npm - @authhero/kysely-adapter - Versions diffs - 11.4.0 → 11.4.1 - Mend

@authhero/kysely-adapter 11.4.0 → 11.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/kysely-adapter.cjs +35 -35
package/dist/kysely-adapter.d.ts +1 -0
package/dist/kysely-adapter.mjs +8882 -8314
package/dist/types/migrate/ReferenceMigrationProvider.d.ts +1 -1
package/dist/types/src/helpers/filter.d.ts +1 -1
package/dist/types/src/index.d.ts +1 -0
package/dist/types/tsconfig.types.tsbuildinfo +1 -1
package/package.json +9 -13

package/dist/kysely-adapter.cjs CHANGED Viewed

@@ -1,56 +1,56 @@
-"use strict";var Ye=Object.defineProperty;var Ge=(e,t,a)=>t in e?Ye(e,t,{enumerable:!0,configurable:!0,writable:!0,value:a}):e[t]=a;var H=(e,t,a)=>Ge(e,typeof t!="symbol"?t+"":t,a);Object.defineProperties(exports,{__esModule:{value:!0},[Symbol.toStringTag]:{value:"Module"}});const k=require("nanoid"),N=require("@authhero/adapter-interfaces");require("@hono/zod-openapi");const h=require("kysely"),Ve=17,Xe={organization:"org_",connection:"con_",action:"act_",action_version:"ver_",hook:"h_",hook_code:"hc_",rule:"rul_",resource_server:"api_",guardian_factor:"gfa_",invite:"inv_"};function R(e){const n=k.customAlphabet("0123456789abcdefghijklmnopqrstuvwxyz",Ve)();return`${Xe[e]}${n}`}function Ze(){return R("organization")}function et(){return R("connection")}function tt(){return R("action")}function at(){return R("action_version")}function nt(){return R("hook")}function ot(){return R("resource_server")}function rt(){return R("hook_code")}function st(){return R("invite")}function it(e){return async(t,a)=>{var r;const n=Date.now(),o=tt();return await e.insertInto("actions").values({id:o,tenant_id:t,name:a.name,code:a.code,runtime:a.runtime||null,status:"built",secrets:a.secrets?JSON.stringify(a.secrets):null,dependencies:a.dependencies?JSON.stringify(a.dependencies):null,supported_triggers:a.supported_triggers?JSON.stringify(a.supported_triggers):null,is_system:a.is_system?1:0,inherit:a.inherit?1:0,created_at_ts:n,updated_at_ts:n}).execute(),{id:o,tenant_id:t,name:a.name,code:a.code,runtime:a.runtime,status:"built",secrets:(r=a.secrets)==null?void 0:r.map(s=>({name:s.name})),dependencies:a.dependencies,supported_triggers:a.supported_triggers,is_system:a.is_system??!1,inherit:a.inherit??!1,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function Q(e){if(e!=null){if(typeof e=="number")return new Date(e).toISOString();if(typeof e=="string"){if(e==="")return;const t=parseFloat(e);return!isNaN(t)&&/^\d+(\.\d+)?$/.test(e)?new Date(t).toISOString():e}}}function j(e,t=new Date(0).toISOString()){return Q(e)??t}function x(e){if(!e||e==="")return null;const t=new Date(e);return isNaN(t.getTime())?null:t.getTime()}function le(){return new Date().toISOString()}function F(e,t,a=[]){const n={};for(const o of t){const r=o.replace(/_ts$/,"");n[r]=j(e[o])}for(const o of a){const r=o.replace(/_ts$/,"");n[r]=Q(e[o])}return n}function Z(e){if(e)try{return JSON.parse(e)}catch{return}}function ct(e){return async(t,a)=>{const n=await e.selectFrom("actions").where("actions.tenant_id","=",t).where("actions.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{created_at_ts:o,updated_at_ts:r,deployed_at_ts:s,secrets:i,dependencies:l,supported_triggers:d,is_system:_,inherit:c,tenant_id:m,...u}=n,f=F({created_at_ts:o,updated_at_ts:r},["created_at_ts","updated_at_ts"]);return{...u,tenant_id:t,...f,runtime:u.runtime??void 0,status:u.status||"built",deployed_at:s?new Date(Number(s)).toISOString():void 0,secrets:Z(i),dependencies:Z(l),supported_triggers:Z(d),is_system:!!_,inherit:!!c}}}function se(e,t){const a=new Set(t),n=r=>{const s=[];let i="",l=!1;for(let _=0;_<r.length;_++){const c=r[_];c==='"'?(l=!l,i+=c):c===" "&&!l?(i.trim()&&s.push(i.trim()),i=""):i+=c}return i.trim()&&s.push(i.trim()),s.filter(_=>{const c=_.replace(/^([^:]+)=/,"$1:"),m=c.startsWith("-")?c.slice(1):c;if(m.startsWith("_exists_:"))return a.has(m.slice(9));const u=m.indexOf(":");return u>0?a.has(m.slice(0,u)):!0}).join(" ")},o=e.split(/ OR /i);return o.length>1?o.map(n).filter(r=>r.length>0).join(" OR "):n(e)}function O(e,t,a,n){const o=a.split(/ OR /i);if(o.length>1)return t.where(d=>{const _=o.map(c=>{const m=c.trim().match(/^([^:]+):(.+)$/);if(m){const[,u,f]=m;if(!u||!f)return null;const p=f.replace(/^"(.*)"$/,"$1");return d(u.trim(),"=",p.trim())}return null}).filter(Boolean);return d.or(_)});const r=[];let s="",i=!1;for(let d=0;d<a.length;d++){const _=a[d];_==='"'?(i=!i,s+=_):_===" "&&!i?s.trim()&&(r.push(s.trim()),s=""):s+=_}return s.trim()&&r.push(s.trim()),r.filter(d=>d!=="AND").map(d=>d.replace(/^([^:]+)=/g,"$1:")).map(d=>{let _=d.startsWith("-"),c=null,m="",u=!1,f;if(d.startsWith("-_exists_:"))c=d.substring(10),u=!0,_=!0;else if(d.startsWith("_exists_:"))c=d.substring(9),u=!0,_=!1;else if(d.includes(":")){const p=_?d.substring(1):d,g=p.indexOf(":");c=p.substring(0,g),m=p.substring(g+1),u=!1,m.startsWith(">=")?(f=">=",m=m.substring(2)):m.startsWith(">")?(f=">",m=m.substring(1)):m.startsWith("<=")?(f="<=",m=m.substring(2)):m.startsWith("<")?(f="<",m=m.substring(1)):f="=",m.startsWith('"')&&m.endsWith('"')&&m.length>1&&(m=m.slice(1,-1))}else c=null,m=d,u=!1;return{key:c,value:m,isNegation:_,isExistsQuery:u,operator:f}}).forEach(({key:d,value:_,isNegation:c,isExistsQuery:m,operator:u})=>{if(d)if(m)c?t=t.where(d,"is",null):t=t.where(d,"is not",null);else if(c)switch(u){case">":t=t.where(d,"<=",_);break;case">=":t=t.where(d,"<",_);break;case"<":t=t.where(d,">=",_);break;case"<=":t=t.where(d,">",_);break;default:t=t.where(d,"!=",_)}else t=t.where(d,u,_);else if(_){const{ref:f}=e.dynamic;t=t.where(p=>p.or(n.map(g=>g==="user_id"?p(f(g),"=",_):p(f(g),"like",`%${_}%`))))}}),t}function E(e){return typeof e=="string"?parseInt(e,10):typeof e=="bigint"?Number(e):e}function ee(e){if(e)try{return JSON.parse(e)}catch{return}}function lt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("actions").where("actions.tenant_id","=",t);s&&(i=O(e,i,s,["name"]));const _=(await i.offset(n*o).limit(o).selectAll().execute()).map(m=>{const{created_at_ts:u,updated_at_ts:f,deployed_at_ts:p,secrets:g,dependencies:y,supported_triggers:b,is_system:S,inherit:$,tenant_id:D,...C}=m,T=F({created_at_ts:u,updated_at_ts:f},["created_at_ts","updated_at_ts"]);return{...C,tenant_id:t,...T,runtime:C.runtime??void 0,status:C.status||"built",deployed_at:p?new Date(Number(p)).toISOString():void 0,secrets:ee(g),dependencies:ee(y),supported_triggers:ee(b),is_system:!!S,inherit:!!$}});if(!r)return{actions:_,start:0,limit:0,length:0};const{count:c}=await i.select(m=>m.fn.countAll().as("count")).executeTakeFirstOrThrow();return{actions:_,start:n*o,limit:o,length:E(c)}}}function dt(e){if(!e)return[];try{const t=JSON.parse(e);return Array.isArray(t)?t:[]}catch{return[]}}function ut(e){return async(t,a,n)=>{const o={updated_at_ts:Date.now()};if(n.name!==void 0&&(o.name=n.name),n.code!==void 0&&(o.code=n.code),n.runtime!==void 0&&(o.runtime=n.runtime),n.secrets!==void 0){const s=await e.selectFrom("actions").where("actions.id","=",a).where("actions.tenant_id","=",t).select("secrets").executeTakeFirst(),i=new Map(dt(s==null?void 0:s.secrets).map(d=>[d.name,d])),l=n.secrets.map(d=>{var _;return d.value===void 0?{name:d.name,value:(_=i.get(d.name))==null?void 0:_.value}:d});o.secrets=JSON.stringify(l)}if(n.dependencies!==void 0&&(o.dependencies=JSON.stringify(n.dependencies)),n.supported_triggers!==void 0&&(o.supported_triggers=JSON.stringify(n.supported_triggers)),n.status!==void 0&&(o.status=n.status),n.deployed_at!==void 0){const s=new Date(n.deployed_at).getTime();Number.isFinite(s)&&(o.deployed_at_ts=s)}return n.is_system!==void 0&&(o.is_system=n.is_system?1:0),n.inherit!==void 0&&(o.inherit=n.inherit?1:0),(await e.updateTable("actions").set(o).where("actions.id","=",a).where("actions.tenant_id","=",t).executeTakeFirst()).numUpdatedRows>0}}function _t(e){return async(t,a)=>(await e.deleteFrom("actions").where("actions.id","=",a).where("actions.tenant_id","=",t).executeTakeFirst()).numDeletedRows>0}function mt(e){return{create:it(e),get:ct(e),list:lt(e),update:ut(e),remove:_t(e)}}function ht(e){return async(t,a)=>{const n=Date.now();return await e.insertInto("action_executions").values({id:a.id,tenant_id:t,trigger_id:a.trigger_id,status:a.status,results:JSON.stringify(a.results),logs:a.logs?JSON.stringify(a.logs):null,created_at_ts:n,updated_at_ts:n}).execute(),{id:a.id,tenant_id:t,trigger_id:a.trigger_id,status:a.status,results:a.results,logs:a.logs,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function me(e){if(e)try{return JSON.parse(e)}catch{return}}function pt(e){return async(t,a)=>{const n=await e.selectFrom("action_executions").where("action_executions.tenant_id","=",t).where("action_executions.id","=",a).selectAll().executeTakeFirst();return n?{id:n.id,tenant_id:n.tenant_id,trigger_id:n.trigger_id,status:n.status,results:me(n.results)??[],logs:me(n.logs),created_at:new Date(Number(n.created_at_ts)).toISOString(),updated_at:new Date(Number(n.updated_at_ts)).toISOString()}:null}}function ft(e){return{create:ht(e),get:pt(e)}}function te(e){if(e)try{return JSON.parse(e)}catch{return}}function he(e){const{created_at_ts:t,updated_at_ts:a,secrets:n,dependencies:o,supported_triggers:r,deployed:s,runtime:i,...l}=e;return{...l,runtime:i??void 0,deployed:!!s,secrets:te(n),dependencies:te(o),supported_triggers:te(r),created_at:new Date(Number(t)).toISOString(),updated_at:new Date(Number(a)).toISOString()}}function gt(e){return{async create(t,a){const n=Date.now(),o=at(),r=a.deployed!==!1,s=await e.transaction().execute(async i=>{const l=await i.selectFrom("action_versions").where("tenant_id","=",t).where("action_id","=",a.action_id).select("number").orderBy("number","desc").limit(1).executeTakeFirst(),d=((l==null?void 0:l.number)??0)+1;return r&&await i.updateTable("action_versions").set({deployed:0,updated_at_ts:n}).where("tenant_id","=",t).where("action_id","=",a.action_id).execute(),await i.insertInto("action_versions").values({id:o,tenant_id:t,action_id:a.action_id,number:d,code:a.code,runtime:a.runtime||null,secrets:a.secrets?JSON.stringify(a.secrets):null,dependencies:a.dependencies?JSON.stringify(a.dependencies):null,supported_triggers:a.supported_triggers?JSON.stringify(a.supported_triggers):null,deployed:r?1:0,created_at_ts:n,updated_at_ts:n}).execute(),d});return{id:o,tenant_id:t,action_id:a.action_id,number:s,code:a.code,runtime:a.runtime,secrets:a.secrets,dependencies:a.dependencies,supported_triggers:a.supported_triggers,deployed:r,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}},async get(t,a,n){const o=await e.selectFrom("action_versions").where("tenant_id","=",t).where("action_id","=",a).where("id","=",n).selectAll().executeTakeFirst();return o?he(o):null},async list(t,a,n={}){const{page:o=0,per_page:r=50,include_totals:s=!1}=n,i=e.selectFrom("action_versions").where("tenant_id","=",t).where("action_id","=",a),d=(await i.orderBy("number","desc").offset(o*r).limit(r).selectAll().execute()).map(he);if(!s)return{versions:d,start:0,limit:0,length:0};const{count:_}=await i.select(c=>c.fn.countAll().as("count")).executeTakeFirstOrThrow();return{versions:d,start:o*r,limit:r,length:E(_)}},async removeForAction(t,a){const n=await e.deleteFrom("action_versions").where("tenant_id","=",t).where("action_id","=",a).executeTakeFirst();return Number(n.numDeletedRows??0)}}}var U=class extends Error{constructor(t=500,a){super(a==null?void 0:a.message,{cause:a==null?void 0:a.cause});H(this,"res");H(this,"status");this.res=a==null?void 0:a.res,this.status=t}getResponse(){return this.res?new Response(this.res.body,{status:this.status,headers:this.res.headers}):new Response(this.message,{status:this.status})}};function wt(e){return async(t,a)=>{const{identities:n,phone_verified:o,password:r,...s}=a,i={...s,login_count:s.login_count??0,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t,email_verified:a.email_verified?1:0,phone_verified:o!==void 0?o?1:0:null,is_social:a.is_social?1:0,app_metadata:JSON.stringify(a.app_metadata),user_metadata:JSON.stringify(a.user_metadata),address:a.address?JSON.stringify(a.address):null};try{const l=async d=>{if(await d.insertInto("users").values(i).execute(),r&&i.user_id){const _={id:k.nanoid(),user_id:i.user_id,password:r.hash,algorithm:r.algorithm,is_current:1,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t};await d.insertInto("passwords").values(_).execute()}};e.isTransaction?await l(e):await e.transaction().execute(l)}catch(l){throw l.code==="SQLITE_CONSTRAINT_UNIQUE"||l.code==="ER_DUP_ENTRY"||l.message.includes("AlreadyExists")?new U(409,{message:"User already exists"}):new U(500,{message:`${l.code}, ${l.message}`})}return{...i,email:i.email||"",email_verified:i.email_verified===1,phone_verified:i.phone_verified!==null?i.phone_verified===1:void 0,is_social:i.is_social===1,address:a.address}}}function v(e){if(e==null||typeof e!="object")return e;if(Array.isArray(e))return e.map(a=>a!==null&&typeof a=="object"?v(a):a);const t={...e};for(const a in t){const n=t[a];n===null?delete t[a]:n!==null&&typeof n=="object"&&(Array.isArray(n)?t[a]=n.map(o=>o!==null&&typeof o=="object"?v(o):o):t[a]=v(n))}return t}const yt=["email","email_verified","phone_number","phone_verified","username"];function X(e,t=!1){const a={connection:e.connection,provider:e.provider,user_id:N.parseUserId(e.user_id).id,isSocial:!!e.is_social};for(const n of yt)e[n]!==void 0&&e[n]!==null&&(a[n]=n.endsWith("_verified")?!!e[n]:e[n]);if(!t){let n={};try{n=JSON.parse(e.profileData||"{}")}catch(o){console.error("Error parsing profileData",o)}a.profileData={email:e.email,email_verified:!!e.email_verified,...n}}return a}function vt(e){return async(t,a)=>{const[n,o]=await Promise.all([e.selectFrom("users").where("users.tenant_id","=",t).where("users.user_id","=",a).selectAll().executeTakeFirst(),e.selectFrom("users").where("users.tenant_id","=",t).where("users.linked_to","=",a).selectAll().orderBy("created_at","asc").execute()]);if(!n)return null;const{tenant_id:r,...s}=n,i={...s,email:n.email||"",email_verified:n.email_verified===1,phone_verified:n.phone_verified!==null?n.phone_verified===1:void 0,is_social:n.is_social===1,app_metadata:JSON.parse(n.app_metadata),user_metadata:JSON.parse(n.user_metadata),address:n.address?JSON.parse(n.address):void 0,identities:[X(n,!0),...o.map(l=>X(l))]};return v(i)}}const Ct=["user_id","email","email_verified","username","phone_number","phone_verified","name","given_name","family_name","nickname","picture","locale","linked_to","provider","connection","is_social","last_ip","last_login","login_count","created_at","updated_at"],xt=["email","name","phone_number","user_id"];function Tt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let l=e.selectFrom("users").where("users.tenant_id","=",t);if(i){const p=se(i,Ct);p&&(l=O(e,l,p,xt))}if(s&&s.sort_by){const{ref:p}=e.dynamic;l=l.orderBy(p(s.sort_by),s.sort_order)}const _=await l.offset(n*o).limit(o).selectAll().execute(),c=_.map(p=>p.user_id),m=c.length?await e.selectFrom("users").selectAll().where("users.tenant_id","=",t).where("users.linked_to","in",c).orderBy("created_at","asc").execute():[],u=_.map(p=>{const g=m.filter(y=>y.linked_to===p.user_id);return v({...p,email_verified:p.email_verified===1,phone_verified:p.phone_verified!==null?p.phone_verified===1:void 0,is_social:p.is_social===1,app_metadata:JSON.parse(p.app_metadata),user_metadata:JSON.parse(p.user_metadata),address:p.address?JSON.parse(p.address):void 0,identities:[X(p,!0),...g.map(y=>X(y))]})});if(!r)return{users:u,start:0,limit:0,length:0};const{count:f}=await l.select(p=>p.fn.countAll().as("count")).executeTakeFirstOrThrow();return{users:u,start:n*o,limit:o,length:E(f)}}}function bt(e){return async(t,a)=>(await e.deleteFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.user_id","in",o=>o.selectFrom("users").select("users.user_id").where("users.tenant_id","=",t).where(r=>r.or([r("users.user_id","=",a),r("users.linked_to","=",a)]))).execute(),await e.deleteFrom("users").where("users.tenant_id","=",t).where("users.linked_to","=",a).execute(),(await e.deleteFrom("users").where("users.tenant_id","=",t).where("users.user_id","=",a).execute()).length===1)}function K(e,t="",a={}){for(let n in e)if(Object.prototype.hasOwnProperty.call(e,n)){const o=t?`${t}_${n}`:n,r=e[n];typeof r=="object"&&r!==null&&!Array.isArray(r)?K(r,o,a):typeof r=="boolean"?a[o]=r?1:0:a[o]=r}return a}function Se(e,t){const a={};for(const[n,o]of Object.entries(e)){const r=t.find(s=>n.startsWith(`${s}_`));if(!r)a[n]=o;else{const s=n.slice(r.length+1);a[r]={...a[r],[s]:o}}}return a}function Nt(e){return async(t,a,n)=>{const o=K({...n,updated_at:new Date().toISOString(),app_metadata:n.app_metadata?JSON.stringify(n.app_metadata):void 0,user_metadata:n.user_metadata?JSON.stringify(n.user_metadata):void 0,address:n.address?JSON.stringify(n.address):void 0,phone_verified:n.phone_verified!==void 0?n.phone_verified?1:0:void 0});return(await e.updateTable("users").set(o).where("users.tenant_id","=",t).where("users.user_id","=",a).execute()).length===1}}function St(e){return async(t,a,n,o)=>{const r={linked_to:null};return(await e.updateTable("users").set(r).where("users.tenant_id","=",t).where("users.user_id","=",`${n}|${o}`).where("users.linked_to","=",`${a}`).execute()).length===1}}function Ot(e){const t=wt(e);return{create:t,rawCreate:t,remove:bt(e),get:vt(e),list:Tt(e),update:Nt(e),unlink:St(e)}}function kt(e){return async(t,a)=>{const n=new Date().toISOString(),o=N.flowSchema.parse({id:`af_${k.nanoid()}`,...a,actions:a.actions||[],created_at:n,updated_at:n});return await e.insertInto("flows").values({...o,tenant_id:t,actions:JSON.stringify(o.actions)}).execute(),o}}function q(e,t){if(!e)return t;try{return JSON.parse(e)}catch{return t}}function Oe(e){if(e)try{const t=JSON.parse(e);return t&&typeof t=="object"&&!Array.isArray(t)?t:void 0}catch{return}}function ke(e,t,a={...e}){for(const n in t)n in e&&(a[n]=q(e[n],t[n]));return a}function $t(e){return async(t,a)=>{const n=await e.selectFrom("flows").selectAll().where("flows.id","=",a).where("tenant_id","=",t).executeTakeFirst();if(!n)return null;const o={...n,actions:q(n.actions,[])};return N.flowSchema.parse(v(o))}}function Et(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("flows").where("tenant_id","=",t);s&&(i=O(e,i,s,[]));const _=(await i.offset(n*o).limit(o).selectAll().execute()).map(m=>{const u={...m,actions:q(m.actions,[])};return N.flowSchema.parse(v(u))});if(!r)return{flows:_,start:0,limit:0,length:0};const{count:c}=await i.select(m=>m.fn.countAll().as("count")).executeTakeFirstOrThrow();return{flows:_,start:n*o,limit:o,length:E(c)}}}function It(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};n.actions!==void 0&&(o.actions=JSON.stringify(n.actions));const{numUpdatedRows:r}=await e.updateTable("flows").set(o).where("id","=",a).where("tenant_id","=",t).executeTakeFirst();if(r===0n)return null;const s=await e.selectFrom("flows").selectAll().where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return s?N.flowSchema.parse({...s,actions:s.actions?JSON.parse(s.actions):[]}):null}}function Pt(e){return async(t,a)=>{var o;return(((o=(await e.deleteFrom("flows").where("id","=",a).where("tenant_id","=",t).execute())[0])==null?void 0:o.numDeletedRows)??0n)>0n}}function zt(e){return{create:kt(e),get:$t(e),list:Et(e),update:It(e),remove:Pt(e)}}function W(e,t,a={...e}){for(const n of t)e[n]!==void 0&&(a[n]=JSON.stringify(e[n]));return a}function $e(e,t,a=e){for(const n of t)e[n]!==void 0&&(a[n]=e[n]?1:0)}function Dt(e){const t={};for(const a in e)e[a]!==void 0&&e[a]!==null&&(t[a]=e[a]);return t}function Ee(e){const t={...e};return e.session_cookie&&typeof e.session_cookie=="string"&&(t.session_cookie=JSON.parse(e.session_cookie)),e.enabled_locales&&typeof e.enabled_locales=="string"&&(t.enabled_locales=JSON.parse(e.enabled_locales)),e.error_page&&typeof e.error_page=="string"&&(t.error_page=JSON.parse(e.error_page)),e.flags&&typeof e.flags=="string"&&(t.flags=JSON.parse(e.flags)),e.sandbox_versions_available&&typeof e.sandbox_versions_available=="string"&&(t.sandbox_versions_available=JSON.parse(e.sandbox_versions_available)),e.change_password&&typeof e.change_password=="string"&&(t.change_password=JSON.parse(e.change_password)),e.guardian_mfa_page&&typeof e.guardian_mfa_page=="string"&&(t.guardian_mfa_page=JSON.parse(e.guardian_mfa_page)),e.sessions&&typeof e.sessions=="string"&&(t.sessions=JSON.parse(e.sessions)),e.oidc_logout&&typeof e.oidc_logout=="string"&&(t.oidc_logout=JSON.parse(e.oidc_logout)),e.device_flow&&typeof e.device_flow=="string"&&(t.device_flow=JSON.parse(e.device_flow)),e.default_token_quota&&typeof e.default_token_quota=="string"&&(t.default_token_quota=JSON.parse(e.default_token_quota)),e.allowed_logout_urls&&typeof e.allowed_logout_urls=="string"&&(t.allowed_logout_urls=JSON.parse(e.allowed_logout_urls)),e.acr_values_supported&&typeof e.acr_values_supported=="string"&&(t.acr_values_supported=JSON.parse(e.acr_values_supported)),e.mtls&&typeof e.mtls=="string"&&(t.mtls=JSON.parse(e.mtls)),e.mfa&&typeof e.mfa=="string"&&(t.mfa=JSON.parse(e.mfa)),e.attack_protection&&typeof e.attack_protection=="string"&&(t.attack_protection=JSON.parse(e.attack_protection)),e.allow_organization_name_in_authentication_api!==void 0&&(t.allow_organization_name_in_authentication_api=e.allow_organization_name_in_authentication_api===1),e.customize_mfa_in_postlogin_action!==void 0&&(t.customize_mfa_in_postlogin_action=e.customize_mfa_in_postlogin_action===1),e.pushed_authorization_requests_supported!==void 0&&(t.pushed_authorization_requests_supported=e.pushed_authorization_requests_supported===1),e.authorization_response_iss_parameter_supported!==void 0&&(t.authorization_response_iss_parameter_supported=e.authorization_response_iss_parameter_supported===1),v(t)}function Ie(e){const t={...e};return W(e,["session_cookie","enabled_locales","error_page","flags","sandbox_versions_available","change_password","guardian_mfa_page","sessions","oidc_logout","device_flow","default_token_quota","allowed_logout_urls","acr_values_supported","mtls","mfa","attack_protection"],t),e.allow_organization_name_in_authentication_api!==void 0&&(t.allow_organization_name_in_authentication_api=e.allow_organization_name_in_authentication_api?1:0),e.customize_mfa_in_postlogin_action!==void 0&&(t.customize_mfa_in_postlogin_action=e.customize_mfa_in_postlogin_action?1:0),e.pushed_authorization_requests_supported!==void 0&&(t.pushed_authorization_requests_supported=e.pushed_authorization_requests_supported?1:0),e.authorization_response_iss_parameter_supported!==void 0&&(t.authorization_response_iss_parameter_supported=e.authorization_response_iss_parameter_supported?1:0),Dt(t)}function At(e){return async t=>{var o,r;const a={id:t.id||k.nanoid(),created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...t},n=Ie(a);try{await e.insertInto("tenants").values(n).execute()}catch(s){throw(o=s==null?void 0:s.message)!=null&&o.includes("UNIQUE constraint failed")||(r=s==null?void 0:s.message)!=null&&r.includes("duplicate key")||(s==null?void 0:s.code)==="SQLITE_CONSTRAINT"||(s==null?void 0:s.code)==="ER_DUP_ENTRY"||(s==null?void 0:s.code)==="23505"?new U(409,{message:`Tenant with ID '${a.id}' already exists`}):s}return a}}function Ft(e){return async t=>{const a=await e.selectFrom("tenants").where("tenants.id","=",t).selectAll().executeTakeFirst();return a?Ee(a):null}}function jt(e){return async t=>{let a=e.selectFrom("tenants");const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=t||{};if(s&&s.sort_by){const{ref:u}=e.dynamic;a=a.orderBy(u(s.sort_by),s.sort_order)}i&&(a=O(e,a,i,["friendly_name"]));const _=(await a.offset(n*o).limit(o).selectAll().execute()).map(Ee);if(!r)return{tenants:_};const{count:c}=await a.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow(),m=E(c);return{tenants:_,start:n*o,limit:o,length:m}}}function Rt(e){return async(t,a)=>{const o={...Ie(a),id:t,updated_at:new Date().toISOString()};await e.updateTable("tenants").set(o).where("id","=",t).execute()}}function qt(e){return async t=>(await e.deleteFrom("tenants").where("tenants.id","=",t).execute()).length===1}function Mt(e){return{create:At(e),get:Ft(e),list:jt(e),update:Rt(e),remove:qt(e)}}function pe(e){return e?JSON.stringify(e):void 0}const Jt=256;function Lt(e){return async(t,a)=>{var i,l,d;const n=(i=a.user_agent)==null?void 0:i.slice(0,Jt),o=a.log_id||k.nanoid(),{location_info:r,...s}=a;return await e.insertInto("logs").values({...s,log_id:o,tenant_id:t,user_agent:n,description:(l=a.description)==null?void 0:l.substring(0,256),isMobile:a.isMobile?1:0,scope:a.scope,auth0_client:pe(a.auth0_client),details:(d=pe(a.details))==null?void 0:d.substring(0,8192),country_code:r==null?void 0:r.country_code,city_name:r==null?void 0:r.city_name,latitude:r==null?void 0:r.latitude,longitude:r==null?void 0:r.longitude,time_zone:r==null?void 0:r.time_zone,continent_code:r==null?void 0:r.continent_code}).execute(),{...a,log_id:o,user_agent:n}}}function fe(e){if(!e)return"";try{return JSON.parse(e)}catch{return e}}function Pe(e){return{...e,client_id:e.client_id,client_name:"",auth0_client:fe(e.auth0_client),details:fe(e.details),isMobile:!!e.isMobile,scope:e.scope||void 0,log_id:e.log_id,location_info:e.country_code?{country_code:e.country_code,city_name:e.city_name||"",latitude:e.latitude||"",longitude:e.longitude||"",time_zone:e.time_zone||"",continent_code:e.continent_code||""}:void 0}}function Ut(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i,from_date:l,to_date:d}=a;let _=e.selectFrom("logs").where("logs.tenant_id","=",t);i&&(_=O(e,_,i,["user_id","ip"])),typeof l=="number"&&Number.isFinite(l)&&(_=_.where("logs.date",">=",new Date(Math.floor(l)*1e3).toISOString())),typeof d=="number"&&Number.isFinite(d)&&(_=_.where("logs.date","<=",new Date(Math.floor(d)*1e3+999).toISOString()));let c=_;if(s&&s.sort_by){const{ref:p}=e.dynamic;c=c.orderBy(p(s.sort_by),s.sort_order)}c=c.offset(n*o).limit(o);const u=(await c.selectAll().execute()).map(Pe);if(!r)return{logs:u,start:0,limit:0,length:0};const{count:f}=await _.select(p=>p.fn.countAll().as("count")).executeTakeFirstOrThrow();return{logs:u,start:n*o,limit:o,length:E(f)}}}function Kt(e){return async(t,a)=>{const n=await e.selectFrom("logs").where("logs.tenant_id","=",t).where("logs.log_id","=",a).selectAll().executeTakeFirst();return n?Pe(n):null}}function Bt(e){return{create:Lt(e),list:Ut(e),get:Kt(e)}}function Qt(e){return async(t,a)=>{const n=await e.selectFrom("sessions").where("sessions.tenant_id","=",t).where("sessions.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,device:r,clients:s,created_at_ts:i,updated_at_ts:l,expires_at_ts:d,idle_expires_at_ts:_,authenticated_at_ts:c,last_interaction_at_ts:m,used_at_ts:u,revoked_at_ts:f,...p}=n,g=F({created_at_ts:i,updated_at_ts:l,expires_at_ts:d,idle_expires_at_ts:_,authenticated_at_ts:c,last_interaction_at_ts:m,used_at_ts:u,revoked_at_ts:f},["created_at_ts","updated_at_ts","authenticated_at_ts","last_interaction_at_ts"],["expires_at_ts","idle_expires_at_ts","used_at_ts","revoked_at_ts"]);return{...p,...g,device:JSON.parse(r),clients:JSON.parse(s)}}}function Wt(e){return async(t,a)=>{const n=Date.now(),o=le(),r={...a,created_at:o,updated_at:o,authenticated_at:o,last_interaction_at:o},{expires_at:s,idle_expires_at:i,used_at:l,revoked_at:d,device:_,clients:c,...m}=a;return await e.insertInto("sessions").values({...m,tenant_id:t,created_at_ts:n,updated_at_ts:n,authenticated_at_ts:n,last_interaction_at_ts:n,expires_at_ts:x(s),idle_expires_at_ts:x(i),used_at_ts:x(l),revoked_at_ts:x(d),device:JSON.stringify(_),clients:JSON.stringify(c)}).execute(),r}}function Ht(e){return async(t,a)=>!!(await e.deleteFrom("sessions").where("tenant_id","=",t).where("sessions.id","=",a).execute()).length}function Yt(e){return async(t,a,n)=>{const o={updated_at_ts:Date.now(),device:n.device?JSON.stringify(n.device):void 0,clients:n.clients?JSON.stringify(n.clients):void 0};return n.expires_at!==void 0&&(o.expires_at_ts=x(n.expires_at)),n.idle_expires_at!==void 0&&(o.idle_expires_at_ts=x(n.idle_expires_at)),n.authenticated_at!==void 0&&(o.authenticated_at_ts=x(n.authenticated_at)),n.last_interaction_at!==void 0&&(o.last_interaction_at_ts=x(n.last_interaction_at)),n.used_at!==void 0&&(o.used_at_ts=x(n.used_at)),n.revoked_at!==void 0&&(o.revoked_at_ts=x(n.revoked_at)),n.user_id!==void 0&&(o.user_id=n.user_id),n.login_session_id!==void 0&&(o.login_session_id=n.login_session_id),!!(await e.updateTable("sessions").set(o).where("tenant_id","=",t).where("sessions.id","=",a).execute()).length}}function Gt(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let l=e.selectFrom("sessions").where("sessions.tenant_id","=",t);i&&(l=O(e,l,i,["user_id","session_id"]));let d=l;if(s&&s.sort_by){const{ref:f}=e.dynamic;d=d.orderBy(f(s.sort_by),s.sort_order)}d=d.offset(n*o).limit(o);const c=(await d.selectAll().execute()).map(f=>{const{tenant_id:p,device:g,clients:y,created_at_ts:b,updated_at_ts:S,expires_at_ts:$,idle_expires_at_ts:D,authenticated_at_ts:C,last_interaction_at_ts:T,used_at_ts:B,revoked_at_ts:M,...We}=f,He=F({created_at_ts:b,updated_at_ts:S,expires_at_ts:$,idle_expires_at_ts:D,authenticated_at_ts:C,last_interaction_at_ts:T,used_at_ts:B,revoked_at_ts:M},["created_at_ts","updated_at_ts","authenticated_at_ts","last_interaction_at_ts"],["expires_at_ts","idle_expires_at_ts","used_at_ts","revoked_at_ts"]);return{...We,...He,device:JSON.parse(g),clients:JSON.parse(y)}});if(!r)return{sessions:c,start:0,limit:0,length:0};const{count:m}=await l.select(f=>f.fn.countAll().as("count")).executeTakeFirstOrThrow(),u=E(m);return{sessions:c,start:n*o,limit:o,length:u}}}function Vt(e){return{create:Wt(e),get:Qt(e),list:Gt(e),remove:Ht(e),update:Yt(e)}}function Xt(e){return async(t,a)=>{const n=await e.selectFrom("passwords").where("passwords.tenant_id","=",t).where("passwords.user_id","=",a).where("passwords.is_current","=",1).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,...r}=n;return{...r,is_current:!!r.is_current}}}function Zt(e){return async(t,a)=>{const n=a.id||k.nanoid(),o=a.is_current??!0,r={id:n,...a,is_current:o,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};return o&&await e.updateTable("passwords").set({is_current:0}).where("user_id","=",a.user_id).where("tenant_id","=",t).where("is_current","=",1).execute(),await e.insertInto("passwords").values({...r,is_current:r.is_current?1:0,tenant_id:t}).execute(),r}}function ea(e){return async(t,a)=>{let n=e.updateTable("passwords").set({password:a.password,algorithm:a.algorithm,is_current:a.is_current?1:0,updated_at:new Date().toISOString()}).where("tenant_id","=",t).where("user_id","=",a.user_id);return a.id?n=n.where("id","=",a.id):n=n.where("is_current","=",1),(await n.execute()).length===1}}function ta(e){return async(t,a,n)=>{let o=e.selectFrom("passwords").where("passwords.tenant_id","=",t).where("passwords.user_id","=",a).orderBy("created_at","desc");return n&&(o=o.limit(n)),(await o.selectAll().execute()).map(({tenant_id:s,...i})=>({...i,is_current:!!i.is_current}))}}function aa(e){return{create:Zt(e),update:ea(e),get:Xt(e),list:ta(e)}}function na(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("codes").where("codes.tenant_id","=",t);s&&(i=O(e,i,s,["code","login_id"]));const _=(await i.offset(n*o).limit(o).selectAll().execute()).map(m=>{const{tenant_id:u,...f}=m;return N.codeSchema.parse(v(f))});if(!r)return{codes:_,start:0,limit:0,length:0};const{count:c}=await i.select(m=>m.fn.countAll().as("count")).executeTakeFirstOrThrow();return{codes:_,start:n*o,limit:o,length:E(c)}}}function oa(e){return async(t,a)=>{const n={...a,created_at:new Date().toISOString()};return await e.insertInto("codes").values({...n,tenant_id:t}).execute(),n}}function ra(e){return async(t,a)=>(await e.deleteFrom("codes").where("codes.tenant_id","=",t).where("codes.code_id","=",a).executeTakeFirst()).numDeletedRows>0}function sa(e){return async(t,a,n)=>{let o=e.selectFrom("codes").where("codes.code_id","=",a).where("codes.code_type","=",n);t.length&&(o=o.where("codes.tenant_id","=",t));const r=await o.selectAll().executeTakeFirst();return r?v(r):null}}function ia(e){return async(t,a)=>(await e.updateTable("codes").set({used_at:new Date().toISOString()}).where("codes.tenant_id","=",t).where("codes.code_id","=",a).executeTakeFirst()).numUpdatedRows>0}function ca(e){return async(t,a)=>(await e.updateTable("codes").set({used_at:new Date().toISOString()}).where("codes.tenant_id","=",t).where("codes.code_id","=",a).where("codes.used_at","is",null).executeTakeFirst()).numUpdatedRows>0}function la(e){return{create:oa(e),list:na(e),remove:ra(e),used:ia(e),consume:ca(e),get:sa(e)}}function da(e){return async(t,a)=>{const{is_system:n,...o}=a;delete o.enabled_clients;const r={id:o.id||et(),...o,is_system:n?!0:void 0,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};return await e.insertInto("connections").values({...r,is_system:n?1:0,options:JSON.stringify(r.options||{}),tenant_id:t}).execute(),r}}function de(e){const{is_system:t,...a}=e;return v({...a,is_system:t?!0:void 0,options:typeof e.options=="string"?JSON.parse(e.options):{}})}function ua(e){return e.map(de)}function _a(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("connections").where("connections.tenant_id","=",t);s&&(i=O(e,i,s,["user_id","ip"]));const d=await i.offset(n*o).limit(o).selectAll().execute(),_=ua(d);if(!r)return{connections:_,start:0,limit:0,length:0};const{count:c}=await i.select(m=>m.fn.countAll().as("count")).executeTakeFirstOrThrow();return{connections:_,start:n*o,limit:o,length:E(c)}}}function ma(e){return async(t,a)=>(await e.deleteFrom("connections").where("connections.tenant_id","=",t).where("connections.id","=",a).executeTakeFirst()).numDeletedRows>0}function ha(e){return async(t,a)=>{const n=await e.selectFrom("connections").where("connections.tenant_id","=",t).where("connections.id","=",a).selectAll().executeTakeFirst();return n?de(n):null}}function pa(e){return async(t,a,n)=>{const{is_system:o,...r}=n;delete r.enabled_clients;const s={...r,is_system:o!==void 0?o?1:0:void 0,updated_at:new Date().toISOString()};return await e.updateTable("connections").set({...s,options:s.options?JSON.stringify(s.options):void 0}).where("connections.id","=",a).where("connections.tenant_id","=",t).execute(),!0}}function fa(e){return{create:da(e),get:ha(e),list:_a(e),remove:ma(e),update:pa(e)}}function ga(e){return async(t,a)=>{const n=a.client_id??k.nanoid(),o={created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...a,client_id:n,global:a.global??!1,is_first_party:a.is_first_party??!1,oidc_conformant:a.oidc_conformant??!0,auth0_conformant:a.auth0_conformant??!0,sso:a.sso??!1,sso_disabled:a.sso_disabled??!1,cross_origin_authentication:a.cross_origin_authentication??!1,custom_login_page_on:a.custom_login_page_on??!1,require_pushed_authorization_requests:a.require_pushed_authorization_requests??!1,require_proof_of_possession:a.require_proof_of_possession??!1,hide_sign_up_disabled_error:a.hide_sign_up_disabled_error??!1},r={...o,tenant_id:t};return $e(o,["global","is_first_party","oidc_conformant","auth0_conformant","sso","sso_disabled","cross_origin_authentication","custom_login_page_on","require_pushed_authorization_requests","require_proof_of_possession","hide_sign_up_disabled_error"],r),Object.assign(r,{callbacks:JSON.stringify(a.callbacks||[]),allowed_origins:JSON.stringify(a.allowed_origins||[]),web_origins:JSON.stringify(a.web_origins||[]),client_aliases:JSON.stringify(a.client_aliases||[]),allowed_clients:JSON.stringify(a.allowed_clients||[]),connections:JSON.stringify(a.connections||[]),allowed_logout_urls:JSON.stringify(a.allowed_logout_urls||[]),session_transfer:JSON.stringify(a.session_transfer||{}),oidc_logout:JSON.stringify(a.oidc_logout||{}),grant_types:JSON.stringify(a.grant_types||[]),jwt_configuration:JSON.stringify(a.jwt_configuration||{}),signing_keys:JSON.stringify(a.signing_keys||[]),encryption_key:JSON.stringify(a.encryption_key||{}),addons:JSON.stringify(a.addons||{}),client_metadata:JSON.stringify(a.client_metadata||{}),mobile:JSON.stringify(a.mobile||{}),native_social_login:JSON.stringify(a.native_social_login||{}),refresh_token:JSON.stringify(a.refresh_token||{}),default_organization:JSON.stringify(a.default_organization||{}),client_authentication_methods:JSON.stringify(a.client_authentication_methods||{}),signed_request_object:JSON.stringify(a.signed_request_object||{}),token_quota:JSON.stringify(a.token_quota||{}),owner_user_id:a.owner_user_id??null,registration_type:a.registration_type??null,registration_metadata:a.registration_metadata?JSON.stringify(a.registration_metadata):null}),await e.insertInto("clients").values(r).execute(),o}}function wa(e){return async(t,a)=>{const n=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,...r}=n;return v({...r,global:!!n.global,is_first_party:!!n.is_first_party,oidc_conformant:!!n.oidc_conformant,auth0_conformant:!!n.auth0_conformant,sso:!!n.sso,sso_disabled:!!n.sso_disabled,cross_origin_authentication:!!n.cross_origin_authentication,custom_login_page_on:!!n.custom_login_page_on,require_pushed_authorization_requests:!!n.require_pushed_authorization_requests,require_proof_of_possession:!!n.require_proof_of_possession,hide_sign_up_disabled_error:!!n.hide_sign_up_disabled_error,callbacks:JSON.parse(n.callbacks),allowed_origins:JSON.parse(n.allowed_origins),web_origins:JSON.parse(n.web_origins),client_aliases:JSON.parse(n.client_aliases),allowed_clients:JSON.parse(n.allowed_clients),connections:JSON.parse(n.connections||"[]"),allowed_logout_urls:JSON.parse(n.allowed_logout_urls),session_transfer:JSON.parse(n.session_transfer),oidc_logout:JSON.parse(n.oidc_logout),grant_types:JSON.parse(n.grant_types),jwt_configuration:JSON.parse(n.jwt_configuration),signing_keys:JSON.parse(n.signing_keys),encryption_key:JSON.parse(n.encryption_key),addons:JSON.parse(n.addons),client_metadata:JSON.parse(n.client_metadata),mobile:JSON.parse(n.mobile),native_social_login:JSON.parse(n.native_social_login),refresh_token:JSON.parse(n.refresh_token),default_organization:JSON.parse(n.default_organization),client_authentication_methods:JSON.parse(n.client_authentication_methods),signed_request_object:JSON.parse(n.signed_request_object),token_quota:JSON.parse(n.token_quota),registration_metadata:n.registration_metadata?JSON.parse(n.registration_metadata):void 0})}}function ya(e){return async t=>{const a=await e.selectFrom("clients").where("clients.client_id","=",t).selectAll().executeTakeFirst();return a?v({...a,global:!!a.global,is_first_party:!!a.is_first_party,oidc_conformant:!!a.oidc_conformant,auth0_conformant:!!a.auth0_conformant,sso:!!a.sso,sso_disabled:!!a.sso_disabled,cross_origin_authentication:!!a.cross_origin_authentication,custom_login_page_on:!!a.custom_login_page_on,require_pushed_authorization_requests:!!a.require_pushed_authorization_requests,require_proof_of_possession:!!a.require_proof_of_possession,hide_sign_up_disabled_error:!!a.hide_sign_up_disabled_error,callbacks:JSON.parse(a.callbacks),allowed_origins:JSON.parse(a.allowed_origins),web_origins:JSON.parse(a.web_origins),client_aliases:JSON.parse(a.client_aliases),allowed_clients:JSON.parse(a.allowed_clients),connections:JSON.parse(a.connections||"[]"),allowed_logout_urls:JSON.parse(a.allowed_logout_urls),session_transfer:JSON.parse(a.session_transfer),oidc_logout:JSON.parse(a.oidc_logout),grant_types:JSON.parse(a.grant_types),jwt_configuration:JSON.parse(a.jwt_configuration),signing_keys:JSON.parse(a.signing_keys),encryption_key:JSON.parse(a.encryption_key),addons:JSON.parse(a.addons),client_metadata:JSON.parse(a.client_metadata),mobile:JSON.parse(a.mobile),native_social_login:JSON.parse(a.native_social_login),refresh_token:JSON.parse(a.refresh_token),default_organization:JSON.parse(a.default_organization),client_authentication_methods:JSON.parse(a.client_authentication_methods),signed_request_object:JSON.parse(a.signed_request_object),token_quota:JSON.parse(a.token_quota),registration_metadata:a.registration_metadata?JSON.parse(a.registration_metadata):void 0}):null}}function va(e){return async(t,a)=>{let n=e.selectFrom("clients").where("clients.tenant_id","=",t);const o=new Set(["owner_user_id","registration_type"]);if(a!=null&&a.q){const m=a.q.trim().match(/^([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/);if(m&&o.has(m[1])&&m[2]){const u=m[1];n=n.where(u,"=",m[2])}else n=n.where(u=>u.or([u("name","like",`%${a.q}%`),u("client_id","like",`%${a.q}%`)]))}if(a!=null&&a.sort){const c=a.sort.sort_order==="asc"?"asc":"desc",m=a.sort.sort_by;["name","client_id","created_at","updated_at"].includes(m)?n=n.orderBy(m,c):n=n.orderBy("created_at","desc")}else n=n.orderBy("created_at","desc");if((a==null?void 0:a.from)!==void 0){const c=parseInt(a.from,10);isNaN(c)||(n=n.offset(c))}else if((a==null?void 0:a.page)!==void 0){const c=(a==null?void 0:a.per_page)||(a==null?void 0:a.take)||10,m=a.page*c;n=n.offset(m)}const r=(a==null?void 0:a.take)||(a==null?void 0:a.per_page)||10;n=n.limit(r);const s=await n.selectAll().execute();let i=s.length;if(a!=null&&a.include_totals){let c=e.selectFrom("clients").select(h.sql`count(*)`.as("count")).where("clients.tenant_id","=",t);if(a!=null&&a.q){const f=a.q.trim().match(/^([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/);if(f&&o.has(f[1])&&f[2]){const p=f[1];c=c.where(p,"=",f[2])}else c=c.where(p=>p.or([p("name","like",`%${a.q}%`),p("client_id","like",`%${a.q}%`)]))}const m=await c.executeTakeFirst();i=Number((m==null?void 0:m.count)||0)}const l=s.map(c=>v({...c,global:!!c.global,is_first_party:!!c.is_first_party,oidc_conformant:!!c.oidc_conformant,auth0_conformant:!!c.auth0_conformant,sso:!!c.sso,sso_disabled:!!c.sso_disabled,cross_origin_authentication:!!c.cross_origin_authentication,custom_login_page_on:!!c.custom_login_page_on,require_pushed_authorization_requests:!!c.require_pushed_authorization_requests,require_proof_of_possession:!!c.require_proof_of_possession,hide_sign_up_disabled_error:!!c.hide_sign_up_disabled_error,callbacks:JSON.parse(c.callbacks),allowed_origins:JSON.parse(c.allowed_origins),web_origins:JSON.parse(c.web_origins),client_aliases:JSON.parse(c.client_aliases),allowed_clients:JSON.parse(c.allowed_clients),connections:JSON.parse(c.connections||"[]"),allowed_logout_urls:JSON.parse(c.allowed_logout_urls),session_transfer:JSON.parse(c.session_transfer),oidc_logout:JSON.parse(c.oidc_logout),grant_types:JSON.parse(c.grant_types),jwt_configuration:JSON.parse(c.jwt_configuration),signing_keys:JSON.parse(c.signing_keys),encryption_key:JSON.parse(c.encryption_key),addons:JSON.parse(c.addons),client_metadata:JSON.parse(c.client_metadata),mobile:JSON.parse(c.mobile),native_social_login:JSON.parse(c.native_social_login),refresh_token:JSON.parse(c.refresh_token),default_organization:JSON.parse(c.default_organization),client_authentication_methods:JSON.parse(c.client_authentication_methods),signed_request_object:JSON.parse(c.signed_request_object),token_quota:JSON.parse(c.token_quota),registration_metadata:c.registration_metadata?JSON.parse(c.registration_metadata):void 0})),d=(a==null?void 0:a.take)||(a==null?void 0:a.per_page)||10,_=a!=null&&a.from?parseInt(a.from,10):a!=null&&a.page?a.page*d:0;return{clients:l,totals:{start:isNaN(_)?0:_,limit:d,length:l.length,total:i}}}}function Ca(e){return async(t,a)=>(await e.deleteFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",a).executeTakeFirst()).numDeletedRows>0}function xa(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};return $e(n,["global","is_first_party","oidc_conformant","auth0_conformant","sso","sso_disabled","cross_origin_authentication","custom_login_page_on","require_pushed_authorization_requests","require_proof_of_possession","hide_sign_up_disabled_error"],o),W(n,["callbacks","allowed_origins","web_origins","client_aliases","allowed_clients","connections","allowed_logout_urls","session_transfer","oidc_logout","grant_types","jwt_configuration","signing_keys","encryption_key","addons","client_metadata","mobile","native_social_login","refresh_token","default_organization","client_authentication_methods","signed_request_object","token_quota","registration_metadata"],o),(await e.updateTable("clients").set(o).where("clients.tenant_id","=",t).where("clients.client_id","=",a).executeTakeFirst()).numUpdatedRows>0}}function Ta(e){return{create:ga(e),get:wa(e),getByClientId:ya(e),list:va(e),remove:Ca(e),update:xa(e)}}function ba(e){return async(t,a)=>{const n=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",a).select("connections").executeTakeFirst();if(!n)return[];const o=JSON.parse(n.connections||"[]");if(o.length===0)return[];const r=await e.selectFrom("connections").where("connections.tenant_id","=",t).where("connections.id","in",o).selectAll().execute(),s=new Map(r.map(i=>[i.id,de(i)]));return o.map(i=>s.get(i)).filter(i=>i!==void 0)}}function Na(e){return async(t,a,n)=>(await e.updateTable("clients").set({connections:JSON.stringify(n),updated_at:new Date().toISOString()}).where("clients.tenant_id","=",t).where("clients.client_id","=",a).executeTakeFirst()).numUpdatedRows>0}function Sa(e){return async(t,a)=>{const n=await e.selectFrom("clients").where("clients.tenant_id","=",t).select(["client_id","connections"]).execute(),o=[];for(const r of n)JSON.parse(r.connections||"[]").includes(a)&&o.push(r.client_id);return o}}function Oa(e){return async(t,a,n)=>{const o=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",n).select("connections").executeTakeFirst();if(!o)return!1;const r=JSON.parse(o.connections||"[]");return r.includes(a)?!0:(r.push(a),(await e.updateTable("clients").set({connections:JSON.stringify(r),updated_at:new Date().toISOString()}).where("clients.tenant_id","=",t).where("clients.client_id","=",n).executeTakeFirst()).numUpdatedRows>0)}}function ka(e){return async(t,a,n)=>{const o=await e.selectFrom("clients").where("clients.tenant_id","=",t).where("clients.client_id","=",n).select("connections").executeTakeFirst();if(!o)return!1;const r=JSON.parse(o.connections||"[]"),s=r.filter(i=>i!==a);return s.length!==r.length?(await e.updateTable("clients").set({connections:JSON.stringify(s),updated_at:new Date().toISOString()}).where("clients.tenant_id","=",t).where("clients.client_id","=",n).executeTakeFirst()).numUpdatedRows>0:!0}}function $a(e){return{listByClient:ba(e),updateByClient:Na(e),listByConnection:Sa(e),addClientToConnection:Oa(e),removeClientFromConnection:ka(e)}}function Ea(e){return async(t,a)=>{const n=new Date().toISOString(),o=k.nanoid(),{scope:r,authorization_details_types:s,...i}=a,l={id:o,tenant_id:t,...i,scope:r?JSON.stringify(r):"[]",authorization_details_types:s?JSON.stringify(s):"[]",allow_any_organization:i.allow_any_organization!