).getTime();Number.isFinite(s)&&(o.deployed_at_ts=s)}return(await e.updateTable("actions").set(o).where("actions.id","=",a).where("actions.tenant_id","=",t).executeTakeFirst()).numUpdatedRows>0}}function ct(e){return async(t,a)=>(await e.deleteFrom("actions").where("actions.id","=",a).where("actions.tenant_id","=",t).executeTakeFirst()).numDeletedRows>0}function lt(e){return{create:nt(e),get:ot(e),list:rt(e),update:it(e),remove:ct(e)}}function Z(e){if(e)try{return JSON.parse(e)}catch{return}}function le(e){const{created_at_ts:t,updated_at_ts:a,secrets:n,dependencies:o,supported_triggers:r,deployed:s,runtime:i,...d}=e;return{...d,runtime:i??void 0,deployed:!!s,secrets:Z(n),dependencies:Z(o),supported_triggers:Z(r),created_at:new Date(Number(t)).toISOString(),updated_at:new Date(Number(a)).toISOString()}}function dt(e){return{async create(t,a){const n=Date.now(),o=Xe(),r=a.deployed!==!1,s=await e.transaction().execute(async i=>{const d=await i.selectFrom("action_versions").where("tenant_id","=",t).where("action_id","=",a.action_id).select("number").orderBy("number","desc").limit(1).executeTakeFirst(),l=((d==null?void 0:d.number)??0)+1;return r&&await i.updateTable("action_versions").set({deployed:0,updated_at_ts:n}).where("tenant_id","=",t).where("action_id","=",a.action_id).execute(),await i.insertInto("action_versions").values({id:o,tenant_id:t,action_id:a.action_id,number:l,code:a.code,runtime:a.runtime||null,secrets:a.secrets?JSON.stringify(a.secrets):null,dependencies:a.dependencies?JSON.stringify(a.dependencies):null,supported_triggers:a.supported_triggers?JSON.stringify(a.supported_triggers):null,deployed:r?1:0,created_at_ts:n,updated_at_ts:n}).execute(),l});return{id:o,tenant_id:t,action_id:a.action_id,number:s,code:a.code,runtime:a.runtime,secrets:a.secrets,dependencies:a.dependencies,supported_triggers:a.supported_triggers,deployed:r,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}},async get(t,a,n){const o=await e.selectFrom("action_versions").where("tenant_id","=",t).where("action_id","=",a).where("id","=",n).selectAll().executeTakeFirst();return o?le(o):null},async list(t,a,n={}){const{page:o=0,per_page:r=50,include_totals:s=!1}=n,i=e.selectFrom("action_versions").where("tenant_id","=",t).where("action_id","=",a),l=(await i.orderBy("number","desc").offset(o*r).limit(r).selectAll().execute()).map(le);if(!s)return{versions:l,start:0,limit:0,length:0};const{count:m}=await i.select(c=>c.fn.countAll().as("count")).executeTakeFirstOrThrow();return{versions:l,start:o*r,limit:r,length:k(m)}},async removeForAction(t,a){const n=await e.deleteFrom("action_versions").where("tenant_id","=",t).where("action_id","=",a).executeTakeFirst();return Number(n.numDeletedRows??0)}}}var L=class extends Error{constructor(t=500,a){super(a==null?void 0:a.message,{cause:a==null?void 0:a.cause});Q(this,"res");Q(this,"status");this.res=a==null?void 0:a.res,this.status=t}getResponse(){return this.res?new Response(this.res.body,{status:this.status,headers:this.res.headers}):new Response(this.message,{status:this.status})}};function ut(e){return async(t,a)=>{const{identities:n,phone_verified:o,password:r,...s}=a,i={...s,login_count:s.login_count??0,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t,email_verified:a.email_verified?1:0,phone_verified:o!==void 0?o?1:0:null,is_social:a.is_social?1:0,app_metadata:JSON.stringify(a.app_metadata),user_metadata:JSON.stringify(a.user_metadata),address:a.address?JSON.stringify(a.address):null};try{const d=async l=>{if(await l.insertInto("users").values(i).execute(),r&&i.user_id){const m={id:S.nanoid(),user_id:i.user_id,password:r.hash,algorithm:r.algorithm,is_current:1,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t};await l.insertInto("passwords").values(m).execute()}};e.isTransaction?await d(e):await e.transaction().execute(d)}catch(d){throw d.code==="SQLITE_CONSTRAINT_UNIQUE"||d.code==="ER_DUP_ENTRY"||d.message.includes("AlreadyExists")?new L(409,{message:"User already exists"}):new L(500,{message:`${d.code}, ${d.message}`})}return{...i,email:i.email||"",email_verified:i.email_verified===1,phone_verified:i.phone_verified!==null?i.phone_verified===1:void 0,is_social:i.is_social===1,address:a.address}}}function y(e){if(e==null||typeof e!="object")return e;if(Array.isArray(e))return e.map(a=>a!==null&&typeof a=="object"?y(a):a);const t={...e};for(const a in t){const n=t[a];n===null?delete t[a]:n!==null&&typeof n=="object"&&(Array.isArray(n)?t[a]=n.map(o=>o!==null&&typeof o=="object"?y(o):o):t[a]=y(n))}return t}const _t=["email","email_verified","phone_number","phone_verified","username"];function G(e,t=!1){const a={connection:e.connection,provider:e.provider,user_id:x.parseUserId(e.user_id).id,isSocial:!!e.is_social};for(const n of _t)e[n]!==void 0&&e[n]!==null&&(a[n]=n.endsWith("_verified")?!!e[n]:e[n]);if(!t){let n={};try{n=JSON.parse(e.profileData||"{}")}catch(o){console.error("Error parsing profileData",o)}a.profileData={email:e.email,email_verified:!!e.email_verified,...n}}return a}function mt(e){return async(t,a)=>{const[n,o]=await Promise.all([e.selectFrom("users").where("users.tenant_id","=",t).where("users.user_id","=",a).selectAll().executeTakeFirst(),e.selectFrom("users").where("users.tenant_id","=",t).where("users.linked_to","=",a).selectAll().orderBy("created_at","asc").execute()]);if(!n)return null;const{tenant_id:r,...s}=n,i={...s,email:n.email||"",email_verified:n.email_verified===1,phone_verified:n.phone_verified!==null?n.phone_verified===1:void 0,is_social:n.is_social===1,app_metadata:JSON.parse(n.app_metadata),user_metadata:JSON.parse(n.user_metadata),address:n.address?JSON.parse(n.address):void 0,identities:[G(n,!0),...o.map(d=>G(d))]};return y(i)}}const ht=["user_id","email","email_verified","username","phone_number","phone_verified","name","given_name","family_name","nickname","picture","locale","linked_to","provider","connection","is_social","last_ip","last_login","login_count","created_at","updated_at"],pt=["email","name","phone_number","user_id"];function ft(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let d=e.selectFrom("users").where("users.tenant_id","=",t);if(i){const f=ne(i,ht);f&&(d=N(e,d,f,pt))}if(s&&s.sort_by){const{ref:f}=e.dynamic;d=d.orderBy(f(s.sort_by),s.sort_order)}const m=await d.offset(n*o).limit(o).selectAll().execute(),c=m.map(f=>f.user_id),u=c.length?await e.selectFrom("users").selectAll().where("users.tenant_id","=",t).where("users.linked_to","in",c).orderBy("created_at","asc").execute():[],_=m.map(f=>{const g=u.filter(v=>v.linked_to===f.user_id);return y({...f,email_verified:f.email_verified===1,phone_verified:f.phone_verified!==null?f.phone_verified===1:void 0,is_social:f.is_social===1,app_metadata:JSON.parse(f.app_metadata),user_metadata:JSON.parse(f.user_metadata),address:f.address?JSON.parse(f.address):void 0,identities:[G(f,!0),...g.map(v=>G(v))]})});if(!r)return{users:_,start:0,limit:0,length:0};const{count:p}=await d.select(f=>f.fn.countAll().as("count")).executeTakeFirstOrThrow();return{users:_,start:n*o,limit:o,length:k(p)}}}function gt(e){return async(t,a)=>(await e.deleteFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.user_id","in",o=>o.selectFrom("users").select("users.user_id").where("users.tenant_id","=",t).where(r=>r.or([r("users.user_id","=",a),r("users.linked_to","=",a)]))).execute(),await e.deleteFrom("users").where("users.tenant_id","=",t).where("users.linked_to","=",a).execute(),(await e.deleteFrom("users").where("users.tenant_id","=",t).where("users.user_id","=",a).execute()).length===1)}function K(e,t="",a={}){for(let n in e)if(Object.prototype.hasOwnProperty.call(e,n)){const o=t?`${t}_${n}`:n,r=e[n];typeof r=="object"&&r!==null&&!Array.isArray(r)?K(r,o,a):typeof r=="boolean"?a[o]=r?1:0:a[o]=r}return a}function Ce(e,t){const a={};for(const[n,o]of Object.entries(e)){const r=t.find(s=>n.startsWith(`${s}_`));if(!r)a[n]=o;else{const s=n.slice(r.length+1);a[r]={...a[r],[s]:o}}}return a}function wt(e){return async(t,a,n)=>{const o=K({...n,updated_at:new Date().toISOString(),app_metadata:n.app_metadata?JSON.stringify(n.app_metadata):void 0,user_metadata:n.user_metadata?JSON.stringify(n.user_metadata):void 0,address:n.address?JSON.stringify(n.address):void 0,phone_verified:n.phone_verified!==void 0?n.phone_verified?1:0:void 0});return(await e.updateTable("users").set(o).where("users.tenant_id","=",t).where("users.user_id","=",a).execute()).length===1}}function yt(e){return async(t,a,n,o)=>{const r={linked_to:null};return(await e.updateTable("users").set(r).where("users.tenant_id","=",t).where("users.user_id","=",`${n}|${o}`).where("users.linked_to","=",`${a}`).execute()).length===1}}function vt(e){const t=ut(e);return{create:t,rawCreate:t,remove:gt(e),get:mt(e),list:ft(e),update:wt(e),unlink:yt(e)}}function Ct(e){return async(t,a)=>{const n=new Date().toISOString(),o=x.flowSchema.parse({id:`af_${S.nanoid()}`,...a,actions:a.actions||[],created_at:n,updated_at:n});return await e.insertInto("flows").values({...o,tenant_id:t,actions:JSON.stringify(o.actions)}).execute(),o}}function R(e,t){if(!e)return t;try{return JSON.parse(e)}catch{return t}}function xe(e){if(e)try{const t=JSON.parse(e);return t&&typeof t=="object"&&!Array.isArray(t)?t:void 0}catch{return}}function Te(e,t,a={...e}){for(const n in t)n in e&&(a[n]=R(e[n],t[n]));return a}function xt(e){return async(t,a)=>{const n=await e.selectFrom("flows").selectAll().where("flows.id","=",a).where("tenant_id","=",t).executeTakeFirst();if(!n)return null;const o={...n,actions:R(n.actions,[])};return x.flowSchema.parse(y(o))}}function Tt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("flows").where("tenant_id","=",t);s&&(i=N(e,i,s,[]));const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const _={...u,actions:R(u.actions,[])};return x.flowSchema.parse(y(_))});if(!r)return{flows:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{flows:m,start:n*o,limit:o,length:k(c)}}}function Nt(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};n.actions!==void 0&&(o.actions=JSON.stringify(n.actions));const{numUpdatedRows:r}=await e.updateTable("flows").set(o).where("id","=",a).where("tenant_id","=",t).executeTakeFirst();if(r===0n)return null;const s=await e.selectFrom("flows").selectAll().where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return s?x.flowSchema.parse({...s,actions:s.actions?JSON.parse(s.actions):[]}):null}}function bt(e){return async(t,a)=>{var o;return(((o=(await e.deleteFrom("flows").where("id","=",a).where("tenant_id","=",t).execute())[0])==null?void 0:o.numDeletedRows)??0n)>0n}}function St(e){return{create:Ct(e),get:xt(e),list:Tt(e),update:Nt(e),remove:bt(e)}}function U(e,t,a={...e}){for(const n of t)e[n]!==void 0&&(a[n]=JSON.stringify(e[n]));return a}function Ne(e,t,a=e){for(const n of t)e[n]!==void 0&&(a[n]=e[n]?1:0)}function kt(e){const t={};for(const a in e)e[a]!==void 0&&e[a]!==null&&(t[a]=e[a]);return t}function be(e){const t={...e};return e.session_cookie&&typeof e.session_cookie=="string"&&(t.session_cookie=JSON.parse(e.session_cookie)),e.enabled_locales&&typeof e.enabled_locales=="string"&&(t.enabled_locales=JSON.parse(e.enabled_locales)),e.error_page&&typeof e.error_page=="string"&&(t.error_page=JSON.parse(e.error_page)),e.flags&&typeof e.flags=="string"&&(t.flags=JSON.parse(e.flags)),e.sandbox_versions_available&&typeof e.sandbox_versions_available=="string"&&(t.sandbox_versions_available=JSON.parse(e.sandbox_versions_available)),e.change_password&&typeof e.change_password=="string"&&(t.change_password=JSON.parse(e.change_password)),e.guardian_mfa_page&&typeof e.guardian_mfa_page=="string"&&(t.guardian_mfa_page=JSON.parse(e.guardian_mfa_page)),e.sessions&&typeof e.sessions=="string"&&(t.sessions=JSON.parse(e.sessions)),e.oidc_logout&&typeof e.oidc_logout=="string"&&(t.oidc_logout=JSON.parse(e.oidc_logout)),e.device_flow&&typeof e.device_flow=="string"&&(t.device_flow=JSON.parse(e.device_flow)),e.default_token_quota&&typeof e.default_token_quota=="string"&&(t.default_token_quota=JSON.parse(e.default_token_quota)),e.allowed_logout_urls&&typeof e.allowed_logout_urls=="string"&&(t.allowed_logout_urls=JSON.parse(e.allowed_logout_urls)),e.acr_values_supported&&typeof e.acr_values_supported=="string"&&(t.acr_values_supported=JSON.parse(e.acr_values_supported)),e.mtls&&typeof e.mtls=="string"&&(t.mtls=JSON.parse(e.mtls)),e.mfa&&typeof e.mfa=="string"&&(t.mfa=JSON.parse(e.mfa)),e.attack_protection&&typeof e.attack_protection=="string"&&(t.attack_protection=JSON.parse(e.attack_protection)),e.allow_organization_name_in_authentication_api!==void 0&&(t.allow_organization_name_in_authentication_api=e.allow_organization_name_in_authentication_api===1),e.customize_mfa_in_postlogin_action!==void 0&&(t.customize_mfa_in_postlogin_action=e.customize_mfa_in_postlogin_action===1),e.pushed_authorization_requests_supported!==void 0&&(t.pushed_authorization_requests_supported=e.pushed_authorization_requests_supported===1),e.authorization_response_iss_parameter_supported!==void 0&&(t.authorization_response_iss_parameter_supported=e.authorization_response_iss_parameter_supported===1),y(t)}function Se(e){const t={...e};return U(e,["session_cookie","enabled_locales","error_page","flags","sandbox_versions_available","change_password","guardian_mfa_page","sessions","oidc_logout","device_flow","default_token_quota","allowed_logout_urls","acr_values_supported","mtls","mfa","attack_protection"],t),e.allow_organization_name_in_authentication_api!==void 0&&(t.allow_organization_name_in_authentication_api=e.allow_organization_name_in_authentication_api?1:0),e.customize_mfa_in_postlogin_action!==void 0&&(t.customize_mfa_in_postlogin_action=e.customize_mfa_in_postlogin_action?1:0),e.pushed_authorization_requests_supported!==void 0&&(t.pushed_authorization_requests_supported=e.pushed_authorization_requests_supported?1:0),e.authorization_response_iss_parameter_supported!==void 0&&(t.authorization_response_iss_parameter_supported=e.authorization_response_iss_parameter_supported?1:0),kt(t)}function Ot(e){return async t=>{var o,r;const a={id:t.id||S.nanoid(),created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...t},n=Se(a);try{await e.insertInto("tenants").values(n).execute()}catch(s){throw(o=s==null?void 0:s.message)!=null&&o.includes("UNIQUE constraint failed")||(r=s==null?void 0:s.message)!=null&&r.includes("duplicate key")||(s==null?void 0:s.code)==="SQLITE_CONSTRAINT"||(s==null?void 0:s.code)==="ER_DUP_ENTRY"||(s==null?void 0:s.code)==="23505"?new L(409,{message:`Tenant with ID '${a.id}' already exists`}):s}return a}}function $t(e){return async t=>{const a=await e.selectFrom("tenants").where("tenants.id","=",t).selectAll().executeTakeFirst();return a?be(a):null}}function Et(e){return async t=>{let a=e.selectFrom("tenants");const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=t||{};if(s&&s.sort_by){const{ref:_}=e.dynamic;a=a.orderBy(_(s.sort_by),s.sort_order)}i&&(a=N(e,a,i,["friendly_name"]));const m=(await a.offset(n*o).limit(o).selectAll().execute()).map(be);if(!r)return{tenants:m};const{count:c}=await a.select(_=>_.fn.countAll().as("count")).executeTakeFirstOrThrow(),u=k(c);return{tenants:m,start:n*o,limit:o,length:u}}}function Pt(e){return async(t,a)=>{const o={...Se(a),id:t,updated_at:new Date().toISOString()};await e.updateTable("tenants").set(o).where("id","=",t).execute()}}function It(e){return async t=>(await e.deleteFrom("tenants").where("tenants.id","=",t).execute()).length===1}function zt(e){return{create:Ot(e),get:$t(e),list:Et(e),update:Pt(e),remove:It(e)}}function de(e){return e?JSON.stringify(e):void 0}const Dt=256;function At(e){return async(t,a)=>{var i,d,l;const n=(i=a.user_agent)==null?void 0:i.slice(0,Dt),o=a.log_id||S.nanoid(),{location_info:r,...s}=a;return await e.insertInto("logs").values({...s,log_id:o,tenant_id:t,user_agent:n,description:(d=a.description)==null?void 0:d.substring(0,256),isMobile:a.isMobile?1:0,scope:a.scope,auth0_client:de(a.auth0_client),details:(l=de(a.details))==null?void 0:l.substring(0,8192),country_code:r==null?void 0:r.country_code,city_name:r==null?void 0:r.city_name,latitude:r==null?void 0:r.latitude,longitude:r==null?void 0:r.longitude,time_zone:r==null?void 0:r.time_zone,continent_code:r==null?void 0:r.continent_code}).execute(),{...a,log_id:o,user_agent:n}}}function ue(e){if(!e)return"";try{return JSON.parse(e)}catch{return e}}function ke(e){return{...e,client_id:e.client_id,client_name:"",auth0_client:ue(e.auth0_client),details:ue(e.details),isMobile:!!e.isMobile,scope:e.scope||void 0,log_id:e.log_id,location_info:e.country_code?{country_code:e.country_code,city_name:e.city_name||"",latitude:e.latitude||"",longitude:e.longitude||"",time_zone:e.time_zone||"",continent_code:e.continent_code||""}:void 0}}function Ft(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let d=e.selectFrom("logs").where("logs.tenant_id","=",t);i&&(d=N(e,d,i,["user_id","ip"]));let l=d;if(s&&s.sort_by){const{ref:_}=e.dynamic;l=l.orderBy(_(s.sort_by),s.sort_order)}l=l.offset(n*o).limit(o);const c=(await l.selectAll().execute()).map(ke);if(!r)return{logs:c,start:0,limit:0,length:0};const{count:u}=await d.select(_=>_.fn.countAll().as("count")).executeTakeFirstOrThrow();return{logs:c,start:n*o,limit:o,length:k(u)}}}function jt(e){return async(t,a)=>{const n=await e.selectFrom("logs").where("logs.tenant_id","=",t).where("logs.log_id","=",a).selectAll().executeTakeFirst();return n?ke(n):null}}function Rt(e){return{create:At(e),list:Ft(e),get:jt(e)}}function Mt(e){return async(t,a)=>{const n=await e.selectFrom("sessions").where("sessions.tenant_id","=",t).where("sessions.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,device:r,clients:s,created_at_ts:i,updated_at_ts:d,expires_at_ts:l,idle_expires_at_ts:m,authenticated_at_ts:c,last_interaction_at_ts:u,used_at_ts:_,revoked_at_ts:p,...f}=n,g=D({created_at_ts:i,updated_at_ts:d,expires_at_ts:l,idle_expires_at_ts:m,authenticated_at_ts:c,last_interaction_at_ts:u,used_at_ts:_,revoked_at_ts:p},["created_at_ts","updated_at_ts","authenticated_at_ts","last_interaction_at_ts"],["expires_at_ts","idle_expires_at_ts","used_at_ts","revoked_at_ts"]);return{...f,...g,device:JSON.parse(r),clients:JSON.parse(s)}}}function Jt(e){return async(t,a)=>{const n=Date.now(),o=re(),r={...a,created_at:o,updated_at:o,authenticated_at:o,last_interaction_at:o},{expires_at:s,idle_expires_at:i,used_at:d,revoked_at:l,device:m,clients:c,...u}=a;return await e.insertInto("sessions").values({...u,tenant_id:t,created_at_ts:n,updated_at_ts:n,authenticated_at_ts:n,last_interaction_at_ts:n,expires_at_ts:C(s),idle_expires_at_ts:C(i),used_at_ts:C(d),revoked_at_ts:C(l),device:JSON.stringify(m),clients:JSON.stringify(c)}).execute(),r}}function qt(e){return async(t,a)=>!!(await e.deleteFrom("sessions").where("tenant_id","=",t).where("sessions.id","=",a).execute()).length}function Lt(e){return async(t,a,n)=>{const o={updated_at_ts:Date.now(),device:n.device?JSON.stringify(n.device):void 0,clients:n.clients?JSON.stringify(n.clients):void 0};return n.expires_at!==void 0&&(o.expires_at_ts=C(n.expires_at)),n.idle_expires_at!==void 0&&(o.idle_expires_at_ts=C(n.idle_expires_at)),n.authenticated_at!==void 0&&(o.authenticated_at_ts=C(n.authenticated_at)),n.last_interaction_at!==void 0&&(o.last_interaction_at_ts=C(n.last_interaction_at)),n.used_at!==void 0&&(o.used_at_ts=C(n.used_at)),n.revoked_at!==void 0&&(o.revoked_at_ts=C(n.revoked_at)),n.user_id!==void 0&&(o.user_id=n.user_id),n.login_session_id!==void 0&&(o.login_session_id=n.login_session_id),!!(await e.updateTable("sessions").set(o).where("tenant_id","=",t).where("sessions.id","=",a).execute()).length}}function Kt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let d=e.selectFrom("sessions").where("sessions.tenant_id","=",t);i&&(d=N(e,d,i,["user_id","session_id"]));let l=d;if(s&&s.sort_by){const{ref:p}=e.dynamic;l=l.orderBy(p(s.sort_by),s.sort_order)}l=l.offset(n*o).limit(o);const c=(await l.selectAll().execute()).map(p=>{const{tenant_id:f,device:g,clients:v,created_at_ts:T,updated_at_ts:I,expires_at_ts:O,idle_expires_at_ts:A,authenticated_at_ts:b,last_interaction_at_ts:M,used_at_ts:qe,revoked_at_ts:Le,...Ke}=p,Be=D({created_at_ts:T,updated_at_ts:I,expires_at_ts:O,idle_expires_at_ts:A,authenticated_at_ts:b,last_interaction_at_ts:M,used_at_ts:qe,revoked_at_ts:Le},["created_at_ts","updated_at_ts","authenticated_at_ts","last_interaction_at_ts"],["expires_at_ts","idle_expires_at_ts","used_at_ts","revoked_at_ts"]);return{...Ke,...Be,device:JSON.parse(g),clients:JSON.parse(v)}});if(!r)return{sessions:c,start:0,limit:0,length:0};const{count:u}=await d.select(p=>p.fn.countAll().as("count")).executeTakeFirstOrThrow(),_=k(u);return{sessions:c,start:n*o,limit:o,length:_}}}function Bt(e){return{create:Jt(e),get:Mt(e),list:Kt(e),remove:qt(e),update:Lt(e)}}function Ut(e){return async(t,a)=>{const n=await e.selectFrom("passwords").where("passwords.tenant_id","=",t).where("passwords.user_id","=",a).where("passwords.is_current","=",1).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,...r}=n;return{...r,is_current:!!r.is_current}}}function Qt(e){return async(t,a)=>{const n=a.id||S.nanoid(),o=a.is_current??!0,r={id:n,...a,is_current:o,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};return o&&await e.updateTable("passwords").set({is_current:0}).where("user_id","=",a.user_id).where("tenant_id","=",t).where("is_current","=",1).execute(),await e.insertInto("passwords").values({...r,is_current:r.is_current?1:0,tenant_id:t}).execute(),r}}function Wt(e){return async(t,a)=>{let n=e.updateTable("passwords").set({password:a.password,algorithm:a.algorithm,is_current:a.is_current?1:0,updated_at:new Date().toISOString()}).where("tenant_id","=",t).where("user_id","=",a.user_id);return a.id?n=n.where("id","=",a.id):n=n.where("is_current","=",1),(await n.execute()).length===1}}function Yt(e){return async(t,a,n)=>{let o=e.selectFrom("passwords").where("passwords.tenant_id","=",t).where("passwords.user_id","=",a).orderBy("created_at","desc");return n&&(o=o.limit(n)),(await o.selectAll().execute()).map(({tenant_id:s,...i})=>({...i,is_current:!!i.is_current}))}}function Ht(e){return{create:Qt(e),update:Wt(e),get:Ut(e),list:Yt(e)}}function Gt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("codes").where("codes.tenant_id","=",t);s&&(i=N(e,i,s,["code","login_id"]));const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const{tenant_id:_,...p}=u;return x.codeSchema.parse(y(p))});if(!r)return{codes:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{codes:m,start:n*o,limit:o,length:k(c)}}}function Vt(e){return async(t,a)=>{const n={...a,created_at:new Date().toISOString()};return await e.insertInto("codes").values({...n,tenant_id:t}).execute(),n}}function Xt(e){return async(t,a)=>(await e.deleteFrom("codes").where("codes.tenant_id","=",t).where("codes.code_id","=",a).executeTakeFirst()).numDeletedRows>0}function Zt(e){return async(t,a,n)=>{let o=e.selectFrom("codes").where("codes.code_id","=",a).where("codes.code_type","=",n);t.length&&(o=o.where("codes.tenant_id","=",t));const r=await o.selectAll().executeTakeFirst();return r?y(r):null}}function ea(e){return async(t,a)=>(await e.updateTable("codes").set({used_at:new Date().toISOString()}).where("codes.tenant_id","=",t).where("codes.code_id","=",a).executeTakeFirst()).numUpdatedRows>0}function ta(e){return async(t,a)=>(await e.updateTable("codes").set({used_at:new Date().toISOString()}).where("codes.tenant_id","=",t).where("codes.code_id","=",a).where("codes.used_at","is",null).executeTakeFirst()).numUpdatedRows>0}function aa(e){return{create:Vt(e),list:Gt(e),remove:Xt(e),used:ea(e),consume:ta(e),get:Zt(e)}}function na(e){return async(t,a)=>{const{is_system:n,...o}=a,r={id:o.id||Ge(),...o,is_system:n?!0:void 0,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};return await e.insertInto("connections").values({...r,is_system:n?1:0,options:JSON.stringify(r.options||{}),tenant_id:t}).execute(),r}}function se(e){const{is_system:t,...a}=e;return y({...a,is_system:t?!0:void 0,options:JSON.parse(e.options)})}function oa(e){return e.map(se)}function ra(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("connections").where("connections.tenant_id","=",t);s&&(i=N(e,i,s,["user_id","ip"]));const l=await i.offset(n*o).limit(o).selectAll().execute(),m=oa(l);if(!r)return{connections:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{connections:m,start:n*o,limit:o,length:k(c)}}}function sa(e){return async(t,a)=>(await e.deleteFrom("connections").where("connections.tenant_id","=",t).where("connections.id","=",a).executeTakeFirst()).numDeletedRows>0}function ia(e){return async(t,a)=>{const n=await e.selectFrom("connections").where("connections.tenant_id","=",t).where("connections.id","=",a).selectAll().executeTakeFirst();return n?se(n):null}}function ca(e){return async(t,a,n)=>{const{is_system:o,...r}=n,s={...r,is_system:o!==void 0?o?1:0:void 0,updated_at:new Date().toISOString()};return await e.updateTable("connections").set({...s,options:s.options?JSON.stringify(s.options):void 0}).where("connections.id","=",a).where("connections.tenant_id","=",t).execute(),!0}}function la(e){return{create:na(e),get:ia(e),list:ra(e),remove:sa(e),update:ca(e)}}function da(e){return async(t,a)=>{const n=a.client_id??S.nanoid(),o={created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...a,client_id:n,global:a.global??!1,is_first_party:a.is_first_party??!1,oidc_conformant:a.oidc_conformant??!0,auth0_conformant:a.auth0_conformant??!0,sso:a.sso??!1,sso_disabled:a.sso_disabled??!1,cross_origin_authentication:a.cross_origin_authentication??!1,custom_login_page_on:a.custom_login_page_on??!1,require_pushed_authorization_requests:a.require_pushed_authorization_requests??!1,require_proof_of_possession:a.require_proof_of_possession??!1},r={...o,tenant_id:t};return Ne(o,["global","is_first_party","oidc_conformant","auth0_conformant","sso","sso_disabled","cross_origin_authentication","custom_login_page_on","require_pushed_authorization_requests","require_proof_of_possession"],r),Object.assign(r,{callbacks:JSON.stringify(a.callbacks||[]),allowed_origins:JSON.stringify(a.allowed_origins||[]),web_origins:JSON.stringify(a.web_origins||[]),client_aliases:JSON.stringify(a.client_aliases||[]),allowed_clients:JSON.stringify(a.allowed_clients||[]),connections:JSON.stringify(a.connections||[]),allowed_logout_urls:JSON.stringify(a.allowed_logout_urls||[]),session_transfer:JSON.stringify(a.session_transfer||{}),oidc_logout:JSON.stringify(a.oidc_logout||{}),grant_types:JSON.stringify(a.grant_types||[]),jwt_configuration:JSON.stringify(a.jwt_configuration||{}),signing_keys:JSON.stringify(a.signing_keys||[]),encryption_key:JSON.stringify(a.encryption_key||{}),addons:JSON.stringify(a.addons||{}),client_metadata:JSON.stringify(a.client_metadata||{}),mobile:JSON.stringify(a.mobile||{}),native_social_login:JSON.stringify(a.native_social_login||{}),refresh_token:JSON.stringify(a.refresh_token||{}),default_organization:JSON.stringify(a.default_organization||{}),client_authentication_methods:JSON.stringify(a.client_authentication_methods||{}),signed_request_object:JSON.stringify(a.signed_request_object||{}),token_quota:JSON.stringify(a.token_quota||{}),owner_user_id:a.owner_user_id??null,registration_type:a.registration_type??null,registration_metadata:a.registration_metadata?JSON.stringify(a.registration_metadata):null}),await e.insertInto("clients").values(r).execute(),o}}function ua(e){return async(t,a)=>{const n=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,...r}=n;return y({...r,global:!!n.global,is_first_party:!!n.is_first_party,oidc_conformant:!!n.oidc_conformant,auth0_conformant:!!n.auth0_conformant,sso:!!n.sso,sso_disabled:!!n.sso_disabled,cross_origin_authentication:!!n.cross_origin_authentication,custom_login_page_on:!!n.custom_login_page_on,require_pushed_authorization_requests:!!n.require_pushed_authorization_requests,require_proof_of_possession:!!n.require_proof_of_possession,callbacks:JSON.parse(n.callbacks),allowed_origins:JSON.parse(n.allowed_origins),web_origins:JSON.parse(n.web_origins),client_aliases:JSON.parse(n.client_aliases),allowed_clients:JSON.parse(n.allowed_clients),connections:JSON.parse(n.connections||"[]"),allowed_logout_urls:JSON.parse(n.allowed_logout_urls),session_transfer:JSON.parse(n.session_transfer),oidc_logout:JSON.parse(n.oidc_logout),grant_types:JSON.parse(n.grant_types),jwt_configuration:JSON.parse(n.jwt_configuration),signing_keys:JSON.parse(n.signing_keys),encryption_key:JSON.parse(n.encryption_key),addons:JSON.parse(n.addons),client_metadata:JSON.parse(n.client_metadata),mobile:JSON.parse(n.mobile),native_social_login:JSON.parse(n.native_social_login),refresh_token:JSON.parse(n.refresh_token),default_organization:JSON.parse(n.default_organization),client_authentication_methods:JSON.parse(n.client_authentication_methods),signed_request_object:JSON.parse(n.signed_request_object),token_quota:JSON.parse(n.token_quota),registration_metadata:n.registration_metadata?JSON.parse(n.registration_metadata):void 0})}}function _a(e){return async t=>{const a=await e.selectFrom("clients").where("clients.client_id","=",t).selectAll().executeTakeFirst();return a?y({...a,global:!!a.global,is_first_party:!!a.is_first_party,oidc_conformant:!!a.oidc_conformant,auth0_conformant:!!a.auth0_conformant,sso:!!a.sso,sso_disabled:!!a.sso_disabled,cross_origin_authentication:!!a.cross_origin_authentication,custom_login_page_on:!!a.custom_login_page_on,require_pushed_authorization_requests:!!a.require_pushed_authorization_requests,require_proof_of_possession:!!a.require_proof_of_possession,callbacks:JSON.parse(a.callbacks),allowed_origins:JSON.parse(a.allowed_origins),web_origins:JSON.parse(a.web_origins),client_aliases:JSON.parse(a.client_aliases),allowed_clients:JSON.parse(a.allowed_clients),connections:JSON.parse(a.connections||"[]"),allowed_logout_urls:JSON.parse(a.allowed_logout_urls),session_transfer:JSON.parse(a.session_transfer),oidc_logout:JSON.parse(a.oidc_logout),grant_types:JSON.parse(a.grant_types),jwt_configuration:JSON.parse(a.jwt_configuration),signing_keys:JSON.parse(a.signing_keys),encryption_key:JSON.parse(a.encryption_key),addons:JSON.parse(a.addons),client_metadata:JSON.parse(a.client_metadata),mobile:JSON.parse(a.mobile),native_social_login:JSON.parse(a.native_social_login),refresh_token:JSON.parse(a.refresh_token),default_organization:JSON.parse(a.default_organization),client_authentication_methods:JSON.parse(a.client_authentication_methods),signed_request_object:JSON.parse(a.signed_request_object),token_quota:JSON.parse(a.token_quota),registration_metadata:a.registration_metadata?JSON.parse(a.registration_metadata):void 0}):null}}function ma(e){return async(t,a)=>{let n=e.selectFrom("clients").where("clients.tenant_id","=",t);const o=new Set(["owner_user_id","registration_type"]);if(a!=null&&a.q){const u=a.q.trim().match(/^([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/);if(u&&o.has(u[1])&&u[2]){const _=u[1];n=n.where(_,"=",u[2])}else n=n.where(_=>_.or([_("name","like",`%${a.q}%`),_("client_id","like",`%${a.q}%`)]))}if(a!=null&&a.sort){const c=a.sort.sort_order==="asc"?"asc":"desc",u=a.sort.sort_by;["name","client_id","created_at","updated_at"].includes(u)?n=n.orderBy(u,c):n=n.orderBy("created_at","desc")}else n=n.orderBy("created_at","desc");if((a==null?void 0:a.from)!==void 0){const c=parseInt(a.from,10);isNaN(c)||(n=n.offset(c))}else if((a==null?void 0:a.page)!==void 0){const c=(a==null?void 0:a.per_page)||(a==null?void 0:a.take)||10,u=a.page*c;n=n.offset(u)}const r=(a==null?void 0:a.take)||(a==null?void 0:a.per_page)||10;n=n.limit(r);const s=await n.selectAll().execute();let i=s.length;if(a!=null&&a.include_totals){let c=e.selectFrom("clients").select(h.sql`count(*)`.as("count")).where("clients.tenant_id","=",t);if(a!=null&&a.q){const p=a.q.trim().match(/^([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/);if(p&&o.has(p[1])&&p[2]){const f=p[1];c=c.where(f,"=",p[2])}else c=c.where(f=>f.or([f("name","like",`%${a.q}%`),f("client_id","like",`%${a.q}%`)]))}const u=await c.executeTakeFirst();i=Number((u==null?void 0:u.count)||0)}const d=s.map(c=>y({...c,global:!!c.global,is_first_party:!!c.is_first_party,oidc_conformant:!!c.oidc_conformant,auth0_conformant:!!c.auth0_conformant,sso:!!c.sso,sso_disabled:!!c.sso_disabled,cross_origin_authentication:!!c.cross_origin_authentication,custom_login_page_on:!!c.custom_login_page_on,require_pushed_authorization_requests:!!c.require_pushed_authorization_requests,require_proof_of_possession:!!c.require_proof_of_possession,callbacks:JSON.parse(c.callbacks),allowed_origins:JSON.parse(c.allowed_origins),web_origins:JSON.parse(c.web_origins),client_aliases:JSON.parse(c.client_aliases),allowed_clients:JSON.parse(c.allowed_clients),connections:JSON.parse(c.connections||"[]"),allowed_logout_urls:JSON.parse(c.allowed_logout_urls),session_transfer:JSON.parse(c.session_transfer),oidc_logout:JSON.parse(c.oidc_logout),grant_types:JSON.parse(c.grant_types),jwt_configuration:JSON.parse(c.jwt_configuration),signing_keys:JSON.parse(c.signing_keys),encryption_key:JSON.parse(c.encryption_key),addons:JSON.parse(c.addons),client_metadata:JSON.parse(c.client_metadata),mobile:JSON.parse(c.mobile),native_social_login:JSON.parse(c.native_social_login),refresh_token:JSON.parse(c.refresh_token),default_organization:JSON.parse(c.default_organization),client_authentication_methods:JSON.parse(c.client_authentication_methods),signed_request_object:JSON.parse(c.signed_request_object),token_quota:JSON.parse(c.token_quota),registration_metadata:c.registration_metadata?JSON.parse(c.registration_metadata):void 0})),l=(a==null?void 0:a.take)||(a==null?void 0:a.per_page)||10,m=a!=null&&a.from?parseInt(a.from,10):a!=null&&a.page?a.page*l:0;return{clients:d,totals:{start:isNaN(m)?0:m,limit:l,length:d.length,total:i}}}}function ha(e){return async(t,a)=>(await e.deleteFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",a).executeTakeFirst()).numDeletedRows>0}function pa(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};return Ne(n,["global","is_first_party","oidc_conformant","auth0_conformant","sso","sso_disabled","cross_origin_authentication","custom_login_page_on","require_pushed_authorization_requests","require_proof_of_possession"],o),U(n,["callbacks","allowed_origins","web_origins","client_aliases","allowed_clients","connections","allowed_logout_urls","session_transfer","oidc_logout","grant_types","jwt_configuration","signing_keys","encryption_key","addons","client_metadata","mobile","native_social_login","refresh_token","default_organization","client_authentication_methods","signed_request_object","token_quota","registration_metadata"],o),(await e.updateTable("clients").set(o).where("clients.tenant_id","=",t).where("clients.client_id","=",a).executeTakeFirst()).numUpdatedRows>0}}function fa(e){return{create:da(e),get:ua(e),getByClientId:_a(e),list:ma(e),remove:ha(e),update:pa(e)}}function ga(e){return async(t,a)=>{const n=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",a).select("connections").executeTakeFirst();if(!n)return[];const o=JSON.parse(n.connections||"[]");if(o.length===0)return[];const r=await e.selectFrom("connections").where("connections.tenant_id","=",t).where("connections.id","in",o).selectAll().execute(),s=new Map(r.map(i=>[i.id,se(i)]));return o.map(i=>s.get(i)).filter(i=>i!==void 0)}}function wa(e){return async(t,a,n)=>(await e.updateTable("clients").set({connections:JSON.stringify(n),updated_at:new Date().toISOString()}).where("clients.tenant_id","=",t).where("clients.client_id","=",a).executeTakeFirst()).numUpdatedRows>0}function ya(e){return async(t,a)=>{const n=await e.selectFrom("clients").where("clients.tenant_id","=",t).select(["client_id","connections"]).execute(),o=[];for(const r of n)JSON.parse(r.connections||"[]").includes(a)&&o.push(r.client_id);return o}}function va(e){return async(t,a,n)=>{const o=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",n).select("connections").executeTakeFirst();if(!o)return!1;const r=JSON.parse(o.connections||"[]");return r.includes(a)?!0:(r.push(a),(await e.updateTable("clients").set({connections:JSON.stringify(r),updated_at:new Date().toISOString()}).where("clients.tenant_id","=",t).where("clients.client_id","=",n).executeTakeFirst()).numUpdatedRows>0)}}function Ca(e){return async(t,a,n)=>{const o=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",n).select("connections").executeTakeFirst();if(!o)return!1;const r=JSON.parse(o.connections||"[]"),s=r.filter(i=>i!==a);return s.length!==r.length?(await e.updateTable("clients").set({connections:JSON.stringify(s),updated_at:new Date().toISOString()}).where("clients.tenant_id","=",t).where("clients.client_id","=",n).executeTakeFirst()).numUpdatedRows>0:!0}}function xa(e){return{listByClient:ga(e),updateByClient:wa(e),listByConnection:ya(e),addClientToConnection:va(e),removeClientFromConnection:Ca(e)}}function Ta(e){return async(t,a)=>{const n=new Date().toISOString(),o=S.nanoid(),{scope:r,authorization_details_types:s,...i}=a,d={id:o,tenant_id:t,...i,scope:r?JSON.stringify(r):"[]",authorization_details_types:s?JSON.stringify(s):"[]",allow_any_organization:i.allow_any_organization!==void 0?i.allow_any_organization?1:0:void 0,is_system:i.is_system!==void 0?i.is_system?1:0:void 0,created_at:n,updated_at:n};return await e.insertInto("client_grants").values(d).execute(),y({id:o,tenant_id:t,...i,scope:r||[],authorization_details_types:s||[],allow_any_organization:i.allow_any_organization??!1,is_system:i.is_system??!1,created_at:n,updated_at:n})}}function Na(e){return async(t,a)=>{const n=await e.selectFrom("client_grants").selectAll().where("client_grants.tenant_id","=",t).where("client_grants.id","=",a).executeTakeFirst();if(!n)return null;const o={id:n.id,client_id:n.client_id,audience:n.audience,scope:n.scope?JSON.parse(n.scope):[],organization_usage:n.organization_usage,allow_any_organization:n.allow_any_organization!==void 0?!!n.allow_any_organization:!1,is_system:n.is_system!==void 0?!!n.is_system:!1,subject_type:n.subject_type,authorization_details_types:n.authorization_details_types?JSON.parse(n.authorization_details_types):[],created_at:n.created_at,updated_at:n.updated_at};return y(o)}}function ba(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s,sort:i}=a;let d=e.selectFrom("client_grants").where("client_grants.tenant_id","=",t);if(s){const _=s.trim(),p=_.split(/\s+/),f=p.length===1?p[0]:void 0,g=f?f.match(/^(-)?([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/):null,v=g?g[3]:"",T=/^(>=|>|<=|<)/.test(v||"");if(g&&!T&&v){const I=!!g[1],O=g[2],{ref:A}=e.dynamic,b=A(`client_grants.${O}`);if(O==="allow_any_organization"){const M=v==="true"?1:0;I?d=d.where(b,"!=",M):d=d.where(b,"=",M)}else I?d=d.where(b,"!=",v):d=d.where(b,"=",v)}else d=N(e,d,_,[])}let l=d;if(i){const{ref:_}=e.dynamic;l=l.orderBy(_(i.sort_by),i.sort_order)}else l=l.orderBy("client_grants.created_at","desc");l=l.limit(o).offset(n*o);const c=(await l.selectAll().execute()).map(_=>{const p={id:_.id,client_id:_.client_id,audience:_.audience,scope:_.scope?JSON.parse(_.scope):[],organization_usage:_.organization_usage,allow_any_organization:_.allow_any_organization!==void 0?!!_.allow_any_organization:!1,is_system:_.is_system!==void 0?!!_.is_system:!1,subject_type:_.subject_type,authorization_details_types:_.authorization_details_types?JSON.parse(_.authorization_details_types):[],created_at:_.created_at,updated_at:_.updated_at};return y(p)});if(!r)return{client_grants:c,start:0,limit:0,length:0};const{count:u}=await d.select(_=>_.fn.countAll().as("count")).executeTakeFirstOrThrow();return{client_grants:c,start:n*o,limit:o,length:k(u)}}}function Sa(e){return async(t,a)=>((await e.deleteFrom("client_grants").where("client_grants.tenant_id","=",t).where("client_grants.id","=",a).executeTakeFirst()).numDeletedRows??0n)>0n}function ka(e){return async(t,a,n)=>{const o=new Date().toISOString(),{scope:r,authorization_details_types:s,...i}=n,d={...i,updated_at:o};return r!==void 0&&(d.scope=JSON.stringify(r)),s!==void 0&&(d.authorization_details_types=JSON.stringify(s)),i.allow_any_organization!==void 0&&(d.allow_any_organization=i.allow_any_organization?1:0),i.is_system!==void 0&&(d.is_system=i.is_system?1:0),((await e.updateTable("client_grants").set(d).where("client_grants.tenant_id","=",t).where("client_grants.id","=",a).executeTakeFirst()).numUpdatedRows??0n)>0n}}function Oa(e){return{create:Ta(e),get:Na(e),list:ba(e),remove:Sa(e),update:ka(e)}}function $a(e){return async(t,a)=>{const n=Date.now();return await e.insertInto("client_registration_tokens").values({id:a.id,tenant_id:t,token_hash:a.token_hash,type:a.type,client_id:a.client_id??null,sub:a.sub??null,constraints:a.constraints?JSON.stringify(a.constraints):null,single_use:a.single_use?1:0,expires_at_ts:C(a.expires_at),created_at_ts:n,used_at_ts:null,revoked_at_ts:null}).execute(),{id:a.id,token_hash:a.token_hash,type:a.type,client_id:a.client_id,sub:a.sub,constraints:a.constraints,single_use:a.single_use,expires_at:a.expires_at,created_at:new Date(n).toISOString()}}}function Ea(e){const t=x.clientRegistrationTokenTypeSchema.safeParse(e);if(!t.success)throw new Error(`Unknown client_registration_tokens.type: ${e}`);return t.data}function Pa(e){if(!e)return;let t;try{t=JSON.parse(e)}catch{return}return x.isPlainObject(t)?t:void 0}function ie(e){return{id:e.id,token_hash:e.token_hash,type:Ea(e.type),client_id:e.client_id??void 0,sub:e.sub??void 0,constraints:Pa(e.constraints),single_use:!!e.single_use,expires_at:B(e.expires_at_ts),used_at:B(e.used_at_ts),revoked_at:B(e.revoked_at_ts),created_at:F(e.created_at_ts)}}function Ia(e){return async(t,a)=>{const n=await e.selectFrom("client_registration_tokens").where("tenant_id","=",t).where("id","=",a).selectAll().executeTakeFirst();return n?ie(n):null}}function za(e){return async(t,a)=>{const n=await e.selectFrom("client_registration_tokens").where("tenant_id","=",t).where("token_hash","=",a).selectAll().executeTakeFirst();return n?ie(n):null}}function Da(e){return async(t,a)=>(await e.selectFrom("client_registration_tokens").where("tenant_id","=",t).where("client_id","=",a).orderBy("created_at_ts","desc").selectAll().execute()).map(ie)}function Aa(e){return async(t,a,n)=>(await e.updateTable("client_registration_tokens").set({used_at_ts:C(n)}).where("tenant_id","=",t).where("id","=",a).where("used_at_ts","is",null).executeTakeFirst()).numUpdatedRows>0}function Fa(e){return async(t,a,n)=>(await e.updateTable("client_registration_tokens").set({revoked_at_ts:C(n)}).where("tenant_id","=",t).where("id","=",a).where("revoked_at_ts","is",null).executeTakeFirst()).numUpdatedRows>0}function ja(e){return async(t,a,n)=>{const o=await e.updateTable("client_registration_tokens").set({revoked_at_ts:C(n)}).where("tenant_id","=",t).where("client_id","=",a).where("revoked_at_ts","is",null).executeTakeFirst();return Number(o.numUpdatedRows)}}function Ra(e){return async(t,a)=>(await e.deleteFrom("client_registration_tokens").where("tenant_id","=",t).where("id","=",a).executeTakeFirst()).numDeletedRows>0}function Ma(e){return{create:$a(e),get:Ia(e),getByHash:za(e),listByClient:Da(e),markUsed:Aa(e),revoke:Fa(e),revokeByClient:ja(e),remove:Ra(e)}}function Ja(e){return async(t={})=>{const{page:a=0,per_page:n=100,include_totals:o=!1,sort:r,q:s}=t;let i=e.selectFrom("keys").where(_=>_.or([_("revoked_at",">",new Date().toISOString()),_("revoked_at","is",null)]));s&&(i=N(e,i,s,["kid","tenant_id","connection","fingerprint","thumbprint","type"]));let d=i.select(_=>_.fn.count("kid").as("count"));const l=a*n;i=i.limit(n).offset(l),r&&(i=i.orderBy(r.sort_by,r.sort_order));const m=await i.selectAll().execute();if(!o)return{signingKeys:m,start:0,limit:0,length:0};const c=await d.executeTakeFirst(),u=k((c==null?void 0:c.count)??0);return{signingKeys:m,start:l,limit:n,length:u}}}function qa(e){return async t=>{await e.insertInto("keys").values({...t,created_at:new Date().toDateString()}).execute()}}function La(e){return async(t,a)=>!!(await e.updateTable("keys").set(a).where("kid","=",t).execute()).length}function Ka(e){return{create:qa(e),list:Ja(e),update:La(e)}}function Ba(e){return async(t,a)=>{const n={custom_domain_id:a.custom_domain_id||S.nanoid(),status:"pending",primary:!1,...a};return await e.insertInto("custom_domains").values({...n,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t,primary:n.primary?1:0,domain_metadata:n.domain_metadata?JSON.stringify(n.domain_metadata):void 0}).execute(),n}}function Ua(e){return async t=>(await e.selectFrom("custom_domains").where("custom_domains.tenant_id","=",t).selectAll().execute()).map(n=>({...n,primary:n.primary===1,domain_metadata:R(n.domain_metadata,void 0)}))}function Qa(e){return async(t,a)=>(await e.deleteFrom("custom_domains").where("custom_domains.tenant_id","=",t).where("custom_domains.custom_domain_id","=",a).execute()).length>0}function Wa(e){return async(t,a)=>{const n=await e.selectFrom("custom_domains").where("custom_domains.tenant_id","=",t).where("custom_domains.custom_domain_id","=",a).selectAll().executeTakeFirst();return n?{...n,primary:n.primary===1,domain_metadata:R(n.domain_metadata,void 0),verification:R(n.verification,void 0)}:null}}function Ya(e){return async(t,a,n)=>{const{verification:o,domain_metadata:r,primary:s,...i}=n,d={...i,updated_at:new Date().toISOString(),...s!==void 0&&{primary:s?1:0},...r!==void 0&&{domain_metadata:JSON.stringify(r)},...o!==void 0&&{verification:JSON.stringify(o)}};return(await e.updateTable("custom_domains").set(d).where("custom_domains.tenant_id","=",t).where("custom_domains.custom_domain_id","=",a).execute()).length>0}}function Ha(e){return async t=>{const a=await e.selectFrom("custom_domains").where("custom_domains.domain","=",t).selectAll().executeTakeFirst();return a?{...a,primary:a.primary===1,domain_metadata:R(a.domain_metadata,void 0)}:null}}function Ga(e){return{create:Ba(e),get:Wa(e),getByDomain:Ha(e),list:Ua(e),remove:Qa(e),update:Ya(e)}}function Va(e){return async t=>{const[a]=await e.selectFrom("branding").where("branding.tenant_id","=",t).selectAll().execute();if(!a)return null;const{tenant_id:n,colors_primary:o,colors_page_background_type:r,colors_page_background_start:s,colors_page_background_end:i,colors_page_background_angle_dev:d,font_url:l,...m}=a;return y({...m,colors:{primary:o,page_background:{type:r,start:s,end:i,angle_deg:d}},font:l?{url:l}:void 0})}}function Xa(e){return async(t,a)=>{var d,l;const{colors:n,font:o,...r}=a,s=n==null?void 0:n.page_background,i=s&&typeof s=="object"?s:void 0;try{await e.insertInto("branding").values({...r,colors_primary:n==null?void 0:n.primary,colors_page_background_type:i==null?void 0:i.type,colors_page_background_start:i==null?void 0:i.start,colors_page_background_end:i==null?void 0:i.end,colors_page_background_angle_dev:i==null?void 0:i.angle_deg,font_url:(d=a.font)==null?void 0:d.url,tenant_id:t}).execute()}catch{await e.updateTable("branding").set({...r,colors_primary:n==null?void 0:n.primary,colors_page_background_type:i==null?void 0:i.type,colors_page_background_start:i==null?void 0:i.start,colors_page_background_end:i==null?void 0:i.end,colors_page_background_angle_dev:i==null?void 0:i.angle_deg,font_url:(l=a.font)==null?void 0:l.url}).where("tenant_id","=",t).execute()}}}function Za(e){return{get:Va(e),set:Xa(e)}}function en(e){return async t=>{const a=await e.selectFrom("universal_login_templates").select(["body"]).where("tenant_id","=",t).executeTakeFirst();return a?{body:a.body}:null}}function tn(e){return async(t,a)=>{const n=Date.now();try{await e.insertInto("universal_login_templates").values({tenant_id:t,body:a.body,created_at_ts:n,updated_at_ts:n}).execute()}catch{await e.updateTable("universal_login_templates").set({body:a.body,updated_at_ts:n}).where("tenant_id","=",t).execute()}}}function an(e){return async t=>{await e.deleteFrom("universal_login_templates").where("tenant_id","=",t).execute()}}function nn(e){return{get:en(e),set:tn(e),delete:an(e)}}function on(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("hooks").where("hooks.tenant_id","=",t);s&&(i=N(e,i,s,["url","form_id","template_id","code_id"]));const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const{tenant_id:_,enabled:p,synchronous:f,created_at_ts:g,updated_at_ts:v,metadata:T,...I}=u,O=D({created_at_ts:g,updated_at_ts:v},["created_at_ts","updated_at_ts"]);return y({...I,...O,enabled:!!p,synchronous:!!f,metadata:xe(T)})});if(!r)return{hooks:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{hooks:m,start:n*o,limit:o,length:k(c)}}}function rn(e){return async(t,a)=>{const n=await e.selectFrom("hooks").where("hooks.tenant_id","=",t).where("hooks.hook_id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,created_at_ts:r,updated_at_ts:s,metadata:i,...d}=n,l=D({created_at_ts:r,updated_at_ts:s},["created_at_ts","updated_at_ts"]);return y({...d,...l,enabled:!!d.enabled,synchronous:!!d.synchronous,metadata:xe(i)})}}function sn(e){return async(t,a)=>(await e.deleteFrom("hooks").where("hooks.tenant_id","=",t).where("hooks.hook_id","=",a).executeTakeFirst()).numDeletedRows>0}function cn(e){return async(t,a)=>{const n=Date.now(),o=a.hook_id||Ze(),{hook_id:r,enabled:s,synchronous:i,metadata:d,...l}=a;return await e.insertInto("hooks").values({...l,hook_id:o,tenant_id:t,enabled:s?1:0,synchronous:i?1:0,metadata:d?JSON.stringify(d):null,created_at_ts:n,updated_at_ts:n}).execute(),{...l,hook_id:o,enabled:s??!1,synchronous:i??!1,...d?{metadata:d}:{},created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function ln(e){return async(t,a,n)=>{const{hook_id:o,metadata:r,...s}=n,i={...s,updated_at_ts:Date.now(),enabled:n.enabled!==void 0?n.enabled?1:0:void 0,synchronous:n.synchronous!==void 0?n.synchronous?1:0:void 0,...r!==void 0?{metadata:r===null?null:JSON.stringify(r)}:{}};return await e.updateTable("hooks").set(i).where("hooks.hook_id","=",a).where("hooks.tenant_id","=",t).execute(),!0}}function dn(e){return{create:cn(e),get:rn(e),list:on(e),update:ln(e),remove:sn(e)}}function un(e){return async(t,a)=>{const n=Date.now(),o=tt();return await e.insertInto("hook_code").values({id:o,tenant_id:t,code:a.code,secrets:a.secrets?JSON.stringify(a.secrets):null,created_at_ts:n,updated_at_ts:n}).execute(),{id:o,tenant_id:t,code:a.code,secrets:a.secrets,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function _n(e){return async(t,a)=>{const n=await e.selectFrom("hook_code").where("hook_code.tenant_id","=",t).where("hook_code.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{created_at_ts:o,updated_at_ts:r,secrets:s,...i}=n,d=D({created_at_ts:o,updated_at_ts:r},["created_at_ts","updated_at_ts"]);return{...i,...d,secrets:s?(()=>{try{return JSON.parse(s)}catch{console.warn(`Failed to parse secrets for hook_code ${a}`);return}})():void 0}}}function mn(e){return async(t,a,n)=>{const o={updated_at_ts:Date.now()};return n.code!==void 0&&(o.code=n.code),n.secrets!==void 0&&(o.secrets=JSON.stringify(n.secrets)),(await e.updateTable("hook_code").set(o).where("hook_code.id","=",a).where("hook_code.tenant_id","=",t).executeTakeFirst()).numUpdatedRows>0}}function hn(e){return async(t,a)=>(await e.deleteFrom("hook_code").where("hook_code.tenant_id","=",t).where("hook_code.id","=",a).executeTakeFirst()).numDeletedRows>0}function pn(e){return{create:un(e),get:_n(e),update:mn(e),remove:hn(e)}}function fn(e){return async(t,a,n)=>{const o={themeId:n||S.nanoid(),created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...a},r={...o,tenant_id:t};return await e.insertInto("themes").values(K(r)).execute(),o}}function gn(e){return async(t,a)=>(await e.deleteFrom("themes").where("themes.tenant_id","=",t).where("themes.themeId","=",a).executeTakeFirst()).numDeletedRows>0}function wn(e){return async(t,a)=>{const n=await e.selectFrom("themes").where("themes.tenant_id","=",t).where("themes.themeId","=",a).selectAll().executeTakeFirst();if(!n)return null;const o={...n,borders_show_widget_shadow:!!n.borders_show_widget_shadow,fonts_body_text_bold:!!n.fonts_body_text_bold,fonts_buttons_text_bold:!!n.fonts_buttons_text_bold,fonts_input_labels_bold:!!n.fonts_input_labels_bold,fonts_links_bold:!!n.fonts_links_bold,fonts_subtitle_bold:!!n.fonts_subtitle_bold,fonts_title_bold:!!n.fonts_title_bold};return y(Ce(o,["widget","colors","borders","fonts","page_background"]))}}function yn(e){return async(t,a,n)=>{const{themeId:o,...r}=n,s=K({...r,updated_at:new Date().toISOString()});return await e.updateTable("themes").set(s).where("themes.themeId","=",a).where("themes.tenant_id","=",t).execute(),!0}}function vn(e){return{create:fn(e),get:wn(e),remove:gn(e),update:yn(e)}}function Cn(e){return async(t,a)=>{const n=await e.selectFrom("login_sessions").where("login_sessions.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{created_at_ts:o,updated_at_ts:r,expires_at_ts:s,auth_params:i,...d}=n,l=D({created_at_ts:o,updated_at_ts:r,expires_at_ts:s},["created_at_ts","updated_at_ts","expires_at_ts"]),m=Ce(y({...d,...l,state:n.state||x.LoginSessionState.PENDING,state_data:n.state_data,failure_reason:n.failure_reason}),["auth_strategy"]);return m.authParams=typeof i=="string"&&i.length>0?JSON.parse(i):{},x.loginSessionSchema.parse(m)}}const ce="0123456789ABCDEFGHJKMNPQRSTVWXYZ",oe=ce.length,xn=10,_e=16;function Tn(e){let t="";for(let a=xn;a>0;a--)t=ce.charAt(e%oe)+t,e=Math.floor(e/oe);return t}function Nn(){const e=new Uint8Array(_e);crypto.getRandomValues(e);let t="";for(let a=0;a<_e;a++)t+=ce.charAt(e[a]%oe);return t}function Oe(){return Tn(Date.now())+Nn()}function bn(e){return async(t,a)=>{var l;const n=re(),o={id:Oe(),...a,authorization_url:(l=a.authorization_url)==null?void 0:l.slice(0,1024),created_at:n,updated_at:n,state:a.state||x.LoginSessionState.PENDING,state_data:a.state_data,failure_reason:a.failure_reason},{authParams:r,...s}=o,i=Date.now(),d=K(s);return delete d.created_at,delete d.updated_at,delete d.expires_at,await e.insertInto("login_sessions").values({...d,tenant_id:t,auth_params:JSON.stringify(r),created_at_ts:i,updated_at_ts:i,expires_at_ts:a.expires_at?new Date(a.expires_at).getTime():i+1e3*60*60*24}).execute(),o}}function Sn(e){return async(t,a,n)=>{const{created_at:o,updated_at:r,expires_at:s,authParams:i,...d}=n;let l={};if(i!==void 0){const u=await e.selectFrom("login_sessions").where("login_sessions.id","=",a).where("login_sessions.tenant_id","=",t).select(["auth_params"]).executeTakeFirst(),_=u==null?void 0:u.auth_params,p=typeof _=="string"&&_.length>0?JSON.parse(_):{};l={auth_params:JSON.stringify({...p,...i})}}const m=K(d);return delete m.created_at_ts,delete m.updated_at_ts,delete m.expires_at_ts,delete m.id,delete m.tenant_id,(await e.updateTable("login_sessions").set({...m,...l,updated_at_ts:Date.now(),...s!==void 0?{expires_at_ts:C(s)}:{}}).where("login_sessions.id","=",a).where("login_sessions.tenant_id","=",t).execute()).length===1}}function kn(e){return async(t,a)=>(await e.deleteFrom("login_sessions").where("login_sessions.tenant_id","=",t).where("login_sessions.id","=",a).execute()).length>0}function On(e){return{create:bn(e),get:Cn(e),update:Sn(e),remove:kn(e)}}function $n(e){return async t=>{const[a]=await e.selectFrom("prompt_settings").where("prompt_settings.tenant_id","=",t).selectAll().execute();return y({identifier_first:!!(a!=null&&a.identifier_first),password_first:!!(a!=null&&a.password_first),webauthn_platform_first_factor:!!(a!=null&&a.webauthn_platform_first_factor),universal_login_experience:(a==null?void 0:a.universal_login_experience)||"new"})}}function me(e){return y({...e,webauthn_platform_first_factor:e.webauthn_platform_first_factor?!!e.webauthn_platform_first_factor:void 0,identifier_first:e.identifier_first?!!e.identifier_first:void 0,password_first:e.password_first?!!e.password_first:void 0,universal_login_experience:e.universal_login_experience})}function En(e){return async(t,a)=>{try{const n=x.promptSettingSchema.parse(a);await e.insertInto("prompt_settings").values({...me(n),tenant_id:t}).execute()}catch{await e.updateTable("prompt_settings").set(me(a)).where("tenant_id","=",t).execute()}}}function Pn(e){return{get:$n(e),set:En(e)}}function In(e){return async t=>{const[a]=await e.selectFrom("email_providers").where("email_providers.tenant_id","=",t).selectAll().execute();if(!a)return null;const{tenant_id:n,credentials:o,settings:r,enabled:s,...i}=a;return y({...i,credentials:JSON.parse(o),settings:JSON.parse(r),enabled:!!s})}}function zn(e){return async(t,a)=>{const{credentials:n,settings:o,enabled:r,...s}=a;await e.updateTable("email_providers").set({...s,credentials:n?JSON.stringify(n):void 0,settings:o?JSON.stringify(o):void 0,enabled:r!==void 0?r?1:0:void 0}).where("tenant_id","=",t).execute()}}function Dn(e){return async(t,a)=>{const{credentials:n,settings:o,enabled:r,...s}=a;await e.insertInto("email_providers").values({...s,enabled:r?1:0,credentials:JSON.stringify(n),settings:JSON.stringify(o),tenant_id:t,created_at:new Date().toISOString(),updated_at:new Date().toISOString()}).execute()}}function An(e){return async t=>{await e.deleteFrom("email_providers").where("tenant_id","=",t).execute()}}function Fn(e){return{get:In(e),create:Dn(e),update:zn(e),remove:An(e)}}function $e(e){const t={template:e.template,body:e.body,from:e.from,subject:e.subject,syntax:e.syntax,includeEmailInRedirect:!!e.include_email_in_redirect,enabled:!!e.enabled};return e.result_url!==null&&e.result_url!==void 0&&(t.resultUrl=e.result_url),e.url_lifetime_in_seconds!==null&&e.url_lifetime_in_seconds!==void 0&&(t.urlLifetimeInSeconds=e.url_lifetime_in_seconds),t}function jn(e){return async(t,a)=>{const n=await e.selectFrom("email_templates").where("tenant_id","=",t).where("template","=",a).selectAll().executeTakeFirst();return n?x.emailTemplateSchema.parse($e(n)):null}}function Rn(e){return async t=>(await e.selectFrom("email_templates").where("tenant_id","=",t).orderBy("template","asc").selectAll().execute()).map(n=>x.emailTemplateSchema.parse($e(n)))}function Mn(e){return async(t,a)=>{const n=new Date().toISOString();return await e.insertInto("email_templates").values({tenant_id:t,template:a.template,body:a.body,from:a.from,subject:a.subject,syntax:a.syntax,result_url:a.resultUrl??null,url_lifetime_in_seconds:a.urlLifetimeInSeconds??null,include_email_in_redirect:a.includeEmailInRedirect?1:0,enabled:a.enabled?1:0,created_at:n,updated_at:n}).execute(),a}}function Jn(e){return async(t,a,n)=>{const o={};if(n.body!==void 0&&(o.body=n.body),n.from!==void 0&&(o.from=n.from),n.subject!==void 0&&(o.subject=n.subject),n.syntax!==void 0&&(o.syntax=n.syntax),n.resultUrl!==void 0&&(o.result_url=n.resultUrl),n.urlLifetimeInSeconds!==void 0&&(o.url_lifetime_in_seconds=n.urlLifetimeInSeconds),n.includeEmailInRedirect!==void 0&&(o.include_email_in_redirect=n.includeEmailInRedirect?1:0),n.enabled!==void 0&&(o.enabled=n.enabled?1:0),Object.keys(o).length===0)return await e.selectFrom("email_templates").where("tenant_id","=",t).where("template","=",a).select("template").executeTakeFirst()!==void 0;o.updated_at=new Date().toISOString();const r=await e.updateTable("email_templates").set(o).where("tenant_id","=",t).where("template","=",a).executeTakeFirst();return Number(r.numUpdatedRows??0)>0}}function qn(e){return async(t,a)=>{const n=await e.deleteFrom("email_templates").where("tenant_id","=",t).where("template","=",a).executeTakeFirst();return Number(n.numDeletedRows??0)>0}}function Ln(e){return{get:jn(e),list:Rn(e),create:Mn(e),update:Jn(e),remove:qn(e)}}function Kn(e){return async(t,a)=>{const n=await e.selectFrom("refresh_tokens").where("refresh_tokens.tenant_id","=",t).where("refresh_tokens.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:d,revoked_at_ts:l,rotated_at_ts:m,...c}=n,u=D({created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:d,revoked_at_ts:l,rotated_at_ts:m},["created_at_ts"],["expires_at_ts","idle_expires_at_ts","last_exchanged_at_ts","revoked_at_ts","rotated_at_ts"]);return{...c,...u,rotating:!!n.rotating,device:n.device?JSON.parse(n.device):{},resource_servers:n.resource_servers?JSON.parse(n.resource_servers):[]}}}function Bn(e){return async(t,a)=>{const n=await e.selectFrom("refresh_tokens").where("refresh_tokens.tenant_id","=",t).where("refresh_tokens.token_lookup","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:d,revoked_at_ts:l,rotated_at_ts:m,...c}=n,u=D({created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:d,revoked_at_ts:l,rotated_at_ts:m},["created_at_ts"],["expires_at_ts","idle_expires_at_ts","last_exchanged_at_ts","revoked_at_ts","rotated_at_ts"]);return{...c,...u,rotating:!!n.rotating,device:n.device?JSON.parse(n.device):{},resource_servers:n.resource_servers?JSON.parse(n.resource_servers):[]}}}function Un(e){return async(t,a)=>{const n=re(),o={...a,created_at:n},{expires_at:r,idle_expires_at:s,last_exchanged_at:i,rotated_at:d,device:l,resource_servers:m,rotating:c,...u}=a,_=Date.now(),p=C(r),f=s?C(s):null,g=Math.max(p??0,f??0);return await e.transaction().execute(async v=>{await v.insertInto("refresh_tokens").values({...u,tenant_id:t,rotating:c?1:0,device:JSON.stringify(l),resource_servers:JSON.stringify(m),created_at_ts:_,expires_at_ts:p,idle_expires_at_ts:f,last_exchanged_at_ts:i?C(i):null,rotated_at_ts:d?C(d):null}).execute(),g>0&&a.login_id&&await v.updateTable("login_sessions").set({expires_at_ts:g,updated_at_ts:_}).where("tenant_id","=",t).where("id","=",a.login_id).where("expires_at_ts","<",g).execute()}),{...a,...o}}}function Qn(e){return async(t,a)=>!!(await e.deleteFrom("refresh_tokens").where("tenant_id","=",t).where("refresh_tokens.id","=",a).execute()).length}function Wn(e){return async(t,a,n)=>{const o=C(n),r=await e.updateTable("refresh_tokens").set({revoked_at_ts:o}).where("tenant_id","=",t).where("login_id","=",a).where("revoked_at_ts","is",null).executeTakeFirst();return Number(r.numUpdatedRows??0)}}function Yn(e){return async(t,a,n)=>{const o=C(n),r=await e.updateTable("refresh_tokens").set({revoked_at_ts:o}).where("tenant_id","=",t).where("family_id","=",a).where("revoked_at_ts","is",null).executeTakeFirst();return Number(r.numUpdatedRows??0)}}function Hn(e){return async(t,a,n,o)=>{const{created_at:r,expires_at:s,idle_expires_at:i,last_exchanged_at:d,revoked_at:l,rotated_at:m,device:c,resource_servers:u,rotating:_,...p}=n,f={...p,device:c?JSON.stringify(c):void 0,resource_servers:u?JSON.stringify(u):void 0,rotating:_!==void 0?_?1:0:void 0,expires_at_ts:s!==void 0?C(s):void 0,idle_expires_at_ts:i!==void 0?C(i):void 0,last_exchanged_at_ts:d!==void 0?C(d):void 0,revoked_at_ts:l!==void 0?C(l):void 0,rotated_at_ts:m!==void 0?C(m):void 0},g=o==null?void 0:o.loginSessionBump,v=g?C(g.expires_at):null,T=await e.updateTable("refresh_tokens").set(f).where("tenant_id","=",t).where("refresh_tokens.id","=",a).executeTakeFirst();return g!=null&&g.login_id&&v&&v>0&&await e.updateTable("login_sessions").set({expires_at_ts:v,updated_at_ts:Date.now()}).where("tenant_id","=",t).where("id","=",g.login_id).where("expires_at_ts","<",v).execute().catch(()=>{}),((T==null?void 0:T.numUpdatedRows)??0n)>0n}}function Gn(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let d=e.selectFrom("refresh_tokens").where("refresh_tokens.tenant_id","=",t);i&&(d=N(e,d,i,["token","login_id"]));let l=d;if(s&&s.sort_by){const{ref:p}=e.dynamic;l=l.orderBy(p(s.sort_by),s.sort_order)}l=l.offset(n*o).limit(o);const c=(await l.selectAll().execute()).map(p=>{const{tenant_id:f,created_at_ts:g,expires_at_ts:v,idle_expires_at_ts:T,last_exchanged_at_ts:I,revoked_at_ts:O,rotated_at_ts:A,...b}=p,M=D({created_at_ts:g,expires_at_ts:v,idle_expires_at_ts:T,last_exchanged_at_ts:I,revoked_at_ts:O,rotated_at_ts:A},["created_at_ts"],["expires_at_ts","idle_expires_at_ts","last_exchanged_at_ts","revoked_at_ts","rotated_at_ts"]);return{...b,...M,rotating:!!p.rotating,device:p.device?JSON.parse(p.device):{},resource_servers:p.resource_servers?JSON.parse(p.resource_servers):[]}});if(!r)return{refresh_tokens:c,start:0,limit:0,length:0};const{count:u}=await d.select(p=>p.fn.countAll().as("count")).executeTakeFirstOrThrow(),_=k(u);return{refresh_tokens:c,start:n*o,limit:o,length:_}}}function Vn(e){return{create:Un(e),get:Kn(e),getByLookup:Bn(e),list:Gn(e),remove:Qn(e),revokeByLoginSession:Wn(e),revokeFamily:Yn(e),update:Hn(e)}}const Xn=7*24*60*60*1e3;function Zn(e){return async t=>{var i,d,l;const{tenant_id:a,user_id:n}=t||{},r=Date.now()-Xn,s=1e3;try{let m=0;for(;;){let _=e.deleteFrom("refresh_tokens").where(g=>g.or([g("expires_at_ts","<",r),g("idle_expires_at_ts","<",r)]));a&&(_=_.where("tenant_id","=",a)),n&&(_=_.where("user_id","=",n));const p=await _.limit(s).execute(),f=Number(((i=p[0])==null?void 0:i.numDeletedRows)??0);if(m+=f,f<s)break}let c=0;for(;;){let _=e.deleteFrom("sessions").where(g=>g.or([g("expires_at_ts","<",r),g("idle_expires_at_ts","<",r)]));a&&(_=_.where("tenant_id","=",a)),n&&(_=_.where("user_id","=",n));const p=await _.limit(s).execute(),f=Number(((d=p[0])==null?void 0:d.numDeletedRows)??0);if(c+=f,f<s)break}let u=0;for(;;){let _=e.deleteFrom("login_sessions").where("expires_at_ts","<",r);a&&(_=_.where("tenant_id","=",a)),n&&(_=_.where("user_id","=",n));const p=await _.limit(s).execute(),f=Number(((l=p[0])==null?void 0:l.numDeletedRows)??0);if(u+=f,f<s)break}(m>0||c>0||u>0)&&console.log(`Session cleanup: deleted ${m} refresh_tokens, ${c} sessions, ${u} login_sessions`)}catch(m){console.error("Error during session cleanup:",m)}}}function eo(e){return async(t,a)=>{const n=x.formSchema.parse({id:S.nanoid(),...a,created_at:new Date().toISOString(),updated_at:new Date().toISOString()});return await e.insertInto("forms").values({...n,nodes:JSON.stringify(n.nodes||[]),start:JSON.stringify(n.start||{}),ending:JSON.stringify(n.ending||{}),tenant_id:t}).execute(),x.formSchema.parse(n)}}function to(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("forms").where("tenant_id","=",t);s&&(i=N(e,i,s,[]));const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const _={...u};if(typeof _.nodes=="string")try{_.nodes=JSON.parse(_.nodes)}catch{}if(typeof _.start=="string")try{_.start=JSON.parse(_.start)}catch{}if(typeof _.ending=="string")try{_.ending=JSON.parse(_.ending)}catch{}return x.formSchema.parse(y(_))});if(!r)return{forms:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{forms:m,start:n*o,limit:o,length:k(c)}}}function ao(e){return async(t,a)=>{const{numDeletedRows:n}=await e.deleteFrom("forms").where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return n>0}}function no(e){return async(t,a)=>{const n=await e.selectFrom("forms").selectAll().where("forms.id","=",a).where("tenant_id","=",t).executeTakeFirst();if(!n)return null;const o={...n};if(typeof o.nodes=="string")try{o.nodes=JSON.parse(o.nodes)}catch{}if(typeof o.start=="string")try{o.start=JSON.parse(o.start)}catch{}if(typeof o.ending=="string")try{o.ending=JSON.parse(o.ending)}catch{}return x.formSchema.parse(y(o))}}function oo(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};U(n,["nodes","start","ending"],o);const{numUpdatedRows:r}=await e.updateTable("forms").set(o).where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return r>0}}function ro(e){return{create:eo(e),get:no(e),list:to(e),remove:ao(e),update:oo(e)}}function so(e){return async(t,a)=>{const n=new Date().toISOString(),o={id:et(),...a,created_at:n,updated_at:n},r=x.resourceServerSchema.parse(o),{verificationKey:s,scopes:i,options:d,skip_consent_for_verifiable_first_party_clients:l,allow_offline_access:m,is_system:c,metadata:u,..._}=r,p={..._,tenant_id:t,scopes:i?JSON.stringify(i):"[]",options:d?JSON.stringify(d):"{}",skip_consent_for_verifiable_first_party_clients:l?1:0,allow_offline_access:m?1:0,is_system:c?1:0,metadata:u?JSON.stringify(u):void 0,verification_key:s,created_at:n,updated_at:n};return await e.insertInto("resource_servers").values(p).execute(),y(r)}}function io(e){return async(t,a)=>{const n=await e.selectFrom("resource_servers").selectAll().where("tenant_id","=",t).where("id","=",a).executeTakeFirst();if(!n)return null;const o=n,{verification_key:r,scopes:s,options:i,skip_consent_for_verifiable_first_party_clients:d,allow_offline_access:l,is_system:m,metadata:c,...u}=o,_=y({...u,scopes:s?JSON.parse(s):[],options:i?JSON.parse(i):{},skip_consent_for_verifiable_first_party_clients:!!d,allow_offline_access:!!l,is_system:m?!0:void 0,metadata:c?JSON.parse(c):void 0,verificationKey:r});return _.token_lifetime??(_.token_lifetime=86400),_.token_lifetime_for_web??(_.token_lifetime_for_web=7200),_}}function co(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("resource_servers").where("resource_servers.tenant_id","=",t);if(s){const u=s.trim(),_=u.split(/\s+/),p=_.length===1?_[0]:void 0,f=p?p.match(/^(-)?(name|identifier):(.*)$/):null,g=f?f[3]:"",v=/^(>=|>|<=|<)/.test(g||"");if(f&&!v){const T=!!f[1],I=f[2]==="name"?"resource_servers.name":"resource_servers.identifier";i=T?i.where(I,"not like",`%${g}%`):i.where(I,"like",`%${g}%`)}else i=N(e,i,u,["resource_servers.name","resource_servers.identifier"])}const m=(await i.offset(n*o).limit(o).selectAll().execute()).map(u=>{const _=u,{verification_key:p,scopes:f,options:g,skip_consent_for_verifiable_first_party_clients:v,allow_offline_access:T,is_system:I,metadata:O,...A}=_,b=y({...A,scopes:f?JSON.parse(f):[],options:g?JSON.parse(g):{},skip_consent_for_verifiable_first_party_clients:!!v,allow_offline_access:!!T,is_system:I?!0:void 0,metadata:O?JSON.parse(O):void 0,verificationKey:p});return b.token_lifetime??(b.token_lifetime=86400),b.token_lifetime_for_web??(b.token_lifetime_for_web=7200),b});if(!r)return{resource_servers:m,start:0,limit:0,length:0};const{count:c}=await i.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{resource_servers:m,start:n*o,limit:o,length:k(c)}}}function lo(e){return async(t,a)=>{const n=await e.deleteFrom("resource_servers").where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return Number(n.numDeletedRows)>0}}function uo(e){return async(t,a,n)=>{const{verificationKey:o,scopes:r,options:s,skip_consent_for_verifiable_first_party_clients:i,allow_offline_access:d,is_system:l,metadata:m,...c}=n,u={...c,updated_at:new Date().toISOString()};if(o!==void 0&&(u.verification_key=o),r!==void 0&&(u.scopes=JSON.stringify(r)),s!==void 0){const p=await e.selectFrom("resource_servers").select("options").where("tenant_id","=",t).where("id","=",a).executeTakeFirst(),g={...p!=null&&p.options?JSON.parse(p.options):{},...s};u.options=JSON.stringify(g)}m!==void 0&&(u.metadata=JSON.stringify(m)),i!==void 0&&(u.skip_consent_for_verifiable_first_party_clients=i?1:0),d!==void 0&&(u.allow_offline_access=d?1:0),l!==void 0&&(u.is_system=l?1:0);const _=await e.updateTable("resource_servers").set(u).where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return Number(_.numUpdatedRows)>0}}function _o(e){return{create:so(e),get:io(e),list:co(e),remove:lo(e),update:uo(e)}}function mo(e){return async(t,a)=>{const n=new Date().toISOString(),o=a.id||S.nanoid(),{is_system:r,id:s,metadata:i,...d}=a,l={id:o,...d,tenant_id:t,is_system:r?1:0,metadata:i?JSON.stringify(i):void 0,created_at:n,updated_at:n};return await e.insertInto("roles").values(l).execute(),{id:o,...d,is_system:r?!0:void 0,metadata:i,created_at:n,updated_at:n}}}function ho(e){return async(t,a)=>{const n=await e.selectFrom("roles").selectAll().where("roles.tenant_id","=",t).where("roles.id","=",a).executeTakeFirst();if(!n)return null;const o=n,{is_system:r,tenant_id:s,metadata:i,...d}=o;return{...d,is_system:r?!0:void 0,metadata:i?JSON.parse(i):void 0}}}function po(e){return async(t,a)=>{let n=e.selectFrom("roles").where("roles.tenant_id","=",t);const{page:o=0,per_page:r=50,include_totals:s=!1}=a;a.q&&(n=N(e,n,a.q,["name"]));const l=(await n.offset(o*r).limit(r).selectAll().execute()).map(c=>{const u=c,{is_system:_,tenant_id:p,metadata:f,...g}=u;return{...g,is_system:_?!0:void 0,metadata:f?JSON.parse(f):void 0}});if(!s)return{roles:l,start:o*r,limit:r,length:l.length};const{count:m}=await n.select(c=>c.fn.countAll().as("count")).executeTakeFirstOrThrow();return{roles:l,start:o*r,limit:r,length:k(m)}}}function fo(e){return async(t,a,n)=>{const{is_system:o,metadata:r,...s}=n,i={...s,is_system:o!==void 0?o?1:0:void 0,metadata:r!==void 0?JSON.stringify(r):void 0,updated_at:new Date().toISOString()},d=await e.updateTable("roles").set(i).where("roles.tenant_id","=",t).where("roles.id","=",a).executeTakeFirst();return Number(d.numUpdatedRows)>0}}function go(e){return async(t,a)=>{const n=await e.deleteFrom("roles").where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return Number(n.numDeletedRows)>0}}function wo(e){return{create:mo(e),get:ho(e),list:po(e),update:fo(e),remove:go(e)}}function yo(e){return async(t,a,n)=>{if(n.length===0)return!0;const o=new Date().toISOString();try{for(const r of n){if(r.role_id!==a)throw new Error(`Permission role_id ${r.role_id} does not match expected role_id ${a}`);const s={tenant_id:t,role_id:r.role_id,resource_server_identifier:r.resource_server_identifier,permission_name:r.permission_name,created_at:o};try{await e.insertInto("role_permissions").values(s).execute()}catch(i){if(i.code==="SQLITE_CONSTRAINT_PRIMARYKEY"||i.code==="SQLITE_CONSTRAINT_UNIQUE"||i.code==="ER_DUP_ENTRY")continue;throw i}}return!0}catch(r){return console.error("Error assigning role permissions:",r),!1}}}function vo(e){return async(t,a,n)=>{if(n.length===0)return!0;try{return(await Promise.all(n.map(r=>e.deleteFrom("role_permissions").where("tenant_id","=",t).where("role_id","=",a).where("resource_server_identifier","=",r.resource_server_identifier).where("permission_name","=",r.permission_name).executeTakeFirst()))).some(r=>Number(r.numDeletedRows)>0)}catch(o){return console.error("Error removing role permissions:",o),!1}}}function Co(e){return async(t,a,n={})=>{const{page:o=0,per_page:r=50,include_totals:s=!1}=n;let i=e.selectFrom("role_permissions").leftJoin("resource_servers",c=>c.onRef("role_permissions.tenant_id","=","resource_servers.tenant_id").onRef("role_permissions.resource_server_identifier","=","resource_servers.id")).select(["role_permissions.role_id","role_permissions.resource_server_identifier","role_permissions.permission_name","role_permissions.created_at","resource_servers.name as resource_server_name"]).where("role_permissions.tenant_id","=",t).where("role_permissions.role_id","=",a);const m=(await i.offset(o*r).limit(r).execute()).map(c=>({role_id:c.role_id,resource_server_identifier:c.resource_server_identifier,resource_server_name:c.resource_server_name||c.resource_server_identifier,permission_name:c.permission_name,description:null,created_at:c.created_at}));return s&&await i.select(c=>c.fn.countAll().as("count")).executeTakeFirstOrThrow(),m}}function xo(e){return{assign:yo(e),remove:vo(e),list:Co(e)}}function To(e){return async(t,a,n,o)=>{const r=new Date().toISOString();try{const s={tenant_id:t,user_id:a,resource_server_identifier:n.resource_server_identifier,permission_name:n.permission_name,organization_id:o||n.organization_id||"",created_at:r};return await e.insertInto("user_permissions").values(s).execute(),!0}catch(s){return s.code==="SQLITE_CONSTRAINT_PRIMARYKEY"||s.code==="SQLITE_CONSTRAINT_UNIQUE"||s.code==="SQLITE_CONSTRAINT"||s.code==="ER_DUP_ENTRY"||s.message&&s.message.includes("UNIQUE constraint failed")||s.message&&s.message.includes("PRIMARY KEY constraint failed")?!0:(console.error("Error creating user permission:",s),!1)}}}function No(e){return async(t,a,n,o)=>{try{let r=e.deleteFrom("user_permissions").where("tenant_id","=",t).where("user_id","=",a).where("resource_server_identifier","=",n.resource_server_identifier).where("permission_name","=",n.permission_name);return o!==void 0?r=r.where("organization_id","=",o):r=r.where("organization_id","=",""),await r.execute(),!0}catch(r){return console.error("Error removing user permission:",r),!1}}}function bo(e){return async(t,a,n,o)=>{let r=e.selectFrom("user_permissions").leftJoin("resource_servers",i=>i.onRef("user_permissions.tenant_id","=","resource_servers.tenant_id").onRef("user_permissions.resource_server_identifier","=","resource_servers.id")).select(["user_permissions.resource_server_identifier","user_permissions.permission_name","resource_servers.name as resource_server_name","user_permissions.user_id","user_permissions.created_at","user_permissions.organization_id"]).where("user_permissions.tenant_id","=",t).where("user_permissions.user_id","=",a);return o!==void 0&&(r=r.where("user_permissions.organization_id","=",o)),(await r.execute()).map(i=>({resource_server_identifier:i.resource_server_identifier,permission_name:i.permission_name,description:null,resource_server_name:i.resource_server_name||i.resource_server_identifier,user_id:i.user_id,created_at:i.created_at,organization_id:i.organization_id===""?void 0:i.organization_id}))}}function So(e){return{create:To(e),remove:No(e),list:bo(e)}}function ko(e){const t=So(e);return{create:(a,n,o,r)=>t.create(a,n,o,r),remove:(a,n,o,r)=>t.remove(a,n,o,r),list:(a,n,o,r)=>t.list(a,n,o,r)}}function Oo(e){return async(t,a,n,o)=>{let r=e.selectFrom("user_roles as ur").innerJoin("roles as r",i=>i.onRef("ur.role_id","=","r.id").onRef("ur.tenant_id","=","r.tenant_id")).select(["r.id","r.name","r.description","r.created_at","r.updated_at"]).where("ur.tenant_id","=",t).where("ur.user_id","=",a);return o!==void 0&&(r=r.where("ur.organization_id","=",o)),await r.execute()}}function $o(e){return async(t,a,n,o)=>{const r=new Date().toISOString();try{return await e.insertInto("user_roles").values({tenant_id:t,user_id:a,role_id:n,organization_id:o||"",created_at:r}).execute(),!0}catch(s){return s.code==="SQLITE_CONSTRAINT_PRIMARYKEY"||s.code==="SQLITE_CONSTRAINT_UNIQUE"||s.code==="SQLITE_CONSTRAINT"||s.code==="ER_DUP_ENTRY"||s.message&&s.message.includes("UNIQUE constraint failed")||s.message&&s.message.includes("PRIMARY KEY constraint failed")?!0:(console.error("Error creating user role:",s),!1)}}}function Eo(e){return async(t,a,n,o)=>{try{let r=e.deleteFrom("user_roles").where("tenant_id","=",t).where("user_id","=",a).where("role_id","=",n);return o!==void 0?r=r.where("organization_id","=",o):r=r.where("organization_id","=",""),await r.execute(),!0}catch(r){return console.error("Error removing user roles:",r),!1}}}function Po(e){return{list:Oo(e),create:$o(e),remove:Eo(e)}}function Io(e){const t=Po(e);return{list:(a,n,o,r)=>t.list(a,n,o,r),create:(a,n,o,r)=>t.create(a,n,o,r),remove:(a,n,o,r)=>t.remove(a,n,o,r)}}function zo(e){return async(t,a)=>{const n={...a,id:a.id||He(),tenant_id:t,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),branding:JSON.stringify(a.branding||{}),metadata:JSON.stringify(a.metadata||{}),enabled_connections:JSON.stringify(a.enabled_connections||[]),token_quota:JSON.stringify(a.token_quota||{})};try{await e.insertInto("organizations").values(n).execute()}catch(o){throw o.code==="SQLITE_CONSTRAINT_UNIQUE"||o.code==="ER_DUP_ENTRY"||o.message.includes("AlreadyExists")?new L(409,{message:"Organization already exists"}):o}return{...a,id:n.id,created_at:n.created_at,updated_at:n.updated_at}}}function Do(e){return async(t,a)=>{let n=await e.selectFrom("organizations").selectAll().where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return n||(n=await e.selectFrom("organizations").selectAll().where("tenant_id","=",t).where("name","=",a).executeTakeFirst()),n?y({...n,branding:n.branding?JSON.parse(n.branding):{},metadata:n.metadata?JSON.parse(n.metadata):{},enabled_connections:n.enabled_connections?JSON.parse(n.enabled_connections):[],token_quota:n.token_quota?JSON.parse(n.token_quota):{}}):null}}const W=["name","display_name"];function Ao(e){return async(t,a)=>{let n=e.selectFrom("organizations").where("tenant_id","=",t);if(a!=null&&a.q){const c=ne(a.q,W);c&&(n=N(e,n,c,W))}if(a!=null&&a.sort){const c=a.sort.sort_order==="asc"?"asc":"desc",u=a.sort.sort_by;["name","display_name","created_at"].includes(u)?n=n.orderBy(u,c):n=n.orderBy("created_at","desc")}else n=n.orderBy("created_at","desc");const o=(a==null?void 0:a.take)??(a==null?void 0:a.per_page),r=typeof o=="number"&&Number.isFinite(o)?Math.floor(o):NaN,s=r>=1?r:10;let i=0;if((a==null?void 0:a.from)!==void 0){const c=parseInt(a.from,10);Number.isNaN(c)||(i=Math.max(0,c))}else typeof(a==null?void 0:a.page)=="number"&&Number.isFinite(a.page)&&(i=Math.max(0,Math.floor(a.page)*s));i>0&&(n=n.offset(i)),n=n.limit(s);const d=await n.selectAll().execute();let l=d.length;if(a!=null&&a.include_totals){let c=e.selectFrom("organizations").where("tenant_id","=",t);if(a!=null&&a.q){const _=ne(a.q,W);_&&(c=N(e,c,_,W))}const u=await c.select(h.sql`count(*)`.as("count")).executeTakeFirst();l=Number((u==null?void 0:u.count)||0)}const m=d.map(c=>y({...c,branding:c.branding?JSON.parse(c.branding):{},metadata:c.metadata?JSON.parse(c.metadata):{},enabled_connections:c.enabled_connections?JSON.parse(c.enabled_connections):[],token_quota:c.token_quota?JSON.parse(c.token_quota):{}}));return{organizations:m,start:i,limit:s,length:m.length,total:l}}}function Fo(e){return async(t,a)=>(await e.deleteFrom("organizations").where("tenant_id","=",t).where("id","=",a).execute()).length>0}function jo(e){return async(t,a,n)=>{const{branding:o,metadata:r,enabled_connections:s,token_quota:i,...d}=n,l={...d,updated_at:new Date().toISOString()};return U(n,["branding","metadata","enabled_connections","token_quota"],l),(await e.updateTable("organizations").set(l).where("tenant_id","=",t).where("id","=",a).execute()).length>0}}function Ro(e){return{create:zo(e),get:Do(e),list:Ao(e),remove:Fo(e),update:jo(e)}}function Y(e,t){return{connection_id:e.connection_id,assign_membership_on_login:!!e.assign_membership_on_login,show_as_button:!!e.show_as_button,is_signup_enabled:!!e.is_signup_enabled,connection:t?{name:t.name,strategy:t.strategy}:void 0,created_at:e.created_at,updated_at:e.updated_at}}async function H(e,t,a){const n=await e.selectFrom("connections").select(["name","strategy"]).where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return n?{name:n.name,strategy:n.strategy??void 0}:void 0}function Mo(e){return{async create(t,a,n){const o=new Date().toISOString(),r={tenant_id:t,organization_id:a,connection_id:n.connection_id,assign_membership_on_login:n.assign_membership_on_login?1:0,show_as_button:n.show_as_button===!1?0:1,is_signup_enabled:n.is_signup_enabled===!1?0:1,created_at:o,updated_at:o};await e.insertInto("organization_connections").values(r).execute();const s=await H(e,t,n.connection_id);return Y(r,s)},async list(t,a){const n=await e.selectFrom("organization_connections").selectAll().where("tenant_id","=",t).where("organization_id","=",a).execute(),o=[];for(const r of n){const s=await H(e,t,r.connection_id);o.push(Y(r,s))}return o},async get(t,a,n){const o=await e.selectFrom("organization_connections").selectAll().where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();if(!o)return null;const r=await H(e,t,n);return Y(o,r)},async update(t,a,n,o){const r={updated_at:new Date().toISOString()};o.assign_membership_on_login!