==void 0?i.allow_any_organization?1:0:void 0,is_system:i.is_system!==void 0?i.is_system?1:0:void 0,created_at:n,updated_at:n};return await e.insertInto("client_grants").values(l).execute(),v({id:o,tenant_id:t,...i,scope:r||[],authorization_details_types:s||[],allow_any_organization:i.allow_any_organization??!1,is_system:i.is_system??!1,created_at:n,updated_at:n})}}function Ia(e){return async(t,a)=>{const n=await e.selectFrom("client_grants").selectAll().where("client_grants.tenant_id","=",t).where("client_grants.id","=",a).executeTakeFirst();if(!n)return null;const o={id:n.id,client_id:n.client_id,audience:n.audience,scope:n.scope?JSON.parse(n.scope):[],organization_usage:n.organization_usage,allow_any_organization:n.allow_any_organization!==void 0?!!n.allow_any_organization:!1,is_system:n.is_system!==void 0?!!n.is_system:!1,subject_type:n.subject_type,authorization_details_types:n.authorization_details_types?JSON.parse(n.authorization_details_types):[],created_at:n.created_at,updated_at:n.updated_at};return v(o)}}function Pa(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s,sort:i}=a;let l=e.selectFrom("client_grants").where("client_grants.tenant_id","=",t);if(s){const u=s.trim(),f=u.split(/\s+/),p=f.length===1?f[0]:void 0,g=p?p.match(/^(-)?([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/):null,y=g?g[3]:"",b=/^(>=|>|<=|<)/.test(y||"");if(g&&!b&&y){const S=!!g[1],$=g[2],{ref:D}=e.dynamic,C=D(`client_grants.${$}`);if($==="allow_any_organization"){const T=y==="true"?1:0;S?l=l.where(C,"!=",T):l=l.where(C,"=",T)}else S?l=l.where(C,"!=",y):l=l.where(C,"=",y)}else l=O(e,l,u,[])}let d=l;if(i){const{ref:u}=e.dynamic;d=d.orderBy(u(i.sort_by),i.sort_order)}else d=d.orderBy("client_grants.created_at","desc");d=d.limit(o).offset(n*o);const c=(await d.selectAll().execute()).map(u=>{const f={id:u.id,client_id:u.client_id,audience:u.audience,scope:u.scope?JSON.parse(u.scope):[],organization_usage:u.organization_usage,allow_any_organization:u.allow_any_organization!==void 0?!!u.allow_any_organization:!1,is_system:u.is_system!==void 0?!!u.is_system:!1,subject_type:u.subject_type,authorization_details_types:u.authorization_details_types?JSON.parse(u.authorization_details_types):[],created_at:u.created_at,updated_at:u.updated_at};return v(f)});if(!r)return{client_grants:c,start:0,limit:0,length:0};const{count:m}=await l.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{client_grants:c,start:n*o,limit:o,length:E(m)}}}function za(e){return async(t,a)=>((await e.deleteFrom("client_grants").where("client_grants.tenant_id","=",t).where("client_grants.id","=",a).executeTakeFirst()).numDeletedRows??0n)>0n}function Da(e){return async(t,a,n)=>{const o=new Date().toISOString(),{scope:r,authorization_details_types:s,...i}=n,l={...i,updated_at:o};return r!==void 0&&(l.scope=JSON.stringify(r)),s!==void 0&&(l.authorization_details_types=JSON.stringify(s)),i.allow_any_organization!==void 0&&(l.allow_any_organization=i.allow_any_organization?1:0),i.is_system!==void 0&&(l.is_system=i.is_system?1:0),((await e.updateTable("client_grants").set(l).where("client_grants.tenant_id","=",t).where("client_grants.id","=",a).executeTakeFirst()).numUpdatedRows??0n)>0n}}function Aa(e){return{create:Ea(e),get:Ia(e),list:Pa(e),remove:za(e),update:Da(e)}}function Fa(e){return async(t,a)=>{const n=Date.now();return await e.insertInto("client_registration_tokens").values({id:a.id,tenant_id:t,token_hash:a.token_hash,type:a.type,client_id:a.client_id??null,sub:a.sub??null,constraints:a.constraints?JSON.stringify(a.constraints):null,single_use:a.single_use?1:0,expires_at_ts:x(a.expires_at),created_at_ts:n,used_at_ts:null,revoked_at_ts:null}).execute(),{id:a.id,token_hash:a.token_hash,type:a.type,client_id:a.client_id,sub:a.sub,constraints:a.constraints,single_use:a.single_use,expires_at:a.expires_at,created_at:new Date(n).toISOString()}}}function ja(e){const t=N.clientRegistrationTokenTypeSchema.safeParse(e);if(!t.success)throw new Error(`Unknown client_registration_tokens.type: ${e}`);return t.data}function Ra(e){if(!e)return;let t;try{t=JSON.parse(e)}catch{return}return N.isPlainObject(t)?t:void 0}function ue(e){return{id:e.id,token_hash:e.token_hash,type:ja(e.type),client_id:e.client_id??void 0,sub:e.sub??void 0,constraints:Ra(e.constraints),single_use:!!e.single_use,expires_at:Q(e.expires_at_ts),used_at:Q(e.used_at_ts),revoked_at:Q(e.revoked_at_ts),created_at:j(e.created_at_ts)}}function qa(e){return async(t,a)=>{const n=await e.selectFrom("client_registration_tokens").where("tenant_id","=",t).where("id","=",a).selectAll().executeTakeFirst();return n?ue(n):null}}function Ma(e){return async(t,a)=>{const n=await e.selectFrom("client_registration_tokens").where("tenant_id","=",t).where("token_hash","=",a).selectAll().executeTakeFirst();return n?ue(n):null}}function Ja(e){return async(t,a)=>(await e.selectFrom("client_registration_tokens").where("tenant_id","=",t).where("client_id","=",a).orderBy("created_at_ts","desc").selectAll().execute()).map(ue)}function La(e){return async(t,a,n)=>(await e.updateTable("client_registration_tokens").set({used_at_ts:x(n)}).where("tenant_id","=",t).where("id","=",a).where("used_at_ts","is",null).executeTakeFirst()).numUpdatedRows>0}function Ua(e){return async(t,a,n)=>(await e.updateTable("client_registration_tokens").set({revoked_at_ts:x(n)}).where("tenant_id","=",t).where("id","=",a).where("revoked_at_ts","is",null).executeTakeFirst()).numUpdatedRows>0}function Ka(e){return async(t,a,n)=>{const o=await e.updateTable("client_registration_tokens").set({revoked_at_ts:x(n)}).where("tenant_id","=",t).where("client_id","=",a).where("revoked_at_ts","is",null).executeTakeFirst();return Number(o.numUpdatedRows)}}function Ba(e){return async(t,a)=>(await e.deleteFrom("client_registration_tokens").where("tenant_id","=",t).where("id","=",a).executeTakeFirst()).numDeletedRows>0}function Qa(e){return{create:Fa(e),get:qa(e),getByHash:Ma(e),listByClient:Ja(e),markUsed:La(e),revoke:Ua(e),revokeByClient:Ka(e),remove:Ba(e)}}function Wa(e){return async(t={})=>{const{page:a=0,per_page:n=100,include_totals:o=!1,sort:r,q:s}=t;let i=e.selectFrom("keys").where(u=>u.or([u("revoked_at",">",new Date().toISOString()),u("revoked_at","is",null)]));s&&(i=O(e,i,s,["kid","tenant_id","connection","fingerprint","thumbprint","type"]));let l=i.select(u=>u.fn.count("kid").as("count"));const d=a*n;i=i.limit(n).offset(d),r&&(i=i.orderBy(r.sort_by,r.sort_order));const _=await i.selectAll().execute();if(!o)return{signingKeys:_,start:0,limit:0,length:0};const c=await l.executeTakeFirst(),m=E((c==null?void 0:c.count)??0);return{signingKeys:_,start:d,limit:n,length:m}}}function Ha(e){return async t=>{await e.insertInto("keys").values({...t,created_at:new Date().toDateString()}).execute()}}function Ya(e){return async(t,a)=>!!(await e.updateTable("keys").set(a).where("kid","=",t).execute()).length}function Ga(e){return{create:Ha(e),list:Wa(e),update:Ya(e)}}function Va(e){return async(t,a)=>{const n={custom_domain_id:a.custom_domain_id||k.nanoid(),status:"pending",primary:!1,...a};return await e.insertInto("custom_domains").values({...n,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t,primary:n.primary?1:0,domain_metadata:n.domain_metadata?JSON.stringify(n.domain_metadata):void 0}).execute(),n}}function Xa(e){return async t=>(await e.selectFrom("custom_domains").where("custom_domains.tenant_id","=",t).selectAll().execute()).map(n=>({...n,primary:n.primary===1,domain_metadata:q(n.domain_metadata,void 0)}))}function Za(e){return async(t,a)=>(await e.deleteFrom("custom_domains").where("custom_domains.tenant_id","=",t).where("custom_domains.custom_domain_id","=",a).execute()).length>0}function en(e){return async(t,a)=>{const n=await e.selectFrom("custom_domains").where("custom_domains.tenant_id","=",t).where("custom_domains.custom_domain_id","=",a).selectAll().executeTakeFirst();return n?{...n,primary:n.primary===1,domain_metadata:q(n.domain_metadata,void 0),verification:q(n.verification,void 0)}:null}}function tn(e){return async(t,a,n)=>{const{verification:o,domain_metadata:r,primary:s,...i}=n,l={...i,updated_at:new Date().toISOString(),...s!==void 0&&{primary:s?1:0},...r!==void 0&&{domain_metadata:JSON.stringify(r)},...o!==void 0&&{verification:JSON.stringify(o)}};return(await e.updateTable("custom_domains").set(l).where("custom_domains.tenant_id","=",t).where("custom_domains.custom_domain_id","=",a).execute()).length>0}}function an(e){return async t=>{const a=await e.selectFrom("custom_domains").where("custom_domains.domain","=",t).selectAll().executeTakeFirst();return a?{...a,primary:a.primary===1,domain_metadata:q(a.domain_metadata,void 0)}:null}}function nn(e){return{create:Va(e),get:en(e),getByDomain:an(e),list:Xa(e),remove:Za(e),update:tn(e)}}function on(e){return async t=>{const[a]=await e.selectFrom("branding").where("branding.tenant_id","=",t).selectAll().execute();if(!a)return null;const{tenant_id:n,colors_primary:o,colors_page_background_type:r,colors_page_background_start:s,colors_page_background_end:i,colors_page_background_angle_dev:l,font_url:d,..._}=a;return v({..._,colors:{primary:o,page_background:{type:r,start:s,end:i,angle_deg:l}},font:d?{url:d}:void 0})}}function rn(e){return async(t,a)=>{var l,d;const{colors:n,font:o,...r}=a,s=n==null?void 0:n.page_background,i=s&&typeof s=="object"?s:void 0;try{await e.insertInto("branding").values({...r,colors_primary:n==null?void 0:n.primary,colors_page_background_type:i==null?void 0:i.type,colors_page_background_start:i==null?void 0:i.start,colors_page_background_end:i==null?void 0:i.end,colors_page_background_angle_dev:i==null?void 0:i.angle_deg,font_url:(l=a.font)==null?void 0:l.url,tenant_id:t}).execute()}catch{await e.updateTable("branding").set({...r,colors_primary:n==null?void 0:n.primary,colors_page_background_type:i==null?void 0:i.type,colors_page_background_start:i==null?void 0:i.start,colors_page_background_end:i==null?void 0:i.end,colors_page_background_angle_dev:i==null?void 0:i.angle_deg,font_url:(d=a.font)==null?void 0:d.url}).where("tenant_id","=",t).execute()}}}function sn(e){return{get:on(e),set:rn(e)}}function cn(e){return async t=>{const a=await e.selectFrom("universal_login_templates").select(["body"]).where("tenant_id","=",t).executeTakeFirst();return a?{body:a.body}:null}}function ln(e){return async(t,a)=>{const n=Date.now();try{await e.insertInto("universal_login_templates").values({tenant_id:t,body:a.body,created_at_ts:n,updated_at_ts:n}).execute()}catch{await e.updateTable("universal_login_templates").set({body:a.body,updated_at_ts:n}).where("tenant_id","=",t).execute()}}}function dn(e){return async t=>{await e.deleteFrom("universal_login_templates").where("tenant_id","=",t).execute()}}function un(e){return{get:cn(e),set:ln(e),delete:dn(e)}}function _n(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let l=e.selectFrom("hooks").where("hooks.tenant_id","=",t);if(i&&(l=O(e,l,i,["url","form_id","template_id","code_id"])),s!=null&&s.sort_by){const{ref:u}=e.dynamic;l=l.orderBy(u(s.sort_by),s.sort_order)}else l=l.orderBy("priority","desc").orderBy("created_at_ts","asc");const c=(await l.offset(n*o).limit(o).selectAll().execute()).map(u=>{const{tenant_id:f,enabled:p,synchronous:g,created_at_ts:y,updated_at_ts:b,metadata:S,...$}=u,D=F({created_at_ts:y,updated_at_ts:b},["created_at_ts","updated_at_ts"]);return v({...$,...D,enabled:!!p,synchronous:!!g,metadata:Oe(S)})});if(!r)return{hooks:c,start:0,limit:0,length:0};const{count:m}=await l.select(u=>u.fn.countAll().as("count")).executeTakeFirstOrThrow();return{hooks:c,start:n*o,limit:o,length:E(m)}}}function mn(e){return async(t,a)=>{const n=await e.selectFrom("hooks").where("hooks.tenant_id","=",t).where("hooks.hook_id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,created_at_ts:r,updated_at_ts:s,metadata:i,...l}=n,d=F({created_at_ts:r,updated_at_ts:s},["created_at_ts","updated_at_ts"]);return v({...l,...d,enabled:!!l.enabled,synchronous:!!l.synchronous,metadata:Oe(i)})}}function hn(e){return async(t,a)=>(await e.deleteFrom("hooks").where("hooks.tenant_id","=",t).where("hooks.hook_id","=",a).executeTakeFirst()).numDeletedRows>0}function pn(e){return async(t,a)=>{const n=Date.now(),o=a.hook_id||nt(),{hook_id:r,enabled:s,synchronous:i,metadata:l,...d}=a;return await e.insertInto("hooks").values({...d,hook_id:o,tenant_id:t,enabled:s?1:0,synchronous:i?1:0,metadata:l?JSON.stringify(l):null,created_at_ts:n,updated_at_ts:n}).execute(),{...d,hook_id:o,enabled:s??!1,synchronous:i??!1,...l?{metadata:l}:{},created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function fn(e){return async(t,a,n)=>{const{hook_id:o,metadata:r,...s}=n,i={...s,updated_at_ts:Date.now(),enabled:n.enabled!==void 0?n.enabled?1:0:void 0,synchronous:n.synchronous!==void 0?n.synchronous?1:0:void 0,...r!==void 0?{metadata:r===null?null:JSON.stringify(r)}:{}};return await e.updateTable("hooks").set(i).where("hooks.hook_id","=",a).where("hooks.tenant_id","=",t).execute(),!0}}function gn(e){return{create:pn(e),get:mn(e),list:_n(e),update:fn(e),remove:hn(e)}}function wn(e){return async(t,a)=>{const n=Date.now(),o=rt();return await e.insertInto("hook_code").values({id:o,tenant_id:t,code:a.code,secrets:a.secrets?JSON.stringify(a.secrets):null,created_at_ts:n,updated_at_ts:n}).execute(),{id:o,tenant_id:t,code:a.code,secrets:a.secrets,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function yn(e){return async(t,a)=>{const n=await e.selectFrom("hook_code").where("hook_code.tenant_id","=",t).where("hook_code.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{created_at_ts:o,updated_at_ts:r,secrets:s,...i}=n,l=F({created_at_ts:o,updated_at_ts:r},["created_at_ts","updated_at_ts"]);return{...i,...l,secrets:s?(()=>{try{return JSON.parse(s)}catch{console.warn(`Failed to parse secrets for hook_code ${a}`);return}})():void 0}}}function vn(e){return async(t,a,n)=>{const o={updated_at_ts:Date.now()};return n.code!==void 0&&(o.code=n.code),n.secrets!==void 0&&(o.secrets=JSON.stringify(n.secrets)),(await e.updateTable("hook_code").set(o).where("hook_code.id","=",a).where("hook_code.tenant_id","=",t).executeTakeFirst()).numUpdatedRows>0}}function Cn(e){return async(t,a)=>(await e.deleteFrom("hook_code").where("hook_code.tenant_id","=",t).where("hook_code.id","=",a).executeTakeFirst()).numDeletedRows>0}function xn(e){return{create:wn(e),get:yn(e),update:vn(e),remove:Cn(e)}}function Tn(e){return async(t,a,n)=>{const o={themeId:n||k.nanoid(),created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...a},r={...o,tenant_id:t};return await e.insertInto("themes").values(K(r)).execute(),o}}function bn(e){return async(t,a)=>(await e.deleteFrom("themes").where("themes.tenant_id","=",t).where("themes.themeId","=",a).executeTakeFirst()).numDeletedRows>0}function Nn(e){return async(t,a)=>{const n=await e.selectFrom("themes").where("themes.tenant_id","=",t).where("themes.themeId","=",a).selectAll().executeTakeFirst();if(!n)return null;const o={...n,borders_show_widget_shadow:!!n.borders_show_widget_shadow,fonts_body_text_bold:!!n.fonts_body_text_bold,fonts_buttons_text_bold:!!n.fonts_buttons_text_bold,fonts_input_labels_bold:!!n.fonts_input_labels_bold,fonts_links_bold:!!n.fonts_links_bold,fonts_subtitle_bold:!!n.fonts_subtitle_bold,fonts_title_bold:!!n.fonts_title_bold};return v(Se(o,["widget","colors","borders","fonts","page_background"]))}}function Sn(e){return async(t,a,n)=>{const{themeId:o,...r}=n,s=K({...r,updated_at:new Date().toISOString()});return await e.updateTable("themes").set(s).where("themes.themeId","=",a).where("themes.tenant_id","=",t).execute(),!0}}function On(e){return{create:Tn(e),get:Nn(e),remove:bn(e),update:Sn(e)}}function kn(e){return async(t,a)=>{const n=await e.selectFrom("login_sessions").where("login_sessions.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{created_at_ts:o,updated_at_ts:r,expires_at_ts:s,auth_params:i,...l}=n,d=F({created_at_ts:o,updated_at_ts:r,expires_at_ts:s},["created_at_ts","updated_at_ts","expires_at_ts"]),_=Se(v({...l,...d,state:n.state||N.LoginSessionState.PENDING,state_data:n.state_data,failure_reason:n.failure_reason}),["auth_strategy"]);return _.authParams=typeof i=="string"&&i.length>0?JSON.parse(i):{},N.loginSessionSchema.parse(_)}}const _e="0123456789ABCDEFGHJKMNPQRSTVWXYZ",ie=_e.length,$n=10,ge=16;function En(e){let t="";for(let a=$n;a>0;a--)t=_e.charAt(e%ie)+t,e=Math.floor(e/ie);return t}function In(){const e=new Uint8Array(ge);crypto.getRandomValues(e);let t="";for(let a=0;a<ge;a++)t+=_e.charAt(e[a]%ie);return t}function ze(){return En(Date.now())+In()}function Pn(e){return async(t,a)=>{var d;const n=le(),o={id:ze(),...a,authorization_url:(d=a.authorization_url)==null?void 0:d.slice(0,1024),created_at:n,updated_at:n,state:a.state||N.LoginSessionState.PENDING,state_data:a.state_data,failure_reason:a.failure_reason},{authParams:r,...s}=o,i=Date.now(),l=K(s);return delete l.created_at,delete l.updated_at,delete l.expires_at,await e.insertInto("login_sessions").values({...l,tenant_id:t,auth_params:JSON.stringify(r),created_at_ts:i,updated_at_ts:i,expires_at_ts:a.expires_at?new Date(a.expires_at).getTime():i+1e3*60*60*24}).execute(),o}}function zn(e){return async(t,a,n)=>{const{created_at:o,updated_at:r,expires_at:s,authParams:i,...l}=n;let d={};if(i!==void 0){const m=await e.selectFrom("login_sessions").where("login_sessions.id","=",a).where("login_sessions.tenant_id","=",t).select(["auth_params"]).executeTakeFirst(),u=m==null?void 0:m.auth_params,f=typeof u=="string"&&u.length>0?JSON.parse(u):{};d={auth_params:JSON.stringify({...f,...i})}}const _=K(l);return delete _.created_at_ts,delete _.updated_at_ts,delete _.expires_at_ts,delete _.id,delete _.tenant_id,(await e.updateTable("login_sessions").set({..._,...d,updated_at_ts:Date.now(),...s!==void 0?{expires_at_ts:x(s)}:{}}).where("login_sessions.id","=",a).where("login_sessions.tenant_id","=",t).execute()).length===1}}function Dn(e){return async(t,a)=>(await e.deleteFrom("login_sessions").where("login_sessions.tenant_id","=",t).where("login_sessions.id","=",a).execute()).length>0}function An(e){return{create:Pn(e),get:kn(e),update:zn(e),remove:Dn(e)}}function Fn(e){return async t=>{const[a]=await e.selectFrom("prompt_settings").where("prompt_settings.tenant_id","=",t).selectAll().execute();return v({identifier_first:!!(a!=null&&a.identifier_first),password_first:!!(a!=null&&a.password_first),webauthn_platform_first_factor:!!(a!=null&&a.webauthn_platform_first_factor),universal_login_experience:(a==null?void 0:a.universal_login_experience)||"new"})}}function jn(e){const t={};return typeof e.identifier_first=="boolean"&&(t.identifier_first=e.identifier_first?1:0),typeof e.password_first=="boolean"&&(t.password_first=e.password_first?1:0),typeof e.webauthn_platform_first_factor=="boolean"&&(t.webauthn_platform_first_factor=e.webauthn_platform_first_factor?1:0),e.universal_login_experience&&(t.universal_login_experience=e.universal_login_experience),t}function Rn(e){return async(t,a)=>{const n=jn(a);try{await e.insertInto("prompt_settings").values({tenant_id:t,identifier_first:n.identifier_first??1,password_first:n.password_first??0,webauthn_platform_first_factor:n.webauthn_platform_first_factor??0,universal_login_experience:n.universal_login_experience??"new"}).execute()}catch{if(Object.keys(n).length===0)return;await e.updateTable("prompt_settings").set(n).where("tenant_id","=",t).execute()}}}function qn(e){return{get:Fn(e),set:Rn(e)}}function Mn(e){return async t=>{const[a]=await e.selectFrom("email_providers").where("email_providers.tenant_id","=",t).selectAll().execute();if(!a)return null;const{tenant_id:n,credentials:o,settings:r,enabled:s,...i}=a;return v({...i,credentials:JSON.parse(o),settings:JSON.parse(r),enabled:!!s})}}function Jn(e){return async(t,a)=>{const{credentials:n,settings:o,enabled:r,...s}=a;await e.updateTable("email_providers").set({...s,credentials:n?JSON.stringify(n):void 0,settings:o?JSON.stringify(o):void 0,enabled:r!==void 0?r?1:0:void 0}).where("tenant_id","=",t).execute()}}function Ln(e){return async(t,a)=>{const{credentials:n,settings:o,enabled:r,...s}=a;await e.insertInto("email_providers").values({...s,enabled:r?1:0,credentials:JSON.stringify(n),settings:JSON.stringify(o),tenant_id:t,created_at:new Date().toISOString(),updated_at:new Date().toISOString()}).execute()}}function Un(e){return async t=>{await e.deleteFrom("email_providers").where("tenant_id","=",t).execute()}}function Kn(e){return{get:Mn(e),create:Ln(e),update:Jn(e),remove:Un(e)}}function De(e){const t={template:e.template,body:e.body,from:e.from,subject:e.subject,syntax:e.syntax,includeEmailInRedirect:!!e.include_email_in_redirect,enabled:!!e.enabled};return e.result_url!==null&&e.result_url!==void 0&&(t.resultUrl=e.result_url),e.url_lifetime_in_seconds!==null&&e.url_lifetime_in_seconds!==void 0&&(t.urlLifetimeInSeconds=e.url_lifetime_in_seconds),t}function Bn(e){return async(t,a)=>{const n=await e.selectFrom("email_templates").where("tenant_id","=",t).where("template","=",a).selectAll().executeTakeFirst();return n?N.emailTemplateSchema.parse(De(n)):null}}function Qn(e){return async t=>(await e.selectFrom("email_templates").where("tenant_id","=",t).orderBy("template","asc").selectAll().execute()).map(n=>N.emailTemplateSchema.parse(De(n)))}function Wn(e){return async(t,a)=>{const n=new Date().toISOString();return await e.insertInto("email_templates").values({tenant_id:t,template:a.template,body:a.body,from:a.from,subject:a.subject,syntax:a.syntax,result_url:a.resultUrl??null,url_lifetime_in_seconds:a.urlLifetimeInSeconds??null,include_email_in_redirect:a.includeEmailInRedirect?1:0,enabled:a.enabled?1:0,created_at:n,updated_at:n}).execute(),a}}function Hn(e){return async(t,a,n)=>{const o={};if(n.body!==void 0&&(o.body=n.body),n.from!==void 0&&(o.from=n.from),n.subject!==void 0&&(o.subject=n.subject),n.syntax!==void 0&&(o.syntax=n.syntax),n.resultUrl!==void 0&&(o.result_url=n.resultUrl),n.urlLifetimeInSeconds!==void 0&&(o.url_lifetime_in_seconds=n.urlLifetimeInSeconds),n.includeEmailInRedirect!==void 0&&(o.include_email_in_redirect=n.includeEmailInRedirect?1:0),n.enabled!==void 0&&(o.enabled=n.enabled?1:0),Object.keys(o).length===0)return await e.selectFrom("email_templates").where("tenant_id","=",t).where("template","=",a).select("template").executeTakeFirst()!==void 0;o.updated_at=new Date().toISOString();const r=await e.updateTable("email_templates").set(o).where("tenant_id","=",t).where("template","=",a).executeTakeFirst();return Number(r.numUpdatedRows??0)>0}}function Yn(e){return async(t,a)=>{const n=await e.deleteFrom("email_templates").where("tenant_id","=",t).where("template","=",a).executeTakeFirst();return Number(n.numDeletedRows??0)>0}}function Gn(e){return{get:Bn(e),list:Qn(e),create:Wn(e),update:Hn(e),remove:Yn(e)}}function Vn(e){return async(t,a)=>{const n=await e.selectFrom("refresh_tokens").where("refresh_tokens.tenant_id","=",t).where("refresh_tokens.id","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:l,revoked_at_ts:d,rotated_at_ts:_,...c}=n,m=F({created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:l,revoked_at_ts:d,rotated_at_ts:_},["created_at_ts"],["expires_at_ts","idle_expires_at_ts","last_exchanged_at_ts","revoked_at_ts","rotated_at_ts"]);return{...c,...m,rotating:!!n.rotating,device:n.device?JSON.parse(n.device):{},resource_servers:n.resource_servers?JSON.parse(n.resource_servers):[]}}}function Xn(e){return async(t,a)=>{const n=await e.selectFrom("refresh_tokens").where("refresh_tokens.tenant_id","=",t).where("refresh_tokens.token_lookup","=",a).selectAll().executeTakeFirst();if(!n)return null;const{tenant_id:o,created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:l,revoked_at_ts:d,rotated_at_ts:_,...c}=n,m=F({created_at_ts:r,expires_at_ts:s,idle_expires_at_ts:i,last_exchanged_at_ts:l,revoked_at_ts:d,rotated_at_ts:_},["created_at_ts"],["expires_at_ts","idle_expires_at_ts","last_exchanged_at_ts","revoked_at_ts","rotated_at_ts"]);return{...c,...m,rotating:!!n.rotating,device:n.device?JSON.parse(n.device):{},resource_servers:n.resource_servers?JSON.parse(n.resource_servers):[]}}}function Zn(e){return async(t,a)=>{const n=le(),o={...a,created_at:n},{expires_at:r,idle_expires_at:s,last_exchanged_at:i,rotated_at:l,device:d,resource_servers:_,rotating:c,...m}=a,u=Date.now(),f=x(r),p=s?x(s):null,g=Math.max(f??0,p??0);return await e.transaction().execute(async y=>{await y.insertInto("refresh_tokens").values({...m,tenant_id:t,rotating:c?1:0,device:JSON.stringify(d),resource_servers:JSON.stringify(_),created_at_ts:u,expires_at_ts:f,idle_expires_at_ts:p,last_exchanged_at_ts:i?x(i):null,rotated_at_ts:l?x(l):null}).execute(),g>0&&a.login_id&&await y.updateTable("login_sessions").set({expires_at_ts:g,updated_at_ts:u}).where("tenant_id","=",t).where("id","=",a.login_id).where("expires_at_ts","<",g).execute()}),{...a,...o}}}function eo(e){return async(t,a)=>!!(await e.deleteFrom("refresh_tokens").where("tenant_id","=",t).where("refresh_tokens.id","=",a).execute()).length}function to(e){return async(t,a,n)=>{const o=x(n),r=await e.updateTable("refresh_tokens").set({revoked_at_ts:o}).where("tenant_id","=",t).where("login_id","=",a).where("revoked_at_ts","is",null).executeTakeFirst();return Number(r.numUpdatedRows??0)}}function ao(e){return async(t,a,n)=>{const o=x(n),r=await e.updateTable("refresh_tokens").set({revoked_at_ts:o}).where("tenant_id","=",t).where("family_id","=",a).where("revoked_at_ts","is",null).executeTakeFirst();return Number(r.numUpdatedRows??0)}}function no(e){return async(t,a,n,o)=>{const{created_at:r,expires_at:s,idle_expires_at:i,last_exchanged_at:l,revoked_at:d,rotated_at:_,device:c,resource_servers:m,rotating:u,...f}=n,p={...f,device:c?JSON.stringify(c):void 0,resource_servers:m?JSON.stringify(m):void 0,rotating:u!==void 0?u?1:0:void 0,expires_at_ts:s!==void 0?x(s):void 0,idle_expires_at_ts:i!==void 0?x(i):void 0,last_exchanged_at_ts:l!==void 0?x(l):void 0,revoked_at_ts:d!==void 0?x(d):void 0,rotated_at_ts:_!==void 0?x(_):void 0},g=o==null?void 0:o.loginSessionBump,y=g?x(g.expires_at):null,b=await e.updateTable("refresh_tokens").set(p).where("tenant_id","=",t).where("refresh_tokens.id","=",a).executeTakeFirst();return g!=null&&g.login_id&&y&&y>0&&await e.updateTable("login_sessions").set({expires_at_ts:y,updated_at_ts:Date.now()}).where("tenant_id","=",t).where("id","=",g.login_id).where("expires_at_ts","<",y).execute().catch(()=>{}),((b==null?void 0:b.numUpdatedRows)??0n)>0n}}function oo(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,sort:s,q:i}=a;let l=e.selectFrom("refresh_tokens").where("refresh_tokens.tenant_id","=",t);i&&(l=O(e,l,i,["token","login_id"]));let d=l;if(s&&s.sort_by){const{ref:f}=e.dynamic;d=d.orderBy(f(s.sort_by),s.sort_order)}d=d.offset(n*o).limit(o);const c=(await d.selectAll().execute()).map(f=>{const{tenant_id:p,created_at_ts:g,expires_at_ts:y,idle_expires_at_ts:b,last_exchanged_at_ts:S,revoked_at_ts:$,rotated_at_ts:D,...C}=f,T=F({created_at_ts:g,expires_at_ts:y,idle_expires_at_ts:b,last_exchanged_at_ts:S,revoked_at_ts:$,rotated_at_ts:D},["created_at_ts"],["expires_at_ts","idle_expires_at_ts","last_exchanged_at_ts","revoked_at_ts","rotated_at_ts"]);return{...C,...T,rotating:!!f.rotating,device:f.device?JSON.parse(f.device):{},resource_servers:f.resource_servers?JSON.parse(f.resource_servers):[]}});if(!r)return{refresh_tokens:c,start:0,limit:0,length:0};const{count:m}=await l.select(f=>f.fn.countAll().as("count")).executeTakeFirstOrThrow(),u=E(m);return{refresh_tokens:c,start:n*o,limit:o,length:u}}}function ro(e){return{create:Zn(e),get:Vn(e),getByLookup:Xn(e),list:oo(e),remove:eo(e),revokeByLoginSession:to(e),revokeFamily:ao(e),update:no(e)}}const so=7*24*60*60*1e3;function io(e){return async t=>{var i,l,d;const{tenant_id:a,user_id:n}=t||{},r=Date.now()-so,s=1e3;try{let _=0;for(;;){let u=e.deleteFrom("refresh_tokens").where(g=>g.or([g("expires_at_ts","<",r),g("idle_expires_at_ts","<",r)]));a&&(u=u.where("tenant_id","=",a)),n&&(u=u.where("user_id","=",n));const f=await u.limit(s).execute(),p=Number(((i=f[0])==null?void 0:i.numDeletedRows)??0);if(_+=p,p<s)break}let c=0;for(;;){let u=e.deleteFrom("sessions").where(g=>g.or([g("expires_at_ts","<",r),g("idle_expires_at_ts","<",r)]));a&&(u=u.where("tenant_id","=",a)),n&&(u=u.where("user_id","=",n));const f=await u.limit(s).execute(),p=Number(((l=f[0])==null?void 0:l.numDeletedRows)??0);if(c+=p,p<s)break}let m=0;for(;;){let u=e.deleteFrom("login_sessions").where("expires_at_ts","<",r);a&&(u=u.where("tenant_id","=",a)),n&&(u=u.where("user_id","=",n));const f=await u.limit(s).execute(),p=Number(((d=f[0])==null?void 0:d.numDeletedRows)??0);if(m+=p,p<s)break}(_>0||c>0||m>0)&&console.log(`Session cleanup: deleted ${_} refresh_tokens, ${c} sessions, ${m} login_sessions`)}catch(_){console.error("Error during session cleanup:",_)}}}function co(e){return async(t,a)=>{const n=N.formSchema.parse({id:k.nanoid(),...a,created_at:new Date().toISOString(),updated_at:new Date().toISOString()});return await e.insertInto("forms").values({...n,nodes:JSON.stringify(n.nodes||[]),start:JSON.stringify(n.start||{}),ending:JSON.stringify(n.ending||{}),tenant_id:t}).execute(),N.formSchema.parse(n)}}function lo(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("forms").where("tenant_id","=",t);s&&(i=O(e,i,s,[]));const _=(await i.offset(n*o).limit(o).selectAll().execute()).map(m=>{const u={...m};if(typeof u.nodes=="string")try{u.nodes=JSON.parse(u.nodes)}catch{}if(typeof u.start=="string")try{u.start=JSON.parse(u.start)}catch{}if(typeof u.ending=="string")try{u.ending=JSON.parse(u.ending)}catch{}return N.formSchema.parse(v(u))});if(!r)return{forms:_,start:0,limit:0,length:0};const{count:c}=await i.select(m=>m.fn.countAll().as("count")).executeTakeFirstOrThrow();return{forms:_,start:n*o,limit:o,length:E(c)}}}function uo(e){return async(t,a)=>{const{numDeletedRows:n}=await e.deleteFrom("forms").where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return n>0}}function _o(e){return async(t,a)=>{const n=await e.selectFrom("forms").selectAll().where("forms.id","=",a).where("tenant_id","=",t).executeTakeFirst();if(!n)return null;const o={...n};if(typeof o.nodes=="string")try{o.nodes=JSON.parse(o.nodes)}catch{}if(typeof o.start=="string")try{o.start=JSON.parse(o.start)}catch{}if(typeof o.ending=="string")try{o.ending=JSON.parse(o.ending)}catch{}return N.formSchema.parse(v(o))}}function mo(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};W(n,["nodes","start","ending"],o);const{numUpdatedRows:r}=await e.updateTable("forms").set(o).where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return r>0}}function ho(e){return{create:co(e),get:_o(e),list:lo(e),remove:uo(e),update:mo(e)}}function po(e){return async(t,a)=>{const n=new Date().toISOString(),o={id:ot(),...a,created_at:n,updated_at:n},r=N.resourceServerSchema.parse(o),{verificationKey:s,scopes:i,options:l,skip_consent_for_verifiable_first_party_clients:d,allow_offline_access:_,is_system:c,metadata:m,...u}=r,f={...u,tenant_id:t,scopes:i?JSON.stringify(i):"[]",options:l?JSON.stringify(l):"{}",skip_consent_for_verifiable_first_party_clients:d?1:0,allow_offline_access:_?1:0,is_system:c?1:0,metadata:m?JSON.stringify(m):void 0,verification_key:s,created_at:n,updated_at:n};return await e.insertInto("resource_servers").values(f).execute(),v(r)}}function fo(e){return async(t,a)=>{const n=await e.selectFrom("resource_servers").selectAll().where("tenant_id","=",t).where("id","=",a).executeTakeFirst();if(!n)return null;const o=n,{verification_key:r,scopes:s,options:i,skip_consent_for_verifiable_first_party_clients:l,allow_offline_access:d,is_system:_,metadata:c,...m}=o,u=v({...m,scopes:s?JSON.parse(s):[],options:i?JSON.parse(i):{},skip_consent_for_verifiable_first_party_clients:!!l,allow_offline_access:!!d,is_system:_?!0:void 0,metadata:c?JSON.parse(c):void 0,verificationKey:r});return u.token_lifetime??(u.token_lifetime=86400),u.token_lifetime_for_web??(u.token_lifetime_for_web=7200),u}}function go(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1,q:s}=a;let i=e.selectFrom("resource_servers").where("resource_servers.tenant_id","=",t);if(s){const m=s.trim(),u=m.split(/\s+/),f=u.length===1?u[0]:void 0,p=f?f.match(/^(-)?(name|identifier):(.*)$/):null,g=p?p[3]:"",y=/^(>=|>|<=|<)/.test(g||"");if(p&&!y){const b=!!p[1],S=p[2]==="name"?"resource_servers.name":"resource_servers.identifier";i=b?i.where(S,"not like",`%${g}%`):i.where(S,"like",`%${g}%`)}else i=O(e,i,m,["resource_servers.name","resource_servers.identifier"])}const _=(await i.offset(n*o).limit(o).selectAll().execute()).map(m=>{const u=m,{verification_key:f,scopes:p,options:g,skip_consent_for_verifiable_first_party_clients:y,allow_offline_access:b,is_system:S,metadata:$,...D}=u,C=v({...D,scopes:p?JSON.parse(p):[],options:g?JSON.parse(g):{},skip_consent_for_verifiable_first_party_clients:!!y,allow_offline_access:!!b,is_system:S?!0:void 0,metadata:$?JSON.parse($):void 0,verificationKey:f});return C.token_lifetime??(C.token_lifetime=86400),C.token_lifetime_for_web??(C.token_lifetime_for_web=7200),C});if(!r)return{resource_servers:_,start:0,limit:0,length:0};const{count:c}=await i.select(m=>m.fn.countAll().as("count")).executeTakeFirstOrThrow();return{resource_servers:_,start:n*o,limit:o,length:E(c)}}}function wo(e){return async(t,a)=>{const n=await e.deleteFrom("resource_servers").where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return Number(n.numDeletedRows)>0}}function yo(e){return async(t,a,n)=>{const{verificationKey:o,scopes:r,options:s,skip_consent_for_verifiable_first_party_clients:i,allow_offline_access:l,is_system:d,metadata:_,...c}=n,m={...c,updated_at:new Date().toISOString()};if(o!==void 0&&(m.verification_key=o),r!==void 0&&(m.scopes=JSON.stringify(r)),s!==void 0){const f=await e.selectFrom("resource_servers").select("options").where("tenant_id","=",t).where("id","=",a).executeTakeFirst(),g={...f!=null&&f.options?JSON.parse(f.options):{},...s};m.options=JSON.stringify(g)}_!==void 0&&(m.metadata=JSON.stringify(_)),i!==void 0&&(m.skip_consent_for_verifiable_first_party_clients=i?1:0),l!==void 0&&(m.allow_offline_access=l?1:0),d!==void 0&&(m.is_system=d?1:0);const u=await e.updateTable("resource_servers").set(m).where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return Number(u.numUpdatedRows)>0}}function vo(e){return{create:po(e),get:fo(e),list:go(e),remove:wo(e),update:yo(e)}}function Co(e){return async(t,a)=>{const n=new Date().toISOString(),o=a.id||k.nanoid(),{is_system:r,id:s,metadata:i,...l}=a,d={id:o,...l,tenant_id:t,is_system:r?1:0,metadata:i?JSON.stringify(i):void 0,created_at:n,updated_at:n};return await e.insertInto("roles").values(d).execute(),{id:o,...l,is_system:r?!0:void 0,metadata:i,created_at:n,updated_at:n}}}function xo(e){return async(t,a)=>{const n=await e.selectFrom("roles").selectAll().where("roles.tenant_id","=",t).where("roles.id","=",a).executeTakeFirst();if(!n)return null;const o=n,{is_system:r,tenant_id:s,metadata:i,...l}=o;return{...l,is_system:r?!0:void 0,metadata:i?JSON.parse(i):void 0}}}function To(e){return async(t,a)=>{let n=e.selectFrom("roles").where("roles.tenant_id","=",t);const{page:o=0,per_page:r=50,include_totals:s=!1}=a;a.q&&(n=O(e,n,a.q,["name"]));const d=(await n.offset(o*r).limit(r).selectAll().execute()).map(c=>{const m=c,{is_system:u,tenant_id:f,metadata:p,...g}=m;return{...g,is_system:u?!0:void 0,metadata:p?JSON.parse(p):void 0}});if(!s)return{roles:d,start:o*r,limit:r,length:d.length};const{count:_}=await n.select(c=>c.fn.countAll().as("count")).executeTakeFirstOrThrow();return{roles:d,start:o*r,limit:r,length:E(_)}}}function bo(e){return async(t,a,n)=>{const{is_system:o,metadata:r,...s}=n,i={...s,is_system:o!==void 0?o?1:0:void 0,metadata:r!==void 0?JSON.stringify(r):void 0,updated_at:new Date().toISOString()},l=await e.updateTable("roles").set(i).where("roles.tenant_id","=",t).where("roles.id","=",a).executeTakeFirst();return Number(l.numUpdatedRows)>0}}function No(e){return async(t,a)=>{const n=await e.deleteFrom("roles").where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return Number(n.numDeletedRows)>0}}function So(e){return{create:Co(e),get:xo(e),list:To(e),update:bo(e),remove:No(e)}}function Oo(e){return async(t,a,n)=>{if(n.length===0)return!0;const o=new Date().toISOString();try{for(const r of n){if(r.role_id!==a)throw new Error(`Permission role_id ${r.role_id} does not match expected role_id ${a}`);const s={tenant_id:t,role_id:r.role_id,resource_server_identifier:r.resource_server_identifier,permission_name:r.permission_name,created_at:o};try{await e.insertInto("role_permissions").values(s).execute()}catch(i){if(i.code==="SQLITE_CONSTRAINT_PRIMARYKEY"||i.code==="SQLITE_CONSTRAINT_UNIQUE"||i.code==="ER_DUP_ENTRY")continue;throw i}}return!0}catch(r){return console.error("Error assigning role permissions:",r),!1}}}function ko(e){return async(t,a,n)=>{if(n.length===0)return!0;try{return(await Promise.all(n.map(r=>e.deleteFrom("role_permissions").where("tenant_id","=",t).where("role_id","=",a).where("resource_server_identifier","=",r.resource_server_identifier).where("permission_name","=",r.permission_name).executeTakeFirst()))).some(r=>Number(r.numDeletedRows)>0)}catch(o){return console.error("Error removing role permissions:",o),!1}}}function $o(e){return async(t,a,n={})=>{const{page:o=0,per_page:r=50,include_totals:s=!1}=n;let i=e.selectFrom("role_permissions").leftJoin("resource_servers",c=>c.onRef("role_permissions.tenant_id","=","resource_servers.tenant_id").onRef("role_permissions.resource_server_identifier","=","resource_servers.id")).select(["role_permissions.role_id","role_permissions.resource_server_identifier","role_permissions.permission_name","role_permissions.created_at","resource_servers.name as resource_server_name"]).where("role_permissions.tenant_id","=",t).where("role_permissions.role_id","=",a);const _=(await i.offset(o*r).limit(r).execute()).map(c=>({role_id:c.role_id,resource_server_identifier:c.resource_server_identifier,resource_server_name:c.resource_server_name||c.resource_server_identifier,permission_name:c.permission_name,description:null,created_at:c.created_at}));return s&&await i.select(c=>c.fn.countAll().as("count")).executeTakeFirstOrThrow(),_}}function Eo(e){return{assign:Oo(e),remove:ko(e),list:$o(e)}}function Io(e){return async(t,a,n,o)=>{const r=new Date().toISOString();try{const s={tenant_id:t,user_id:a,resource_server_identifier:n.resource_server_identifier,permission_name:n.permission_name,organization_id:o||n.organization_id||"",created_at:r};return await e.insertInto("user_permissions").values(s).execute(),!0}catch(s){return s.code==="SQLITE_CONSTRAINT_PRIMARYKEY"||s.code==="SQLITE_CONSTRAINT_UNIQUE"||s.code==="SQLITE_CONSTRAINT"||s.code==="ER_DUP_ENTRY"||s.message&&s.message.includes("UNIQUE constraint failed")||s.message&&s.message.includes("PRIMARY KEY constraint failed")?!0:(console.error("Error creating user permission:",s),!1)}}}function Po(e){return async(t,a,n,o)=>{try{let r=e.deleteFrom("user_permissions").where("tenant_id","=",t).where("user_id","=",a).where("resource_server_identifier","=",n.resource_server_identifier).where("permission_name","=",n.permission_name);return o!==void 0?r=r.where("organization_id","=",o):r=r.where("organization_id","=",""),await r.execute(),!0}catch(r){return console.error("Error removing user permission:",r),!1}}}function zo(e){return async(t,a,n,o)=>{let r=e.selectFrom("user_permissions").leftJoin("resource_servers",i=>i.onRef("user_permissions.tenant_id","=","resource_servers.tenant_id").onRef("user_permissions.resource_server_identifier","=","resource_servers.id")).select(["user_permissions.resource_server_identifier","user_permissions.permission_name","resource_servers.name as resource_server_name","user_permissions.user_id","user_permissions.created_at","user_permissions.organization_id"]).where("user_permissions.tenant_id","=",t).where("user_permissions.user_id","=",a);return o!==void 0&&(r=r.where("user_permissions.organization_id","=",o)),(await r.execute()).map(i=>({resource_server_identifier:i.resource_server_identifier,permission_name:i.permission_name,description:null,resource_server_name:i.resource_server_name||i.resource_server_identifier,user_id:i.user_id,created_at:i.created_at,organization_id:i.organization_id===""?void 0:i.organization_id}))}}function Do(e){return{create:Io(e),remove:Po(e),list:zo(e)}}function Ao(e){const t=Do(e);return{create:(a,n,o,r)=>t.create(a,n,o,r),remove:(a,n,o,r)=>t.remove(a,n,o,r),list:(a,n,o,r)=>t.list(a,n,o,r)}}function Fo(e){return async(t,a,n,o)=>{let r=e.selectFrom("user_roles as ur").innerJoin("roles as r",i=>i.onRef("ur.role_id","=","r.id").onRef("ur.tenant_id","=","r.tenant_id")).select(["r.id","r.name","r.description","r.created_at","r.updated_at"]).where("ur.tenant_id","=",t).where("ur.user_id","=",a);return o!==void 0&&(r=r.where("ur.organization_id","=",o)),await r.execute()}}function jo(e){return async(t,a,n,o)=>{const r=new Date().toISOString();try{return await e.insertInto("user_roles").values({tenant_id:t,user_id:a,role_id:n,organization_id:o||"",created_at:r}).execute(),!0}catch(s){return s.code==="SQLITE_CONSTRAINT_PRIMARYKEY"||s.code==="SQLITE_CONSTRAINT_UNIQUE"||s.code==="SQLITE_CONSTRAINT"||s.code==="ER_DUP_ENTRY"||s.message&&s.message.includes("UNIQUE constraint failed")||s.message&&s.message.includes("PRIMARY KEY constraint failed")?!0:(console.error("Error creating user role:",s),!1)}}}function Ro(e){return async(t,a,n,o)=>{try{let r=e.deleteFrom("user_roles").where("tenant_id","=",t).where("user_id","=",a).where("role_id","=",n);return o!==void 0?r=r.where("organization_id","=",o):r=r.where("organization_id","=",""),await r.execute(),!0}catch(r){return console.error("Error removing user roles:",r),!1}}}function qo(e){return{list:Fo(e),create:jo(e),remove:Ro(e)}}function Mo(e){const t=qo(e);return{list:(a,n,o,r)=>t.list(a,n,o,r),create:(a,n,o,r)=>t.create(a,n,o,r),remove:(a,n,o,r)=>t.remove(a,n,o,r)}}function Jo(e){return async(t,a)=>{const n={...a,id:a.id||Ze(),tenant_id:t,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),branding:JSON.stringify(a.branding||{}),metadata:JSON.stringify(a.metadata||{}),enabled_connections:JSON.stringify(a.enabled_connections||[]),token_quota:JSON.stringify(a.token_quota||{})};try{await e.insertInto("organizations").values(n).execute()}catch(o){throw o.code==="SQLITE_CONSTRAINT_UNIQUE"||o.code==="ER_DUP_ENTRY"||o.message.includes("AlreadyExists")?new U(409,{message:"Organization already exists"}):o}return{...a,id:n.id,created_at:n.created_at,updated_at:n.updated_at}}}function Lo(e){return async(t,a)=>{let n=await e.selectFrom("organizations").selectAll().where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return n||(n=await e.selectFrom("organizations").selectAll().where("tenant_id","=",t).where("name","=",a).executeTakeFirst()),n?v({...n,branding:n.branding?JSON.parse(n.branding):{},metadata:n.metadata?JSON.parse(n.metadata):{},enabled_connections:n.enabled_connections?JSON.parse(n.enabled_connections):[],token_quota:n.token_quota?JSON.parse(n.token_quota):{}}):null}}const Y=["name","display_name"];function Uo(e){return async(t,a)=>{let n=e.selectFrom("organizations").where("tenant_id","=",t);if(a!=null&&a.q){const c=se(a.q,Y);c&&(n=O(e,n,c,Y))}if(a!=null&&a.sort){const c=a.sort.sort_order==="asc"?"asc":"desc",m=a.sort.sort_by;["name","display_name","created_at"].includes(m)?n=n.orderBy(m,c):n=n.orderBy("created_at","desc")}else n=n.orderBy("created_at","desc");const o=(a==null?void 0:a.take)??(a==null?void 0:a.per_page),r=typeof o=="number"&&Number.isFinite(o)?Math.floor(o):NaN,s=r>=1?r:10;let i=0;if((a==null?void 0:a.from)!==void 0){const c=parseInt(a.from,10);Number.isNaN(c)||(i=Math.max(0,c))}else typeof(a==null?void 0:a.page)=="number"&&Number.isFinite(a.page)&&(i=Math.max(0,Math.floor(a.page)*s));i>0&&(n=n.offset(i)),n=n.limit(s);const l=await n.selectAll().execute();let d=l.length;if(a!=null&&a.include_totals){let c=e.selectFrom("organizations").where("tenant_id","=",t);if(a!=null&&a.q){const u=se(a.q,Y);u&&(c=O(e,c,u,Y))}const m=await c.select(h.sql`count(*)`.as("count")).executeTakeFirst();d=Number((m==null?void 0:m.count)||0)}const _=l.map(c=>v({...c,branding:c.branding?JSON.parse(c.branding):{},metadata:c.metadata?JSON.parse(c.metadata):{},enabled_connections:c.enabled_connections?JSON.parse(c.enabled_connections):[],token_quota:c.token_quota?JSON.parse(c.token_quota):{}}));return{organizations:_,start:i,limit:s,length:_.length,total:d}}}function Ko(e){return async(t,a)=>(await e.deleteFrom("organizations").where("tenant_id","=",t).where("id","=",a).execute()).length>0}function Bo(e){return async(t,a,n)=>{const{branding:o,metadata:r,enabled_connections:s,token_quota:i,...l}=n,d={...l,updated_at:new Date().toISOString()};return W(n,["branding","metadata","enabled_connections","token_quota"],d),(await e.updateTable("organizations").set(d).where("tenant_id","=",t).where("id","=",a).execute()).length>0}}function Qo(e){return{create:Jo(e),get:Lo(e),list:Uo(e),remove:Ko(e),update:Bo(e)}}function G(e,t){return{connection_id:e.connection_id,assign_membership_on_login:!!e.assign_membership_on_login,show_as_button:!!e.show_as_button,is_signup_enabled:!!e.is_signup_enabled,connection:t?{name:t.name,strategy:t.strategy}:void 0,created_at:e.created_at,updated_at:e.updated_at}}async function V(e,t,a){const n=await e.selectFrom("connections").select(["name","strategy"]).where("tenant_id","=",t).where("id","=",a).executeTakeFirst();if(n)return{name:n.name,strategy:typeof n.strategy=="string"?n.strategy:void 0}}function Wo(e){return{async create(t,a,n){const o=new Date().toISOString(),r={tenant_id:t,organization_id:a,connection_id:n.connection_id,assign_membership_on_login:n.assign_membership_on_login?1:0,show_as_button:n.show_as_button===!1?0:1,is_signup_enabled:n.is_signup_enabled===!1?0:1,created_at:o,updated_at:o};await e.insertInto("organization_connections").values(r).execute();const s=await V(e,t,n.connection_id);return G(r,s)},async list(t,a){const n=await e.selectFrom("organization_connections").selectAll().where("tenant_id","=",t).where("organization_id","=",a).execute(),o=[];for(const r of n){const s=await V(e,t,r.connection_id);o.push(G(r,s))}return o},async get(t,a,n){const o=await e.selectFrom("organization_connections").selectAll().where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();if(!o)return null;const r=await V(e,t,n);return G(o,r)},async update(t,a,n,o){const r={updated_at:new Date().toISOString()};o.assign_membership_on_login!==void 0&&(r.assign_membership_on_login=o.assign_membership_on_login?1:0),o.show_as_button!==void 0&&(r.show_as_button=o.show_as_button?1:0),o.is_signup_enabled!==void 0&&(r.is_signup_enabled=o.is_signup_enabled?1:0);const s=await e.updateTable("organization_connections").set(r).where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();if(Number(s.numUpdatedRows??0)===0)return null;const i=await e.selectFrom("organization_connections").selectAll().where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();if(!i)return null;const l=await V(e,t,n);return G(i,l)},async remove(t,a,n){const o=await e.deleteFrom("organization_connections").where("tenant_id","=",t).where("organization_id","=",a).where("connection_id","=",n).executeTakeFirst();return Number(o.numDeletedRows??0)>0}}}function Ho(e){return async(t,a)=>{const n={id:k.nanoid(),tenant_id:t,user_id:a.user_id,organization_id:a.organization_id,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};try{await e.insertInto("user_organizations").values(n).execute()}catch(o){throw o.code==="SQLITE_CONSTRAINT_UNIQUE"||o.code==="ER_DUP_ENTRY"?new U(409,{message:"User is already a member of this organization"}):o}return{...n}}}function Yo(e){return async(t,a)=>{const n=await e.selectFrom("user_organizations").selectAll().where("id","=",a).where("tenant_id","=",t).executeTakeFirst();return n?{id:n.id,user_id:n.user_id,organization_id:n.organization_id,created_at:n.created_at,updated_at:n.updated_at}:null}}function Go(e){return async(t,a)=>{const n=(a==null?void 0:a.page)||0,o=(a==null?void 0:a.per_page)||50,r=n*o;let s=e.selectFrom("user_organizations").selectAll().where("tenant_id","=",t);if(a!=null&&a.q){if(a.q.startsWith("user_id:")){const c=a.q.replace("user_id:","");s=s.where("user_id","=",c)}else if(a.q.startsWith("organization_id:")){const c=a.q.replace("organization_id:","");s=s.where("organization_id","=",c)}}s=s.orderBy("created_at","desc"),o>0&&(s=s.limit(o).offset(r));const i=await s.execute();let l=e.selectFrom("user_organizations").select(e.fn.count("id").as("count")).where("tenant_id","=",t);if(a!=null&&a.q){if(a.q.startsWith("user_id:")){const c=a.q.replace("user_id:","");l=l.where("user_id","=",c)}else if(a.q.startsWith("organization_id:")){const c=a.q.replace("organization_id:","");l=l.where("organization_id","=",c)}}const d=await l.executeTakeFirst();return{userOrganizations:i.map(c=>({id:c.id,user_id:c.user_id,organization_id:c.organization_id,created_at:c.created_at,updated_at:c.updated_at})),start:r,limit:o,length:Number((d==null?void 0:d.count)||0)}}}function Vo(e){return async(t,a,n)=>{const o=(n==null?void 0:n.page)||0,r=(n==null?void 0:n.per_page)||50,s=o*r;let i=e.selectFrom("user_organizations").innerJoin("organizations",c=>c.onRef("organizations.id","=","user_organizations.organization_id").on("organizations.tenant_id","=",t)).select(["organizations.id","organizations.name","organizations.display_name","organizations.branding","organizations.metadata","organizations.enabled_connections","organizations.token_quota","organizations.created_at","organizations.updated_at","user_organizations.created_at as joined_at"]).where("user_organizations.tenant_id","=",t).where("user_organizations.user_id","=",a);i=i.orderBy("user_organizations.created_at","desc"),r>0&&(i=i.limit(r).offset(s));const l=await i.execute(),d=await e.selectFrom("user_organizations").innerJoin("organizations",c=>c.onRef("organizations.id","=","user_organizations.organization_id").on("organizations.tenant_id","=",t)).select(e.fn.count("user_organizations.id").as("count")).where("user_organizations.tenant_id","=",t).where("user_organizations.user_id","=",a).executeTakeFirst();return{organizations:l.map(c=>({id:c.id,name:c.name,display_name:c.display_name,branding:c.branding?JSON.parse(c.branding):void 0,metadata:c.metadata?JSON.parse(c.metadata):{},enabled_connections:c.enabled_connections?JSON.parse(c.enabled_connections):[],token_quota:c.token_quota?JSON.parse(c.token_quota):void 0,created_at:c.created_at,updated_at:c.updated_at,joined_at:c.joined_at})),start:s,limit:r,length:Number((d==null?void 0:d.count)||0)}}}function Xo(e){return async(t,a)=>(await e.deleteFrom("user_organizations").where("id","=",a).where("tenant_id","=",t).execute()).length>0}function Zo(e){return async(t,a,n)=>{const o={...n,updated_at:new Date().toISOString()};return(await e.updateTable("user_organizations").set(o).where("id","=",a).where("tenant_id","=",t).execute()).length>0}}function er(e){return{create:Ho(e),get:Yo(e),list:Go(e),listUserOrganizations:Vo(e),remove:Xo(e),update:Zo(e)}}function tr(e){return async(t,a)=>{const n=a.id||st(),o=new Date().toISOString(),r=a.ttl_sec||604800,s=new Date(Date.now()+r*1e3).toISOString(),i=W({id:n,tenant_id:t,organization_id:a.organization_id,inviter:a.inviter||{},invitee:a.invitee||{},client_id:a.client_id,connection_id:a.connection_id||null,invitation_url:a.invitation_url,created_at:o,expires_at:s,app_metadata:a.app_metadata||{},user_metadata:a.user_metadata||{},roles:a.roles||[],ticket_id:null,ttl_sec:r,send_invitation_email:a.send_invitation_email??!0?1:0},["inviter","invitee","app_metadata","user_metadata","roles"]);try{await e.insertInto("invites").values(i).execute()}catch(l){throw l.code==="SQLITE_CONSTRAINT_UNIQUE"||l.code==="ER_DUP_ENTRY"||l.message.includes("AlreadyExists")?new U(409,{message:"Invite already exists"}):l}return{id:n,organization_id:i.organization_id,inviter:a.inviter,invitee:a.invitee,client_id:a.client_id,connection_id:a.connection_id,invitation_url:a.invitation_url,created_at:o,expires_at:s,app_metadata:a.app_metadata||{},user_metadata:a.user_metadata||{},roles:a.roles||[],ticket_id:i.ticket_id||void 0,ttl_sec:r,send_invitation_email:a.send_invitation_email??!0}}}function ar(e){return async(t,a)=>{const n=await e.selectFrom("invites").selectAll().where("tenant_id","=",t).where("id","=",a).executeTakeFirst();if(!n)return null;const o=ke(n,{inviter:{},invitee:{},app_metadata:{},user_metadata:{},roles:[]});return v({...o,send_invitation_email:n.send_invitation_email===1})}}function nr(e){return async(t,a)=>{let n=e.selectFrom("invites").selectAll().where("tenant_id","=",t).orderBy("created_at","desc");if(a!=null&&a.per_page&&(n=n.limit(a.per_page)),a!=null&&a.page){const s=(a.page-1)*(a.per_page||10);n=n.offset(s)}const r=(await n.execute()).map(s=>{const i=ke(s,{inviter:{},invitee:{},app_metadata:{},user_metadata:{},roles:[]});return v({...i,send_invitation_email:s.send_invitation_email===1})});return{invites:r,start:a!=null&&a.page?(a.page-1)*(a.per_page||10):0,limit:(a==null?void 0:a.per_page)||r.length,length:r.length}}}function or(e){return async(t,a)=>(await e.deleteFrom("invites").where("tenant_id","=",t).where("id","=",a).executeTakeFirst()).numDeletedRows>0n}function rr(e){return async(t,a,n)=>{const o={};return n.inviter!==void 0&&(o.inviter=JSON.stringify(n.inviter)),n.invitee!==void 0&&(o.invitee=JSON.stringify(n.invitee)),n.client_id!==void 0&&(o.client_id=n.client_id),n.connection_id!==void 0&&(o.connection_id=n.connection_id),n.app_metadata!==void 0&&(o.app_metadata=JSON.stringify(n.app_metadata)),n.user_metadata!==void 0&&(o.user_metadata=JSON.stringify(n.user_metadata)),n.roles!==void 0&&(o.roles=JSON.stringify(n.roles)),n.ttl_sec!==void 0&&(o.ttl_sec=n.ttl_sec,o.expires_at=new Date(Date.now()+n.ttl_sec*1e3).toISOString()),n.send_invitation_email!==void 0&&(o.send_invitation_email=n.send_invitation_email?1:0),Object.keys(o).length===0?!0:(await e.updateTable("invites").set(o).where("tenant_id","=",t).where("id","=",a).executeTakeFirst()).numUpdatedRows>0n}}function sr(e){return{create:tr(e),get:ar(e),list:nr(e),remove:or(e),update:rr(e)}}const we=["s"],ir=["pwd_leak"];function ye(e){return/^\d{8}$/.test(e)?`${e.slice(0,4)}-${e.slice(4,6)}-${e.slice(6,8)}`:e}function ve(e){return e.toISOString().split("T")[0]}function cr(e){return{async getDaily(t,a={}){const{from:n,to:o}=a,r=new Date,s=new Date(r);s.setDate(s.getDate()-30);const i=n?ye(n):ve(s),l=o?ye(o):ve(r),d=h.sql`DATE(logs.date)`;return(await e.selectFrom("logs").where("tenant_id","=",t).where(d,">=",i).where(d,"<=",l).select(c=>[d.as("date"),c.fn.sum(c.case().when("type","in",we).then(1).else(0).end()).as("logins"),c.fn.sum(c.case().when("type","=","ss").then(1).else(0).end()).as("signups"),c.fn.sum(c.case().when("type","in",ir).then(1).else(0).end()).as("leaked_passwords"),c.fn.min("date").as("first_event"),c.fn.max("date").as("last_event")]).groupBy(d).orderBy("date","asc").execute()).map(c=>({date:c.date,logins:Number(c.logins)||0,signups:Number(c.signups)||0,leaked_passwords:Number(c.leaked_passwords)||0,created_at:c.first_event||new Date().toISOString(),updated_at:c.last_event||new Date().toISOString()}))},async getActiveUsers(t){const a=new Date;return a.setDate(a.getDate()-30),(await e.selectFrom("logs").where("tenant_id","=",t).where("date",">=",a.toISOString()).where("type","in",we).where("user_id","is not",null).select(o=>o.fn.count("user_id").distinct().as("count")).executeTakeFirstOrThrow()).count||0}}}const lr={"active-users":["s","seacft"],logins:["s","f","fp"],signups:["ss","fs"],"refresh-tokens":["seacft","fertft"],sessions:["slo"]},dr={"active-users":{alias:"active_users",type:"UInt64",agg:"uniq"},logins:{alias:"logins",type:"UInt64",agg:"count"},signups:{alias:"signups",type:"UInt64",agg:"count"},"refresh-tokens":{alias:"refresh_tokens",type:"UInt64",agg:"count"},sessions:{alias:"sessions",type:"UInt64",agg:"count"}};async function ur(e){try{return await h.sql`SELECT @@version_comment`.execute(e),"mysql"}catch{return"sqlite"}}function ce(e,t){const a=new Intl.DateTimeFormat("en-US",{timeZone:e,year:"numeric",month:"2-digit",day:"2-digit",hour:"2-digit",minute:"2-digit",second:"2-digit",hour12:!1}),n={};for(const c of a.formatToParts(t))n[c.type]=c.value;const o=n.hour==="24"?"00":n.hour,r=Date.UTC(Number(n.year),Number(n.month)-1,Number(n.day),Number(o),Number(n.minute),Number(n.second)),s=Math.round((r-t.getTime())/6e4),i=s>=0?"+":"-",l=Math.abs(s),d=String(Math.floor(l/60)).padStart(2,"0"),_=String(l%60).padStart(2,"0");return`${i}${d}:${_}`}const _r=["January","February","March","April","May","June","July","August","September","October","November","December"];function mr(e,t){const a=t.getUTCFullYear(),n=ce(e,new Date(Date.UTC(a,0,1)));for(let o=1;o<12;o++){const r=ce(e,new Date(Date.UTC(a,o,1)));if(r!==n)throw new Error(`Timezone '${e}' is DST-varying (offset ${n} in January vs ${r} in ${_r[o]}) and cannot be bucketed with a single fixed offset by the SQL analytics adapter. Use a fixed-offset zone (e.g. 'UTC' or '+02:00').`)}}function Ae(e){const t=e.startsWith("-")?-1:1,[a,n]=e.slice(1).split(":");return t*(Number(a)*60+Number(n))}function hr(e,t){let a;if(t==="+00:00")a=h.sql`${h.sql.ref("logs.date")}`;else{const n=Ae(t),o=`${n>=0?"+":"-"}${Math.abs(n)} minutes`;a=h.sql`datetime(${h.sql.ref("logs.date")}, ${o})`}switch(e){case"hour":return h.sql`substr(${a}, 1, 13)`;case"month":return h.sql`substr(${a}, 1, 7)`;case"day":return h.sql`substr(${a}, 1, 10)`;case"week":return h.sql`date(substr(${a}, 1, 10), '-' || ((cast(strftime('%w', substr(${a}, 1, 10)) as integer) + 6) % 7) || ' days')`;default:throw new Error(`Unsupported interval '${e}' for SQL analytics adapter`)}}function pr(e,t){if(t==="+00:00")switch(e){case"hour":return h.sql`substring(${h.sql.ref("logs.date")}, 1, 13)`;case"day":return h.sql`substring(${h.sql.ref("logs.date")}, 1, 10)`;case"month":return h.sql`substring(${h.sql.ref("logs.date")}, 1, 7)`;case"week":{const o=h.sql`str_to_date(substring(${h.sql.ref("logs.date")}, 1, 10), '%Y-%m-%d')`;return h.sql`date_format(date_sub(${o}, interval weekday(${o}) day), '%Y-%m-%d')`}default:throw new Error(`Unsupported interval '${e}' for SQL analytics adapter`)}const a=Ae(t),n=h.sql`date_add(str_to_date(substring(${h.sql.ref("logs.date")}, 1, 19), '%Y-%m-%dT%H:%i:%s'), interval ${h.sql.lit(a)} minute)`;switch(e){case"hour":return h.sql`date_format(${n}, '%Y-%m-%dT%H')`;case"day":return h.sql`date_format(${n}, '%Y-%m-%d')`;case"month":return h.sql`date_format(${n}, '%Y-%m')`;case"week":return h.sql`date_format(date_sub(${n}, interval weekday(${n}) day), '%Y-%m-%d')`;default:throw new Error(`Unsupported interval '${e}' for SQL analytics adapter`)}}function fr(e,t,a,n){mr(t,a);const o=ce(t,a);return n==="mysql"?pr(e,o):hr(e,o)}function gr(e){switch(e){case"connection":return"logs.connection";case"client_id":return"logs.client_id";case"user_type":return"logs.strategy_type";case"event":return"logs.type";case"time":throw new Error("time dimension is handled separately")}}function wr(e){let t=null;const a=()=>(t||(t=ur(e)),t);return{async query(n,o,r){var b,S,$,D;const s=Date.now(),i=lr[o],l=dr[o],d=await a(),_=[];let c=e.selectFrom("logs").where("tenant_id","=",n);c=c.where("date",">=",r.from).where("date","<",r.to),c=c.where("type","in",i),(b=r.filters.connection)!=null&&b.length&&(c=c.where("connection","in",r.filters.connection)),(S=r.filters.client_id)!=null&&S.length&&(c=c.where("client_id","in",r.filters.client_id)),($=r.filters.user_type)!=null&&$.length&&(c=c.where("strategy_type","in",r.filters.user_type)),(D=r.filters.user_id)!=null&&D.length&&(c=c.where("user_id","in",r.filters.user_id));const m=[],u=[];for(const C of r.group_by)if(C==="time"){const T=fr(r.interval,r.tz,new Date(r.from),d);u.push({alias:"time",expr:T}),m.push(T),_.push({name:"time",type:r.interval==="hour"?"DateTime":"Date"})}else{const T=gr(C);u.push({alias:C,expr:h.sql`${h.sql.ref(T)}`}),m.push(h.sql`${h.sql.ref(T)}`),_.push({name:C,type:"String"})}const f=l.agg==="uniq"?h.sql`COUNT(DISTINCT ${h.sql.ref("logs.user_id")})`:h.sql`COUNT(*)`;u.push({alias:l.alias,expr:f}),_.push({name:l.alias,type:l.type});let p=c.select(u.map(({alias:C,expr:T})=>T.as(C)));if(m.length>0&&(p=p.groupBy(m)),r.order_by){const C=r.order_by.startsWith("-"),T=C?r.order_by.slice(1):r.order_by;p=p.orderBy(T,C?"desc":"asc")}else r.group_by.length>0&&r.group_by[0]==="time"?p=p.orderBy("time","asc"):p=p.orderBy(l.alias,"desc");p=p.limit(r.limit).offset(r.offset);const y=(await p.execute()).map(C=>{const T={};for(const B of _){const M=C[B.name];T[B.name]=B.type==="UInt64"?Number(M)||0:M??""}return T});return{meta:_,data:y,rows:y.length,rows_before_limit_at_least:y.length,statistics:{elapsed:(Date.now()-s)/1e3}}}}}function yr(e){return{async get(t,a,n){const o=await e.selectFrom("custom_text").selectAll().where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).executeTakeFirst();if(!o)return null;try{return JSON.parse(o.custom_text)}catch{return null}},async set(t,a,n,o){const r=Date.now(),s=JSON.stringify(o);await e.selectFrom("custom_text").select("tenant_id").where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).executeTakeFirst()?await e.updateTable("custom_text").set({custom_text:s,updated_at_ts:r}).where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).execute():await e.insertInto("custom_text").values({tenant_id:t,prompt:a,language:n,custom_text:s,created_at_ts:r,updated_at_ts:r}).execute()},async delete(t,a,n){await e.deleteFrom("custom_text").where("tenant_id","=",t).where("prompt","=",a).where("language","=",n).execute()},async list(t){return(await e.selectFrom("custom_text").select(["prompt","language"]).where("tenant_id","=",t).execute()).map(n=>({prompt:n.prompt,language:n.language}))}}}function vr(e){return async(t,a)=>{const n=Date.now(),o=ze();return await e.insertInto("authentication_methods").values({id:o,tenant_id:t,user_id:a.user_id,type:a.type,phone_number:a.phone_number,totp_secret:a.totp_secret,credential_id:a.credential_id,public_key:a.public_key,sign_count:a.sign_count,credential_backed_up:a.credential_backed_up==null?void 0:a.credential_backed_up?1:0,transports:a.transports?JSON.stringify(a.transports):void 0,friendly_name:a.friendly_name,confirmed:a.confirmed?1:0,created_at_ts:n,updated_at_ts:n}).execute(),{id:o,user_id:a.user_id,type:a.type,phone_number:a.phone_number,totp_secret:a.totp_secret,credential_id:a.credential_id,public_key:a.public_key,sign_count:a.sign_count,credential_backed_up:a.credential_backed_up,transports:a.transports,friendly_name:a.friendly_name,confirmed:a.confirmed??!1,created_at:new Date(n).toISOString(),updated_at:new Date(n).toISOString()}}}function Fe(e){return async(t,a)=>{const n=await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.id","=",a).selectAll().executeTakeFirst();return n?{id:n.id,user_id:n.user_id,type:n.type,phone_number:n.phone_number??void 0,totp_secret:n.totp_secret??void 0,credential_id:n.credential_id??void 0,public_key:n.public_key??void 0,sign_count:n.sign_count??void 0,credential_backed_up:n.credential_backed_up!=null?n.credential_backed_up===1:void 0,transports:n.transports?JSON.parse(n.transports):void 0,friendly_name:n.friendly_name??void 0,confirmed:n.confirmed===1,created_at:j(n.created_at_ts),updated_at:j(n.updated_at_ts)}:null}}function Cr(e){return async(t,a)=>{const n=await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.credential_id","=",a).selectAll().executeTakeFirst();return n?{id:n.id,user_id:n.user_id,type:n.type,phone_number:n.phone_number??void 0,totp_secret:n.totp_secret??void 0,credential_id:n.credential_id??void 0,public_key:n.public_key??void 0,sign_count:n.sign_count??void 0,credential_backed_up:n.credential_backed_up!=null?n.credential_backed_up===1:void 0,transports:n.transports?JSON.parse(n.transports):void 0,friendly_name:n.friendly_name??void 0,confirmed:n.confirmed===1,created_at:j(n.created_at_ts),updated_at:j(n.updated_at_ts)}:null}}function xr(e){return async(t,a)=>(await e.selectFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.user_id","=",a).selectAll().execute()).map(o=>({id:o.id,user_id:o.user_id,type:o.type,phone_number:o.phone_number??void 0,totp_secret:o.totp_secret??void 0,credential_id:o.credential_id??void 0,public_key:o.public_key??void 0,sign_count:o.sign_count??void 0,credential_backed_up:o.credential_backed_up!=null?o.credential_backed_up===1:void 0,transports:o.transports?JSON.parse(o.transports):void 0,friendly_name:o.friendly_name??void 0,confirmed:o.confirmed===1,created_at:j(o.created_at_ts),updated_at:j(o.updated_at_ts)}))}function Tr(e){return async(t,a,n)=>{const r={updated_at_ts:Date.now()};n.phone_number!==void 0&&(r.phone_number=n.phone_number),n.totp_secret!==void 0&&(r.totp_secret=n.totp_secret),n.credential_id!==void 0&&(r.credential_id=n.credential_id),n.public_key!==void 0&&(r.public_key=n.public_key),n.sign_count!==void 0&&(r.sign_count=n.sign_count),n.credential_backed_up!==void 0&&(r.credential_backed_up=n.credential_backed_up?1:0),n.transports!==void 0&&(r.transports=JSON.stringify(n.transports)),n.friendly_name!==void 0&&(r.friendly_name=n.friendly_name),n.confirmed!==void 0&&(r.confirmed=n.confirmed?1:0),await e.updateTable("authentication_methods").set(r).where("authentication_methods.tenant_id","=",t).where("authentication_methods.id","=",a).execute();const s=await Fe(e)(t,a);if(!s)throw new Error(`Authentication method ${a} not found`);return s}}function br(e){return async(t,a)=>(await e.deleteFrom("authentication_methods").where("authentication_methods.tenant_id","=",t).where("authentication_methods.id","=",a).executeTakeFirst()).numDeletedRows>0}function Nr(e){return{create:vr(e),get:Fe(e),getByCredentialId:Cr(e),list:xr(e),update:Tr(e),remove:br(e)}}function Sr(e){return async(t,a)=>{const n=k.nanoid();return await e.insertInto("outbox_events").values({id:n,tenant_id:t,event_type:a.event_type,log_type:a.log_type,aggregate_type:a.target.type,aggregate_id:a.target.id,payload:JSON.stringify({...a,id:n}),created_at:new Date().toISOString(),processed_at:null,retry_count:0,next_retry_at:null,error:null}).execute(),n}}function Or(e){return async t=>t.length===0?[]:(await e.selectFrom("outbox_events").selectAll().where("id","in",t).execute()).map(n=>({...JSON.parse(n.payload),id:n.id,created_at:n.created_at,processed_at:n.processed_at,retry_count:n.retry_count,next_retry_at:n.next_retry_at,error:n.error}))}function kr(e){return async t=>{const a=new Date().toISOString();return(await e.selectFrom("outbox_events").selectAll().where("processed_at","is",null).where(o=>o.or([o("next_retry_at","is",null),o("next_retry_at","<=",a)])).where(o=>o.or([o("claimed_by","is",null),o("claim_expires_at","<=",a)])).orderBy("created_at","asc").orderBy("id","asc").limit(t).execute()).map(o=>({...JSON.parse(o.payload),id:o.id,created_at:o.created_at,processed_at:o.processed_at,retry_count:o.retry_count,next_retry_at:o.next_retry_at,error:o.error}))}}function $r(e){return async(t,a,n)=>{if(t.length===0)return[];const o=new Date().toISOString(),r=new Date(Date.now()+n).toISOString();return await e.updateTable("outbox_events").set({claimed_by:a,claim_expires_at:r}).where("id","in",t).where("processed_at","is",null).where(i=>i.or([i("claimed_by","is",null),i("claim_expires_at","<=",o)])).execute(),(await e.selectFrom("outbox_events").select("id").where("id","in",t).where("claimed_by","=",a).where("claim_expires_at","=",r).execute()).map(i=>i.id)}}function Er(e){return async t=>{if(t.length===0)return;const a=new Date().toISOString();await e.updateTable("outbox_events").set({processed_at:a}).where("id","in",t).execute()}}function Ir(e){return async(t,a,n)=>{await e.updateTable("outbox_events").set({error:a,next_retry_at:n,retry_count:h.sql`retry_count + 1`,claimed_by:null,claim_expires_at:null}).where("id","=",t).execute()}}function Pr(e){return async(t,a)=>{const n=new Date().toISOString();await e.updateTable("outbox_events").set({processed_at:n,dead_lettered_at:n,final_error:a}).where("id","=",t).execute()}}function zr(e){return async(t,a={})=>{const{page:n=0,per_page:o=50,include_totals:r=!1}=a,i=(await e.selectFrom("outbox_events").selectAll().where("tenant_id","=",t).where("dead_lettered_at","is not",null).orderBy("dead_lettered_at","desc").orderBy("id","asc").offset(n*o).limit(o).execute()).flatMap(d=>{let _;try{_=JSON.parse(d.payload)}catch(c){return console.error(`Failed to parse outbox payload for event ${d.id}`,c),[]}return[{..._,id:d.id,created_at:d.created_at,processed_at:d.processed_at,retry_count:d.retry_count,next_retry_at:d.next_retry_at,error:d.error,dead_lettered_at:d.dead_lettered_at,final_error:d.final_error}]});let l=i.length;if(r){const[d]=await e.selectFrom("outbox_events").select(_=>_.fn.countAll().as("total")).where("tenant_id","=",t).where("dead_lettered_at","is not",null).execute();l=Number((d==null?void 0:d.total)??i.length)}return{events:i,start:n*o,limit:o,length:l}}}function Dr(e){return async(t,a)=>{const n=await e.updateTable("outbox_events").set({processed_at:null,dead_lettered_at:null,final_error:null,retry_count:0,next_retry_at:null,error:null}).where("id","=",t).where("tenant_id","=",a).where("dead_lettered_at","is not",null).executeTakeFirst();return Number(n.numUpdatedRows)>0}}function Ar(e){return async t=>{const a=await e.deleteFrom("outbox_events").where("processed_at","is not",null).where("processed_at","<",t).executeTakeFirst();return Number(a.numDeletedRows)}}function Fr(e){return{create:Sr(e),getByIds:Or(e),getUnprocessed:kr(e),claimEvents:$r(e),markProcessed:Er(e),markRetry:Ir(e),deadLetter:Pr(e),listFailed:zr(e),replay:Dr(e),cleanup:Ar(e)}}function ae(e){return{id:e.id,name:e.name,type:e.type,status:e.status,sink:JSON.parse(e.sink),filters:e.filters?JSON.parse(e.filters):void 0,isPriority:e.is_priority==null?void 0:e.is_priority===1,created_at:e.created_at,updated_at:e.updated_at}}function jr(e){return{async create(t,a){const n=new Date().toISOString(),r={id:`lst_${k.nanoid()}`,tenant_id:t,name:a.name,type:a.type,status:a.status??"active",sink:JSON.stringify(a.sink),filters:a.filters?JSON.stringify(a.filters):null,is_priority:a.isPriority===void 0?null:a.isPriority?1:0,created_at:n,updated_at:n};return await e.insertInto("log_streams").values(r).execute(),ae(r)},async get(t,a){const n=await e.selectFrom("log_streams").where("tenant_id","=",t).where("id","=",a).selectAll().executeTakeFirst();return n?ae(n):null},async list(t){return(await e.selectFrom("log_streams").where("tenant_id","=",t).selectAll().execute()).map(ae)},async update(t,a,n){const o={updated_at:new Date().toISOString()};n.name!==void 0&&(o.name=n.name),n.type!==void 0&&(o.type=n.type),n.status!==void 0&&(o.status=n.status),n.sink!==void 0&&(o.sink=JSON.stringify(n.sink)),n.filters!==void 0&&(o.filters=n.filters?JSON.stringify(n.filters):null),n.isPriority!==void 0&&(o.is_priority=n.isPriority?1:0);const r=await e.updateTable("log_streams").set(o).where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return((r==null?void 0:r.numUpdatedRows)??0n)>0n},async remove(t,a){const n=await e.deleteFrom("log_streams").where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return((n==null?void 0:n.numDeletedRows)??0n)>0n}}}function ne(e){return{id:e.id,name:e.name,provider:N.migrationProviderTypeSchema.parse(e.provider),connection:e.connection,enabled:e.enabled===1,credentials:JSON.parse(e.credentials),created_at:e.created_at,updated_at:e.updated_at}}function Rr(e){return{async create(t,a){const n=new Date().toISOString(),o=a.id??`mig_${k.nanoid()}`,r=a.enabled??!0,s={id:o,tenant_id:t,name:a.name,provider:a.provider,connection:a.connection,enabled:r?1:0,credentials:JSON.stringify(a.credentials),created_at:n,updated_at:n};return await e.insertInto("migration_sources").values(s).execute(),ne(s)},async get(t,a){const n=await e.selectFrom("migration_sources").where("tenant_id","=",t).where("id","=",a).selectAll().executeTakeFirst();return n?ne(n):null},async list(t){return(await e.selectFrom("migration_sources").where("tenant_id","=",t).selectAll().execute()).map(ne)},async update(t,a,n){const o={updated_at:new Date().toISOString()};n.name!==void 0&&(o.name=n.name),n.provider!==void 0&&(o.provider=n.provider),n.connection!==void 0&&(o.connection=n.connection),n.enabled!==void 0&&(o.enabled=n.enabled?1:0),n.credentials!==void 0&&(o.credentials=JSON.stringify(n.credentials));const r=await e.updateTable("migration_sources").set(o).where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return((r==null?void 0:r.numUpdatedRows)??0n)>0n},async remove(t,a){const n=await e.deleteFrom("migration_sources").where("tenant_id","=",t).where("id","=",a).executeTakeFirst();return((n==null?void 0:n.numDeletedRows)??0n)>0n}}}class je{constructor(t){H(this,"migrations");this.migrations=t}async getMigrations(){return this.migrations}}async function qr(e){await e.schema.createTable("tenants").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("name","varchar(255)").addColumn("audience","varchar(255)").addColumn("sender_email","varchar(255)").addColumn("sender_name","varchar(255)").addColumn("language","varchar(255)").addColumn("logo","varchar(255)").addColumn("primary_color","varchar(255)").addColumn("secondary_color","varchar(255)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("users").addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("email","varchar(255)").addColumn("given_name","varchar(255)").addColumn("family_name","varchar(255)").addColumn("nickname","varchar(255)").addColumn("name","varchar(255)").addColumn("picture","varchar(2083)").addColumn("tags","varchar(255)").addColumn("phone_number","varchar(17)").addColumn("phone_verified","boolean").addColumn("username","varchar(128)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).addPrimaryKeyConstraint("users_tenants",["user_id","tenant_id"]).addColumn("linked_to","varchar(255)").addForeignKeyConstraint("linked_to_constraint",["linked_to","tenant_id"],"users",["user_id","tenant_id"]).addColumn("last_ip","varchar(255)").addColumn("login_count","integer",t=>t.notNull()).addColumn("last_login","varchar(255)").addColumn("provider","varchar(255)",t=>t.notNull()).addColumn("connection","varchar(255)").addColumn("email_verified","boolean",t=>t.notNull()).addColumn("is_social","boolean",t=>t.notNull()).addColumn("app_metadata","varchar(4096)",t=>t.defaultTo("{}").notNull()).addColumn("user_metadata","varchar(4096)",t=>t.defaultTo("{}").notNull()).addUniqueConstraint("unique_email_provider",["email","provider","tenant_id"]).addUniqueConstraint("unique_phone_provider",["phone_number","provider","tenant_id"]).execute(),await e.schema.createTable("members").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("sub","varchar(255)").addColumn("email","varchar(255)").addColumn("name","varchar(255)").addColumn("status","varchar(255)").addColumn("role","varchar(255)").addColumn("picture","varchar(2083)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("applications").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("client_secret","varchar(255)").addColumn("allowed_logout_urls","varchar(255)").addColumn("authentication_settings","varchar(255)").addColumn("addons","varchar(4096)",t=>t.notNull().defaultTo("{}")).addColumn("callbacks","varchar(1024)",t=>t.notNull().defaultTo("[]")).addColumn("allowed_origins","varchar(1024)",t=>t.notNull().defaultTo("[]")).addColumn("web_origins","varchar(1024)",t=>t.notNull().defaultTo("[]")).addColumn("allowed_clients","varchar(1024)",t=>t.defaultTo("[]").notNull()).addColumn("options_kid","varchar(32)").addColumn("options_team_id","varchar(32)").addColumn("options_client_id","varchar(128)").addColumn("options_client_secret","varchar(255)").addColumn("options_scope","varchar(255)").addColumn("options_realms","varchar(255)").addColumn("options_app_secret","varchar(1024)").addColumn("email_validation","varchar(255)").addColumn("disable_sign_ups","boolean",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("connections").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("response_type","varchar(255)").addColumn("response_mode","varchar(255)").addColumn("strategy","varchar(64)").addColumn("options","varchar(2048)",t=>t.defaultTo("{}").notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("migrations").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("provider","varchar(255)").addColumn("client_id","varchar(255)").addColumn("origin","varchar(255)").addColumn("domain","varchar(255)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createTable("domains").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("email_service","varchar(255)").addColumn("email_api_key","varchar(255)").addColumn("dkim_private_key","varchar(2048)").addColumn("dkim_public_key","varchar(2048)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute()}async function Mr(e){await e.schema.dropTable("domains").execute(),await e.schema.dropTable("members").execute(),await e.schema.dropTable("users").execute(),await e.schema.dropTable("connections").execute(),await e.schema.dropTable("applications").execute(),await e.schema.dropTable("migrations").execute(),await e.schema.dropTable("tenants").execute()}const Jr=Object.freeze(Object.defineProperty({__proto__:null,down:Mr,up:qr},Symbol.toStringTag,{value:"Module"}));async function Lr(e){await e.schema.alterTable("tenants").addColumn("support_url","varchar(255)").execute()}async function Ur(e){await e.schema.alterTable("tenants").dropColumn("support_url").execute()}const Kr=Object.freeze(Object.defineProperty({__proto__:null,down:Ur,up:Lr},Symbol.toStringTag,{value:"Module"}));async function Br(e){}async function Qr(e){}const Wr=Object.freeze(Object.defineProperty({__proto__:null,down:Qr,up:Br},Symbol.toStringTag,{value:"Module"}));async function Hr(e){await e.schema.createTable("logs").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("category","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(64)").addColumn("user_id","varchar(64)").addForeignKeyConstraint("tenant_id_constraint",["tenant_id"],"tenants",["id"],t=>t.onDelete("cascade")).addColumn("ip","varchar(255)").addColumn("type","varchar(8)",t=>t.notNull()).addColumn("date","varchar(25)",t=>t.notNull()).addColumn("client_id","varchar(255)").addColumn("client_name","varchar(255)").addColumn("user_agent","varchar(255)").addColumn("description","varchar(255)").addColumn("details","varchar(2048)").execute()}async function Yr(e){await e.schema.dropTable("logs").execute()}const Gr=Object.freeze(Object.defineProperty({__proto__:null,down:Yr,up:Hr},Symbol.toStringTag,{value:"Module"}));async function Vr(e){}async function Xr(e){}const Zr=Object.freeze(Object.defineProperty({__proto__:null,down:Xr,up:Vr},Symbol.toStringTag,{value:"Module"}));async function es(e){await e.schema.createTable("sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("tickets").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createTable("otps").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("user_id","varchar(255)").addColumn("send","varchar(255)").addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createIndex("otps_email_index").on("otps").column("email").execute(),await e.schema.createIndex("otps_expires_at_index").on("otps").column("expires_at").execute()}async function ts(e){await e.schema.dropTable("sessions").execute(),await e.schema.dropTable("tickets").execute(),await e.schema.dropTable("otps").execute()}const as=Object.freeze(Object.defineProperty({__proto__:null,down:ts,up:es},Symbol.toStringTag,{value:"Module"}));async function ns(e){await e.schema.createTable("passwords").addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addPrimaryKeyConstraint("passwords_pkey",["user_id","tenant_id"]).addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(255)").addColumn("updated_at","varchar(255)").execute(),await e.schema.createTable("codes").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("user_id","varchar(255)").addColumn("tenant_id","varchar(255)").addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createIndex("codes_expires_at_index").on("codes").column("expires_at").execute()}async function os(e){await e.schema.dropTable("passwords").execute(),await e.schema.dropTable("codes").execute()}const rs=Object.freeze(Object.defineProperty({__proto__:null,down:os,up:ns},Symbol.toStringTag,{value:"Module"}));async function ss(e){}async function is(e){}const cs=Object.freeze(Object.defineProperty({__proto__:null,down:is,up:ss},Symbol.toStringTag,{value:"Module"}));async function ls(e){await e.schema.alterTable("passwords").addColumn("password","varchar(255)",t=>t.notNull()).execute()}async function ds(e){await e.schema.alterTable("passwords").dropColumn("password").execute()}const us=Object.freeze(Object.defineProperty({__proto__:null,down:ds,up:ls},Symbol.toStringTag,{value:"Module"}));async function _s(e){}async function ms(e){}const hs=Object.freeze(Object.defineProperty({__proto__:null,down:ms,up:_s},Symbol.toStringTag,{value:"Module"}));async function ps(e){}async function fs(e){}const gs=Object.freeze(Object.defineProperty({__proto__:null,down:fs,up:ps},Symbol.toStringTag,{value:"Module"}));async function ws(e){}async function ys(e){}const vs=Object.freeze(Object.defineProperty({__proto__:null,down:ys,up:ws},Symbol.toStringTag,{value:"Module"}));async function Cs(e){await e.schema.createIndex("users_email_index").on("users").column("email").execute()}async function xs(e){await e.schema.dropIndex("users_email_index").execute()}const Ts=Object.freeze(Object.defineProperty({__proto__:null,down:xs,up:Cs},Symbol.toStringTag,{value:"Module"}));async function bs(e){await e.schema.alterTable("users").addColumn("profileData","varchar(2048)").execute()}async function Ns(e){await e.schema.alterTable("users").dropColumn("profileData").execute()}const Ss=Object.freeze(Object.defineProperty({__proto__:null,down:Ns,up:bs},Symbol.toStringTag,{value:"Module"}));async function Os(e){await e.schema.createIndex("users_linked_to_index").on("users").column("linked_to").execute()}async function ks(e){await e.schema.dropIndex("users_linked_to_index")}const $s=Object.freeze(Object.defineProperty({__proto__:null,down:ks,up:Os},Symbol.toStringTag,{value:"Module"}));async function Es(e){await e.schema.alterTable("users").addColumn("locale","varchar(255)").execute()}async function Is(e){await e.schema.alterTable("users").dropColumn("locale").execute()}const Ps=Object.freeze(Object.defineProperty({__proto__:null,down:Is,up:Es},Symbol.toStringTag,{value:"Module"}));async function zs(e){await e.schema.createTable("keys").addColumn("kid","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade")).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("revoked_at","varchar(255)").addColumn("cert","varchar(4096)").addColumn("pkcs7","varchar(4096)").addColumn("fingerprint","varchar(256)").addColumn("thumbprint","varchar(256)").addColumn("current_since","varchar(256)").addColumn("current_until","varchar(256)").addColumn("type","varchar(50)",t=>t.notNull().defaultTo("jwt_signing")).addColumn("connection","varchar(255)",t=>t.references("connections.id").onDelete("cascade")).execute()}async function Ds(e){await e.schema.dropTable("keys").execute()}const As=Object.freeze(Object.defineProperty({__proto__:null,down:Ds,up:zs},Symbol.toStringTag,{value:"Module"}));async function Fs(e){}async function js(e){}const Rs=Object.freeze(Object.defineProperty({__proto__:null,down:js,up:Fs},Symbol.toStringTag,{value:"Module"}));async function qs(e){}async function Ms(e){}const Js=Object.freeze(Object.defineProperty({__proto__:null,down:Ms,up:qs},Symbol.toStringTag,{value:"Module"}));async function Ls(e){await e.schema.alterTable("otps").addColumn("audience","varchar(255)").execute()}async function Us(e){await e.schema.alterTable("otps").dropColumn("audience").execute()}const Ks=Object.freeze(Object.defineProperty({__proto__:null,down:Us,up:Ls},Symbol.toStringTag,{value:"Module"}));async function Bs(e){}async function Qs(e){}const Ws=Object.freeze(Object.defineProperty({__proto__:null,down:Qs,up:Bs},Symbol.toStringTag,{value:"Module"}));async function Hs(e){await e.schema.alterTable("logs").dropColumn("category").execute()}async function Ys(e){await e.schema.alterTable("logs").addColumn("category","varchar(255)",t=>t.notNull()).execute()}const Gs=Object.freeze(Object.defineProperty({__proto__:null,down:Ys,up:Hs},Symbol.toStringTag,{value:"Module"}));async function Vs(e){await e.schema.alterTable("users").dropColumn("tags").execute()}async function Xs(e){await e.schema.alterTable("users").addColumn("tags","varchar(255)").execute()}const Zs=Object.freeze(Object.defineProperty({__proto__:null,down:Xs,up:Vs},Symbol.toStringTag,{value:"Module"}));async function ei(e){await e.schema.createIndex("logs_user_id").on("logs").column("user_id").execute(),await e.schema.createIndex("logs_tenant_id").on("logs").column("tenant_id").execute(),await e.schema.createIndex("logs_date").on("logs").column("date").execute()}async function ti(e){await e.schema.dropIndex("logs_user_id"),await e.schema.dropIndex("logs_tenant_id"),await e.schema.dropIndex("logs_date")}const ai=Object.freeze(Object.defineProperty({__proto__:null,down:ti,up:ei},Symbol.toStringTag,{value:"Module"}));async function ni(e){await e.schema.alterTable("logs").dropColumn("details").execute(),await e.schema.alterTable("logs").addColumn("details","varchar(8192)").execute()}async function oi(e){await e.schema.alterTable("logs").dropColumn("details").execute(),await e.schema.alterTable("logs").addColumn("details","varchar(2048)").execute()}const ri=Object.freeze(Object.defineProperty({__proto__:null,down:oi,up:ni},Symbol.toStringTag,{value:"Module"}));async function si(e){await e.schema.alterTable("logs").addColumn("user_name","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("auth0_client","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("isMobile","boolean").execute(),await e.schema.alterTable("logs").addColumn("connection","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("connection_id","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("audience","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("scope","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("strategy","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("strategy_type","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("hostname","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("session_connection","varchar(255)").execute()}async function ii(e){await e.schema.alterTable("logs").dropColumn("user_name").execute(),await e.schema.alterTable("logs").dropColumn("auth0_client").execute(),await e.schema.alterTable("logs").dropColumn("isMobile").execute(),await e.schema.alterTable("logs").dropColumn("connection").execute(),await e.schema.alterTable("logs").dropColumn("connection_id").execute(),await e.schema.alterTable("logs").dropColumn("audience").execute(),await e.schema.alterTable("logs").dropColumn("scope").execute(),await e.schema.alterTable("logs").dropColumn("strategy").execute(),await e.schema.alterTable("logs").dropColumn("strategy_type").execute(),await e.schema.alterTable("logs").dropColumn("hostname").execute(),await e.schema.alterTable("logs").dropColumn("session_connection").execute()}const ci=Object.freeze(Object.defineProperty({__proto__:null,down:ii,up:si},Symbol.toStringTag,{value:"Module"}));async function li(e){await e.schema.createIndex("users_name_index").on("users").column("name").execute()}async function di(e){await e.schema.dropIndex("users_name_index").execute()}const ui=Object.freeze(Object.defineProperty({__proto__:null,down:di,up:li},Symbol.toStringTag,{value:"Module"}));async function _i(e){}async function mi(e){await e.schema.alterTable("users").dropConstraint("unique_email_provider").execute()}const hi=Object.freeze(Object.defineProperty({__proto__:null,down:mi,up:_i},Symbol.toStringTag,{value:"Module"}));async function pi(e){await e.schema.alterTable("otps").dropColumn("state").execute(),await e.schema.alterTable("otps").addColumn("state","varchar(8192)").execute()}async function fi(e){await e.schema.alterTable("otps").dropColumn("state").execute(),await e.schema.alterTable("otps").addColumn("state","varchar(1024)").execute()}const gi=Object.freeze(Object.defineProperty({__proto__:null,down:fi,up:pi},Symbol.toStringTag,{value:"Module"}));async function wi(e){await e.schema.alterTable("tickets").dropColumn("state").execute(),await e.schema.alterTable("tickets").addColumn("state","varchar(8192)").execute()}async function yi(e){await e.schema.alterTable("tickets").dropColumn("state").execute(),await e.schema.alterTable("tickets").addColumn("state","varchar(1024)").execute()}const vi=Object.freeze(Object.defineProperty({__proto__:null,down:yi,up:wi},Symbol.toStringTag,{value:"Module"}));async function Ci(e){await e.schema.createTable("branding").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull().primaryKey()).addColumn("logo_url","varchar(512)").addColumn("favicon_url","varchar(512)").addColumn("font_url","varchar(512)").addColumn("colors_primary","varchar(8)").addColumn("colors_page_background_type","varchar(32)").addColumn("colors_page_background_start","varchar(8)").addColumn("colors_page_background_end","varchar(8)").addColumn("colors_page_background_angle_dev","integer").execute()}async function xi(e){await e.schema.dropTable("branding").execute()}const Ti=Object.freeze(Object.defineProperty({__proto__:null,down:xi,up:Ci},Symbol.toStringTag,{value:"Module"}));async function bi(e){}async function Ni(e){}const Si=Object.freeze(Object.defineProperty({__proto__:null,down:Ni,up:bi},Symbol.toStringTag,{value:"Module"}));async function Oi(e){}async function ki(e){}const $i=Object.freeze(Object.defineProperty({__proto__:null,down:ki,up:Oi},Symbol.toStringTag,{value:"Module"}));async function Ei(e){}async function Ii(e){}const Pi=Object.freeze(Object.defineProperty({__proto__:null,down:Ii,up:Ei},Symbol.toStringTag,{value:"Module"}));async function zi(e){}async function Di(e){}const Ai=Object.freeze(Object.defineProperty({__proto__:null,down:Di,up:zi},Symbol.toStringTag,{value:"Module"}));async function Fi(e){await e.schema.createTable("authentication_codes").