==void 0&&(r.assign_membership_on_login=o.assign_membership_on_login?1:0),o.show_as_button!==void 0&&(r.show_as_button=o.show_as_button?1:0),o.is_signup_enabled!==void 0&&(r.is_signup_enabled=o.is_signup_enabled?1:0);const s=await e.updateTable("organization_connections").set(r).where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();if(Number(s.numUpdatedRows??0)===0)return null;const i=await e.selectFrom("organization_connections").selectAll().where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();if(!i)return null;const d=await H(e,t,n);return Y(i,d)},async remove(t,a,n){const o=await e.deleteFrom("organization_connections").where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();return Number(o.numDeletedRows??0)>0}}}function Jo(e){return async(t,a)=>{const n={id:S.nanoid(),tenant_id:t,user_id:a.user_id,organization_id:a.organization_id,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};try{await e.insertInto("user_organizations").values(n).execute()}catch(o){throw o.code==="SQLITE_CONSTRAINT_UNIQUE"||o.code==="ER_DUP_ENTRY"?new L(409,{message:"User is already a member of this organization"}):o}return{...n}}}function qo(e){return async(t,a)=>{const n=await e.selectFrom("user_organizations").selectAll().where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return n?{id:n.id,user_id:n.user_id,organization_id:n.organization_id,created_at:n.created_at,updated_at:n.updated_at}:null}}function Lo(e){return async(t,a)=>{const n=(a==null?void 0:a.page)||0,o=(a==null?void 0:a.per_page)||50,r=n*o;let s=e.selectFrom("user_organizations").selectAll().where("tenant_id","=",t);if(a!=null&&a.q){if(a.q.startsWith("user_id:")){const c=a.q.replace("user_id:","");s=s.where("user_id","=",c)}else if(a.q.startsWith("organization_id:")){const c=a.q.replace("organization_id:","");s=s.where("organization_id","=",c)}}s=s.orderBy("created_at","desc"),o>0&&(s=s.limit(o).offset(r));const i=await s.execute();let d=e.selectFrom("user_organizations").select(e.fn.count("id").as("count")).where("tenant_id","=",t);if(a!=null&&a.q){if(a.q.startsWith("user_id:")){const c=a.q.replace("user_id:","");d=d.where("user_id","=",c)}else if(a.q.startsWith("organization_id:")){const c=a.q.replace("organization_id:","");d=d.where("organization_id","=",c)}}const l=await d.executeTakeFirst();return{userOrganizations:i.map(c=>({id:c.id,user_id:c.user_id,organization_id:c.organization_id,created_at:c.created_at,updated_at:c.updated_at})),start:r,limit:o,length:Number((l==null?void 0:l.count)||0)}}}function Ko(e){return async(t,a,n)=>{const o=(n==null?void 0:n.page)||0,r=(n==null?void 0:n.per_page)||50,s=o*r;let i=e.selectFrom("user_organizations").innerJoin("organizations",c=>c.onRef("organizations.id","=","user_organizations.organization_id").on("organizations.tenant_id","=",t)).select(["organizations.id","organizations.name","organizations.display_name","organizations.branding","organizations.metadata","organizations.enabled_connections","organizations.token_quota","organizations.created_at","organizations.updated_at","user_organizations.created_at as joined_at"]).where("user_organizations.tenant_id","=",t).where("user_organizations.user_id","=",a);i=i.orderBy("user_organizations.created_at","desc"),r>0&&(i=i.limit(r).offset(s));const d=await i.execute(),l=await e.selectFrom("user_organizations").innerJoin("organizations",c=>c.onRef("organizations.id","=","user_organizations.organization_id").on("organizations.tenant_id","=",t)).select(e.fn.count("user_organizations.id").as("count")).where("user_organizations.tenant_id","=",t).where("user_organizations.user_id","=",a).executeTakeFirst();return{organizations:d.map(c=>({id:c.id,name:c.name,display_name:c.display_name,branding:c.branding?JSON.parse(c.branding):void 0,metadata:c.metadata?JSON.parse(c.metadata):{},enabled_connections:c.enabled_connections?JSON.parse(c.enabled_connections):[],token_quota:c.token_quota?JSON.parse(c.token_quota):void 0,created_at:c.created_at,updated_at:c.updated_at,joined_at:c.joined_at})),start:s,limit:r,length:Number((l==null?void 0:l.count)||0)}}}function Bo(e){return async(t,a)=>(await e.deleteFrom("user_organizations").where("id","=",a).where("tenant_id","=",t).execute()).length>0}function Uo(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};return(await e.updateTable("user_organizations").set(o).where("id","=",a).where("tenant_id","=",t).execute()).length>0}}function Qo(e){return{create:Jo(e),get:qo(e),list:Lo(e),listUserOrganizations:Ko(e),remove:Bo(e),update:Uo(e)}}function Wo(e){return async(t,a)=>{const n=at(),o=new Date().toISOString(),r=a.ttl_sec||604800,s=new Date(Date.now()+r*1e3).toISOString(),i=U({id:n,tenant_id:t,organization_id:a.organization_id,inviter:a.inviter||{},invitee:a.invitee||{},client_id:a.client_id,connection_id:a.connection_id||null,invitation_url:a.invitation_url,created_at:o,expires_at:s,app_metadata:a.app_metadata||{},user_metadata:a.user_metadata||{},roles:a.roles||[],ticket_id:null,ttl_sec:r,send_invitation_email:a.send_invitation_email??!0?1:0},["inviter","invitee","app_metadata","user_metadata","roles"]);try{await e.insertInto("invites").values(i).execute()}catch(d){throw d.code==="SQLITE_CONSTRAINT_UNIQUE"||d.code==="ER_DUP_ENTRY"||d.message.includes("AlreadyExists")?new L(409,{message:"Invite already exists"}):d}return{id:n,organization_id:i.organization_id,inviter:a.inviter,invitee:a.invitee,client_id:a.client_id,connection_id:a.connection_id,invitation_url:a.invitation_url,created_at:o,expires_at:s,app_metadata:a.app_metadata||{},user_metadata:a.user_metadata||{},roles:a.roles||[],ticket_id:i.ticket_id||void 0,ttl_sec:r,send_invitation_email:a.send_invitation_email??!0}}}function Yo(e){return async(t,a)=>{const n=await e.selectFrom("invites").selectAll().where("tenant_id","=",t).where("id","=",a).executeTakeFirst();if(!n)return null;const o=Te(n,{inviter:{},invitee:{},app_metadata:{},user_metadata:{},roles:[]});return y({...o,send_invitation_email:n.send_invitation_email===1})}}function Ho(e){return async(t,a)=>{let n=e.selectFrom("invites").selectAll().where("tenant_id","=",t).orderBy("created_at","desc");if(a!=null&&a.per_page&&(n=n.limit(a.per_page)),a!=null&&a.page){const s=(a.page-1)*(a.per_page||10);n=n.offset(s)}const r=(await n.execute()).map(s=>{const i=Te(s,{inviter:{},invitee:{},app_metadata:{},user_metadata:{},roles:[]});return y({...i,send_invitation_email:s.send_invitation_email===1})});return{invites:r,start:a!=null&&a.page?(a.page-1)*(a.per_page||10):0,limit:(a==null?void 0:a.per_page)||r.length,length:r.length}}}function Go(e){return async(t,a)=>(await e.deleteFrom("invites").where("tenant_id","=",t).where("id","=",a).executeTakeFirst()).numDeletedRows>0n}function Vo(e){return async(t,a,n)=>{const o={};return n.inviter!==void 0&&(o.inviter=JSON.stringify(n.inviter)),n.invitee!==void 0&&(o.invitee=JSON.stringify(n.invitee)),n.client_id!==void 0&&(o.client_id=n.client_id),n.connection_id!==void 0&&(o.connection_id=n.connection_id),n.app_metadata!==void 0&&(o.app_metadata=JSON.stringify(n.app_metadata)),n.user_metadata!==void 0&&(o.user_metadata=JSON.stringify(n.user_metadata)),n.roles!==void 0&&(o.roles=JSON.stringify(n.roles)),n.ttl_sec!==void 0&&(o.ttl_sec=n.ttl_sec,o.expires_at=new Date(Date.now()+n.ttl_sec*1e3).toISOString()),n.send_invitation_email!==void 0&&(o.send_invitation_email=n.send_invitation_email?1:0),Object.keys(o).length===0?!0:(await e.updateTable("invites").set(o).where("tenant_id","=",t).where("id","=",a).executeTakeFirst()).numUpdatedRows>0n}}function Xo(e){return{create:Wo(e),get:Yo(e),list:Ho(e),remove:Go(e),update:Vo(e)}}const he=["s","seacft","seccft","sepft","sertft","ssa"],Zo=["pwd_leak","signup_pwd_leak","reset_pwd_leak"];function pe(e){return`${e.slice(0,4)}-${e.slice(4,6)}-${e.slice(6,8)}`}function fe(e){return e.toISOString().split("T")[0]}function er(e){return{async getDaily(t,a={}){const{from:n,to:o}=a,r=new Date,s=new Date(r);s.setDate(s.getDate()-30);const i=n?pe(n):fe(s),d=o?pe(o):fe(r),l=h.sql`DATE(logs.date)`;return(await e.selectFrom("logs").where("tenant_id","=",t).where(l,">=",i).where(l,"<=",d).select(c=>[l.as("date"),c.fn.sum(c.case().when("type","in",he).then(1).else(0).end()).as("logins"),c.fn.sum(c.case().when("type","=","ss").then(1).else(0).end()).as("signups"),c.fn.sum(c.case().when("type","in",Zo).then(1).else(0).end()).as("leaked_passwords"),c.fn.min("date").as("first_event"),c.fn.max("date").as("last_event")]).groupBy(l).orderBy("date","asc").execute()).map(c=>({date:c.date,logins:Number(c.logins)||0,signups:Number(c.signups)||0,leaked_passwords:Number(c.leaked_passwords)||0,created_at:c.first_event||new Date().toISOString(),updated_at:c.last_event||new Date().toISOString()}))},async getActiveUsers(t){const a=new Date;return a.setDate(a.getDate()-30),(await e.selectFrom("logs").where("tenant_id","=",t).where("date",">=",a.toISOString()).where("type","in",he).where("user_id","is not",null).select(o=>o.fn.count("user_id").distinct().as("count")).executeTakeFirstOrThrow()).count||0}}}function tr(e){return{async get(t,a,n){const o=await e.selectFrom("custom_text").selectAll().where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).executeTakeFirst();if(!o)return null;try{return JSON.parse(o.custom_text)}catch{return null}},async set(t,a,n,o){const r=Date.now(),s=JSON.stringify(o);await e.selectFrom("custom_text").select("tenant_id").where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).executeTakeFirst()?await e.updateTable("custom_text").set({custom_text:s,updated_at_ts:r}).where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).execute():await e.insertInto("custom_text").values({tenant_id:t,prompt:a,language:n,custom_text:s,created_at_ts:r,updated_at_ts:r}).execute()},async delete(t,a,n){await e.deleteFrom("custom_text").where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).execute()},async list(t){return(await e.selectFrom("custom_text").select(["prompt","language"]).where("tenant_id","=",t).execute()).map(n=>({prompt:n.prompt,language:n.language}))}}}function ar(e){return async(t,a)=>{const n=Date.now(),o=Oe();return await e.insertInto("authentication_methods").values({id:o,tenant_id:t,user_id:a.user_id,type:a.type,phone_number:a.phone_number,totp_secret:a.totp_secret,credential_id:a.credential_id,public_key:a.public_key,sign_count:a.sign_count,credential_backed_up:a.credential_backed_up==null?void 0:a.credential_backed_up?1:0,transports:a.transports?JSON.stringify(a.transports):void 0,friendly_name:a.friendly_name,confirmed:a.confirmed?1:0,created_at_ts:n,updated_at_ts:n}).execute(),{id:o,user_id:a.user_id,type:a.type,phone_number:a.phone_number,totp_secret:a.totp_secret,credential_id:a.credential_id,public_key:a.public_key,sign_count:a.sign_count,credential_backed_up:a.credential_backed_up,transports:a.transports,friendly_name:a.friendly_name,confirmed:a.confirmed??!1,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function Ee(e){return async(t,a)=>{const n=await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.id","=",a).selectAll().executeTakeFirst();return n?{id:n.id,user_id:n.user_id,type:n.type,phone_number:n.phone_number??void 0,totp_secret:n.totp_secret??void 0,credential_id:n.credential_id??void 0,public_key:n.public_key??void 0,sign_count:n.sign_count??void 0,credential_backed_up:n.credential_backed_up!=null?n.credential_backed_up===1:void 0,transports:n.transports?JSON.parse(n.transports):void 0,friendly_name:n.friendly_name??void 0,confirmed:n.confirmed===1,created_at:F(n.created_at_ts),updated_at:F(n.updated_at_ts)}:null}}function nr(e){return async(t,a)=>{const n=await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.credential_id","=",a).selectAll().executeTakeFirst();return n?{id:n.id,user_id:n.user_id,type:n.type,phone_number:n.phone_number??void 0,totp_secret:n.totp_secret??void 0,credential_id:n.credential_id??void 0,public_key:n.public_key??void 0,sign_count:n.sign_count??void 0,credential_backed_up:n.credential_backed_up!=null?n.credential_backed_up===1:void 0,transports:n.transports?JSON.parse(n.transports):void 0,friendly_name:n.friendly_name??void 0,confirmed:n.confirmed===1,created_at:F(n.created_at_ts),updated_at:F(n.updated_at_ts)}:null}}function or(e){return async(t,a)=>(await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.user_id","=",a).selectAll().execute()).map(o=>({id:o.id,user_id:o.user_id,type:o.type,phone_number:o.phone_number??void 0,totp_secret:o.totp_secret??void 0,credential_id:o.credential_id??void 0,public_key:o.public_key??void 0,sign_count:o.sign_count??void 0,credential_backed_up:o.credential_backed_up!=null?o.credential_backed_up===1:void 0,transports:o.transports?JSON.parse(o.transports):void 0,friendly_name:o.friendly_name??void 0,confirmed:o.confirmed===1,created_at:F(o.created_at_ts),updated_at:F(o.updated_at_ts)}))}function rr(e){return async(t,a,n)=>{const r={updated_at_ts:Date.now()};n.phone_number!==void 0&&(r.phone_number=n.phone_number),n.totp_secret!==void 0&&(r.totp_secret=n.totp_secret),n.credential_id!==void 0&&(r.credential_id=n.credential_id),n.public_key!==void 0&&(r.public_key=n.public_key),n.sign_count!==void 0&&(r.sign_count=n.sign_count),n.credential_backed_up!==void 0&&(r.credential_backed_up=n.credential_backed_up?1:0),n.transports!==void 0&&(r.transports=JSON.stringify(n.transports)),n.friendly_name!==void 0&&(r.friendly_name=n.friendly_name),n.confirmed!==void 0&&(r.confirmed=n.confirmed?1:0),await e.updateTable("authentication_methods").set(r).where("authentication_methods.tenant_id","=",t).where("authentication_methods.id","=",a).execute();const s=await Ee(e)(t,a);if(!s)throw new Error(`Authentication method ${a} not found`);return s}}function sr(e){return async(t,a)=>(await e.deleteFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.id","=",a).executeTakeFirst()).numDeletedRows>0}function ir(e){return{create:ar(e),get:Ee(e),getByCredentialId:nr(e),list:or(e),update:rr(e),remove:sr(e)}}function cr(e){return async(t,a)=>{const n=S.nanoid();return await e.insertInto("outbox_events").values({id:n,tenant_id:t,event_type:a.event_type,log_type:a.log_type,aggregate_type:a.target.type,aggregate_id:a.target.id,payload:JSON.stringify({...a,id:n}),created_at:new Date().toISOString(),processed_at:null,retry_count:0,next_retry_at:null,error:null}).execute(),n}}function lr(e){return async t=>t.length===0?[]:(await e.selectFrom("outbox_events").selectAll().where("id","in",t).execute()).map(n=>({...JSON.parse(n.payload),id:n.id,created_at:n.created_at,processed_at:n.processed_at,retry_count:n.retry_count,next_retry_at:n.next_retry_at,error:n.error}))}function dr(e){return async t=>{const a=new Date().toISOString();return(await e.selectFrom("outbox_events").selectAll().where("processed_at","is",null).where(o=>o.or([o("next_retry_at","is",null),o("next_retry_at","<=",a)])).where(o=>o.or([o("claimed_by","is",null),o("claim_expires_at","<=",a)])).orderBy("created_at","asc").orderBy("id","asc").limit(t).execute()).map(o=>({...JSON.parse(o.payload),id:o.id,created_at:o.created_at,processed_at:o.processed_at,retry_count:o.retry_count,next_retry_at:o.next_retry_at,error:o.error}))}}function ur(e){return async(t,a,n)=>{if(t.length===0)return[];const o=new Date().toISOString(),r=new Date(Date.now()+n).toISOString();return await e.updateTable("outbox_events").set({claimed_by:a,claim_expires_at:r}).where("id","in",t).where("processed_at","is",null).where(i=>i.or([i("claimed_by","is",null),i("claim_expires_at","<=",o)])).execute(),(await e.selectFrom("outbox_events").select("id").where("id","in",t).where("claimed_by","=",a).where("claim_expires_at","=",r).execute()).map(i=>i.id)}}function _r(e){return async t=>{if(t.length===0)return;const a=new Date().toISOString();await e.updateTable("outbox_events").set({processed_at:a}).where("id","in",t).execute()}}function mr(e){return async(t,a,n)=>{await e.updateTable("outbox_events").set({error:a,next_retry_at:n,retry_count:h.sql`retry_count + 1`,claimed_by:null,claim_expires_at:null}).where("id","=",t).execute()}}function hr(e){return async(t,a)=>{const n=new Date().toISOString();await e.updateTable("outbox_events").set({processed_at:n,dead_lettered_at:n,final_error:a}).where("id","=",t).execute()}}function pr(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1}=a,i=(await e.selectFrom("outbox_events").selectAll().where("tenant_id","=",t).where("dead_lettered_at","is not",null).orderBy("dead_lettered_at","desc").orderBy("id","asc").offset(n*o).limit(o).execute()).flatMap(l=>{let m;try{m=JSON.parse(l.payload)}catch(c){return console.error(`Failed to parse outbox payload for event ${l.id}`,c),[]}return[{...m,id:l.id,created_at:l.created_at,processed_at:l.processed_at,retry_count:l.retry_count,next_retry_at:l.next_retry_at,error:l.error,dead_lettered_at:l.dead_lettered_at,final_error:l.final_error}]});let d=i.length;if(r){const[l]=await e.selectFrom("outbox_events").select(m=>m.fn.countAll().as("total")).where("tenant_id","=",t).where("dead_lettered_at","is not",null).execute();d=Number((l==null?void 0:l.total)??i.length)}return{events:i,start:n*o,limit:o,length:d}}}function fr(e){return async(t,a)=>{const n=await e.updateTable("outbox_events").set({processed_at:null,dead_lettered_at:null,final_error:null,retry_count:0,next_retry_at:null,error:null}).where("id","=",t).where("tenant_id","=",a).where("dead_lettered_at","is not",null).executeTakeFirst();return Number(n.numUpdatedRows)>0}}function gr(e){return async t=>{const a=await e.deleteFrom("outbox_events").where("processed_at","is not",null).where("processed_at","<",t).executeTakeFirst();return Number(a.numDeletedRows)}}function wr(e){return{create:cr(e),getByIds:lr(e),getUnprocessed:dr(e),claimEvents:ur(e),markProcessed:_r(e),markRetry:mr(e),deadLetter:hr(e),listFailed:pr(e),replay:fr(e),cleanup:gr(e)}}function ee(e){return{id:e.id,name:e.name,type:e.type,status:e.status,sink:JSON.parse(e.sink),filters:e.filters?JSON.parse(e.filters):void 0,isPriority:e.is_priority==null?void 0:e.is_priority===1,created_at:e.created_at,updated_at:e.updated_at}}function yr(e){return{async create(t,a){const n=new Date().toISOString(),r={id:`lst_${S.nanoid()}`,tenant_id:t,name:a.name,type:a.type,status:a.status??"active",sink:JSON.stringify(a.sink),filters:a.filters?JSON.stringify(a.filters):null,is_priority:a.isPriority===void 0?null:a.isPriority?1:0,created_at:n,updated_at:n};return await e.insertInto("log_streams").values(r).execute(),ee(r)},async get(t,a){const n=await e.selectFrom("log_streams").where("tenant_id","=",t).where("id","=",a).selectAll().executeTakeFirst();return n?ee(n):null},async list(t){return(await e.selectFrom("log_streams").where("tenant_id","=",t).selectAll().execute()).map(ee)},async update(t,a,n){const o={updated_at:new Date().toISOString()};n.name!==void 0&&(o.name=n.name),n.type!==void 0&&(o.type=n.type),n.status!==void 0&&(o.status=n.status),n.sink!==void 0&&(o.sink=JSON.stringify(n.sink)),n.filters!==void 0&&(o.filters=n.filters?JSON.stringify(n.filters):null),n.isPriority!==void 0&&(o.is_priority=n.isPriority?1:0);const r=await e.updateTable("log_streams").set(o).where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return((r==null?void 0:r.numUpdatedRows)??0n)>0n},async remove(t,a){const n=await e.deleteFrom("log_streams").where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return((n==null?void 0:n.numDeletedRows)??0n)>0n}}}class Pe{constructor(t){Q(this,"migrations");this.migrations=t}async getMigrations(){return this.migrations}}async function vr(e){await e.schema.createTable("tenants").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("name","varchar(255)").addColumn("audience","varchar(255)").addColumn("sender_email","varchar(255)").addColumn("sender_name","varchar(255)").addColumn("language","varchar(255)").addColumn("logo","varchar(255)").addColumn("primary_color","varchar(255)").addColumn("secondary_color","varchar(255)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("users").addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("email","varchar(255)").addColumn("given_name","varchar(255)").addColumn("family_name","varchar(255)").addColumn("nickname","varchar(255)").addColumn("name","varchar(255)").addColumn("picture","varchar(2083)").addColumn("tags","varchar(255)").addColumn("phone_number","varchar(17)").addColumn("phone_verified","boolean").addColumn("username","varchar(128)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).addPrimaryKeyConstraint("users_tenants",["user_id","tenant_id"]).addColumn("linked_to","varchar(255)").addForeignKeyConstraint("linked_to_constraint",["linked_to","tenant_id"],"users",["user_id","tenant_id"]).addColumn("last_ip","varchar(255)").addColumn("login_count","integer",t=>t.notNull()).addColumn("last_login","varchar(255)").addColumn("provider","varchar(255)",t=>t.notNull()).addColumn("connection","varchar(255)").addColumn("email_verified","boolean",t=>t.notNull()).addColumn("is_social","boolean",t=>t.notNull()).addColumn("app_metadata","varchar(4096)",t=>t.defaultTo("{}").notNull()).addColumn("user_metadata","varchar(4096)",t=>t.defaultTo("{}").notNull()).addUniqueConstraint("unique_email_provider",["email","provider","tenant_id"]).addUniqueConstraint("unique_phone_provider",["phone_number","provider","tenant_id"]).execute(),await e.schema.createTable("members").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("sub","varchar(255)").addColumn("email","varchar(255)").addColumn("name","varchar(255)").addColumn("status","varchar(255)").addColumn("role","varchar(255)").addColumn("picture","varchar(2083)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("applications").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("client_secret","varchar(255)").addColumn("allowed_logout_urls","varchar(255)").addColumn("authentication_settings","varchar(255)").addColumn("addons","varchar(4096)",t=>t.notNull().defaultTo("{}")).addColumn("callbacks","varchar(1024)",t=>t.notNull().defaultTo("[]")).addColumn("allowed_origins","varchar(1024)",t=>t.notNull().defaultTo("[]")).addColumn("web_origins","varchar(1024)",t=>t.notNull().defaultTo("[]")).addColumn("allowed_clients","varchar(1024)",t=>t.defaultTo("[]").notNull()).addColumn("options_kid","varchar(32)").addColumn("options_team_id","varchar(32)").addColumn("options_client_id","varchar(128)").addColumn("options_client_secret","varchar(255)").addColumn("options_scope","varchar(255)").addColumn("options_realms","varchar(255)").addColumn("options_app_secret","varchar(1024)").addColumn("email_validation","varchar(255)").addColumn("disable_sign_ups","boolean",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("connections").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("response_type","varchar(255)").addColumn("response_mode","varchar(255)").addColumn("strategy","varchar(64)").addColumn("options","varchar(2048)",t=>t.defaultTo("{}").notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("migrations").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("provider","varchar(255)").addColumn("client_id","varchar(255)").addColumn("origin","varchar(255)").addColumn("domain","varchar(255)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("domains").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("email_service","varchar(255)").addColumn("email_api_key","varchar(255)").addColumn("dkim_private_key","varchar(2048)").addColumn("dkim_public_key","varchar(2048)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute()}async function Cr(e){await e.schema.dropTable("domains").execute(),await e.schema.dropTable("members").execute(),await e.schema.dropTable("users").execute(),await e.schema.dropTable("connections").execute(),await e.schema.dropTable("applications").execute(),await e.schema.dropTable("migrations").execute(),await e.schema.dropTable("tenants").execute()}const xr=Object.freeze(Object.defineProperty({__proto__:null,down:Cr,up:vr},Symbol.toStringTag,{value:"Module"}));async function Tr(e){await e.schema.alterTable("tenants").addColumn("support_url","varchar(255)").execute()}async function Nr(e){await e.schema.alterTable("tenants").dropColumn("support_url").execute()}const br=Object.freeze(Object.defineProperty({__proto__:null,down:Nr,up:Tr},Symbol.toStringTag,{value:"Module"}));async function Sr(e){}async function kr(e){}const Or=Object.freeze(Object.defineProperty({__proto__:null,down:kr,up:Sr},Symbol.toStringTag,{value:"Module"}));async function $r(e){await e.schema.createTable("logs").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("category","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(64)").addColumn("user_id","varchar(64)").addForeignKeyConstraint("tenant_id_constraint",["tenant_id"],"tenants",["id"],t=>t.onDelete("cascade")).addColumn("ip","varchar(255)").addColumn("type","varchar(8)",t=>t.notNull()).addColumn("date","varchar(25)",t=>t.notNull()).addColumn("client_id","varchar(255)").addColumn("client_name","varchar(255)").addColumn("user_agent","varchar(255)").addColumn("description","varchar(255)").addColumn("details","varchar(2048)").execute()}async function Er(e){await e.schema.dropTable("logs").execute()}const Pr=Object.freeze(Object.defineProperty({__proto__:null,down:Er,up:$r},Symbol.toStringTag,{value:"Module"}));async function Ir(e){}async function zr(e){}const Dr=Object.freeze(Object.defineProperty({__proto__:null,down:zr,up:Ir},Symbol.toStringTag,{value:"Module"}));async function Ar(e){await e.schema.createTable("sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("tickets").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createTable("otps").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("user_id","varchar(255)").addColumn("send","varchar(255)").addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createIndex("otps_email_index").on("otps").column("email").execute(),await e.schema.createIndex("otps_expires_at_index").on("otps").column("expires_at").execute()}async function Fr(e){await e.schema.dropTable("sessions").execute(),await e.schema.dropTable("tickets").execute(),await e.schema.dropTable("otps").execute()}const jr=Object.freeze(Object.defineProperty({__proto__:null,down:Fr,up:Ar},Symbol.toStringTag,{value:"Module"}));async function Rr(e){await e.schema.createTable("passwords").addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addPrimaryKeyConstraint("passwords_pkey",["user_id","tenant_id"]).addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(255)").addColumn("updated_at","varchar(255)").execute(),await e.schema.createTable("codes").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("user_id","varchar(255)").addColumn("tenant_id","varchar(255)").addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createIndex("codes_expires_at_index").on("codes").column("expires_at").execute()}async function Mr(e){await e.schema.dropTable("passwords").execute(),await e.schema.dropTable("codes").execute()}const Jr=Object.freeze(Object.defineProperty({__proto__:null,down:Mr,up:Rr},Symbol.toStringTag,{value:"Module"}));async function qr(e){}async function Lr(e){}const Kr=Object.freeze(Object.defineProperty({__proto__:null,down:Lr,up:qr},Symbol.toStringTag,{value:"Module"}));async function Br(e){await e.schema.alterTable("passwords").addColumn("password","varchar(255)",t=>t.notNull()).execute()}async function Ur(e){await e.schema.alterTable("passwords").dropColumn("password").execute()}const Qr=Object.freeze(Object.defineProperty({__proto__:null,down:Ur,up:Br},Symbol.toStringTag,{value:"Module"}));async function Wr(e){}async function Yr(e){}const Hr=Object.freeze(Object.defineProperty({__proto__:null,down:Yr,up:Wr},Symbol.toStringTag,{value:"Module"}));async function Gr(e){}async function Vr(e){}const Xr=Object.freeze(Object.defineProperty({__proto__:null,down:Vr,up:Gr},Symbol.toStringTag,{value:"Module"}));async function Zr(e){}async function es(e){}const ts=Object.freeze(Object.defineProperty({__proto__:null,down:es,up:Zr},Symbol.toStringTag,{value:"Module"}));async function as(e){await e.schema.createIndex("users_email_index").on("users").column("email").execute()}async function ns(e){await e.schema.dropIndex("users_email_index").execute()}const os=Object.freeze(Object.defineProperty({__proto__:null,down:ns,up:as},Symbol.toStringTag,{value:"Module"}));async function rs(e){await e.schema.alterTable("users").addColumn("profileData","varchar(2048)").execute()}async function ss(e){await e.schema.alterTable("users").dropColumn("profileData").execute()}const is=Object.freeze(Object.defineProperty({__proto__:null,down:ss,up:rs},Symbol.toStringTag,{value:"Module"}));async function cs(e){await e.schema.createIndex("users_linked_to_index").on("users").column("linked_to").execute()}async function ls(e){await e.schema.dropIndex("users_linked_to_index")}const ds=Object.freeze(Object.defineProperty({__proto__:null,down:ls,up:cs},Symbol.toStringTag,{value:"Module"}));async function us(e){await e.schema.alterTable("users").addColumn("locale","varchar(255)").execute()}async function _s(e){await e.schema.alterTable("users").dropColumn("locale").execute()}const ms=Object.freeze(Object.defineProperty({__proto__:null,down:_s,up:us},Symbol.toStringTag,{value:"Module"}));async function hs(e){await e.schema.createTable("keys").addColumn("kid","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade")).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("revoked_at","varchar(255)").addColumn("cert","varchar(4096)").addColumn("pkcs7","varchar(4096)").addColumn("fingerprint","varchar(256)").addColumn("thumbprint","varchar(256)").addColumn("current_since","varchar(256)").addColumn("current_until","varchar(256)").addColumn("type","varchar(50)",t=>t.notNull().defaultTo("jwt_signing")).addColumn("connection","varchar(255)",t=>t.references("connections.id").onDelete("cascade")).execute()}async function ps(e){await e.schema.dropTable("keys").execute()}const fs=Object.freeze(Object.defineProperty({__proto__:null,down:ps,up:hs},Symbol.toStringTag,{value:"Module"}));async function gs(e){}async function ws(e){}const ys=Object.freeze(Object.defineProperty({__proto__:null,down:ws,up:gs},Symbol.toStringTag,{value:"Module"}));async function vs(e){}async function Cs(e){}const xs=Object.freeze(Object.defineProperty({__proto__:null,down:Cs,up:vs},Symbol.toStringTag,{value:"Module"}));async function Ts(e){await e.schema.alterTable("otps").addColumn("audience","varchar(255)").execute()}async function Ns(e){await e.schema.alterTable("otps").dropColumn("audience").execute()}const bs=Object.freeze(Object.defineProperty({__proto__:null,down:Ns,up:Ts},Symbol.toStringTag,{value:"Module"}));async function Ss(e){}async function ks(e){}const Os=Object.freeze(Object.defineProperty({__proto__:null,down:ks,up:Ss},Symbol.toStringTag,{value:"Module"}));async function $s(e){await e.schema.alterTable("logs").dropColumn("category").execute()}async function Es(e){await e.schema.alterTable("logs").addColumn("category","varchar(255)",t=>t.notNull()).execute()}const Ps=Object.freeze(Object.defineProperty({__proto__:null,down:Es,up:$s},Symbol.toStringTag,{value:"Module"}));async function Is(e){await e.schema.alterTable("users").dropColumn("tags").execute()}async function zs(e){await e.schema.alterTable("users").addColumn("tags","varchar(255)").execute()}const Ds=Object.freeze(Object.defineProperty({__proto__:null,down:zs,up:Is},Symbol.toStringTag,{value:"Module"}));async function As(e){await e.schema.createIndex("logs_user_id").on("logs").column("user_id").execute(),await e.schema.createIndex("logs_tenant_id").on("logs").column("tenant_id").execute(),await e.schema.createIndex("logs_date").on("logs").column("date").execute()}async function Fs(e){await e.schema.dropIndex("logs_user_id"),await e.schema.dropIndex("logs_tenant_id"),await e.schema.dropIndex("logs_date")}const js=Object.freeze(Object.defineProperty({__proto__:null,down:Fs,up:As},Symbol.toStringTag,{value:"Module"}));async function Rs(e){await e.schema.alterTable("logs").dropColumn("details").execute(),await e.schema.alterTable("logs").addColumn("details","varchar(8192)").execute()}async function Ms(e){await e.schema.alterTable("logs").dropColumn("details").execute(),await e.schema.alterTable("logs").addColumn("details","varchar(2048)").execute()}const Js=Object.freeze(Object.defineProperty({__proto__:null,down:Ms,up:Rs},Symbol.toStringTag,{value:"Module"}));async function qs(e){await e.schema.alterTable("logs").addColumn("user_name","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("auth0_client","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("isMobile","boolean").execute(),await e.schema.alterTable("logs").addColumn("connection","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("connection_id","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("audience","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("scope","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("strategy","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("strategy_type","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("hostname","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("session_connection","varchar(255)").execute()}async function Ls(e){await e.schema.alterTable("logs").dropColumn("user_name").execute(),await e.schema.alterTable("logs").dropColumn("auth0_client").execute(),await e.schema.alterTable("logs").dropColumn("isMobile").execute(),await e.schema.alterTable("logs").dropColumn("connection").execute(),await e.schema.alterTable("logs").dropColumn("connection_id").execute(),await e.schema.alterTable("logs").dropColumn("audience").execute(),await e.schema.alterTable("logs").dropColumn("scope").execute(),await e.schema.alterTable("logs").dropColumn("strategy").execute(),await e.schema.alterTable("logs").dropColumn("strategy_type").execute(),await e.schema.alterTable("logs").dropColumn("hostname").execute(),await e.schema.alterTable("logs").dropColumn("session_connection").execute()}const Ks=Object.freeze(Object.defineProperty({__proto__:null,down:Ls,up:qs},Symbol.toStringTag,{value:"Module"}));async function Bs(e){await e.schema.createIndex("users_name_index").on("users").column("name").execute()}async function Us(e){await e.schema.dropIndex("users_name_index").execute()}const Qs=Object.freeze(Object.defineProperty({__proto__:null,down:Us,up:Bs},Symbol.toStringTag,{value:"Module"}));async function Ws(e){}async function Ys(e){await e.schema.alterTable("users").dropConstraint("unique_email_provider").execute()}const Hs=Object.freeze(Object.defineProperty({__proto__:null,down:Ys,up:Ws},Symbol.toStringTag,{value:"Module"}));async function Gs(e){await e.schema.alterTable("otps").dropColumn("state").execute(),await e.schema.alterTable("otps").addColumn("state","varchar(8192)").execute()}async function Vs(e){await e.schema.alterTable("otps").dropColumn("state").execute(),await e.schema.alterTable("otps").addColumn("state","varchar(1024)").execute()}const Xs=Object.freeze(Object.defineProperty({__proto__:null,down:Vs,up:Gs},Symbol.toStringTag,{value:"Module"}));async function Zs(e){await e.schema.alterTable("tickets").dropColumn("state").execute(),await e.schema.alterTable("tickets").addColumn("state","varchar(8192)").execute()}async function ei(e){await e.schema.alterTable("tickets").dropColumn("state").execute(),await e.schema.alterTable("tickets").addColumn("state","varchar(1024)").execute()}const ti=Object.freeze(Object.defineProperty({__proto__:null,down:ei,up:Zs},Symbol.toStringTag,{value:"Module"}));async function ai(e){await e.schema.createTable("branding").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull().primaryKey()).addColumn("logo_url","varchar(512)").addColumn("favicon_url","varchar(512)").addColumn("font_url","varchar(512)").addColumn("colors_primary","varchar(8)").addColumn("colors_page_background_type","varchar(32)").addColumn("colors_page_background_start","varchar(8)").addColumn("colors_page_background_end","varchar(8)").addColumn("colors_page_background_angle_dev","integer").execute()}async function ni(e){await e.schema.dropTable("branding").execute()}const oi=Object.freeze(Object.defineProperty({__proto__:null,down:ni,up:ai},Symbol.toStringTag,{value:"Module"}));async function ri(e){}async function si(e){}const ii=Object.freeze(Object.defineProperty({__proto__:null,down:si,up:ri},Symbol.toStringTag,{value:"Module"}));async function ci(e){}async function li(e){}const di=Object.freeze(Object.defineProperty({__proto__:null,down:li,up:ci},Symbol.toStringTag,{value:"Module"}));async function ui(e){}async function _i(e){}const mi=Object.freeze(Object.defineProperty({__proto__:null,down:_i,up:ui},Symbol.toStringTag,{value:"Module"}));async function hi(e){}async function pi(e){}const fi=Object.freeze(Object.defineProperty({__proto__:null,down:pi,up:hi},Symbol.toStringTag,{value:"Module"}));async function gi(e){await e.schema.createTable("authentication_codes").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(8192)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}async function wi(e){await e.schema.dropTable("authentication_codes").execute()}const yi=Object.freeze(Object.defineProperty({__proto__:null,down:wi,up:gi},Symbol.toStringTag,{value:"Module"}));async function vi(e){}async function Ci(e){}const xi=Object.freeze(Object.defineProperty({__proto__:null,down:Ci,up:vi},Symbol.toStringTag,{value:"Module"}));async function Ti(e){await e.schema.alterTable("otps").addColumn("ip","varchar(64)").execute()}async function Ni(e){await e.schema.alterTable("otps").dropColumn("ip").execute()}const bi=Object.freeze(Object.defineProperty({__proto__:null,down:Ni,up:Ti},Symbol.toStringTag,{value:"Module"}));async function Si(e){await e.schema.alterTable("logs").dropColumn("user_agent").execute(),await e.schema.alterTable("logs").addColumn("user_agent","varchar(1024)").execute()}async function ki(e){await e.schema.alterTable("logs").dropColumn("user_agent").execute(),await e.schema.alterTable("logs").addColumn("user_agent","varchar(255)").execute()}const Oi=Object.freeze(Object.defineProperty({__proto__:null,down:ki,up:Si},Symbol.toStringTag,{value:"Module"}));async function $i(e){}async function Ei(e){}const Pi=Object.freeze(Object.defineProperty({__proto__:null,down:Ei,up:$i},Symbol.toStringTag,{value:"Module"}));async function Ii(e){await e.schema.createTable("hooks").addColumn("hook_id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("url","varchar(512)",t=>t.notNull()).addColumn("trigger_id","varchar(255)",t=>t.notNull()).addColumn("enabled","boolean",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).addColumn("synchronous","boolean",t=>t.defaultTo(!1).notNull()).addColumn("priority","integer").execute()}async function zi(e){await e.schema.dropTable("hooks").execute()}const Di=Object.freeze(Object.defineProperty({__proto__:null,down:zi,up:Ii},Symbol.toStringTag,{value:"Module"}));async function Ai(e){}async function Fi(e){}const ji=Object.freeze(Object.defineProperty({__proto__:null,down:Fi,up:Ai},Symbol.toStringTag,{value:"Module"}));async function Ri(e){}async function Mi(e){}const Ji=Object.freeze(Object.defineProperty({__proto__:null,down:Mi,up:Ri},Symbol.toStringTag,{value:"Module"}));async function qi(e){await e.schema.createTable("logins").addColumn("login_id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("authParams_client_id","varchar(255)",t=>t.notNull()).addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","varchar(511)").addColumn("authParams_state","varchar(511)").addColumn("authParams_code_challenge_method","varchar(256)").addColumn("authParams_code_challenge","varchar(256)").addColumn("authParams_redirect_uri","varchar(256)").addColumn("authParams_organization","varchar(256)").addColumn("authorization_url","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("ip","varchar(255)").addColumn("useragent","varchar(512)").execute(),await e.schema.alterTable("passwords").addColumn("algorithm","varchar(16)").execute(),await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("code_id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)").addColumn("login_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("code_type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}async function Li(e){await e.schema.dropTable("logins").execute(),await e.schema.alterTable("passwords").dropColumn("algorithm").execute(),await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("code","varchar(255)",t=>t.notNull()).addColumn("user_id","varchar(255)").addColumn("tenant_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const Ki=Object.freeze(Object.defineProperty({__proto__:null,down:Li,up:qi},Symbol.toStringTag,{value:"Module"}));async function Bi(e){}async function Ui(e){}const Qi=Object.freeze(Object.defineProperty({__proto__:null,down:Ui,up:Bi},Symbol.toStringTag,{value:"Module"}));async function Wi(e){await e.schema.alterTable("logins").addColumn("auth0Client","varchar(256)").execute()}async function Yi(e){await e.schema.alterTable("logins").dropColumn("auth0Client").execute()}const Hi=Object.freeze(Object.defineProperty({__proto__:null,down:Yi,up:Wi},Symbol.toStringTag,{value:"Module"}));async function Gi(e){await e.schema.alterTable("logins").dropColumn("authParams_state").execute(),await e.schema.alterTable("logins").addColumn("authParams_state","varchar(8192)").execute()}async function Vi(e){await e.schema.alterTable("logins").dropColumn("authParams_state").execute(),await e.schema.alterTable("logins").addColumn("authParams_state","varchar(511)").execute()}const Xi=Object.freeze(Object.defineProperty({__proto__:null,down:Vi,up:Gi},Symbol.toStringTag,{value:"Module"}));async function Zi(e){}async function ec(e){}const tc=Object.freeze(Object.defineProperty({__proto__:null,down:ec,up:Zi},Symbol.toStringTag,{value:"Module"}));async function ac(e){}async function nc(e){}const oc=Object.freeze(Object.defineProperty({__proto__:null,down:nc,up:ac},Symbol.toStringTag,{value:"Module"}));async function rc(e){await e.schema.alterTable("logins").addColumn("authParams_nonce","varchar(255)").execute()}async function sc(e){await e.schema.alterTable("logins").dropColumn("nonce").execute()}const ic=Object.freeze(Object.defineProperty({__proto__:null,down:sc,up:rc},Symbol.toStringTag,{value:"Module"}));async function cc(e){}async function lc(e){}const dc=Object.freeze(Object.defineProperty({__proto__:null,down:lc,up:cc},Symbol.toStringTag,{value:"Module"}));async function uc(e){}async function _c(e){}const mc=Object.freeze(Object.defineProperty({__proto__:null,down:_c,up:uc},Symbol.toStringTag,{value:"Module"}));async function hc(e){await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("code_id","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)").addColumn("login_id","varchar(255)").addColumn("connection_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("code_type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").addPrimaryKeyConstraint("PK_codes_code_id_code_type",["code_id","code_type"]).execute()}async function pc(e){await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("code_id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)").addColumn("connection_id","varchar(255)").addColumn("login_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("code_type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const fc=Object.freeze(Object.defineProperty({__proto__:null,down:pc,up:hc},Symbol.toStringTag,{value:"Module"}));async function gc(e){await e.schema.dropTable("otps").execute(),await e.schema.dropTable("authentication_codes").execute()}async function wc(e){await e.schema.alterTable("keys").addColumn("private_key","varchar(2048)").addColumn("public_key","varchar(2048)").execute(),await e.schema.createTable("otps").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("user_id","varchar(255)").addColumn("send","varchar(255)").addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createTable("authentication_codes").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(8192)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const yc=Object.freeze(Object.defineProperty({__proto__:null,down:wc,up:gc},Symbol.toStringTag,{value:"Module"}));async function vc(e){await e.schema.createIndex("IDX_logs_tenant_date_type_user").on("logs").columns(["tenant_id","date","type","user_id"]).execute()}async function Cc(e){await e.schema.dropIndex("IDX_logs_tenant_date_type_user").on("logs").execute()}const xc=Object.freeze(Object.defineProperty({__proto__:null,down:Cc,up:vc},Symbol.toStringTag,{value:"Module"}));async function Tc(e){}async function Nc(e){}const bc=Object.freeze(Object.defineProperty({__proto__:null,down:Nc,up:Tc},Symbol.toStringTag,{value:"Module"}));async function Sc(e){await e.schema.createTable("prompt_settings").addColumn("tenant_id","varchar(64)",t=>t.primaryKey()).addColumn("universal_login_experience","varchar(16)",t=>t.defaultTo("new").notNull()).addColumn("identifier_first","boolean",t=>t.defaultTo(!0).notNull()).addColumn("password_first","boolean",t=>t.defaultTo(!1).notNull()).addColumn("webauthn_platform_first_factor","boolean",t=>t.defaultTo(!1).notNull()).execute()}async function kc(e){await e.schema.dropTable("prompt_settings").execute()}const Oc=Object.freeze(Object.defineProperty({__proto__:null,down:kc,up:Sc},Symbol.toStringTag,{value:"Module"}));async function $c(e){}async function Ec(e){}const Pc=Object.freeze(Object.defineProperty({__proto__:null,down:Ec,up:$c},Symbol.toStringTag,{value:"Module"}));async function Ic(e){}async function zc(e){}const Dc=Object.freeze(Object.defineProperty({__proto__:null,down:zc,up:Ic},Symbol.toStringTag,{value:"Module"}));async function Ac(e){}async function Fc(e){}const jc=Object.freeze(Object.defineProperty({__proto__:null,down:Fc,up:Ac},Symbol.toStringTag,{value:"Module"}));async function Rc(e){await e.schema.alterTable("logins").addColumn("authParams_ui_locales","varchar(32)").execute()}async function Mc(e){await e.schema.alterTable("logins").dropColumn("authParams_ui_locales").execute()}const Jc=Object.freeze(Object.defineProperty({__proto__:null,down:Mc,up:Rc},Symbol.toStringTag,{value:"Module"}));async function qc(e){await e.schema.alterTable("logins").addColumn("authParams_prompt","varchar(16)").execute()}async function Lc(e){await e.schema.alterTable("logins").dropColumn("authParams_prompt").execute()}const Kc=Object.freeze(Object.defineProperty({__proto__:null,down:Lc,up:qc},Symbol.toStringTag,{value:"Module"}));async function Bc(e){}async function Uc(e){}const Qc=Object.freeze(Object.defineProperty({__proto__:null,down:Uc,up:Bc},Symbol.toStringTag,{value:"Module"}));async function Wc(e){await e.schema.alterTable("logins").addColumn("authParams_act_as","varchar(255)").execute()}async function Yc(e){await e.schema.alterTable("logins").dropColumn("authParam_act_as").execute()}const Hc=Object.freeze(Object.defineProperty({__proto__:null,down:Yc,up:Wc},Symbol.toStringTag,{value:"Module"}));async function Gc(e){await e.schema.alterTable("codes").addColumn("code_verifier","varchar(128)").execute()}async function Vc(e){await e.schema.alterTable("codes").dropColumn("code_verifier").execute()}const Xc=Object.freeze(Object.defineProperty({__proto__:null,down:Vc,up:Gc},Symbol.toStringTag,{value:"Module"}));async function Zc(e){await e.schema.createTable("email_providers").addColumn("tenant_id","varchar(255)",t=>t.primaryKey()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("enabled","boolean",t=>t.notNull()).addColumn("default_from_address","varchar(255)").addColumn("credentials","varchar(2048)",t=>t.notNull().defaultTo("{}")).addColumn("settings","varchar(2048)",t=>t.notNull().defaultTo("{}")).addColumn("created_at","varchar(29)",t=>t.notNull()).addColumn("updated_at","varchar(29)",t=>t.notNull()).execute()}async function el(e){await e.schema.dropTable("email_providers").execute()}const tl=Object.freeze(Object.defineProperty({__proto__:null,down:el,up:Zc},Symbol.toStringTag,{value:"Module"}));async function al(e){await e.schema.dropTable("tickets").execute()}async function nl(e){await e.schema.createTable("tickets").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const ol=Object.freeze(Object.defineProperty({__proto__:null,down:nl,up:al},Symbol.toStringTag,{value:"Module"}));async function rl(e){}async function sl(e){await e.schema.alterTable("logins").dropColumn("ip").dropColumn("useragent").execute()}const il=Object.freeze(Object.defineProperty({__proto__:null,down:sl,up:rl},Symbol.toStringTag,{value:"Module"}));async function cl(e){await e.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}async function ll(e){await e.schema.dropTable("refresh_tokens").execute()}const dl=Object.freeze(Object.defineProperty({__proto__:null,down:ll,up:cl},Symbol.toStringTag,{value:"Module"}));async function ul(e){}async function _l(e){}const ml=Object.freeze(Object.defineProperty({__proto__:null,down:_l,up:ul},Symbol.toStringTag,{value:"Module"}));async function hl(e){await e.schema.dropTable("sessions").execute(),await e.schema.dropTable("refresh_tokens").execute()}async function pl(e){await e.schema.createTable("sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("sessions_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("refresh_tokens_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}const fl=Object.freeze(Object.defineProperty({__proto__:null,down:pl,up:hl},Symbol.toStringTag,{value:"Module"}));async function gl(e){await e.schema.createTable("sessions_2").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("sessions_2_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("refresh_tokens_2").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("refresh_tokens_2_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}async function wl(e){await e.schema.dropTable("sessions_2").execute(),await e.schema.dropTable("refresh_tokens_2").execute()}const yl=Object.freeze(Object.defineProperty({__proto__:null,down:wl,up:gl},Symbol.toStringTag,{value:"Module"}));async function vl(e){await e.schema.createTable("custom_domains").addColumn("custom_domain_id","varchar(21)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("primary","boolean",t=>t.notNull()).addColumn("status","varchar(50)",t=>t.notNull()).addColumn("type","varchar(50)",t=>t.notNull()).addColumn("origin_domain_name","varchar(255)").addColumn("verification","varchar(2048)").addColumn("custom_client_ip_header","varchar(50)").addColumn("tls_policy","varchar(50)").addColumn("domain_metadata","varchar(2048)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.dropTable("domains").execute()}async function Cl(e){await e.schema.dropTable("custom_domains").execute(),await e.schema.createTable("domains").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("email_service","varchar(255)").addColumn("email_api_key","varchar(255)").addColumn("dkim_private_key","varchar(2048)").addColumn("dkim_public_key","varchar(2048)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute()}const xl=Object.freeze(Object.defineProperty({__proto__:null,down:Cl,up:vl},Symbol.toStringTag,{value:"Module"}));async function Tl(e){}async function Nl(e){await e.schema.alterTable("logins").dropColumn("authParams_organization").dropColumn("authorization_url").execute()}const bl=Object.freeze(Object.defineProperty({__proto__:null,down:Nl,up:Tl},Symbol.toStringTag,{value:"Module"}));async function Sl(e){await e.schema.alterTable("logins").dropColumn("authorization_url").execute(),await e.schema.alterTable("logins").addColumn("authorization_url","varchar(2048)").execute()}async function kl(e){await e.schema.alterTable("logins").dropColumn("authorization_url").execute(),await e.schema.alterTable("logins").addColumn("authorization_url","varchar(1024)").execute()}const Ol=Object.freeze(Object.defineProperty({__proto__:null,down:kl,up:Sl},Symbol.toStringTag,{value:"Module"}));async function $l(e){}async function El(e){}const Pl=Object.freeze(Object.defineProperty({__proto__:null,down:El,up:$l},Symbol.toStringTag,{value:"Module"}));async function Il(e){await e.schema.createTable("sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("sessions_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("login_sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)",t=>t.references("sessions.id").onDelete("cascade")).addColumn("csrf_token","varchar(21)",t=>t.notNull()).addColumn("authParams_client_id","varchar(255)",t=>t.notNull()).addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","varchar(511)").addColumn("authParams_state","varchar(2048)").addColumn("authParams_nonce","varchar(255)").addColumn("authParams_code_challenge_method","varchar(255)").addColumn("authParams_code_challenge","varchar(255)").addColumn("authParams_redirect_uri","varchar(255)").addColumn("authParams_organization","varchar(255)").addColumn("authParams_prompt","varchar(32)").addColumn("authParams_act_as","varchar(256)").addColumn("authParams_ui_locales","varchar(32)").addColumn("authorization_url","varchar(1024)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)",t=>t.notNull()).addColumn("ip","varchar(39)").addColumn("useragent","varchar(1024)").addColumn("auth0Client","varchar(255)").execute(),await e.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("refresh_tokens_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}async function zl(e){await e.schema.dropTable("sessions").execute(),await e.schema.dropTable("login_sessions").execute(),await e.schema.dropTable("refresh_tokens").execute()}const Dl=Object.freeze(Object.defineProperty({__proto__:null,down:zl,up:Il},Symbol.toStringTag,{value:"Module"}));async function Al(e){await e.schema.dropTable("logins").execute(),await e.schema.dropTable("sessions_2").execute(),await e.schema.dropTable("refresh_tokens_2").execute()}async function Fl(e){}const jl=Object.freeze(Object.defineProperty({__proto__:null,down:Fl,up:Al},Symbol.toStringTag,{value:"Module"}));async function Rl(e){await e.schema.dropTable("custom_domains").execute(),await e.schema.createTable("custom_domains").addColumn("custom_domain_id","varchar(256)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("primary","boolean",t=>t.notNull()).addColumn("status","varchar(50)",t=>t.notNull()).addColumn("type","varchar(50)",t=>t.notNull()).addColumn("origin_domain_name","varchar(255)").addColumn("verification","varchar(2048)").addColumn("custom_client_ip_header","varchar(50)").addColumn("tls_policy","varchar(50)").addColumn("domain_metadata","varchar(2048)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute()}async function Ml(e){}const Jl=Object.freeze(Object.defineProperty({__proto__:null,down:Ml,up:Rl},Symbol.toStringTag,{value:"Module"}));async function ql(e){}async function Ll(e){await e.schema.alterTable("users").dropColumn("phone_number").dropColumn("phone_verified").dropColumn("username").execute()}const Kl=Object.freeze(Object.defineProperty({__proto__:null,down:Ll,up:ql},Symbol.toStringTag,{value:"Module"}));async function Bl(e){await e.schema.createTable("forms").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(255)",t=>t.notNull()).addColumn("messages","varchar(255)").addColumn("languages","varchar(255)").addColumn("translations","varchar(4096)").addColumn("nodes","varchar(4096)").addColumn("start","varchar(255)").addColumn("ending","varchar(255)").addColumn("style","varchar(1042)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createIndex("forms_tenant_id_idx").on("forms").column("tenant_id").execute()}async function Ul(e){await e.schema.dropTable("forms").execute()}const Ql=Object.freeze(Object.defineProperty({__proto__:null,down:Ul,up:Bl},Symbol.toStringTag,{value:"Module"}));async function Wl(e){await e.schema.alterTable("hooks").addColumn("form_id","text").execute(),await e.schema.alterTable("hooks").addColumn("url_tmp","varchar(512)").execute(),await e.updateTable("hooks").set(t=>({url_tmp:t.ref("url")})).execute(),await e.schema.alterTable("hooks").dropColumn("url").execute(),await e.schema.alterTable("hooks").renameColumn("url_tmp","url").execute()}async function Yl(e){await e.schema.dropTable("hooks").ifExists().execute(),await e.schema.createTable("hooks").addColumn("hook_id","text",t=>t.primaryKey()).addColumn("tenant_id","text",t=>t.notNull()).addColumn("trigger_id","text",t=>t.notNull()).addColumn("enabled","integer",t=>t.notNull().defaultTo(0)).addColumn("url","varchar(512)",t=>t.notNull()).addColumn("synchronous","integer",t=>t.notNull().defaultTo(0)).addColumn("priority","integer").addColumn("created_at","text",t=>t.notNull()).addColumn("updated_at","text",t=>t.notNull()).execute()}const Hl=Object.freeze(Object.defineProperty({__proto__:null,down:Yl,up:Wl},Symbol.toStringTag,{value:"Module"}));async function Gl(e){await e.schema.alterTable("login_sessions").addColumn("login_completed","boolean",t=>t.notNull().defaultTo(0)).execute()}async function Vl(e){await e.schema.alterTable("login_sessions").dropColumn("login_completed").execute()}const Xl=Object.freeze(Object.defineProperty({__proto__:null,down:Vl,up:Gl},Symbol.toStringTag,{value:"Module"}));async function Zl(e){await e.schema.alterTable("sessions").addColumn("login_session_id","varchar(21)",t=>t.references("login_sessions.id").onDelete("set null")).execute()}async function ed(e){await e.schema.alterTable("sessions").dropColumn("login_session_id").execute()}const td=Object.freeze(Object.defineProperty({__proto__:null,down:ed,up:Zl},Symbol.toStringTag,{value:"Module"}));async function ad(e){await e.schema.createIndex("IDX_sessions_login_session_id").on("sessions").column("login_session_id").execute()}async function nd(e){await e.schema.dropIndex("IDX_sessions_login_session_id").on("sessions").execute()}const od=Object.freeze(Object.defineProperty({__proto__:null,down:nd,up:ad},Symbol.toStringTag,{value:"Module"}));async function rd(e){await e.schema.alterTable("codes").addColumn("code_challenge","varchar(128)").execute(),await e.schema.alterTable("codes").addColumn("code_challenge_method","varchar(5)").execute()}async function sd(e){await e.schema.alterTable("codes").dropColumn("code_challenge").execute(),await e.schema.alterTable("codes").dropColumn("code_challenge_method").execute()}const id=Object.freeze(Object.defineProperty({__proto__:null,down:sd,up:rd},Symbol.toStringTag,{value:"Module"}));async function cd(e){await e.schema.alterTable("codes").addColumn("redirect_uri","varchar(1024)").execute()}async function ld(e){await e.schema.alterTable("codes").dropColumn("redirect_uri").execute()}const dd=Object.freeze(Object.defineProperty({__proto__:null,down:ld,up:cd},Symbol.toStringTag,{value:"Module"}));async function ud(e){await e.schema.alterTable("codes").addColumn("nonce","varchar(1024)").execute(),await e.schema.alterTable("codes").addColumn("state","varchar(2048)").execute()}async function _d(e){await e.schema.alterTable("codes").dropColumn("nonce").execute(),await e.schema.alterTable("codes").dropColumn("state").execute()}const md=Object.freeze(Object.defineProperty({__proto__:null,down:_d,up:ud},Symbol.toStringTag,{value:"Module"}));async function hd(e){await e.schema.createTable("themes").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("themeId","varchar(255)",t=>t.notNull()).addColumn("displayName","varchar(255)",t=>t.notNull()).addColumn("colors_primary_button_label","varchar(24)",t=>t.notNull()).addColumn("colors_primary_button","varchar(24)",t=>t.notNull()).addColumn("colors_secondary_button_border","varchar(24)",t=>t.notNull()).addColumn("colors_secondary_button_label","varchar(24)",t=>t.notNull()).addColumn("colors_base_focus_color","varchar(24)",t=>t.notNull()).addColumn("colors_base_hover_color","varchar(24)",t=>t.notNull()).addColumn("colors_body_text","varchar(24)",t=>t.notNull()).addColumn("colors_captcha_widget_theme","varchar(24)",t=>t.notNull()).addColumn("colors_error","varchar(24)",t=>t.notNull()).addColumn("colors_header","varchar(24)",t=>t.notNull()).addColumn("colors_icons","varchar(24)",t=>t.notNull()).addColumn("colors_input_background","varchar(24)",t=>t.notNull()).addColumn("colors_input_border","varchar(24)",t=>t.notNull()).addColumn("colors_input_filled_text","varchar(24)",t=>t.notNull()).addColumn("colors_input_labels_placeholders","varchar(24)",t=>t.notNull()).addColumn("colors_links_focused_components","varchar(24)",t=>t.notNull()).addColumn("colors_success","varchar(24)",t=>t.notNull()).addColumn("colors_widget_background","varchar(24)",t=>t.notNull()).addColumn("colors_widget_border","varchar(24)",t=>t.notNull()).addColumn("borders_button_border_radius","integer",t=>t.notNull()).addColumn("borders_button_border_weight","integer",t=>t.notNull()).addColumn("borders_buttons_style","varchar(24)",t=>t.notNull()).addColumn("borders_input_border_radius","integer",t=>t.notNull()).addColumn("borders_input_border_weight","integer",t=>t.notNull()).addColumn("borders_inputs_style","varchar(24)",t=>t.notNull()).addColumn("borders_show_widget_shadow","boolean",t=>t.notNull()).addColumn("borders_widget_border_weight","integer",t=>t.notNull()).addColumn("borders_widget_corner_radius","integer",t=>t.notNull()).addColumn("fonts_body_text_bold","integer",t=>t.notNull()).addColumn("fonts_body_text_size","integer",t=>t.notNull()).addColumn("fonts_buttons_text_bold","integer",t=>t.notNull()).addColumn("fonts_buttons_text_size","integer",t=>t.notNull()).addColumn("fonts_font_url","varchar(255)",t=>t.notNull()).addColumn("fonts_input_labels_bold","integer",t=>t.notNull()).addColumn("fonts_input_labels_size","integer",t=>t.notNull()).addColumn("fonts_links_bold","boolean",t=>t.notNull()).addColumn("fonts_links_size","integer",t=>t.notNull()).addColumn("fonts_links_style","varchar(24)",t=>t.notNull()).addColumn("fonts_reference_text_size","integer",t=>t.notNull()).addColumn("fonts_subtitle_bold","boolean",t=>t.notNull()).addColumn("fonts_subtitle_size","integer",t=>t.notNull()).addColumn("fonts_title_bold","boolean",t=>t.notNull()).addColumn("fonts_title_size","integer",t=>t.notNull()).addColumn("page_background_background_color","varchar(24)",t=>t.notNull()).addColumn("page_background_background_image_url","varchar(255)",t=>t.notNull()).addColumn("page_background_page_layout","varchar(24)",t=>t.notNull()).addColumn("widget_header_text_alignment","varchar(24)",t=>t.notNull()).addColumn("widget_logo_height","integer",t=>t.notNull()).addColumn("widget_logo_position","varchar(24)",t=>t.notNull()).addColumn("widget_logo_url","varchar(255)",t=>t.notNull()).addColumn("widget_social_buttons_layout","varchar(24)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("themes_pkey",["tenant_id","themeId"]).execute(),await e.schema.createIndex("themes_tenant_id_idx").on("themes").column("tenant_id").execute()}async function pd(e){await e.schema.dropTable("themes").execute()}const fd=Object.freeze(Object.defineProperty({__proto__:null,down:pd,up:hd},Symbol.toStringTag,{value:"Module"}));async function gd(e){await e.schema.createTable("resource_servers").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("identifier","varchar(191)",t=>t.notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("scopes","varchar(4096)").addColumn("signing_alg","varchar(64)").addColumn("signing_secret","varchar(2048)").addColumn("token_lifetime","integer").addColumn("token_lifetime_for_web","integer").addColumn("skip_consent_for_verifiable_first_party_clients","integer").addColumn("allow_offline_access","integer").addColumn("verification_key","varchar(4096)").addColumn("options","varchar(4096)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("resource_servers_pk",["tenant_id","id"]).execute(),await e.schema.createIndex("resource_servers_tenant_identifier_uq").on("resource_servers").columns(["tenant_id","identifier"]).unique().execute(),await e.schema.createTable("roles").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(50)",t=>t.notNull()).addColumn("description","varchar(255)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("roles_pk",["tenant_id","id"]).execute(),await e.schema.createIndex("roles_tenant_name_uq").on("roles").columns(["tenant_id","name"]).unique().execute()}async function wd(e){await e.schema.dropTable("roles").execute(),await e.schema.dropTable("resource_servers").execute()}const yd=Object.freeze(Object.defineProperty({__proto__:null,down:wd,up:gd},Symbol.toStringTag,{value:"Module"}));async function vd(e){await e.schema.createTable("role_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(191)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("role_permissions_pk",["tenant_id","role_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("role_permissions_role_fk").on("role_permissions").columns(["tenant_id","role_id"]).execute(),await e.schema.createIndex("role_permissions_permission_fk").on("role_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createTable("user_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(191)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_permissions_pk",["tenant_id","user_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("user_permissions_user_fk").on("user_permissions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_permissions_permission_fk").on("user_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute()}async function Cd(e){await e.schema.dropTable("user_permissions").execute(),await e.schema.dropTable("role_permissions").execute()}const xd=Object.freeze(Object.defineProperty({__proto__:null,down:Cd,up:vd},Symbol.toStringTag,{value:"Module"}));async function Td(e){await e.schema.createTable("user_roles").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_roles_pk",["tenant_id","user_id","role_id"]).execute(),await e.schema.createIndex("user_roles_user_fk").on("user_roles").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_roles_role_fk").on("user_roles").columns(["tenant_id","role_id"]).execute()}async function Nd(e){await e.schema.dropTable("user_roles").execute()}const bd=Object.freeze(Object.defineProperty({__proto__:null,down:Nd,up:Td},Symbol.toStringTag,{value:"Module"}));async function Sd(e){}async function kd(e){await e.schema.alterTable("keys").dropColumn("connection").execute(),await e.schema.alterTable("keys").modifyColumn("cert","varchar(2048)").execute(),await e.schema.alterTable("keys").modifyColumn("pkcs7","varchar(2048)").execute(),await e.schema.alterTable("keys").dropColumn("type").execute()}const Od=Object.freeze(Object.defineProperty({__proto__:null,down:kd,up:Sd},Symbol.toStringTag,{value:"Module"}));async function $d(e){await e.schema.createTable("organizations").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(256)",t=>t.notNull()).addColumn("display_name","varchar(256)").addColumn("branding","text").addColumn("metadata","text").addColumn("enabled_connections","text").addColumn("token_quota","text").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.createIndex("idx_organizations_tenant_id").on("organizations").column("tenant_id").execute(),await e.schema.createIndex("idx_organizations_tenant_name_unique").on("organizations").columns(["tenant_id","name"]).unique().execute()}async function Ed(e){await e.schema.dropTable("organizations").execute()}const Pd=Object.freeze(Object.defineProperty({__proto__:null,down:Ed,up:$d},Symbol.toStringTag,{value:"Module"}));async function Id(e){await e.schema.createTable("user_organizations").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addUniqueConstraint("user_organizations_unique",["tenant_id","user_id","organization_id"]).execute(),await e.schema.createIndex("idx_user_organizations_tenant_id").on("user_organizations").column("tenant_id").execute(),await e.schema.createIndex("idx_user_organizations_user_id").on("user_organizations").column("user_id").execute(),await e.schema.createIndex("idx_user_organizations_organization_id").on("user_organizations").column("organization_id").execute()}async function zd(e){await e.schema.dropTable("user_organizations").execute()}const Dd=Object.freeze(Object.defineProperty({__proto__:null,down:zd,up:Id},Symbol.toStringTag,{value:"Module"}));async function Ad(e){await e.schema.dropTable("user_permissions").execute(),await e.schema.dropTable("user_roles").execute(),await e.schema.createTable("user_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(21)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull().defaultTo("")).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_permissions_pk",["tenant_id","user_id","resource_server_identifier","permission_name","organization_id"]).execute(),await e.schema.createIndex("user_permissions_user_fk").on("user_permissions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_permissions_permission_fk").on("user_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("user_permissions_organization_fk").on("user_permissions").column("organization_id").execute(),await e.schema.createTable("user_roles").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("organization_id","varchar(191)",t=>t.notNull().defaultTo("")).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_roles_pk",["tenant_id","user_id","role_id","organization_id"]).execute(),await e.schema.createIndex("user_roles_user_fk").on("user_roles").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_roles_role_fk").on("user_roles").columns(["tenant_id","role_id"]).execute(),await e.schema.createIndex("user_roles_organization_fk").on("user_roles").column("organization_id").execute()}async function Fd(e){await e.schema.dropTable("user_permissions").execute(),await e.schema.dropTable("user_roles").execute(),await e.schema.createTable("user_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(191)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_permissions_pk",["tenant_id","user_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("user_permissions_user_fk").on("user_permissions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_permissions_permission_fk").on("user_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createTable("user_roles").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_roles_pk",["tenant_id","user_id","role_id"]).execute(),await e.schema.createIndex("user_roles_user_fk").on("user_roles").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_roles_role_fk").on("user_roles").columns(["tenant_id","role_id"]).execute()}const jd=Object.freeze(Object.defineProperty({__proto__:null,down:Fd,up:Ad},Symbol.toStringTag,{value:"Module"}));async function Rd(e){await e.schema.createTable("clients").addColumn("client_id","varchar(191)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("description","varchar(140)").addColumn("global","integer",t=>t.defaultTo(0).notNull()).addColumn("client_secret","varchar(255)").addColumn("app_type","varchar(64)",t=>t.defaultTo("regular_web")).addColumn("logo_uri","varchar(2083)").addColumn("is_first_party","integer",t=>t.defaultTo(0).notNull()).addColumn("oidc_conformant","integer",t=>t.defaultTo(1).notNull()).addColumn("callbacks","text",t=>t.notNull()).addColumn("allowed_origins","text",t=>t.notNull()).addColumn("web_origins","text",t=>t.notNull()).addColumn("client_aliases","text",t=>t.notNull()).addColumn("allowed_clients","text",t=>t.notNull()).addColumn("allowed_logout_urls","text",t=>t.notNull()).addColumn("session_transfer","text",t=>t.notNull()).addColumn("oidc_logout","text",t=>t.notNull()).addColumn("grant_types","text",t=>t.notNull()).addColumn("jwt_configuration","text",t=>t.notNull()).addColumn("signing_keys","text",t=>t.notNull()).addColumn("encryption_key","text",t=>t.notNull()).addColumn("sso","integer",t=>t.defaultTo(0).notNull()).addColumn("sso_disabled","integer",t=>t.defaultTo(1).notNull()).addColumn("cross_origin_authentication","integer",t=>t.defaultTo(0).notNull()).addColumn("cross_origin_loc","varchar(2083)").addColumn("custom_login_page_on","integer",t=>t.defaultTo(0).notNull()).addColumn("custom_login_page","text").addColumn("custom_login_page_preview","text").addColumn("form_template","text").addColumn("addons","text",t=>t.notNull()).addColumn("token_endpoint_auth_method","varchar(64)",t=>t.defaultTo("client_secret_basic")).addColumn("client_metadata","text",t=>t.notNull()).addColumn("mobile","text",t=>t.notNull()).addColumn("initiate_login_uri","varchar(2083)").addColumn("native_social_login","text",t=>t.notNull()).addColumn("refresh_token","text",t=>t.notNull()).addColumn("default_organization","text",t=>t.notNull()).addColumn("organization_usage","varchar(32)",t=>t.defaultTo("deny")).addColumn("organization_require_behavior","varchar(32)",t=>t.defaultTo("no_prompt")).addColumn("client_authentication_methods","text",t=>t.notNull()).addColumn("require_pushed_authorization_requests","integer",t=>t.defaultTo(0).notNull()).addColumn("require_proof_of_possession","integer",t=>t.defaultTo(0).notNull()).addColumn("signed_request_object","text",t=>t.notNull()).addColumn("compliance_level","varchar(64)").addColumn("par_request_expiry","integer").addColumn("token_quota","text",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("clients_tenant_id_client_id",["tenant_id","client_id"]).execute()}async function Md(e){await e.schema.dropTable("clients").execute()}const Jd=Object.freeze(Object.defineProperty({__proto__:null,down:Md,up:Rd},Symbol.toStringTag,{value:"Module"}));let Ie=!1;function ze(e){Ie=e}function w(...e){Ie&&console.log(...e)}function z(...e){console.warn(...e)}async function De(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function qd(e){await De(e)==="mysql"?await Ld(e):await Kd(e)}async function Ld(e){await e.transaction().execute(async t=>{const a=await h.sql`
       SELECT
         rc.CONSTRAINT_NAME,
         rc.TABLE_NAME
@@ -29,7 +29,7 @@
              authParams_nonce, authParams_code_challenge_method, authParams_code_challenge, authParams_redirect_uri,
              authParams_organization, authParams_prompt, authParams_act_as, authParams_ui_locales, authorization_url,
              created_at, updated_at, expires_at, ip, useragent, auth0Client, login_completed
-      FROM login_sessions_backup`.execute(t),await h.sql`DROP TABLE sessions_backup`.execute(t),await h.sql`DROP TABLE login_sessions_backup`.execute(t),await h.sql`DROP TABLE refresh_tokens_backup`.execute(t)})}async function Id(e){await e.transaction().execute(async t=>{const a=["sessions_backup","login_sessions_backup","refresh_tokens_backup"];for(const n of a)try{await h.sql`DROP TABLE IF EXISTS ${h.sql.raw(n)}`.execute(t)}catch(o){console.warn(`Failed to drop backup table ${n}:`,o)}await h.sql`CREATE TABLE sessions_backup AS SELECT * FROM sessions`.execute(t),await h.sql`CREATE TABLE login_sessions_backup AS SELECT * FROM login_sessions`.execute(t),await h.sql`CREATE TABLE refresh_tokens_backup AS SELECT * FROM refresh_tokens`.execute(t),await h.sql`DROP TABLE sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await h.sql`DROP TABLE refresh_tokens`.execute(t),await t.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",n=>n.notNull()).addColumn("tenant_id","varchar(255)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("client_id","varchar(191)",n=>n.notNull()).addColumn("session_id","varchar(21)",n=>n.notNull()).addColumn("user_id","varchar(255)").addColumn("resource_servers","text",n=>n.notNull()).addColumn("device","text",n=>n.notNull()).addColumn("rotating","boolean",n=>n.notNull()).addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addPrimaryKeyConstraint("refresh_tokens_pk",["tenant_id","id"]).addForeignKeyConstraint("refresh_tokens_client_fk",["tenant_id","client_id"],"clients",["tenant_id","client_id"],n=>n.onDelete("cascade")).execute(),await t.schema.createTable("sessions").addColumn("id","varchar(21)",n=>n.notNull()).addColumn("tenant_id","varchar(191)",n=>n.notNull()).addColumn("user_id","varchar(255)").addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","text",n=>n.notNull()).addColumn("clients","text",n=>n.notNull()).addColumn("login_session_id","varchar(21)").addPrimaryKeyConstraint("sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("sessions_user_fk",["user_id","tenant_id"],"users",["user_id","tenant_id"],n=>n.onDelete("cascade")).execute(),await t.schema.createTable("login_sessions").addColumn("id","varchar(21)",n=>n.notNull()).addColumn("tenant_id","varchar(255)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)").addColumn("csrf_token","varchar(21)",n=>n.notNull()).addColumn("authParams_client_id","varchar(191)",n=>n.notNull()).addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","text").addColumn("authParams_state","text").addColumn("authParams_nonce","varchar(255)").addColumn("authParams_code_challenge_method","varchar(255)").addColumn("authParams_code_challenge","varchar(255)").addColumn("authParams_redirect_uri","text").addColumn("authParams_organization","varchar(255)").addColumn("authParams_prompt","varchar(32)").addColumn("authParams_act_as","varchar(256)").addColumn("authParams_ui_locales","varchar(32)").addColumn("authorization_url","text").addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addColumn("expires_at","varchar(35)",n=>n.notNull()).addColumn("ip","varchar(39)").addColumn("useragent","text").addColumn("auth0Client","varchar(255)").addColumn("login_completed","integer",n=>n.defaultTo(0)).addPrimaryKeyConstraint("login_sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("login_sessions_client_fk",["tenant_id","authParams_client_id"],"clients",["tenant_id","client_id"],n=>n.onDelete("cascade")).addForeignKeyConstraint("login_sessions_session_fk",["tenant_id","session_id"],"sessions",["tenant_id","id"],n=>n.onDelete("cascade")).execute(),await h.sql`INSERT INTO refresh_tokens
+      FROM login_sessions_backup`.execute(t),await h.sql`DROP TABLE sessions_backup`.execute(t),await h.sql`DROP TABLE login_sessions_backup`.execute(t),await h.sql`DROP TABLE refresh_tokens_backup`.execute(t)})}async function Kd(e){await e.transaction().execute(async t=>{const a=["sessions_backup","login_sessions_backup","refresh_tokens_backup"];for(const n of a)try{await h.sql`DROP TABLE IF EXISTS ${h.sql.raw(n)}`.execute(t)}catch(o){console.warn(`Failed to drop backup table ${n}:`,o)}await h.sql`CREATE TABLE sessions_backup AS SELECT * FROM sessions`.execute(t),await h.sql`CREATE TABLE login_sessions_backup AS SELECT * FROM login_sessions`.execute(t),await h.sql`CREATE TABLE refresh_tokens_backup AS SELECT * FROM refresh_tokens`.execute(t),await h.sql`DROP TABLE sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await h.sql`DROP TABLE refresh_tokens`.execute(t),await t.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",n=>n.notNull()).addColumn("tenant_id","varchar(255)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("client_id","varchar(191)",n=>n.notNull()).addColumn("session_id","varchar(21)",n=>n.notNull()).addColumn("user_id","varchar(255)").addColumn("resource_servers","text",n=>n.notNull()).addColumn("device","text",n=>n.notNull()).addColumn("rotating","boolean",n=>n.notNull()).addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addPrimaryKeyConstraint("refresh_tokens_pk",["tenant_id","id"]).addForeignKeyConstraint("refresh_tokens_client_fk",["tenant_id","client_id"],"clients",["tenant_id","client_id"],n=>n.onDelete("cascade")).execute(),await t.schema.createTable("sessions").addColumn("id","varchar(21)",n=>n.notNull()).addColumn("tenant_id","varchar(191)",n=>n.notNull()).addColumn("user_id","varchar(255)").addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","text",n=>n.notNull()).addColumn("clients","text",n=>n.notNull()).addColumn("login_session_id","varchar(21)").addPrimaryKeyConstraint("sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("sessions_user_fk",["user_id","tenant_id"],"users",["user_id","tenant_id"],n=>n.onDelete("cascade")).execute(),await t.schema.createTable("login_sessions").addColumn("id","varchar(21)",n=>n.notNull()).addColumn("tenant_id","varchar(255)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)").addColumn("csrf_token","varchar(21)",n=>n.notNull()).addColumn("authParams_client_id","varchar(191)",n=>n.notNull()).addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","text").addColumn("authParams_state","text").addColumn("authParams_nonce","varchar(255)").addColumn("authParams_code_challenge_method","varchar(255)").addColumn("authParams_code_challenge","varchar(255)").addColumn("authParams_redirect_uri","text").addColumn("authParams_organization","varchar(255)").addColumn("authParams_prompt","varchar(32)").addColumn("authParams_act_as","varchar(256)").addColumn("authParams_ui_locales","varchar(32)").addColumn("authorization_url","text").addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addColumn("expires_at","varchar(35)",n=>n.notNull()).addColumn("ip","varchar(39)").addColumn("useragent","text").addColumn("auth0Client","varchar(255)").addColumn("login_completed","integer",n=>n.defaultTo(0)).addPrimaryKeyConstraint("login_sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("login_sessions_client_fk",["tenant_id","authParams_client_id"],"clients",["tenant_id","client_id"],n=>n.onDelete("cascade")).addForeignKeyConstraint("login_sessions_session_fk",["tenant_id","session_id"],"sessions",["tenant_id","id"],n=>n.onDelete("cascade")).execute(),await h.sql`INSERT INTO refresh_tokens
       SELECT id, tenant_id, client_id, session_id, user_id, resource_servers, device, rotating,
              created_at, expires_at, idle_expires_at, last_exchanged_at
       FROM refresh_tokens_backup`.execute(t),await h.sql`INSERT INTO sessions
@@ -41,16 +41,16 @@
              authParams_nonce, authParams_code_challenge_method, authParams_code_challenge, authParams_redirect_uri,
              authParams_organization, authParams_prompt, authParams_act_as, authParams_ui_locales, authorization_url,
              created_at, updated_at, expires_at, ip, useragent, auth0Client, login_completed
-      FROM login_sessions_backup`.execute(t),await h.sql`DROP TABLE sessions_backup`.execute(t),await h.sql`DROP TABLE login_sessions_backup`.execute(t),await h.sql`DROP TABLE refresh_tokens_backup`.execute(t)})}async function zd(e){await Pe(e)==="mysql"?await Dd(e):await Ad(e)}async function Dd(e){await e.transaction().execute(async t=>{await h.sql`ALTER TABLE refresh_tokens DROP FOREIGN KEY refresh_tokens_client_fk`.execute(t),await h.sql`ALTER TABLE login_sessions DROP FOREIGN KEY login_sessions_client_fk`.execute(t),await h.sql`ALTER TABLE refresh_tokens DROP PRIMARY KEY`.execute(t),await h.sql`ALTER TABLE refresh_tokens ADD PRIMARY KEY (id)`.execute(t),await h.sql`ALTER TABLE sessions DROP PRIMARY KEY`.execute(t),await h.sql`ALTER TABLE sessions ADD PRIMARY KEY (id)`.execute(t),await h.sql`ALTER TABLE login_sessions DROP PRIMARY KEY`.execute(t),await h.sql`ALTER TABLE login_sessions ADD PRIMARY KEY (id)`.execute(t),await h.sql`ALTER TABLE refresh_tokens