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(8192)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}async function ji(e){await e.schema.dropTable("authentication_codes").execute()}const Ri=Object.freeze(Object.defineProperty({__proto__:null,down:ji,up:Fi},Symbol.toStringTag,{value:"Module"}));async function qi(e){}async function Mi(e){}const Ji=Object.freeze(Object.defineProperty({__proto__:null,down:Mi,up:qi},Symbol.toStringTag,{value:"Module"}));async function Li(e){await e.schema.alterTable("otps").addColumn("ip","varchar(64)").execute()}async function Ui(e){await e.schema.alterTable("otps").dropColumn("ip").execute()}const Ki=Object.freeze(Object.defineProperty({__proto__:null,down:Ui,up:Li},Symbol.toStringTag,{value:"Module"}));async function Bi(e){await e.schema.alterTable("logs").dropColumn("user_agent").execute(),await e.schema.alterTable("logs").addColumn("user_agent","varchar(1024)").execute()}async function Qi(e){await e.schema.alterTable("logs").dropColumn("user_agent").execute(),await e.schema.alterTable("logs").addColumn("user_agent","varchar(255)").execute()}const Wi=Object.freeze(Object.defineProperty({__proto__:null,down:Qi,up:Bi},Symbol.toStringTag,{value:"Module"}));async function Hi(e){}async function Yi(e){}const Gi=Object.freeze(Object.defineProperty({__proto__:null,down:Yi,up:Hi},Symbol.toStringTag,{value:"Module"}));async function Vi(e){await e.schema.createTable("hooks").addColumn("hook_id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("url","varchar(512)",t=>t.notNull()).addColumn("trigger_id","varchar(255)",t=>t.notNull()).addColumn("enabled","boolean",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).addColumn("synchronous","boolean",t=>t.defaultTo(!1).notNull()).addColumn("priority","integer").execute()}async function Xi(e){await e.schema.dropTable("hooks").execute()}const Zi=Object.freeze(Object.defineProperty({__proto__:null,down:Xi,up:Vi},Symbol.toStringTag,{value:"Module"}));async function ec(e){}async function tc(e){}const ac=Object.freeze(Object.defineProperty({__proto__:null,down:tc,up:ec},Symbol.toStringTag,{value:"Module"}));async function nc(e){}async function oc(e){}const rc=Object.freeze(Object.defineProperty({__proto__:null,down:oc,up:nc},Symbol.toStringTag,{value:"Module"}));async function sc(e){await e.schema.createTable("logins").addColumn("login_id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("authParams_client_id","varchar(255)",t=>t.notNull()).addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","varchar(511)").addColumn("authParams_state","varchar(511)").addColumn("authParams_code_challenge_method","varchar(256)").addColumn("authParams_code_challenge","varchar(256)").addColumn("authParams_redirect_uri","varchar(256)").addColumn("authParams_organization","varchar(256)").addColumn("authorization_url","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("ip","varchar(255)").addColumn("useragent","varchar(512)").execute(),await e.schema.alterTable("passwords").addColumn("algorithm","varchar(16)").execute(),await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("code_id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)").addColumn("login_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("code_type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}async function ic(e){await e.schema.dropTable("logins").execute(),await e.schema.alterTable("passwords").dropColumn("algorithm").execute(),await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("code","varchar(255)",t=>t.notNull()).addColumn("user_id","varchar(255)").addColumn("tenant_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const cc=Object.freeze(Object.defineProperty({__proto__:null,down:ic,up:sc},Symbol.toStringTag,{value:"Module"}));async function lc(e){}async function dc(e){}const uc=Object.freeze(Object.defineProperty({__proto__:null,down:dc,up:lc},Symbol.toStringTag,{value:"Module"}));async function _c(e){await e.schema.alterTable("logins").addColumn("auth0Client","varchar(256)").execute()}async function mc(e){await e.schema.alterTable("logins").dropColumn("auth0Client").execute()}const hc=Object.freeze(Object.defineProperty({__proto__:null,down:mc,up:_c},Symbol.toStringTag,{value:"Module"}));async function pc(e){await e.schema.alterTable("logins").dropColumn("authParams_state").execute(),await e.schema.alterTable("logins").addColumn("authParams_state","varchar(8192)").execute()}async function fc(e){await e.schema.alterTable("logins").dropColumn("authParams_state").execute(),await e.schema.alterTable("logins").addColumn("authParams_state","varchar(511)").execute()}const gc=Object.freeze(Object.defineProperty({__proto__:null,down:fc,up:pc},Symbol.toStringTag,{value:"Module"}));async function wc(e){}async function yc(e){}const vc=Object.freeze(Object.defineProperty({__proto__:null,down:yc,up:wc},Symbol.toStringTag,{value:"Module"}));async function Cc(e){}async function xc(e){}const Tc=Object.freeze(Object.defineProperty({__proto__:null,down:xc,up:Cc},Symbol.toStringTag,{value:"Module"}));async function bc(e){await e.schema.alterTable("logins").addColumn("authParams_nonce","varchar(255)").execute()}async function Nc(e){await e.schema.alterTable("logins").dropColumn("nonce").execute()}const Sc=Object.freeze(Object.defineProperty({__proto__:null,down:Nc,up:bc},Symbol.toStringTag,{value:"Module"}));async function Oc(e){}async function kc(e){}const $c=Object.freeze(Object.defineProperty({__proto__:null,down:kc,up:Oc},Symbol.toStringTag,{value:"Module"}));async function Ec(e){}async function Ic(e){}const Pc=Object.freeze(Object.defineProperty({__proto__:null,down:Ic,up:Ec},Symbol.toStringTag,{value:"Module"}));async function zc(e){await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("code_id","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)").addColumn("login_id","varchar(255)").addColumn("connection_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("code_type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").addPrimaryKeyConstraint("PK_codes_code_id_code_type",["code_id","code_type"]).execute()}async function Dc(e){await e.schema.dropTable("codes").execute(),await e.schema.createTable("codes").addColumn("code_id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)").addColumn("connection_id","varchar(255)").addColumn("login_id","varchar(255)").addForeignKeyConstraint("codes_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("code_type","varchar(255)",t=>t.notNull()).addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const Ac=Object.freeze(Object.defineProperty({__proto__:null,down:Dc,up:zc},Symbol.toStringTag,{value:"Module"}));async function Fc(e){await e.schema.dropTable("otps").execute(),await e.schema.dropTable("authentication_codes").execute()}async function jc(e){await e.schema.alterTable("keys").addColumn("private_key","varchar(2048)").addColumn("public_key","varchar(2048)").execute(),await e.schema.createTable("otps").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("user_id","varchar(255)").addColumn("send","varchar(255)").addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute(),await e.schema.createTable("authentication_codes").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("code","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(8192)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const Rc=Object.freeze(Object.defineProperty({__proto__:null,down:jc,up:Fc},Symbol.toStringTag,{value:"Module"}));async function qc(e){await e.schema.createIndex("IDX_logs_tenant_date_type_user").on("logs").columns(["tenant_id","date","type","user_id"]).execute()}async function Mc(e){await e.schema.dropIndex("IDX_logs_tenant_date_type_user").on("logs").execute()}const Jc=Object.freeze(Object.defineProperty({__proto__:null,down:Mc,up:qc},Symbol.toStringTag,{value:"Module"}));async function Lc(e){}async function Uc(e){}const Kc=Object.freeze(Object.defineProperty({__proto__:null,down:Uc,up:Lc},Symbol.toStringTag,{value:"Module"}));async function Bc(e){await e.schema.createTable("prompt_settings").addColumn("tenant_id","varchar(64)",t=>t.primaryKey()).addColumn("universal_login_experience","varchar(16)",t=>t.defaultTo("new").notNull()).addColumn("identifier_first","boolean",t=>t.defaultTo(!0).notNull()).addColumn("password_first","boolean",t=>t.defaultTo(!1).notNull()).addColumn("webauthn_platform_first_factor","boolean",t=>t.defaultTo(!1).notNull()).execute()}async function Qc(e){await e.schema.dropTable("prompt_settings").execute()}const Wc=Object.freeze(Object.defineProperty({__proto__:null,down:Qc,up:Bc},Symbol.toStringTag,{value:"Module"}));async function Hc(e){}async function Yc(e){}const Gc=Object.freeze(Object.defineProperty({__proto__:null,down:Yc,up:Hc},Symbol.toStringTag,{value:"Module"}));async function Vc(e){}async function Xc(e){}const Zc=Object.freeze(Object.defineProperty({__proto__:null,down:Xc,up:Vc},Symbol.toStringTag,{value:"Module"}));async function el(e){}async function tl(e){}const al=Object.freeze(Object.defineProperty({__proto__:null,down:tl,up:el},Symbol.toStringTag,{value:"Module"}));async function nl(e){await e.schema.alterTable("logins").addColumn("authParams_ui_locales","varchar(32)").execute()}async function ol(e){await e.schema.alterTable("logins").dropColumn("authParams_ui_locales").execute()}const rl=Object.freeze(Object.defineProperty({__proto__:null,down:ol,up:nl},Symbol.toStringTag,{value:"Module"}));async function sl(e){await e.schema.alterTable("logins").addColumn("authParams_prompt","varchar(16)").execute()}async function il(e){await e.schema.alterTable("logins").dropColumn("authParams_prompt").execute()}const cl=Object.freeze(Object.defineProperty({__proto__:null,down:il,up:sl},Symbol.toStringTag,{value:"Module"}));async function ll(e){}async function dl(e){}const ul=Object.freeze(Object.defineProperty({__proto__:null,down:dl,up:ll},Symbol.toStringTag,{value:"Module"}));async function _l(e){await e.schema.alterTable("logins").addColumn("authParams_act_as","varchar(255)").execute()}async function ml(e){await e.schema.alterTable("logins").dropColumn("authParam_act_as").execute()}const hl=Object.freeze(Object.defineProperty({__proto__:null,down:ml,up:_l},Symbol.toStringTag,{value:"Module"}));async function pl(e){await e.schema.alterTable("codes").addColumn("code_verifier","varchar(128)").execute()}async function fl(e){await e.schema.alterTable("codes").dropColumn("code_verifier").execute()}const gl=Object.freeze(Object.defineProperty({__proto__:null,down:fl,up:pl},Symbol.toStringTag,{value:"Module"}));async function wl(e){await e.schema.createTable("email_providers").addColumn("tenant_id","varchar(255)",t=>t.primaryKey()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("enabled","boolean",t=>t.notNull()).addColumn("default_from_address","varchar(255)").addColumn("credentials","varchar(2048)",t=>t.notNull().defaultTo("{}")).addColumn("settings","varchar(2048)",t=>t.notNull().defaultTo("{}")).addColumn("created_at","varchar(29)",t=>t.notNull()).addColumn("updated_at","varchar(29)",t=>t.notNull()).execute()}async function yl(e){await e.schema.dropTable("email_providers").execute()}const vl=Object.freeze(Object.defineProperty({__proto__:null,down:yl,up:wl},Symbol.toStringTag,{value:"Module"}));async function Cl(e){await e.schema.dropTable("tickets").execute()}async function xl(e){await e.schema.createTable("tickets").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("client_id","varchar(255)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("email","varchar(255)",t=>t.notNull()).addColumn("nonce","varchar(255)").addColumn("state","varchar(1024)").addColumn("scope","varchar(1024)").addColumn("response_type","varchar(256)").addColumn("response_mode","varchar(256)").addColumn("redirect_uri","varchar(1024)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("expires_at","varchar(255)",t=>t.notNull()).addColumn("used_at","varchar(255)").execute()}const Tl=Object.freeze(Object.defineProperty({__proto__:null,down:xl,up:Cl},Symbol.toStringTag,{value:"Module"}));async function bl(e){}async function Nl(e){await e.schema.alterTable("logins").dropColumn("ip").dropColumn("useragent").execute()}const Sl=Object.freeze(Object.defineProperty({__proto__:null,down:Nl,up:bl},Symbol.toStringTag,{value:"Module"}));async function Ol(e){await e.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}async function kl(e){await e.schema.dropTable("refresh_tokens").execute()}const $l=Object.freeze(Object.defineProperty({__proto__:null,down:kl,up:Ol},Symbol.toStringTag,{value:"Module"}));async function El(e){}async function Il(e){}const Pl=Object.freeze(Object.defineProperty({__proto__:null,down:Il,up:El},Symbol.toStringTag,{value:"Module"}));async function zl(e){await e.schema.dropTable("sessions").execute(),await e.schema.dropTable("refresh_tokens").execute()}async function Dl(e){await e.schema.createTable("sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("sessions_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("refresh_tokens_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}const Al=Object.freeze(Object.defineProperty({__proto__:null,down:Dl,up:zl},Symbol.toStringTag,{value:"Module"}));async function Fl(e){await e.schema.createTable("sessions_2").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("sessions_2_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("refresh_tokens_2").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("refresh_tokens_2_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}async function jl(e){await e.schema.dropTable("sessions_2").execute(),await e.schema.dropTable("refresh_tokens_2").execute()}const Rl=Object.freeze(Object.defineProperty({__proto__:null,down:jl,up:Fl},Symbol.toStringTag,{value:"Module"}));async function ql(e){await e.schema.createTable("custom_domains").addColumn("custom_domain_id","varchar(21)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("primary","boolean",t=>t.notNull()).addColumn("status","varchar(50)",t=>t.notNull()).addColumn("type","varchar(50)",t=>t.notNull()).addColumn("origin_domain_name","varchar(255)").addColumn("verification","varchar(2048)").addColumn("custom_client_ip_header","varchar(50)").addColumn("tls_policy","varchar(50)").addColumn("domain_metadata","varchar(2048)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.dropTable("domains").execute()}async function Ml(e){await e.schema.dropTable("custom_domains").execute(),await e.schema.createTable("domains").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("email_service","varchar(255)").addColumn("email_api_key","varchar(255)").addColumn("dkim_private_key","varchar(2048)").addColumn("dkim_public_key","varchar(2048)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute()}const Jl=Object.freeze(Object.defineProperty({__proto__:null,down:Ml,up:ql},Symbol.toStringTag,{value:"Module"}));async function Ll(e){}async function Ul(e){await e.schema.alterTable("logins").dropColumn("authParams_organization").dropColumn("authorization_url").execute()}const Kl=Object.freeze(Object.defineProperty({__proto__:null,down:Ul,up:Ll},Symbol.toStringTag,{value:"Module"}));async function Bl(e){await e.schema.alterTable("logins").dropColumn("authorization_url").execute(),await e.schema.alterTable("logins").addColumn("authorization_url","varchar(2048)").execute()}async function Ql(e){await e.schema.alterTable("logins").dropColumn("authorization_url").execute(),await e.schema.alterTable("logins").addColumn("authorization_url","varchar(1024)").execute()}const Wl=Object.freeze(Object.defineProperty({__proto__:null,down:Ql,up:Bl},Symbol.toStringTag,{value:"Module"}));async function Hl(e){}async function Yl(e){}const Gl=Object.freeze(Object.defineProperty({__proto__:null,down:Yl,up:Hl},Symbol.toStringTag,{value:"Module"}));async function Vl(e){await e.schema.createTable("sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)").addColumn("user_id","varchar(255)").addForeignKeyConstraint("sessions_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("clients","varchar(1024)",t=>t.notNull()).execute(),await e.schema.createTable("login_sessions").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)",t=>t.references("sessions.id").onDelete("cascade")).addColumn("csrf_token","varchar(21)",t=>t.notNull()).addColumn("authParams_client_id","varchar(255)",t=>t.notNull()).addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","varchar(511)").addColumn("authParams_state","varchar(2048)").addColumn("authParams_nonce","varchar(255)").addColumn("authParams_code_challenge_method","varchar(255)").addColumn("authParams_code_challenge","varchar(255)").addColumn("authParams_redirect_uri","varchar(255)").addColumn("authParams_organization","varchar(255)").addColumn("authParams_prompt","varchar(32)").addColumn("authParams_act_as","varchar(256)").addColumn("authParams_ui_locales","varchar(32)").addColumn("authorization_url","varchar(1024)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)",t=>t.notNull()).addColumn("ip","varchar(39)").addColumn("useragent","varchar(1024)").addColumn("auth0Client","varchar(255)").execute(),await e.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("client_id","varchar(21)",t=>t.references("applications.id").onDelete("cascade").notNull()).addColumn("tenant_id","varchar(255)").addColumn("session_id","varchar(21)",t=>t.notNull()).addColumn("user_id","varchar(255)").addForeignKeyConstraint("refresh_tokens_user_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],t=>t.onDelete("cascade")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addColumn("device","varchar(2048)",t=>t.notNull()).addColumn("resource_servers","varchar(2048)",t=>t.notNull()).addColumn("rotating","boolean",t=>t.notNull()).execute()}async function Xl(e){await e.schema.dropTable("sessions").execute(),await e.schema.dropTable("login_sessions").execute(),await e.schema.dropTable("refresh_tokens").execute()}const Zl=Object.freeze(Object.defineProperty({__proto__:null,down:Xl,up:Vl},Symbol.toStringTag,{value:"Module"}));async function ed(e){await e.schema.dropTable("logins").execute(),await e.schema.dropTable("sessions_2").execute(),await e.schema.dropTable("refresh_tokens_2").execute()}async function td(e){}const ad=Object.freeze(Object.defineProperty({__proto__:null,down:td,up:ed},Symbol.toStringTag,{value:"Module"}));async function nd(e){await e.schema.dropTable("custom_domains").execute(),await e.schema.createTable("custom_domains").addColumn("custom_domain_id","varchar(256)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("domain","varchar(255)",t=>t.notNull()).addColumn("primary","boolean",t=>t.notNull()).addColumn("status","varchar(50)",t=>t.notNull()).addColumn("type","varchar(50)",t=>t.notNull()).addColumn("origin_domain_name","varchar(255)").addColumn("verification","varchar(2048)").addColumn("custom_client_ip_header","varchar(50)").addColumn("tls_policy","varchar(50)").addColumn("domain_metadata","varchar(2048)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute()}async function od(e){}const rd=Object.freeze(Object.defineProperty({__proto__:null,down:od,up:nd},Symbol.toStringTag,{value:"Module"}));async function sd(e){}async function id(e){await e.schema.alterTable("users").dropColumn("phone_number").dropColumn("phone_verified").dropColumn("username").execute()}const cd=Object.freeze(Object.defineProperty({__proto__:null,down:id,up:sd},Symbol.toStringTag,{value:"Module"}));async function ld(e){await e.schema.createTable("forms").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(255)",t=>t.notNull()).addColumn("messages","varchar(255)").addColumn("languages","varchar(255)").addColumn("translations","varchar(4096)").addColumn("nodes","varchar(4096)").addColumn("start","varchar(255)").addColumn("ending","varchar(255)").addColumn("style","varchar(1042)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createIndex("forms_tenant_id_idx").on("forms").column("tenant_id").execute()}async function dd(e){await e.schema.dropTable("forms").execute()}const ud=Object.freeze(Object.defineProperty({__proto__:null,down:dd,up:ld},Symbol.toStringTag,{value:"Module"}));async function _d(e){await e.schema.alterTable("hooks").addColumn("form_id","text").execute(),await e.schema.alterTable("hooks").addColumn("url_tmp","varchar(512)").execute(),await e.updateTable("hooks").set(t=>({url_tmp:t.ref("url")})).execute(),await e.schema.alterTable("hooks").dropColumn("url").execute(),await e.schema.alterTable("hooks").renameColumn("url_tmp","url").execute()}async function md(e){await e.schema.dropTable("hooks").ifExists().execute(),await e.schema.createTable("hooks").addColumn("hook_id","text",t=>t.primaryKey()).addColumn("tenant_id","text",t=>t.notNull()).addColumn("trigger_id","text",t=>t.notNull()).addColumn("enabled","integer",t=>t.notNull().defaultTo(0)).addColumn("url","varchar(512)",t=>t.notNull()).addColumn("synchronous","integer",t=>t.notNull().defaultTo(0)).addColumn("priority","integer").addColumn("created_at","text",t=>t.notNull()).addColumn("updated_at","text",t=>t.notNull()).execute()}const hd=Object.freeze(Object.defineProperty({__proto__:null,down:md,up:_d},Symbol.toStringTag,{value:"Module"}));async function pd(e){await e.schema.alterTable("login_sessions").addColumn("login_completed","boolean",t=>t.notNull().defaultTo(0)).execute()}async function fd(e){await e.schema.alterTable("login_sessions").dropColumn("login_completed").execute()}const gd=Object.freeze(Object.defineProperty({__proto__:null,down:fd,up:pd},Symbol.toStringTag,{value:"Module"}));async function wd(e){await e.schema.alterTable("sessions").addColumn("login_session_id","varchar(21)",t=>t.references("login_sessions.id").onDelete("set null")).execute()}async function yd(e){await e.schema.alterTable("sessions").dropColumn("login_session_id").execute()}const vd=Object.freeze(Object.defineProperty({__proto__:null,down:yd,up:wd},Symbol.toStringTag,{value:"Module"}));async function Cd(e){await e.schema.createIndex("IDX_sessions_login_session_id").on("sessions").column("login_session_id").execute()}async function xd(e){await e.schema.dropIndex("IDX_sessions_login_session_id").on("sessions").execute()}const Td=Object.freeze(Object.defineProperty({__proto__:null,down:xd,up:Cd},Symbol.toStringTag,{value:"Module"}));async function bd(e){await e.schema.alterTable("codes").addColumn("code_challenge","varchar(128)").execute(),await e.schema.alterTable("codes").addColumn("code_challenge_method","varchar(5)").execute()}async function Nd(e){await e.schema.alterTable("codes").dropColumn("code_challenge").execute(),await e.schema.alterTable("codes").dropColumn("code_challenge_method").execute()}const Sd=Object.freeze(Object.defineProperty({__proto__:null,down:Nd,up:bd},Symbol.toStringTag,{value:"Module"}));async function Od(e){await e.schema.alterTable("codes").addColumn("redirect_uri","varchar(1024)").execute()}async function kd(e){await e.schema.alterTable("codes").dropColumn("redirect_uri").execute()}const $d=Object.freeze(Object.defineProperty({__proto__:null,down:kd,up:Od},Symbol.toStringTag,{value:"Module"}));async function Ed(e){await e.schema.alterTable("codes").addColumn("nonce","varchar(1024)").execute(),await e.schema.alterTable("codes").addColumn("state","varchar(2048)").execute()}async function Id(e){await e.schema.alterTable("codes").dropColumn("nonce").execute(),await e.schema.alterTable("codes").dropColumn("state").execute()}const Pd=Object.freeze(Object.defineProperty({__proto__:null,down:Id,up:Ed},Symbol.toStringTag,{value:"Module"}));async function zd(e){await e.schema.createTable("themes").addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("themeId","varchar(255)",t=>t.notNull()).addColumn("displayName","varchar(255)",t=>t.notNull()).addColumn("colors_primary_button_label","varchar(24)",t=>t.notNull()).addColumn("colors_primary_button","varchar(24)",t=>t.notNull()).addColumn("colors_secondary_button_border","varchar(24)",t=>t.notNull()).addColumn("colors_secondary_button_label","varchar(24)",t=>t.notNull()).addColumn("colors_base_focus_color","varchar(24)",t=>t.notNull()).addColumn("colors_base_hover_color","varchar(24)",t=>t.notNull()).addColumn("colors_body_text","varchar(24)",t=>t.notNull()).addColumn("colors_captcha_widget_theme","varchar(24)",t=>t.notNull()).addColumn("colors_error","varchar(24)",t=>t.notNull()).addColumn("colors_header","varchar(24)",t=>t.notNull()).addColumn("colors_icons","varchar(24)",t=>t.notNull()).addColumn("colors_input_background","varchar(24)",t=>t.notNull()).addColumn("colors_input_border","varchar(24)",t=>t.notNull()).addColumn("colors_input_filled_text","varchar(24)",t=>t.notNull()).addColumn("colors_input_labels_placeholders","varchar(24)",t=>t.notNull()).addColumn("colors_links_focused_components","varchar(24)",t=>t.notNull()).addColumn("colors_success","varchar(24)",t=>t.notNull()).addColumn("colors_widget_background","varchar(24)",t=>t.notNull()).addColumn("colors_widget_border","varchar(24)",t=>t.notNull()).addColumn("borders_button_border_radius","integer",t=>t.notNull()).addColumn("borders_button_border_weight","integer",t=>t.notNull()).addColumn("borders_buttons_style","varchar(24)",t=>t.notNull()).addColumn("borders_input_border_radius","integer",t=>t.notNull()).addColumn("borders_input_border_weight","integer",t=>t.notNull()).addColumn("borders_inputs_style","varchar(24)",t=>t.notNull()).addColumn("borders_show_widget_shadow","boolean",t=>t.notNull()).addColumn("borders_widget_border_weight","integer",t=>t.notNull()).addColumn("borders_widget_corner_radius","integer",t=>t.notNull()).addColumn("fonts_body_text_bold","integer",t=>t.notNull()).addColumn("fonts_body_text_size","integer",t=>t.notNull()).addColumn("fonts_buttons_text_bold","integer",t=>t.notNull()).addColumn("fonts_buttons_text_size","integer",t=>t.notNull()).addColumn("fonts_font_url","varchar(255)",t=>t.notNull()).addColumn("fonts_input_labels_bold","integer",t=>t.notNull()).addColumn("fonts_input_labels_size","integer",t=>t.notNull()).addColumn("fonts_links_bold","boolean",t=>t.notNull()).addColumn("fonts_links_size","integer",t=>t.notNull()).addColumn("fonts_links_style","varchar(24)",t=>t.notNull()).addColumn("fonts_reference_text_size","integer",t=>t.notNull()).addColumn("fonts_subtitle_bold","boolean",t=>t.notNull()).addColumn("fonts_subtitle_size","integer",t=>t.notNull()).addColumn("fonts_title_bold","boolean",t=>t.notNull()).addColumn("fonts_title_size","integer",t=>t.notNull()).addColumn("page_background_background_color","varchar(24)",t=>t.notNull()).addColumn("page_background_background_image_url","varchar(255)",t=>t.notNull()).addColumn("page_background_page_layout","varchar(24)",t=>t.notNull()).addColumn("widget_header_text_alignment","varchar(24)",t=>t.notNull()).addColumn("widget_logo_height","integer",t=>t.notNull()).addColumn("widget_logo_position","varchar(24)",t=>t.notNull()).addColumn("widget_logo_url","varchar(255)",t=>t.notNull()).addColumn("widget_social_buttons_layout","varchar(24)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("themes_pkey",["tenant_id","themeId"]).execute(),await e.schema.createIndex("themes_tenant_id_idx").on("themes").column("tenant_id").execute()}async function Dd(e){await e.schema.dropTable("themes").execute()}const Ad=Object.freeze(Object.defineProperty({__proto__:null,down:Dd,up:zd},Symbol.toStringTag,{value:"Module"}));async function Fd(e){await e.schema.createTable("resource_servers").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("identifier","varchar(191)",t=>t.notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("scopes","varchar(4096)").addColumn("signing_alg","varchar(64)").addColumn("signing_secret","varchar(2048)").addColumn("token_lifetime","integer").addColumn("token_lifetime_for_web","integer").addColumn("skip_consent_for_verifiable_first_party_clients","integer").addColumn("allow_offline_access","integer").addColumn("verification_key","varchar(4096)").addColumn("options","varchar(4096)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("resource_servers_pk",["tenant_id","id"]).execute(),await e.schema.createIndex("resource_servers_tenant_identifier_uq").on("resource_servers").columns(["tenant_id","identifier"]).unique().execute(),await e.schema.createTable("roles").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(50)",t=>t.notNull()).addColumn("description","varchar(255)").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("roles_pk",["tenant_id","id"]).execute(),await e.schema.createIndex("roles_tenant_name_uq").on("roles").columns(["tenant_id","name"]).unique().execute()}async function jd(e){await e.schema.dropTable("roles").execute(),await e.schema.dropTable("resource_servers").execute()}const Rd=Object.freeze(Object.defineProperty({__proto__:null,down:jd,up:Fd},Symbol.toStringTag,{value:"Module"}));async function qd(e){await e.schema.createTable("role_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(191)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("role_permissions_pk",["tenant_id","role_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("role_permissions_role_fk").on("role_permissions").columns(["tenant_id","role_id"]).execute(),await e.schema.createIndex("role_permissions_permission_fk").on("role_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createTable("user_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(191)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_permissions_pk",["tenant_id","user_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("user_permissions_user_fk").on("user_permissions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_permissions_permission_fk").on("user_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute()}async function Md(e){await e.schema.dropTable("user_permissions").execute(),await e.schema.dropTable("role_permissions").execute()}const Jd=Object.freeze(Object.defineProperty({__proto__:null,down:Md,up:qd},Symbol.toStringTag,{value:"Module"}));async function Ld(e){await e.schema.createTable("user_roles").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_roles_pk",["tenant_id","user_id","role_id"]).execute(),await e.schema.createIndex("user_roles_user_fk").on("user_roles").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_roles_role_fk").on("user_roles").columns(["tenant_id","role_id"]).execute()}async function Ud(e){await e.schema.dropTable("user_roles").execute()}const Kd=Object.freeze(Object.defineProperty({__proto__:null,down:Ud,up:Ld},Symbol.toStringTag,{value:"Module"}));async function Bd(e){}async function Qd(e){await e.schema.alterTable("keys").dropColumn("connection").execute(),await e.schema.alterTable("keys").modifyColumn("cert","varchar(2048)").execute(),await e.schema.alterTable("keys").modifyColumn("pkcs7","varchar(2048)").execute(),await e.schema.alterTable("keys").dropColumn("type").execute()}const Wd=Object.freeze(Object.defineProperty({__proto__:null,down:Qd,up:Bd},Symbol.toStringTag,{value:"Module"}));async function Hd(e){await e.schema.createTable("organizations").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(256)",t=>t.notNull()).addColumn("display_name","varchar(256)").addColumn("branding","text").addColumn("metadata","text").addColumn("enabled_connections","text").addColumn("token_quota","text").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.createIndex("idx_organizations_tenant_id").on("organizations").column("tenant_id").execute(),await e.schema.createIndex("idx_organizations_tenant_name_unique").on("organizations").columns(["tenant_id","name"]).unique().execute()}async function Yd(e){await e.schema.dropTable("organizations").execute()}const Gd=Object.freeze(Object.defineProperty({__proto__:null,down:Yd,up:Hd},Symbol.toStringTag,{value:"Module"}));async function Vd(e){await e.schema.createTable("user_organizations").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addUniqueConstraint("user_organizations_unique",["tenant_id","user_id","organization_id"]).execute(),await e.schema.createIndex("idx_user_organizations_tenant_id").on("user_organizations").column("tenant_id").execute(),await e.schema.createIndex("idx_user_organizations_user_id").on("user_organizations").column("user_id").execute(),await e.schema.createIndex("idx_user_organizations_organization_id").on("user_organizations").column("organization_id").execute()}async function Xd(e){await e.schema.dropTable("user_organizations").execute()}const Zd=Object.freeze(Object.defineProperty({__proto__:null,down:Xd,up:Vd},Symbol.toStringTag,{value:"Module"}));async function eu(e){await e.schema.dropTable("user_permissions").execute(),await e.schema.dropTable("user_roles").execute(),await e.schema.createTable("user_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(21)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull().defaultTo("")).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_permissions_pk",["tenant_id","user_id","resource_server_identifier","permission_name","organization_id"]).execute(),await e.schema.createIndex("user_permissions_user_fk").on("user_permissions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_permissions_permission_fk").on("user_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("user_permissions_organization_fk").on("user_permissions").column("organization_id").execute(),await e.schema.createTable("user_roles").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("organization_id","varchar(191)",t=>t.notNull().defaultTo("")).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_roles_pk",["tenant_id","user_id","role_id","organization_id"]).execute(),await e.schema.createIndex("user_roles_user_fk").on("user_roles").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_roles_role_fk").on("user_roles").columns(["tenant_id","role_id"]).execute(),await e.schema.createIndex("user_roles_organization_fk").on("user_roles").column("organization_id").execute()}async function tu(e){await e.schema.dropTable("user_permissions").execute(),await e.schema.dropTable("user_roles").execute(),await e.schema.createTable("user_permissions").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("resource_server_identifier","varchar(191)",t=>t.notNull()).addColumn("permission_name","varchar(191)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_permissions_pk",["tenant_id","user_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createIndex("user_permissions_user_fk").on("user_permissions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_permissions_permission_fk").on("user_permissions").columns(["tenant_id","resource_server_identifier","permission_name"]).execute(),await e.schema.createTable("user_roles").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("user_id","varchar(191)",t=>t.notNull()).addColumn("role_id","varchar(21)",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("user_roles_pk",["tenant_id","user_id","role_id"]).execute(),await e.schema.createIndex("user_roles_user_fk").on("user_roles").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("user_roles_role_fk").on("user_roles").columns(["tenant_id","role_id"]).execute()}const au=Object.freeze(Object.defineProperty({__proto__:null,down:tu,up:eu},Symbol.toStringTag,{value:"Module"}));async function nu(e){await e.schema.createTable("clients").addColumn("client_id","varchar(191)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("description","varchar(140)").addColumn("global","integer",t=>t.defaultTo(0).notNull()).addColumn("client_secret","varchar(255)").addColumn("app_type","varchar(64)",t=>t.defaultTo("regular_web")).addColumn("logo_uri","varchar(2083)").addColumn("is_first_party","integer",t=>t.defaultTo(0).notNull()).addColumn("oidc_conformant","integer",t=>t.defaultTo(1).notNull()).addColumn("callbacks","text",t=>t.notNull()).addColumn("allowed_origins","text",t=>t.notNull()).addColumn("web_origins","text",t=>t.notNull()).addColumn("client_aliases","text",t=>t.notNull()).addColumn("allowed_clients","text",t=>t.notNull()).addColumn("allowed_logout_urls","text",t=>t.notNull()).addColumn("session_transfer","text",t=>t.notNull()).addColumn("oidc_logout","text",t=>t.notNull()).addColumn("grant_types","text",t=>t.notNull()).addColumn("jwt_configuration","text",t=>t.notNull()).addColumn("signing_keys","text",t=>t.notNull()).addColumn("encryption_key","text",t=>t.notNull()).addColumn("sso","integer",t=>t.defaultTo(0).notNull()).addColumn("sso_disabled","integer",t=>t.defaultTo(1).notNull()).addColumn("cross_origin_authentication","integer",t=>t.defaultTo(0).notNull()).addColumn("cross_origin_loc","varchar(2083)").addColumn("custom_login_page_on","integer",t=>t.defaultTo(0).notNull()).addColumn("custom_login_page","text").addColumn("custom_login_page_preview","text").addColumn("form_template","text").addColumn("addons","text",t=>t.notNull()).addColumn("token_endpoint_auth_method","varchar(64)",t=>t.defaultTo("client_secret_basic")).addColumn("client_metadata","text",t=>t.notNull()).addColumn("mobile","text",t=>t.notNull()).addColumn("initiate_login_uri","varchar(2083)").addColumn("native_social_login","text",t=>t.notNull()).addColumn("refresh_token","text",t=>t.notNull()).addColumn("default_organization","text",t=>t.notNull()).addColumn("organization_usage","varchar(32)",t=>t.defaultTo("deny")).addColumn("organization_require_behavior","varchar(32)",t=>t.defaultTo("no_prompt")).addColumn("client_authentication_methods","text",t=>t.notNull()).addColumn("require_pushed_authorization_requests","integer",t=>t.defaultTo(0).notNull()).addColumn("require_proof_of_possession","integer",t=>t.defaultTo(0).notNull()).addColumn("signed_request_object","text",t=>t.notNull()).addColumn("compliance_level","varchar(64)").addColumn("par_request_expiry","integer").addColumn("token_quota","text",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("clients_tenant_id_client_id",["tenant_id","client_id"]).execute()}async function ou(e){await e.schema.dropTable("clients").execute()}const ru=Object.freeze(Object.defineProperty({__proto__:null,down:ou,up:nu},Symbol.toStringTag,{value:"Module"}));let Re=!1;function qe(e){Re=e}function w(...e){Re&&console.log(...e)}function A(...e){console.warn(...e)}async function Me(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function su(e){await Me(e)==="mysql"?await iu(e):await cu(e)}async function iu(e){await e.transaction().execute(async t=>{const a=await h.sql`
+Object.defineProperties(exports,{__esModule:{value:!0},[Symbol.toStringTag]:{value:`Module`}});var e=Object.defineProperty,t=(t,n)=>{let r={};for(var i in t)e(r,i,{get:t[i],enumerable:!0});return n||e(r,Symbol.toStringTag,{value:`Module`}),r};let n=require("nanoid"),r=require("@authhero/adapter-interfaces");require("@hono/zod-openapi");let i=require("kysely");var a=17,o={organization:`org_`,connection:`con_`,action:`act_`,action_version:`ver_`,hook:`h_`,hook_code:`hc_`,rule:`rul_`,resource_server:`api_`,guardian_factor:`gfa_`,invite:`inv_`};function s(e){let t=(0,n.customAlphabet)(`0123456789abcdefghijklmnopqrstuvwxyz`,a)();return`${o[e]}${t}`}function c(){return s(`organization`)}function l(){return s(`connection`)}function u(){return s(`action`)}function d(){return s(`action_version`)}function f(){return s(`hook`)}function p(){return s(`resource_server`)}function m(){return s(`hook_code`)}function h(){return s(`invite`)}function g(e){return async(t,n)=>{let r=Date.now(),i=u();return await e.insertInto(`actions`).values({id:i,tenant_id:t,name:n.name,code:n.code,runtime:n.runtime||null,status:`built`,secrets:n.secrets?JSON.stringify(n.secrets):null,dependencies:n.dependencies?JSON.stringify(n.dependencies):null,supported_triggers:n.supported_triggers?JSON.stringify(n.supported_triggers):null,is_system:+!!n.is_system,inherit:+!!n.inherit,created_at_ts:r,updated_at_ts:r}).execute(),{id:i,tenant_id:t,name:n.name,code:n.code,runtime:n.runtime,status:`built`,secrets:n.secrets?.map(e=>({name:e.name})),dependencies:n.dependencies,supported_triggers:n.supported_triggers,is_system:n.is_system??!1,inherit:n.inherit??!1,created_at:new Date(r).toISOString(),updated_at:new Date(r).toISOString()}}}function _(e){if(e!=null){if(typeof e==`number`)return new Date(e).toISOString();if(typeof e==`string`){if(e===``)return;let t=parseFloat(e);return!isNaN(t)&&/^\d+(\.\d+)?$/.test(e)?new Date(t).toISOString():e}}}function v(e,t=new Date(0).toISOString()){return _(e)??t}function y(e){if(!e||e===``)return null;let t=new Date(e);return isNaN(t.getTime())?null:t.getTime()}function b(){return new Date().toISOString()}function x(e,t,n=[]){let r={};for(let n of t){let t=n.replace(/_ts$/,``);r[t]=v(e[n])}for(let t of n){let n=t.replace(/_ts$/,``);r[n]=_(e[t])}return r}function ee(e){if(e)try{return JSON.parse(e)}catch{return}}function te(e){return async(t,n)=>{let r=await e.selectFrom(`actions`).where(`actions.tenant_id`,`=`,t).where(`actions.id`,`=`,n).selectAll().executeTakeFirst();if(!r)return null;let{created_at_ts:i,updated_at_ts:a,deployed_at_ts:o,secrets:s,dependencies:c,supported_triggers:l,is_system:u,inherit:d,tenant_id:f,...p}=r,m=x({created_at_ts:i,updated_at_ts:a},[`created_at_ts`,`updated_at_ts`]);return{...p,tenant_id:t,...m,runtime:p.runtime??void 0,status:p.status||`built`,deployed_at:o?new Date(Number(o)).toISOString():void 0,secrets:ee(s),dependencies:ee(c),supported_triggers:ee(l),is_system:!!u,inherit:!!d}}}function S(e,t){let n=new Set(t),r=e=>{let t=[],r=``,i=!1;for(let n=0;n<e.length;n++){let a=e[n];a===`"`?(i=!i,r+=a):a===` `&&!i?(r.trim()&&t.push(r.trim()),r=``):r+=a}return r.trim()&&t.push(r.trim()),t.filter(e=>{let t=e.replace(/^([^:]+)=/,`$1:`),r=t.startsWith(`-`)?t.slice(1):t;if(r.startsWith(`_exists_:`))return n.has(r.slice(9));let i=r.indexOf(`:`);return i>0?n.has(r.slice(0,i)):!0}).join(` `)},i=e.split(/ OR /i);return i.length>1?i.map(r).filter(e=>e.length>0).join(` OR `):r(e)}function C(e,t,n,r,i=[]){let a=new Set(i),o=n.split(/ OR /i);if(o.length>1)return t.where(e=>{let t=o.map(t=>{let n=t.trim().match(/^([^:]+):(.+)$/);if(n){let[,t,r]=n;if(!t||!r)return null;let i=t.trim(),o=r.replace(/^"(.*)"$/,`$1`).trim();return a.has(i)?e(i,`like`,`%${o}%`):e(i,`=`,o)}return null}).filter(Boolean);return e.or(t)});let s=[],c=``,l=!1;for(let e=0;e<n.length;e++){let t=n[e];t===`"`?(l=!l,c+=t):t===` `&&!l?c.trim()&&(s.push(c.trim()),c=``):c+=t}return c.trim()&&s.push(c.trim()),s.filter(e=>e!==`AND`).map(e=>e.replace(/^([^:]+)=/g,`$1:`)).map(e=>{let t=e.startsWith(`-`),n=null,r=``,i=!1,a;if(e.startsWith(`-_exists_:`))n=e.substring(10),i=!0,t=!0;else if(e.startsWith(`_exists_:`))n=e.substring(9),i=!0,t=!1;else if(e.includes(`:`)){let o=t?e.substring(1):e,s=o.indexOf(`:`);n=o.substring(0,s),r=o.substring(s+1),i=!1,r.startsWith(`>=`)?(a=`>=`,r=r.substring(2)):r.startsWith(`>`)?(a=`>`,r=r.substring(1)):r.startsWith(`<=`)?(a=`<=`,r=r.substring(2)):r.startsWith(`<`)?(a=`<`,r=r.substring(1)):a=`=`,r.startsWith(`"`)&&r.endsWith(`"`)&&r.length>1&&(r=r.slice(1,-1))}else n=null,r=e,i=!1;return{key:n,value:r,isNegation:t,isExistsQuery:i,operator:a}}).forEach(({key:n,value:i,isNegation:o,isExistsQuery:s,operator:c})=>{if(n)if(s)t=o?t.where(n,`is`,null):t.where(n,`is not`,null);else if(a.has(n)&&c===`=`)t=t.where(n,o?`not like`:`like`,`%${i}%`);else if(o)switch(c){case`>`:t=t.where(n,`<=`,i);break;case`>=`:t=t.where(n,`<`,i);break;case`<`:t=t.where(n,`>=`,i);break;case`<=`:t=t.where(n,`>`,i);break;default:t=t.where(n,`!=`,i)}else t=t.where(n,c,i);else if(i){let{ref:n}=e.dynamic;t=t.where(e=>e.or(r.map(t=>t===`user_id`?e(n(t),`=`,i):e(n(t),`like`,`%${i}%`))))}}),t}function w(e){return typeof e==`string`?parseInt(e,10):typeof e==`bigint`?Number(e):e}function ne(e){if(e)try{return JSON.parse(e)}catch{return}}function re(e){return async(t,n={})=>{let{page:r=0,per_page:i=50,include_totals:a=!1,q:o}=n,s=e.selectFrom(`actions`).where(`actions.tenant_id`,`=`,t);o&&(s=C(e,s,o,[`name`]));let c=(await s.offset(r*i).limit(i).selectAll().execute()).map(e=>{let{created_at_ts:n,updated_at_ts:r,deployed_at_ts:i,secrets:a,dependencies:o,supported_triggers:s,is_system:c,inherit:l,tenant_id:u,...d}=e,f=x({created_at_ts:n,updated_at_ts:r},[`created_at_ts`,`updated_at_ts`]);return{...d,tenant_id:t,...f,runtime:d.runtime??void 0,status:d.status||`built`,deployed_at:i?new Date(Number(i)).toISOString():void 0,secrets:ne(a),dependencies:ne(o),supported_triggers:ne(s),is_system:!!c,inherit:!!l}});if(!a)return{actions:c,start:0,limit:0,length:0};let{count:l}=await s.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{actions:c,start:r*i,limit:i,length:w(l)}}}function ie(e){if(!e)return[];try{let t=JSON.parse(e);return Array.isArray(t)?t:[]}catch{return[]}}function ae(e){return async(t,n,r)=>{let i={updated_at_ts:Date.now()};if(r.name!==void 0&&(i.name=r.name),r.code!==void 0&&(i.code=r.code),r.runtime!==void 0&&(i.runtime=r.runtime),r.secrets!==void 0){let a=await e.selectFrom(`actions`).where(`actions.id`,`=`,n).where(`actions.tenant_id`,`=`,t).select(`secrets`).executeTakeFirst(),o=new Map(ie(a?.secrets).map(e=>[e.name,e])),s=r.secrets.map(e=>e.value===void 0?{name:e.name,value:o.get(e.name)?.value}:e);i.secrets=JSON.stringify(s)}if(r.dependencies!==void 0&&(i.dependencies=JSON.stringify(r.dependencies)),r.supported_triggers!==void 0&&(i.supported_triggers=JSON.stringify(r.supported_triggers)),r.status!==void 0&&(i.status=r.status),r.deployed_at!==void 0){let e=new Date(r.deployed_at).getTime();Number.isFinite(e)&&(i.deployed_at_ts=e)}return r.is_system!==void 0&&(i.is_system=+!!r.is_system),r.inherit!==void 0&&(i.inherit=+!!r.inherit),(await e.updateTable(`actions`).set(i).where(`actions.id`,`=`,n).where(`actions.tenant_id`,`=`,t).executeTakeFirst()).numUpdatedRows>0}}function oe(e){return async(t,n)=>(await e.deleteFrom(`actions`).where(`actions.id`,`=`,n).where(`actions.tenant_id`,`=`,t).executeTakeFirst()).numDeletedRows>0}function se(e){return{create:g(e),get:te(e),list:re(e),update:ae(e),remove:oe(e)}}function ce(e){return async(t,n)=>{let r=Date.now();return await e.insertInto(`action_executions`).values({id:n.id,tenant_id:t,trigger_id:n.trigger_id,status:n.status,results:JSON.stringify(n.results),logs:n.logs?JSON.stringify(n.logs):null,created_at_ts:r,updated_at_ts:r}).execute(),{id:n.id,tenant_id:t,trigger_id:n.trigger_id,status:n.status,results:n.results,logs:n.logs,created_at:new Date(r).toISOString(),updated_at:new Date(r).toISOString()}}}function le(e){if(e)try{return JSON.parse(e)}catch{return}}function ue(e){return async(t,n)=>{let r=await e.selectFrom(`action_executions`).where(`action_executions.tenant_id`,`=`,t).where(`action_executions.id`,`=`,n).selectAll().executeTakeFirst();return r?{id:r.id,tenant_id:r.tenant_id,trigger_id:r.trigger_id,status:r.status,results:le(r.results)??[],logs:le(r.logs),created_at:new Date(Number(r.created_at_ts)).toISOString(),updated_at:new Date(Number(r.updated_at_ts)).toISOString()}:null}}function de(e){return{create:ce(e),get:ue(e)}}function fe(e){if(e)try{return JSON.parse(e)}catch{return}}function pe(e){let{created_at_ts:t,updated_at_ts:n,secrets:r,dependencies:i,supported_triggers:a,deployed:o,runtime:s,...c}=e;return{...c,runtime:s??void 0,deployed:!!o,secrets:fe(r),dependencies:fe(i),supported_triggers:fe(a),created_at:new Date(Number(t)).toISOString(),updated_at:new Date(Number(n)).toISOString()}}function me(e){return{async create(t,n){let r=Date.now(),i=d(),a=n.deployed!==!1,o=await e.transaction().execute(async e=>{let o=((await e.selectFrom(`action_versions`).where(`tenant_id`,`=`,t).where(`action_id`,`=`,n.action_id).select(`number`).orderBy(`number`,`desc`).limit(1).executeTakeFirst())?.number??0)+1;return a&&await e.updateTable(`action_versions`).set({deployed:0,updated_at_ts:r}).where(`tenant_id`,`=`,t).where(`action_id`,`=`,n.action_id).execute(),await e.insertInto(`action_versions`).values({id:i,tenant_id:t,action_id:n.action_id,number:o,code:n.code,runtime:n.runtime||null,secrets:n.secrets?JSON.stringify(n.secrets):null,dependencies:n.dependencies?JSON.stringify(n.dependencies):null,supported_triggers:n.supported_triggers?JSON.stringify(n.supported_triggers):null,deployed:+!!a,created_at_ts:r,updated_at_ts:r}).execute(),o});return{id:i,tenant_id:t,action_id:n.action_id,number:o,code:n.code,runtime:n.runtime,secrets:n.secrets,dependencies:n.dependencies,supported_triggers:n.supported_triggers,deployed:a,created_at:new Date(r).toISOString(),updated_at:new Date(r).toISOString()}},async get(t,n,r){let i=await e.selectFrom(`action_versions`).where(`tenant_id`,`=`,t).where(`action_id`,`=`,n).where(`id`,`=`,r).selectAll().executeTakeFirst();return i?pe(i):null},async list(t,n,r={}){let{page:i=0,per_page:a=50,include_totals:o=!1}=r,s=e.selectFrom(`action_versions`).where(`tenant_id`,`=`,t).where(`action_id`,`=`,n),c=(await s.orderBy(`number`,`desc`).offset(i*a).limit(a).selectAll().execute()).map(pe);if(!o)return{versions:c,start:0,limit:0,length:0};let{count:l}=await s.