+      FROM login_sessions_backup`.execute(t),await h.sql`DROP TABLE sessions_backup`.execute(t),await h.sql`DROP TABLE login_sessions_backup`.execute(t),await h.sql`DROP TABLE refresh_tokens_backup`.execute(t)})}async function Bd(e){await De(e)==="mysql"?await Ud(e):await Qd(e)}async function Ud(e){await e.transaction().execute(async t=>{await h.sql`ALTER TABLE refresh_tokens DROP FOREIGN KEY refresh_tokens_client_fk`.execute(t),await h.sql`ALTER TABLE login_sessions DROP FOREIGN KEY login_sessions_client_fk`.execute(t),await h.sql`ALTER TABLE refresh_tokens DROP PRIMARY KEY`.execute(t),await h.sql`ALTER TABLE refresh_tokens ADD PRIMARY KEY (id)`.execute(t),await h.sql`ALTER TABLE sessions DROP PRIMARY KEY`.execute(t),await h.sql`ALTER TABLE sessions ADD PRIMARY KEY (id)`.execute(t),await h.sql`ALTER TABLE login_sessions DROP PRIMARY KEY`.execute(t),await h.sql`ALTER TABLE login_sessions ADD PRIMARY KEY (id)`.execute(t),await h.sql`ALTER TABLE refresh_tokens
       ADD CONSTRAINT refresh_tokens_application_fk
       FOREIGN KEY (client_id) REFERENCES applications(id) ON DELETE CASCADE`.execute(t),await h.sql`ALTER TABLE login_sessions
       ADD CONSTRAINT login_sessions_application_fk
-      FOREIGN KEY (authParams_client_id) REFERENCES applications(id) ON DELETE CASCADE`.execute(t)})}async function Ad(e){await e.transaction().execute(async t=>{await h.sql`CREATE TABLE refresh_tokens_temp AS SELECT * FROM refresh_tokens`.execute(t),await h.sql`DROP TABLE refresh_tokens`.execute(t),await t.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("client_id","varchar(21)",a=>a.references("applications.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)",a=>a.notNull()).addColumn("user_id","varchar(255)").addColumn("resource_servers","varchar(255)",a=>a.notNull()).addColumn("device","varchar(255)",a=>a.notNull()).addColumn("rotating","boolean",a=>a.notNull()).addColumn("created_at","varchar(35)",a=>a.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").execute(),await h.sql`INSERT INTO refresh_tokens
+      FOREIGN KEY (authParams_client_id) REFERENCES applications(id) ON DELETE CASCADE`.execute(t)})}async function Qd(e){await e.transaction().execute(async t=>{await h.sql`CREATE TABLE refresh_tokens_temp AS SELECT * FROM refresh_tokens`.execute(t),await h.sql`DROP TABLE refresh_tokens`.execute(t),await t.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("client_id","varchar(21)",a=>a.references("applications.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)",a=>a.notNull()).addColumn("user_id","varchar(255)").addColumn("resource_servers","varchar(255)",a=>a.notNull()).addColumn("device","varchar(255)",a=>a.notNull()).addColumn("rotating","boolean",a=>a.notNull()).addColumn("created_at","varchar(35)",a=>a.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").execute(),await h.sql`INSERT INTO refresh_tokens
       SELECT id, tenant_id, client_id, session_id, user_id, resource_servers, device, rotating,
              created_at, expires_at, idle_expires_at, last_exchanged_at
       FROM refresh_tokens_temp`.execute(t),await h.sql`DROP TABLE refresh_tokens_temp`.execute(t),await h.sql`CREATE TABLE login_sessions_temp AS SELECT * FROM login_sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await t.schema.createTable("login_sessions").addColumn("id","varchar(21)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)").addColumn("csrf_token","varchar(21)",a=>a.notNull()).addColumn("authParams_client_id","varchar(191)",a=>a.references("applications.id").onDelete("cascade").notNull()).execute(),await h.sql`INSERT INTO login_sessions (id, tenant_id, session_id, csrf_token, authParams_client_id)
       SELECT id, tenant_id, session_id, csrf_token, authParams_client_id
-      FROM login_sessions_temp`.execute(t),await h.sql`DROP TABLE login_sessions_temp`.execute(t)})}const Fd=Object.freeze(Object.defineProperty({__proto__:null,down:zd,up:Ed},Symbol.toStringTag,{value:"Module"}));async function jd(e){await e.schema.createTable("client_grants").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull().references("tenants.id").onDelete("cascade")).addColumn("client_id","varchar(191)",t=>t.notNull()).addColumn("audience","varchar(191)",t=>t.notNull()).addColumn("scope","text",t=>t.defaultTo("[]")).addColumn("organization_usage","varchar(32)").addColumn("allow_any_organization","integer",t=>t.defaultTo(0)).addColumn("is_system","integer",t=>t.defaultTo(0)).addColumn("subject_type","varchar(32)").addColumn("authorization_details_types","text",t=>t.defaultTo("[]")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("pk_client_grants",["tenant_id","id"]).addForeignKeyConstraint("fk_client_grants_clients",["tenant_id","client_id"],"clients",["tenant_id","client_id"],t=>t.onDelete("cascade")).execute(),await e.schema.createIndex("uq_client_grants_tenant_client_audience").on("client_grants").columns(["tenant_id","client_id","audience"]).unique().execute(),await e.schema.createIndex("idx_client_grants_audience").on("client_grants").columns(["audience"]).execute()}async function Rd(e){await e.schema.dropTable("client_grants").execute()}const Md=Object.freeze(Object.defineProperty({__proto__:null,down:Rd,up:jd},Symbol.toStringTag,{value:"Module"}));async function Jd(e){await e.schema.dropTable("applications").execute()}async function qd(e){await e.schema.createTable("applications").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull().references("tenants.id").onDelete("cascade")).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("client_secret","varchar(255)").addColumn("callbacks","text",t=>t.defaultTo("[]")).addColumn("allowed_origins","text",t=>t.defaultTo("[]")).addColumn("web_origins","text",t=>t.defaultTo("[]")).addColumn("allowed_logout_urls","text",t=>t.defaultTo("[]")).addColumn("allowed_clients","text",t=>t.defaultTo("[]")).addColumn("disable_sign_ups","integer",t=>t.defaultTo(0)).addColumn("addons","text",t=>t.defaultTo("{}")).addColumn("client_metadata","text",t=>t.defaultTo("{}")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("pk_applications",["tenant_id","id"]).execute(),await e.schema.createIndex("idx_applications_tenant_id").on("applications").columns(["tenant_id"]).execute()}const Ld=Object.freeze(Object.defineProperty({__proto__:null,down:qd,up:Jd},Symbol.toStringTag,{value:"Module"}));async function Kd(e){await e.schema.createIndex("users_phone_tenant_provider_index").on("users").columns(["tenant_id","phone_number","provider"]).execute()}async function Bd(e){await e.schema.dropIndex("users_phone_tenant_provider_index").execute()}const Ud=Object.freeze(Object.defineProperty({__proto__:null,down:Bd,up:Kd},Symbol.toStringTag,{value:"Module"}));async function Qd(e){await e.schema.createIndex("login_sessions_id_index").on("login_sessions").column("id").execute()}async function Wd(e){await e.schema.dropIndex("login_sessions_id_index").execute()}const Yd=Object.freeze(Object.defineProperty({__proto__:null,down:Wd,up:Qd},Symbol.toStringTag,{value:"Module"}));async function Hd(e){await e.schema.createIndex("connections_tenant_id_index").on("connections").column("tenant_id").execute()}async function Gd(e){await e.schema.dropIndex("connections_tenant_id_index").execute()}const Xd=Object.freeze(Object.defineProperty({__proto__:null,down:Gd,up:Hd},Symbol.toStringTag,{value:"Module"}));async function Vd(e){await e.schema.dropIndex("idx_user_organizations_tenant_id").execute()}async function Zd(e){await e.schema.createIndex("idx_user_organizations_tenant_id").on("user_organizations").column("tenant_id").execute()}const eu=Object.freeze(Object.defineProperty({__proto__:null,down:Zd,up:Vd},Symbol.toStringTag,{value:"Module"}));async function tu(e){await e.schema.createTable("tenant_settings").addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull().primaryKey()).addColumn("idle_session_lifetime","integer").addColumn("session_lifetime","integer").addColumn("session_cookie","text").addColumn("enable_client_connections","integer").addColumn("default_redirection_uri","text").addColumn("enabled_locales","text").addColumn("default_directory","varchar(255)").addColumn("error_page","text").addColumn("flags","text").addColumn("friendly_name","varchar(255)").addColumn("picture_url","text").addColumn("support_email","varchar(255)").addColumn("support_url","text").addColumn("sandbox_version","varchar(50)").addColumn("sandbox_versions_available","text").addColumn("change_password","text").addColumn("guardian_mfa_page","text").addColumn("default_audience","varchar(255)").addColumn("default_organization","varchar(255)").addColumn("sessions","text").execute()}async function au(e){await e.schema.dropTable("tenant_settings").execute()}const nu=Object.freeze(Object.defineProperty({__proto__:null,down:au,up:tu},Symbol.toStringTag,{value:"Module"}));async function ou(e){if(await e.schema.alterTable("tenants").addColumn("idle_session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("session_cookie","text").execute(),await e.schema.alterTable("tenants").addColumn("allowed_logout_urls","text").execute(),await e.schema.alterTable("tenants").addColumn("ephemeral_session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("idle_ephemeral_session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("default_redirection_uri","text").execute(),await e.schema.alterTable("tenants").addColumn("enabled_locales","text").execute(),await e.schema.alterTable("tenants").addColumn("default_directory","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("error_page","text").execute(),await e.schema.alterTable("tenants").addColumn("flags","text").execute(),await e.schema.alterTable("tenants").addColumn("friendly_name","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("picture_url","text").execute(),await e.schema.alterTable("tenants").addColumn("support_email","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("sandbox_version","varchar(50)").execute(),await e.schema.alterTable("tenants").addColumn("sandbox_versions_available","text").execute(),await e.schema.alterTable("tenants").addColumn("legacy_sandbox_version","varchar(50)").execute(),await e.schema.alterTable("tenants").addColumn("change_password","text").execute(),await e.schema.alterTable("tenants").addColumn("guardian_mfa_page","text").execute(),await e.schema.alterTable("tenants").addColumn("device_flow","text").execute(),await e.schema.alterTable("tenants").addColumn("default_token_quota","text").execute(),await e.schema.alterTable("tenants").addColumn("default_audience","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("default_organization","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("sessions","text").execute(),await e.schema.alterTable("tenants").addColumn("oidc_logout","text").execute(),await e.schema.alterTable("tenants").addColumn("allow_organization_name_in_authentication_api","integer").execute(),await e.schema.alterTable("tenants").addColumn("customize_mfa_in_postlogin_action","integer").execute(),await e.schema.alterTable("tenants").addColumn("acr_values_supported","text").execute(),await e.schema.alterTable("tenants").addColumn("mtls","text").execute(),await e.schema.alterTable("tenants").addColumn("pushed_authorization_requests_supported","integer").execute(),await e.schema.alterTable("tenants").addColumn("authorization_response_iss_parameter_supported","integer").execute(),await e.updateTable("tenants").set({friendly_name:h.sql`name`}).execute(),await e.schema.alterTable("tenants").dropColumn("language").execute(),await e.schema.alterTable("tenants").dropColumn("logo").execute(),await e.schema.alterTable("tenants").dropColumn("primary_color").execute(),await e.schema.alterTable("tenants").dropColumn("secondary_color").execute(),await e.schema.alterTable("tenants").dropColumn("name").execute(),(await e.selectFrom("tenant_settings").select("tenant_id").limit(1).execute()).length>0){const a=await e.selectFrom("tenant_settings").selectAll().execute();for(const n of a)await e.updateTable("tenants").set({idle_session_lifetime:n.idle_session_lifetime,session_lifetime:n.session_lifetime,session_cookie:n.session_cookie,enable_client_connections:n.enable_client_connections,default_redirection_uri:n.default_redirection_uri,enabled_locales:n.enabled_locales,default_directory:n.default_directory,error_page:n.error_page,flags:n.flags,friendly_name:n.friendly_name,picture_url:n.picture_url,support_email:n.support_email,support_url:n.support_url,sandbox_version:n.sandbox_version,sandbox_versions_available:n.sandbox_versions_available,change_password:n.change_password,guardian_mfa_page:n.guardian_mfa_page,default_audience:n.default_audience,default_organization:n.default_organization,sessions:n.sessions}).where("id","=",n.tenant_id).execute()}await e.schema.dropTable("tenant_settings").execute()}async function ru(e){await e.schema.createTable("tenant_settings").addColumn("tenant_id","varchar(191)",a=>a.references("tenants.id").onDelete("cascade").notNull().primaryKey()).addColumn("idle_session_lifetime","integer").addColumn("session_lifetime","integer").addColumn("session_cookie","text").addColumn("enable_client_connections","integer").addColumn("default_redirection_uri","text").addColumn("enabled_locales","text").addColumn("default_directory","varchar(255)").addColumn("error_page","text").addColumn("flags","text").addColumn("friendly_name","varchar(255)").addColumn("picture_url","text").addColumn("support_email","varchar(255)").addColumn("support_url","text").addColumn("sandbox_version","varchar(50)").addColumn("sandbox_versions_available","text").addColumn("change_password","text").addColumn("guardian_mfa_page","text").addColumn("default_audience","varchar(255)").addColumn("default_organization","varchar(255)").addColumn("sessions","text").execute();const t=await e.selectFrom("tenants").select(["id","idle_session_lifetime","session_lifetime","session_cookie","enable_client_connections","default_redirection_uri","enabled_locales","default_directory","error_page","flags","friendly_name","picture_url","support_email","support_url","sandbox_version","sandbox_versions_available","change_password","guardian_mfa_page","default_audience","default_organization","sessions"]).execute();for(const a of t)(a.idle_session_lifetime!==null||a.session_lifetime!==null||a.session_cookie!==null||a.enable_client_connections!==null||a.default_redirection_uri!==null||a.enabled_locales!==null||a.default_directory!==null||a.error_page!==null||a.flags!==null||a.friendly_name!==null||a.picture_url!==null||a.support_email!==null||a.support_url!==null||a.sandbox_version!==null||a.sandbox_versions_available!==null||a.change_password!==null||a.guardian_mfa_page!==null||a.default_audience!==null||a.default_organization!==null||a.sessions!==null)&&await e.insertInto("tenant_settings").values({tenant_id:a.id,idle_session_lifetime:a.idle_session_lifetime,session_lifetime:a.session_lifetime,session_cookie:a.session_cookie,enable_client_connections:a.enable_client_connections,default_redirection_uri:a.default_redirection_uri,enabled_locales:a.enabled_locales,default_directory:a.default_directory,error_page:a.error_page,flags:a.flags,friendly_name:a.friendly_name,picture_url:a.picture_url,support_email:a.support_email,support_url:a.support_url,sandbox_version:a.sandbox_version,sandbox_versions_available:a.sandbox_versions_available,change_password:a.change_password,guardian_mfa_page:a.guardian_mfa_page,default_audience:a.default_audience,default_organization:a.default_organization,sessions:a.sessions}).execute();await e.schema.alterTable("tenants").dropColumn("idle_session_lifetime").dropColumn("session_lifetime").dropColumn("session_cookie").dropColumn("enable_client_connections").dropColumn("default_redirection_uri").dropColumn("enabled_locales").dropColumn("default_directory").dropColumn("error_page").dropColumn("flags").dropColumn("friendly_name").dropColumn("picture_url").dropColumn("support_email").dropColumn("sandbox_version").dropColumn("sandbox_versions_available").dropColumn("change_password").dropColumn("guardian_mfa_page").dropColumn("default_audience").dropColumn("default_organization").dropColumn("sessions").execute(),await e.schema.alterTable("tenants").addColumn("name","varchar(255)").execute(),await e.updateTable("tenants").set({name:h.sql`COALESCE(friendly_name, id)`}).execute(),await e.schema.alterTable("tenants").addColumn("language","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("logo","text").execute(),await e.schema.alterTable("tenants").addColumn("primary_color","varchar(50)").execute(),await e.schema.alterTable("tenants").addColumn("secondary_color","varchar(50)").execute()}const su=Object.freeze(Object.defineProperty({__proto__:null,down:ru,up:ou},Symbol.toStringTag,{value:"Module"}));async function iu(e){await e.schema.createTable("invites").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull()).addColumn("inviter","text",t=>t.notNull()).addColumn("invitee","text",t=>t.notNull()).addColumn("client_id","varchar(191)",t=>t.notNull()).addColumn("connection_id","varchar(21)").addColumn("invitation_url","text",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)",t=>t.notNull()).addColumn("app_metadata","text").addColumn("user_metadata","text").addColumn("roles","text").addColumn("ticket_id","varchar(191)").addColumn("ttl_sec","integer").addColumn("send_invitation_email","integer").execute(),await e.schema.createIndex("idx_invites_tenant_id").on("invites").column("tenant_id").execute(),await e.schema.createIndex("idx_invites_organization_id").on("invites").column("organization_id").execute(),await e.schema.createIndex("idx_invites_expires_at").on("invites").column("expires_at").execute(),await e.schema.createIndex("idx_invites_tenant_created").on("invites").columns(["tenant_id","created_at"]).execute()}async function cu(e){await e.schema.dropTable("invites").execute()}const lu=Object.freeze(Object.defineProperty({__proto__:null,down:cu,up:iu},Symbol.toStringTag,{value:"Module"}));async function du(e){await e.schema.dropTable("logs").ifExists().execute(),await e.schema.createTable("logs").addColumn("log_id","varchar(21)",t=>t.primaryKey().notNull()).addColumn("category","varchar(255)").addColumn("tenant_id","varchar(64)").addColumn("user_id","varchar(64)").addColumn("ip","varchar(255)").addColumn("type","varchar(8)",t=>t.notNull()).addColumn("date","varchar(25)",t=>t.notNull()).addColumn("client_id","varchar(255)").addColumn("client_name","varchar(255)").addColumn("user_agent","varchar(255)").addColumn("description","varchar(255)").addColumn("details","varchar(2048)").addColumn("isMobile","integer").addColumn("user_name","varchar(255)").addColumn("connection","varchar(255)").addColumn("connection_id","varchar(255)").addColumn("audience","varchar(255)").addColumn("scope","varchar(255)").addColumn("strategy","varchar(255)").addColumn("strategy_type","varchar(255)").addColumn("hostname","varchar(255)").addColumn("auth0_client","varchar(8192)").addColumn("session_connection","varchar(255)").execute()}async function uu(e){await e.schema.dropTable("logs").ifExists().execute(),await e.schema.createTable("logs").addColumn("id","varchar(255)",t=>t.primaryKey().notNull()).addColumn("category","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(64)").addColumn("user_id","varchar(64)").addColumn("ip","varchar(255)").addColumn("type","varchar(8)",t=>t.notNull()).addColumn("date","varchar(25)",t=>t.notNull()).addColumn("client_id","varchar(255)").addColumn("client_name","varchar(255)").addColumn("user_agent","varchar(255)").addColumn("description","varchar(255)").addColumn("details","varchar(2048)").execute()}const _u=Object.freeze(Object.defineProperty({__proto__:null,down:uu,up:du},Symbol.toStringTag,{value:"Module"}));async function mu(e){await e.schema.alterTable("logs").addColumn("country_code","varchar(2)").execute(),await e.schema.alterTable("logs").addColumn("city_name","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("latitude","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("longitude","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("time_zone","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("continent_code","varchar(2)").execute()}async function hu(e){await e.schema.alterTable("logs").dropColumn("country_code").execute(),await e.schema.alterTable("logs").dropColumn("city_name").execute(),await e.schema.alterTable("logs").dropColumn("latitude").execute(),await e.schema.alterTable("logs").dropColumn("longitude").execute(),await e.schema.alterTable("logs").dropColumn("time_zone").execute(),await e.schema.alterTable("logs").dropColumn("continent_code").execute()}const pu=Object.freeze(Object.defineProperty({__proto__:null,down:hu,up:mu},Symbol.toStringTag,{value:"Module"})),q=1e3;async function fu(e){await e.schema.createTable("password_history").addColumn("id","varchar(21)",n=>n.primaryKey()).addColumn("user_id","varchar(191)",n=>n.notNull()).addColumn("tenant_id","varchar(191)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("password","varchar(255)",n=>n.notNull()).addColumn("algorithm","varchar(255)",n=>n.notNull().defaultTo("bcrypt")).addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addColumn("is_current","integer",n=>n.notNull().defaultTo(1)).addForeignKeyConstraint("password_history_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],n=>n.onDelete("cascade")).execute();let t=0,a=!0;for(;a;){const n=await e.selectFrom("passwords").select(["user_id","tenant_id","password","algorithm","created_at","updated_at"]).limit(q).offset(t).execute();if(n.length===0){a=!1;break}for(const o of n)await e.insertInto("password_history").values({id:S.nanoid(),user_id:o.user_id,tenant_id:o.tenant_id,password:o.password,algorithm:o.algorithm??"bcrypt",created_at:o.created_at,updated_at:o.updated_at??o.created_at,is_current:1}).execute();t+=q,n.length<q&&(a=!1)}await e.schema.alterTable("passwords").renameTo("passwords_backup").execute(),await e.schema.alterTable("password_history").renameTo("passwords").execute()}async function gu(e){await e.schema.alterTable("passwords").renameTo("password_history").execute();try{await e.schema.alterTable("passwords_backup").renameTo("passwords").execute()}catch{await e.schema.createTable("passwords").addColumn("user_id","varchar(255)",n=>n.notNull()).addColumn("tenant_id","varchar(255)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("password","varchar(255)",n=>n.notNull()).addColumn("algorithm","varchar(255)",n=>n.notNull().defaultTo("bcrypt")).addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addPrimaryKeyConstraint("passwords_pkey",["user_id","tenant_id"]).addForeignKeyConstraint("passwords_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],n=>n.onDelete("cascade")).execute();let t=0,a=!0;for(;a;){const n=await e.selectFrom("password_history").select(["user_id","tenant_id","password","algorithm","created_at","updated_at"]).where("is_current","=",1).limit(q).offset(t).execute();if(n.length===0){a=!1;break}for(const o of n)await e.insertInto("passwords").values({user_id:o.user_id,tenant_id:o.tenant_id,password:o.password,algorithm:o.algorithm,created_at:o.created_at,updated_at:o.updated_at}).execute();t+=q,n.length<q&&(a=!1)}}await e.schema.dropTable("password_history").execute()}const wu=Object.freeze(Object.defineProperty({__proto__:null,down:gu,up:fu},Symbol.toStringTag,{value:"Module"}));async function yu(e){await e.schema.alterTable("connections").addColumn("display_name","varchar(255)").execute(),await e.schema.alterTable("connections").addColumn("is_domain_connection","integer").execute(),await e.schema.alterTable("connections").addColumn("show_as_button","integer").execute(),await e.schema.alterTable("connections").addColumn("metadata","varchar(4096)").execute()}async function vu(e){await e.schema.alterTable("connections").dropColumn("display_name").execute(),await e.schema.alterTable("connections").dropColumn("is_domain_connection").execute(),await e.schema.alterTable("connections").dropColumn("show_as_button").execute(),await e.schema.alterTable("connections").dropColumn("metadata").execute()}const Cu=Object.freeze(Object.defineProperty({__proto__:null,down:vu,up:yu},Symbol.toStringTag,{value:"Module"}));async function xu(e){await e.schema.alterTable("clients").addColumn("connections","text",t=>t.notNull().defaultTo("[]")).execute()}async function Tu(e){await e.schema.alterTable("clients").dropColumn("connections").execute()}const Nu=Object.freeze(Object.defineProperty({__proto__:null,down:Tu,up:xu},Symbol.toStringTag,{value:"Module"}));async function bu(e){await e.schema.createTable("flows").addColumn("id","varchar(24)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(150)",t=>t.notNull()).addColumn("actions","text").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.createIndex("flows_tenant_id_idx").on("flows").column("tenant_id").execute(),await e.schema.dropTable("passwords_backup").execute()}async function Su(e){await e.schema.dropTable("flows").execute()}const ku=Object.freeze(Object.defineProperty({__proto__:null,down:Su,up:bu},Symbol.toStringTag,{value:"Module"}));async function Ou(e){await e.schema.alterTable("resource_servers").addColumn("is_system","integer",t=>t.defaultTo(0).notNull()).execute(),await e.schema.alterTable("roles").addColumn("is_system","integer",t=>t.defaultTo(0).notNull()).execute(),await e.schema.alterTable("connections").addColumn("is_system","integer",t=>t.defaultTo(0).notNull()).execute()}async function $u(e){await e.schema.alterTable("resource_servers").dropColumn("is_system").execute(),await e.schema.alterTable("roles").dropColumn("is_system").execute(),await e.schema.alterTable("connections").dropColumn("is_system").execute()}const Eu=Object.freeze(Object.defineProperty({__proto__:null,down:$u,up:Ou},Symbol.toStringTag,{value:"Module"}));async function Pu(e){const t=await e.selectFrom("keys").selectAll().execute();await e.schema.dropTable("keys").execute(),await h.sql`ALTER TABLE connections RENAME TO connections_old`.execute(e),await e.schema.createTable("connections").addColumn("id","varchar(255)",a=>a.notNull()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",a=>a.notNull()).addColumn("response_type","varchar(255)").addColumn("response_mode","varchar(255)").addColumn("strategy","varchar(64)").addColumn("options","varchar(8192)",a=>a.defaultTo("{}").notNull()).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("updated_at","varchar(255)",a=>a.notNull()).addColumn("display_name","varchar(255)").addColumn("is_domain_connection","integer").addColumn("show_as_button","integer").addColumn("metadata","varchar(4096)").addColumn("is_system","integer",a=>a.defaultTo(0).notNull()).addPrimaryKeyConstraint("connections_pkey",["tenant_id","id"]).execute(),await h.sql`
+      FROM login_sessions_temp`.execute(t),await h.sql`DROP TABLE login_sessions_temp`.execute(t)})}const Wd=Object.freeze(Object.defineProperty({__proto__:null,down:Bd,up:qd},Symbol.toStringTag,{value:"Module"}));async function Yd(e){await e.schema.createTable("client_grants").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull().references("tenants.id").onDelete("cascade")).addColumn("client_id","varchar(191)",t=>t.notNull()).addColumn("audience","varchar(191)",t=>t.notNull()).addColumn("scope","text",t=>t.defaultTo("[]")).addColumn("organization_usage","varchar(32)").addColumn("allow_any_organization","integer",t=>t.defaultTo(0)).addColumn("is_system","integer",t=>t.defaultTo(0)).addColumn("subject_type","varchar(32)").addColumn("authorization_details_types","text",t=>t.defaultTo("[]")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("pk_client_grants",["tenant_id","id"]).addForeignKeyConstraint("fk_client_grants_clients",["tenant_id","client_id"],"clients",["tenant_id","client_id"],t=>t.onDelete("cascade")).execute(),await e.schema.createIndex("uq_client_grants_tenant_client_audience").on("client_grants").columns(["tenant_id","client_id","audience"]).unique().execute(),await e.schema.createIndex("idx_client_grants_audience").on("client_grants").columns(["audience"]).execute()}async function Hd(e){await e.schema.dropTable("client_grants").execute()}const Gd=Object.freeze(Object.defineProperty({__proto__:null,down:Hd,up:Yd},Symbol.toStringTag,{value:"Module"}));async function Vd(e){await e.schema.dropTable("applications").execute()}async function Xd(e){await e.schema.createTable("applications").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull().references("tenants.id").onDelete("cascade")).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("client_secret","varchar(255)").addColumn("callbacks","text",t=>t.defaultTo("[]")).addColumn("allowed_origins","text",t=>t.defaultTo("[]")).addColumn("web_origins","text",t=>t.defaultTo("[]")).addColumn("allowed_logout_urls","text",t=>t.defaultTo("[]")).addColumn("allowed_clients","text",t=>t.defaultTo("[]")).addColumn("disable_sign_ups","integer",t=>t.defaultTo(0)).addColumn("addons","text",t=>t.defaultTo("{}")).addColumn("client_metadata","text",t=>t.defaultTo("{}")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("pk_applications",["tenant_id","id"]).execute(),await e.schema.createIndex("idx_applications_tenant_id").on("applications").columns(["tenant_id"]).execute()}const Zd=Object.freeze(Object.defineProperty({__proto__:null,down:Xd,up:Vd},Symbol.toStringTag,{value:"Module"}));async function eu(e){await e.schema.createIndex("users_phone_tenant_provider_index").on("users").columns(["tenant_id","phone_number","provider"]).execute()}async function tu(e){await e.schema.dropIndex("users_phone_tenant_provider_index").execute()}const au=Object.freeze(Object.defineProperty({__proto__:null,down:tu,up:eu},Symbol.toStringTag,{value:"Module"}));async function nu(e){await e.schema.createIndex("login_sessions_id_index").on("login_sessions").column("id").execute()}async function ou(e){await e.schema.dropIndex("login_sessions_id_index").execute()}const ru=Object.freeze(Object.defineProperty({__proto__:null,down:ou,up:nu},Symbol.toStringTag,{value:"Module"}));async function su(e){await e.schema.createIndex("connections_tenant_id_index").on("connections").column("tenant_id").execute()}async function iu(e){await e.schema.dropIndex("connections_tenant_id_index").execute()}const cu=Object.freeze(Object.defineProperty({__proto__:null,down:iu,up:su},Symbol.toStringTag,{value:"Module"}));async function lu(e){await e.schema.dropIndex("idx_user_organizations_tenant_id").execute()}async function du(e){await e.schema.createIndex("idx_user_organizations_tenant_id").on("user_organizations").column("tenant_id").execute()}const uu=Object.freeze(Object.defineProperty({__proto__:null,down:du,up:lu},Symbol.toStringTag,{value:"Module"}));async function _u(e){await e.schema.createTable("tenant_settings").addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull().primaryKey()).addColumn("idle_session_lifetime","integer").addColumn("session_lifetime","integer").addColumn("session_cookie","text").addColumn("enable_client_connections","integer").addColumn("default_redirection_uri","text").addColumn("enabled_locales","text").addColumn("default_directory","varchar(255)").addColumn("error_page","text").addColumn("flags","text").addColumn("friendly_name","varchar(255)").addColumn("picture_url","text").addColumn("support_email","varchar(255)").addColumn("support_url","text").addColumn("sandbox_version","varchar(50)").addColumn("sandbox_versions_available","text").addColumn("change_password","text").addColumn("guardian_mfa_page","text").addColumn("default_audience","varchar(255)").addColumn("default_organization","varchar(255)").addColumn("sessions","text").execute()}async function mu(e){await e.schema.dropTable("tenant_settings").execute()}const hu=Object.freeze(Object.defineProperty({__proto__:null,down:mu,up:_u},Symbol.toStringTag,{value:"Module"}));async function pu(e){if(await e.schema.alterTable("tenants").addColumn("idle_session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("session_cookie","text").execute(),await e.schema.alterTable("tenants").addColumn("allowed_logout_urls","text").execute(),await e.schema.alterTable("tenants").addColumn("ephemeral_session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("idle_ephemeral_session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("default_redirection_uri","text").execute(),await e.schema.alterTable("tenants").addColumn("enabled_locales","text").execute(),await e.schema.alterTable("tenants").addColumn("default_directory","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("error_page","text").execute(),await e.schema.alterTable("tenants").addColumn("flags","text").execute(),await e.schema.alterTable("tenants").addColumn("friendly_name","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("picture_url","text").execute(),await e.schema.alterTable("tenants").addColumn("support_email","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("sandbox_version","varchar(50)").execute(),await e.schema.alterTable("tenants").addColumn("sandbox_versions_available","text").execute(),await e.schema.alterTable("tenants").addColumn("legacy_sandbox_version","varchar(50)").execute(),await e.schema.alterTable("tenants").addColumn("change_password","text").execute(),await e.schema.alterTable("tenants").addColumn("guardian_mfa_page","text").execute(),await e.schema.alterTable("tenants").addColumn("device_flow","text").execute(),await e.schema.alterTable("tenants").addColumn("default_token_quota","text").execute(),await e.schema.alterTable("tenants").addColumn("default_audience","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("default_organization","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("sessions","text").execute(),await e.schema.alterTable("tenants").addColumn("oidc_logout","text").execute(),await e.schema.alterTable("tenants").addColumn("allow_organization_name_in_authentication_api","integer").execute(),await e.schema.alterTable("tenants").addColumn("customize_mfa_in_postlogin_action","integer").execute(),await e.schema.alterTable("tenants").addColumn("acr_values_supported","text").execute(),await e.schema.alterTable("tenants").addColumn("mtls","text").execute(),await e.schema.alterTable("tenants").addColumn("pushed_authorization_requests_supported","integer").execute(),await e.schema.alterTable("tenants").addColumn("authorization_response_iss_parameter_supported","integer").execute(),await e.updateTable("tenants").set({friendly_name:h.sql`name`}).execute(),await e.schema.alterTable("tenants").dropColumn("language").execute(),await e.schema.alterTable("tenants").dropColumn("logo").execute(),await e.schema.alterTable("tenants").dropColumn("primary_color").execute(),await e.schema.alterTable("tenants").dropColumn("secondary_color").execute(),await e.schema.alterTable("tenants").dropColumn("name").execute(),(await e.selectFrom("tenant_settings").select("tenant_id").limit(1).execute()).length>0){const a=await e.selectFrom("tenant_settings").selectAll().execute();for(const n of a)await e.updateTable("tenants").set({idle_session_lifetime:n.idle_session_lifetime,session_lifetime:n.session_lifetime,session_cookie:n.session_cookie,enable_client_connections:n.enable_client_connections,default_redirection_uri:n.default_redirection_uri,enabled_locales:n.enabled_locales,default_directory:n.default_directory,error_page:n.error_page,flags:n.flags,friendly_name:n.friendly_name,picture_url:n.picture_url,support_email:n.support_email,support_url:n.support_url,sandbox_version:n.sandbox_version,sandbox_versions_available:n.sandbox_versions_available,change_password:n.change_password,guardian_mfa_page:n.guardian_mfa_page,default_audience:n.default_audience,default_organization:n.default_organization,sessions:n.sessions}).where("id","=",n.tenant_id).execute()}await e.schema.dropTable("tenant_settings").execute()}async function fu(e){await e.schema.createTable("tenant_settings").addColumn("tenant_id","varchar(191)",a=>a.references("tenants.id").onDelete("cascade").notNull().primaryKey()).addColumn("idle_session_lifetime","integer").addColumn("session_lifetime","integer").addColumn("session_cookie","text").addColumn("enable_client_connections","integer").addColumn("default_redirection_uri","text").addColumn("enabled_locales","text").addColumn("default_directory","varchar(255)").addColumn("error_page","text").addColumn("flags","text").addColumn("friendly_name","varchar(255)").addColumn("picture_url","text").addColumn("support_email","varchar(255)").addColumn("support_url","text").addColumn("sandbox_version","varchar(50)").addColumn("sandbox_versions_available","text").addColumn("change_password","text").addColumn("guardian_mfa_page","text").addColumn("default_audience","varchar(255)").addColumn("default_organization","varchar(255)").addColumn("sessions","text").execute();const t=await e.selectFrom("tenants").select(["id","idle_session_lifetime","session_lifetime","session_cookie","enable_client_connections","default_redirection_uri","enabled_locales","default_directory","error_page","flags","friendly_name","picture_url","support_email","support_url","sandbox_version","sandbox_versions_available","change_password","guardian_mfa_page","default_audience","default_organization","sessions"]).execute();for(const a of t)(a.idle_session_lifetime!==null||a.session_lifetime!==null||a.session_cookie!==null||a.enable_client_connections!==null||a.default_redirection_uri!==null||a.enabled_locales!==null||a.default_directory!==null||a.error_page!==null||a.flags!==null||a.friendly_name!==null||a.picture_url!==null||a.support_email!==null||a.support_url!==null||a.sandbox_version!==null||a.sandbox_versions_available!==null||a.change_password!==null||a.guardian_mfa_page!==null||a.default_audience!==null||a.default_organization!==null||a.sessions!==null)&&await e.insertInto("tenant_settings").values({tenant_id:a.id,idle_session_lifetime:a.idle_session_lifetime,session_lifetime:a.session_lifetime,session_cookie:a.session_cookie,enable_client_connections:a.enable_client_connections,default_redirection_uri:a.default_redirection_uri,enabled_locales:a.enabled_locales,default_directory:a.default_directory,error_page:a.error_page,flags:a.flags,friendly_name:a.friendly_name,picture_url:a.picture_url,support_email:a.support_email,support_url:a.support_url,sandbox_version:a.sandbox_version,sandbox_versions_available:a.sandbox_versions_available,change_password:a.change_password,guardian_mfa_page:a.guardian_mfa_page,default_audience:a.default_audience,default_organization:a.default_organization,sessions:a.sessions}).execute();await e.schema.alterTable("tenants").dropColumn("idle_session_lifetime").dropColumn("session_lifetime").dropColumn("session_cookie").dropColumn("enable_client_connections").dropColumn("default_redirection_uri").dropColumn("enabled_locales").dropColumn("default_directory").dropColumn("error_page").dropColumn("flags").dropColumn("friendly_name").dropColumn("picture_url").dropColumn("support_email").dropColumn("sandbox_version").dropColumn("sandbox_versions_available").dropColumn("change_password").dropColumn("guardian_mfa_page").dropColumn("default_audience").dropColumn("default_organization").dropColumn("sessions").execute(),await e.schema.alterTable("tenants").addColumn("name","varchar(255)").execute(),await e.updateTable("tenants").set({name:h.sql`COALESCE(friendly_name, id)`}).execute(),await e.schema.alterTable("tenants").addColumn("language","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("logo","text").execute(),await e.schema.alterTable("tenants").addColumn("primary_color","varchar(50)").execute(),await e.schema.alterTable("tenants").addColumn("secondary_color","varchar(50)").execute()}const gu=Object.freeze(Object.defineProperty({__proto__:null,down:fu,up:pu},Symbol.toStringTag,{value:"Module"}));async function wu(e){await e.schema.createTable("invites").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull()).addColumn("inviter","text",t=>t.notNull()).addColumn("invitee","text",t=>t.notNull()).addColumn("client_id","varchar(191)",t=>t.notNull()).addColumn("connection_id","varchar(21)").addColumn("invitation_url","text",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)",t=>t.notNull()).addColumn("app_metadata","text").addColumn("user_metadata","text").addColumn("roles","text").addColumn("ticket_id","varchar(191)").addColumn("ttl_sec","integer").addColumn("send_invitation_email","integer").execute(),await e.schema.createIndex("idx_invites_tenant_id").on("invites").column("tenant_id").execute(),await e.schema.createIndex("idx_invites_organization_id").on("invites").column("organization_id").execute(),await e.schema.createIndex("idx_invites_expires_at").on("invites").column("expires_at").execute(),await e.schema.createIndex("idx_invites_tenant_created").on("invites").columns(["tenant_id","created_at"]).execute()}async function yu(e){await e.schema.dropTable("invites").execute()}const vu=Object.freeze(Object.defineProperty({__proto__:null,down:yu,up:wu},Symbol.toStringTag,{value:"Module"}));async function Cu(e){await e.schema.dropTable("logs").ifExists().execute(),await e.schema.createTable("logs").addColumn("log_id","varchar(21)",t=>t.primaryKey().notNull()).addColumn("category","varchar(255)").addColumn("tenant_id","varchar(64)").addColumn("user_id","varchar(64)").addColumn("ip","varchar(255)").addColumn("type","varchar(8)",t=>t.notNull()).addColumn("date","varchar(25)",t=>t.notNull()).addColumn("client_id","varchar(255)").addColumn("client_name","varchar(255)").addColumn("user_agent","varchar(255)").addColumn("description","varchar(255)").addColumn("details","varchar(2048)").addColumn("isMobile","integer").addColumn("user_name","varchar(255)").addColumn("connection","varchar(255)").addColumn("connection_id","varchar(255)").addColumn("audience","varchar(255)").addColumn("scope","varchar(255)").addColumn("strategy","varchar(255)").addColumn("strategy_type","varchar(255)").addColumn("hostname","varchar(255)").addColumn("auth0_client","varchar(8192)").addColumn("session_connection","varchar(255)").execute()}async function xu(e){await e.schema.dropTable("logs").ifExists().execute(),await e.schema.createTable("logs").addColumn("id","varchar(255)",t=>t.primaryKey().notNull()).addColumn("category","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(64)").addColumn("user_id","varchar(64)").addColumn("ip","varchar(255)").addColumn("type","varchar(8)",t=>t.notNull()).addColumn("date","varchar(25)",t=>t.notNull()).addColumn("client_id","varchar(255)").addColumn("client_name","varchar(255)").addColumn("user_agent","varchar(255)").addColumn("description","varchar(255)").addColumn("details","varchar(2048)").execute()}const Tu=Object.freeze(Object.defineProperty({__proto__:null,down:xu,up:Cu},Symbol.toStringTag,{value:"Module"}));async function Nu(e){await e.schema.alterTable("logs").addColumn("country_code","varchar(2)").execute(),await e.schema.alterTable("logs").addColumn("city_name","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("latitude","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("longitude","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("time_zone","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("continent_code","varchar(2)").execute()}async function bu(e){await e.schema.alterTable("logs").dropColumn("country_code").execute(),await e.schema.alterTable("logs").dropColumn("city_name").execute(),await e.schema.alterTable("logs").dropColumn("latitude").execute(),await e.schema.alterTable("logs").dropColumn("longitude").execute(),await e.schema.alterTable("logs").dropColumn("time_zone").execute(),await e.schema.alterTable("logs").dropColumn("continent_code").execute()}const Su=Object.freeze(Object.defineProperty({__proto__:null,down:bu,up:Nu},Symbol.toStringTag,{value:"Module"})),q=1e3;async function ku(e){await e.schema.createTable("password_history").addColumn("id","varchar(21)",n=>n.primaryKey()).addColumn("user_id","varchar(191)",n=>n.notNull()).addColumn("tenant_id","varchar(191)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("password","varchar(255)",n=>n.notNull()).addColumn("algorithm","varchar(255)",n=>n.notNull().defaultTo("bcrypt")).addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addColumn("is_current","integer",n=>n.notNull().defaultTo(1)).addForeignKeyConstraint("password_history_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],n=>n.onDelete("cascade")).execute();let t=0,a=!0;for(;a;){const n=await e.selectFrom("passwords").select(["user_id","tenant_id","password","algorithm","created_at","updated_at"]).limit(q).offset(t).execute();if(n.length===0){a=!1;break}for(const o of n)await e.insertInto("password_history").values({id:S.nanoid(),user_id:o.user_id,tenant_id:o.tenant_id,password:o.password,algorithm:o.algorithm??"bcrypt",created_at:o.created_at,updated_at:o.updated_at??o.created_at,is_current:1}).execute();t+=q,n.length<q&&(a=!1)}await e.schema.alterTable("passwords").renameTo("passwords_backup").execute(),await e.schema.alterTable("password_history").renameTo("passwords").execute()}async function Ou(e){await e.schema.alterTable("passwords").renameTo("password_history").execute();try{await e.schema.alterTable("passwords_backup").renameTo("passwords").execute()}catch{await e.schema.createTable("passwords").addColumn("user_id","varchar(255)",n=>n.notNull()).addColumn("tenant_id","varchar(255)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("password","varchar(255)",n=>n.notNull()).addColumn("algorithm","varchar(255)",n=>n.notNull().defaultTo("bcrypt")).addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addPrimaryKeyConstraint("passwords_pkey",["user_id","tenant_id"]).addForeignKeyConstraint("passwords_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],n=>n.onDelete("cascade")).execute();let t=0,a=!0;for(;a;){const n=await e.selectFrom("password_history").select(["user_id","tenant_id","password","algorithm","created_at","updated_at"]).where("is_current","=",1).limit(q).offset(t).execute();if(n.length===0){a=!1;break}for(const o of n)await e.insertInto("passwords").values({user_id:o.user_id,tenant_id:o.tenant_id,password:o.password,algorithm:o.algorithm,created_at:o.created_at,updated_at:o.updated_at}).execute();t+=q,n.length<q&&(a=!1)}}await e.schema.dropTable("password_history").execute()}const $u=Object.freeze(Object.defineProperty({__proto__:null,down:Ou,up:ku},Symbol.toStringTag,{value:"Module"}));async function Eu(e){await e.schema.alterTable("connections").addColumn("display_name","varchar(255)").execute(),await e.schema.alterTable("connections").addColumn("is_domain_connection","integer").execute(),await e.schema.alterTable("connections").addColumn("show_as_button","integer").execute(),await e.schema.alterTable("connections").addColumn("metadata","varchar(4096)").execute()}async function Pu(e){await e.schema.alterTable("connections").dropColumn("display_name").execute(),await e.schema.alterTable("connections").dropColumn("is_domain_connection").execute(),await e.schema.alterTable("connections").dropColumn("show_as_button").execute(),await e.schema.alterTable("connections").dropColumn("metadata").execute()}const Iu=Object.freeze(Object.defineProperty({__proto__:null,down:Pu,up:Eu},Symbol.toStringTag,{value:"Module"}));async function zu(e){await e.schema.alterTable("clients").addColumn("connections","text",t=>t.notNull().defaultTo("[]")).execute()}async function Du(e){await e.schema.alterTable("clients").dropColumn("connections").execute()}const Au=Object.freeze(Object.defineProperty({__proto__:null,down:Du,up:zu},Symbol.toStringTag,{value:"Module"}));async function Fu(e){await e.schema.createTable("flows").addColumn("id","varchar(24)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(150)",t=>t.notNull()).addColumn("actions","text").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.createIndex("flows_tenant_id_idx").on("flows").column("tenant_id").execute(),await e.schema.dropTable("passwords_backup").execute()}async function ju(e){await e.schema.dropTable("flows").execute()}const Ru=Object.freeze(Object.defineProperty({__proto__:null,down:ju,up:Fu},Symbol.toStringTag,{value:"Module"}));async function Mu(e){await e.schema.alterTable("resource_servers").addColumn("is_system","integer",t=>t.defaultTo(0).notNull()).execute(),await e.schema.alterTable("roles").addColumn("is_system","integer",t=>t.defaultTo(0).notNull()).execute(),await e.schema.alterTable("connections").addColumn("is_system","integer",t=>t.defaultTo(0).notNull()).execute()}async function Ju(e){await e.schema.alterTable("resource_servers").dropColumn("is_system").execute(),await e.schema.alterTable("roles").dropColumn("is_system").execute(),await e.schema.alterTable("connections").dropColumn("is_system").execute()}const qu=Object.freeze(Object.defineProperty({__proto__:null,down:Ju,up:Mu},Symbol.toStringTag,{value:"Module"}));async function Lu(e){const t=await e.selectFrom("keys").selectAll().execute();await e.schema.dropTable("keys").execute(),await h.sql`ALTER TABLE connections RENAME TO connections_old`.execute(e),await e.schema.createTable("connections").addColumn("id","varchar(255)",a=>a.notNull()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",a=>a.notNull()).addColumn("response_type","varchar(255)").addColumn("response_mode","varchar(255)").addColumn("strategy","varchar(64)").addColumn("options","varchar(8192)",a=>a.defaultTo("{}").notNull()).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("updated_at","varchar(255)",a=>a.notNull()).addColumn("display_name","varchar(255)").addColumn("is_domain_connection","integer").addColumn("show_as_button","integer").addColumn("metadata","varchar(4096)").addColumn("is_system","integer",a=>a.defaultTo(0).notNull()).addPrimaryKeyConstraint("connections_pkey",["tenant_id","id"]).execute(),await h.sql`
     INSERT INTO connections (
       id, tenant_id, name, response_type, response_mode, strategy, options,
       created_at, updated_at, display_name,
@@ -61,7 +61,7 @@
       created_at, updated_at, display_name,
       is_domain_connection, show_as_button, metadata, is_system
     FROM connections_old
-  `.execute(e),await e.schema.dropTable("connections_old").execute(),await e.schema.createIndex("connections_tenant_id_idx").on("connections").column("tenant_id").execute(),await e.schema.createTable("keys").addColumn("kid","varchar(255)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade")).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("revoked_at","varchar(255)").addColumn("cert","varchar(4096)").addColumn("pkcs7","varchar(4096)").addColumn("fingerprint","varchar(256)").addColumn("thumbprint","varchar(256)").addColumn("current_since","varchar(256)").addColumn("current_until","varchar(256)").addColumn("type","varchar(50)",a=>a.notNull().defaultTo("jwt_signing")).addColumn("connection","varchar(255)").execute();for(const a of t)await e.insertInto("keys").values(a).execute()}async function Iu(e){const t=await e.selectFrom("keys").selectAll().execute();await e.schema.dropTable("keys").execute(),await h.sql`ALTER TABLE connections RENAME TO connections_new`.execute(e),await e.schema.createTable("connections").addColumn("id","varchar(255)",a=>a.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",a=>a.notNull()).addColumn("response_type","varchar(255)").addColumn("response_mode","varchar(255)").addColumn("strategy","varchar(64)").addColumn("options","varchar(8192)",a=>a.defaultTo("{}").notNull()).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("updated_at","varchar(255)",a=>a.notNull()).addColumn("display_name","varchar(255)").addColumn("is_domain_connection","integer").addColumn("show_as_button","integer").addColumn("metadata","varchar(4096)").addColumn("is_system","integer",a=>a.defaultTo(0).notNull()).execute(),await h.sql`
+  `.execute(e),await e.schema.dropTable("connections_old").execute(),await e.schema.createIndex("connections_tenant_id_idx").on("connections").column("tenant_id").execute(),await e.schema.createTable("keys").addColumn("kid","varchar(255)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade")).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("revoked_at","varchar(255)").addColumn("cert","varchar(4096)").addColumn("pkcs7","varchar(4096)").addColumn("fingerprint","varchar(256)").addColumn("thumbprint","varchar(256)").addColumn("current_since","varchar(256)").addColumn("current_until","varchar(256)").addColumn("type","varchar(50)",a=>a.notNull().defaultTo("jwt_signing")).addColumn("connection","varchar(255)").execute();for(const a of t)await e.insertInto("keys").values(a).execute()}async function Ku(e){const t=await e.selectFrom("keys").selectAll().execute();await e.schema.dropTable("keys").execute(),await h.sql`ALTER TABLE connections RENAME TO connections_new`.execute(e),await e.schema.createTable("connections").addColumn("id","varchar(255)",a=>a.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",a=>a.notNull()).addColumn("response_type","varchar(255)").addColumn("response_mode","varchar(255)").addColumn("strategy","varchar(64)").addColumn("options","varchar(8192)",a=>a.defaultTo("{}").notNull()).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("updated_at","varchar(255)",a=>a.notNull()).addColumn("display_name","varchar(255)").addColumn("is_domain_connection","integer").addColumn("show_as_button","integer").addColumn("metadata","varchar(4096)").addColumn("is_system","integer",a=>a.defaultTo(0).notNull()).execute(),await h.sql`
     INSERT INTO connections (
       id, tenant_id, name, response_type, response_mode, strategy, options,
       created_at, updated_at, display_name,
@@ -72,11 +72,11 @@
       created_at, updated_at, display_name,
       is_domain_connection, show_as_button, metadata, is_system
     FROM connections_new
-  `.execute(e),await e.schema.dropTable("connections_new").execute(),await e.schema.createIndex("connections_tenant_id_idx").on("connections").column("tenant_id").execute(),await e.schema.createTable("keys").addColumn("kid","varchar(255)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade")).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("revoked_at","varchar(255)").addColumn("cert","varchar(4096)").addColumn("pkcs7","varchar(4096)").addColumn("fingerprint","varchar(256)").addColumn("thumbprint","varchar(256)").addColumn("current_since","varchar(256)").addColumn("current_until","varchar(256)").addColumn("type","varchar(50)",a=>a.notNull().defaultTo("jwt_signing")).addColumn("connection","varchar(255)",a=>a.references("connections.id").onDelete("cascade")).execute();for(const a of t)await e.insertInto("keys").values(a).execute()}const zu=Object.freeze(Object.defineProperty({__proto__:null,down:Iu,up:Pu},Symbol.toStringTag,{value:"Module"}));async function Du(e){await e.schema.alterTable("login_sessions").addColumn("state","varchar(50)",t=>t.defaultTo("pending")).execute(),await e.schema.alterTable("login_sessions").addColumn("state_data","text").execute(),await e.schema.alterTable("login_sessions").addColumn("failure_reason","text").execute(),await e.schema.alterTable("login_sessions").addColumn("user_id","varchar(255)").execute(),await e.schema.createIndex("login_sessions_tenant_user_idx").on("login_sessions").columns(["tenant_id","user_id"]).execute(),await e.updateTable("login_sessions").set({state:h.sql`CASE
+  `.execute(e),await e.schema.dropTable("connections_new").execute(),await e.schema.createIndex("connections_tenant_id_idx").on("connections").column("tenant_id").execute(),await e.schema.createTable("keys").addColumn("kid","varchar(255)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade")).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("revoked_at","varchar(255)").addColumn("cert","varchar(4096)").addColumn("pkcs7","varchar(4096)").addColumn("fingerprint","varchar(256)").addColumn("thumbprint","varchar(256)").addColumn("current_since","varchar(256)").addColumn("current_until","varchar(256)").addColumn("type","varchar(50)",a=>a.notNull().defaultTo("jwt_signing")).addColumn("connection","varchar(255)",a=>a.references("connections.id").onDelete("cascade")).execute();for(const a of t)await e.insertInto("keys").values(a).execute()}const Bu=Object.freeze(Object.defineProperty({__proto__:null,down:Ku,up:Lu},Symbol.toStringTag,{value:"Module"}));async function Uu(e){await e.schema.alterTable("login_sessions").addColumn("state","varchar(50)",t=>t.defaultTo("pending")).execute(),await e.schema.alterTable("login_sessions").addColumn("state_data","text").execute(),await e.schema.alterTable("login_sessions").addColumn("failure_reason","text").execute(),await e.schema.alterTable("login_sessions").addColumn("user_id","varchar(255)").execute(),await e.schema.createIndex("login_sessions_tenant_user_idx").on("login_sessions").columns(["tenant_id","user_id"]).execute(),await e.updateTable("login_sessions").set({state:h.sql`CASE
         WHEN login_completed = 1 THEN 'completed'
         WHEN expires_at < CURRENT_TIMESTAMP THEN 'expired'
         ELSE 'pending'
-      END`}).execute(),await e.schema.alterTable("login_sessions").dropColumn("login_completed").execute(),await e.schema.createIndex("login_sessions_state_idx").on("login_sessions").column("state").execute(),await e.schema.createIndex("login_sessions_state_updated_idx").on("login_sessions").columns(["state","updated_at"]).execute()}async function Au(e){await e.schema.alterTable("login_sessions").addColumn("login_completed","integer",t=>t.defaultTo(0)).execute(),await e.updateTable("login_sessions").set({login_completed:h.sql`CASE WHEN state = 'completed' THEN 1 ELSE 0 END`}).execute(),await e.schema.dropIndex("login_sessions_state_updated_idx").execute(),await e.schema.dropIndex("login_sessions_state_idx").execute(),await e.schema.dropIndex("login_sessions_tenant_user_idx").execute(),await e.schema.alterTable("login_sessions").dropColumn("state").dropColumn("state_data").dropColumn("failure_reason").dropColumn("user_id").execute()}const Fu=Object.freeze(Object.defineProperty({__proto__:null,down:Au,up:Du},Symbol.toStringTag,{value:"Module"}));async function ju(e){await e.schema.alterTable("roles").addColumn("metadata","varchar(4096)").execute(),await e.schema.alterTable("resource_servers").addColumn("metadata","varchar(4096)").execute()}async function Ru(e){await e.schema.alterTable("roles").dropColumn("metadata").execute(),await e.schema.alterTable("resource_servers").dropColumn("metadata").execute()}const Mu=Object.freeze(Object.defineProperty({__proto__:null,down:Ru,up:ju},Symbol.toStringTag,{value:"Module"}));async function Ju(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function O(e,t,a,n){try{await e.schema.alterTable(t).addColumn(a,n).execute()}catch(o){if(o instanceof Error&&(o.message.includes("1060")||o.message.includes("duplicate column"))){w(`  Column ${t}.${a} already exists, skipping`);return}throw o}}async function qu(e){const t=await Ju(e);await O(e,"refresh_tokens","created_at_ts","bigint"),await O(e,"refresh_tokens","expires_at_ts","bigint"),await O(e,"refresh_tokens","idle_expires_at_ts","bigint"),await O(e,"refresh_tokens","last_exchanged_at_ts","bigint"),await O(e,"sessions","created_at_ts","bigint"),await O(e,"sessions","updated_at_ts","bigint"),await O(e,"sessions","expires_at_ts","bigint"),await O(e,"sessions","idle_expires_at_ts","bigint"),await O(e,"sessions","authenticated_at_ts","bigint"),await O(e,"sessions","last_interaction_at_ts","bigint"),await O(e,"sessions","used_at_ts","bigint"),await O(e,"sessions","revoked_at_ts","bigint"),await O(e,"login_sessions","created_at_ts","bigint"),await O(e,"login_sessions","updated_at_ts","bigint"),await O(e,"login_sessions","expires_at_ts","bigint"),t==="mysql"&&(await e.schema.alterTable("refresh_tokens").modifyColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("sessions").modifyColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("sessions").modifyColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("sessions").modifyColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("expires_at","varchar(35)").execute()),await e.schema.createIndex("idx_sessions_user_id").on("sessions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("idx_refresh_tokens_user_id").on("refresh_tokens").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("idx_refresh_tokens_session_id").on("refresh_tokens").column("session_id").execute(),await e.schema.createIndex("idx_refresh_tokens_expires_at_ts").on("refresh_tokens").column("expires_at_ts").execute(),await e.schema.createIndex("idx_sessions_expires_at_ts").on("sessions").column("expires_at_ts").execute(),await e.schema.createIndex("idx_login_sessions_expires_at_ts").on("login_sessions").column("expires_at_ts").execute()}async function J(e,t,a){try{await e.schema.dropIndex(t).on(a).execute()}catch(n){if(n instanceof Error&&n.message.includes("1091"))return;throw n}}async function $(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){if(n instanceof Error&&n.message.includes("1091"))return;throw n}}async function Lu(e){await J(e,"idx_sessions_user_id","sessions"),await J(e,"idx_refresh_tokens_user_id","refresh_tokens"),await J(e,"idx_refresh_tokens_session_id","refresh_tokens"),await J(e,"idx_refresh_tokens_expires_at_ts","refresh_tokens"),await J(e,"idx_sessions_expires_at_ts","sessions"),await J(e,"idx_login_sessions_expires_at_ts","login_sessions"),await $(e,"refresh_tokens","created_at_ts"),await $(e,"refresh_tokens","expires_at_ts"),await $(e,"refresh_tokens","idle_expires_at_ts"),await $(e,"refresh_tokens","last_exchanged_at_ts"),await $(e,"sessions","created_at_ts"),await $(e,"sessions","updated_at_ts"),await $(e,"sessions","expires_at_ts"),await $(e,"sessions","idle_expires_at_ts"),await $(e,"sessions","authenticated_at_ts"),await $(e,"sessions","last_interaction_at_ts"),await $(e,"sessions","used_at_ts"),await $(e,"sessions","revoked_at_ts"),await $(e,"login_sessions","created_at_ts"),await $(e,"login_sessions","updated_at_ts"),await $(e,"login_sessions","expires_at_ts")}const Ku=Object.freeze(Object.defineProperty({__proto__:null,down:Lu,up:qu},Symbol.toStringTag,{value:"Module"}));async function Ie(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function E(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){const o=n instanceof Error?n.message:String(n);if(o.includes("1091")||o.includes("no such column")){w(`  Column ${t}.${a} doesn't exist, skipping`);return}throw n}}async function Bu(e){const t=await Ie(e);w("Dropping indexes that depend on old date columns...");try{await h.sql`DROP INDEX IF EXISTS login_sessions_state_updated_idx`.execute(e),w("  Dropped index login_sessions_state_updated_idx")}catch(a){z(`  Warning: Failed to drop index login_sessions_state_updated_idx: ${a instanceof Error?a.message:String(a)}`)}w("Dropping old date columns..."),await E(e,"refresh_tokens","created_at"),await E(e,"refresh_tokens","expires_at"),await E(e,"refresh_tokens","idle_expires_at"),await E(e,"refresh_tokens","last_exchanged_at"),await E(e,"sessions","created_at"),await E(e,"sessions","updated_at"),await E(e,"sessions","expires_at"),await E(e,"sessions","idle_expires_at"),await E(e,"sessions","authenticated_at"),await E(e,"sessions","last_interaction_at"),await E(e,"sessions","used_at"),await E(e,"sessions","revoked_at"),await E(e,"login_sessions","created_at"),await E(e,"login_sessions","updated_at"),await E(e,"login_sessions","expires_at"),t==="mysql"&&(w("Increasing ID column sizes for ULID support..."),await e.schema.alterTable("login_sessions").modifyColumn("id","varchar(26)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("session_id","varchar(26)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("csrf_token","varchar(26)").execute(),await e.schema.alterTable("sessions").modifyColumn("id","varchar(26)").execute(),await e.schema.alterTable("sessions").modifyColumn("login_session_id","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("id","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("session_id","varchar(26)").execute()),w("Migration completed successfully")}async function Uu(e){await Ie(e)==="mysql"&&(w("Restoring ID column sizes to varchar(21)..."),await e.schema.alterTable("login_sessions").modifyColumn("id","varchar(21)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("session_id","varchar(21)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("csrf_token","varchar(21)").execute(),await e.schema.alterTable("sessions").modifyColumn("id","varchar(21)").execute(),await e.schema.alterTable("sessions").modifyColumn("login_session_id","varchar(21)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("id","varchar(21)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("session_id","varchar(21)").execute()),w("Re-adding old date columns (data will be empty)..."),await e.schema.alterTable("refresh_tokens").addColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("idle_expires_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("last_exchanged_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("idle_expires_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("authenticated_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("last_interaction_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("used_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("revoked_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").addColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").addColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").addColumn("expires_at","varchar(35)").execute(),w("Rollback completed")}const Qu=Object.freeze(Object.defineProperty({__proto__:null,down:Uu,up:Bu},Symbol.toStringTag,{value:"Module"}));async function Wu(e){await e.schema.alterTable("users").dropColumn("user_metadata").execute(),await e.schema.alterTable("users").addColumn("user_metadata","text").execute(),await e.schema.alterTable("users").addColumn("middle_name","varchar(100)").execute(),await e.schema.alterTable("users").addColumn("profile","text").execute(),await e.schema.alterTable("users").addColumn("website","text").execute(),await e.schema.alterTable("users").addColumn("gender","varchar(50)").execute(),await e.schema.alterTable("users").addColumn("birthdate","varchar(10)").execute(),await e.schema.alterTable("users").addColumn("zoneinfo","varchar(100)").execute()}async function Yu(e){await e.schema.alterTable("users").dropColumn("middle_name").execute(),await e.schema.alterTable("users").dropColumn("profile").execute(),await e.schema.alterTable("users").dropColumn("website").execute(),await e.schema.alterTable("users").dropColumn("gender").execute(),await e.schema.alterTable("users").dropColumn("birthdate").execute(),await e.schema.alterTable("users").dropColumn("zoneinfo").execute(),await e.schema.alterTable("users").dropColumn("user_metadata").execute(),await e.schema.alterTable("users").addColumn("user_metadata","varchar(4096)").execute()}const Hu=Object.freeze(Object.defineProperty({__proto__:null,down:Yu,up:Wu},Symbol.toStringTag,{value:"Module"}));async function Gu(e){await e.schema.alterTable("users").addColumn("preferred_username","varchar(255)").execute()}async function Xu(e){await e.schema.alterTable("users").dropColumn("preferred_username").execute()}const Vu=Object.freeze(Object.defineProperty({__proto__:null,down:Xu,up:Gu},Symbol.toStringTag,{value:"Module"}));async function Zu(e){await e.schema.alterTable("users").addColumn("address","text").execute()}async function e_(e){await e.schema.alterTable("users").dropColumn("address").execute()}const t_=Object.freeze(Object.defineProperty({__proto__:null,down:e_,up:Zu},Symbol.toStringTag,{value:"Module"}));async function a_(e){try{await e.schema.alterTable("login_sessions").addColumn("authParams_max_age","integer").execute(),w("  Added column authParams_max_age to login_sessions")}catch(t){z(`  Warning: Could not add authParams_max_age column: ${t instanceof Error?t.message:String(t)}`)}try{await e.schema.alterTable("login_sessions").addColumn("authParams_acr_values","text").execute(),w("  Added column authParams_acr_values to login_sessions")}catch(t){z(`  Warning: Could not add authParams_acr_values column: ${t instanceof Error?t.message:String(t)}`)}}async function n_(e){try{await e.schema.alterTable("login_sessions").dropColumn("authParams_max_age").execute()}catch(t){z(`  Warning: Could not drop authParams_max_age column: ${t instanceof Error?t.message:String(t)}`)}try{await e.schema.alterTable("login_sessions").dropColumn("authParams_acr_values").execute()}catch(t){z(`  Warning: Could not drop authParams_acr_values column: ${t instanceof Error?t.message:String(t)}`)}}const o_=Object.freeze(Object.defineProperty({__proto__:null,down:n_,up:a_},Symbol.toStringTag,{value:"Module"}));async function r_(e){await e.schema.alterTable("clients").addColumn("auth0_conformant","integer",t=>t.defaultTo(1)).execute()}async function s_(e){await e.schema.alterTable("clients").dropColumn("auth0_conformant").execute()}const i_=Object.freeze(Object.defineProperty({__proto__:null,down:s_,up:r_},Symbol.toStringTag,{value:"Module"}));async function c_(e){await e.schema.createTable("universal_login_templates").addColumn("tenant_id","varchar(191)",t=>t.primaryKey().references("tenants.id").onDelete("cascade")).addColumn("body","text",t=>t.notNull()).addColumn("updated_at_ts","integer",t=>t.notNull()).addColumn("created_at_ts","integer",t=>t.notNull()).execute()}async function l_(e){await e.schema.dropTable("universal_login_templates").execute()}const d_=Object.freeze(Object.defineProperty({__proto__:null,down:l_,up:c_},Symbol.toStringTag,{value:"Module"}));async function u_(e){await e.schema.createTable("custom_text").addColumn("tenant_id","varchar(191)",t=>t.notNull().references("tenants.id").onDelete("cascade")).addColumn("prompt","varchar(64)",t=>t.notNull()).addColumn("language","varchar(16)",t=>t.notNull()).addColumn("custom_text","text",t=>t.notNull()).addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).addPrimaryKeyConstraint("custom_text_pk",["tenant_id","prompt","language"]).execute()}async function __(e){await e.schema.dropTable("custom_text").execute()}const m_=Object.freeze(Object.defineProperty({__proto__:null,down:__,up:u_},Symbol.toStringTag,{value:"Module"}));async function h_(e){await e.schema.alterTable("tenants").addColumn("mfa","text").execute()}async function p_(e){await e.schema.alterTable("tenants").dropColumn("mfa").execute()}const f_=Object.freeze(Object.defineProperty({__proto__:null,down:p_,up:h_},Symbol.toStringTag,{value:"Module"}));async function g_(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function ee(e,t,a,n){try{await e.schema.alterTable(t).addColumn(a,h.sql.raw(n)).execute()}catch(o){if(o instanceof Error&&(o.message.includes("1060")||o.message.includes("duplicate column"))){w(`  Column ${t}.${a} already exists, skipping`);return}throw o}}async function w_(e){const t=await g_(e);await ee(e,"hooks","template_id","text"),await ee(e,"hooks","created_at_ts","bigint"),await ee(e,"hooks","updated_at_ts","bigint"),t==="mysql"?await h.sql`
+      END`}).execute(),await e.schema.alterTable("login_sessions").dropColumn("login_completed").execute(),await e.schema.createIndex("login_sessions_state_idx").on("login_sessions").column("state").execute(),await e.schema.createIndex("login_sessions_state_updated_idx").on("login_sessions").columns(["state","updated_at"]).execute()}async function Qu(e){await e.schema.alterTable("login_sessions").addColumn("login_completed","integer",t=>t.defaultTo(0)).execute(),await e.updateTable("login_sessions").set({login_completed:h.sql`CASE WHEN state = 'completed' THEN 1 ELSE 0 END`}).execute(),await e.schema.dropIndex("login_sessions_state_updated_idx").execute(),await e.schema.dropIndex("login_sessions_state_idx").execute(),await e.schema.dropIndex("login_sessions_tenant_user_idx").execute(),await e.schema.alterTable("login_sessions").dropColumn("state").dropColumn("state_data").dropColumn("failure_reason").dropColumn("user_id").execute()}const Wu=Object.freeze(Object.defineProperty({__proto__:null,down:Qu,up:Uu},Symbol.toStringTag,{value:"Module"}));async function Yu(e){await e.schema.alterTable("roles").addColumn("metadata","varchar(4096)").execute(),await e.schema.alterTable("resource_servers").addColumn("metadata","varchar(4096)").execute()}async function Hu(e){await e.schema.alterTable("roles").dropColumn("metadata").execute(),await e.schema.alterTable("resource_servers").dropColumn("metadata").execute()}const Gu=Object.freeze(Object.defineProperty({__proto__:null,down:Hu,up:Yu},Symbol.toStringTag,{value:"Module"}));async function Vu(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function $(e,t,a,n){try{await e.schema.alterTable(t).addColumn(a,n).execute()}catch(o){if(o instanceof Error&&(o.message.includes("1060")||o.message.includes("duplicate column"))){w(`  Column ${t}.${a} already exists, skipping`);return}throw o}}async function Xu(e){const t=await Vu(e);await $(e,"refresh_tokens","created_at_ts","bigint"),await $(e,"refresh_tokens","expires_at_ts","bigint"),await $(e,"refresh_tokens","idle_expires_at_ts","bigint"),await $(e,"refresh_tokens","last_exchanged_at_ts","bigint"),await $(e,"sessions","created_at_ts","bigint"),await $(e,"sessions","updated_at_ts","bigint"),await $(e,"sessions","expires_at_ts","bigint"),await $(e,"sessions","idle_expires_at_ts","bigint"),await $(e,"sessions","authenticated_at_ts","bigint"),await $(e,"sessions","last_interaction_at_ts","bigint"),await $(e,"sessions","used_at_ts","bigint"),await $(e,"sessions","revoked_at_ts","bigint"),await $(e,"login_sessions","created_at_ts","bigint"),await $(e,"login_sessions","updated_at_ts","bigint"),await $(e,"login_sessions","expires_at_ts","bigint"),t==="mysql"&&(await e.schema.alterTable("refresh_tokens").modifyColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("sessions").modifyColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("sessions").modifyColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("sessions").modifyColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("expires_at","varchar(35)").execute()),await e.schema.createIndex("idx_sessions_user_id").on("sessions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("idx_refresh_tokens_user_id").on("refresh_tokens").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("idx_refresh_tokens_session_id").on("refresh_tokens").column("session_id").execute(),await e.schema.createIndex("idx_refresh_tokens_expires_at_ts").on("refresh_tokens").column("expires_at_ts").execute(),await e.schema.createIndex("idx_sessions_expires_at_ts").on("sessions").column("expires_at_ts").execute(),await e.schema.createIndex("idx_login_sessions_expires_at_ts").on("login_sessions").column("expires_at_ts").execute()}async function J(e,t,a){try{await e.schema.dropIndex(t).on(a).execute()}catch(n){if(n instanceof Error&&n.message.includes("1091"))return;throw n}}async function E(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){if(n instanceof Error&&n.message.includes("1091"))return;throw n}}async function Zu(e){await J(e,"idx_sessions_user_id","sessions"),await J(e,"idx_refresh_tokens_user_id","refresh_tokens"),await J(e,"idx_refresh_tokens_session_id","refresh_tokens"),await J(e,"idx_refresh_tokens_expires_at_ts","refresh_tokens"),await J(e,"idx_sessions_expires_at_ts","sessions"),await J(e,"idx_login_sessions_expires_at_ts","login_sessions"),await E(e,"refresh_tokens","created_at_ts"),await E(e,"refresh_tokens","expires_at_ts"),await E(e,"refresh_tokens","idle_expires_at_ts"),await E(e,"refresh_tokens","last_exchanged_at_ts"),await E(e,"sessions","created_at_ts"),await E(e,"sessions","updated_at_ts"),await E(e,"sessions","expires_at_ts"),await E(e,"sessions","idle_expires_at_ts"),await E(e,"sessions","authenticated_at_ts"),await E(e,"sessions","last_interaction_at_ts"),await E(e,"sessions","used_at_ts"),await E(e,"sessions","revoked_at_ts"),await E(e,"login_sessions","created_at_ts"),await E(e,"login_sessions","updated_at_ts"),await E(e,"login_sessions","expires_at_ts")}const e_=Object.freeze(Object.defineProperty({__proto__:null,down:Zu,up:Xu},Symbol.toStringTag,{value:"Module"}));async function Ae(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function P(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){const o=n instanceof Error?n.message:String(n);if(o.includes("1091")||o.includes("no such column")){w(`  Column ${t}.${a} doesn't exist, skipping`);return}throw n}}async function t_(e){const t=await Ae(e);w("Dropping indexes that depend on old date columns...");try{await h.sql`DROP INDEX IF EXISTS login_sessions_state_updated_idx`.execute(e),w("  Dropped index login_sessions_state_updated_idx")}catch(a){z(`  Warning: Failed to drop index login_sessions_state_updated_idx: ${a instanceof Error?a.message:String(a)}`)}w("Dropping old date columns..."),await P(e,"refresh_tokens","created_at"),await P(e,"refresh_tokens","expires_at"),await P(e,"refresh_tokens","idle_expires_at"),await P(e,"refresh_tokens","last_exchanged_at"),await P(e,"sessions","created_at"),await P(e,"sessions","updated_at"),await P(e,"sessions","expires_at"),await P(e,"sessions","idle_expires_at"),await P(e,"sessions","authenticated_at"),await P(e,"sessions","last_interaction_at"),await P(e,"sessions","used_at"),await P(e,"sessions","revoked_at"),await P(e,"login_sessions","created_at"),await P(e,"login_sessions","updated_at"),await P(e,"login_sessions","expires_at"),t==="mysql"&&(w("Increasing ID column sizes for ULID support..."),await e.schema.alterTable("login_sessions").modifyColumn("id","varchar(26)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("session_id","varchar(26)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("csrf_token","varchar(26)").execute(),await e.schema.alterTable("sessions").modifyColumn("id","varchar(26)").execute(),await e.schema.alterTable("sessions").modifyColumn("login_session_id","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("id","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("session_id","varchar(26)").execute()),w("Migration completed successfully")}async function a_(e){await Ae(e)==="mysql"&&(w("Restoring ID column sizes to varchar(21)..."),await e.schema.alterTable("login_sessions").modifyColumn("id","varchar(21)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("session_id","varchar(21)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("csrf_token","varchar(21)").execute(),await e.schema.alterTable("sessions").modifyColumn("id","varchar(21)").execute(),await e.schema.alterTable("sessions").modifyColumn("login_session_id","varchar(21)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("id","varchar(21)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("session_id","varchar(21)").execute()),w("Re-adding old date columns (data will be empty)..."),await e.schema.alterTable("refresh_tokens").addColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("idle_expires_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("last_exchanged_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("idle_expires_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("authenticated_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("last_interaction_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("used_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("revoked_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").addColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").addColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").addColumn("expires_at","varchar(35)").execute(),w("Rollback completed")}const n_=Object.freeze(Object.defineProperty({__proto__:null,down:a_,up:t_},Symbol.toStringTag,{value:"Module"}));async function o_(e){await e.schema.alterTable("users").dropColumn("user_metadata").execute(),await e.schema.alterTable("users").addColumn("user_metadata","text").execute(),await e.schema.alterTable("users").addColumn("middle_name","varchar(100)").execute(),await e.schema.alterTable("users").addColumn("profile","text").execute(),await e.schema.alterTable("users").addColumn("website","text").execute(),await e.schema.alterTable("users").addColumn("gender","varchar(50)").execute(),await e.schema.alterTable("users").addColumn("birthdate","varchar(10)").execute(),await e.schema.alterTable("users").addColumn("zoneinfo","varchar(100)").execute()}async function r_(e){await e.schema.alterTable("users").dropColumn("middle_name").execute(),await e.schema.alterTable("users").dropColumn("profile").execute(),await e.schema.alterTable("users").dropColumn("website").execute(),await e.schema.alterTable("users").dropColumn("gender").execute(),await e.schema.alterTable("users").dropColumn("birthdate").execute(),await e.schema.alterTable("users").dropColumn("zoneinfo").execute(),await e.schema.alterTable("users").dropColumn("user_metadata").execute(),await e.schema.alterTable("users").addColumn("user_metadata","varchar(4096)").execute()}const s_=Object.freeze(Object.defineProperty({__proto__:null,down:r_,up:o_},Symbol.toStringTag,{value:"Module"}));async function i_(e){await e.schema.alterTable("users").addColumn("preferred_username","varchar(255)").execute()}async function c_(e){await e.schema.alterTable("users").dropColumn("preferred_username").execute()}const l_=Object.freeze(Object.defineProperty({__proto__:null,down:c_,up:i_},Symbol.toStringTag,{value:"Module"}));async function d_(e){await e.schema.alterTable("users").addColumn("address","text").execute()}async function u_(e){await e.schema.alterTable("users").dropColumn("address").execute()}const __=Object.freeze(Object.defineProperty({__proto__:null,down:u_,up:d_},Symbol.toStringTag,{value:"Module"}));async function m_(e){try{await e.schema.alterTable("login_sessions").addColumn("authParams_max_age","integer").execute(),w("  Added column authParams_max_age to login_sessions")}catch(t){z(`  Warning: Could not add authParams_max_age column: ${t instanceof Error?t.message:String(t)}`)}try{await e.schema.alterTable("login_sessions").addColumn("authParams_acr_values","text").execute(),w("  Added column authParams_acr_values to login_sessions")}catch(t){z(`  Warning: Could not add authParams_acr_values column: ${t instanceof Error?t.message:String(t)}`)}}async function h_(e){try{await e.schema.alterTable("login_sessions").dropColumn("authParams_max_age").execute()}catch(t){z(`  Warning: Could not drop authParams_max_age column: ${t instanceof Error?t.message:String(t)}`)}try{await e.schema.alterTable("login_sessions").dropColumn("authParams_acr_values").execute()}catch(t){z(`  Warning: Could not drop authParams_acr_values column: ${t instanceof Error?t.message:String(t)}`)}}const p_=Object.freeze(Object.defineProperty({__proto__:null,down:h_,up:m_},Symbol.toStringTag,{value:"Module"}));async function f_(e){await e.schema.alterTable("clients").addColumn("auth0_conformant","integer",t=>t.defaultTo(1)).execute()}async function g_(e){await e.schema.alterTable("clients").dropColumn("auth0_conformant").execute()}const w_=Object.freeze(Object.defineProperty({__proto__:null,down:g_,up:f_},Symbol.toStringTag,{value:"Module"}));async function y_(e){await e.schema.createTable("universal_login_templates").addColumn("tenant_id","varchar(191)",t=>t.primaryKey().references("tenants.id").onDelete("cascade")).addColumn("body","text",t=>t.notNull()).addColumn("updated_at_ts","integer",t=>t.notNull()).addColumn("created_at_ts","integer",t=>t.notNull()).execute()}async function v_(e){await e.schema.dropTable("universal_login_templates").execute()}const C_=Object.freeze(Object.defineProperty({__proto__:null,down:v_,up:y_},Symbol.toStringTag,{value:"Module"}));async function x_(e){await e.schema.createTable("custom_text").addColumn("tenant_id","varchar(191)",t=>t.notNull().references("tenants.id").onDelete("cascade")).addColumn("prompt","varchar(64)",t=>t.notNull()).addColumn("language","varchar(16)",t=>t.notNull()).addColumn("custom_text","text",t=>t.notNull()).addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).addPrimaryKeyConstraint("custom_text_pk",["tenant_id","prompt","language"]).execute()}async function T_(e){await e.schema.dropTable("custom_text").execute()}const N_=Object.freeze(Object.defineProperty({__proto__:null,down:T_,up:x_},Symbol.toStringTag,{value:"Module"}));async function b_(e){await e.schema.alterTable("tenants").addColumn("mfa","text").execute()}async function S_(e){await e.schema.alterTable("tenants").dropColumn("mfa").execute()}const k_=Object.freeze(Object.defineProperty({__proto__:null,down:S_,up:b_},Symbol.toStringTag,{value:"Module"}));async function O_(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function te(e,t,a,n){try{await e.schema.alterTable(t).addColumn(a,h.sql.raw(n)).execute()}catch(o){if(o instanceof Error&&(o.message.includes("1060")||o.message.includes("duplicate column"))){w(`  Column ${t}.${a} already exists, skipping`);return}throw o}}async function $_(e){const t=await O_(e);await te(e,"hooks","template_id","text"),await te(e,"hooks","created_at_ts","bigint"),await te(e,"hooks","updated_at_ts","bigint"),t==="mysql"?await h.sql`