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{versions:c,start:i*a,limit:a,length:w(l)}},async removeForAction(t,n){let r=await e.deleteFrom(`action_versions`).where(`tenant_id`,`=`,t).where(`action_id`,`=`,n).executeTakeFirst();return Number(r.numDeletedRows??0)}}}var T=class extends Error{res;status;constructor(e=500,t){super(t?.message,{cause:t?.cause}),this.res=t?.res,this.status=e}getResponse(){return this.res?new Response(this.res.body,{status:this.status,headers:this.res.headers}):new Response(this.message,{status:this.status})}};function he(e){return async(t,r)=>{let{identities:i,phone_verified:a,password:o,...s}=r,c={...s,login_count:s.login_count??0,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t,email_verified:+!!r.email_verified,phone_verified:a===void 0?null:+!!a,is_social:+!!r.is_social,app_metadata:JSON.stringify(r.app_metadata),user_metadata:JSON.stringify(r.user_metadata),address:r.address?JSON.stringify(r.address):null};try{let r=async e=>{if(await e.insertInto(`users`).values(c).execute(),o&&c.user_id){let r={id:(0,n.nanoid)(),user_id:c.user_id,password:o.hash,algorithm:o.algorithm,is_current:1,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t};await e.insertInto(`passwords`).values(r).execute()}};e.isTransaction?await r(e):await e.transaction().execute(r)}catch(e){throw e.code===`SQLITE_CONSTRAINT_UNIQUE`||e.code===`ER_DUP_ENTRY`||e.message.includes(`AlreadyExists`)?new T(409,{message:`User already exists`}):new T(500,{message:`${e.code}, ${e.message}`})}return{...c,email:c.email||``,email_verified:c.email_verified===1,phone_verified:c.phone_verified===null?void 0:c.phone_verified===1,is_social:c.is_social===1,address:r.address}}}function E(e){if(typeof e!=`object`||!e)return e;if(Array.isArray(e))return e.map(e=>typeof e==`object`&&e?E(e):e);let t={...e};for(let e in t){let n=t[e];n===null?delete t[e]:typeof n==`object`&&n&&(Array.isArray(n)?t[e]=n.map(e=>typeof e==`object`&&e?E(e):e):t[e]=E(n))}return t}var ge=[`email`,`email_verified`,`phone_number`,`phone_verified`,`username`];function D(e,t=!1){let n={connection:e.connection,provider:e.provider,user_id:(0,r.parseUserId)(e.user_id).id,isSocial:!!e.is_social};for(let t of ge)e[t]!==void 0&&e[t]!==null&&(n[t]=t.endsWith(`_verified`)?!!e[t]:e[t]);if(!t){let t={};try{t=JSON.parse(e.profileData||`{}`)}catch(e){console.error(`Error parsing profileData`,e)}n.profileData={email:e.email,email_verified:!!e.email_verified,...t}}return n}function _e(e){return async(t,n)=>{let[r,i]=await Promise.all([e.selectFrom(`users`).where(`users.tenant_id`,`=`,t).where(`users.user_id`,`=`,n).selectAll().executeTakeFirst(),e.selectFrom(`users`).where(`users.tenant_id`,`=`,t).where(`users.linked_to`,`=`,n).selectAll().orderBy(`created_at`,`asc`).execute()]);if(!r)return null;let{tenant_id:a,...o}=r;return E({...o,email:r.email||``,email_verified:r.email_verified===1,phone_verified:r.phone_verified===null?void 0:r.phone_verified===1,is_social:r.is_social===1,app_metadata:JSON.parse(r.app_metadata),user_metadata:JSON.parse(r.user_metadata),address:r.address?JSON.parse(r.address):void 0,identities:[D(r,!0),...i.map(e=>D(e))]})}}var ve=[`user_id`,`email`,`email_verified`,`username`,`phone_number`,`phone_verified`,`name`,`given_name`,`family_name`,`nickname`,`picture`,`locale`,`linked_to`,`provider`,`connection`,`is_social`,`last_ip`,`last_login`,`login_count`,`created_at`,`updated_at`],ye=[`email`,`name`,`phone_number`,`user_id`];function be(e){return async(t,n={})=>{let{page:r=0,per_page:i=50,include_totals:a=!1,sort:o,q:s}=n,c=e.selectFrom(`users`).where(`users.tenant_id`,`=`,t);if(s){let t=S(s,ve);t&&(c=C(e,c,t,ye))}if(o&&o.sort_by){let{ref:t}=e.dynamic;c=c.orderBy(t(o.sort_by),o.sort_order)}let l=await c.offset(r*i).limit(i).selectAll().execute(),u=l.map(e=>e.user_id),d=u.length?await e.selectFrom(`users`).selectAll().where(`users.tenant_id`,`=`,t).where(`users.linked_to`,`in`,u).orderBy(`created_at`,`asc`).execute():[],f=l.map(e=>{let t=d.filter(t=>t.linked_to===e.user_id);return E({...e,email_verified:e.email_verified===1,phone_verified:e.phone_verified===null?void 0:e.phone_verified===1,is_social:e.is_social===1,app_metadata:JSON.parse(e.app_metadata),user_metadata:JSON.parse(e.user_metadata),address:e.address?JSON.parse(e.address):void 0,identities:[D(e,!0),...t.map(e=>D(e))]})});if(!a)return{users:f,start:0,limit:0,length:0};let{count:p}=await c.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{users:f,start:r*i,limit:i,length:w(p)}}}function xe(e){return async(t,n)=>(await e.deleteFrom(`authentication_methods`).where(`authentication_methods.tenant_id`,`=`,t).where(`authentication_methods.user_id`,`in`,e=>e.selectFrom(`users`).select(`users.user_id`).where(`users.tenant_id`,`=`,t).where(e=>e.or([e(`users.user_id`,`=`,n),e(`users.linked_to`,`=`,n)]))).execute(),await e.deleteFrom(`users`).where(`users.tenant_id`,`=`,t).where(`users.linked_to`,`=`,n).execute(),(await e.deleteFrom(`users`).where(`users.tenant_id`,`=`,t).where(`users.user_id`,`=`,n).execute()).length===1)}function O(e,t=``,n={}){for(let r in e)if(Object.prototype.hasOwnProperty.call(e,r)){let i=t?`${t}_${r}`:r,a=e[r];typeof a==`object`&&a&&!Array.isArray(a)?O(a,i,n):typeof a==`boolean`?n[i]=+!!a:n[i]=a}return n}function Se(e,t){let n={};for(let[r,i]of Object.entries(e)){let e=t.find(e=>r.startsWith(`${e}_`));if(!e)n[r]=i;else{let t=r.slice(e.length+1);n[e]={...n[e],[t]:i}}}return n}function Ce(e){return async(t,n,r)=>{let i=O({...r,updated_at:new Date().toISOString(),app_metadata:r.app_metadata?JSON.stringify(r.app_metadata):void 0,user_metadata:r.user_metadata?JSON.stringify(r.user_metadata):void 0,address:r.address?JSON.stringify(r.address):void 0,phone_verified:r.phone_verified===void 0?void 0:+!!r.phone_verified});return(await e.updateTable(`users`).set(i).where(`users.tenant_id`,`=`,t).where(`users.user_id`,`=`,n).execute()).length===1}}function we(e){return async(t,n,r,i)=>(await e.updateTable(`users`).set({linked_to:null}).where(`users.tenant_id`,`=`,t).where(`users.user_id`,`=`,`${r}|${i}`).where(`users.linked_to`,`=`,`${n}`).execute()).length===1}function Te(e){let t=he(e);return{create:t,rawCreate:t,remove:xe(e),get:_e(e),list:be(e),update:Ce(e),unlink:we(e)}}function Ee(e){return async(t,i)=>{let a=new Date().toISOString(),o=r.flowSchema.parse({id:`af_${(0,n.nanoid)()}`,...i,actions:i.actions||[],created_at:a,updated_at:a});return await e.insertInto(`flows`).values({...o,tenant_id:t,actions:JSON.stringify(o.actions)}).execute(),o}}function k(e,t){if(!e)return t;try{return JSON.parse(e)}catch{return t}}function De(e){if(e)try{let t=JSON.parse(e);return t&&typeof t==`object`&&!Array.isArray(t)?t:void 0}catch{return}}function Oe(e,t,n={...e}){for(let r in t)r in e&&(n[r]=k(e[r],t[r]));return n}function ke(e){return async(t,n)=>{let i=await e.selectFrom(`flows`).selectAll().where(`flows.id`,`=`,n).where(`tenant_id`,`=`,t).executeTakeFirst();if(!i)return null;let a={...i,actions:k(i.actions,[])};return r.flowSchema.parse(E(a))}}function Ae(e){return async(t,n={})=>{let{page:i=0,per_page:a=50,include_totals:o=!1,q:s}=n,c=e.selectFrom(`flows`).where(`tenant_id`,`=`,t);s&&(c=C(e,c,s,[]));let l=(await c.offset(i*a).limit(a).selectAll().execute()).map(e=>{let t={...e,actions:k(e.actions,[])};return r.flowSchema.parse(E(t))});if(!o)return{flows:l,start:0,limit:0,length:0};let{count:u}=await c.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{flows:l,start:i*a,limit:a,length:w(u)}}}function je(e){return async(t,n,i)=>{let a={...i,updated_at:new Date().toISOString()};i.actions!==void 0&&(a.actions=JSON.stringify(i.actions));let{numUpdatedRows:o}=await e.updateTable(`flows`).set(a).where(`id`,`=`,n).where(`tenant_id`,`=`,t).executeTakeFirst();if(o===0n)return null;let s=await e.selectFrom(`flows`).selectAll().where(`id`,`=`,n).where(`tenant_id`,`=`,t).executeTakeFirst();return s?r.flowSchema.parse({...s,actions:s.actions?JSON.parse(s.actions):[]}):null}}function Me(e){return async(t,n)=>((await e.deleteFrom(`flows`).where(`id`,`=`,n).where(`tenant_id`,`=`,t).execute())[0]?.numDeletedRows??0n)>0n}function Ne(e){return{create:Ee(e),get:ke(e),list:Ae(e),update:je(e),remove:Me(e)}}function A(e,t,n={...e}){for(let r of t)e[r]!==void 0&&(n[r]=JSON.stringify(e[r]));return n}function Pe(e,t,n=e){for(let r of t)e[r]!==void 0&&(n[r]=+!!e[r])}function Fe(e){let t={};for(let n in e)e[n]!==void 0&&e[n]!==null&&(t[n]=e[n]);return t}function Ie(e){let t={...e};return e.session_cookie&&typeof e.session_cookie==`string`&&(t.session_cookie=JSON.parse(e.session_cookie)),e.enabled_locales&&typeof e.enabled_locales==`string`&&(t.enabled_locales=JSON.parse(e.enabled_locales)),e.error_page&&typeof e.error_page==`string`&&(t.error_page=JSON.parse(e.error_page)),e.flags&&typeof e.flags==`string`&&(t.flags=JSON.parse(e.flags)),e.sandbox_versions_available&&typeof e.sandbox_versions_available==`string`&&(t.sandbox_versions_available=JSON.parse(e.sandbox_versions_available)),e.change_password&&typeof e.change_password==`string`&&(t.change_password=JSON.parse(e.change_password)),e.guardian_mfa_page&&typeof e.guardian_mfa_page==`string`&&(t.guardian_mfa_page=JSON.parse(e.guardian_mfa_page)),e.sessions&&typeof e.sessions==`string`&&(t.sessions=JSON.parse(e.sessions)),e.oidc_logout&&typeof e.oidc_logout==`string`&&(t.oidc_logout=JSON.parse(e.oidc_logout)),e.device_flow&&typeof e.device_flow==`string`&&(t.device_flow=JSON.parse(e.device_flow)),e.default_token_quota&&typeof e.default_token_quota==`string`&&(t.default_token_quota=JSON.parse(e.default_token_quota)),e.allowed_logout_urls&&typeof e.allowed_logout_urls==`string`&&(t.allowed_logout_urls=JSON.parse(e.allowed_logout_urls)),e.acr_values_supported&&typeof e.acr_values_supported==`string`&&(t.acr_values_supported=JSON.parse(e.acr_values_supported)),e.mtls&&typeof e.mtls==`string`&&(t.mtls=JSON.parse(e.mtls)),e.mfa&&typeof e.mfa==`string`&&(t.mfa=JSON.parse(e.mfa)),e.attack_protection&&typeof e.attack_protection==`string`&&(t.attack_protection=JSON.parse(e.attack_protection)),e.allow_organization_name_in_authentication_api!==void 0&&(t.allow_organization_name_in_authentication_api=e.allow_organization_name_in_authentication_api===1),e.customize_mfa_in_postlogin_action!==void 0&&(t.customize_mfa_in_postlogin_action=e.customize_mfa_in_postlogin_action===1),e.pushed_authorization_requests_supported!==void 0&&(t.pushed_authorization_requests_supported=e.pushed_authorization_requests_supported===1),e.authorization_response_iss_parameter_supported!==void 0&&(t.authorization_response_iss_parameter_supported=e.authorization_response_iss_parameter_supported===1),E(t)}function Le(e){let t={...e};return A(e,[`session_cookie`,`enabled_locales`,`error_page`,`flags`,`sandbox_versions_available`,`change_password`,`guardian_mfa_page`,`sessions`,`oidc_logout`,`device_flow`,`default_token_quota`,`allowed_logout_urls`,`acr_values_supported`,`mtls`,`mfa`,`attack_protection`],t),e.allow_organization_name_in_authentication_api!==void 0&&(t.allow_organization_name_in_authentication_api=+!!e.allow_organization_name_in_authentication_api),e.customize_mfa_in_postlogin_action!==void 0&&(t.customize_mfa_in_postlogin_action=+!!e.customize_mfa_in_postlogin_action),e.pushed_authorization_requests_supported!==void 0&&(t.pushed_authorization_requests_supported=+!!e.pushed_authorization_requests_supported),e.authorization_response_iss_parameter_supported!==void 0&&(t.authorization_response_iss_parameter_supported=+!!e.authorization_response_iss_parameter_supported),Fe(t)}function Re(e){return async t=>{let r={id:t.id||(0,n.nanoid)(),created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...t},i=Le(r);try{await e.insertInto(`tenants`).values(i).execute()}catch(e){throw e?.message?.includes(`UNIQUE constraint failed`)||e?.message?.includes(`duplicate key`)||e?.code===`SQLITE_CONSTRAINT`||e?.code===`ER_DUP_ENTRY`||e?.code===`23505`?new T(409,{message:`Tenant with ID '${r.id}' already exists`}):e}return r}}function ze(e){return async t=>{let n=await e.selectFrom(`tenants`).where(`tenants.id`,`=`,t).selectAll().executeTakeFirst();return n?Ie(n):null}}function Be(e){return async t=>{let n=e.selectFrom(`tenants`),{page:r=0,per_page:i=50,include_totals:a=!1,sort:o,q:s}=t||{};if(o&&o.sort_by){let{ref:t}=e.dynamic;n=n.orderBy(t(o.sort_by),o.sort_order)}s&&(n=C(e,n,s,[`friendly_name`]));let c=(await n.offset(r*i).limit(i).selectAll().execute()).map(Ie);if(!a)return{tenants:c};let{count:l}=await n.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow(),u=w(l);return{tenants:c,start:r*i,limit:i,length:u}}}function Ve(e){return async(t,n)=>{let r={...Le(n),id:t,updated_at:new Date().toISOString()};await e.updateTable(`tenants`).set(r).where(`id`,`=`,t).execute()}}function He(e){return async t=>(await e.deleteFrom(`tenants`).where(`tenants.id`,`=`,t).execute()).length===1}function Ue(e){return{create:Re(e),get:ze(e),list:Be(e),update:Ve(e),remove:He(e)}}function We(e){return e?JSON.stringify(e):void 0}var Ge=256;function Ke(e){return async(t,r)=>{let i=r.user_agent?.slice(0,Ge),a=r.log_id||(0,n.nanoid)(),{location_info:o,...s}=r;return await e.insertInto(`logs`).values({...s,log_id:a,tenant_id:t,user_agent:i,description:r.description?.substring(0,256),isMobile:+!!r.isMobile,scope:r.scope,auth0_client:We(r.auth0_client),details:We(r.details)?.substring(0,8192),country_code:o?.country_code,city_name:o?.city_name,latitude:o?.latitude,longitude:o?.longitude,time_zone:o?.time_zone,continent_code:o?.continent_code}).execute(),{...r,log_id:a,user_agent:i}}}function qe(e){if(!e)return``;try{return JSON.parse(e)}catch{return e}}function Je(e){return{...e,client_id:e.client_id,client_name:``,auth0_client:qe(e.auth0_client),details:qe(e.details),isMobile:!!e.isMobile,scope:e.scope||void 0,log_id:e.log_id,location_info:e.country_code?{country_code:e.country_code,city_name:e.city_name||``,latitude:e.latitude||``,longitude:e.longitude||``,time_zone:e.time_zone||``,continent_code:e.continent_code||``}:void 0}}function Ye(e){return async(t,n={})=>{let{page:r=0,per_page:i=50,include_totals:a=!1,sort:o,q:s,from_date:c,to_date:l}=n,u=e.selectFrom(`logs`).where(`logs.tenant_id`,`=`,t);s&&(u=C(e,u,s,[`user_id`,`ip`],[`description`])),typeof c==`number`&&Number.isFinite(c)&&(u=u.where(`logs.date`,`>=`,new Date(Math.floor(c)*1e3).toISOString())),typeof l==`number`&&Number.isFinite(l)&&(u=u.where(`logs.date`,`<=`,new Date(Math.floor(l)*1e3+999).toISOString()));let d=u;if(o&&o.sort_by){let{ref:t}=e.dynamic;d=d.orderBy(t(o.sort_by),o.sort_order)}d=d.offset(r*i).limit(i);let f=(await d.selectAll().execute()).map(Je);if(!a)return{logs:f,start:0,limit:0,length:0};let{count:p}=await u.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{logs:f,start:r*i,limit:i,length:w(p)}}}function Xe(e){return async(t,n)=>{let r=await e.selectFrom(`logs`).where(`logs.tenant_id`,`=`,t).where(`logs.log_id`,`=`,n).selectAll().executeTakeFirst();return r?Je(r):null}}function Ze(e){return{create:Ke(e),list:Ye(e),get:Xe(e)}}function Qe(e){return async(t,n)=>{let r=await e.selectFrom(`sessions`).where(`sessions.tenant_id`,`=`,t).where(`sessions.id`,`=`,n).selectAll().executeTakeFirst();if(!r)return null;let{tenant_id:i,device:a,clients:o,created_at_ts:s,updated_at_ts:c,expires_at_ts:l,idle_expires_at_ts:u,authenticated_at_ts:d,last_interaction_at_ts:f,used_at_ts:p,revoked_at_ts:m,...h}=r,g=x({created_at_ts:s,updated_at_ts:c,expires_at_ts:l,idle_expires_at_ts:u,authenticated_at_ts:d,last_interaction_at_ts:f,used_at_ts:p,revoked_at_ts:m},[`created_at_ts`,`updated_at_ts`,`authenticated_at_ts`,`last_interaction_at_ts`],[`expires_at_ts`,`idle_expires_at_ts`,`used_at_ts`,`revoked_at_ts`]);return{...h,...g,device:JSON.parse(a),clients:JSON.parse(o)}}}function $e(e){return async(t,n)=>{let r=Date.now(),i=b(),a={...n,created_at:i,updated_at:i,authenticated_at:i,last_interaction_at:i},{expires_at:o,idle_expires_at:s,used_at:c,revoked_at:l,device:u,clients:d,...f}=n;return await e.insertInto(`sessions`).values({...f,tenant_id:t,created_at_ts:r,updated_at_ts:r,authenticated_at_ts:r,last_interaction_at_ts:r,expires_at_ts:y(o),idle_expires_at_ts:y(s),used_at_ts:y(c),revoked_at_ts:y(l),device:JSON.stringify(u),clients:JSON.stringify(d)}).execute(),a}}function et(e){return async(t,n)=>!!(await e.deleteFrom(`sessions`).where(`tenant_id`,`=`,t).where(`sessions.id`,`=`,n).execute()).length}function tt(e){return async(t,n,r)=>{let i={updated_at_ts:Date.now(),device:r.device?JSON.stringify(r.device):void 0,clients:r.clients?JSON.stringify(r.clients):void 0};return r.expires_at!==void 0&&(i.expires_at_ts=y(r.expires_at)),r.idle_expires_at!==void 0&&(i.idle_expires_at_ts=y(r.idle_expires_at)),r.authenticated_at!==void 0&&(i.authenticated_at_ts=y(r.authenticated_at)),r.last_interaction_at!==void 0&&(i.last_interaction_at_ts=y(r.last_interaction_at)),r.used_at!==void 0&&(i.used_at_ts=y(r.used_at)),r.revoked_at!==void 0&&(i.revoked_at_ts=y(r.revoked_at)),r.user_id!==void 0&&(i.user_id=r.user_id),r.login_session_id!==void 0&&(i.login_session_id=r.login_session_id),!!(await e.updateTable(`sessions`).set(i).where(`tenant_id`,`=`,t).where(`sessions.id`,`=`,n).execute()).length}}function nt(e){return async(t,n={})=>{let{page:r=0,per_page:i=50,include_totals:a=!1,sort:o,q:s}=n,c=e.selectFrom(`sessions`).where(`sessions.tenant_id`,`=`,t);s&&(c=C(e,c,s,[`user_id`,`session_id`]));let l=c;if(o&&o.sort_by){let{ref:t}=e.dynamic;l=l.orderBy(t(o.sort_by),o.sort_order)}l=l.offset(r*i).limit(i);let u=(await l.selectAll().execute()).map(e=>{let{tenant_id:t,device:n,clients:r,created_at_ts:i,updated_at_ts:a,expires_at_ts:o,idle_expires_at_ts:s,authenticated_at_ts:c,last_interaction_at_ts:l,used_at_ts:u,revoked_at_ts:d,...f}=e,p=x({created_at_ts:i,updated_at_ts:a,expires_at_ts:o,idle_expires_at_ts:s,authenticated_at_ts:c,last_interaction_at_ts:l,used_at_ts:u,revoked_at_ts:d},[`created_at_ts`,`updated_at_ts`,`authenticated_at_ts`,`last_interaction_at_ts`],[`expires_at_ts`,`idle_expires_at_ts`,`used_at_ts`,`revoked_at_ts`]);return{...f,...p,device:JSON.parse(n),clients:JSON.parse(r)}});if(!a)return{sessions:u,start:0,limit:0,length:0};let{count:d}=await c.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow(),f=w(d);return{sessions:u,start:r*i,limit:i,length:f}}}function rt(e){return{create:$e(e),get:Qe(e),list:nt(e),remove:et(e),update:tt(e)}}function it(e){return async(t,n)=>{let r=await e.selectFrom(`passwords`).where(`passwords.tenant_id`,`=`,t).where(`passwords.user_id`,`=`,n).where(`passwords.is_current`,`=`,1).selectAll().executeTakeFirst();if(!r)return null;let{tenant_id:i,...a}=r;return{...a,is_current:!!a.is_current}}}function at(e){return async(t,r)=>{let i=r.id||(0,n.nanoid)(),a=r.is_current??!0,o={id:i,...r,is_current:a,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};return a&&await e.updateTable(`passwords`).set({is_current:0}).where(`user_id`,`=`,r.user_id).where(`tenant_id`,`=`,t).where(`is_current`,`=`,1).execute(),await e.insertInto(`passwords`).values({...o,is_current:+!!o.is_current,tenant_id:t}).execute(),o}}function ot(e){return async(t,n)=>{let r=e.updateTable(`passwords`).set({password:n.password,algorithm:n.algorithm,is_current:+!!n.is_current,updated_at:new Date().toISOString()}).where(`tenant_id`,`=`,t).where(`user_id`,`=`,n.user_id);return r=n.id?r.where(`id`,`=`,n.id):r.where(`is_current`,`=`,1),(await r.execute()).length===1}}function st(e){return async(t,n,r)=>{let i=e.selectFrom(`passwords`).where(`passwords.tenant_id`,`=`,t).where(`passwords.user_id`,`=`,n).orderBy(`created_at`,`desc`);return r&&(i=i.limit(r)),(await i.selectAll().execute()).map(({tenant_id:e,...t})=>({...t,is_current:!!t.is_current}))}}function ct(e){return{create:at(e),update:ot(e),get:it(e),list:st(e)}}function lt(e){return async(t,n={})=>{let{page:i=0,per_page:a=50,include_totals:o=!1,q:s}=n,c=e.selectFrom(`codes`).where(`codes.tenant_id`,`=`,t);s&&(c=C(e,c,s,[`code`,`login_id`]));let l=(await c.offset(i*a).limit(a).selectAll().execute()).map(e=>{let{tenant_id:t,...n}=e;return r.codeSchema.parse(E(n))});if(!o)return{codes:l,start:0,limit:0,length:0};let{count:u}=await c.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{codes:l,start:i*a,limit:a,length:w(u)}}}function ut(e){return async(t,n)=>{let r={...n,created_at:new Date().toISOString()};return await e.insertInto(`codes`).values({...r,tenant_id:t}).execute(),r}}function dt(e){return async(t,n)=>(await e.deleteFrom(`codes`).where(`codes.tenant_id`,`=`,t).where(`codes.code_id`,`=`,n).executeTakeFirst()).numDeletedRows>0}function ft(e){return async(t,n,r)=>{let i=e.selectFrom(`codes`).where(`codes.code_id`,`=`,n).where(`codes.code_type`,`=`,r);t.length&&(i=i.where(`codes.tenant_id`,`=`,t));let a=await i.selectAll().executeTakeFirst();return a?E(a):null}}function pt(e){return async(t,n)=>(await e.updateTable(`codes`).set({used_at:new Date().toISOString()}).where(`codes.tenant_id`,`=`,t).where(`codes.code_id`,`=`,n).executeTakeFirst()).numUpdatedRows>0}function mt(e){return async(t,n)=>(await e.updateTable(`codes`).set({used_at:new Date().toISOString()}).where(`codes.tenant_id`,`=`,t).where(`codes.code_id`,`=`,n).where(`codes.used_at`,`is`,null).executeTakeFirst()).numUpdatedRows>0}function ht(e){return{create:ut(e),list:lt(e),remove:dt(e),used:pt(e),consume:mt(e),get:ft(e)}}function gt(e){return async(t,n)=>{let{is_system:r,...i}=n;delete i.enabled_clients;let a={id:i.id||l(),...i,is_system:r?!0:void 0,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};return await e.insertInto(`connections`).values({...a,is_system:+!!r,options:JSON.stringify(a.options||{}),tenant_id:t}).execute(),a}}function j(e){let{is_system:t,...n}=e;return E({...n,is_system:t?!0:void 0,options:typeof e.options==`string`?JSON.parse(e.options):{}})}function _t(e){return e.map(j)}function vt(e){return async(t,n={})=>{let{page:r=0,per_page:i=50,include_totals:a=!1,q:o}=n,s=e.selectFrom(`connections`).where(`connections.tenant_id`,`=`,t);o&&(s=C(e,s,o,[`user_id`,`ip`]));let c=_t(await s.offset(r*i).limit(i).selectAll().execute());if(!a)return{connections:c,start:0,limit:0,length:0};let{count:l}=await s.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{connections:c,start:r*i,limit:i,length:w(l)}}}function yt(e){return async(t,n)=>(await e.deleteFrom(`connections`).where(`connections.tenant_id`,`=`,t).where(`connections.id`,`=`,n).executeTakeFirst()).numDeletedRows>0}function bt(e){return async(t,n)=>{let r=await e.selectFrom(`connections`).where(`connections.tenant_id`,`=`,t).where(`connections.id`,`=`,n).selectAll().executeTakeFirst();return r?j(r):null}}function xt(e){return async(t,n,r)=>{let{is_system:i,...a}=r;delete a.enabled_clients;let o={...a,is_system:i===void 0?void 0:+!!i,updated_at:new Date().toISOString()};return await e.updateTable(`connections`).set({...o,options:o.options?JSON.stringify(o.options):void 0}).where(`connections.id`,`=`,n).where(`connections.tenant_id`,`=`,t).execute(),!0}}function St(e){return{create:gt(e),get:bt(e),list:vt(e),remove:yt(e),update:xt(e)}}function Ct(e){return async(t,r)=>{let i=r.client_id??(0,n.nanoid)(),a={created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...r,client_id:i,global:r.global??!1,is_first_party:r.is_first_party??!1,oidc_conformant:r.oidc_conformant??!0,auth0_conformant:r.auth0_conformant??!0,sso:r.sso??!1,sso_disabled:r.sso_disabled??!1,cross_origin_authentication:r.cross_origin_authentication??!1,custom_login_page_on:r.custom_login_page_on??!1,require_pushed_authorization_requests:r.require_pushed_authorization_requests??!1,require_proof_of_possession:r.require_proof_of_possession??!1,hide_sign_up_disabled_error:r.hide_sign_up_disabled_error??!1},o={...a,tenant_id:t};return Pe(a,[`global`,`is_first_party`,`oidc_conformant`,`auth0_conformant`,`sso`,`sso_disabled`,`cross_origin_authentication`,`custom_login_page_on`,`require_pushed_authorization_requests`,`require_proof_of_possession`,`hide_sign_up_disabled_error`],o),Object.assign(o,{callbacks:JSON.stringify(r.callbacks||[]),allowed_origins:JSON.stringify(r.allowed_origins||[]),web_origins:JSON.stringify(r.web_origins||[]),client_aliases:JSON.stringify(r.client_aliases||[]),allowed_clients:JSON.stringify(r.allowed_clients||[]),connections:JSON.stringify(r.connections||[]),allowed_logout_urls:JSON.stringify(r.allowed_logout_urls||[]),session_transfer:JSON.stringify(r.session_transfer||{}),oidc_logout:JSON.stringify(r.oidc_logout||{}),grant_types:JSON.stringify(r.grant_types||[]),jwt_configuration:JSON.stringify(r.jwt_configuration||{}),signing_keys:JSON.stringify(r.signing_keys||[]),encryption_key:JSON.stringify(r.encryption_key||{}),addons:JSON.stringify(r.addons||{}),client_metadata:JSON.stringify(r.client_metadata||{}),mobile:JSON.stringify(r.mobile||{}),native_social_login:JSON.stringify(r.native_social_login||{}),refresh_token:JSON.stringify(r.refresh_token||{}),default_organization:JSON.stringify(r.default_organization||{}),client_authentication_methods:JSON.stringify(r.client_authentication_methods||{}),signed_request_object:JSON.stringify(r.signed_request_object||{}),token_quota:JSON.stringify(r.token_quota||{}),owner_user_id:r.owner_user_id??null,registration_type:r.registration_type??null,registration_metadata:r.registration_metadata?JSON.stringify(r.registration_metadata):null}),await e.insertInto(`clients`).values(o).execute(),a}}function wt(e){return async(t,n)=>{let r=await e.selectFrom(`clients`).where(`clients.tenant_id`,`=`,t).where(`clients.client_id`,`=`,n).selectAll().executeTakeFirst();if(!r)return null;let{tenant_id:i,...a}=r;return E({...a,global:!!r.global,is_first_party:!!r.is_first_party,oidc_conformant:!!r.oidc_conformant,auth0_conformant:!!r.auth0_conformant,sso:!!r.sso,sso_disabled:!!r.sso_disabled,cross_origin_authentication:!!r.cross_origin_authentication,custom_login_page_on:!!r.custom_login_page_on,require_pushed_authorization_requests:!!r.require_pushed_authorization_requests,require_proof_of_possession:!!r.require_proof_of_possession,hide_sign_up_disabled_error:!!r.hide_sign_up_disabled_error,callbacks:JSON.parse(r.callbacks),allowed_origins:JSON.parse(r.allowed_origins),web_origins:JSON.parse(r.web_origins),client_aliases:JSON.parse(r.client_aliases),allowed_clients:JSON.parse(r.allowed_clients),connections:JSON.parse(r.connections||`[]`),allowed_logout_urls:JSON.parse(r.allowed_logout_urls),session_transfer:JSON.parse(r.session_transfer),oidc_logout:JSON.parse(r.oidc_logout),grant_types:JSON.parse(r.grant_types),jwt_configuration:JSON.parse(r.jwt_configuration),signing_keys:JSON.parse(r.signing_keys),encryption_key:JSON.parse(r.encryption_key),addons:JSON.parse(r.addons),client_metadata:JSON.parse(r.client_metadata),mobile:JSON.parse(r.mobile),native_social_login:JSON.parse(r.native_social_login),refresh_token:JSON.parse(r.refresh_token),default_organization:JSON.parse(r.default_organization),client_authentication_methods:JSON.parse(r.client_authentication_methods),signed_request_object:JSON.parse(r.signed_request_object),token_quota:JSON.parse(r.token_quota),registration_metadata:r.registration_metadata?JSON.parse(r.registration_metadata):void 0})}}function Tt(e){return async t=>{let n=await e.selectFrom(`clients`).where(`clients.client_id`,`=`,t).selectAll().executeTakeFirst();return n?E({...n,global:!!n.global,is_first_party:!!n.is_first_party,oidc_conformant:!!n.oidc_conformant,auth0_conformant:!!n.auth0_conformant,sso:!!n.sso,sso_disabled:!!n.sso_disabled,cross_origin_authentication:!!n.cross_origin_authentication,custom_login_page_on:!!n.custom_login_page_on,require_pushed_authorization_requests:!!n.require_pushed_authorization_requests,require_proof_of_possession:!!n.require_proof_of_possession,hide_sign_up_disabled_error:!!n.hide_sign_up_disabled_error,callbacks:JSON.parse(n.callbacks),allowed_origins:JSON.parse(n.allowed_origins),web_origins:JSON.parse(n.web_origins),client_aliases:JSON.parse(n.client_aliases),allowed_clients:JSON.parse(n.allowed_clients),connections:JSON.parse(n.connections||`[]`),allowed_logout_urls:JSON.parse(n.allowed_logout_urls),session_transfer:JSON.parse(n.session_transfer),oidc_logout:JSON.parse(n.oidc_logout),grant_types:JSON.parse(n.grant_types),jwt_configuration:JSON.parse(n.jwt_configuration),signing_keys:JSON.parse(n.signing_keys),encryption_key:JSON.parse(n.encryption_key),addons:JSON.parse(n.addons),client_metadata:JSON.parse(n.client_metadata),mobile:JSON.parse(n.mobile),native_social_login:JSON.parse(n.native_social_login),refresh_token:JSON.parse(n.refresh_token),default_organization:JSON.parse(n.default_organization),client_authentication_methods:JSON.parse(n.client_authentication_methods),signed_request_object:JSON.parse(n.signed_request_object),token_quota:JSON.parse(n.token_quota),registration_metadata:n.registration_metadata?JSON.parse(n.registration_metadata):void 0}):null}}function Et(e){return async(t,n)=>{let r=e.selectFrom(`clients`).where(`clients.tenant_id`,`=`,t),a=new Set([`owner_user_id`,`registration_type`]);if(n?.q){let e=n.q.trim().match(/^([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/);if(e&&a.has(e[1])&&e[2]){let t=e[1];r=r.where(t,`=`,e[2])}else r=r.where(e=>e.or([e(`name`,`like`,`%${n.q}%`),e(`client_id`,`like`,`%${n.q}%`)]))}if(n?.sort){let e=n.sort.sort_order===`asc`?`asc`:`desc`,t=n.sort.sort_by;r=[`name`,`client_id`,`created_at`,`updated_at`].includes(t)?r.orderBy(t,e):r.orderBy(`created_at`,`desc`)}else r=r.orderBy(`created_at`,`desc`);if(n?.from!==void 0){let e=parseInt(n.from,10);isNaN(e)||(r=r.offset(e))}else if(n?.page!==void 0){let e=n?.per_page||n?.take||10,t=n.page*e;r=r.offset(t)}let o=n?.take||n?.per_page||10;r=r.limit(o);let s=await r.selectAll().execute(),c=s.length;if(n?.include_totals){let r=e.selectFrom(`clients`).select(i.sql`count(*)`.as(`count`)).where(`clients.tenant_id`,`=`,t);if(n?.q){let e=n.q.trim().match(/^([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/);if(e&&a.has(e[1])&&e[2]){let t=e[1];r=r.where(t,`=`,e[2])}else r=r.where(e=>e.or([e(`name`,`like`,`%${n.q}%`),e(`client_id`,`like`,`%${n.q}%`)]))}let o=await r.executeTakeFirst();c=Number(o?.count||0)}let l=s.map(e=>E({...e,global:!!e.global,is_first_party:!!e.is_first_party,oidc_conformant:!!e.oidc_conformant,auth0_conformant:!!e.auth0_conformant,sso:!!e.sso,sso_disabled:!!e.sso_disabled,cross_origin_authentication:!!e.cross_origin_authentication,custom_login_page_on:!!e.custom_login_page_on,require_pushed_authorization_requests:!!e.require_pushed_authorization_requests,require_proof_of_possession:!!e.require_proof_of_possession,hide_sign_up_disabled_error:!!e.hide_sign_up_disabled_error,callbacks:JSON.parse(e.callbacks),allowed_origins:JSON.parse(e.allowed_origins),web_origins:JSON.parse(e.web_origins),client_aliases:JSON.parse(e.client_aliases),allowed_clients:JSON.parse(e.allowed_clients),connections:JSON.parse(e.connections||`[]`),allowed_logout_urls:JSON.parse(e.allowed_logout_urls),session_transfer:JSON.parse(e.session_transfer),oidc_logout:JSON.parse(e.oidc_logout),grant_types:JSON.parse(e.grant_types),jwt_configuration:JSON.parse(e.jwt_configuration),signing_keys:JSON.parse(e.signing_keys),encryption_key:JSON.parse(e.encryption_key),addons:JSON.parse(e.addons),client_metadata:JSON.parse(e.client_metadata),mobile:JSON.parse(e.mobile),native_social_login:JSON.parse(e.native_social_login),refresh_token:JSON.parse(e.refresh_token),default_organization:JSON.parse(e.default_organization),client_authentication_methods:JSON.parse(e.client_authentication_methods),signed_request_object:JSON.parse(e.signed_request_object),token_quota:JSON.parse(e.token_quota),registration_metadata:e.registration_metadata?JSON.parse(e.registration_metadata):void 0})),u=n?.take||n?.per_page||10,d=n?.from?parseInt(n.from,10):n?.page?n.page*u:0;return{clients:l,totals:{start:isNaN(d)?0:d,limit:u,length:l.length,total:c}}}}function Dt(e){return async(t,n)=>(await e.deleteFrom(`clients`).where(`clients.tenant_id`,`=`,t).where(`clients.client_id`,`=`,n).executeTakeFirst()).numDeletedRows>0}function Ot(e){return async(t,n,r)=>{let i={...r,updated_at:new Date().toISOString()};return Pe(r,[`global`,`is_first_party`,`oidc_conformant`,`auth0_conformant`,`sso`,`sso_disabled`,`cross_origin_authentication`,`custom_login_page_on`,`require_pushed_authorization_requests`,`require_proof_of_possession`,`hide_sign_up_disabled_error`],i),A(r,[`callbacks`,`allowed_origins`,`web_origins`,`client_aliases`,`allowed_clients`,`connections`,`allowed_logout_urls`,`session_transfer`,`oidc_logout`,`grant_types`,`jwt_configuration`,`signing_keys`,`encryption_key`,`addons`,`client_metadata`,`mobile`,`native_social_login`,`refresh_token`,`default_organization`,`client_authentication_methods`,`signed_request_object`,`token_quota`,`registration_metadata`],i),(await e.updateTable(`clients`).set(i).where(`clients.tenant_id`,`=`,t).where(`clients.client_id`,`=`,n).executeTakeFirst()).numUpdatedRows>0}}function kt(e){return{create:Ct(e),get:wt(e),getByClientId:Tt(e),list:Et(e),remove:Dt(e),update:Ot(e)}}function At(e){return async(t,n)=>{let r=await e.selectFrom(`clients`).where(`clients.tenant_id`,`=`,t).where(`clients.client_id`,`=`,n).select(`connections`).executeTakeFirst();if(!r)return[];let i=JSON.parse(r.connections||`[]`);if(i.length===0)return[];let a=await e.selectFrom(`connections`).where(`connections.tenant_id`,`=`,t).where(`connections.id`,`in`,i).selectAll().execute(),o=new Map(a.map(e=>[e.id,j(e)]));return i.map(e=>o.get(e)).filter(e=>e!==void 0)}}function jt(e){return async(t,n,r)=>(await e.updateTable(`clients`).set({connections:JSON.stringify(r),updated_at:new Date().toISOString()}).where(`clients.tenant_id`,`=`,t).where(`clients.client_id`,`=`,n).executeTakeFirst()).numUpdatedRows>0}function Mt(e){return async(t,n)=>{let r=await e.selectFrom(`clients`).where(`clients.tenant_id`,`=`,t).select([`client_id`,`connections`]).execute(),i=[];for(let e of r)JSON.parse(e.connections||`[]`).includes(n)&&i.push(e.client_id);return i}}function Nt(e){return async(t,n,r)=>{let i=await e.selectFrom(`clients`).where(`clients.tenant_id`,`=`,t).where(`clients.client_id`,`=`,r).select(`connections`).executeTakeFirst();if(!i)return!1;let a=JSON.parse(i.connections||`[]`);return a.includes(n)?!0:(a.push(n),(await e.updateTable(`clients`).set({connections:JSON.stringify(a),updated_at:new Date().toISOString()}).where(`clients.tenant_id`,`=`,t).where(`clients.client_id`,`=`,r).executeTakeFirst()).numUpdatedRows>0)}}function Pt(e){return async(t,n,r)=>{let i=await e.selectFrom(`clients`).where(`clients.tenant_id`,`=`,t).where(`clients.client_id`,`=`,r).select(`connections`).executeTakeFirst();if(!i)return!1;let a=JSON.parse(i.connections||`[]`),o=a.filter(e=>e!==n);return o.length===a.length?!0:(await e.updateTable(`clients`).set({connections:JSON.stringify(o),updated_at:new Date().toISOString()}).where(`clients.tenant_id`,`=`,t).where(`clients.client_id`,`=`,r).executeTakeFirst()).numUpdatedRows>0}}function Ft(e){return{listByClient:At(e),updateByClient:jt(e),listByConnection:Mt(e),addClientToConnection:Nt(e),removeClientFromConnection:Pt(e)}}function It(e){return async(t,r)=>{let i=new Date().toISOString(),a=(0,n.nanoid)(),{scope:o,authorization_details_types:s,...c}=r,l={id:a,tenant_id:t,...c,scope:o?JSON.stringify(o):`[]`,authorization_details_types:s?JSON.stringify(s):`[]`,allow_any_organization:c.allow_any_organization===void 0?void 0:+!!c.allow_any_organization,is_system:c.is_system===void 0?void 0:+!!c.is_system,created_at:i,updated_at:i};return await e.insertInto(`client_grants`).values(l).execute(),E({id:a,tenant_id:t,...c,scope:o||[],authorization_details_types:s||[],allow_any_organization:c.allow_any_organization??!1,is_system:c.is_system??!1,created_at:i,updated_at:i})}}function Lt(e){return async(t,n)=>{let r=await e.selectFrom(`client_grants`).selectAll().where(`client_grants.tenant_id`,`=`,t).where(`client_grants.id`,`=`,n).executeTakeFirst();return r?E({id:r.id,client_id:r.client_id,audience:r.audience,scope:r.scope?JSON.parse(r.scope):[],organization_usage:r.organization_usage,allow_any_organization:r.allow_any_organization===void 0?!1:!!r.allow_any_organization,is_system:r.is_system===void 0?!1:!!r.is_system,subject_type:r.subject_type,authorization_details_types:r.authorization_details_types?JSON.parse(r.authorization_details_types):[],created_at:r.created_at,updated_at:r.updated_at}):null}}function Rt(e){return async(t,n={})=>{let{page:r=0,per_page:i=50,include_totals:a=!1,q:o,sort:s}=n,c=e.selectFrom(`client_grants`).where(`client_grants.tenant_id`,`=`,t);if(o){let t=o.trim(),n=t.split(/\s+/),r=n.length===1?n[0]:void 0,i=r?r.match(/^(-)?([a-zA-Z_][a-zA-Z0-9_]*):"?([^"]*)"?$/):null,a=i?i[3]:``,s=/^(>=|>|<=|<)/.test(a||``);if(i&&!s&&a){let t=!!i[1],n=i[2],{ref:r}=e.dynamic,o=r(`client_grants.${n}`);if(n===`allow_any_organization`){let e=+(a===`true`);c=t?c.where(o,`!=`,e):c.where(o,`=`,e)}else c=t?c.where(o,`!=`,a):c.where(o,`=`,a)}else c=C(e,c,t,[])}let l=c;if(s){let{ref:t}=e.dynamic;l=l.orderBy(t(s.sort_by),s.sort_order)}else l=l.orderBy(`client_grants.created_at`,`desc`);l=l.limit(i).offset(r*i);let u=(await l.selectAll().execute()).map(e=>E({id:e.id,client_id:e.client_id,audience:e.audience,scope:e.scope?JSON.parse(e.scope):[],organization_usage:e.organization_usage,allow_any_organization:e.allow_any_organization===void 0?!1:!!e.allow_any_organization,is_system:e.is_system===void 0?!1:!!e.is_system,subject_type:e.subject_type,authorization_details_types:e.authorization_details_types?JSON.parse(e.authorization_details_types):[],created_at:e.created_at,updated_at:e.updated_at}));if(!a)return{client_grants:u,start:0,limit:0,length:0};let{count:d}=await c.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{client_grants:u,start:r*i,limit:i,length:w(d)}}}function zt(e){return async(t,n)=>((await e.deleteFrom(`client_grants`).where(`client_grants.tenant_id`,`=`,t).where(`client_grants.id`,`=`,n).executeTakeFirst()).numDeletedRows??0n)>0n}function Bt(e){return async(t,n,r)=>{let i=new Date().toISOString(),{scope:a,authorization_details_types:o,...s}=r,c={...s,updated_at:i};return a!==void 0&&(c.scope=JSON.stringify(a)),o!==void 0&&(c.authorization_details_types=JSON.stringify(o)),s.allow_any_organization!==void 0&&(c.allow_any_organization=+!!s.allow_any_organization),s.is_system!==void 0&&(c.is_system=+!!s.is_system),((await e.updateTable(`client_grants`).set(c).where(`client_grants.tenant_id`,`=`,t).where(`client_grants.id`,`=`,n).executeTakeFirst()).numUpdatedRows??0n)>0n}}function Vt(e){return{create:It(e),get:Lt(e),list:Rt(e),remove:zt(e),update:Bt(e)}}function Ht(e){return async(t,n)=>{let r=Date.now();return await e.insertInto(`client_registration_tokens`).values({id:n.id,tenant_id:t,token_hash:n.token_hash,type:n.type,client_id:n.client_id??null,sub:n.sub??null,constraints:n.constraints?JSON.stringify(n.constraints):null,single_use:+!!n.single_use,expires_at_ts:y(n.expires_at),created_at_ts:r,used_at_ts:null,revoked_at_ts:null}).execute(),{id:n.id,token_hash:n.token_hash,type:n.type,client_id:n.client_id,sub:n.sub,constraints:n.constraints,single_use:n.single_use,expires_at:n.expires_at,created_at:new Date(r).toISOString()}}}function Ut(e){let t=r.clientRegistrationTokenTypeSchema.safeParse(e);if(!t.success)throw Error(`Unknown client_registration_tokens.type: ${e}`);return t.data}function Wt(e){if(!e)return;let t;try{t=JSON.parse(e)}catch{return}return(0,r.isPlainObject)(t)?t:void 0}function M(e){return{id:e.id,token_hash:e.token_hash,type:Ut(e.type),client_id:e.client_id??void 0,sub:e.sub??void 0,constraints:Wt(e.constraints),single_use:!!e.single_use,expires_at:_(e.expires_at_ts),used_at:_(e.used_at_ts),revoked_at:_(e.revoked_at_ts),created_at:v(e.created_at_ts)}}function Gt(e){return async(t,n)=>{let r=await e.selectFrom(`client_registration_tokens`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).selectAll().executeTakeFirst();return r?M(r):null}}function Kt(e){return async(t,n)=>{let r=await e.selectFrom(`client_registration_tokens`).where(`tenant_id`,`=`,t).where(`token_hash`,`=`,n).selectAll().executeTakeFirst();return r?M(r):null}}function qt(e){return async(t,n)=>(await e.selectFrom(`client_registration_tokens`).where(`tenant_id`,`=`,t).where(`client_id`,`=`,n).orderBy(`created_at_ts`,`desc`).selectAll().execute()).map(M)}function Jt(e){return async(t,n,r)=>(await e.updateTable(`client_registration_tokens`).set({used_at_ts:y(r)}).where(`tenant_id`,`=`,t).where(`id`,`=`,n).where(`used_at_ts`,`is`,null).executeTakeFirst()).numUpdatedRows>0}function Yt(e){return async(t,n,r)=>(await e.updateTable(`client_registration_tokens`).set({revoked_at_ts:y(r)}).where(`tenant_id`,`=`,t).where(`id`,`=`,n).where(`revoked_at_ts`,`is`,null).executeTakeFirst()).numUpdatedRows>0}function Xt(e){return async(t,n,r)=>{let i=await e.updateTable(`client_registration_tokens`).set({revoked_at_ts:y(r)}).where(`tenant_id`,`=`,t).where(`client_id`,`=`,n).where(`revoked_at_ts`,`is`,null).executeTakeFirst();return Number(i.numUpdatedRows)}}function Zt(e){return async(t,n)=>(await e.deleteFrom(`client_registration_tokens`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst()).numDeletedRows>0}function Qt(e){return{create:Ht(e),get:Gt(e),getByHash:Kt(e),listByClient:qt(e),markUsed:Jt(e),revoke:Yt(e),revokeByClient:Xt(e),remove:Zt(e)}}function $t(e){return async(t={})=>{let{page:n=0,per_page:r=100,include_totals:i=!1,sort:a,q:o}=t,s=e.selectFrom(`keys`).where(e=>e.or([e(`revoked_at`,`>`,new Date().toISOString()),e(`revoked_at`,`is`,null)]));o&&(s=C(e,s,o,[`kid`,`tenant_id`,`connection`,`fingerprint`,`thumbprint`,`type`]));let c=s.select(e=>e.fn.count(`kid`).as(`count`)),l=n*r;s=s.limit(r).offset(l),a&&(s=s.orderBy(a.sort_by,a.sort_order));let u=await s.selectAll().execute();return i?{signingKeys:u,start:l,limit:r,length:w((await c.executeTakeFirst())?.count??0)}:{signingKeys:u,start:0,limit:0,length:0}}}function en(e){return async t=>{await e.insertInto(`keys`).values({...t,created_at:new Date().toDateString()}).execute()}}function tn(e){return async(t,n)=>!!(await e.updateTable(`keys`).set(n).where(`kid`,`=`,t).execute()).length}function nn(e){return{create:en(e),list:$t(e),update:tn(e)}}function rn(e){return async(t,r)=>{let i={custom_domain_id:r.custom_domain_id||(0,n.nanoid)(),status:`pending`,primary:!1,...r};return await e.insertInto(`custom_domains`).values({...i,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),tenant_id:t,primary:+!!i.primary,domain_metadata:i.domain_metadata?JSON.stringify(i.domain_metadata):void 0}).execute(),i}}function an(e){return async t=>(await e.selectFrom(`custom_domains`).where(`custom_domains.tenant_id`,`=`,t).selectAll().execute()).map(e=>({...e,primary:e.primary===1,domain_metadata:k(e.domain_metadata,void 0)}))}function on(e){return async(t,n)=>(await e.deleteFrom(`custom_domains`).where(`custom_domains.tenant_id`,`=`,t).where(`custom_domains.custom_domain_id`,`=`,n).execute()).length>0}function sn(e){return async(t,n)=>{let r=await e.selectFrom(`custom_domains`).where(`custom_domains.tenant_id`,`=`,t).where(`custom_domains.custom_domain_id`,`=`,n).selectAll().executeTakeFirst();return r?{...r,primary:r.primary===1,domain_metadata:k(r.domain_metadata,void 0),verification:k(r.verification,void 0)}:null}}function cn(e){return async(t,n,r)=>{let{verification:i,domain_metadata:a,primary:o,...s}=r,c={...s,updated_at:new Date().toISOString(),...o!==void 0&&{primary:+!!o},...a!==void 0&&{domain_metadata:JSON.stringify(a)},...i!==void 0&&{verification:JSON.stringify(i)}};return(await e.updateTable(`custom_domains`).set(c).where(`custom_domains.tenant_id`,`=`,t).where(`custom_domains.custom_domain_id`,`=`,n).execute()).length>0}}function ln(e){return async t=>{let n=await e.selectFrom(`custom_domains`).where(`custom_domains.domain`,`=`,t).selectAll().executeTakeFirst();return n?{...n,primary:n.primary===1,domain_metadata:k(n.domain_metadata,void 0)}:null}}function un(e){return{create:rn(e),get:sn(e),getByDomain:ln(e),list:an(e),remove:on(e),update:cn(e)}}function dn(e){return async t=>{let[n]=await e.selectFrom(`branding`).where(`branding.tenant_id`,`=`,t).selectAll().execute();if(!n)return null;let{tenant_id:r,colors_primary:i,colors_page_background_type:a,colors_page_background_start:o,colors_page_background_end:s,colors_page_background_angle_dev:c,font_url:l,...u}=n;return E({...u,colors:{primary:i,page_background:{type:a,start:o,end:s,angle_deg:c}},font:l?{url:l}:void 0})}}function fn(e){return async(t,n)=>{let{colors:r,font:i,...a}=n,o=r?.page_background,s=o&&typeof o==`object`?o:void 0;try{await e.insertInto(`branding`).values({...a,colors_primary:r?.primary,colors_page_background_type:s?.type,colors_page_background_start:s?.start,colors_page_background_end:s?.end,colors_page_background_angle_dev:s?.angle_deg,font_url:n.font?.url,tenant_id:t}).execute()}catch{await e.updateTable(`branding`).set({...a,colors_primary:r?.primary,colors_page_background_type:s?.type,colors_page_background_start:s?.start,colors_page_background_end:s?.end,colors_page_background_angle_dev:s?.angle_deg,font_url:n.font?.url}).where(`tenant_id`,`=`,t).execute()}}}function pn(e){return{get:dn(e),set:fn(e)}}function mn(e){return async t=>{let n=await e.selectFrom(`universal_login_templates`).select([`body`]).where(`tenant_id`,`=`,t).executeTakeFirst();return n?{body:n.body}:null}}function hn(e){return async(t,n)=>{let r=Date.now();try{await e.insertInto(`universal_login_templates`).values({tenant_id:t,body:n.body,created_at_ts:r,updated_at_ts:r}).execute()}catch{await e.updateTable(`universal_login_templates`).set({body:n.body,updated_at_ts:r}).where(`tenant_id`,`=`,t).execute()}}}function gn(e){return async t=>{await e.deleteFrom(`universal_login_templates`).where(`tenant_id`,`=`,t).execute()}}function _n(e){return{get:mn(e),set:hn(e),delete:gn(e)}}function vn(e){return async(t,n={})=>{let{page:r=0,per_page:i=50,include_totals:a=!1,sort:o,q:s}=n,c=e.selectFrom(`hooks`).where(`hooks.tenant_id`,`=`,t);if(s&&(c=C(e,c,s,[`url`,`form_id`,`template_id`,`code_id`])),o?.sort_by){let{ref:t}=e.dynamic;c=c.orderBy(t(o.sort_by),o.sort_order)}else c=c.orderBy(`priority`,`desc`).orderBy(`created_at_ts`,`asc`);let l=(await c.offset(r*i).limit(i).selectAll().execute()).map(e=>{let{tenant_id:t,enabled:n,synchronous:r,created_at_ts:i,updated_at_ts:a,metadata:o,...s}=e,c=x({created_at_ts:i,updated_at_ts:a},[`created_at_ts`,`updated_at_ts`]);return E({...s,...c,enabled:!!n,synchronous:!!r,metadata:De(o)})});if(!a)return{hooks:l,start:0,limit:0,length:0};let{count:u}=await c.