       UPDATE hooks
       SET created_at_ts = UNIX_TIMESTAMP(created_at) * 1000,
           updated_at_ts = UNIX_TIMESTAMP(updated_at) * 1000
@@ -86,14 +86,14 @@
       SET created_at_ts = CAST(strftime('%s', created_at) AS INTEGER) * 1000,
           updated_at_ts = CAST(strftime('%s', updated_at) AS INTEGER) * 1000
       WHERE created_at_ts IS NULL AND created_at IS NOT NULL
-    `.execute(e),t==="mysql"&&(await e.schema.alterTable("hooks").modifyColumn("created_at","varchar(255)").execute(),await e.schema.alterTable("hooks").modifyColumn("updated_at","varchar(255)").execute())}async function te(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){if(n instanceof Error&&(n.message.includes("1091")||n.message.includes("no such column")))return;throw n}}async function y_(e){await te(e,"hooks","template_id"),await te(e,"hooks","created_at_ts"),await te(e,"hooks","updated_at_ts")}const v_=Object.freeze(Object.defineProperty({__proto__:null,down:y_,up:w_},Symbol.toStringTag,{value:"Module"}));async function ze(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function pe(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){const o=n instanceof Error?n.message:String(n);if(o.includes("1091")||o.includes("no such column")){w(`  Column ${t}.${a} doesn't exist, skipping`);return}throw n}}async function C_(e){var r,s,i,d,l;const t=await ze(e);w("Running preflight integrity check on hooks timestamp columns...");const{rows:a}=await h.sql`SELECT
+    `.execute(e),t==="mysql"&&(await e.schema.alterTable("hooks").modifyColumn("created_at","varchar(255)").execute(),await e.schema.alterTable("hooks").modifyColumn("updated_at","varchar(255)").execute())}async function ae(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){if(n instanceof Error&&(n.message.includes("1091")||n.message.includes("no such column")))return;throw n}}async function E_(e){await ae(e,"hooks","template_id"),await ae(e,"hooks","created_at_ts"),await ae(e,"hooks","updated_at_ts")}const P_=Object.freeze(Object.defineProperty({__proto__:null,down:E_,up:$_},Symbol.toStringTag,{value:"Module"}));async function Fe(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function ge(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){const o=n instanceof Error?n.message:String(n);if(o.includes("1091")||o.includes("no such column")){w(`  Column ${t}.${a} doesn't exist, skipping`);return}throw n}}async function I_(e){var r,s,i,d,l;const t=await Fe(e);w("Running preflight integrity check on hooks timestamp columns...");const{rows:a}=await h.sql`SELECT
       SUM(CASE WHEN created_at_ts IS NULL THEN 1 ELSE 0 END) AS null_created,
       SUM(CASE WHEN updated_at_ts IS NULL THEN 1 ELSE 0 END) AS null_updated
     FROM hooks`.execute(e),n=Number(((r=a[0])==null?void 0:r.null_created)??0),o=Number(((s=a[0])==null?void 0:s.null_updated)??0);if(n>0||o>0)throw new Error(`Preflight check failed: ${n} row(s) with NULL created_at_ts, ${o} row(s) with NULL updated_at_ts. All timestamp data must be migrated to _ts columns before dropping legacy columns.`);if(w("  Preflight check passed — all _ts columns are populated."),t==="mysql"){w("Running preflight length check on columns being narrowed...");const{rows:m}=await h.sql`SELECT
         SUM(CASE WHEN CHAR_LENGTH(hook_id) > 21 THEN 1 ELSE 0 END) AS long_hook_id,
         SUM(CASE WHEN CHAR_LENGTH(form_id) > 128 THEN 1 ELSE 0 END) AS long_form_id,
         SUM(CASE WHEN CHAR_LENGTH(template_id) > 64 THEN 1 ELSE 0 END) AS long_template_id
-      FROM hooks`.execute(e),c=Number(((i=m[0])==null?void 0:i.long_hook_id)??0),u=Number(((d=m[0])==null?void 0:d.long_form_id)??0),_=Number(((l=m[0])==null?void 0:l.long_template_id)??0),p=[];if(c>0&&p.push(`${c} row(s) with hook_id longer than 21 chars`),u>0&&p.push(`${u} row(s) with form_id longer than 128 chars`),_>0&&p.push(`${_} row(s) with template_id longer than 64 chars`),p.length>0)throw new Error(`Preflight length check failed: ${p.join("; ")}. Truncate or fix oversized values before running this migration.`);w("  Preflight length check passed — all values fit within new column sizes.")}w("Dropping old date columns from hooks..."),await pe(e,"hooks","created_at"),await pe(e,"hooks","updated_at"),t==="mysql"&&(w("Fixing hook column types..."),await e.schema.alterTable("hooks").modifyColumn("hook_id","varchar(21)",m=>m.notNull().primaryKey()).execute(),await e.schema.alterTable("hooks").modifyColumn("form_id","varchar(128)").execute(),await e.schema.alterTable("hooks").modifyColumn("template_id","varchar(64)").execute())}async function x_(e){const t=await ze(e);await e.schema.alterTable("hooks").addColumn("created_at","varchar(255)").execute(),await e.schema.alterTable("hooks").addColumn("updated_at","varchar(255)").execute(),t==="mysql"?await h.sql`
+      FROM hooks`.execute(e),c=Number(((i=m[0])==null?void 0:i.long_hook_id)??0),u=Number(((d=m[0])==null?void 0:d.long_form_id)??0),_=Number(((l=m[0])==null?void 0:l.long_template_id)??0),p=[];if(c>0&&p.push(`${c} row(s) with hook_id longer than 21 chars`),u>0&&p.push(`${u} row(s) with form_id longer than 128 chars`),_>0&&p.push(`${_} row(s) with template_id longer than 64 chars`),p.length>0)throw new Error(`Preflight length check failed: ${p.join("; ")}. Truncate or fix oversized values before running this migration.`);w("  Preflight length check passed — all values fit within new column sizes.")}w("Dropping old date columns from hooks..."),await ge(e,"hooks","created_at"),await ge(e,"hooks","updated_at"),t==="mysql"&&(w("Fixing hook column types..."),await e.schema.alterTable("hooks").modifyColumn("hook_id","varchar(21)",m=>m.notNull().primaryKey()).execute(),await e.schema.alterTable("hooks").modifyColumn("form_id","varchar(128)").execute(),await e.schema.alterTable("hooks").modifyColumn("template_id","varchar(64)").execute())}async function z_(e){const t=await Fe(e);await e.schema.alterTable("hooks").addColumn("created_at","varchar(255)").execute(),await e.schema.alterTable("hooks").addColumn("updated_at","varchar(255)").execute(),t==="mysql"?await h.sql`
       UPDATE hooks
       SET created_at = DATE_FORMAT(CONVERT_TZ(FROM_UNIXTIME(created_at_ts / 1000), @@session.time_zone, '+00:00'), '%Y-%m-%dT%H:%i:%s.000Z'),
           updated_at = DATE_FORMAT(CONVERT_TZ(FROM_UNIXTIME(updated_at_ts / 1000), @@session.time_zone, '+00:00'), '%Y-%m-%dT%H:%i:%s.000Z')
@@ -103,7 +103,7 @@
       SET created_at = strftime('%Y-%m-%dT%H:%M:%fZ', created_at_ts / 1000, 'unixepoch'),
           updated_at = strftime('%Y-%m-%dT%H:%M:%fZ', updated_at_ts / 1000, 'unixepoch')
       WHERE created_at_ts IS NOT NULL
-    `.execute(e),t==="mysql"&&(await e.schema.alterTable("hooks").modifyColumn("hook_id","varchar(255)",a=>a.notNull().primaryKey()).execute(),await e.schema.alterTable("hooks").modifyColumn("form_id","text").execute(),await e.schema.alterTable("hooks").modifyColumn("template_id","text").execute())}const T_=Object.freeze(Object.defineProperty({__proto__:null,down:x_,up:C_},Symbol.toStringTag,{value:"Module"}));async function N_(e){const{rows:t}=await h.sql`
+    `.execute(e),t==="mysql"&&(await e.schema.alterTable("hooks").modifyColumn("hook_id","varchar(255)",a=>a.notNull().primaryKey()).execute(),await e.schema.alterTable("hooks").modifyColumn("form_id","text").execute(),await e.schema.alterTable("hooks").modifyColumn("template_id","text").execute())}const D_=Object.freeze(Object.defineProperty({__proto__:null,down:z_,up:I_},Symbol.toStringTag,{value:"Module"}));async function A_(e){const{rows:t}=await h.sql`
     SELECT username, provider, tenant_id, COUNT(*) AS cnt
     FROM users
     WHERE username IS NOT NULL
@@ -125,7 +125,7 @@
           GROUP BY username, provider, tenant_id
           HAVING COUNT(*) > 1
         )
-    `.execute(e),w("Duplicate rows removed.")}await e.schema.createIndex("unique_username_provider").on("users").unique().columns(["username","provider","tenant_id"]).execute()}async function b_(e){await e.schema.dropIndex("unique_username_provider").execute()}const S_=Object.freeze(Object.defineProperty({__proto__:null,down:b_,up:N_},Symbol.toStringTag,{value:"Module"}));async function k_(e){await e.schema.alterTable("refresh_tokens").addColumn("login_id","varchar(26)").execute(),await e.schema.createIndex("idx_refresh_tokens_login_id").on("refresh_tokens").column("login_id").execute()}async function O_(e){await e.schema.dropIndex("idx_refresh_tokens_login_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("login_id").execute()}const $_=Object.freeze(Object.defineProperty({__proto__:null,down:O_,up:k_},Symbol.toStringTag,{value:"Module"}));async function De(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function E_(e){await De(e)==="mysql"?(await e.schema.alterTable("refresh_tokens").modifyColumn("login_id","varchar(26)",a=>a.notNull()).execute(),await e.schema.dropIndex("idx_refresh_tokens_session_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("session_id").execute()):(await e.schema.dropIndex("idx_refresh_tokens_session_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("session_id").execute())}async function P_(e){await De(e)==="mysql"?(await e.schema.alterTable("refresh_tokens").addColumn("session_id","varchar(26)").execute(),await e.schema.createIndex("idx_refresh_tokens_session_id").on("refresh_tokens").column("session_id").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("login_id","varchar(26)").execute()):await e.schema.alterTable("refresh_tokens").addColumn("session_id","varchar(21)").execute()}const I_=Object.freeze(Object.defineProperty({__proto__:null,down:P_,up:E_},Symbol.toStringTag,{value:"Module"}));async function z_(e){await e.schema.createIndex("idx_sessions_idle_expires_at_ts").on("sessions").column("idle_expires_at_ts").execute(),await e.schema.createIndex("idx_refresh_tokens_idle_expires_at_ts").on("refresh_tokens").column("idle_expires_at_ts").execute()}async function D_(e){await e.schema.dropIndex("idx_sessions_idle_expires_at_ts").on("sessions").execute(),await e.schema.dropIndex("idx_refresh_tokens_idle_expires_at_ts").on("refresh_tokens").execute()}const A_=Object.freeze(Object.defineProperty({__proto__:null,down:D_,up:z_},Symbol.toStringTag,{value:"Module"}));async function F_(e){await e.schema.alterTable("login_sessions").addColumn("auth_connection","varchar(255)").execute()}async function j_(e){await e.schema.alterTable("login_sessions").dropColumn("auth_connection").execute()}const R_=Object.freeze(Object.defineProperty({__proto__:null,down:j_,up:F_},Symbol.toStringTag,{value:"Module"}));async function M_(e){await e.schema.createTable("mfa_enrollments").addColumn("id","varchar(26)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("type","varchar(32)",t=>t.notNull()).addColumn("phone_number","varchar(32)").addColumn("totp_secret","varchar(255)").addColumn("confirmed","integer",t=>t.notNull().defaultTo(0)).addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("mfa_enrollments_tenant_user_idx").on("mfa_enrollments").columns(["tenant_id","user_id"]).execute()}async function J_(e){await e.schema.dropTable("mfa_enrollments").execute()}const q_=Object.freeze(Object.defineProperty({__proto__:null,down:J_,up:M_},Symbol.toStringTag,{value:"Module"}));async function L_(e){await e.schema.alterTable("codes").addColumn("otp","varchar(32)").execute()}async function K_(e){await e.schema.alterTable("codes").dropColumn("otp").execute()}const B_=Object.freeze(Object.defineProperty({__proto__:null,down:K_,up:L_},Symbol.toStringTag,{value:"Module"}));async function U_(e){await e.schema.alterTable("mfa_enrollments").renameTo("authentication_methods").execute(),await e.schema.alterTable("authentication_methods").addColumn("credential_id","varchar(512)").execute(),await e.schema.alterTable("authentication_methods").addColumn("public_key","text").execute(),await e.schema.alterTable("authentication_methods").addColumn("sign_count","integer").execute(),await e.schema.alterTable("authentication_methods").addColumn("credential_backed_up","integer").execute(),await e.schema.alterTable("authentication_methods").addColumn("transports","varchar(512)").execute(),await e.schema.alterTable("authentication_methods").addColumn("friendly_name","varchar(255)").execute(),await e.schema.createIndex("authentication_methods_credential_id_idx").on("authentication_methods").column("credential_id").execute()}async function Q_(e){await e.schema.dropIndex("authentication_methods_credential_id_idx").execute(),await e.schema.alterTable("authentication_methods").dropColumn("friendly_name").execute(),await e.schema.alterTable("authentication_methods").dropColumn("transports").execute(),await e.schema.alterTable("authentication_methods").dropColumn("credential_backed_up").execute(),await e.schema.alterTable("authentication_methods").dropColumn("sign_count").execute(),await e.schema.alterTable("authentication_methods").dropColumn("public_key").execute(),await e.schema.alterTable("authentication_methods").dropColumn("credential_id").execute(),await e.schema.alterTable("authentication_methods").renameTo("mfa_enrollments").execute()}const W_=Object.freeze(Object.defineProperty({__proto__:null,down:Q_,up:U_},Symbol.toStringTag,{value:"Module"}));async function Y_(e){await e.schema.createTable("outbox_events").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("event_type","varchar(255)",t=>t.notNull()).addColumn("log_type","varchar(64)",t=>t.notNull()).addColumn("aggregate_type","varchar(64)",t=>t.notNull()).addColumn("aggregate_id","varchar(255)",t=>t.notNull()).addColumn("payload","text",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("processed_at","varchar(35)").addColumn("retry_count","integer",t=>t.notNull().defaultTo(0)).addColumn("next_retry_at","varchar(35)").addColumn("error","text").execute(),await e.schema.createIndex("idx_outbox_unprocessed").on("outbox_events").columns(["processed_at","created_at"]).execute(),await e.schema.createIndex("idx_outbox_tenant_type").on("outbox_events").columns(["tenant_id","event_type","created_at"]).execute()}async function H_(e){await e.schema.dropTable("outbox_events").execute()}const G_=Object.freeze(Object.defineProperty({__proto__:null,down:H_,up:Y_},Symbol.toStringTag,{value:"Module"}));async function X_(e){await e.schema.alterTable("outbox_events").addColumn("claimed_by","varchar(64)").execute(),await e.schema.alterTable("outbox_events").addColumn("claim_expires_at","varchar(35)").execute()}async function V_(e){await e.schema.alterTable("outbox_events").dropColumn("claimed_by").execute(),await e.schema.alterTable("outbox_events").dropColumn("claim_expires_at").execute()}const Z_=Object.freeze(Object.defineProperty({__proto__:null,down:V_,up:X_},Symbol.toStringTag,{value:"Module"}));async function em(e){await e.schema.createIndex("idx_outbox_claim").on("outbox_events").columns(["processed_at","claim_expires_at","next_retry_at","created_at"]).execute()}async function tm(e){await e.schema.dropIndex("idx_outbox_claim").on("outbox_events").execute()}const am=Object.freeze(Object.defineProperty({__proto__:null,down:tm,up:em},Symbol.toStringTag,{value:"Module"}));async function nm(e){await e.schema.createTable("hook_code").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("code","text",t=>t.notNull()).addColumn("secrets","text").addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("idx_hook_code_tenant").on("hook_code").columns(["tenant_id"]).execute(),await e.schema.alterTable("hooks").addColumn("code_id","varchar(21)").execute()}async function om(e){await e.schema.alterTable("hooks").dropColumn("code_id").execute(),await e.schema.dropTable("hook_code").execute()}const rm=Object.freeze(Object.defineProperty({__proto__:null,down:om,up:nm},Symbol.toStringTag,{value:"Module"}));async function sm(e){await e.schema.createTable("actions").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("code","text",t=>t.notNull()).addColumn("runtime","varchar(50)").addColumn("status","varchar(50)",t=>t.defaultTo("built")).addColumn("secrets","text").addColumn("dependencies","text").addColumn("supported_triggers","text").addColumn("deployed_at_ts","bigint").addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("idx_actions_tenant").on("actions").columns(["tenant_id"]).execute()}async function im(e){await e.schema.dropTable("actions").execute()}const cm=Object.freeze(Object.defineProperty({__proto__:null,down:im,up:sm},Symbol.toStringTag,{value:"Module"}));async function lm(e){await e.schema.alterTable("outbox_events").addColumn("dead_lettered_at","varchar(35)").execute(),await e.schema.alterTable("outbox_events").addColumn("final_error","text").execute()}async function dm(e){await e.schema.alterTable("outbox_events").dropColumn("dead_lettered_at").execute(),await e.schema.alterTable("outbox_events").dropColumn("final_error").execute()}const um=Object.freeze(Object.defineProperty({__proto__:null,down:dm,up:lm},Symbol.toStringTag,{value:"Module"}));async function _m(e){await e.schema.alterTable("users").addColumn("registration_completed_at","varchar(35)").execute(),await e.updateTable("users").set({registration_completed_at:h.sql`created_at`}).where("registration_completed_at","is",null).execute()}async function mm(e){await e.schema.alterTable("users").dropColumn("registration_completed_at").execute()}const hm=Object.freeze(Object.defineProperty({__proto__:null,down:mm,up:_m},Symbol.toStringTag,{value:"Module"}));async function pm(e){await e.schema.createIndex("idx_outbox_events_tenant_dead_lettered").on("outbox_events").columns(["tenant_id","dead_lettered_at"]).execute()}async function fm(e){await e.schema.dropIndex("idx_outbox_events_tenant_dead_lettered").execute()}const gm=Object.freeze(Object.defineProperty({__proto__:null,down:fm,up:pm},Symbol.toStringTag,{value:"Module"}));async function wm(e){await e.schema.alterTable("login_sessions").addColumn("auth_strategy_strategy","varchar(64)").execute(),await e.schema.alterTable("login_sessions").addColumn("auth_strategy_strategy_type","varchar(64)").execute(),await e.schema.alterTable("login_sessions").addColumn("authenticated_at","varchar(35)").execute()}async function ym(e){await e.schema.alterTable("login_sessions").dropColumn("auth_strategy_strategy").execute(),await e.schema.alterTable("login_sessions").dropColumn("auth_strategy_strategy_type").execute(),await e.schema.alterTable("login_sessions").dropColumn("authenticated_at").execute()}const vm=Object.freeze(Object.defineProperty({__proto__:null,down:ym,up:wm},Symbol.toStringTag,{value:"Module"}));async function Ae(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function Cm(e){const t=await Ae(e);try{await e.schema.alterTable("login_sessions").addColumn("auth_params","text").execute(),w("  Added column auth_params to login_sessions")}catch(a){z(`  Warning: Could not add auth_params column: ${a instanceof Error?a.message:String(a)}`)}if(t==="mysql")try{await e.schema.alterTable("login_sessions").modifyColumn("authorization_url","text").execute(),w("  Widened authorization_url to text")}catch(a){z(`  Warning: Could not widen authorization_url: ${a instanceof Error?a.message:String(a)}`)}}async function xm(e){const t=await Ae(e);try{await e.schema.alterTable("login_sessions").dropColumn("auth_params").execute()}catch(a){z(`  Warning: Could not drop auth_params column: ${a instanceof Error?a.message:String(a)}`)}if(t==="mysql")try{await e.schema.alterTable("login_sessions").modifyColumn("authorization_url","varchar(1024)").execute()}catch(a){z(`  Warning: Could not narrow authorization_url: ${a instanceof Error?a.message:String(a)}`)}}const Tm=Object.freeze(Object.defineProperty({__proto__:null,down:xm,up:Cm},Symbol.toStringTag,{value:"Module"})),Nm=["client_id","act_as","response_type","response_mode","redirect_uri","audience","organization","state","nonce","scope","prompt","code_challenge_method","code_challenge","username","ui_locales","max_age","acr_values","vendor_id"],fe=500,ge=20;async function bm(e){try{let t=0;for(;;){const a=await e.selectFrom("login_sessions").where("auth_params","is",null).selectAll().limit(fe).execute();if(a.length===0)break;for(let n=0;n<a.length;n+=ge){const o=a.slice(n,n+ge);await Promise.all(o.map(async r=>{const s={};for(const i of Nm){const d=r[`authParams_${i}`];d!=null&&(s[i]=d)}await e.updateTable("login_sessions").set({auth_params:JSON.stringify(s)}).where("tenant_id","=",r.tenant_id).where("id","=",r.id).execute()}))}if(t+=a.length,w(`  Backfilled auth_params for ${t} login_sessions row(s)...`),a.length<fe)break}w(t===0?"  No login_sessions rows to backfill (auth_params all set)":`  Backfilled auth_params for ${t} login_sessions row(s) total`)}catch(t){z(`  Warning: Could not backfill auth_params: ${t instanceof Error?t.message:String(t)}`)}}async function Sm(e){}const km=Object.freeze(Object.defineProperty({__proto__:null,down:Sm,up:bm},Symbol.toStringTag,{value:"Module"}));async function Om(e){try{return await h.sql`SELECT @@version_comment`.execute(e),"mysql"}catch{return"sqlite"}}async function $m(e){await Om(e)==="mysql"?await Em(e):await Pm(e)}async function Em(e){try{await h.sql`ALTER TABLE login_sessions DROP FOREIGN KEY login_sessions_client_fk`.execute(e),w("  Dropped FK login_sessions_client_fk")}catch(t){const a=t instanceof Error?t.message:String(t);a.includes("1091")||a.includes("doesn't exist")?w("  FK login_sessions_client_fk already absent, skipping"):z(`  Warning: could not drop login_sessions_client_fk: ${a}`)}try{await h.sql`ALTER TABLE login_sessions MODIFY authParams_client_id varchar(191) NULL`.execute(e),w("  Relaxed NOT NULL on login_sessions.authParams_client_id")}catch(t){const a=t instanceof Error?t.message:String(t);throw z(`  Failed to relax authParams_client_id NOT NULL: ${a}`),t}}async function Pm(e){await e.transaction().execute(async t=>{await t.schema.createTable("login_sessions_new").addColumn("id","varchar(26)",a=>a.notNull()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(26)").addColumn("csrf_token","varchar(26)",a=>a.notNull()).addColumn("authParams_client_id","varchar(191)").addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","text").addColumn("authParams_state","text").addColumn("authParams_nonce","varchar(255)").addColumn("authParams_code_challenge_method","varchar(255)").addColumn("authParams_code_challenge","varchar(255)").addColumn("authParams_redirect_uri","text").addColumn("authParams_organization","varchar(255)").addColumn("authParams_prompt","varchar(32)").addColumn("authParams_act_as","varchar(256)").addColumn("authParams_ui_locales","varchar(32)").addColumn("authParams_max_age","integer").addColumn("authParams_acr_values","varchar(255)").addColumn("authorization_url","text").addColumn("ip","varchar(39)").addColumn("useragent","text").addColumn("auth0Client","varchar(255)").addColumn("state","varchar(50)",a=>a.defaultTo("pending")).addColumn("state_data","text").addColumn("failure_reason","text").addColumn("user_id","varchar(255)").addColumn("created_at_ts","bigint").addColumn("updated_at_ts","bigint").addColumn("expires_at_ts","bigint").addColumn("auth_connection","varchar(255)").addColumn("auth_strategy_strategy","varchar(64)").addColumn("auth_strategy_strategy_type","varchar(64)").addColumn("authenticated_at","varchar(35)").addColumn("auth_params","text").addPrimaryKeyConstraint("login_sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("login_sessions_session_fk",["tenant_id","session_id"],"sessions",["tenant_id","id"],a=>a.onDelete("cascade")).execute(),await h.sql`INSERT INTO login_sessions_new (
+    `.execute(e),w("Duplicate rows removed.")}await e.schema.createIndex("unique_username_provider").on("users").unique().columns(["username","provider","tenant_id"]).execute()}async function F_(e){await e.schema.dropIndex("unique_username_provider").execute()}const j_=Object.freeze(Object.defineProperty({__proto__:null,down:F_,up:A_},Symbol.toStringTag,{value:"Module"}));async function R_(e){await e.schema.alterTable("refresh_tokens").addColumn("login_id","varchar(26)").execute(),await e.schema.createIndex("idx_refresh_tokens_login_id").on("refresh_tokens").column("login_id").execute()}async function M_(e){await e.schema.dropIndex("idx_refresh_tokens_login_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("login_id").execute()}const J_=Object.freeze(Object.defineProperty({__proto__:null,down:M_,up:R_},Symbol.toStringTag,{value:"Module"}));async function je(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function q_(e){await je(e)==="mysql"?(await e.schema.alterTable("refresh_tokens").modifyColumn("login_id","varchar(26)",a=>a.notNull()).execute(),await e.schema.dropIndex("idx_refresh_tokens_session_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("session_id").execute()):(await e.schema.dropIndex("idx_refresh_tokens_session_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("session_id").execute())}async function L_(e){await je(e)==="mysql"?(await e.schema.alterTable("refresh_tokens").addColumn("session_id","varchar(26)").execute(),await e.schema.createIndex("idx_refresh_tokens_session_id").on("refresh_tokens").column("session_id").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("login_id","varchar(26)").execute()):await e.schema.alterTable("refresh_tokens").addColumn("session_id","varchar(21)").execute()}const K_=Object.freeze(Object.defineProperty({__proto__:null,down:L_,up:q_},Symbol.toStringTag,{value:"Module"}));async function B_(e){await e.schema.createIndex("idx_sessions_idle_expires_at_ts").on("sessions").column("idle_expires_at_ts").execute(),await e.schema.createIndex("idx_refresh_tokens_idle_expires_at_ts").on("refresh_tokens").column("idle_expires_at_ts").execute()}async function U_(e){await e.schema.dropIndex("idx_sessions_idle_expires_at_ts").on("sessions").execute(),await e.schema.dropIndex("idx_refresh_tokens_idle_expires_at_ts").on("refresh_tokens").execute()}const Q_=Object.freeze(Object.defineProperty({__proto__:null,down:U_,up:B_},Symbol.toStringTag,{value:"Module"}));async function W_(e){await e.schema.alterTable("login_sessions").addColumn("auth_connection","varchar(255)").execute()}async function Y_(e){await e.schema.alterTable("login_sessions").dropColumn("auth_connection").execute()}const H_=Object.freeze(Object.defineProperty({__proto__:null,down:Y_,up:W_},Symbol.toStringTag,{value:"Module"}));async function G_(e){await e.schema.createTable("mfa_enrollments").addColumn("id","varchar(26)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("type","varchar(32)",t=>t.notNull()).addColumn("phone_number","varchar(32)").addColumn("totp_secret","varchar(255)").addColumn("confirmed","integer",t=>t.notNull().defaultTo(0)).addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("mfa_enrollments_tenant_user_idx").on("mfa_enrollments").columns(["tenant_id","user_id"]).execute()}async function V_(e){await e.schema.dropTable("mfa_enrollments").execute()}const X_=Object.freeze(Object.defineProperty({__proto__:null,down:V_,up:G_},Symbol.toStringTag,{value:"Module"}));async function Z_(e){await e.schema.alterTable("codes").addColumn("otp","varchar(32)").execute()}async function em(e){await e.schema.alterTable("codes").dropColumn("otp").execute()}const tm=Object.freeze(Object.defineProperty({__proto__:null,down:em,up:Z_},Symbol.toStringTag,{value:"Module"}));async function am(e){await e.schema.alterTable("mfa_enrollments").renameTo("authentication_methods").execute(),await e.schema.alterTable("authentication_methods").addColumn("credential_id","varchar(512)").execute(),await e.schema.alterTable("authentication_methods").addColumn("public_key","text").execute(),await e.schema.alterTable("authentication_methods").addColumn("sign_count","integer").execute(),await e.schema.alterTable("authentication_methods").addColumn("credential_backed_up","integer").execute(),await e.schema.alterTable("authentication_methods").addColumn("transports","varchar(512)").execute(),await e.schema.alterTable("authentication_methods").addColumn("friendly_name","varchar(255)").execute(),await e.schema.createIndex("authentication_methods_credential_id_idx").on("authentication_methods").column("credential_id").execute()}async function nm(e){await e.schema.dropIndex("authentication_methods_credential_id_idx").execute(),await e.schema.alterTable("authentication_methods").dropColumn("friendly_name").execute(),await e.schema.alterTable("authentication_methods").dropColumn("transports").execute(),await e.schema.alterTable("authentication_methods").dropColumn("credential_backed_up").execute(),await e.schema.alterTable("authentication_methods").dropColumn("sign_count").execute(),await e.schema.alterTable("authentication_methods").dropColumn("public_key").execute(),await e.schema.alterTable("authentication_methods").dropColumn("credential_id").execute(),await e.schema.alterTable("authentication_methods").renameTo("mfa_enrollments").execute()}const om=Object.freeze(Object.defineProperty({__proto__:null,down:nm,up:am},Symbol.toStringTag,{value:"Module"}));async function rm(e){await e.schema.createTable("outbox_events").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("event_type","varchar(255)",t=>t.notNull()).addColumn("log_type","varchar(64)",t=>t.notNull()).addColumn("aggregate_type","varchar(64)",t=>t.notNull()).addColumn("aggregate_id","varchar(255)",t=>t.notNull()).addColumn("payload","text",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("processed_at","varchar(35)").addColumn("retry_count","integer",t=>t.notNull().defaultTo(0)).addColumn("next_retry_at","varchar(35)").addColumn("error","text").execute(),await e.schema.createIndex("idx_outbox_unprocessed").on("outbox_events").columns(["processed_at","created_at"]).execute(),await e.schema.createIndex("idx_outbox_tenant_type").on("outbox_events").columns(["tenant_id","event_type","created_at"]).execute()}async function sm(e){await e.schema.dropTable("outbox_events").execute()}const im=Object.freeze(Object.defineProperty({__proto__:null,down:sm,up:rm},Symbol.toStringTag,{value:"Module"}));async function cm(e){await e.schema.alterTable("outbox_events").addColumn("claimed_by","varchar(64)").execute(),await e.schema.alterTable("outbox_events").addColumn("claim_expires_at","varchar(35)").execute()}async function lm(e){await e.schema.alterTable("outbox_events").dropColumn("claimed_by").execute(),await e.schema.alterTable("outbox_events").dropColumn("claim_expires_at").execute()}const dm=Object.freeze(Object.defineProperty({__proto__:null,down:lm,up:cm},Symbol.toStringTag,{value:"Module"}));async function um(e){await e.schema.createIndex("idx_outbox_claim").on("outbox_events").columns(["processed_at","claim_expires_at","next_retry_at","created_at"]).execute()}async function _m(e){await e.schema.dropIndex("idx_outbox_claim").on("outbox_events").execute()}const mm=Object.freeze(Object.defineProperty({__proto__:null,down:_m,up:um},Symbol.toStringTag,{value:"Module"}));async function hm(e){await e.schema.createTable("hook_code").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("code","text",t=>t.notNull()).addColumn("secrets","text").addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("idx_hook_code_tenant").on("hook_code").columns(["tenant_id"]).execute(),await e.schema.alterTable("hooks").addColumn("code_id","varchar(21)").execute()}async function pm(e){await e.schema.alterTable("hooks").dropColumn("code_id").execute(),await e.schema.dropTable("hook_code").execute()}const fm=Object.freeze(Object.defineProperty({__proto__:null,down:pm,up:hm},Symbol.toStringTag,{value:"Module"}));async function gm(e){await e.schema.createTable("actions").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("code","text",t=>t.notNull()).addColumn("runtime","varchar(50)").addColumn("status","varchar(50)",t=>t.defaultTo("built")).addColumn("secrets","text").addColumn("dependencies","text").addColumn("supported_triggers","text").addColumn("deployed_at_ts","bigint").addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("idx_actions_tenant").on("actions").columns(["tenant_id"]).execute()}async function wm(e){await e.schema.dropTable("actions").execute()}const ym=Object.freeze(Object.defineProperty({__proto__:null,down:wm,up:gm},Symbol.toStringTag,{value:"Module"}));async function vm(e){await e.schema.alterTable("outbox_events").addColumn("dead_lettered_at","varchar(35)").execute(),await e.schema.alterTable("outbox_events").addColumn("final_error","text").execute()}async function Cm(e){await e.schema.alterTable("outbox_events").dropColumn("dead_lettered_at").execute(),await e.schema.alterTable("outbox_events").dropColumn("final_error").execute()}const xm=Object.freeze(Object.defineProperty({__proto__:null,down:Cm,up:vm},Symbol.toStringTag,{value:"Module"}));async function Tm(e){await e.schema.alterTable("users").addColumn("registration_completed_at","varchar(35)").execute(),await e.updateTable("users").set({registration_completed_at:h.sql`created_at`}).where("registration_completed_at","is",null).execute()}async function Nm(e){await e.schema.alterTable("users").dropColumn("registration_completed_at").execute()}const bm=Object.freeze(Object.defineProperty({__proto__:null,down:Nm,up:Tm},Symbol.toStringTag,{value:"Module"}));async function Sm(e){await e.schema.createIndex("idx_outbox_events_tenant_dead_lettered").on("outbox_events").columns(["tenant_id","dead_lettered_at"]).execute()}async function km(e){await e.schema.dropIndex("idx_outbox_events_tenant_dead_lettered").execute()}const Om=Object.freeze(Object.defineProperty({__proto__:null,down:km,up:Sm},Symbol.toStringTag,{value:"Module"}));async function $m(e){await e.schema.alterTable("login_sessions").addColumn("auth_strategy_strategy","varchar(64)").execute(),await e.schema.alterTable("login_sessions").addColumn("auth_strategy_strategy_type","varchar(64)").execute(),await e.schema.alterTable("login_sessions").addColumn("authenticated_at","varchar(35)").execute()}async function Em(e){await e.schema.alterTable("login_sessions").dropColumn("auth_strategy_strategy").execute(),await e.schema.alterTable("login_sessions").dropColumn("auth_strategy_strategy_type").execute(),await e.schema.alterTable("login_sessions").dropColumn("authenticated_at").execute()}const Pm=Object.freeze(Object.defineProperty({__proto__:null,down:Em,up:$m},Symbol.toStringTag,{value:"Module"}));async function Re(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function Im(e){const t=await Re(e);try{await e.schema.alterTable("login_sessions").addColumn("auth_params","text").execute(),w("  Added column auth_params to login_sessions")}catch(a){z(`  Warning: Could not add auth_params column: ${a instanceof Error?a.message:String(a)}`)}if(t==="mysql")try{await e.schema.alterTable("login_sessions").modifyColumn("authorization_url","text").execute(),w("  Widened authorization_url to text")}catch(a){z(`  Warning: Could not widen authorization_url: ${a instanceof Error?a.message:String(a)}`)}}async function zm(e){const t=await Re(e);try{await e.schema.alterTable("login_sessions").dropColumn("auth_params").execute()}catch(a){z(`  Warning: Could not drop auth_params column: ${a instanceof Error?a.message:String(a)}`)}if(t==="mysql")try{await e.schema.alterTable("login_sessions").modifyColumn("authorization_url","varchar(1024)").execute()}catch(a){z(`  Warning: Could not narrow authorization_url: ${a instanceof Error?a.message:String(a)}`)}}const Dm=Object.freeze(Object.defineProperty({__proto__:null,down:zm,up:Im},Symbol.toStringTag,{value:"Module"})),Am=["client_id","act_as","response_type","response_mode","redirect_uri","audience","organization","state","nonce","scope","prompt","code_challenge_method","code_challenge","username","ui_locales","max_age","acr_values","vendor_id"],we=500,ye=20;async function Fm(e){try{let t=0;for(;;){const a=await e.selectFrom("login_sessions").where("auth_params","is",null).selectAll().limit(we).execute();if(a.length===0)break;for(let n=0;n<a.length;n+=ye){const o=a.slice(n,n+ye);await Promise.all(o.map(async r=>{const s={};for(const i of Am){const d=r[`authParams_${i}`];d!=null&&(s[i]=d)}await e.updateTable("login_sessions").set({auth_params:JSON.stringify(s)}).where("tenant_id","=",r.tenant_id).where("id","=",r.id).execute()}))}if(t+=a.length,w(`  Backfilled auth_params for ${t} login_sessions row(s)...`),a.length<we)break}w(t===0?"  No login_sessions rows to backfill (auth_params all set)":`  Backfilled auth_params for ${t} login_sessions row(s) total`)}catch(t){z(`  Warning: Could not backfill auth_params: ${t instanceof Error?t.message:String(t)}`)}}async function jm(e){}const Rm=Object.freeze(Object.defineProperty({__proto__:null,down:jm,up:Fm},Symbol.toStringTag,{value:"Module"}));async function Mm(e){try{return await h.sql`SELECT @@version_comment`.execute(e),"mysql"}catch{return"sqlite"}}async function Jm(e){await Mm(e)==="mysql"?await qm(e):await Lm(e)}async function qm(e){try{await h.sql`ALTER TABLE login_sessions DROP FOREIGN KEY login_sessions_client_fk`.execute(e),w("  Dropped FK login_sessions_client_fk")}catch(t){const a=t instanceof Error?t.message:String(t);a.includes("1091")||a.includes("doesn't exist")?w("  FK login_sessions_client_fk already absent, skipping"):z(`  Warning: could not drop login_sessions_client_fk: ${a}`)}try{await h.sql`ALTER TABLE login_sessions MODIFY authParams_client_id varchar(191) NULL`.execute(e),w("  Relaxed NOT NULL on login_sessions.authParams_client_id")}catch(t){const a=t instanceof Error?t.message:String(t);throw z(`  Failed to relax authParams_client_id NOT NULL: ${a}`),t}}async function Lm(e){await e.transaction().execute(async t=>{await t.schema.createTable("login_sessions_new").addColumn("id","varchar(26)",a=>a.notNull()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(26)").addColumn("csrf_token","varchar(26)",a=>a.notNull()).addColumn("authParams_client_id","varchar(191)").addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","text").addColumn("authParams_state","text").addColumn("authParams_nonce","varchar(255)").addColumn("authParams_code_challenge_method","varchar(255)").addColumn("authParams_code_challenge","varchar(255)").addColumn("authParams_redirect_uri","text").addColumn("authParams_organization","varchar(255)").addColumn("authParams_prompt","varchar(32)").addColumn("authParams_act_as","varchar(256)").addColumn("authParams_ui_locales","varchar(32)").addColumn("authParams_max_age","integer").addColumn("authParams_acr_values","varchar(255)").addColumn("authorization_url","text").addColumn("ip","varchar(39)").addColumn("useragent","text").addColumn("auth0Client","varchar(255)").addColumn("state","varchar(50)",a=>a.defaultTo("pending")).addColumn("state_data","text").addColumn("failure_reason","text").addColumn("user_id","varchar(255)").addColumn("created_at_ts","bigint").addColumn("updated_at_ts","bigint").addColumn("expires_at_ts","bigint").addColumn("auth_connection","varchar(255)").addColumn("auth_strategy_strategy","varchar(64)").addColumn("auth_strategy_strategy_type","varchar(64)").addColumn("authenticated_at","varchar(35)").addColumn("auth_params","text").addPrimaryKeyConstraint("login_sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("login_sessions_session_fk",["tenant_id","session_id"],"sessions",["tenant_id","id"],a=>a.onDelete("cascade")).execute(),await h.sql`INSERT INTO login_sessions_new (
       id, tenant_id, session_id, csrf_token,