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{hooks:l,start:r*i,limit:i,length:w(u)}}}function yn(e){return async(t,n)=>{let r=await e.selectFrom(`hooks`).where(`hooks.tenant_id`,`=`,t).where(`hooks.hook_id`,`=`,n).selectAll().executeTakeFirst();if(!r)return null;let{tenant_id:i,created_at_ts:a,updated_at_ts:o,metadata:s,...c}=r,l=x({created_at_ts:a,updated_at_ts:o},[`created_at_ts`,`updated_at_ts`]);return E({...c,...l,enabled:!!c.enabled,synchronous:!!c.synchronous,metadata:De(s)})}}function bn(e){return async(t,n)=>(await e.deleteFrom(`hooks`).where(`hooks.tenant_id`,`=`,t).where(`hooks.hook_id`,`=`,n).executeTakeFirst()).numDeletedRows>0}function xn(e){return async(t,n)=>{let r=Date.now(),i=n.hook_id||f(),{hook_id:a,enabled:o,synchronous:s,metadata:c,...l}=n;return await e.insertInto(`hooks`).values({...l,hook_id:i,tenant_id:t,enabled:+!!o,synchronous:+!!s,metadata:c?JSON.stringify(c):null,created_at_ts:r,updated_at_ts:r}).execute(),{...l,hook_id:i,enabled:o??!1,synchronous:s??!1,...c?{metadata:c}:{},created_at:new Date(r).toISOString(),updated_at:new Date(r).toISOString()}}}function Sn(e){return async(t,n,r)=>{let{hook_id:i,metadata:a,...o}=r,s={...o,updated_at_ts:Date.now(),enabled:r.enabled===void 0?void 0:+!!r.enabled,synchronous:r.synchronous===void 0?void 0:+!!r.synchronous,...a===void 0?{}:{metadata:a===null?null:JSON.stringify(a)}};return await e.updateTable(`hooks`).set(s).where(`hooks.hook_id`,`=`,n).where(`hooks.tenant_id`,`=`,t).execute(),!0}}function Cn(e){return{create:xn(e),get:yn(e),list:vn(e),update:Sn(e),remove:bn(e)}}function wn(e){return async(t,n)=>{let r=Date.now(),i=m();return await e.insertInto(`hook_code`).values({id:i,tenant_id:t,code:n.code,secrets:n.secrets?JSON.stringify(n.secrets):null,created_at_ts:r,updated_at_ts:r}).execute(),{id:i,tenant_id:t,code:n.code,secrets:n.secrets,created_at:new Date(r).toISOString(),updated_at:new Date(r).toISOString()}}}function Tn(e){return async(t,n)=>{let r=await e.selectFrom(`hook_code`).where(`hook_code.tenant_id`,`=`,t).where(`hook_code.id`,`=`,n).selectAll().executeTakeFirst();if(!r)return null;let{created_at_ts:i,updated_at_ts:a,secrets:o,...s}=r,c=x({created_at_ts:i,updated_at_ts:a},[`created_at_ts`,`updated_at_ts`]);return{...s,...c,secrets:o?(()=>{try{return JSON.parse(o)}catch{console.warn(`Failed to parse secrets for hook_code ${n}`);return}})():void 0}}}function En(e){return async(t,n,r)=>{let i={updated_at_ts:Date.now()};return r.code!==void 0&&(i.code=r.code),r.secrets!==void 0&&(i.secrets=JSON.stringify(r.secrets)),(await e.updateTable(`hook_code`).set(i).where(`hook_code.id`,`=`,n).where(`hook_code.tenant_id`,`=`,t).executeTakeFirst()).numUpdatedRows>0}}function Dn(e){return async(t,n)=>(await e.deleteFrom(`hook_code`).where(`hook_code.tenant_id`,`=`,t).where(`hook_code.id`,`=`,n).executeTakeFirst()).numDeletedRows>0}function On(e){return{create:wn(e),get:Tn(e),update:En(e),remove:Dn(e)}}function kn(e){return async(t,r,i)=>{let a={themeId:i||(0,n.nanoid)(),created_at:new Date().toISOString(),updated_at:new Date().toISOString(),...r},o={...a,tenant_id:t};return await e.insertInto(`themes`).values(O(o)).execute(),a}}function An(e){return async(t,n)=>(await e.deleteFrom(`themes`).where(`themes.tenant_id`,`=`,t).where(`themes.themeId`,`=`,n).executeTakeFirst()).numDeletedRows>0}function jn(e){return async(t,n)=>{let r=await e.selectFrom(`themes`).where(`themes.tenant_id`,`=`,t).where(`themes.themeId`,`=`,n).selectAll().executeTakeFirst();return r?E(Se({...r,borders_show_widget_shadow:!!r.borders_show_widget_shadow,fonts_body_text_bold:!!r.fonts_body_text_bold,fonts_buttons_text_bold:!!r.fonts_buttons_text_bold,fonts_input_labels_bold:!!r.fonts_input_labels_bold,fonts_links_bold:!!r.fonts_links_bold,fonts_subtitle_bold:!!r.fonts_subtitle_bold,fonts_title_bold:!!r.fonts_title_bold},[`widget`,`colors`,`borders`,`fonts`,`page_background`])):null}}function Mn(e){return async(t,n,r)=>{let{themeId:i,...a}=r,o=O({...a,updated_at:new Date().toISOString()});return await e.updateTable(`themes`).set(o).where(`themes.themeId`,`=`,n).where(`themes.tenant_id`,`=`,t).execute(),!0}}function Nn(e){return{create:kn(e),get:jn(e),remove:An(e),update:Mn(e)}}function Pn(e){return async(t,n)=>{let i=await e.selectFrom(`login_sessions`).where(`login_sessions.id`,`=`,n).selectAll().executeTakeFirst();if(!i)return null;let{created_at_ts:a,updated_at_ts:o,expires_at_ts:s,auth_params:c,...l}=i,u=x({created_at_ts:a,updated_at_ts:o,expires_at_ts:s},[`created_at_ts`,`updated_at_ts`,`expires_at_ts`]),d=Se(E({...l,...u,state:i.state||r.LoginSessionState.PENDING,state_data:i.state_data,failure_reason:i.failure_reason}),[`auth_strategy`]);return d.authParams=typeof c==`string`&&c.length>0?JSON.parse(c):{},r.loginSessionSchema.parse(d)}}var Fn=`0123456789ABCDEFGHJKMNPQRSTVWXYZ`,N=32,In=10,Ln=16;function Rn(e){let t=``;for(let n=In;n>0;n--)t=Fn.charAt(e%N)+t,e=Math.floor(e/N);return t}function zn(){let e=new Uint8Array(Ln);crypto.getRandomValues(e);let t=``;for(let n=0;n<Ln;n++)t+=Fn.charAt(e[n]%N);return t}function Bn(){return Rn(Date.now())+zn()}function Vn(e){return async(t,n)=>{let i=b(),a={id:Bn(),...n,authorization_url:n.authorization_url?.slice(0,1024),created_at:i,updated_at:i,state:n.state||r.LoginSessionState.PENDING,state_data:n.state_data,failure_reason:n.failure_reason},{authParams:o,...s}=a,c=Date.now(),l=O(s);return delete l.created_at,delete l.updated_at,delete l.expires_at,await e.insertInto(`login_sessions`).values({...l,tenant_id:t,auth_params:JSON.stringify(o),created_at_ts:c,updated_at_ts:c,expires_at_ts:n.expires_at?new Date(n.expires_at).getTime():c+1e3*60*60*24}).execute(),a}}function Hn(e){return async(t,n,r)=>{let{created_at:i,updated_at:a,expires_at:o,authParams:s,...c}=r,l={};if(s!==void 0){let r=(await e.selectFrom(`login_sessions`).where(`login_sessions.id`,`=`,n).where(`login_sessions.tenant_id`,`=`,t).select([`auth_params`]).executeTakeFirst())?.auth_params,i=typeof r==`string`&&r.length>0?JSON.parse(r):{};l={auth_params:JSON.stringify({...i,...s})}}let u=O(c);return delete u.created_at_ts,delete u.updated_at_ts,delete u.expires_at_ts,delete u.id,delete u.tenant_id,(await e.updateTable(`login_sessions`).set({...u,...l,updated_at_ts:Date.now(),...o===void 0?{}:{expires_at_ts:y(o)}}).where(`login_sessions.id`,`=`,n).where(`login_sessions.tenant_id`,`=`,t).execute()).length===1}}function Un(e){return async(t,n)=>(await e.deleteFrom(`login_sessions`).where(`login_sessions.tenant_id`,`=`,t).where(`login_sessions.id`,`=`,n).execute()).length>0}function Wn(e){return{create:Vn(e),get:Pn(e),update:Hn(e),remove:Un(e)}}function Gn(e){return async t=>{let[n]=await e.selectFrom(`prompt_settings`).where(`prompt_settings.tenant_id`,`=`,t).selectAll().execute();return E({identifier_first:!!n?.identifier_first,password_first:!!n?.password_first,webauthn_platform_first_factor:!!n?.webauthn_platform_first_factor,universal_login_experience:n?.universal_login_experience||`new`})}}function Kn(e){let t={};return typeof e.identifier_first==`boolean`&&(t.identifier_first=+!!e.identifier_first),typeof e.password_first==`boolean`&&(t.password_first=+!!e.password_first),typeof e.webauthn_platform_first_factor==`boolean`&&(t.webauthn_platform_first_factor=+!!e.webauthn_platform_first_factor),e.universal_login_experience&&(t.universal_login_experience=e.universal_login_experience),t}function qn(e){return async(t,n)=>{let r=Kn(n);try{await e.insertInto(`prompt_settings`).values({tenant_id:t,identifier_first:r.identifier_first??1,password_first:r.password_first??0,webauthn_platform_first_factor:r.webauthn_platform_first_factor??0,universal_login_experience:r.universal_login_experience??`new`}).execute()}catch{if(Object.keys(r).length===0)return;await e.updateTable(`prompt_settings`).set(r).where(`tenant_id`,`=`,t).execute()}}}function Jn(e){return{get:Gn(e),set:qn(e)}}function Yn(e){return async t=>{let[n]=await e.selectFrom(`email_providers`).where(`email_providers.tenant_id`,`=`,t).selectAll().execute();if(!n)return null;let{tenant_id:r,credentials:i,settings:a,enabled:o,...s}=n;return E({...s,credentials:JSON.parse(i),settings:JSON.parse(a),enabled:!!o})}}function Xn(e){return async(t,n)=>{let{credentials:r,settings:i,enabled:a,...o}=n;await e.updateTable(`email_providers`).set({...o,credentials:r?JSON.stringify(r):void 0,settings:i?JSON.stringify(i):void 0,enabled:a===void 0?void 0:+!!a}).where(`tenant_id`,`=`,t).execute()}}function Zn(e){return async(t,n)=>{let{credentials:r,settings:i,enabled:a,...o}=n;await e.insertInto(`email_providers`).values({...o,enabled:+!!a,credentials:JSON.stringify(r),settings:JSON.stringify(i),tenant_id:t,created_at:new Date().toISOString(),updated_at:new Date().toISOString()}).execute()}}function Qn(e){return async t=>{await e.deleteFrom(`email_providers`).where(`tenant_id`,`=`,t).execute()}}function $n(e){return{get:Yn(e),create:Zn(e),update:Xn(e),remove:Qn(e)}}function er(e){let t={template:e.template,body:e.body,from:e.from,subject:e.subject,syntax:e.syntax,includeEmailInRedirect:!!e.include_email_in_redirect,enabled:!!e.enabled};return e.result_url!==null&&e.result_url!==void 0&&(t.resultUrl=e.result_url),e.url_lifetime_in_seconds!==null&&e.url_lifetime_in_seconds!==void 0&&(t.urlLifetimeInSeconds=e.url_lifetime_in_seconds),t}function tr(e){return async(t,n)=>{let i=await e.selectFrom(`email_templates`).where(`tenant_id`,`=`,t).where(`template`,`=`,n).selectAll().executeTakeFirst();return i?r.emailTemplateSchema.parse(er(i)):null}}function nr(e){return async t=>(await e.selectFrom(`email_templates`).where(`tenant_id`,`=`,t).orderBy(`template`,`asc`).selectAll().execute()).map(e=>r.emailTemplateSchema.parse(er(e)))}function rr(e){return async(t,n)=>{let r=new Date().toISOString();return await e.insertInto(`email_templates`).values({tenant_id:t,template:n.template,body:n.body,from:n.from,subject:n.subject,syntax:n.syntax,result_url:n.resultUrl??null,url_lifetime_in_seconds:n.urlLifetimeInSeconds??null,include_email_in_redirect:+!!n.includeEmailInRedirect,enabled:+!!n.enabled,created_at:r,updated_at:r}).execute(),n}}function ir(e){return async(t,n,r)=>{let i={};if(r.body!==void 0&&(i.body=r.body),r.from!==void 0&&(i.from=r.from),r.subject!==void 0&&(i.subject=r.subject),r.syntax!==void 0&&(i.syntax=r.syntax),r.resultUrl!==void 0&&(i.result_url=r.resultUrl),r.urlLifetimeInSeconds!==void 0&&(i.url_lifetime_in_seconds=r.urlLifetimeInSeconds),r.includeEmailInRedirect!==void 0&&(i.include_email_in_redirect=+!!r.includeEmailInRedirect),r.enabled!==void 0&&(i.enabled=+!!r.enabled),Object.keys(i).length===0)return await e.selectFrom(`email_templates`).where(`tenant_id`,`=`,t).where(`template`,`=`,n).select(`template`).executeTakeFirst()!==void 0;i.updated_at=new Date().toISOString();let a=await e.updateTable(`email_templates`).set(i).where(`tenant_id`,`=`,t).where(`template`,`=`,n).executeTakeFirst();return Number(a.numUpdatedRows??0)>0}}function ar(e){return async(t,n)=>{let r=await e.deleteFrom(`email_templates`).where(`tenant_id`,`=`,t).where(`template`,`=`,n).executeTakeFirst();return Number(r.numDeletedRows??0)>0}}function or(e){return{get:tr(e),list:nr(e),create:rr(e),update:ir(e),remove:ar(e)}}function sr(e){return async(t,n)=>{let r=await e.selectFrom(`refresh_tokens`).where(`refresh_tokens.tenant_id`,`=`,t).where(`refresh_tokens.id`,`=`,n).selectAll().executeTakeFirst();if(!r)return null;let{tenant_id:i,created_at_ts:a,expires_at_ts:o,idle_expires_at_ts:s,last_exchanged_at_ts:c,revoked_at_ts:l,rotated_at_ts:u,...d}=r,f=x({created_at_ts:a,expires_at_ts:o,idle_expires_at_ts:s,last_exchanged_at_ts:c,revoked_at_ts:l,rotated_at_ts:u},[`created_at_ts`],[`expires_at_ts`,`idle_expires_at_ts`,`last_exchanged_at_ts`,`revoked_at_ts`,`rotated_at_ts`]);return{...d,...f,rotating:!!r.rotating,device:r.device?JSON.parse(r.device):{},resource_servers:r.resource_servers?JSON.parse(r.resource_servers):[]}}}function cr(e){return async(t,n)=>{let r=await e.selectFrom(`refresh_tokens`).where(`refresh_tokens.tenant_id`,`=`,t).where(`refresh_tokens.token_lookup`,`=`,n).selectAll().executeTakeFirst();if(!r)return null;let{tenant_id:i,created_at_ts:a,expires_at_ts:o,idle_expires_at_ts:s,last_exchanged_at_ts:c,revoked_at_ts:l,rotated_at_ts:u,...d}=r,f=x({created_at_ts:a,expires_at_ts:o,idle_expires_at_ts:s,last_exchanged_at_ts:c,revoked_at_ts:l,rotated_at_ts:u},[`created_at_ts`],[`expires_at_ts`,`idle_expires_at_ts`,`last_exchanged_at_ts`,`revoked_at_ts`,`rotated_at_ts`]);return{...d,...f,rotating:!!r.rotating,device:r.device?JSON.parse(r.device):{},resource_servers:r.resource_servers?JSON.parse(r.resource_servers):[]}}}function lr(e){return async(t,n)=>{let r=b(),i={...n,created_at:r},{expires_at:a,idle_expires_at:o,last_exchanged_at:s,rotated_at:c,device:l,resource_servers:u,rotating:d,...f}=n,p=Date.now(),m=y(a),h=o?y(o):null,g=Math.max(m??0,h??0);return await e.transaction().execute(async e=>{await e.insertInto(`refresh_tokens`).values({...f,tenant_id:t,rotating:+!!d,device:JSON.stringify(l),resource_servers:JSON.stringify(u),created_at_ts:p,expires_at_ts:m,idle_expires_at_ts:h,last_exchanged_at_ts:s?y(s):null,rotated_at_ts:c?y(c):null}).execute(),g>0&&n.login_id&&await e.updateTable(`login_sessions`).set({expires_at_ts:g,updated_at_ts:p}).where(`tenant_id`,`=`,t).where(`id`,`=`,n.login_id).where(`expires_at_ts`,`<`,g).execute()}),{...n,...i}}}function ur(e){return async(t,n)=>!!(await e.deleteFrom(`refresh_tokens`).where(`tenant_id`,`=`,t).where(`refresh_tokens.id`,`=`,n).execute()).length}function dr(e){return async(t,n,r)=>{let i=y(r),a=await e.updateTable(`refresh_tokens`).set({revoked_at_ts:i}).where(`tenant_id`,`=`,t).where(`login_id`,`=`,n).where(`revoked_at_ts`,`is`,null).executeTakeFirst();return Number(a.numUpdatedRows??0)}}function fr(e){return async(t,n,r)=>{let i=y(r),a=await e.updateTable(`refresh_tokens`).set({revoked_at_ts:i}).where(`tenant_id`,`=`,t).where(`family_id`,`=`,n).where(`revoked_at_ts`,`is`,null).executeTakeFirst();return Number(a.numUpdatedRows??0)}}function pr(e){return async(t,n,r,i)=>{let{created_at:a,expires_at:o,idle_expires_at:s,last_exchanged_at:c,revoked_at:l,rotated_at:u,device:d,resource_servers:f,rotating:p,...m}=r,h={...m,device:d?JSON.stringify(d):void 0,resource_servers:f?JSON.stringify(f):void 0,rotating:p===void 0?void 0:+!!p,expires_at_ts:o===void 0?void 0:y(o),idle_expires_at_ts:s===void 0?void 0:y(s),last_exchanged_at_ts:c===void 0?void 0:y(c),revoked_at_ts:l===void 0?void 0:y(l),rotated_at_ts:u===void 0?void 0:y(u)},g=i?.loginSessionBump,_=g?y(g.expires_at):null,v=await e.updateTable(`refresh_tokens`).set(h).where(`tenant_id`,`=`,t).where(`refresh_tokens.id`,`=`,n).executeTakeFirst();return g?.login_id&&_&&_>0&&await e.updateTable(`login_sessions`).set({expires_at_ts:_,updated_at_ts:Date.now()}).where(`tenant_id`,`=`,t).where(`id`,`=`,g.login_id).where(`expires_at_ts`,`<`,_).execute().catch(()=>{}),(v?.numUpdatedRows??0n)>0n}}function mr(e){return async(t,n={})=>{let{page:r=0,per_page:i=50,include_totals:a=!1,sort:o,q:s}=n,c=e.selectFrom(`refresh_tokens`).where(`refresh_tokens.tenant_id`,`=`,t);s&&(c=C(e,c,s,[`token`,`login_id`]));let l=c;if(o&&o.sort_by){let{ref:t}=e.dynamic;l=l.orderBy(t(o.sort_by),o.sort_order)}l=l.offset(r*i).limit(i);let u=(await l.selectAll().execute()).map(e=>{let{tenant_id:t,created_at_ts:n,expires_at_ts:r,idle_expires_at_ts:i,last_exchanged_at_ts:a,revoked_at_ts:o,rotated_at_ts:s,...c}=e,l=x({created_at_ts:n,expires_at_ts:r,idle_expires_at_ts:i,last_exchanged_at_ts:a,revoked_at_ts:o,rotated_at_ts:s},[`created_at_ts`],[`expires_at_ts`,`idle_expires_at_ts`,`last_exchanged_at_ts`,`revoked_at_ts`,`rotated_at_ts`]);return{...c,...l,rotating:!!e.rotating,device:e.device?JSON.parse(e.device):{},resource_servers:e.resource_servers?JSON.parse(e.resource_servers):[]}});if(!a)return{refresh_tokens:u,start:0,limit:0,length:0};let{count:d}=await c.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow(),f=w(d);return{refresh_tokens:u,start:r*i,limit:i,length:f}}}function hr(e){return{create:lr(e),get:sr(e),getByLookup:cr(e),list:mr(e),remove:ur(e),revokeByLoginSession:dr(e),revokeFamily:fr(e),update:pr(e)}}var gr=10080*60*1e3;function _r(e){return async t=>{let{tenant_id:n,user_id:r}=t||{},i=Date.now()-gr,a=1e3;try{let t=0;for(;;){let o=e.deleteFrom(`refresh_tokens`).where(e=>e.or([e(`expires_at_ts`,`<`,i),e(`idle_expires_at_ts`,`<`,i)]));n&&(o=o.where(`tenant_id`,`=`,n)),r&&(o=o.where(`user_id`,`=`,r));let s=await o.limit(a).execute(),c=Number(s[0]?.numDeletedRows??0);if(t+=c,c<a)break}let o=0;for(;;){let t=e.deleteFrom(`sessions`).where(e=>e.or([e(`expires_at_ts`,`<`,i),e(`idle_expires_at_ts`,`<`,i)]));n&&(t=t.where(`tenant_id`,`=`,n)),r&&(t=t.where(`user_id`,`=`,r));let s=await t.limit(a).execute(),c=Number(s[0]?.numDeletedRows??0);if(o+=c,c<a)break}let s=0;for(;;){let t=e.deleteFrom(`login_sessions`).where(`expires_at_ts`,`<`,i);n&&(t=t.where(`tenant_id`,`=`,n)),r&&(t=t.where(`user_id`,`=`,r));let o=await t.limit(a).execute(),c=Number(o[0]?.numDeletedRows??0);if(s+=c,c<a)break}(t>0||o>0||s>0)&&console.log(`Session cleanup: deleted ${t} refresh_tokens, ${o} sessions, ${s} login_sessions`)}catch(e){console.error(`Error during session cleanup:`,e)}}}function vr(e){return async(t,i)=>{let a=r.formSchema.parse({id:(0,n.nanoid)(),...i,created_at:new Date().toISOString(),updated_at:new Date().toISOString()});return await e.insertInto(`forms`).values({...a,nodes:JSON.stringify(a.nodes||[]),start:JSON.stringify(a.start||{}),ending:JSON.stringify(a.ending||{}),tenant_id:t}).execute(),r.formSchema.parse(a)}}function yr(e){return async(t,n={})=>{let{page:i=0,per_page:a=50,include_totals:o=!1,q:s}=n,c=e.selectFrom(`forms`).where(`tenant_id`,`=`,t);s&&(c=C(e,c,s,[]));let l=(await c.offset(i*a).limit(a).selectAll().execute()).map(e=>{let t={...e};if(typeof t.nodes==`string`)try{t.nodes=JSON.parse(t.nodes)}catch{}if(typeof t.start==`string`)try{t.start=JSON.parse(t.start)}catch{}if(typeof t.ending==`string`)try{t.ending=JSON.parse(t.ending)}catch{}return r.formSchema.parse(E(t))});if(!o)return{forms:l,start:0,limit:0,length:0};let{count:u}=await c.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{forms:l,start:i*a,limit:a,length:w(u)}}}function br(e){return async(t,n)=>{let{numDeletedRows:r}=await e.deleteFrom(`forms`).where(`id`,`=`,n).where(`tenant_id`,`=`,t).executeTakeFirst();return r>0}}function xr(e){return async(t,n)=>{let i=await e.selectFrom(`forms`).selectAll().where(`forms.id`,`=`,n).where(`tenant_id`,`=`,t).executeTakeFirst();if(!i)return null;let a={...i};if(typeof a.nodes==`string`)try{a.nodes=JSON.parse(a.nodes)}catch{}if(typeof a.start==`string`)try{a.start=JSON.parse(a.start)}catch{}if(typeof a.ending==`string`)try{a.ending=JSON.parse(a.ending)}catch{}return r.formSchema.parse(E(a))}}function Sr(e){return async(t,n,r)=>{let i={...r,updated_at:new Date().toISOString()};A(r,[`nodes`,`start`,`ending`],i);let{numUpdatedRows:a}=await e.updateTable(`forms`).set(i).where(`id`,`=`,n).where(`tenant_id`,`=`,t).executeTakeFirst();return a>0}}function Cr(e){return{create:vr(e),get:xr(e),list:yr(e),remove:br(e),update:Sr(e)}}function wr(e){return async(t,n)=>{let i=new Date().toISOString(),a={id:p(),...n,created_at:i,updated_at:i},o=r.resourceServerSchema.parse(a),{verificationKey:s,scopes:c,options:l,skip_consent_for_verifiable_first_party_clients:u,allow_offline_access:d,is_system:f,metadata:m,...h}=o,g={...h,tenant_id:t,scopes:c?JSON.stringify(c):`[]`,options:l?JSON.stringify(l):`{}`,skip_consent_for_verifiable_first_party_clients:+!!u,allow_offline_access:+!!d,is_system:+!!f,metadata:m?JSON.stringify(m):void 0,verification_key:s,created_at:i,updated_at:i};return await e.insertInto(`resource_servers`).values(g).execute(),E(o)}}function Tr(e){return async(t,n)=>{let r=await e.selectFrom(`resource_servers`).selectAll().where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst();if(!r)return null;let{verification_key:i,scopes:a,options:o,skip_consent_for_verifiable_first_party_clients:s,allow_offline_access:c,is_system:l,metadata:u,...d}=r,f=E({...d,scopes:a?JSON.parse(a):[],options:o?JSON.parse(o):{},skip_consent_for_verifiable_first_party_clients:!!s,allow_offline_access:!!c,is_system:l?!0:void 0,metadata:u?JSON.parse(u):void 0,verificationKey:i});return f.token_lifetime??=86400,f.token_lifetime_for_web??=7200,f}}function Er(e){return async(t,n={})=>{let{page:r=0,per_page:i=50,include_totals:a=!1,q:o}=n,s=e.selectFrom(`resource_servers`).where(`resource_servers.tenant_id`,`=`,t);if(o){let t=o.trim(),n=t.split(/\s+/),r=n.length===1?n[0]:void 0,i=r?r.match(/^(-)?(name|identifier):(.*)$/):null,a=i?i[3]:``,c=/^(>=|>|<=|<)/.test(a||``);if(i&&!c){let e=!!i[1],t=i[2]===`name`?`resource_servers.name`:`resource_servers.identifier`;s=e?s.where(t,`not like`,`%${a}%`):s.where(t,`like`,`%${a}%`)}else s=C(e,s,t,[`resource_servers.name`,`resource_servers.identifier`])}let c=(await s.offset(r*i).limit(i).selectAll().execute()).map(e=>{let{verification_key:t,scopes:n,options:r,skip_consent_for_verifiable_first_party_clients:i,allow_offline_access:a,is_system:o,metadata:s,...c}=e,l=E({...c,scopes:n?JSON.parse(n):[],options:r?JSON.parse(r):{},skip_consent_for_verifiable_first_party_clients:!!i,allow_offline_access:!!a,is_system:o?!0:void 0,metadata:s?JSON.parse(s):void 0,verificationKey:t});return l.token_lifetime??=86400,l.token_lifetime_for_web??=7200,l});if(!a)return{resource_servers:c,start:0,limit:0,length:0};let{count:l}=await s.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{resource_servers:c,start:r*i,limit:i,length:w(l)}}}function Dr(e){return async(t,n)=>{let r=await e.deleteFrom(`resource_servers`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst();return Number(r.numDeletedRows)>0}}function Or(e){return async(t,n,r)=>{let{verificationKey:i,scopes:a,options:o,skip_consent_for_verifiable_first_party_clients:s,allow_offline_access:c,is_system:l,metadata:u,...d}=r,f={...d,updated_at:new Date().toISOString()};if(i!==void 0&&(f.verification_key=i),a!==void 0&&(f.scopes=JSON.stringify(a)),o!==void 0){let r=await e.selectFrom(`resource_servers`).select(`options`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst(),i={...r?.options?JSON.parse(r.options):{},...o};f.options=JSON.stringify(i)}u!==void 0&&(f.metadata=JSON.stringify(u)),s!==void 0&&(f.skip_consent_for_verifiable_first_party_clients=+!!s),c!==void 0&&(f.allow_offline_access=+!!c),l!==void 0&&(f.is_system=+!!l);let p=await e.updateTable(`resource_servers`).set(f).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst();return Number(p.numUpdatedRows)>0}}function kr(e){return{create:wr(e),get:Tr(e),list:Er(e),remove:Dr(e),update:Or(e)}}function Ar(e){return async(t,r)=>{let i=new Date().toISOString(),a=r.id||(0,n.nanoid)(),{is_system:o,id:s,metadata:c,...l}=r,u={id:a,...l,tenant_id:t,is_system:+!!o,metadata:c?JSON.stringify(c):void 0,created_at:i,updated_at:i};return await e.insertInto(`roles`).values(u).execute(),{id:a,...l,is_system:o?!0:void 0,metadata:c,created_at:i,updated_at:i}}}function jr(e){return async(t,n)=>{let r=await e.selectFrom(`roles`).selectAll().where(`roles.tenant_id`,`=`,t).where(`roles.id`,`=`,n).executeTakeFirst();if(!r)return null;let{is_system:i,tenant_id:a,metadata:o,...s}=r;return{...s,is_system:i?!0:void 0,metadata:o?JSON.parse(o):void 0}}}function Mr(e){return async(t,n)=>{let r=e.selectFrom(`roles`).where(`roles.tenant_id`,`=`,t),{page:i=0,per_page:a=50,include_totals:o=!1}=n;n.q&&(r=C(e,r,n.q,[`name`]));let s=(await r.offset(i*a).limit(a).selectAll().execute()).map(e=>{let{is_system:t,tenant_id:n,metadata:r,...i}=e;return{...i,is_system:t?!0:void 0,metadata:r?JSON.parse(r):void 0}});if(!o)return{roles:s,start:i*a,limit:a,length:s.length};let{count:c}=await r.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow();return{roles:s,start:i*a,limit:a,length:w(c)}}}function Nr(e){return async(t,n,r)=>{let{is_system:i,metadata:a,...o}=r,s={...o,is_system:i===void 0?void 0:+!!i,metadata:a===void 0?void 0:JSON.stringify(a),updated_at:new Date().toISOString()},c=await e.updateTable(`roles`).set(s).where(`roles.tenant_id`,`=`,t).where(`roles.id`,`=`,n).executeTakeFirst();return Number(c.numUpdatedRows)>0}}function Pr(e){return async(t,n)=>{let r=await e.deleteFrom(`roles`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst();return Number(r.numDeletedRows)>0}}function Fr(e){return{create:Ar(e),get:jr(e),list:Mr(e),update:Nr(e),remove:Pr(e)}}function Ir(e){return async(t,n,r)=>{if(r.length===0)return!0;let i=new Date().toISOString();try{for(let a of r){if(a.role_id!==n)throw Error(`Permission role_id ${a.role_id} does not match expected role_id ${n}`);let r={tenant_id:t,role_id:a.role_id,resource_server_identifier:a.resource_server_identifier,permission_name:a.permission_name,created_at:i};try{await e.insertInto(`role_permissions`).values(r).execute()}catch(e){if(e.code===`SQLITE_CONSTRAINT_PRIMARYKEY`||e.code===`SQLITE_CONSTRAINT_UNIQUE`||e.code===`ER_DUP_ENTRY`)continue;throw e}}return!0}catch(e){return console.error(`Error assigning role permissions:`,e),!1}}}function Lr(e){return async(t,n,r)=>{if(r.length===0)return!0;try{return(await Promise.all(r.map(r=>e.deleteFrom(`role_permissions`).where(`tenant_id`,`=`,t).where(`role_id`,`=`,n).where(`resource_server_identifier`,`=`,r.resource_server_identifier).where(`permission_name`,`=`,r.permission_name).executeTakeFirst()))).some(e=>Number(e.numDeletedRows)>0)}catch(e){return console.error(`Error removing role permissions:`,e),!1}}}function Rr(e){return async(t,n,r={})=>{let{page:i=0,per_page:a=50,include_totals:o=!1}=r,s=e.selectFrom(`role_permissions`).leftJoin(`resource_servers`,e=>e.onRef(`role_permissions.tenant_id`,`=`,`resource_servers.tenant_id`).onRef(`role_permissions.resource_server_identifier`,`=`,`resource_servers.id`)).select([`role_permissions.role_id`,`role_permissions.resource_server_identifier`,`role_permissions.permission_name`,`role_permissions.created_at`,`resource_servers.name as resource_server_name`]).where(`role_permissions.tenant_id`,`=`,t).where(`role_permissions.role_id`,`=`,n),c=(await s.offset(i*a).limit(a).execute()).map(e=>({role_id:e.role_id,resource_server_identifier:e.resource_server_identifier,resource_server_name:e.resource_server_name||e.resource_server_identifier,permission_name:e.permission_name,description:null,created_at:e.created_at}));return o&&await s.select(e=>e.fn.countAll().as(`count`)).executeTakeFirstOrThrow(),c}}function zr(e){return{assign:Ir(e),remove:Lr(e),list:Rr(e)}}function Br(e){return async(t,n,r,i)=>{let a=new Date().toISOString();try{let o={tenant_id:t,user_id:n,resource_server_identifier:r.resource_server_identifier,permission_name:r.permission_name,organization_id:i||r.organization_id||``,created_at:a};return await e.insertInto(`user_permissions`).values(o).execute(),!0}catch(e){return e.code===`SQLITE_CONSTRAINT_PRIMARYKEY`||e.code===`SQLITE_CONSTRAINT_UNIQUE`||e.code===`SQLITE_CONSTRAINT`||e.code===`ER_DUP_ENTRY`||e.message&&e.message.includes(`UNIQUE constraint failed`)||e.message&&e.message.includes(`PRIMARY KEY constraint failed`)?!0:(console.error(`Error creating user permission:`,e),!1)}}}function Vr(e){return async(t,n,r,i)=>{try{let a=e.deleteFrom(`user_permissions`).where(`tenant_id`,`=`,t).where(`user_id`,`=`,n).where(`resource_server_identifier`,`=`,r.resource_server_identifier).where(`permission_name`,`=`,r.permission_name);return a=i===void 0?a.where(`organization_id`,`=`,``):a.where(`organization_id`,`=`,i),await a.execute(),!0}catch(e){return console.error(`Error removing user permission:`,e),!1}}}function Hr(e){return async(t,n,r,i)=>{let a=e.selectFrom(`user_permissions`).leftJoin(`resource_servers`,e=>e.onRef(`user_permissions.tenant_id`,`=`,`resource_servers.tenant_id`).onRef(`user_permissions.resource_server_identifier`,`=`,`resource_servers.id`)).select([`user_permissions.resource_server_identifier`,`user_permissions.permission_name`,`resource_servers.name as resource_server_name`,`user_permissions.user_id`,`user_permissions.created_at`,`user_permissions.organization_id`]).where(`user_permissions.tenant_id`,`=`,t).where(`user_permissions.user_id`,`=`,n);return i!==void 0&&(a=a.where(`user_permissions.organization_id`,`=`,i)),(await a.execute()).map(e=>({resource_server_identifier:e.resource_server_identifier,permission_name:e.permission_name,description:null,resource_server_name:e.resource_server_name||e.resource_server_identifier,user_id:e.user_id,created_at:e.created_at,organization_id:e.organization_id===``?void 0:e.organization_id}))}}function Ur(e){return{create:Br(e),remove:Vr(e),list:Hr(e)}}function Wr(e){let t=Ur(e);return{create:(e,n,r,i)=>t.create(e,n,r,i),remove:(e,n,r,i)=>t.remove(e,n,r,i),list:(e,n,r,i)=>t.list(e,n,r,i)}}function Gr(e){return async(t,n,r,i)=>{let a=e.selectFrom(`user_roles as ur`).innerJoin(`roles as r`,e=>e.onRef(`ur.role_id`,`=`,`r.id`).onRef(`ur.tenant_id`,`=`,`r.tenant_id`)).select([`r.id`,`r.name`,`r.description`,`r.created_at`,`r.updated_at`]).where(`ur.tenant_id`,`=`,t).where(`ur.user_id`,`=`,n);return i!==void 0&&(a=a.where(`ur.organization_id`,`=`,i)),await a.execute()}}function Kr(e){return async(t,n,r,i)=>{let a=new Date().toISOString();try{return await e.insertInto(`user_roles`).values({tenant_id:t,user_id:n,role_id:r,organization_id:i||``,created_at:a}).execute(),!0}catch(e){return e.code===`SQLITE_CONSTRAINT_PRIMARYKEY`||e.code===`SQLITE_CONSTRAINT_UNIQUE`||e.code===`SQLITE_CONSTRAINT`||e.code===`ER_DUP_ENTRY`||e.message&&e.message.includes(`UNIQUE constraint failed`)||e.message&&e.message.includes(`PRIMARY KEY constraint failed`)?!0:(console.error(`Error creating user role:`,e),!1)}}}function qr(e){return async(t,n,r,i)=>{try{let a=e.deleteFrom(`user_roles`).where(`tenant_id`,`=`,t).where(`user_id`,`=`,n).where(`role_id`,`=`,r);return a=i===void 0?a.where(`organization_id`,`=`,``):a.where(`organization_id`,`=`,i),await a.execute(),!0}catch(e){return console.error(`Error removing user roles:`,e),!1}}}function Jr(e){return{list:Gr(e),create:Kr(e),remove:qr(e)}}function Yr(e){let t=Jr(e);return{list:(e,n,r,i)=>t.list(e,n,r,i),create:(e,n,r,i)=>t.create(e,n,r,i),remove:(e,n,r,i)=>t.remove(e,n,r,i)}}function Xr(e){return async(t,n)=>{let r={...n,id:n.id||c(),tenant_id:t,created_at:new Date().toISOString(),updated_at:new Date().toISOString(),branding:JSON.stringify(n.branding||{}),metadata:JSON.stringify(n.metadata||{}),enabled_connections:JSON.stringify(n.enabled_connections||[]),token_quota:JSON.stringify(n.token_quota||{})};try{await e.insertInto(`organizations`).values(r).execute()}catch(e){throw e.code===`SQLITE_CONSTRAINT_UNIQUE`||e.code===`ER_DUP_ENTRY`||e.message.includes(`AlreadyExists`)?new T(409,{message:`Organization already exists`}):e}return{...n,id:r.id,created_at:r.created_at,updated_at:r.updated_at}}}function Zr(e){return async(t,n)=>{let r=await e.selectFrom(`organizations`).selectAll().where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst();return r||=await e.selectFrom(`organizations`).selectAll().where(`tenant_id`,`=`,t).where(`name`,`=`,n).executeTakeFirst(),r?E({...r,branding:r.branding?JSON.parse(r.branding):{},metadata:r.metadata?JSON.parse(r.metadata):{},enabled_connections:r.enabled_connections?JSON.parse(r.enabled_connections):[],token_quota:r.token_quota?JSON.parse(r.token_quota):{}}):null}}var P=[`name`,`display_name`];function Qr(e){return async(t,n)=>{let r=e.selectFrom(`organizations`).where(`tenant_id`,`=`,t);if(n?.q){let t=S(n.q,P);t&&(r=C(e,r,t,P))}if(n?.sort){let e=n.sort.sort_order===`asc`?`asc`:`desc`,t=n.sort.sort_by;r=[`name`,`display_name`,`created_at`].includes(t)?r.orderBy(t,e):r.orderBy(`created_at`,`desc`)}else r=r.orderBy(`created_at`,`desc`);let a=n?.take??n?.per_page,o=typeof a==`number`&&Number.isFinite(a)?Math.floor(a):NaN,s=o>=1?o:10,c=0;if(n?.from!==void 0){let e=parseInt(n.from,10);Number.isNaN(e)||(c=Math.max(0,e))}else typeof n?.page==`number`&&Number.isFinite(n.page)&&(c=Math.max(0,Math.floor(n.page)*s));c>0&&(r=r.offset(c)),r=r.limit(s);let l=await r.selectAll().execute(),u=l.length;if(n?.include_totals){let r=e.selectFrom(`organizations`).where(`tenant_id`,`=`,t);if(n?.q){let t=S(n.q,P);t&&(r=C(e,r,t,P))}let a=await r.select(i.sql`count(*)`.as(`count`)).executeTakeFirst();u=Number(a?.count||0)}let d=l.map(e=>E({...e,branding:e.branding?JSON.parse(e.branding):{},metadata:e.metadata?JSON.parse(e.metadata):{},enabled_connections:e.enabled_connections?JSON.parse(e.enabled_connections):[],token_quota:e.token_quota?JSON.parse(e.token_quota):{}}));return{organizations:d,start:c,limit:s,length:d.length,total:u}}}function $r(e){return async(t,n)=>(await e.deleteFrom(`organizations`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).execute()).length>0}function ei(e){return async(t,n,r)=>{let{branding:i,metadata:a,enabled_connections:o,token_quota:s,...c}=r,l={...c,updated_at:new Date().toISOString()};return A(r,[`branding`,`metadata`,`enabled_connections`,`token_quota`],l),(await e.updateTable(`organizations`).set(l).where(`tenant_id`,`=`,t).where(`id`,`=`,n).execute()).length>0}}function ti(e){return{create:Xr(e),get:Zr(e),list:Qr(e),remove:$r(e),update:ei(e)}}function F(e,t){return{connection_id:e.connection_id,assign_membership_on_login:!!e.assign_membership_on_login,show_as_button:!!e.show_as_button,is_signup_enabled:!!e.is_signup_enabled,connection:t?{name:t.name,strategy:t.strategy}:void 0,created_at:e.created_at,updated_at:e.updated_at}}async function I(e,t,n){let r=await e.selectFrom(`connections`).select([`name`,`strategy`]).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst();if(r)return{name:r.name,strategy:typeof r.strategy==`string`?r.strategy:void 0}}function ni(e){return{async create(t,n,r){let i=new Date().toISOString(),a={tenant_id:t,organization_id:n,connection_id:r.connection_id,assign_membership_on_login:+!!r.assign_membership_on_login,show_as_button:r.show_as_button===!1?0:1,is_signup_enabled:r.is_signup_enabled===!1?0:1,created_at:i,updated_at:i};return await e.insertInto(`organization_connections`).values(a).execute(),F(a,await I(e,t,r.connection_id))},async list(t,n){let r=await e.selectFrom(`organization_connections`).selectAll().where(`tenant_id`,`=`,t).where(`organization_id`,`=`,n).execute(),i=[];for(let n of r){let r=await I(e,t,n.connection_id);i.push(F(n,r))}return i},async get(t,n,r){let i=await e.selectFrom(`organization_connections`).selectAll().where(`tenant_id`,`=`,t).where(`organization_id`,`=`,n).where(`connection_id`,`=`,r).executeTakeFirst();return i?F(i,await I(e,t,r)):null},async update(t,n,r,i){let a={updated_at:new Date().toISOString()};i.assign_membership_on_login!==void 0&&(a.assign_membership_on_login=+!!i.assign_membership_on_login),i.show_as_button!==void 0&&(a.show_as_button=+!!i.show_as_button),i.is_signup_enabled!==void 0&&(a.is_signup_enabled=+!!i.is_signup_enabled);let o=await e.updateTable(`organization_connections`).set(a).where(`tenant_id`,`=`,t).where(`organization_id`,`=`,n).where(`connection_id`,`=`,r).executeTakeFirst();if(Number(o.numUpdatedRows??0)===0)return null;let s=await e.selectFrom(`organization_connections`).selectAll().where(`tenant_id`,`=`,t).where(`organization_id`,`=`,n).where(`connection_id`,`=`,r).executeTakeFirst();return s?F(s,await I(e,t,r)):null},async remove(t,n,r){let i=await e.deleteFrom(`organization_connections`).where(`tenant_id`,`=`,t).where(`organization_id`,`=`,n).where(`connection_id`,`=`,r).executeTakeFirst();return Number(i.numDeletedRows??0)>0}}}function ri(e){return async(t,r)=>{let i={id:(0,n.nanoid)(),tenant_id:t,user_id:r.user_id,organization_id:r.organization_id,created_at:new Date().toISOString(),updated_at:new Date().toISOString()};try{await e.insertInto(`user_organizations`).values(i).execute()}catch(e){throw e.code===`SQLITE_CONSTRAINT_UNIQUE`||e.code===`ER_DUP_ENTRY`?new T(409,{message:`User is already a member of this organization`}):e}return{...i}}}function ii(e){return async(t,n)=>{let r=await e.selectFrom(`user_organizations`).selectAll().where(`id`,`=`,n).where(`tenant_id`,`=`,t).executeTakeFirst();return r?{id:r.id,user_id:r.user_id,organization_id:r.organization_id,created_at:r.created_at,updated_at:r.updated_at}:null}}function ai(e){return async(t,n)=>{let r=n?.page||0,i=n?.per_page||50,a=r*i,o=e.selectFrom(`user_organizations`).selectAll().where(`tenant_id`,`=`,t);if(n?.q){if(n.q.startsWith(`user_id:`)){let e=n.q.replace(`user_id:`,``);o=o.where(`user_id`,`=`,e)}else if(n.q.startsWith(`organization_id:`)){let e=n.q.replace(`organization_id:`,``);o=o.where(`organization_id`,`=`,e)}}o=o.orderBy(`created_at`,`desc`),i>0&&(o=o.limit(i).offset(a));let s=await o.execute(),c=e.selectFrom(`user_organizations`).select(e.fn.count(`id`).as(`count`)).where(`tenant_id`,`=`,t);if(n?.q){if(n.q.startsWith(`user_id:`)){let e=n.q.replace(`user_id:`,``);c=c.where(`user_id`,`=`,e)}else if(n.q.startsWith(`organization_id:`)){let e=n.q.replace(`organization_id:`,``);c=c.where(`organization_id`,`=`,e)}}let l=await c.executeTakeFirst();return{userOrganizations:s.map(e=>({id:e.id,user_id:e.user_id,organization_id:e.organization_id,created_at:e.created_at,updated_at:e.updated_at})),start:a,limit:i,length:Number(l?.count||0)}}}function oi(e){return async(t,n,r)=>{let i=r?.page||0,a=r?.per_page||50,o=i*a,s=e.selectFrom(`user_organizations`).innerJoin(`organizations`,e=>e.onRef(`organizations.id`,`=`,`user_organizations.organization_id`).on(`organizations.tenant_id`,`=`,t)).select([`organizations.id`,`organizations.name`,`organizations.display_name`,`organizations.branding`,`organizations.metadata`,`organizations.enabled_connections`,`organizations.token_quota`,`organizations.created_at`,`organizations.updated_at`,`user_organizations.created_at as joined_at`]).where(`user_organizations.tenant_id`,`=`,t).where(`user_organizations.user_id`,`=`,n);s=s.orderBy(`user_organizations.created_at`,`desc`),a>0&&(s=s.limit(a).offset(o));let c=await s.execute(),l=await e.selectFrom(`user_organizations`).innerJoin(`organizations`,e=>e.onRef(`organizations.id`,`=`,`user_organizations.organization_id`).on(`organizations.tenant_id`,`=`,t)).select(e.fn.count(`user_organizations.id`).as(`count`)).where(`user_organizations.tenant_id`,`=`,t).where(`user_organizations.user_id`,`=`,n).executeTakeFirst();return{organizations:c.map(e=>({id:e.id,name:e.name,display_name:e.display_name,branding:e.branding?JSON.parse(e.branding):void 0,metadata:e.metadata?JSON.parse(e.metadata):{},enabled_connections:e.enabled_connections?JSON.parse(e.enabled_connections):[],token_quota:e.token_quota?JSON.parse(e.token_quota):void 0,created_at:e.created_at,updated_at:e.updated_at,joined_at:e.joined_at})),start:o,limit:a,length:Number(l?.count||0)}}}function si(e){return async(t,n)=>(await e.deleteFrom(`user_organizations`).where(`id`,`=`,n).where(`tenant_id`,`=`,t).execute()).length>0}function ci(e){return async(t,n,r)=>{let i={...r,updated_at:new Date().toISOString()};return(await e.updateTable(`user_organizations`).set(i).where(`id`,`=`,n).where(`tenant_id`,`=`,t).execute()).length>0}}function li(e){return{create:ri(e),get:ii(e),list:ai(e),listUserOrganizations:oi(e),remove:si(e),update:ci(e)}}function ui(e){return async(t,n)=>{let r=n.id||h(),i=new Date().toISOString(),a=n.ttl_sec||604800,o=new Date(Date.now()+a*1e3).toISOString(),s=A({id:r,tenant_id:t,organization_id:n.organization_id,inviter:n.inviter||{},invitee:n.invitee||{},client_id:n.client_id,connection_id:n.connection_id||null,invitation_url:n.invitation_url,created_at:i,expires_at:o,app_metadata:n.app_metadata||{},user_metadata:n.user_metadata||{},roles:n.roles||[],ticket_id:null,ttl_sec:a,send_invitation_email:n.send_invitation_email??!0?1:0},[`inviter`,`invitee`,`app_metadata`,`user_metadata`,`roles`]);try{await e.insertInto(`invites`).values(s).execute()}catch(e){throw e.code===`SQLITE_CONSTRAINT_UNIQUE`||e.code===`ER_DUP_ENTRY`||e.message.includes(`AlreadyExists`)?new T(409,{message:`Invite already exists`}):e}return{id:r,organization_id:s.organization_id,inviter:n.inviter,invitee:n.invitee,client_id:n.client_id,connection_id:n.connection_id,invitation_url:n.invitation_url,created_at:i,expires_at:o,app_metadata:n.app_metadata||{},user_metadata:n.user_metadata||{},roles:n.roles||[],ticket_id:s.ticket_id||void 0,ttl_sec:a,send_invitation_email:n.send_invitation_email??!0}}}function di(e){return async(t,n)=>{let r=await e.selectFrom(`invites`).selectAll().where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst();return r?E({...Oe(r,{inviter:{},invitee:{},app_metadata:{},user_metadata:{},roles:[]}),send_invitation_email:r.send_invitation_email===1}):null}}function fi(e){return async(t,n)=>{let r=e.selectFrom(`invites`).selectAll().where(`tenant_id`,`=`,t).orderBy(`created_at`,`desc`);if(n?.per_page&&(r=r.limit(n.per_page)),n?.page){let e=(n.page-1)*(n.per_page||10);r=r.offset(e)}let i=(await r.execute()).map(e=>E({...Oe(e,{inviter:{},invitee:{},app_metadata:{},user_metadata:{},roles:[]}),send_invitation_email:e.send_invitation_email===1}));return{invites:i,start:n?.page?(n.page-1)*(n.per_page||10):0,limit:n?.per_page||i.length,length:i.length}}}function pi(e){return async(t,n)=>(await e.deleteFrom(`invites`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst()).numDeletedRows>0n}function mi(e){return async(t,n,r)=>{let i={};return r.inviter!==void 0&&(i.inviter=JSON.stringify(r.inviter)),r.invitee!==void 0&&(i.invitee=JSON.stringify(r.invitee)),r.client_id!==void 0&&(i.client_id=r.client_id),r.connection_id!==void 0&&(i.connection_id=r.connection_id),r.app_metadata!==void 0&&(i.app_metadata=JSON.stringify(r.app_metadata)),r.user_metadata!==void 0&&(i.user_metadata=JSON.stringify(r.user_metadata)),r.roles!==void 0&&(i.roles=JSON.stringify(r.roles)),r.ttl_sec!==void 0&&(i.ttl_sec=r.ttl_sec,i.expires_at=new Date(Date.now()+r.ttl_sec*1e3).toISOString()),r.send_invitation_email!==void 0&&(i.send_invitation_email=+!!r.send_invitation_email),Object.keys(i).length===0?!0:(await e.updateTable(`invites`).set(i).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst()).numUpdatedRows>0n}}function hi(e){return{create:ui(e),get:di(e),list:fi(e),remove:pi(e),update:mi(e)}}var gi=[`s`],_i=[`pwd_leak`];function vi(e){return/^\d{8}$/.test(e)?`${e.slice(0,4)}-${e.slice(4,6)}-${e.slice(6,8)}`:e}function yi(e){return e.toISOString().split(`T`)[0]}function bi(e){return{async getDaily(t,n={}){let{from:r,to:a}=n,o=new Date,s=new Date(o);s.setDate(s.getDate()-30);let c=r?vi(r):yi(s),l=a?vi(a):yi(o),u=i.sql`DATE(logs.date)`;return(await e.selectFrom(`logs`).where(`tenant_id`,`=`,t).where(u,`>=`,c).where(u,`<=`,l).select(e=>[u.as(`date`),e.fn.sum(e.case().when(`type`,`in`,gi).then(1).else(0).end()).as(`logins`),e.fn.sum(e.case().when(`type`,`=`,`ss`).then(1).else(0).end()).as(`signups`),e.fn.sum(e.case().when(`type`,`in`,_i).then(1).else(0).end()).as(`leaked_passwords`),e.fn.min(`date`).as(`first_event`),e.fn.max(`date`).as(`last_event`)]).groupBy(u).orderBy(`date`,`asc`).execute()).map(e=>({date:e.date,logins:Number(e.logins)||0,signups:Number(e.signups)||0,leaked_passwords:Number(e.leaked_passwords)||0,created_at:e.first_event||new Date().toISOString(),updated_at:e.last_event||new Date().toISOString()}))},async getActiveUsers(t){let n=new Date;return n.setDate(n.getDate()-30),(await e.selectFrom(`logs`).where(`tenant_id`,`=`,t).where(`date`,`>=`,n.toISOString()).where(`type`,`in`,gi).where(`user_id`,`is not`,null).select(e=>e.fn.count(`user_id`).distinct().as(`count`)).executeTakeFirstOrThrow()).count||0}}}var xi={"active-users":[`s`,`seacft`],logins:[`s`,`f`,`fp`],signups:[`ss`,`fs`],"refresh-tokens":[`seacft`,`fertft`],sessions:[`slo`]},Si={"active-users":{alias:`active_users`,type:`UInt64`,agg:`uniq`},logins:{alias:`logins`,type:`UInt64`,agg:`count`},signups:{alias:`signups`,type:`UInt64`,agg:`count`},"refresh-tokens":{alias:`refresh_tokens`,type:`UInt64`,agg:`count`},sessions:{alias:`sessions`,type:`UInt64`,agg:`count`}};async function Ci(e){try{return await i.sql`SELECT @@version_comment`.execute(e),`mysql`}catch{return`sqlite`}}function L(e,t){let n=new Intl.DateTimeFormat(`en-US`,{timeZone:e,year:`numeric`,month:`2-digit`,day:`2-digit`,hour:`2-digit`,minute:`2-digit`,second:`2-digit`,hour12:!1}),r={};for(let e of n.formatToParts(t))r[e.type]=e.value;let i=r.hour===`24`?`00`:r.hour,a=Date.UTC(Number(r.year),Number(r.month)-1,Number(r.day),Number(i),Number(r.minute),Number(r.second)),o=Math.round((a-t.getTime())/6e4),s=o>=0?`+`:`-`,c=Math.abs(o);return`${s}${String(Math.floor(c/60)).padStart(2,`0`)}:${String(c%60).padStart(2,`0`)}`}var wi=[`January`,`February`,`March`,`April`,`May`,`June`,`July`,`August`,`September`,`October`,`November`,`December`];function Ti(e,t){let n=t.getUTCFullYear(),r=L(e,new Date(Date.UTC(n,0,1)));for(let t=1;t<12;t++){let i=L(e,new Date(Date.UTC(n,t,1)));if(i!==r)throw Error(`Timezone '${e}' is DST-varying (offset ${r} in January vs ${i} in ${wi[t]}) and cannot be bucketed with a single fixed offset by the SQL analytics adapter. Use a fixed-offset zone (e.g. 'UTC' or '+02:00').`)}}function Ei(e){let t=e.startsWith(`-`)?-1:1,[n,r]=e.slice(1).split(`:`);return t*(Number(n)*60+Number(r))}function Di(e,t){let n;if(t===`+00:00`)n=i.sql`${i.sql.ref(`logs.date`)}`;else{let e=Ei(t),r=`${e>=0?`+`:`-`}${Math.abs(e)} minutes`;n=i.sql`datetime(${i.sql.ref(`logs.date`)}, ${r})`}switch(e){case`hour`:return i.sql`substr(${n}, 1, 13)`;case`month`:return i.sql`substr(${n}, 1, 7)`;case`day`:return i.sql`substr(${n}, 1, 10)`;case`week`:return i.sql`date(substr(${n}, 1, 10), '-' || ((cast(strftime('%w', substr(${n}, 1, 10)) as integer) + 6) % 7) || ' days')`;default:throw Error(`Unsupported interval '${e}' for SQL analytics adapter`)}}function Oi(e,t){if(t===`+00:00`)switch(e){case`hour`:return i.sql`substring(${i.sql.ref(`logs.date`)}, 1, 13)`;case`day`:return i.sql`substring(${i.sql.ref(`logs.date`)}, 1, 10)`;case`month`:return i.sql`substring(${i.sql.ref(`logs.date`)}, 1, 7)`;case`week`:{let e=i.sql`str_to_date(substring(${i.sql.ref(`logs.date`)}, 1, 10), '%Y-%m-%d')`;return i.sql`date_format(date_sub(${e}, interval weekday(${e}) day), '%Y-%m-%d')`}default:throw Error(`Unsupported interval '${e}' for SQL analytics adapter`)}let n=Ei(t),r=i.sql`date_add(str_to_date(substring(${i.sql.ref(`logs.date`)}, 1, 19), '%Y-%m-%dT%H:%i:%s'), interval ${i.sql.lit(n)} minute)`;switch(e){case`hour`:return i.sql`date_format(${r}, '%Y-%m-%dT%H')`;case`day`:return i.sql`date_format(${r}, '%Y-%m-%d')`;case`month`:return i.sql`date_format(${r}, '%Y-%m')`;case`week`:return i.sql`date_format(date_sub(${r}, interval weekday(${r}) day), '%Y-%m-%d')`;default:throw Error(`Unsupported interval '${e}' for SQL analytics adapter`)}}function ki(e,t,n,r){Ti(t,n);let i=L(t,n);return r===`mysql`?Oi(e,i):Di(e,i)}function Ai(e){switch(e){case`connection`:return`logs.connection`;case`client_id`:return`logs.client_id`;case`user_type`:return`logs.strategy_type`;case`event`:return`logs.type`;case`time`:throw Error(`time dimension is handled separately`)}}function ji(e){let t=null,n=()=>(t||=Ci(e),t);return{async query(t,r,a){let o=Date.now(),s=xi[r],c=Si[r],l=await n(),u=[],d=e.selectFrom(`logs`).where(`tenant_id`,`=`,t);d=d.where(`date`,`>=`,a.from).where(`date`,`<`,a.to),d=d.where(`type`,`in`,s),a.filters.connection?.length&&(d=d.where(`connection`,`in`,a.filters.connection)),a.filters.client_id?.length&&(d=d.where(`client_id`,`in`,a.filters.client_id)),a.filters.user_type?.length&&(d=d.where(`strategy_type`,`in`,a.filters.user_type)),a.filters.user_id?.length&&(d=d.where(`user_id`,`in`,a.filters.user_id));let f=[],p=[];for(let e of a.group_by)if(e===`time`){let e=ki(a.interval,a.tz,new Date(a.from),l);p.push({alias:`time`,expr:e}),f.push(e),u.push({name:`time`,type:a.interval===`hour`?`DateTime`:`Date`})}else{let t=Ai(e);p.push({alias:e,expr:i.sql`${i.sql.ref(t)}`}),f.push(i.sql`${i.sql.ref(t)}`),u.push({name:e,type:`String`})}let m=c.agg===`uniq`?i.sql`COUNT(DISTINCT ${i.sql.ref(`logs.user_id`)})`:i.sql`COUNT(*)`;p.push({alias:c.alias,expr:m}),u.push({name:c.alias,type:c.type});let h=d.select(p.map(({alias:e,expr:t})=>t.as(e)));if(f.length>0&&(h=h.groupBy(f)),a.order_by){let e=a.order_by.startsWith(`-`),t=e?a.order_by.slice(1):a.order_by;h=h.orderBy(t,e?`desc`:`asc`)}else h=a.group_by.length>0&&a.group_by[0]===`time`?h.orderBy(`time`,`asc`):h.orderBy(c.alias,`desc`);h=h.limit(a.limit).offset(a.offset);let g=(await h.execute()).map(e=>{let t={};for(let n of u){let r=e[n.name];t[n.name]=n.type===`UInt64`?Number(r)||0:r??``}return t});return{meta:u,data:g,rows:g.length,rows_before_limit_at_least:g.length,statistics:{elapsed:(Date.now()-o)/1e3}}}}}function Mi(e){return{async get(t,n,r){let i=await e.selectFrom(`custom_text`).selectAll().where(`tenant_id`,`=`,t).where(`prompt`,`=`,n).where(`language`,`=`,r).executeTakeFirst();if(!i)return null;try{return JSON.parse(i.custom_text)}catch{return null}},async set(t,n,r,i){let a=Date.now(),o=JSON.stringify(i);await e.selectFrom(`custom_text`).select(`tenant_id`).where(`tenant_id`,`=`,t).where(`prompt`,`=`,n).where(`language`,`=`,r).executeTakeFirst()?await e.updateTable(`custom_text`).set({custom_text:o,updated_at_ts:a}).where(`tenant_id`,`=`,t).where(`prompt`,`=`,n).where(`language`,`=`,r).execute():await e.insertInto(`custom_text`).values({tenant_id:t,prompt:n,language:r,custom_text:o,created_at_ts:a,updated_at_ts:a}).execute()},async delete(t,n,r){await e.deleteFrom(`custom_text`).where(`tenant_id`,`=`,t).where(`prompt`,`=`,n).where(`language`,`=`,r).execute()},async list(t){return(await e.selectFrom(`custom_text`).select([`prompt`,`language`]).where(`tenant_id`,`=`,t).execute()).map(e=>({prompt:e.prompt,language:e.language}))}}}function Ni(e){return async(t,n)=>{let r=Date.now(),i=Bn();return await e.insertInto(`authentication_methods`).values({id:i,tenant_id:t,user_id:n.user_id,type:n.type,phone_number:n.phone_number,totp_secret:n.totp_secret,credential_id:n.credential_id,public_key:n.public_key,sign_count:n.sign_count,credential_backed_up:n.credential_backed_up==null?void 0:+!!n.credential_backed_up,transports:n.transports?JSON.stringify(n.transports):void 0,friendly_name:n.friendly_name,confirmed:+!!n.confirmed,created_at_ts:r,updated_at_ts:r}).execute(),{id:i,user_id:n.user_id,type:n.type,phone_number:n.phone_number,totp_secret:n.totp_secret,credential_id:n.credential_id,public_key:n.public_key,sign_count:n.sign_count,credential_backed_up:n.credential_backed_up,transports:n.transports,friendly_name:n.friendly_name,confirmed:n.confirmed??!1,created_at:new Date(r).toISOString(),updated_at:new Date(r).toISOString()}}}function Pi(e){return async(t,n)=>{let r=await e.selectFrom(`authentication_methods`).where(`authentication_methods.tenant_id`,`=`,t).where(`authentication_methods.id`,`=`,n).selectAll().executeTakeFirst();return r?{id:r.id,user_id:r.user_id,type:r.type,phone_number:r.phone_number??void 0,totp_secret:r.totp_secret??void 0,credential_id:r.credential_id??void 0,public_key:r.public_key??void 0,sign_count:r.sign_count??void 0,credential_backed_up:r.credential_backed_up==null?void 0:r.credential_backed_up===1,transports:r.transports?JSON.parse(r.transports):void 0,friendly_name:r.friendly_name??void 0,confirmed:r.confirmed===1,created_at:v(r.created_at_ts),updated_at:v(r.updated_at_ts)}:null}}function Fi(e){return async(t,n)=>{let r=await e.selectFrom(`authentication_methods`).where(`authentication_methods.tenant_id`,`=`,t).where(`authentication_methods.credential_id`,`=`,n).selectAll().executeTakeFirst();return r?{id:r.id,user_id:r.user_id,type:r.type,phone_number:r.phone_number??void 0,totp_secret:r.totp_secret??void 0,credential_id:r.credential_id??void 0,public_key:r.public_key??void 0,sign_count:r.sign_count??void 0,credential_backed_up:r.credential_backed_up==null?void 0:r.credential_backed_up===1,transports:r.transports?JSON.parse(r.transports):void 0,friendly_name:r.friendly_name??void 0,confirmed:r.confirmed===1,created_at:v(r.created_at_ts),updated_at:v(r.updated_at_ts)}:null}}function Ii(e){return async(t,n)=>(await e.selectFrom(`authentication_methods`).where(`authentication_methods.tenant_id`,`=`,t).where(`authentication_methods.user_id`,`=`,n).selectAll().execute()).map(e=>({id:e.id,user_id:e.user_id,type:e.type,phone_number:e.phone_number??void 0,totp_secret:e.totp_secret??void 0,credential_id:e.credential_id??void 0,public_key:e.public_key??void 0,sign_count:e.sign_count??void 0,credential_backed_up:e.credential_backed_up==null?void 0:e.credential_backed_up===1,transports:e.transports?JSON.parse(e.transports):void 0,friendly_name:e.friendly_name??void 0,confirmed:e.confirmed===1,created_at:v(e.created_at_ts),updated_at:v(e.updated_at_ts)}))}function Li(e){return async(t,n,r)=>{let i={updated_at_ts:Date.now()};r.phone_number!==void 0&&(i.phone_number=r.phone_number),r.totp_secret!==void 0&&(i.totp_secret=r.totp_secret),r.credential_id!==void 0&&(i.credential_id=r.credential_id),r.public_key!==void 0&&(i.public_key=r.public_key),r.sign_count!==void 0&&(i.sign_count=r.sign_count),r.credential_backed_up!==void 0&&(i.credential_backed_up=+!!r.credential_backed_up),r.transports!==void 0&&(i.transports=JSON.stringify(r.transports)),r.friendly_name!==void 0&&(i.friendly_name=r.friendly_name),r.confirmed!==void 0&&(i.confirmed=+!!r.confirmed),await e.updateTable(`authentication_methods`).set(i).where(`authentication_methods.tenant_id`,`=`,t).where(`authentication_methods.id`,`=`,n).execute();let a=await Pi(e)(t,n);if(!a)throw Error(`Authentication method ${n} not found`);return a}}function Ri(e){return async(t,n)=>(await e.deleteFrom(`authentication_methods`).where(`authentication_methods.tenant_id`,`=`,t).where(`authentication_methods.id`,`=`,n).executeTakeFirst()).numDeletedRows>0}function zi(e){return{create:Ni(e),get:Pi(e),getByCredentialId:Fi(e),list:Ii(e),update:Li(e),remove:Ri(e)}}function Bi(e){return async(t,r)=>{let i=(0,n.nanoid)();return await e.insertInto(`outbox_events`).values({id:i,tenant_id:t,event_type:r.event_type,log_type:r.log_type,aggregate_type:r.target.type,aggregate_id:r.target.id,payload:JSON.stringify({...r,id:i}),created_at:new Date().toISOString(),processed_at:null,retry_count:0,next_retry_at:null,error:null}).execute(),i}}function Vi(e){return async t=>t.length===0?[]:(await e.selectFrom(`outbox_events`).selectAll().where(`id`,`in`,t).execute()).map(e=>({...JSON.parse(e.payload),id:e.id,created_at:e.created_at,processed_at:e.processed_at,retry_count:e.retry_count,next_retry_at:e.next_retry_at,error:e.error}))}function Hi(e){return async t=>{let n=new Date().toISOString();return(await e.selectFrom(`outbox_events`).selectAll().where(`processed_at`,`is`,null).where(e=>e.or([e(`next_retry_at`,`is`,null),e(`next_retry_at`,`<=`,n)])).where(e=>e.or([e(`claimed_by`,`is`,null),e(`claim_expires_at`,`<=`,n)])).orderBy(`created_at`,`asc`).orderBy(`id`,`asc`).limit(t).execute()).map(e=>({...JSON.parse(e.payload),id:e.id,created_at:e.created_at,processed_at:e.processed_at,retry_count:e.retry_count,next_retry_at:e.next_retry_at,error:e.error}))}}function Ui(e){return async(t,n,r)=>{if(t.length===0)return[];let i=new Date().toISOString(),a=new Date(Date.now()+r).toISOString();return await e.updateTable(`outbox_events`).set({claimed_by:n,claim_expires_at:a}).where(`id`,`in`,t).where(`processed_at`,`is`,null).where(e=>e.or([e(`claimed_by`,`is`,null),e(`claim_expires_at`,`<=`,i)])).execute(),(await e.selectFrom(`outbox_events`).select(`id`).where(`id`,`in`,t).where(`claimed_by`,`=`,n).where(`claim_expires_at`,`=`,a).execute()).map(e=>e.id)}}function Wi(e){return async t=>{if(t.length===0)return;let n=new Date().toISOString();await e.updateTable(`outbox_events`).set({processed_at:n}).where(`id`,`in`,t).execute()}}function Gi(e){return async(t,n,r)=>{await e.updateTable(`outbox_events`).set({error:n,next_retry_at:r,retry_count:i.sql`retry_count + 1`,claimed_by:null,claim_expires_at:null}).where(`id`,`=`,t).execute()}}function Ki(e){return async(t,n)=>{let r=new Date().toISOString();await e.updateTable(`outbox_events`).set({processed_at:r,dead_lettered_at:r,final_error:n}).where(`id`,`=`,t).execute()}}function qi(e){return async(t,n={})=>{let{page:r=0,per_page:i=50,include_totals:a=!1}=n,o=(await e.selectFrom(`outbox_events`).selectAll().where(`tenant_id`,`=`,t).where(`dead_lettered_at`,`is not`,null).orderBy(`dead_lettered_at`,`desc`).orderBy(`id`,`asc`).offset(r*i).limit(i).execute()).flatMap(e=>{let t;try{t=JSON.parse(e.payload)}catch(t){return console.error(`Failed to parse outbox payload for event ${e.id}`,t),[]}return[{...t,id:e.id,created_at:e.created_at,processed_at:e.processed_at,retry_count:e.retry_count,next_retry_at:e.next_retry_at,error:e.error,dead_lettered_at:e.dead_lettered_at,final_error:e.final_error}]}),s=o.length;if(a){let[n]=await e.selectFrom(`outbox_events`).select(e=>e.fn.countAll().as(`total`)).where(`tenant_id`,`=`,t).where(`dead_lettered_at`,`is not`,null).execute();s=Number(n?.total??o.length)}return{events:o,start:r*i,limit:i,length:s}}}function Ji(e){return async(t,n)=>{let r=await e.updateTable(`outbox_events`).set({processed_at:null,dead_lettered_at:null,final_error:null,retry_count:0,next_retry_at:null,error:null}).where(`id`,`=`,t).where(`tenant_id`,`=`,n).where(`dead_lettered_at`,`is not`,null).executeTakeFirst();return Number(r.numUpdatedRows)>0}}function Yi(e){return async t=>{let n=await e.deleteFrom(`outbox_events`).where(`processed_at`,`is not`,null).where(`processed_at`,`<`,t).executeTakeFirst();return Number(n.numDeletedRows)}}function Xi(e){return{create:Bi(e),getByIds:Vi(e),getUnprocessed:Hi(e),claimEvents:Ui(e),markProcessed:Wi(e),markRetry:Gi(e),deadLetter:Ki(e),listFailed:qi(e),replay:Ji(e),cleanup:Yi(e)}}function R(e){return{id:e.id,name:e.name,type:e.type,status:e.status,sink:JSON.parse(e.sink),filters:e.filters?JSON.parse(e.filters):void 0,isPriority:e.is_priority==null?void 0:e.is_priority===1,created_at:e.created_at,updated_at:e.updated_at}}function Zi(e){return{async create(t,r){let i=new Date().toISOString(),a={id:`lst_${(0,n.nanoid)()}`,tenant_id:t,name:r.name,type:r.type,status:r.status??`active`,sink:JSON.stringify(r.sink),filters:r.filters?JSON.stringify(r.filters):null,is_priority:r.isPriority===void 0?null:+!!r.isPriority,created_at:i,updated_at:i};return await e.insertInto(`log_streams`).values(a).execute(),R(a)},async get(t,n){let r=await e.selectFrom(`log_streams`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).selectAll().executeTakeFirst();return r?R(r):null},async list(t){return(await e.selectFrom(`log_streams`).where(`tenant_id`,`=`,t).selectAll().execute()).map(R)},async update(t,n,r){let i={updated_at:new Date().toISOString()};return r.name!==void 0&&(i.name=r.name),r.type!==void 0&&(i.type=r.type),r.status!==void 0&&(i.status=r.status),r.sink!==void 0&&(i.sink=JSON.stringify(r.sink)),r.filters!==void 0&&(i.filters=r.filters?JSON.stringify(r.filters):null),r.isPriority!==void 0&&(i.is_priority=+!!r.isPriority),((await e.updateTable(`log_streams`).set(i).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst())?.numUpdatedRows??0n)>0n},async remove(t,n){return((await e.deleteFrom(`log_streams`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst())?.numDeletedRows??0n)>0n}}}function z(e){return{id:e.id,name:e.name,provider:r.migrationProviderTypeSchema.parse(e.provider),connection:e.connection,enabled:e.enabled===1,credentials:JSON.parse(e.credentials),created_at:e.created_at,updated_at:e.updated_at}}function Qi(e){return{async create(t,r){let i=new Date().toISOString(),a=r.id??`mig_${(0,n.nanoid)()}`,o=r.enabled??!0,s={id:a,tenant_id:t,name:r.name,provider:r.provider,connection:r.connection,enabled:+!!o,credentials:JSON.stringify(r.credentials),created_at:i,updated_at:i};return await e.insertInto(`migration_sources`).values(s).execute(),z(s)},async get(t,n){let r=await e.selectFrom(`migration_sources`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).selectAll().executeTakeFirst();return r?z(r):null},async list(t){return(await e.selectFrom(`migration_sources`).where(`tenant_id`,`=`,t).selectAll().execute()).map(z)},async update(t,n,r){let i={updated_at:new Date().toISOString()};return r.name!==void 0&&(i.name=r.name),r.provider!==void 0&&(i.provider=r.provider),r.connection!==void 0&&(i.connection=r.connection),r.enabled!==void 0&&(i.enabled=+!!r.enabled),r.credentials!==void 0&&(i.credentials=JSON.stringify(r.credentials)),((await e.updateTable(`migration_sources`).set(i).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst())?.numUpdatedRows??0n)>0n},async remove(t,n){return((await e.deleteFrom(`migration_sources`).where(`tenant_id`,`=`,t).where(`id`,`=`,n).executeTakeFirst())?.numDeletedRows??0n)>0n}}}function $i(e){return typeof e==`string`}function ea(e){return typeof e==`object`&&!!e}function ta(e){return e[e.length-1]}function B(e){return Object.freeze(e)}var na=class{transformQuery(e){return e.node}async transformResult(e){return e.result}},ra=B({is(e){return e.kind===`AliasNode`},create(e,t){return B({kind:`AliasNode`,node:e,alias:t})}}),V=B({is(e){return e.kind===`IdentifierNode`},create(e){return B({kind:`IdentifierNode`,name:e})}}),ia=B({is(e){return e.kind===`AndNode`},create(e,t){return B({kind:`AndNode`,left:e,right:t})}}),aa=B({is(e){return e.kind===`OrNode`},create(e,t){return B({kind:`OrNode`,left:e,right:t})}}),H=B({is(e){return e.kind===`OnNode`},create(e){return B({kind:`OnNode`,on:e})},cloneWithOperation(e,t,n){return B({...e,on:t===`And`?ia.create(e.on,n):aa.create(e.on,n)})}}),oa=B({is(e){return e.kind===`JoinNode`},create(e,t){return B({kind:`JoinNode`,joinType:e,table:t,on:void 0})},createWithOn(e,t,n){return B({kind:`JoinNode`,joinType:e,table:t,on:H.create(n)})},cloneWithOn(e,t){return B({...e,on:e.on?H.cloneWithOperation(e.on,`And`,t):H.create(t)})}}),sa=B({is(e){return e.kind===`ListNode`},create(e){return B({kind:`ListNode`,items:B(e)})}}),ca=class{nodeStack=[];#e=B({AliasNode:this.transformAlias.bind(this),ColumnNode:this.transformColumn.bind(this),IdentifierNode:this.transformIdentifier.bind(this),SchemableIdentifierNode:this.transformSchemableIdentifier.bind(this),RawNode:this.transformRaw.bind(this),ReferenceNode:this.transformReference.bind(this),SelectQueryNode:this.transformSelectQuery.bind(this),SelectionNode:this.transformSelection.bind(this),TableNode:this.transformTable.bind(this),FromNode:this.transformFrom.bind(this),SelectAllNode:this.transformSelectAll.bind(this),AndNode:this.transformAnd.bind(this),OrNode:this.transformOr.bind(this),ValueNode:this.transformValue.bind(this),ValueListNode:this.transformValueList.bind(this),PrimitiveValueListNode:this.transformPrimitiveValueList.bind(this),ParensNode:this.transformParens.bind(this),JoinNode:this.transformJoin.bind(this),OperatorNode:this.transformOperator.bind(this),WhereNode:this.transformWhere.bind(this),InsertQueryNode:this.transformInsertQuery.bind(this),DeleteQueryNode:this.transformDeleteQuery.bind(this),ReturningNode:this.transformReturning.bind(this),CreateTableNode:this.transformCreateTable.bind(this),AddColumnNode:this.transformAddColumn.bind(this),ColumnDefinitionNode:this.transformColumnDefinition.bind(this),DropTableNode:this.transformDropTable.bind(this),DataTypeNode:this.transformDataType.bind(this),OrderByNode:this.transformOrderBy.bind(this),OrderByItemNode:this.transformOrderByItem.bind(this),GroupByNode:this.transformGroupBy.bind(this),GroupByItemNode:this.transformGroupByItem.bind(this),UpdateQueryNode:this.transformUpdateQuery.bind(this),ColumnUpdateNode:this.transformColumnUpdate.bind(this),LimitNode:this.transformLimit.bind(this),OffsetNode:this.transformOffset.bind(this),OnConflictNode:this.transformOnConflict.bind(this),OnDuplicateKeyNode:this.transformOnDuplicateKey.bind(this),CreateIndexNode:this.transformCreateIndex.bind(this),DropIndexNode:this.transformDropIndex.bind(this),ListNode:this.transformList.bind(this),PrimaryKeyConstraintNode:this.transformPrimaryKeyConstraint.bind(this),UniqueConstraintNode:this.transformUniqueConstraint.bind(this),ReferencesNode:this.transformReferences.bind(this),CheckConstraintNode:this.transformCheckConstraint.bind(this),WithNode:this.transformWith.bind(this),CommonTableExpressionNode:this.transformCommonTableExpression.bind(this),CommonTableExpressionNameNode:this.transformCommonTableExpressionName.bind(this),HavingNode:this.transformHaving.bind(this),CreateSchemaNode:this.transformCreateSchema.bind(this),DropSchemaNode:this.transformDropSchema.bind(this),AlterTableNode:this.transformAlterTable.bind(this),DropColumnNode:this.transformDropColumn.bind(this),RenameColumnNode:this.transformRenameColumn.bind(this),AlterColumnNode:this.transformAlterColumn.bind(this),ModifyColumnNode:this.transformModifyColumn.bind(this),AddConstraintNode:this.transformAddConstraint.bind(this),DropConstraintNode:this.transformDropConstraint.bind(this),RenameConstraintNode:this.transformRenameConstraint.bind(this),ForeignKeyConstraintNode:this.transformForeignKeyConstraint.bind(this),CreateViewNode:this.transformCreateView.bind(this),RefreshMaterializedViewNode:this.transformRefreshMaterializedView.bind(this),DropViewNode:this.transformDropView.bind(this),GeneratedNode:this.transformGenerated.bind(this),DefaultValueNode:this.transformDefaultValue.bind(this),OnNode:this.transformOn.bind(this),ValuesNode:this.transformValues.bind(this),SelectModifierNode:this.transformSelectModifier.bind(this),CreateTypeNode:this.transformCreateType.bind(this),DropTypeNode:this.transformDropType.bind(this),ExplainNode:this.transformExplain.bind(this),DefaultInsertValueNode:this.transformDefaultInsertValue.bind(this),AggregateFunctionNode:this.transformAggregateFunction.bind(this),OverNode:this.transformOver.bind(this),PartitionByNode:this.transformPartitionBy.bind(this),PartitionByItemNode:this.transformPartitionByItem.bind(this),SetOperationNode:this.transformSetOperation.bind(this),BinaryOperationNode:this.transformBinaryOperation.bind(this),UnaryOperationNode:this.transformUnaryOperation.bind(this),UsingNode:this.transformUsing.bind(this),FunctionNode:this.transformFunction.bind(this),CaseNode:this.transformCase.bind(this),WhenNode:this.transformWhen.bind(this),JSONReferenceNode:this.transformJSONReference.bind(this),JSONPathNode:this.transformJSONPath.bind(this),JSONPathLegNode:this.transformJSONPathLeg.bind(this),JSONOperatorChainNode:this.transformJSONOperatorChain.bind(this),TupleNode:this.transformTuple.bind(this),MergeQueryNode:this.transformMergeQuery.bind(this),MatchedNode:this.transformMatched.bind(this),AddIndexNode:this.transformAddIndex.bind(this),CastNode:this.transformCast.bind(this),FetchNode:this.transformFetch.bind(this),TopNode:this.transformTop.bind(this),OutputNode:this.transformOutput.bind(this),OrActionNode:this.transformOrAction.bind(this),CollateNode:this.transformCollate.bind(this),AlterTypeNode:this.transformAlterType.bind(this),AddValueNode:this.transformAddValue.bind(this),RenameValueNode:this.transformRenameValue.bind(this)});transformNode(e,t){if(!e)return e;this.nodeStack.push(e);let n=this.transformNodeImpl(e,t);return this.nodeStack.pop(),B(n)}transformNodeImpl(e,t){return this.#e[e.kind](e,t)}transformNodeList(e,t){return e&&B(e.map(e=>this.transformNode(e,t)))}transformSelectQuery(e,t){return{kind:`SelectQueryNode`,from:this.transformNode(e.from,t),selections:this.transformNodeList(e.selections,t),distinctOn:this.transformNodeList(e.distinctOn,t),joins:this.transformNodeList(e.joins,t),groupBy:this.transformNode(e.groupBy,t),orderBy:this.transformNode(e.orderBy,t),where:this.transformNode(e.where,t),frontModifiers:this.transformNodeList(e.frontModifiers,t),endModifiers:this.transformNodeList(e.endModifiers,t),limit:this.transformNode(e.limit,t),offset:this.transformNode(e.offset,t),with:this.transformNode(e.with,t),having:this.transformNode(e.having,t),explain:this.transformNode(e.explain,t),setOperations:this.transformNodeList(e.setOperations,t),fetch:this.transformNode(e.fetch,t),top:this.transformNode(e.top,t)}}transformSelection(e,t){return{kind:`SelectionNode`,selection:this.transformNode(e.selection,t)}}transformColumn(e,t){return{kind:`ColumnNode`,column:this.transformNode(e.column,t)}}transformAlias(e,t){return{kind:`AliasNode`,node:this.transformNode(e.node,t),alias:this.transformNode(e.alias,t)}}transformTable(e,t){return{kind:`TableNode`,table:this.transformNode(e.table,t)}}transformFrom(e,t){return{kind:`FromNode`,froms:this.transformNodeList(e.froms,t)}}transformReference(e,t){return{kind:`ReferenceNode`,column:this.transformNode(e.column,t),table:this.transformNode(e.table,t)}}transformAnd(e,t){return{kind:`AndNode`,left:this.transformNode(e.left,t),right:this.transformNode(e.right,t)}}transformOr(e,t){return{kind:`OrNode`,left:this.transformNode(e.left,t),right:this.transformNode(e.right,t)}}transformValueList(e,t){return{kind:`ValueListNode`,values:this.transformNodeList(e.values,t)}}transformParens(e,t){return{kind:`ParensNode`,node:this.transformNode(e.node,t)}}transformJoin(e,t){return{kind:`JoinNode`,joinType:e.joinType,table:this.transformNode(e.table,t),on:this.transformNode(e.on,t)}}transformRaw(e,t){return{kind:`RawNode`,sqlFragments:B([...e.sqlFragments]),parameters:this.transformNodeList(e.parameters,t)}}transformWhere(e,t){return{kind:`WhereNode`,where:this.transformNode(e.where,t)}}transformInsertQuery(e,t){return{kind:`InsertQueryNode`,into:this.transformNode(e.into,t),columns:this.transformNodeList(e.columns,t),values:this.transformNode(e.values,t),returning:this.transformNode(e.returning,t),onConflict:this.transformNode(e.onConflict,t),onDuplicateKey:this.transformNode(e.onDuplicateKey,t),endModifiers:this.transformNodeList(e.endModifiers,t),with:this.transformNode(e.with,t),orAction:this.transformNode(e.orAction,t),replace:e.replace,explain:this.transformNode(e.explain,t),defaultValues:e.defaultValues,top:this.transformNode(e.top,t),output:this.transformNode(e.output,t)}}transformValues(e,t){return{kind:`ValuesNode`,values:this.transformNodeList(e.values,t)}}transformDeleteQuery(e,t){return{kind:`DeleteQueryNode`,from:this.transformNode(e.from,t),using:this.transformNode(e.using,t),joins:this.transformNodeList(e.joins,t),where:this.transformNode(e.where,t),returning:this.transformNode(e.returning,t),endModifiers:this.transformNodeList(e.endModifiers,t),with:this.transformNode(e.with,t),orderBy:this.transformNode(e.orderBy,t),limit:this.transformNode(e.limit,t),explain:this.transformNode(e.explain,t),top:this.transformNode(e.top,t),output:this.transformNode(e.output,t)}}transformReturning(e,t){return{kind:`ReturningNode`,selections:this.transformNodeList(e.selections,t)}}transformCreateTable(e,t){return{kind:`CreateTableNode`,table:this.transformNode(e.table,t),columns:this.transformNodeList(e.columns,t),constraints:this.transformNodeList(e.constraints,t),indexes:this.transformNodeList(e.indexes,t),temporary:e.temporary,ifNotExists:e.ifNotExists,onCommit:e.onCommit,frontModifiers:this.transformNodeList(e.frontModifiers,t),endModifiers:this.transformNodeList(e.endModifiers,t),selectQuery:this.transformNode(e.selectQuery,t)}}transformColumnDefinition(e,t){return{kind:`ColumnDefinitionNode`,column:this.transformNode(e.column,t),dataType:this.transformNode(e.dataType,t),references:this.transformNode(e.references,t),primaryKey:e.primaryKey,autoIncrement:e.autoIncrement,unique:e.unique,notNull:e.notNull,unsigned:e.unsigned,defaultTo:this.transformNode(e.defaultTo,t),check:this.transformNode(e.check,t),generated:this.transformNode(e.generated,t),frontModifiers:this.transformNodeList(e.frontModifiers,t),endModifiers:this.transformNodeList(e.endModifiers,t),nullsNotDistinct:e.nullsNotDistinct,identity:e.identity,ifNotExists:e.ifNotExists}}transformAddColumn(e,t){return{kind:`AddColumnNode`,column:this.transformNode(e.column,t)}}transformDropTable(e,t){return{kind:`DropTableNode`,table:this.transformNode(e.table,t),ifExists:e.ifExists,cascade:e.cascade,temporary:e.temporary}}transformOrderBy(e,t){return{kind:`OrderByNode`,items:this.transformNodeList(e.items,t)}}transformOrderByItem(e,t){return{kind:`OrderByItemNode`,orderBy:this.transformNode(e.orderBy,t),direction:this.transformNode(e.direction,t),collation:this.transformNode(e.collation,t),nulls:e.nulls}}transformGroupBy(e,t){return{kind:`GroupByNode`,items:this.transformNodeList(e.items,t)}}transformGroupByItem(e,t){return{kind:`GroupByItemNode`,groupBy:this.transformNode(e.groupBy,t)}}transformUpdateQuery(e,t){return{kind:`UpdateQueryNode`,table:this.transformNode(e.table,t),from:this.transformNode(e.from,t),joins:this.transformNodeList(e.joins,t),where:this.transformNode(e.where,t),updates:this.transformNodeList(e.updates,t),returning:this.transformNode(e.returning,t),endModifiers:this.transformNodeList(e.endModifiers,t),with:this.transformNode(e.with,t),explain:this.transformNode(e.explain,t),limit:this.transformNode(e.limit,t),top:this.transformNode(e.top,t),output:this.transformNode(e.output,t),orderBy:this.transformNode(e.orderBy,t)}}transformColumnUpdate(e,t){return{kind:`ColumnUpdateNode`,column:this.transformNode(e.column,t),value:this.transformNode(e.value,t)}}transformLimit(e,t){return{kind:`LimitNode`,limit:this.transformNode(e.limit,t)}}transformOffset(e,t){return{kind:`OffsetNode`,offset:this.transformNode(e.offset,t)}}transformOnConflict(e,t){return{kind:`OnConflictNode`,columns:this.transformNodeList(e.columns,t),constraint:this.transformNode(e.constraint,t),indexExpression:this.transformNode(e.indexExpression,t),indexWhere:this.transformNode(e.indexWhere,t),updates:this.transformNodeList(e.updates,t),updateWhere:this.transformNode(e.updateWhere,t),doNothing:e.doNothing}}transformOnDuplicateKey(e,t){return{kind:`OnDuplicateKeyNode`,updates:this.transformNodeList(e.updates,t)}}transformCreateIndex(e,t){return{kind:`CreateIndexNode`,name:this.transformNode(e.name,t),table:this.transformNode(e.table,t),columns:this.transformNodeList(e.columns,t),unique:e.unique,using:this.transformNode(e.using,t),ifNotExists:e.ifNotExists,where:this.transformNode(e.where,t),nullsNotDistinct:e.nullsNotDistinct}}transformList(e,t){return{kind:`ListNode`,items:this.transformNodeList(e.items,t)}}transformDropIndex(e,t){return{kind:`DropIndexNode`,name:this.transformNode(e.name,t),table:this.transformNode(e.table,t),ifExists:e.ifExists,cascade:e.cascade}}transformPrimaryKeyConstraint(e,t){return{kind:`PrimaryKeyConstraintNode`,columns:this.transformNodeList(e.columns,t),name:this.transformNode(e.name,t),deferrable:e.deferrable,initiallyDeferred:e.initiallyDeferred}}transformUniqueConstraint(e,t){return{kind:`UniqueConstraintNode`,columns:this.transformNodeList(e.columns,t),name:this.transformNode(e.name,t),nullsNotDistinct:e.nullsNotDistinct,deferrable:e.deferrable,initiallyDeferred:e.initiallyDeferred}}transformForeignKeyConstraint(e,t){return{kind:`ForeignKeyConstraintNode`,columns:this.transformNodeList(e.columns,t),references:this.transformNode(e.references,t),name:this.transformNode(e.name,t),onDelete:e.onDelete,onUpdate:e.onUpdate,deferrable:e.deferrable,initiallyDeferred:e.initiallyDeferred}}transformSetOperation(e,t){return{kind:`SetOperationNode`,operator:e.operator,expression:this.transformNode(e.expression,t),all:e.all}}transformReferences(e,t){return{kind:`ReferencesNode`,table:this.transformNode(e.table,t),columns:this.transformNodeList(e.columns,t),onDelete:e.onDelete,onUpdate:e.onUpdate}}transformCheckConstraint(e,t){return{kind:`CheckConstraintNode`,expression:this.transformNode(e.expression,t),name:this.transformNode(e.name,t)}}transformWith(e,t){return{kind:`WithNode`,expressions:this.transformNodeList(e.expressions,t),recursive:e.recursive}}transformCommonTableExpression(e,t){return{kind:`CommonTableExpressionNode`,name:this.transformNode(e.name,t),materialized:e.materialized,expression:this.transformNode(e.expression,t)}}transformCommonTableExpressionName(e,t){return{kind:`CommonTableExpressionNameNode`,table:this.transformNode(e.table,t),columns:this.transformNodeList(e.columns,t)}}transformHaving(e,t){return{kind:`HavingNode`,having:this.transformNode(e.having,t)}}transformCreateSchema(e,t){return{kind:`CreateSchemaNode`,schema:this.transformNode(e.schema,t),ifNotExists:e.ifNotExists}}transformDropSchema(e,t){return{kind:`DropSchemaNode`,schema:this.transformNode(e.schema,t),ifExists:e.ifExists,cascade:e.cascade}}transformAlterTable(e,t){return{kind:`AlterTableNode`,table:this.transformNode(e.table,t),renameTo:this.transformNode(e.renameTo,t),setSchema:this.transformNode(e.setSchema,t),columnAlterations:this.transformNodeList(e.columnAlterations,t),addConstraint:this.transformNode(e.addConstraint,t),dropConstraint:this.transformNode(e.dropConstraint,t),renameConstraint:this.transformNode(e.renameConstraint,t),addIndex:this.transformNode(e.addIndex,t),dropIndex:this.transformNode(e.dropIndex,t)}}transformDropColumn(e,t){return{kind:`DropColumnNode`,column:this.transformNode(e.column,t),ifExists:e.ifExists}}transformRenameColumn(e,t){return{kind:`RenameColumnNode`,column:this.transformNode(e.column,t),renameTo:this.transformNode(e.renameTo,t)}}transformAlterColumn(e,t){return{kind:`AlterColumnNode`,column:this.transformNode(e.column,t),dataType:this.transformNode(e.dataType,t),dataTypeExpression:this.transformNode(e.dataTypeExpression,t),setDefault:this.transformNode(e.setDefault,t),dropDefault:e.dropDefault,setNotNull:e.setNotNull,dropNotNull:e.dropNotNull}}transformModifyColumn(e,t){return{kind:`ModifyColumnNode`,column:this.transformNode(e.column,t)}}transformAddConstraint(e,t){return{kind:`AddConstraintNode`,constraint:this.transformNode(e.constraint,t)}}transformDropConstraint(e,t){return{kind:`DropConstraintNode`,constraintName:this.transformNode(e.constraintName,t),ifExists:e.ifExists,modifier:e.modifier}}transformRenameConstraint(e,t){return{kind:`RenameConstraintNode`,oldName:this.transformNode(e.oldName,t),newName:this.transformNode(e.newName,t)}}transformCreateView(e,t){return{kind:`CreateViewNode`,name:this.transformNode(e.name,t),temporary:e.temporary,orReplace:e.orReplace,ifNotExists:e.ifNotExists,materialized:e.materialized,columns:this.transformNodeList(e.columns,t),as:this.transformNode(e.as,t)}}transformRefreshMaterializedView(e,t){return{kind:`RefreshMaterializedViewNode`,name:this.transformNode(e.name,t),concurrently:e.concurrently,withNoData:e.withNoData}}transformDropView(e,t){return{kind:`DropViewNode`,name:this.transformNode(e.name,t),ifExists:e.ifExists,materialized:e.materialized,cascade:e.cascade}}transformGenerated(e,t){return{kind:`GeneratedNode`,byDefault:e.byDefault,always:e.always,identity:e.identity,stored:e.stored,expression:this.transformNode(e.expression,t)}}transformDefaultValue(e,t){return{kind:`DefaultValueNode`,defaultValue:this.transformNode(e.defaultValue,t)}}transformOn(e,t){return{kind:`OnNode`,on:this.transformNode(e.on,t)}}transformSelectModifier(e,t){return{kind:`SelectModifierNode`,modifier:e.modifier,rawModifier:this.transformNode(e.rawModifier,t),of:this.transformNodeList(e.of,t)}}transformCreateType(e,t){return{kind:`CreateTypeNode`,name:this.transformNode(e.name,t),enum:this.transformNode(e.enum,t)}}transformDropType(e,t){return{kind:`DropTypeNode`,name:this.transformNode(e.name,t),additionalNames:this.transformNodeList(e.additionalNames,t),cascade:e.cascade,ifExists:e.ifExists}}transformExplain(e,t){return{kind:`ExplainNode`,format:e.format,options:this.transformNode(e.options,t)}}transformSchemableIdentifier(e,t){return{kind:`SchemableIdentifierNode`,schema:this.transformNode(e.schema,t),identifier:this.transformNode(e.identifier,t)}}transformAggregateFunction(e,t){return{kind:`AggregateFunctionNode`,func:e.func,aggregated:this.transformNodeList(e.aggregated,t),distinct:e.distinct,orderBy:this.transformNode(e.orderBy,t),withinGroup:this.transformNode(e.withinGroup,t),filter:this.transformNode(e.filter,t),over:this.transformNode(e.over,t)}}transformOver(e,t){return{kind:`OverNode`,orderBy:this.transformNode(e.orderBy,t),partitionBy:this.transformNode(e.partitionBy,t)}}transformPartitionBy(e,t){return{kind:`PartitionByNode`,items:this.transformNodeList(e.items,t)}}transformPartitionByItem(e,t){return{kind:`PartitionByItemNode`,partitionBy:this.transformNode(e.partitionBy,t)}}transformBinaryOperation(e,t){return{kind:`BinaryOperationNode`,leftOperand:this.transformNode(e.leftOperand,t),operator:this.transformNode(e.operator,t),rightOperand:this.transformNode(e.rightOperand,t)}}transformUnaryOperation(e,t){return{kind:`UnaryOperationNode`,operator:this.transformNode(e.operator,t),operand:this.transformNode(e.operand,t)}}transformUsing(e,t){return{kind:`UsingNode`,tables:this.transformNodeList(e.tables,t)}}transformFunction(e,t){return{kind:`FunctionNode`,func:e.func,arguments:this.transformNodeList(e.arguments,t)}}transformCase(e,t){return{kind:`CaseNode`,value:this.transformNode(e.value,t),when:this.transformNodeList(e.when,t),else:this.transformNode(e.else,t),isStatement:e.isStatement}}transformWhen(e,t){return{kind:`WhenNode`,condition:this.transformNode(e.condition,t),result:this.transformNode(e.result,t)}}transformJSONReference(e,t){return{kind:`JSONReferenceNode`,reference:this.transformNode(e.reference,t),traversal:this.transformNode(e.traversal,t)}}transformJSONPath(e,t){return{kind:`JSONPathNode`,inOperator:this.transformNode(e.inOperator,t),pathLegs:this.transformNodeList(e.pathLegs,t)}}transformJSONPathLeg(e,t){return{kind:`JSONPathLegNode`,type:e.type,value:e.value}}transformJSONOperatorChain(e,t){return{kind:`JSONOperatorChainNode`,operator:this.transformNode(e.operator,t),values:this.transformNodeList(e.values,t)}}transformTuple(e,t){return{kind:`TupleNode`,values:this.transformNodeList(e.values,t)}}transformMergeQuery(e,t){return{kind:`MergeQueryNode`,into:this.transformNode(e.into,t),using:this.transformNode(e.using,t),whens:this.transformNodeList(e.whens,t),with:this.transformNode(e.with,t),top:this.transformNode(e.top,t),endModifiers:this.transformNodeList(e.endModifiers,t),output:this.transformNode(e.output,t),returning:this.transformNode(e.returning,t)}}transformMatched(e,t){return{kind:`MatchedNode`,not:e.not,bySource:e.bySource}}transformAddIndex(e,t){return{kind:`AddIndexNode`,name:this.transformNode(e.name,t),columns:this.transformNodeList(e.columns,t),unique:e.unique,using:this.transformNode(e.using,t),ifNotExists:e.ifNotExists}}transformCast(e,t){return{kind:`CastNode`,expression:this.transformNode(e.expression,t),dataType:this.transformNode(e.dataType,t)}}transformFetch(e,t){return{kind:`FetchNode`,rowCount:this.transformNode(e.rowCount,t),modifier:e.modifier}}transformTop(e,t){return{kind:`TopNode`,expression:e.expression,modifiers:e.modifiers}}transformOutput(e,t){return{kind:`OutputNode`,selections:this.transformNodeList(e.selections,t)}}transformAlterType(e,t){return{kind:`AlterTypeNode`,name:this.transformNode(e.name,t),addValue:this.transformNode(e.addValue,t),renameTo:this.transformNode(e.renameTo,t),renameValue:this.transformNode(e.renameValue,t),setSchema:this.transformNode(e.setSchema,t)}}transformAddValue(e,t){return{kind:`AddValueNode`,value:this.transformNode(e.value,t),ifNotExists:e.ifNotExists,isBefore:e.isBefore,neighborValue:this.transformNode(e.neighborValue,t)}}transformRenameValue(e,t){return{kind:`RenameValueNode`,oldValue:this.transformNode(e.oldValue,t),newValue:this.transformNode(e.newValue,t)}}transformDataType(e,t){return e}transformSelectAll(e,t){return e}transformIdentifier(e,t){return e}transformValue(e,t){return e}transformPrimitiveValueList(e,t){return e}transformOperator(e,t){return e}transformDefaultInsertValue(e,t){return e}transformOrAction(e,t){return e}transformCollate(e,t){return e}};function la(e){return ea(e)&&$i(e.kind)}var ua={AlterTableNode:!0,AlterTypeNode:!0,CreateIndexNode:!0,CreateSchemaNode:!0,CreateTableNode:!0,CreateTypeNode:!0,CreateViewNode:!0,DeleteQueryNode:!0,DropIndexNode:!0,DropSchemaNode:!0,DropTableNode:!0,DropTypeNode:!0,RefreshMaterializedViewNode:!0,DropViewNode:!0,InsertQueryNode:!0,RawNode:!0,SelectQueryNode:!0,UpdateQueryNode:!0,MergeQueryNode:!0};function da(e){return la(e)&&ua[e.kind]===!0}var U=B({is(e){return e.kind===`SchemableIdentifierNode`},create(e){return B({kind:`SchemableIdentifierNode`,identifier:V.create(e)})},createWithSchema(e,t){return B({kind:`SchemableIdentifierNode`,schema:V.create(e),identifier:V.create(t)})}}),W=B({is(e){return e.kind===`TableNode`},create(e){return B({kind:`TableNode`,table:U.create(e)})},createWithSchema(e,t){return B({kind:`TableNode`,table:U.createWithSchema(e,t)})}}),fa=B({is(e){return e.kind===`UsingNode`},create(e){return B({kind:`UsingNode`,tables:B(e)})},cloneWithTables(e,t){return B({...e,tables:B([...e.tables,...t])})}}),pa=B({json_agg:!0,to_json:!0}),ma=class extends ca{#e;#t=new Set;#n=new Set;constructor(e){super(),this.#e=e}transformNodeImpl(e,t){if(!da(e))return super.transformNodeImpl(e,t);let n=this.#a(e);for(let e of n)this.#n.add(e);let r=this.#i(e);for(let e of r)this.#t.add(e);let i=super.transformNodeImpl(e,t);for(let e of r)this.#t.delete(e);for(let e of n)this.#n.delete(e);return i}transformSchemableIdentifier(e,t){let n=super.transformSchemableIdentifier(e,t);return n.schema||!this.#t.has(e.identifier.name)?n:{...n,schema:V.create(this.#e)}}transformReferences(e,t){let n=super.transformReferences(e,t);return n.table.table.schema?n:{...n,table:W.createWithSchema(this.#e,n.table.table.identifier.name)}}transformAggregateFunction(e,t){return{...super.transformAggregateFunction({...e,aggregated:[]},t),aggregated:this.#r(e,t,`aggregated`)}}transformFunction(e,t){return{...super.transformFunction({...e,arguments:[]},t),arguments:this.#r(e,t,`arguments`)}}transformSelectModifier(e,t){return{...super.transformSelectModifier({...e,of:void 0},t),of:e.of?.map(e=>W.is(e)&&!e.table.schema?{...e,table:this.transformIdentifier(e.table.identifier,t)}:this.transformNode(e,t))}}#r(e,t,n){return pa[e.func]?e[n].map(e=>!W.is(e)||e.table.schema?this.transformNode(e,t):{...e,table:this.transformIdentifier(e.table.identifier,t)}):this.transformNodeList(e[n],t)}#i(e){let t=new Set;if(`name`in e&&e.name&&U.is(e.name)&&this.#s(e.name,t),`from`in e&&e.from)for(let n of e.from.froms)this.#o(n,t);if(`into`in e&&e.into&&this.#o(e.into,t),`table`in e&&e.table&&this.#o(e.table,t),`joins`in e&&e.joins)for(let n of e.joins)this.#o(n.table,t);return`using`in e&&e.using&&(oa.is(e.using)?this.#o(e.using.table,t):this.#o(e.using,t)),t}#a(e){let t=new Set;return`with`in e&&e.with&&this.#c(e.with,t),t}#o(e,t){if(W.is(e))return this.#s(e.table,t);if(ra.is(e)&&W.is(e.node))return this.#s(e.node.table,t);if(sa.is(e)){for(let n of e.items)this.#o(n,t);return}if(fa.is(e)){for(let n of e.tables)this.#o(n,t);return}}#s(e,t){let n=e.identifier.name;!this.#t.has(n)&&!this.#n.has(n)&&t.add(n)}#c(e,t){for(let n of e.expressions){let e=n.name.table.table.identifier.name;this.#n.has(e)||t.add(e)}}},ha=class{#e;constructor(e){this.#e=new ma(e)}transformQuery(e){return this.#e.transformNode(e.node,e.queryId)}async transformResult(e){return e.result}},G=`migration_lock`;B({__noMigrations__:!0});var ga=class{#e;constructor(e){this.#e=B(e)}async getMigrations(){let e=await this.#f(this.#r)?await this.#e.db.withPlugin(this.#o).selectFrom(this.#r).select([`name`,`timestamp`]).$narrowType().execute():[];return(await this.#_()).map(({name:t,...n})=>{let r=e.find(e=>e.name===t);return{name:t,migration:n,executedAt:r?new Date(r.timestamp):void 0}})}async migrateToLatest(e){return this.#t(()=>({direction:`Up`,step:1/0}),e)}async migrateTo(e,t){return this.#t(({migrations:t,executedMigrations:n,pendingMigrations:r})=>{if(ea(e)&&e.__noMigrations__===!0)return{direction:`Down`,step:1/0};if(!t.find(t=>t.name===e))throw Error(`migration "${e}" doesn't exist`);let i=n.indexOf(e),a=r.findIndex(t=>t.name===e);if(i!==-1)return{direction:`Down`,step:n.length-i-1};if(a!==-1)return{direction:`Up`,step:a+1};throw Error(`migration "${e}" isn't executed or pending`)},t)}async migrateUp(e){return this.#t(()=>({direction:`Up`,step:1}),e)}async migrateDown(e){return this.#t(()=>({direction:`Down`,step:1}),e)}async#t(e,t){try{return await this.#s(),await this.#c(),await this.#l(),await this.#u(),await this.#m(e,t)}catch(e){return e instanceof K?e.resultSet:{error:e}}}get#n(){return this.#e.migrationTableSchema}get#r(){return this.#e.migrationTableName??`kysely_migration`}get#i(){return this.#e.migrationLockTableName??`kysely_migration_lock`}get#a(){return this.#e.allowUnorderedMigrations??!1}get#o(){return this.#n?new ha(this.#n):new na}async#s(){if(this.#n&&!await this.#d())try{await this.#C(this.#e.db.schema.createSchema(this.#n))}catch(e){if(!await this.#d())throw e}}async#c(){if(!await this.#f(this.#r))try{await this.#C(this.#e.db.schema.withPlugin(this.#o).createTable(this.#r).addColumn(`name`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`timestamp`,`varchar(255)`,e=>e.notNull()))}catch(e){if(!await this.#f(this.#r))throw e}}async#l(){if(!await this.#f(this.#i))try{await this.#C(this.#e.db.schema.withPlugin(this.#o).createTable(this.#i).addColumn(`id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`is_locked`,`integer`,e=>e.notNull().defaultTo(0)))}catch(e){if(!await this.#f(this.#i))throw e}}async#u(){if(!await this.#p())try{await this.#e.db.withPlugin(this.#o).insertInto(this.#i).values({id:G,is_locked:0}).execute()}catch(e){if(!await this.#p())throw e}}async#d(){return(await this.#e.db.introspection.getSchemas()).some(e=>e.name===this.#n)}async#f(e){let t=this.#n;return(await this.#e.db.introspection.getTables({withInternalKyselyTables:!0})).some(n=>n.name===e&&(!t||n.schema===t))}async#p(){return!!await this.#e.db.withPlugin(this.#o).selectFrom(this.#i).where(`id`,`=`,G).select(`id`).executeTakeFirst()}async#m(e,t){let n=this.#e.db.getExecutor().adapter,r=B({lockTable:this.#e.migrationLockTableName??`kysely_migration_lock`,lockRowId:G,lockTableSchema:this.#e.migrationTableSchema}),i=async t=>{try{await n.acquireMigrationLock(t,r);let i=await this.#h(t);if(i.migrations.length===0)return{results:[]};let{direction:a,step:o}=e(i);return o<=0?{results:[]}:a===`Down`?await this.#x(t,i,o):a===`Up`?await this.#S(t,i,o):{results:[]}}finally{await n.releaseMigrationLock(t,r)}},a=t?.disableTransactions??this.#e.disableTransactions;if(this.#e.db.isTransaction){if(!n.supportsTransactionalDdl)throw Error(`Transactional DDL is not supported in this dialect. Passing a transaction to this migrator would result in failure or unexpected behavior.`);if(a)throw Error("`disableTransactions` is true but the migrator was given a transaction. Passing a transaction to this migrator would result in failure or unexpected behavior.");return i(this.#e.db)}return n.supportsTransactionalDdl&&!a?this.#e.db.transaction().execute(i):this.#e.db.connection().execute(i)}async#h(e){let t=await this.#_(),n=await this.#v(e);this.#y(t,n),this.#a||this.#b(t,n);let r=this.#g(t,n);return B({migrations:t,executedMigrations:n,lastMigration:ta(n),pendingMigrations:r})}#g(e,t){return e.filter(e=>!t.includes(e.name))}async#_(){let e=await this.#e.provider.getMigrations();return Object.keys(e).sort().map(t=>({...e[t],name:t}))}async#v(e){let t=await e.withPlugin(this.#o).selectFrom(this.#r).select([`name`,`timestamp`]).$narrowType().execute(),n=this.#e.nameComparator||((e,t)=>e.localeCompare(t));return t.sort((e,t)=>e.timestamp===t.timestamp?n(e.name,t.name):new Date(e.timestamp).getTime()-new Date(t.timestamp).getTime()).map(e=>e.name)}#y(e,t){for(let n of t)if(!e.some(e=>e.name===n))throw Error(`corrupted migrations: previously executed migration ${n} is missing`)}#b(e,t){for(let n=0;n<t.length;++n)if(e[n].name!==t[n])throw Error(`corrupted migrations: expected previously executed migration ${t[n]} to be at index ${n} but ${e[n].name} was found in its place. New migrations must always have a name that comes alphabetically after the last executed migration.`)}async#x(e,t,n){let r=t.executedMigrations.toReversed().slice(0,n).map(e=>t.migrations.find(t=>t.name===e)),i=r.map(e=>({migrationName:e.name,direction:`Down`,status:`NotExecuted`}));for(let t=0;t<i.length;++t){let n=r[t];try{n.down&&(await n.down(e),await e.withPlugin(this.#o).deleteFrom(this.#r).where(`name`,`=`,n.name).execute(),i[t]={migrationName:n.name,direction:`Down`,status:`Success`})}catch(e){throw i[t]={migrationName:n.name,direction:`Down`,status:`Error`},new K({error:e,results:i})}}return{results:i}}async#S(e,t,n){let r=t.pendingMigrations.slice(0,n).map(e=>({migrationName:e.name,direction:`Up`,status:`NotExecuted`}));for(let n=0;n<r.length;n++){let i=t.pendingMigrations[n];try{await i.up(e),await e.withPlugin(this.#o).insertInto(this.#r).values({name:i.name,timestamp:new Date().toISOString()}).execute(),r[n]={migrationName:i.name,direction:`Up`,status:`Success`}}catch(e){throw r[n]={migrationName:i.name,direction:`Up`,status:`Error`},new K({error:e,results:r})}}return{results:r}}async#C(e){this.#e.db.getExecutor().adapter.supportsCreateIfNotExists&&(e=e.ifNotExists()),await e.execute()}},K=class extends Error{#e;constructor(e){super(),this.#e=e}get resultSet(){return this.