       authParams_client_id, authParams_vendor_id, authParams_username,
       authParams_response_type, authParams_response_mode, authParams_audience,
@@ -151,7 +151,7 @@
       user_id, created_at_ts, updated_at_ts, expires_at_ts,
       auth_connection, auth_strategy_strategy, auth_strategy_strategy_type,
       authenticated_at, auth_params
-    FROM login_sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await h.sql`ALTER TABLE login_sessions_new RENAME TO login_sessions`.execute(t),await t.schema.createIndex("login_sessions_id_index").on("login_sessions").column("id").execute(),await t.schema.createIndex("idx_login_sessions_session_id").on("login_sessions").column("session_id").execute(),await t.schema.createIndex("login_sessions_tenant_user_idx").on("login_sessions").columns(["tenant_id","user_id"]).execute(),await t.schema.createIndex("login_sessions_state_idx").on("login_sessions").column("state").execute(),await t.schema.createIndex("idx_login_sessions_expires_at_ts").on("login_sessions").column("expires_at_ts").execute()}),w("  Rebuilt login_sessions with FK dropped and authParams_client_id nullable")}async function Im(e){}const zm=Object.freeze(Object.defineProperty({__proto__:null,down:Im,up:$m},Symbol.toStringTag,{value:"Module"})),we=["authParams_client_id","authParams_vendor_id","authParams_username","authParams_response_type","authParams_response_mode","authParams_audience","authParams_scope","authParams_state","authParams_nonce","authParams_code_challenge_method","authParams_code_challenge","authParams_redirect_uri","authParams_organization","authParams_prompt","authParams_act_as","authParams_ui_locales","authParams_max_age","authParams_acr_values"];async function Dm(e){try{return await h.sql`SELECT @@version_comment`.execute(e),"mysql"}catch{return"sqlite"}}async function Am(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){const o=n instanceof Error?n.message:String(n);if(o.includes("1091")||o.includes("no such column")){w(`  ${t}.${a} already absent, skipping`);return}throw n}}async function Fm(e){await Dm(e)==="mysql"?await jm(e):await Rm(e)}async function jm(e){for(const t of we)await Am(e,"login_sessions",t);w(`  Dropped ${we.length} hoisted authParams_* columns from login_sessions`)}async function Rm(e){await e.transaction().execute(async t=>{await t.schema.createTable("login_sessions_new").addColumn("id","varchar(26)",a=>a.notNull()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(26)").addColumn("csrf_token","varchar(26)",a=>a.notNull()).addColumn("authorization_url","text").addColumn("ip","varchar(39)").addColumn("useragent","text").addColumn("auth0Client","varchar(255)").addColumn("state","varchar(50)",a=>a.defaultTo("pending")).addColumn("state_data","text").addColumn("failure_reason","text").addColumn("user_id","varchar(255)").addColumn("created_at_ts","bigint").addColumn("updated_at_ts","bigint").addColumn("expires_at_ts","bigint").addColumn("auth_connection","varchar(255)").addColumn("auth_strategy_strategy","varchar(64)").addColumn("auth_strategy_strategy_type","varchar(64)").addColumn("authenticated_at","varchar(35)").addColumn("auth_params","text").addPrimaryKeyConstraint("login_sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("login_sessions_session_fk",["tenant_id","session_id"],"sessions",["tenant_id","id"],a=>a.onDelete("cascade")).execute(),await h.sql`INSERT INTO login_sessions_new (
+    FROM login_sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await h.sql`ALTER TABLE login_sessions_new RENAME TO login_sessions`.execute(t),await t.schema.createIndex("login_sessions_id_index").on("login_sessions").column("id").execute(),await t.schema.createIndex("idx_login_sessions_session_id").on("login_sessions").column("session_id").execute(),await t.schema.createIndex("login_sessions_tenant_user_idx").on("login_sessions").columns(["tenant_id","user_id"]).execute(),await t.schema.createIndex("login_sessions_state_idx").on("login_sessions").column("state").execute(),await t.schema.createIndex("idx_login_sessions_expires_at_ts").on("login_sessions").column("expires_at_ts").execute()}),w("  Rebuilt login_sessions with FK dropped and authParams_client_id nullable")}async function Km(e){}const Bm=Object.freeze(Object.defineProperty({__proto__:null,down:Km,up:Jm},Symbol.toStringTag,{value:"Module"})),ve=["authParams_client_id","authParams_vendor_id","authParams_username","authParams_response_type","authParams_response_mode","authParams_audience","authParams_scope","authParams_state","authParams_nonce","authParams_code_challenge_method","authParams_code_challenge","authParams_redirect_uri","authParams_organization","authParams_prompt","authParams_act_as","authParams_ui_locales","authParams_max_age","authParams_acr_values"];async function Um(e){try{return await h.sql`SELECT @@version_comment`.execute(e),"mysql"}catch{return"sqlite"}}async function Qm(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){const o=n instanceof Error?n.message:String(n);if(o.includes("1091")||o.includes("no such column")){w(`  ${t}.${a} already absent, skipping`);return}throw n}}async function Wm(e){await Um(e)==="mysql"?await Ym(e):await Hm(e)}async function Ym(e){for(const t of ve)await Qm(e,"login_sessions",t);w(`  Dropped ${ve.length} hoisted authParams_* columns from login_sessions`)}async function Hm(e){await e.transaction().execute(async t=>{await t.schema.createTable("login_sessions_new").addColumn("id","varchar(26)",a=>a.notNull()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(26)").addColumn("csrf_token","varchar(26)",a=>a.notNull()).addColumn("authorization_url","text").addColumn("ip","varchar(39)").addColumn("useragent","text").addColumn("auth0Client","varchar(255)").addColumn("state","varchar(50)",a=>a.defaultTo("pending")).addColumn("state_data","text").addColumn("failure_reason","text").addColumn("user_id","varchar(255)").addColumn("created_at_ts","bigint").addColumn("updated_at_ts","bigint").addColumn("expires_at_ts","bigint").addColumn("auth_connection","varchar(255)").addColumn("auth_strategy_strategy","varchar(64)").addColumn("auth_strategy_strategy_type","varchar(64)").addColumn("authenticated_at","varchar(35)").addColumn("auth_params","text").addPrimaryKeyConstraint("login_sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("login_sessions_session_fk",["tenant_id","session_id"],"sessions",["tenant_id","id"],a=>a.onDelete("cascade")).execute(),await h.sql`INSERT INTO login_sessions_new (
       id, tenant_id, session_id, csrf_token, authorization_url,
       ip, useragent, auth0Client, state, state_data, failure_reason,
       user_id, created_at_ts, updated_at_ts, expires_at_ts,
@@ -163,4 +163,4 @@
       user_id, created_at_ts, updated_at_ts, expires_at_ts,
       auth_connection, auth_strategy_strategy, auth_strategy_strategy_type,
       authenticated_at, auth_params
-    FROM login_sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await h.sql`ALTER TABLE login_sessions_new RENAME TO login_sessions`.execute(t),await t.schema.createIndex("login_sessions_id_index").on("login_sessions").column("id").execute(),await t.schema.createIndex("idx_login_sessions_session_id").on("login_sessions").column("session_id").execute(),await t.schema.createIndex("login_sessions_tenant_user_idx").on("login_sessions").columns(["tenant_id","user_id"]).execute(),await t.schema.createIndex("login_sessions_state_idx").on("login_sessions").column("state").execute(),await t.schema.createIndex("idx_login_sessions_expires_at_ts").on("login_sessions").column("expires_at_ts").execute()}),w("  Recreated login_sessions without hoisted authParams_* columns")}async function Mm(e){}const Jm=Object.freeze(Object.defineProperty({__proto__:null,down:Mm,up:Fm},Symbol.toStringTag,{value:"Module"}));async function qm(e){await e.schema.alterTable("refresh_tokens").addColumn("revoked_at_ts","bigint").execute()}async function Lm(e){await e.schema.alterTable("refresh_tokens").dropColumn("revoked_at_ts").execute()}const Km=Object.freeze(Object.defineProperty({__proto__:null,down:Lm,up:qm},Symbol.toStringTag,{value:"Module"}));async function Bm(e){await e.schema.alterTable("clients").addColumn("owner_user_id","varchar(255)").execute(),await e.schema.alterTable("clients").addColumn("registration_type","varchar(32)").execute(),await e.schema.alterTable("clients").addColumn("registration_metadata","text").execute(),await e.schema.createIndex("idx_clients_owner_user_id").on("clients").columns(["tenant_id","owner_user_id"]).execute(),await e.schema.createTable("client_registration_tokens").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("token_hash","varchar(64)",t=>t.notNull()).addColumn("type","varchar(8)",t=>t.notNull()).addColumn("client_id","varchar(191)").addColumn("sub","varchar(255)").addColumn("constraints","text").addColumn("single_use","integer",t=>t.defaultTo(0).notNull()).addColumn("used_at_ts","bigint").addColumn("expires_at_ts","bigint").addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("revoked_at_ts","bigint").execute(),await e.schema.createIndex("idx_client_registration_tokens_hash").on("client_registration_tokens").columns(["tenant_id","token_hash"]).unique().execute(),await e.schema.createIndex("idx_client_registration_tokens_client").on("client_registration_tokens").columns(["tenant_id","client_id"]).execute()}async function Um(e){await e.schema.dropTable("client_registration_tokens").execute(),await e.schema.dropIndex("idx_clients_owner_user_id").execute(),await e.schema.alterTable("clients").dropColumn("registration_metadata").execute(),await e.schema.alterTable("clients").dropColumn("registration_type").execute(),await e.schema.alterTable("clients").dropColumn("owner_user_id").execute()}const Qm=Object.freeze(Object.defineProperty({__proto__:null,down:Um,up:Bm},Symbol.toStringTag,{value:"Module"}));async function Wm(e){try{return await h.sql`SELECT @@version_comment`.execute(e),"mysql"}catch{return"sqlite"}}const Ym=[{index:"connections_tenant_id_idx",table:"connections",reason:"composite PK (tenant_id, id)"},{index:"idx_invites_tenant_id",table:"invites",reason:"idx_invites_tenant_created (tenant_id, created_at)"},{index:"idx_organizations_tenant_id",table:"organizations",reason:"idx_organizations_tenant_name_unique (tenant_id, name)"},{index:"role_permissions_role_fk",table:"role_permissions",reason:"role_permissions_pk (tenant_id, role_id, ...)"},{index:"themes_tenant_id_idx",table:"themes",reason:"themes_pkey (tenant_id, themeId)"},{index:"users_tenant_index",table:"users",reason:"stale on PlanetScale only; commented out locally in 2024"},{index:"idx_user_organizations_tenant_id",table:"user_organizations",reason:"already dropped locally; may linger on PlanetScale"}];async function Hm(e,t,a,n){try{t==="mysql"?await h.sql.raw(`DROP INDEX IF EXISTS \`${a}\` ON \`${n}\``).execute(e):await h.sql.raw(`DROP INDEX IF EXISTS "${a}"`).execute(e)}catch(o){const r=o instanceof Error?o.message:String(o);z(`  Warning: failed to drop index ${a} on ${n}: ${r}`)}}async function Gm(e){const t=await Wm(e);for(const{index:a,table:n}of Ym)await Hm(e,t,a,n);await e.schema.dropTable("members").ifExists().execute()}async function Xm(e){await e.schema.createTable("members").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("sub","varchar(255)").addColumn("email","varchar(255)").addColumn("name","varchar(255)").addColumn("status","varchar(255)").addColumn("role","varchar(255)").addColumn("picture","varchar(2083)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createIndex("idx_user_organizations_tenant_id").on("user_organizations").column("tenant_id").execute(),await e.schema.createIndex("themes_tenant_id_idx").on("themes").column("tenant_id").execute(),await e.schema.createIndex("role_permissions_role_fk").on("role_permissions").columns(["tenant_id","role_id"]).execute(),await e.schema.createIndex("idx_organizations_tenant_id").on("organizations").column("tenant_id").execute(),await e.schema.createIndex("idx_invites_tenant_id").on("invites").column("tenant_id").execute(),await e.schema.createIndex("connections_tenant_id_idx").on("connections").column("tenant_id").execute()}const Vm=Object.freeze(Object.defineProperty({__proto__:null,down:Xm,up:Gm},Symbol.toStringTag,{value:"Module"}));async function Zm(e){await e.schema.alterTable("clients").addColumn("user_linking_mode","varchar(16)").execute()}async function eh(e){await e.schema.alterTable("clients").dropColumn("user_linking_mode").execute()}const th=Object.freeze(Object.defineProperty({__proto__:null,down:eh,up:Zm},Symbol.toStringTag,{value:"Module"}));async function ah(e){await e.schema.alterTable("hooks").addColumn("metadata","text").execute()}async function nh(e){await e.schema.alterTable("hooks").dropColumn("metadata").execute()}const oh=Object.freeze(Object.defineProperty({__proto__:null,down:nh,up:ah},Symbol.toStringTag,{value:"Module"}));async function rh(e){await e.schema.alterTable("refresh_tokens").addColumn("token_lookup","varchar(16)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("token_hash","varchar(64)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("family_id","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("rotated_to","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("rotated_at_ts","bigint").execute(),await e.schema.createIndex("idx_refresh_tokens_token_lookup").on("refresh_tokens").columns(["tenant_id","token_lookup"]).execute(),await e.schema.createIndex("idx_refresh_tokens_family_id").on("refresh_tokens").columns(["tenant_id","family_id"]).execute()}async function sh(e){await e.schema.dropIndex("idx_refresh_tokens_family_id").on("refresh_tokens").execute(),await e.schema.dropIndex("idx_refresh_tokens_token_lookup").on("refresh_tokens").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("rotated_at_ts").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("rotated_to").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("family_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("token_hash").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("token_lookup").execute()}const ih=Object.freeze(Object.defineProperty({__proto__:null,down:sh,up:rh},Symbol.toStringTag,{value:"Module"}));async function ch(e){await e.schema.createTable("organization_connections").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull()).addColumn("connection_id","varchar(191)",t=>t.notNull()).addColumn("assign_membership_on_login","boolean",t=>t.notNull().defaultTo(0)).addColumn("show_as_button","boolean",t=>t.notNull().defaultTo(1)).addColumn("is_signup_enabled","boolean",t=>t.notNull().defaultTo(1)).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addUniqueConstraint("organization_connections_unique",["tenant_id","organization_id","connection_id"]).addForeignKeyConstraint("organization_connections_organization_fk",["organization_id"],"organizations",["id"],t=>t.onDelete("cascade")).addForeignKeyConstraint("organization_connections_connection_fk",["tenant_id","connection_id"],"connections",["tenant_id","id"],t=>t.onDelete("cascade")).execute(),await e.schema.createIndex("idx_organization_connections_tenant_org").on("organization_connections").columns(["tenant_id","organization_id"]).execute(),await e.schema.createIndex("idx_organization_connections_tenant_connection").on("organization_connections").columns(["tenant_id","connection_id"]).execute()}async function lh(e){await e.schema.dropTable("organization_connections").execute()}const dh=Object.freeze(Object.defineProperty({__proto__:null,down:lh,up:ch},Symbol.toStringTag,{value:"Module"}));async function uh(e){await e.schema.createTable("log_streams").addColumn("id","varchar(64)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("type","varchar(64)",t=>t.notNull()).addColumn("status","varchar(32)",t=>t.notNull()).addColumn("sink","text",t=>t.notNull()).addColumn("filters","text").addColumn("is_priority","boolean").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.createIndex("idx_log_streams_tenant_id").on("log_streams").columns(["tenant_id"]).execute()}async function _h(e){await e.schema.dropTable("log_streams").execute()}const mh=Object.freeze(Object.defineProperty({__proto__:null,down:_h,up:uh},Symbol.toStringTag,{value:"Module"}));async function hh(e){await e.schema.alterTable("tenants").addColumn("attack_protection","text").execute()}async function ph(e){await e.schema.alterTable("tenants").dropColumn("attack_protection").execute()}const fh=Object.freeze(Object.defineProperty({__proto__:null,down:ph,up:hh},Symbol.toStringTag,{value:"Module"}));async function gh(e){await e.schema.alterTable("tenants").addColumn("default_client_id","varchar(255)").execute()}async function wh(e){await e.schema.alterTable("tenants").dropColumn("default_client_id").execute()}const yh=Object.freeze(Object.defineProperty({__proto__:null,down:wh,up:gh},Symbol.toStringTag,{value:"Module"})),Fe={m1_init:ur,m2_magicLink:hr,m3_updateAt:gr,m4_logTable:vr,m5_userProfile:Tr,m6_sessions:Sr,m7_passwords:$r,m8_logsTableNewFields:Ir,m9_passwordTableNewField:Ar,n01_codesTable:Rr,n11_universalLoginSession:qr,n12_userFields:Br,n13_userEmailIndex:Wr,n14_profileDataField:Gr,n15_userEmailIndex:Zr,n16_userLocale:as,n17_signingKeys:rs,n18_logsFields:cs,n19_connectionsUserinfo:us,n20_missingFields:hs,n21_sessionDeletedAt:gs,n22_dropLogsFields:vs,n23_dropUsersFields:Ts,n24_logsIndexes:Ss,n25_logDescMaxLength:$s,n26_logsTableExtraFields:Is,n27_usersTableNameIndex:As,n28_usersEmailConstrain:Rs,n29_increaseOtpStateLength:qs,n30_increaseTicketStateLength:Bs,n31_branding:Ws,n32_indexesAndNotNull:Gs,n33_vendorIdInUniversalLoginSession:Zs,n34_auth0ClientInUniversalLoginSession:ai,n35_increaseUniversalSessionStateLength:ri,n36_authenticationCodes:ci,n37_disableSignUps:ui,n38_otpIpAddress:hi,n39_increaseUserAgentLength:gi,n40_userId:vi,n41_hooks:Ti,n42_userIdIndexes:Si,n43_userIdIndexes:$i,n44_codes:Ii,n45_hookProperties:Ai,n46_loginAuth0Client:Ri,n47_loginAuth0Client:qi,n48_saml:Bi,n49_removeFields:Wi,n50_authParamsNonce:Gi,n51_connectionid:Zi,n52_cert:ac,n53_codes_primary_key:rc,n54_cleanup_tables:cc,n55_logs_index:uc,n56_application_fields:hc,n57_prompt_settings:gc,n58_connection_client_id:vc,n59_connection_options:Tc,n60_users_metadata:Sc,n61_userLocales:$c,n62_prompt:Ic,n63_connection_cleanup:Ac,n64_act_as:Rc,n65_code_verifier:qc,n66_email_providers:Bc,n67_drop_tickets:Wc,n68_login_useragents:Gc,n70_refresh_tokens:Zc,n71_session_new_fields:al,n72_session_primary_key:rl,n73_drop_sessions:cl,n74_custom_domains:ul,n75_organizations:hl,n76_authorization_url_length:gl,n77_drop_sessions:vl,n78_login_sessions:Tl,n79_drop_sessions_2:Sl,n80_recreate_custom_domains:$l,n81_phone:Il,n82_forms:Al,n83_addFormsIdToHooks:Rl,n84_login_completed:ql,n85_add_login_session_id_to_sessions:Bl,n86_index_sessions_login_session_id:Wl,n87_code_challenge:Gl,n88_add_redirect_uri_to_codes:Zl,n89_add_nonce_and_state_to_codes:ad,n90_themes:rd,n91_resource_servers_rules_permissions:cd,n92_role_permissions:ud,n93_add_permissions_to_roles:hd,n94_keys_connection_and_extend_columns:gd,n95_create_organizations_table:vd,n96_create_user_organizations_table:Td,n97_add_organization_to_user_permissions_and_roles:Sd,n98_clients:$d,n99_update_client_foreign_keys:Fd,o001_client_grants:Md,o002_drop_applications:Ld,o003_phone_number_index:Ud,o004_login_sessions_id_index:Yd,o005_connections_tenant_index:Xd,o006_remove_redundant_user_organizations_tenant_index:eu,o007_tenant_settings:nu,o008_merge_tenant_settings_into_tenants:su,o009_create_invites_table:lu,o010_add_log_id_to_logs:_u,o011_add_location_info_to_logs:pu,o012_add_password_history:wu,o013_connection_display_name:Cu,o014_client_connections:Nu,o015_flows:ku,o016_add_is_system_column:Eu,o017_connections_composite_key:zu,o018_login_session_state:Fu,o019_roles_resource_servers_metadata:Mu,o020_session_add_timestamp_columns:Ku,o021_session_cleanup_and_ulid:Qu,o022_oidc_profile_claims:Hu,o023_preferred_username:Vu,o024_user_address:t_,o025_authparams_max_age:o_,o026_auth0_conformant:i_,o027_universal_login_templates:d_,o028_custom_text:m_,o029_guardian_mfa:f_,o030_add_template_id_to_hooks:v_,o031_hooks_cleanup:T_,o032_unique_username_provider:S_,o033_add_login_id_to_refresh_tokens:$_,o034_refresh_tokens_replace_session_id_with_login_id:I_,o035_idle_expires_at_ts_indexes:A_,o036_add_connection_to_login_sessions:R_,o037_mfa_enrollments:q_,o038_add_otp_to_codes:B_,o039_rename_mfa_enrollments_to_authentication_methods:W_,o040_create_outbox_events:G_,o041_add_outbox_claim_columns:Z_,o042_add_outbox_claim_index:am,o043_add_code_hooks:rm,o044_create_actions:cm,o045_outbox_dead_letter:um,o046_user_registration_completed_at:hm,o047_outbox_dead_lettered_tenant_index:gm,o048_add_auth_strategy_to_login_sessions:vm,o049_login_sessions_auth_params:Tm,o050_login_sessions_auth_params_backfill:km,o051_relax_login_sessions_authparams:zm,o052_drop_login_sessions_hoisted_authparams:Jm,o053_refresh_tokens_revoked_at:Km,o054_client_registration_tokens:Qm,o055_planetscale_redundant_indexes_cleanup:Vm,o056_client_user_linking_mode:th,o057_hooks_metadata:oh,o058_refresh_tokens_rotation:ih,o059_organization_connections:dh,o060_log_streams:mh,o061_tenants_attack_protection:fh,o062_tenants_default_client_id:yh};async function vh(e,t=!1){Ee(t),t&&console.log("migrating...");const a=new Oe(Fe),n=new h.Migrator({db:e,provider:a}),{error:o,results:r}=await n.migrateToLatest();if(r==null||r.forEach(s=>{s.status==="Success"?t&&console.log(`migration "${s.migrationName}" was executed successfully`):s.status==="Error"&&console.error(`failed to execute migration "${s.migrationName}"`)}),o)throw console.error("failed to migrate"),console.error(o),o}async function Ch(e,t=!1){Ee(t),t&&console.log("migrating...");const a=new Oe(Fe),n=new h.Migrator({db:e,provider:a}),{error:o,results:r}=await n.migrateDown();if(r==null||r.forEach(s=>{s.status==="Success"?t&&console.log(`migration "${s.migrationName}" was reverted successfully`):s.status==="Error"&&console.error(`failed to execute migration "${s.migrationName}"`)}),o)throw console.error("failed to migrate"),console.error(o),o}function je(e,t={useTransactions:!0}){const a={actions:rt(e),branding:Ya(e),clients:ua(e),clientConnections:ga(e),clientGrants:Ta(e),clientRegistrationTokens:Da(e),codes:Xt(e),connections:oa(e),emailProviders:Pn(e),customDomains:Ua(e),flows:Ct(e),forms:Yn(e),hookCode:dn(e),hooks:on(e),invites:qo(e),keys:Ra(e),loginSessions:Tn(e),logs:zt(e),logStreams:cr(e),authenticationMethods:Go(e),passwords:Bt(e),promptSettings:Sn(e),refreshTokens:Jn(e),resourceServers:eo(e),rolePermissions:uo(e),userPermissions:fo(e),userRoles:Co(e),roles:so(e),sessions:Mt(e),sessionCleanup:Ln(e),tenants:Ot(e),themes:pn(e),universalLoginTemplates:Va(e),customText:Bo(e),users:pt(e),organizations:ko(e),organizationConnections:Oo(e),userOrganizations:Ao(e),stats:Ko(e),outbox:ir(e),async transaction(n){return t.useTransactions===!1?n(a):e.transaction().execute(async o=>{const r=je(o,{...t,useTransactions:!1});return n(r)})}};return a}exports.default=je;exports.migrateDown=Ch;exports.migrateToLatest=vh;
+    FROM login_sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await h.sql`ALTER TABLE login_sessions_new RENAME TO login_sessions`.execute(t),await t.schema.createIndex("login_sessions_id_index").on("login_sessions").column("id").execute(),await t.schema.createIndex("idx_login_sessions_session_id").on("login_sessions").column("session_id").execute(),await t.schema.createIndex("login_sessions_tenant_user_idx").on("login_sessions").columns(["tenant_id","user_id"]).execute(),await t.schema.createIndex("login_sessions_state_idx").on("login_sessions").column("state").execute(),await t.schema.createIndex("idx_login_sessions_expires_at_ts").on("login_sessions").column("expires_at_ts").execute()}),w("  Recreated login_sessions without hoisted authParams_* columns")}async function Gm(e){}const Vm=Object.freeze(Object.defineProperty({__proto__:null,down:Gm,up:Wm},Symbol.toStringTag,{value:"Module"}));async function Xm(e){await e.schema.alterTable("refresh_tokens").addColumn("revoked_at_ts","bigint").execute()}async function Zm(e){await e.schema.alterTable("refresh_tokens").dropColumn("revoked_at_ts").execute()}const eh=Object.freeze(Object.defineProperty({__proto__:null,down:Zm,up:Xm},Symbol.toStringTag,{value:"Module"}));async function th(e){await e.schema.alterTable("clients").addColumn("owner_user_id","varchar(255)").execute(),await e.schema.alterTable("clients").addColumn("registration_type","varchar(32)").execute(),await e.schema.alterTable("clients").addColumn("registration_metadata","text").execute(),await e.schema.createIndex("idx_clients_owner_user_id").on("clients").columns(["tenant_id","owner_user_id"]).execute(),await e.schema.createTable("client_registration_tokens").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("token_hash","varchar(64)",t=>t.notNull()).addColumn("type","varchar(8)",t=>t.notNull()).addColumn("client_id","varchar(191)").addColumn("sub","varchar(255)").addColumn("constraints","text").addColumn("single_use","integer",t=>t.defaultTo(0).notNull()).addColumn("used_at_ts","bigint").addColumn("expires_at_ts","bigint").addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("revoked_at_ts","bigint").execute(),await e.schema.createIndex("idx_client_registration_tokens_hash").on("client_registration_tokens").columns(["tenant_id","token_hash"]).unique().execute(),await e.schema.createIndex("idx_client_registration_tokens_client").on("client_registration_tokens").columns(["tenant_id","client_id"]).execute()}async function ah(e){await e.schema.dropTable("client_registration_tokens").execute(),await e.schema.dropIndex("idx_clients_owner_user_id").execute(),await e.schema.alterTable("clients").dropColumn("registration_metadata").execute(),await e.schema.alterTable("clients").dropColumn("registration_type").execute(),await e.schema.alterTable("clients").dropColumn("owner_user_id").execute()}const nh=Object.freeze(Object.defineProperty({__proto__:null,down:ah,up:th},Symbol.toStringTag,{value:"Module"}));async function oh(e){try{return await h.sql`SELECT @@version_comment`.execute(e),"mysql"}catch{return"sqlite"}}const rh=[{index:"connections_tenant_id_idx",table:"connections",reason:"composite PK (tenant_id, id)"},{index:"idx_invites_tenant_id",table:"invites",reason:"idx_invites_tenant_created (tenant_id, created_at)"},{index:"idx_organizations_tenant_id",table:"organizations",reason:"idx_organizations_tenant_name_unique (tenant_id, name)"},{index:"role_permissions_role_fk",table:"role_permissions",reason:"role_permissions_pk (tenant_id, role_id, ...)"},{index:"themes_tenant_id_idx",table:"themes",reason:"themes_pkey (tenant_id, themeId)"},{index:"users_tenant_index",table:"users",reason:"stale on PlanetScale only; commented out locally in 2024"},{index:"idx_user_organizations_tenant_id",table:"user_organizations",reason:"already dropped locally; may linger on PlanetScale"}];async function sh(e,t,a,n){try{t==="mysql"?await h.sql.raw(`DROP INDEX IF EXISTS \`${a}\` ON \`${n}\``).execute(e):await h.sql.raw(`DROP INDEX IF EXISTS "${a}"`).execute(e)}catch(o){const r=o instanceof Error?o.message:String(o);z(`  Warning: failed to drop index ${a} on ${n}: ${r}`)}}async function ih(e){const t=await oh(e);for(const{index:a,table:n}of rh)await sh(e,t,a,n);await e.schema.dropTable("members").ifExists().execute()}async function ch(e){await e.schema.createTable("members").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("sub","varchar(255)").addColumn("email","varchar(255)").addColumn("name","varchar(255)").addColumn("status","varchar(255)").addColumn("role","varchar(255)").addColumn("picture","varchar(2083)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createIndex("idx_user_organizations_tenant_id").on("user_organizations").column("tenant_id").execute(),await e.schema.createIndex("themes_tenant_id_idx").on("themes").column("tenant_id").execute(),await e.schema.createIndex("role_permissions_role_fk").on("role_permissions").columns(["tenant_id","role_id"]).execute(),await e.schema.createIndex("idx_organizations_tenant_id").on("organizations").column("tenant_id").execute(),await e.schema.createIndex("idx_invites_tenant_id").on("invites").column("tenant_id").execute(),await e.schema.createIndex("connections_tenant_id_idx").on("connections").column("tenant_id").execute()}const lh=Object.freeze(Object.defineProperty({__proto__:null,down:ch,up:ih},Symbol.toStringTag,{value:"Module"}));async function dh(e){await e.schema.alterTable("clients").addColumn("user_linking_mode","varchar(16)").execute()}async function uh(e){await e.schema.alterTable("clients").dropColumn("user_linking_mode").execute()}const _h=Object.freeze(Object.defineProperty({__proto__:null,down:uh,up:dh},Symbol.toStringTag,{value:"Module"}));async function mh(e){await e.schema.alterTable("hooks").addColumn("metadata","text").execute()}async function hh(e){await e.schema.alterTable("hooks").dropColumn("metadata").execute()}const ph=Object.freeze(Object.defineProperty({__proto__:null,down:hh,up:mh},Symbol.toStringTag,{value:"Module"}));async function fh(e){await e.schema.alterTable("refresh_tokens").addColumn("token_lookup","varchar(16)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("token_hash","varchar(64)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("family_id","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("rotated_to","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("rotated_at_ts","bigint").execute(),await e.schema.createIndex("idx_refresh_tokens_token_lookup").on("refresh_tokens").columns(["tenant_id","token_lookup"]).execute(),await e.schema.createIndex("idx_refresh_tokens_family_id").on("refresh_tokens").columns(["tenant_id","family_id"]).execute()}async function gh(e){await e.schema.dropIndex("idx_refresh_tokens_family_id").on("refresh_tokens").execute(),await e.schema.dropIndex("idx_refresh_tokens_token_lookup").on("refresh_tokens").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("rotated_at_ts").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("rotated_to").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("family_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("token_hash").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("token_lookup").execute()}const wh=Object.freeze(Object.defineProperty({__proto__:null,down:gh,up:fh},Symbol.toStringTag,{value:"Module"}));async function yh(e){await e.schema.createTable("organization_connections").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull()).addColumn("connection_id","varchar(191)",t=>t.notNull()).addColumn("assign_membership_on_login","boolean",t=>t.notNull().defaultTo(0)).addColumn("show_as_button","boolean",t=>t.notNull().defaultTo(1)).addColumn("is_signup_enabled","boolean",t=>t.notNull().defaultTo(1)).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addUniqueConstraint("organization_connections_unique",["tenant_id","organization_id","connection_id"]).addForeignKeyConstraint("organization_connections_organization_fk",["organization_id"],"organizations",["id"],t=>t.onDelete("cascade")).addForeignKeyConstraint("organization_connections_connection_fk",["tenant_id","connection_id"],"connections",["tenant_id","id"],t=>t.onDelete("cascade")).execute(),await e.schema.createIndex("idx_organization_connections_tenant_org").on("organization_connections").columns(["tenant_id","organization_id"]).execute(),await e.schema.createIndex("idx_organization_connections_tenant_connection").on("organization_connections").columns(["tenant_id","connection_id"]).execute()}async function vh(e){await e.schema.dropTable("organization_connections").execute()}const Ch=Object.freeze(Object.defineProperty({__proto__:null,down:vh,up:yh},Symbol.toStringTag,{value:"Module"}));async function xh(e){await e.schema.createTable("log_streams").addColumn("id","varchar(64)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("type","varchar(64)",t=>t.notNull()).addColumn("status","varchar(32)",t=>t.notNull()).addColumn("sink","text",t=>t.notNull()).addColumn("filters","text").addColumn("is_priority","boolean").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.createIndex("idx_log_streams_tenant_id").on("log_streams").columns(["tenant_id"]).execute()}async function Th(e){await e.schema.dropTable("log_streams").execute()}const Nh=Object.freeze(Object.defineProperty({__proto__:null,down:Th,up:xh},Symbol.toStringTag,{value:"Module"}));async function bh(e){await e.schema.alterTable("tenants").addColumn("attack_protection","text").execute()}async function Sh(e){await e.schema.alterTable("tenants").dropColumn("attack_protection").execute()}const kh=Object.freeze(Object.defineProperty({__proto__:null,down:Sh,up:bh},Symbol.toStringTag,{value:"Module"}));async function Oh(e){await e.schema.alterTable("tenants").addColumn("default_client_id","varchar(255)").execute()}async function $h(e){await e.schema.alterTable("tenants").dropColumn("default_client_id").execute()}const Eh=Object.freeze(Object.defineProperty({__proto__:null,down:$h,up:Oh},Symbol.toStringTag,{value:"Module"}));async function Ph(e){await e.schema.createTable("email_templates").addColumn("tenant_id","varchar(255)",t=>t.notNull()).addColumn("template","varchar(64)",t=>t.notNull()).addColumn("body","text",t=>t.notNull()).addColumn("from","varchar(255)",t=>t.notNull()).addColumn("subject","varchar(255)",t=>t.notNull()).addColumn("syntax","varchar(16)",t=>t.notNull().defaultTo("liquid")).addColumn("result_url","varchar(2048)").addColumn("url_lifetime_in_seconds","integer").addColumn("include_email_in_redirect","integer",t=>t.notNull().defaultTo(0).check(h.sql`include_email_in_redirect IN (0, 1)`)).addColumn("enabled","integer",t=>t.notNull().defaultTo(1).check(h.sql`enabled IN (0, 1)`)).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("email_templates_pk",["tenant_id","template"]).addForeignKeyConstraint("email_templates_tenant_fk",["tenant_id"],"tenants",["id"],t=>t.onDelete("cascade")).execute()}async function Ih(e){await e.schema.dropTable("email_templates").execute()}const zh=Object.freeze(Object.defineProperty({__proto__:null,down:Ih,up:Ph},Symbol.toStringTag,{value:"Module"}));async function Dh(e){await e.schema.createTable("action_versions").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("action_id","varchar(255)",t=>t.notNull()).addColumn("number","integer",t=>t.notNull()).addColumn("code","text",t=>t.notNull()).addColumn("runtime","varchar(50)").addColumn("secrets","text").addColumn("dependencies","text").addColumn("supported_triggers","text").addColumn("deployed","integer",t=>t.notNull().defaultTo(0)).addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("idx_action_versions_action").on("action_versions").columns(["tenant_id","action_id"]).execute(),await e.schema.createIndex("uniq_action_versions_action_number").on("action_versions").columns(["tenant_id","action_id","number"]).unique().execute()}async function Ah(e){await e.schema.dropTable("action_versions").execute()}const Fh=Object.freeze(Object.defineProperty({__proto__:null,down:Ah,up:Dh},Symbol.toStringTag,{value:"Module"})),Me={m1_init:xr,m2_magicLink:br,m3_updateAt:Or,m4_logTable:Pr,m5_userProfile:Dr,m6_sessions:jr,m7_passwords:Jr,m8_logsTableNewFields:Kr,m9_passwordTableNewField:Qr,n01_codesTable:Hr,n11_universalLoginSession:Xr,n12_userFields:ts,n13_userEmailIndex:os,n14_profileDataField:is,n15_userEmailIndex:ds,n16_userLocale:ms,n17_signingKeys:fs,n18_logsFields:ys,n19_connectionsUserinfo:xs,n20_missingFields:bs,n21_sessionDeletedAt:Os,n22_dropLogsFields:Ps,n23_dropUsersFields:Ds,n24_logsIndexes:js,n25_logDescMaxLength:Js,n26_logsTableExtraFields:Ks,n27_usersTableNameIndex:Qs,n28_usersEmailConstrain:Hs,n29_increaseOtpStateLength:Xs,n30_increaseTicketStateLength:ti,n31_branding:oi,n32_indexesAndNotNull:ii,n33_vendorIdInUniversalLoginSession:di,n34_auth0ClientInUniversalLoginSession:mi,n35_increaseUniversalSessionStateLength:fi,n36_authenticationCodes:yi,n37_disableSignUps:xi,n38_otpIpAddress:bi,n39_increaseUserAgentLength:Oi,n40_userId:Pi,n41_hooks:Di,n42_userIdIndexes:ji,n43_userIdIndexes:Ji,n44_codes:Ki,n45_hookProperties:Qi,n46_loginAuth0Client:Hi,n47_loginAuth0Client:Xi,n48_saml:tc,n49_removeFields:oc,n50_authParamsNonce:ic,n51_connectionid:dc,n52_cert:mc,n53_codes_primary_key:fc,n54_cleanup_tables:yc,n55_logs_index:xc,n56_application_fields:bc,n57_prompt_settings:Oc,n58_connection_client_id:Pc,n59_connection_options:Dc,n60_users_metadata:jc,n61_userLocales:Jc,n62_prompt:Kc,n63_connection_cleanup:Qc,n64_act_as:Hc,n65_code_verifier:Xc,n66_email_providers:tl,n67_drop_tickets:ol,n68_login_useragents:il,n70_refresh_tokens:dl,n71_session_new_fields:ml,n72_session_primary_key:fl,n73_drop_sessions:yl,n74_custom_domains:xl,n75_organizations:bl,n76_authorization_url_length:Ol,n77_drop_sessions:Pl,n78_login_sessions:Dl,n79_drop_sessions_2:jl,n80_recreate_custom_domains:Jl,n81_phone:Kl,n82_forms:Ql,n83_addFormsIdToHooks:Hl,n84_login_completed:Xl,n85_add_login_session_id_to_sessions:td,n86_index_sessions_login_session_id:od,n87_code_challenge:id,n88_add_redirect_uri_to_codes:dd,n89_add_nonce_and_state_to_codes:md,n90_themes:fd,n91_resource_servers_rules_permissions:yd,n92_role_permissions:xd,n93_add_permissions_to_roles:bd,n94_keys_connection_and_extend_columns:Od,n95_create_organizations_table:Pd,n96_create_user_organizations_table:Dd,n97_add_organization_to_user_permissions_and_roles:jd,n98_clients:Jd,n99_update_client_foreign_keys:Wd,o001_client_grants:Gd,o002_drop_applications:Zd,o003_phone_number_index:au,o004_login_sessions_id_index:ru,o005_connections_tenant_index:cu,o006_remove_redundant_user_organizations_tenant_index:uu,o007_tenant_settings:hu,o008_merge_tenant_settings_into_tenants:gu,o009_create_invites_table:vu,o010_add_log_id_to_logs:Tu,o011_add_location_info_to_logs:Su,o012_add_password_history:$u,o013_connection_display_name:Iu,o014_client_connections:Au,o015_flows:Ru,o016_add_is_system_column:qu,o017_connections_composite_key:Bu,o018_login_session_state:Wu,o019_roles_resource_servers_metadata:Gu,o020_session_add_timestamp_columns:e_,o021_session_cleanup_and_ulid:n_,o022_oidc_profile_claims:s_,o023_preferred_username:l_,o024_user_address:__,o025_authparams_max_age:p_,o026_auth0_conformant:w_,o027_universal_login_templates:C_,o028_custom_text:N_,o029_guardian_mfa:k_,o030_add_template_id_to_hooks:P_,o031_hooks_cleanup:D_,o032_unique_username_provider:j_,o033_add_login_id_to_refresh_tokens:J_,o034_refresh_tokens_replace_session_id_with_login_id:K_,o035_idle_expires_at_ts_indexes:Q_,o036_add_connection_to_login_sessions:H_,o037_mfa_enrollments:X_,o038_add_otp_to_codes:tm,o039_rename_mfa_enrollments_to_authentication_methods:om,o040_create_outbox_events:im,o041_add_outbox_claim_columns:dm,o042_add_outbox_claim_index:mm,o043_add_code_hooks:fm,o044_create_actions:ym,o045_outbox_dead_letter:xm,o046_user_registration_completed_at:bm,o047_outbox_dead_lettered_tenant_index:Om,o048_add_auth_strategy_to_login_sessions:Pm,o049_login_sessions_auth_params:Dm,o050_login_sessions_auth_params_backfill:Rm,o051_relax_login_sessions_authparams:Bm,o052_drop_login_sessions_hoisted_authparams:Vm,o053_refresh_tokens_revoked_at:eh,o054_client_registration_tokens:nh,o055_planetscale_redundant_indexes_cleanup:lh,o056_client_user_linking_mode:_h,o057_hooks_metadata:ph,o058_refresh_tokens_rotation:wh,o059_organization_connections:Ch,o060_log_streams:Nh,o061_tenants_attack_protection:kh,o062_tenants_default_client_id:Eh,o063_email_templates:zh,o064_create_action_versions:Fh};async function jh(e,t=!1){ze(t),t&&console.log("migrating...");const a=new Pe(Me),n=new h.Migrator({db:e,provider:a}),{error:o,results:r}=await n.migrateToLatest();if(r==null||r.forEach(s=>{s.status==="Success"?t&&console.log(`migration "${s.migrationName}" was executed successfully`):s.status==="Error"&&console.error(`failed to execute migration "${s.migrationName}"`)}),o)throw console.error("failed to migrate"),console.error(o),o}async function Rh(e,t=!1){ze(t),t&&console.log("migrating...");const a=new Pe(Me),n=new h.Migrator({db:e,provider:a}),{error:o,results:r}=await n.migrateDown();if(r==null||r.forEach(s=>{s.status==="Success"?t&&console.log(`migration "${s.migrationName}" was reverted successfully`):s.status==="Error"&&console.error(`failed to execute migration "${s.migrationName}"`)}),o)throw console.error("failed to migrate"),console.error(o),o}function Je(e,t={useTransactions:!0}){const a={actions:lt(e),actionVersions:dt(e),branding:Za(e),clients:fa(e),clientConnections:xa(e),clientGrants:Oa(e),clientRegistrationTokens:Ma(e),codes:aa(e),connections:la(e),emailProviders:Fn(e),emailTemplates:Ln(e),customDomains:Ga(e),flows:St(e),forms:ro(e),hookCode:pn(e),hooks:dn(e),invites:Xo(e),keys:Ka(e),loginSessions:On(e),logs:Rt(e),logStreams:yr(e),authenticationMethods:ir(e),passwords:Ht(e),promptSettings:Pn(e),refreshTokens:Vn(e),resourceServers:_o(e),rolePermissions:xo(e),userPermissions:ko(e),userRoles:Io(e),roles:wo(e),sessions:Bt(e),sessionCleanup:Zn(e),tenants:zt(e),themes:vn(e),universalLoginTemplates:nn(e),customText:tr(e),users:vt(e),organizations:Ro(e),organizationConnections:Mo(e),userOrganizations:Qo(e),stats:er(e),outbox:wr(e),async transaction(n){return t.useTransactions===!1?n(a):e.transaction().execute(async o=>{const r=Je(o,{...t,useTransactions:!1});return n(r)})}};return a}exports.default=Je;exports.migrateDown=Rh;exports.migrateToLatest=jh;