#e}},_a=class{migrations;constructor(e){this.migrations=e}async getMigrations(){return this.migrations}},va=t({down:()=>ba,up:()=>ya});async function ya(e){await e.schema.createTable(`tenants`).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`name`,`varchar(255)`).addColumn(`audience`,`varchar(255)`).addColumn(`sender_email`,`varchar(255)`).addColumn(`sender_name`,`varchar(255)`).addColumn(`language`,`varchar(255)`).addColumn(`logo`,`varchar(255)`).addColumn(`primary_color`,`varchar(255)`).addColumn(`secondary_color`,`varchar(255)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).execute(),await e.schema.createTable(`users`).addColumn(`user_id`,`varchar(255)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`email`,`varchar(255)`).addColumn(`given_name`,`varchar(255)`).addColumn(`family_name`,`varchar(255)`).addColumn(`nickname`,`varchar(255)`).addColumn(`name`,`varchar(255)`).addColumn(`picture`,`varchar(2083)`).addColumn(`tags`,`varchar(255)`).addColumn(`phone_number`,`varchar(17)`).addColumn(`phone_verified`,`boolean`).addColumn(`username`,`varchar(128)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).addPrimaryKeyConstraint(`users_tenants`,[`user_id`,`tenant_id`]).addColumn(`linked_to`,`varchar(255)`).addForeignKeyConstraint(`linked_to_constraint`,[`linked_to`,`tenant_id`],`users`,[`user_id`,`tenant_id`]).addColumn(`last_ip`,`varchar(255)`).addColumn(`login_count`,`integer`,e=>e.notNull()).addColumn(`last_login`,`varchar(255)`).addColumn(`provider`,`varchar(255)`,e=>e.notNull()).addColumn(`connection`,`varchar(255)`).addColumn(`email_verified`,`boolean`,e=>e.notNull()).addColumn(`is_social`,`boolean`,e=>e.notNull()).addColumn(`app_metadata`,`varchar(4096)`,e=>e.defaultTo(`{}`).notNull()).addColumn(`user_metadata`,`varchar(4096)`,e=>e.defaultTo(`{}`).notNull()).addUniqueConstraint(`unique_email_provider`,[`email`,`provider`,`tenant_id`]).addUniqueConstraint(`unique_phone_provider`,[`phone_number`,`provider`,`tenant_id`]).execute(),await e.schema.createTable(`members`).addColumn(`id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`sub`,`varchar(255)`).addColumn(`email`,`varchar(255)`).addColumn(`name`,`varchar(255)`).addColumn(`status`,`varchar(255)`).addColumn(`role`,`varchar(255)`).addColumn(`picture`,`varchar(2083)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).execute(),await e.schema.createTable(`applications`).addColumn(`id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`client_secret`,`varchar(255)`).addColumn(`allowed_logout_urls`,`varchar(255)`).addColumn(`authentication_settings`,`varchar(255)`).addColumn(`addons`,`varchar(4096)`,e=>e.notNull().defaultTo(`{}`)).addColumn(`callbacks`,`varchar(1024)`,e=>e.notNull().defaultTo(`[]`)).addColumn(`allowed_origins`,`varchar(1024)`,e=>e.notNull().defaultTo(`[]`)).addColumn(`web_origins`,`varchar(1024)`,e=>e.notNull().defaultTo(`[]`)).addColumn(`allowed_clients`,`varchar(1024)`,e=>e.defaultTo(`[]`).notNull()).addColumn(`options_kid`,`varchar(32)`).addColumn(`options_team_id`,`varchar(32)`).addColumn(`options_client_id`,`varchar(128)`).addColumn(`options_client_secret`,`varchar(255)`).addColumn(`options_scope`,`varchar(255)`).addColumn(`options_realms`,`varchar(255)`).addColumn(`options_app_secret`,`varchar(1024)`).addColumn(`email_validation`,`varchar(255)`).addColumn(`disable_sign_ups`,`boolean`,e=>e.notNull()).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).execute(),await e.schema.createTable(`connections`).addColumn(`id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`response_type`,`varchar(255)`).addColumn(`response_mode`,`varchar(255)`).addColumn(`strategy`,`varchar(64)`).addColumn(`options`,`varchar(2048)`,e=>e.defaultTo(`{}`).notNull()).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).execute(),await e.schema.createTable(`migrations`).addColumn(`id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`provider`,`varchar(255)`).addColumn(`client_id`,`varchar(255)`).addColumn(`origin`,`varchar(255)`).addColumn(`domain`,`varchar(255)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).execute(),await e.schema.createTable(`domains`).addColumn(`id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`domain`,`varchar(255)`,e=>e.notNull()).addColumn(`email_service`,`varchar(255)`).addColumn(`email_api_key`,`varchar(255)`).addColumn(`dkim_private_key`,`varchar(2048)`).addColumn(`dkim_public_key`,`varchar(2048)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).execute()}async function ba(e){await e.schema.dropTable(`domains`).execute(),await e.schema.dropTable(`members`).execute(),await e.schema.dropTable(`users`).execute(),await e.schema.dropTable(`connections`).execute(),await e.schema.dropTable(`applications`).execute(),await e.schema.dropTable(`migrations`).execute(),await e.schema.dropTable(`tenants`).execute()}var xa=t({down:()=>Ca,up:()=>Sa});async function Sa(e){await e.schema.alterTable(`tenants`).addColumn(`support_url`,`varchar(255)`).execute()}async function Ca(e){await e.schema.alterTable(`tenants`).dropColumn(`support_url`).execute()}var wa=t({down:()=>Ea,up:()=>Ta});async function Ta(e){}async function Ea(e){}var Da=t({down:()=>ka,up:()=>Oa});async function Oa(e){await e.schema.createTable(`logs`).addColumn(`id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`category`,`varchar(255)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(64)`).addColumn(`user_id`,`varchar(64)`).addForeignKeyConstraint(`tenant_id_constraint`,[`tenant_id`],`tenants`,[`id`],e=>e.onDelete(`cascade`)).addColumn(`ip`,`varchar(255)`).addColumn(`type`,`varchar(8)`,e=>e.notNull()).addColumn(`date`,`varchar(25)`,e=>e.notNull()).addColumn(`client_id`,`varchar(255)`).addColumn(`client_name`,`varchar(255)`).addColumn(`user_agent`,`varchar(255)`).addColumn(`description`,`varchar(255)`).addColumn(`details`,`varchar(2048)`).execute()}async function ka(e){await e.schema.dropTable(`logs`).execute()}var Aa=t({down:()=>Ma,up:()=>ja});async function ja(e){}async function Ma(e){}var Na=t({down:()=>Fa,up:()=>Pa});async function Pa(e){await e.schema.createTable(`sessions`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`).addColumn(`user_id`,`varchar(255)`).addForeignKeyConstraint(`user_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`authenticated_at`,`varchar(35)`).addColumn(`last_interaction_at`,`varchar(35)`).addColumn(`used_at`,`varchar(35)`).addColumn(`revoked_at`,`varchar(35)`).addColumn(`device`,`varchar(2048)`,e=>e.notNull()).addColumn(`clients`,`varchar(1024)`,e=>e.notNull()).execute(),await e.schema.createTable(`tickets`).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`client_id`,`varchar(255)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`email`,`varchar(255)`,e=>e.notNull()).addColumn(`nonce`,`varchar(255)`).addColumn(`state`,`varchar(1024)`).addColumn(`scope`,`varchar(1024)`).addColumn(`response_type`,`varchar(256)`).addColumn(`response_mode`,`varchar(256)`).addColumn(`redirect_uri`,`varchar(1024)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).execute(),await e.schema.createTable(`otps`).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`client_id`,`varchar(255)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`code`,`varchar(255)`,e=>e.notNull()).addColumn(`email`,`varchar(255)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`send`,`varchar(255)`).addColumn(`nonce`,`varchar(255)`).addColumn(`state`,`varchar(1024)`).addColumn(`scope`,`varchar(1024)`).addColumn(`response_type`,`varchar(256)`).addColumn(`response_mode`,`varchar(256)`).addColumn(`redirect_uri`,`varchar(1024)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).execute(),await e.schema.createIndex(`otps_email_index`).on(`otps`).column(`email`).execute(),await e.schema.createIndex(`otps_expires_at_index`).on(`otps`).column(`expires_at`).execute()}async function Fa(e){await e.schema.dropTable(`sessions`).execute(),await e.schema.dropTable(`tickets`).execute(),await e.schema.dropTable(`otps`).execute()}var Ia=t({down:()=>Ra,up:()=>La});async function La(e){await e.schema.createTable(`passwords`).addColumn(`tenant_id`,`varchar(255)`).addColumn(`user_id`,`varchar(255)`).addPrimaryKeyConstraint(`passwords_pkey`,[`user_id`,`tenant_id`]).addForeignKeyConstraint(`user_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`created_at`,`varchar(255)`).addColumn(`updated_at`,`varchar(255)`).execute(),await e.schema.createTable(`codes`).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`user_id`,`varchar(255)`).addColumn(`tenant_id`,`varchar(255)`).addForeignKeyConstraint(`user_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`type`,`varchar(255)`,e=>e.notNull()).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).execute(),await e.schema.createIndex(`codes_expires_at_index`).on(`codes`).column(`expires_at`).execute()}async function Ra(e){await e.schema.dropTable(`passwords`).execute(),await e.schema.dropTable(`codes`).execute()}var za=t({down:()=>Va,up:()=>Ba});async function Ba(e){}async function Va(e){}var Ha=t({down:()=>Wa,up:()=>Ua});async function Ua(e){await e.schema.alterTable(`passwords`).addColumn(`password`,`varchar(255)`,e=>e.notNull()).execute()}async function Wa(e){await e.schema.alterTable(`passwords`).dropColumn(`password`).execute()}var Ga=t({down:()=>qa,up:()=>Ka});async function Ka(e){}async function qa(e){}var Ja=t({down:()=>Xa,up:()=>Ya});async function Ya(e){}async function Xa(e){}var Za=t({down:()=>$a,up:()=>Qa});async function Qa(e){}async function $a(e){}var eo=t({down:()=>no,up:()=>to});async function to(e){await e.schema.createIndex(`users_email_index`).on(`users`).column(`email`).execute()}async function no(e){await e.schema.dropIndex(`users_email_index`).execute()}var ro=t({down:()=>ao,up:()=>io});async function io(e){await e.schema.alterTable(`users`).addColumn(`profileData`,`varchar(2048)`).execute()}async function ao(e){await e.schema.alterTable(`users`).dropColumn(`profileData`).execute()}var oo=t({down:()=>co,up:()=>so});async function so(e){await e.schema.createIndex(`users_linked_to_index`).on(`users`).column(`linked_to`).execute()}async function co(e){await e.schema.dropIndex(`users_linked_to_index`)}var lo=t({down:()=>fo,up:()=>uo});async function uo(e){await e.schema.alterTable(`users`).addColumn(`locale`,`varchar(255)`).execute()}async function fo(e){await e.schema.alterTable(`users`).dropColumn(`locale`).execute()}var po=t({down:()=>ho,up:()=>mo});async function mo(e){await e.schema.createTable(`keys`).addColumn(`kid`,`varchar(255)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`)).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`revoked_at`,`varchar(255)`).addColumn(`cert`,`varchar(4096)`).addColumn(`pkcs7`,`varchar(4096)`).addColumn(`fingerprint`,`varchar(256)`).addColumn(`thumbprint`,`varchar(256)`).addColumn(`current_since`,`varchar(256)`).addColumn(`current_until`,`varchar(256)`).addColumn(`type`,`varchar(50)`,e=>e.notNull().defaultTo(`jwt_signing`)).addColumn(`connection`,`varchar(255)`,e=>e.references(`connections.id`).onDelete(`cascade`)).execute()}async function ho(e){await e.schema.dropTable(`keys`).execute()}var go=t({down:()=>vo,up:()=>_o});async function _o(e){}async function vo(e){}var yo=t({down:()=>xo,up:()=>bo});async function bo(e){}async function xo(e){}var So=t({down:()=>wo,up:()=>Co});async function Co(e){await e.schema.alterTable(`otps`).addColumn(`audience`,`varchar(255)`).execute()}async function wo(e){await e.schema.alterTable(`otps`).dropColumn(`audience`).execute()}var To=t({down:()=>Do,up:()=>Eo});async function Eo(e){}async function Do(e){}var Oo=t({down:()=>Ao,up:()=>ko});async function ko(e){await e.schema.alterTable(`logs`).dropColumn(`category`).execute()}async function Ao(e){await e.schema.alterTable(`logs`).addColumn(`category`,`varchar(255)`,e=>e.notNull()).execute()}var jo=t({down:()=>No,up:()=>Mo});async function Mo(e){await e.schema.alterTable(`users`).dropColumn(`tags`).execute()}async function No(e){await e.schema.alterTable(`users`).addColumn(`tags`,`varchar(255)`).execute()}var Po=t({down:()=>Io,up:()=>Fo});async function Fo(e){await e.schema.createIndex(`logs_user_id`).on(`logs`).column(`user_id`).execute(),await e.schema.createIndex(`logs_tenant_id`).on(`logs`).column(`tenant_id`).execute(),await e.schema.createIndex(`logs_date`).on(`logs`).column(`date`).execute()}async function Io(e){await e.schema.dropIndex(`logs_user_id`),await e.schema.dropIndex(`logs_tenant_id`),await e.schema.dropIndex(`logs_date`)}var Lo=t({down:()=>zo,up:()=>Ro});async function Ro(e){await e.schema.alterTable(`logs`).dropColumn(`details`).execute(),await e.schema.alterTable(`logs`).addColumn(`details`,`varchar(8192)`).execute()}async function zo(e){await e.schema.alterTable(`logs`).dropColumn(`details`).execute(),await e.schema.alterTable(`logs`).addColumn(`details`,`varchar(2048)`).execute()}var Bo=t({down:()=>Ho,up:()=>Vo});async function Vo(e){await e.schema.alterTable(`logs`).addColumn(`user_name`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`auth0_client`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`isMobile`,`boolean`).execute(),await e.schema.alterTable(`logs`).addColumn(`connection`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`connection_id`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`audience`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`scope`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`strategy`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`strategy_type`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`hostname`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`session_connection`,`varchar(255)`).execute()}async function Ho(e){await e.schema.alterTable(`logs`).dropColumn(`user_name`).execute(),await e.schema.alterTable(`logs`).dropColumn(`auth0_client`).execute(),await e.schema.alterTable(`logs`).dropColumn(`isMobile`).execute(),await e.schema.alterTable(`logs`).dropColumn(`connection`).execute(),await e.schema.alterTable(`logs`).dropColumn(`connection_id`).execute(),await e.schema.alterTable(`logs`).dropColumn(`audience`).execute(),await e.schema.alterTable(`logs`).dropColumn(`scope`).execute(),await e.schema.alterTable(`logs`).dropColumn(`strategy`).execute(),await e.schema.alterTable(`logs`).dropColumn(`strategy_type`).execute(),await e.schema.alterTable(`logs`).dropColumn(`hostname`).execute(),await e.schema.alterTable(`logs`).dropColumn(`session_connection`).execute()}var Uo=t({down:()=>Go,up:()=>Wo});async function Wo(e){await e.schema.createIndex(`users_name_index`).on(`users`).column(`name`).execute()}async function Go(e){await e.schema.dropIndex(`users_name_index`).execute()}var Ko=t({down:()=>Jo,up:()=>qo});async function qo(e){}async function Jo(e){await e.schema.alterTable(`users`).dropConstraint(`unique_email_provider`).execute()}var Yo=t({down:()=>Zo,up:()=>Xo});async function Xo(e){await e.schema.alterTable(`otps`).dropColumn(`state`).execute(),await e.schema.alterTable(`otps`).addColumn(`state`,`varchar(8192)`).execute()}async function Zo(e){await e.schema.alterTable(`otps`).dropColumn(`state`).execute(),await e.schema.alterTable(`otps`).addColumn(`state`,`varchar(1024)`).execute()}var Qo=t({down:()=>es,up:()=>$o});async function $o(e){await e.schema.alterTable(`tickets`).dropColumn(`state`).execute(),await e.schema.alterTable(`tickets`).addColumn(`state`,`varchar(8192)`).execute()}async function es(e){await e.schema.alterTable(`tickets`).dropColumn(`state`).execute(),await e.schema.alterTable(`tickets`).addColumn(`state`,`varchar(1024)`).execute()}var ts=t({down:()=>rs,up:()=>ns});async function ns(e){await e.schema.createTable(`branding`).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull().primaryKey()).addColumn(`logo_url`,`varchar(512)`).addColumn(`favicon_url`,`varchar(512)`).addColumn(`font_url`,`varchar(512)`).addColumn(`colors_primary`,`varchar(8)`).addColumn(`colors_page_background_type`,`varchar(32)`).addColumn(`colors_page_background_start`,`varchar(8)`).addColumn(`colors_page_background_end`,`varchar(8)`).addColumn(`colors_page_background_angle_dev`,`integer`).execute()}async function rs(e){await e.schema.dropTable(`branding`).execute()}var is=t({down:()=>os,up:()=>as});async function as(e){}async function os(e){}var ss=t({down:()=>ls,up:()=>cs});async function cs(e){}async function ls(e){}var us=t({down:()=>fs,up:()=>ds});async function ds(e){}async function fs(e){}var ps=t({down:()=>hs,up:()=>ms});async function ms(e){}async function hs(e){}var gs=t({down:()=>vs,up:()=>_s});async function _s(e){await e.schema.createTable(`authentication_codes`).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`code`,`varchar(255)`,e=>e.primaryKey()).addColumn(`client_id`,`varchar(255)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`user_id`,`varchar(255)`,e=>e.notNull()).addColumn(`nonce`,`varchar(255)`).addColumn(`state`,`varchar(8192)`).addColumn(`scope`,`varchar(1024)`).addColumn(`response_type`,`varchar(256)`).addColumn(`response_mode`,`varchar(256)`).addColumn(`redirect_uri`,`varchar(1024)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).execute()}async function vs(e){await e.schema.dropTable(`authentication_codes`).execute()}var ys=t({down:()=>xs,up:()=>bs});async function bs(e){}async function xs(e){}var Ss=t({down:()=>ws,up:()=>Cs});async function Cs(e){await e.schema.alterTable(`otps`).addColumn(`ip`,`varchar(64)`).execute()}async function ws(e){await e.schema.alterTable(`otps`).dropColumn(`ip`).execute()}var Ts=t({down:()=>Ds,up:()=>Es});async function Es(e){await e.schema.alterTable(`logs`).dropColumn(`user_agent`).execute(),await e.schema.alterTable(`logs`).addColumn(`user_agent`,`varchar(1024)`).execute()}async function Ds(e){await e.schema.alterTable(`logs`).dropColumn(`user_agent`).execute(),await e.schema.alterTable(`logs`).addColumn(`user_agent`,`varchar(255)`).execute()}var Os=t({down:()=>As,up:()=>ks});async function ks(e){}async function As(e){}var js=t({down:()=>Ns,up:()=>Ms});async function Ms(e){await e.schema.createTable(`hooks`).addColumn(`hook_id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`url`,`varchar(512)`,e=>e.notNull()).addColumn(`trigger_id`,`varchar(255)`,e=>e.notNull()).addColumn(`enabled`,`boolean`,e=>e.notNull()).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).addColumn(`synchronous`,`boolean`,e=>e.defaultTo(!1).notNull()).addColumn(`priority`,`integer`).execute()}async function Ns(e){await e.schema.dropTable(`hooks`).execute()}var Ps=t({down:()=>Is,up:()=>Fs});async function Fs(e){}async function Is(e){}var Ls=t({down:()=>zs,up:()=>Rs});async function Rs(e){}async function zs(e){}var Bs=t({down:()=>Hs,up:()=>Vs});async function Vs(e){await e.schema.createTable(`logins`).addColumn(`login_id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`authParams_client_id`,`varchar(255)`,e=>e.notNull()).addColumn(`authParams_vendor_id`,`varchar(255)`).addColumn(`authParams_username`,`varchar(255)`).addColumn(`authParams_response_type`,`varchar(255)`).addColumn(`authParams_response_mode`,`varchar(255)`).addColumn(`authParams_audience`,`varchar(255)`).addColumn(`authParams_scope`,`varchar(511)`).addColumn(`authParams_state`,`varchar(511)`).addColumn(`authParams_code_challenge_method`,`varchar(256)`).addColumn(`authParams_code_challenge`,`varchar(256)`).addColumn(`authParams_redirect_uri`,`varchar(256)`).addColumn(`authParams_organization`,`varchar(256)`).addColumn(`authorization_url`,`varchar(1024)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`ip`,`varchar(255)`).addColumn(`useragent`,`varchar(512)`).execute(),await e.schema.alterTable(`passwords`).addColumn(`algorithm`,`varchar(16)`).execute(),await e.schema.dropTable(`codes`).execute(),await e.schema.createTable(`codes`).addColumn(`code_id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`login_id`,`varchar(255)`).addForeignKeyConstraint(`codes_user_id_tenant_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`code_type`,`varchar(255)`,e=>e.notNull()).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).execute()}async function Hs(e){await e.schema.dropTable(`logins`).execute(),await e.schema.alterTable(`passwords`).dropColumn(`algorithm`).execute(),await e.schema.dropTable(`codes`).execute(),await e.schema.createTable(`codes`).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`code`,`varchar(255)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`tenant_id`,`varchar(255)`).addForeignKeyConstraint(`codes_user_id_tenant_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`type`,`varchar(255)`,e=>e.notNull()).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).execute()}var Us=t({down:()=>Gs,up:()=>Ws});async function Ws(e){}async function Gs(e){}var Ks=t({down:()=>Js,up:()=>qs});async function qs(e){await e.schema.alterTable(`logins`).addColumn(`auth0Client`,`varchar(256)`).execute()}async function Js(e){await e.schema.alterTable(`logins`).dropColumn(`auth0Client`).execute()}var Ys=t({down:()=>Zs,up:()=>Xs});async function Xs(e){await e.schema.alterTable(`logins`).dropColumn(`authParams_state`).execute(),await e.schema.alterTable(`logins`).addColumn(`authParams_state`,`varchar(8192)`).execute()}async function Zs(e){await e.schema.alterTable(`logins`).dropColumn(`authParams_state`).execute(),await e.schema.alterTable(`logins`).addColumn(`authParams_state`,`varchar(511)`).execute()}var Qs=t({down:()=>ec,up:()=>$s});async function $s(e){}async function ec(e){}var tc=t({down:()=>rc,up:()=>nc});async function nc(e){}async function rc(e){}var ic=t({down:()=>oc,up:()=>ac});async function ac(e){await e.schema.alterTable(`logins`).addColumn(`authParams_nonce`,`varchar(255)`).execute()}async function oc(e){await e.schema.alterTable(`logins`).dropColumn(`nonce`).execute()}var sc=t({down:()=>lc,up:()=>cc});async function cc(e){}async function lc(e){}var uc=t({down:()=>fc,up:()=>dc});async function dc(e){}async function fc(e){}var pc=t({down:()=>hc,up:()=>mc});async function mc(e){await e.schema.dropTable(`codes`).execute(),await e.schema.createTable(`codes`).addColumn(`code_id`,`varchar(255)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`login_id`,`varchar(255)`).addColumn(`connection_id`,`varchar(255)`).addForeignKeyConstraint(`codes_user_id_tenant_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`code_type`,`varchar(255)`,e=>e.notNull()).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).addPrimaryKeyConstraint(`PK_codes_code_id_code_type`,[`code_id`,`code_type`]).execute()}async function hc(e){await e.schema.dropTable(`codes`).execute(),await e.schema.createTable(`codes`).addColumn(`code_id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`connection_id`,`varchar(255)`).addColumn(`login_id`,`varchar(255)`).addForeignKeyConstraint(`codes_user_id_tenant_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`code_type`,`varchar(255)`,e=>e.notNull()).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).execute()}var gc=t({down:()=>vc,up:()=>_c});async function _c(e){await e.schema.dropTable(`otps`).execute(),await e.schema.dropTable(`authentication_codes`).execute()}async function vc(e){await e.schema.alterTable(`keys`).addColumn(`private_key`,`varchar(2048)`).addColumn(`public_key`,`varchar(2048)`).execute(),await e.schema.createTable(`otps`).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`client_id`,`varchar(255)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`code`,`varchar(255)`,e=>e.notNull()).addColumn(`email`,`varchar(255)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`send`,`varchar(255)`).addColumn(`nonce`,`varchar(255)`).addColumn(`state`,`varchar(1024)`).addColumn(`scope`,`varchar(1024)`).addColumn(`response_type`,`varchar(256)`).addColumn(`response_mode`,`varchar(256)`).addColumn(`redirect_uri`,`varchar(1024)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).execute(),await e.schema.createTable(`authentication_codes`).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`code`,`varchar(255)`,e=>e.primaryKey()).addColumn(`client_id`,`varchar(255)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`user_id`,`varchar(255)`,e=>e.notNull()).addColumn(`nonce`,`varchar(255)`).addColumn(`state`,`varchar(8192)`).addColumn(`scope`,`varchar(1024)`).addColumn(`response_type`,`varchar(256)`).addColumn(`response_mode`,`varchar(256)`).addColumn(`redirect_uri`,`varchar(1024)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).execute()}var yc=t({down:()=>xc,up:()=>bc});async function bc(e){await e.schema.createIndex(`IDX_logs_tenant_date_type_user`).on(`logs`).columns([`tenant_id`,`date`,`type`,`user_id`]).execute()}async function xc(e){await e.schema.dropIndex(`IDX_logs_tenant_date_type_user`).on(`logs`).execute()}var Sc=t({down:()=>wc,up:()=>Cc});async function Cc(e){}async function wc(e){}var Tc=t({down:()=>Dc,up:()=>Ec});async function Ec(e){await e.schema.createTable(`prompt_settings`).addColumn(`tenant_id`,`varchar(64)`,e=>e.primaryKey()).addColumn(`universal_login_experience`,`varchar(16)`,e=>e.defaultTo(`new`).notNull()).addColumn(`identifier_first`,`boolean`,e=>e.defaultTo(!0).notNull()).addColumn(`password_first`,`boolean`,e=>e.defaultTo(!1).notNull()).addColumn(`webauthn_platform_first_factor`,`boolean`,e=>e.defaultTo(!1).notNull()).execute()}async function Dc(e){await e.schema.dropTable(`prompt_settings`).execute()}var Oc=t({down:()=>Ac,up:()=>kc});async function kc(e){}async function Ac(e){}var jc=t({down:()=>Nc,up:()=>Mc});async function Mc(e){}async function Nc(e){}var Pc=t({down:()=>Ic,up:()=>Fc});async function Fc(e){}async function Ic(e){}var Lc=t({down:()=>zc,up:()=>Rc});async function Rc(e){await e.schema.alterTable(`logins`).addColumn(`authParams_ui_locales`,`varchar(32)`).execute()}async function zc(e){await e.schema.alterTable(`logins`).dropColumn(`authParams_ui_locales`).execute()}var Bc=t({down:()=>Hc,up:()=>Vc});async function Vc(e){await e.schema.alterTable(`logins`).addColumn(`authParams_prompt`,`varchar(16)`).execute()}async function Hc(e){await e.schema.alterTable(`logins`).dropColumn(`authParams_prompt`).execute()}var Uc=t({down:()=>Gc,up:()=>Wc});async function Wc(e){}async function Gc(e){}var Kc=t({down:()=>Jc,up:()=>qc});async function qc(e){await e.schema.alterTable(`logins`).addColumn(`authParams_act_as`,`varchar(255)`).execute()}async function Jc(e){await e.schema.alterTable(`logins`).dropColumn(`authParam_act_as`).execute()}var Yc=t({down:()=>Zc,up:()=>Xc});async function Xc(e){await e.schema.alterTable(`codes`).addColumn(`code_verifier`,`varchar(128)`).execute()}async function Zc(e){await e.schema.alterTable(`codes`).dropColumn(`code_verifier`).execute()}var Qc=t({down:()=>el,up:()=>$c});async function $c(e){await e.schema.createTable(`email_providers`).addColumn(`tenant_id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`enabled`,`boolean`,e=>e.notNull()).addColumn(`default_from_address`,`varchar(255)`).addColumn(`credentials`,`varchar(2048)`,e=>e.notNull().defaultTo(`{}`)).addColumn(`settings`,`varchar(2048)`,e=>e.notNull().defaultTo(`{}`)).addColumn(`created_at`,`varchar(29)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(29)`,e=>e.notNull()).execute()}async function el(e){await e.schema.dropTable(`email_providers`).execute()}var tl=t({down:()=>rl,up:()=>nl});async function nl(e){await e.schema.dropTable(`tickets`).execute()}async function rl(e){await e.schema.createTable(`tickets`).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`client_id`,`varchar(255)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`email`,`varchar(255)`,e=>e.notNull()).addColumn(`nonce`,`varchar(255)`).addColumn(`state`,`varchar(1024)`).addColumn(`scope`,`varchar(1024)`).addColumn(`response_type`,`varchar(256)`).addColumn(`response_mode`,`varchar(256)`).addColumn(`redirect_uri`,`varchar(1024)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(255)`,e=>e.notNull()).addColumn(`used_at`,`varchar(255)`).execute()}var il=t({down:()=>ol,up:()=>al});async function al(e){}async function ol(e){await e.schema.alterTable(`logins`).dropColumn(`ip`).dropColumn(`useragent`).execute()}var sl=t({down:()=>ll,up:()=>cl});async function cl(e){await e.schema.createTable(`refresh_tokens`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`client_id`,`varchar(21)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`tenant_id`,`varchar(255)`).addColumn(`session_id`,`varchar(21)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addForeignKeyConstraint(`user_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`last_exchanged_at`,`varchar(35)`).addColumn(`device`,`varchar(2048)`,e=>e.notNull()).addColumn(`resource_servers`,`varchar(2048)`,e=>e.notNull()).addColumn(`rotating`,`boolean`,e=>e.notNull()).execute()}async function ll(e){await e.schema.dropTable(`refresh_tokens`).execute()}var ul=t({down:()=>fl,up:()=>dl});async function dl(e){}async function fl(e){}var pl=t({down:()=>hl,up:()=>ml});async function ml(e){await e.schema.dropTable(`sessions`).execute(),await e.schema.dropTable(`refresh_tokens`).execute()}async function hl(e){await e.schema.createTable(`sessions`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`).addColumn(`user_id`,`varchar(255)`).addForeignKeyConstraint(`sessions_user_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`authenticated_at`,`varchar(35)`).addColumn(`last_interaction_at`,`varchar(35)`).addColumn(`used_at`,`varchar(35)`).addColumn(`revoked_at`,`varchar(35)`).addColumn(`device`,`varchar(2048)`,e=>e.notNull()).addColumn(`clients`,`varchar(1024)`,e=>e.notNull()).execute(),await e.schema.createTable(`refresh_tokens`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`client_id`,`varchar(21)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`tenant_id`,`varchar(255)`).addColumn(`session_id`,`varchar(21)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addForeignKeyConstraint(`refresh_tokens_user_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`last_exchanged_at`,`varchar(35)`).addColumn(`device`,`varchar(2048)`,e=>e.notNull()).addColumn(`resource_servers`,`varchar(2048)`,e=>e.notNull()).addColumn(`rotating`,`boolean`,e=>e.notNull()).execute()}var gl=t({down:()=>vl,up:()=>_l});async function _l(e){await e.schema.createTable(`sessions_2`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`).addColumn(`user_id`,`varchar(255)`).addForeignKeyConstraint(`sessions_2_user_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`authenticated_at`,`varchar(35)`).addColumn(`last_interaction_at`,`varchar(35)`).addColumn(`used_at`,`varchar(35)`).addColumn(`revoked_at`,`varchar(35)`).addColumn(`device`,`varchar(2048)`,e=>e.notNull()).addColumn(`clients`,`varchar(1024)`,e=>e.notNull()).execute(),await e.schema.createTable(`refresh_tokens_2`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`client_id`,`varchar(21)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`tenant_id`,`varchar(255)`).addColumn(`session_id`,`varchar(21)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addForeignKeyConstraint(`refresh_tokens_2_user_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`last_exchanged_at`,`varchar(35)`).addColumn(`device`,`varchar(2048)`,e=>e.notNull()).addColumn(`resource_servers`,`varchar(2048)`,e=>e.notNull()).addColumn(`rotating`,`boolean`,e=>e.notNull()).execute()}async function vl(e){await e.schema.dropTable(`sessions_2`).execute(),await e.schema.dropTable(`refresh_tokens_2`).execute()}var yl=t({down:()=>xl,up:()=>bl});async function bl(e){await e.schema.createTable(`custom_domains`).addColumn(`custom_domain_id`,`varchar(21)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`domain`,`varchar(255)`,e=>e.notNull()).addColumn(`primary`,`boolean`,e=>e.notNull()).addColumn(`status`,`varchar(50)`,e=>e.notNull()).addColumn(`type`,`varchar(50)`,e=>e.notNull()).addColumn(`origin_domain_name`,`varchar(255)`).addColumn(`verification`,`varchar(2048)`).addColumn(`custom_client_ip_header`,`varchar(50)`).addColumn(`tls_policy`,`varchar(50)`).addColumn(`domain_metadata`,`varchar(2048)`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).execute(),await e.schema.dropTable(`domains`).execute()}async function xl(e){await e.schema.dropTable(`custom_domains`).execute(),await e.schema.createTable(`domains`).addColumn(`id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`domain`,`varchar(255)`,e=>e.notNull()).addColumn(`email_service`,`varchar(255)`).addColumn(`email_api_key`,`varchar(255)`).addColumn(`dkim_private_key`,`varchar(2048)`).addColumn(`dkim_public_key`,`varchar(2048)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).execute()}var Sl=t({down:()=>wl,up:()=>Cl});async function Cl(e){}async function wl(e){await e.schema.alterTable(`logins`).dropColumn(`authParams_organization`).dropColumn(`authorization_url`).execute()}var Tl=t({down:()=>Dl,up:()=>El});async function El(e){await e.schema.alterTable(`logins`).dropColumn(`authorization_url`).execute(),await e.schema.alterTable(`logins`).addColumn(`authorization_url`,`varchar(2048)`).execute()}async function Dl(e){await e.schema.alterTable(`logins`).dropColumn(`authorization_url`).execute(),await e.schema.alterTable(`logins`).addColumn(`authorization_url`,`varchar(1024)`).execute()}var Ol=t({down:()=>Al,up:()=>kl});async function kl(e){}async function Al(e){}var jl=t({down:()=>Nl,up:()=>Ml});async function Ml(e){await e.schema.createTable(`sessions`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`).addColumn(`user_id`,`varchar(255)`).addForeignKeyConstraint(`sessions_user_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`authenticated_at`,`varchar(35)`).addColumn(`last_interaction_at`,`varchar(35)`).addColumn(`used_at`,`varchar(35)`).addColumn(`revoked_at`,`varchar(35)`).addColumn(`device`,`varchar(2048)`,e=>e.notNull()).addColumn(`clients`,`varchar(1024)`,e=>e.notNull()).execute(),await e.schema.createTable(`login_sessions`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`session_id`,`varchar(21)`,e=>e.references(`sessions.id`).onDelete(`cascade`)).addColumn(`csrf_token`,`varchar(21)`,e=>e.notNull()).addColumn(`authParams_client_id`,`varchar(255)`,e=>e.notNull()).addColumn(`authParams_vendor_id`,`varchar(255)`).addColumn(`authParams_username`,`varchar(255)`).addColumn(`authParams_response_type`,`varchar(255)`).addColumn(`authParams_response_mode`,`varchar(255)`).addColumn(`authParams_audience`,`varchar(255)`).addColumn(`authParams_scope`,`varchar(511)`).addColumn(`authParams_state`,`varchar(2048)`).addColumn(`authParams_nonce`,`varchar(255)`).addColumn(`authParams_code_challenge_method`,`varchar(255)`).addColumn(`authParams_code_challenge`,`varchar(255)`).addColumn(`authParams_redirect_uri`,`varchar(255)`).addColumn(`authParams_organization`,`varchar(255)`).addColumn(`authParams_prompt`,`varchar(32)`).addColumn(`authParams_act_as`,`varchar(256)`).addColumn(`authParams_ui_locales`,`varchar(32)`).addColumn(`authorization_url`,`varchar(1024)`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`,e=>e.notNull()).addColumn(`ip`,`varchar(39)`).addColumn(`useragent`,`varchar(1024)`).addColumn(`auth0Client`,`varchar(255)`).execute(),await e.schema.createTable(`refresh_tokens`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`client_id`,`varchar(21)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`tenant_id`,`varchar(255)`).addColumn(`session_id`,`varchar(21)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addForeignKeyConstraint(`refresh_tokens_user_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`last_exchanged_at`,`varchar(35)`).addColumn(`device`,`varchar(2048)`,e=>e.notNull()).addColumn(`resource_servers`,`varchar(2048)`,e=>e.notNull()).addColumn(`rotating`,`boolean`,e=>e.notNull()).execute()}async function Nl(e){await e.schema.dropTable(`sessions`).execute(),await e.schema.dropTable(`login_sessions`).execute(),await e.schema.dropTable(`refresh_tokens`).execute()}var Pl=t({down:()=>Il,up:()=>Fl});async function Fl(e){await e.schema.dropTable(`logins`).execute(),await e.schema.dropTable(`sessions_2`).execute(),await e.schema.dropTable(`refresh_tokens_2`).execute()}async function Il(e){}var Ll=t({down:()=>zl,up:()=>Rl});async function Rl(e){await e.schema.dropTable(`custom_domains`).execute(),await e.schema.createTable(`custom_domains`).addColumn(`custom_domain_id`,`varchar(256)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`domain`,`varchar(255)`,e=>e.notNull()).addColumn(`primary`,`boolean`,e=>e.notNull()).addColumn(`status`,`varchar(50)`,e=>e.notNull()).addColumn(`type`,`varchar(50)`,e=>e.notNull()).addColumn(`origin_domain_name`,`varchar(255)`).addColumn(`verification`,`varchar(2048)`).addColumn(`custom_client_ip_header`,`varchar(50)`).addColumn(`tls_policy`,`varchar(50)`).addColumn(`domain_metadata`,`varchar(2048)`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).execute()}async function zl(e){}var Bl=t({down:()=>Hl,up:()=>Vl});async function Vl(e){}async function Hl(e){await e.schema.alterTable(`users`).dropColumn(`phone_number`).dropColumn(`phone_verified`).dropColumn(`username`).execute()}var Ul=t({down:()=>Gl,up:()=>Wl});async function Wl(e){await e.schema.createTable(`forms`).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.notNull()).addColumn(`messages`,`varchar(255)`).addColumn(`languages`,`varchar(255)`).addColumn(`translations`,`varchar(4096)`).addColumn(`nodes`,`varchar(4096)`).addColumn(`start`,`varchar(255)`).addColumn(`ending`,`varchar(255)`).addColumn(`style`,`varchar(1042)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).execute(),await e.schema.createIndex(`forms_tenant_id_idx`).on(`forms`).column(`tenant_id`).execute()}async function Gl(e){await e.schema.dropTable(`forms`).execute()}var Kl=t({down:()=>Jl,up:()=>ql});async function ql(e){await e.schema.alterTable(`hooks`).addColumn(`form_id`,`text`).execute(),await e.schema.alterTable(`hooks`).addColumn(`url_tmp`,`varchar(512)`).execute(),await e.updateTable(`hooks`).set(e=>({url_tmp:e.ref(`url`)})).execute(),await e.schema.alterTable(`hooks`).dropColumn(`url`).execute(),await e.schema.alterTable(`hooks`).renameColumn(`url_tmp`,`url`).execute()}async function Jl(e){await e.schema.dropTable(`hooks`).ifExists().execute(),await e.schema.createTable(`hooks`).addColumn(`hook_id`,`text`,e=>e.primaryKey()).addColumn(`tenant_id`,`text`,e=>e.notNull()).addColumn(`trigger_id`,`text`,e=>e.notNull()).addColumn(`enabled`,`integer`,e=>e.notNull().defaultTo(0)).addColumn(`url`,`varchar(512)`,e=>e.notNull()).addColumn(`synchronous`,`integer`,e=>e.notNull().defaultTo(0)).addColumn(`priority`,`integer`).addColumn(`created_at`,`text`,e=>e.notNull()).addColumn(`updated_at`,`text`,e=>e.notNull()).execute()}var Yl=t({down:()=>Zl,up:()=>Xl});async function Xl(e){await e.schema.alterTable(`login_sessions`).addColumn(`login_completed`,`boolean`,e=>e.notNull().defaultTo(0)).execute()}async function Zl(e){await e.schema.alterTable(`login_sessions`).dropColumn(`login_completed`).execute()}var Ql=t({down:()=>eu,up:()=>$l});async function $l(e){await e.schema.alterTable(`sessions`).addColumn(`login_session_id`,`varchar(21)`,e=>e.references(`login_sessions.id`).onDelete(`set null`)).execute()}async function eu(e){await e.schema.alterTable(`sessions`).dropColumn(`login_session_id`).execute()}var tu=t({down:()=>ru,up:()=>nu});async function nu(e){await e.schema.createIndex(`IDX_sessions_login_session_id`).on(`sessions`).column(`login_session_id`).execute()}async function ru(e){await e.schema.dropIndex(`IDX_sessions_login_session_id`).on(`sessions`).execute()}var iu=t({down:()=>ou,up:()=>au});async function au(e){await e.schema.alterTable(`codes`).addColumn(`code_challenge`,`varchar(128)`).execute(),await e.schema.alterTable(`codes`).addColumn(`code_challenge_method`,`varchar(5)`).execute()}async function ou(e){await e.schema.alterTable(`codes`).dropColumn(`code_challenge`).execute(),await e.schema.alterTable(`codes`).dropColumn(`code_challenge_method`).execute()}var su=t({down:()=>lu,up:()=>cu});async function cu(e){await e.schema.alterTable(`codes`).addColumn(`redirect_uri`,`varchar(1024)`).execute()}async function lu(e){await e.schema.alterTable(`codes`).dropColumn(`redirect_uri`).execute()}var uu=t({down:()=>fu,up:()=>du});async function du(e){await e.schema.alterTable(`codes`).addColumn(`nonce`,`varchar(1024)`).execute(),await e.schema.alterTable(`codes`).addColumn(`state`,`varchar(2048)`).execute()}async function fu(e){await e.schema.alterTable(`codes`).dropColumn(`nonce`).execute(),await e.schema.alterTable(`codes`).dropColumn(`state`).execute()}var pu=t({down:()=>hu,up:()=>mu});async function mu(e){await e.schema.createTable(`themes`).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`themeId`,`varchar(255)`,e=>e.notNull()).addColumn(`displayName`,`varchar(255)`,e=>e.notNull()).addColumn(`colors_primary_button_label`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_primary_button`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_secondary_button_border`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_secondary_button_label`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_base_focus_color`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_base_hover_color`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_body_text`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_captcha_widget_theme`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_error`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_header`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_icons`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_input_background`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_input_border`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_input_filled_text`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_input_labels_placeholders`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_links_focused_components`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_success`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_widget_background`,`varchar(24)`,e=>e.notNull()).addColumn(`colors_widget_border`,`varchar(24)`,e=>e.notNull()).addColumn(`borders_button_border_radius`,`integer`,e=>e.notNull()).addColumn(`borders_button_border_weight`,`integer`,e=>e.notNull()).addColumn(`borders_buttons_style`,`varchar(24)`,e=>e.notNull()).addColumn(`borders_input_border_radius`,`integer`,e=>e.notNull()).addColumn(`borders_input_border_weight`,`integer`,e=>e.notNull()).addColumn(`borders_inputs_style`,`varchar(24)`,e=>e.notNull()).addColumn(`borders_show_widget_shadow`,`boolean`,e=>e.notNull()).addColumn(`borders_widget_border_weight`,`integer`,e=>e.notNull()).addColumn(`borders_widget_corner_radius`,`integer`,e=>e.notNull()).addColumn(`fonts_body_text_bold`,`integer`,e=>e.notNull()).addColumn(`fonts_body_text_size`,`integer`,e=>e.notNull()).addColumn(`fonts_buttons_text_bold`,`integer`,e=>e.notNull()).addColumn(`fonts_buttons_text_size`,`integer`,e=>e.notNull()).addColumn(`fonts_font_url`,`varchar(255)`,e=>e.notNull()).addColumn(`fonts_input_labels_bold`,`integer`,e=>e.notNull()).addColumn(`fonts_input_labels_size`,`integer`,e=>e.notNull()).addColumn(`fonts_links_bold`,`boolean`,e=>e.notNull()).addColumn(`fonts_links_size`,`integer`,e=>e.notNull()).addColumn(`fonts_links_style`,`varchar(24)`,e=>e.notNull()).addColumn(`fonts_reference_text_size`,`integer`,e=>e.notNull()).addColumn(`fonts_subtitle_bold`,`boolean`,e=>e.notNull()).addColumn(`fonts_subtitle_size`,`integer`,e=>e.notNull()).addColumn(`fonts_title_bold`,`boolean`,e=>e.notNull()).addColumn(`fonts_title_size`,`integer`,e=>e.notNull()).addColumn(`page_background_background_color`,`varchar(24)`,e=>e.notNull()).addColumn(`page_background_background_image_url`,`varchar(255)`,e=>e.notNull()).addColumn(`page_background_page_layout`,`varchar(24)`,e=>e.notNull()).addColumn(`widget_header_text_alignment`,`varchar(24)`,e=>e.notNull()).addColumn(`widget_logo_height`,`integer`,e=>e.notNull()).addColumn(`widget_logo_position`,`varchar(24)`,e=>e.notNull()).addColumn(`widget_logo_url`,`varchar(255)`,e=>e.notNull()).addColumn(`widget_social_buttons_layout`,`varchar(24)`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`themes_pkey`,[`tenant_id`,`themeId`]).execute(),await e.schema.createIndex(`themes_tenant_id_idx`).on(`themes`).column(`tenant_id`).execute()}async function hu(e){await e.schema.dropTable(`themes`).execute()}var gu=t({down:()=>vu,up:()=>_u});async function _u(e){await e.schema.createTable(`resource_servers`).addColumn(`id`,`varchar(21)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`identifier`,`varchar(191)`,e=>e.notNull()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`scopes`,`varchar(4096)`).addColumn(`signing_alg`,`varchar(64)`).addColumn(`signing_secret`,`varchar(2048)`).addColumn(`token_lifetime`,`integer`).addColumn(`token_lifetime_for_web`,`integer`).addColumn(`skip_consent_for_verifiable_first_party_clients`,`integer`).addColumn(`allow_offline_access`,`integer`).addColumn(`verification_key`,`varchar(4096)`).addColumn(`options`,`varchar(4096)`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`resource_servers_pk`,[`tenant_id`,`id`]).execute(),await e.schema.createIndex(`resource_servers_tenant_identifier_uq`).on(`resource_servers`).columns([`tenant_id`,`identifier`]).unique().execute(),await e.schema.createTable(`roles`).addColumn(`id`,`varchar(21)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`name`,`varchar(50)`,e=>e.notNull()).addColumn(`description`,`varchar(255)`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`roles_pk`,[`tenant_id`,`id`]).execute(),await e.schema.createIndex(`roles_tenant_name_uq`).on(`roles`).columns([`tenant_id`,`name`]).unique().execute()}async function vu(e){await e.schema.dropTable(`roles`).execute(),await e.schema.dropTable(`resource_servers`).execute()}var yu=t({down:()=>xu,up:()=>bu});async function bu(e){await e.schema.createTable(`role_permissions`).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`role_id`,`varchar(21)`,e=>e.notNull()).addColumn(`resource_server_identifier`,`varchar(191)`,e=>e.notNull()).addColumn(`permission_name`,`varchar(191)`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`role_permissions_pk`,[`tenant_id`,`role_id`,`resource_server_identifier`,`permission_name`]).execute(),await e.schema.createIndex(`role_permissions_role_fk`).on(`role_permissions`).columns([`tenant_id`,`role_id`]).execute(),await e.schema.createIndex(`role_permissions_permission_fk`).on(`role_permissions`).columns([`tenant_id`,`resource_server_identifier`,`permission_name`]).execute(),await e.schema.createTable(`user_permissions`).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`user_id`,`varchar(191)`,e=>e.notNull()).addColumn(`resource_server_identifier`,`varchar(191)`,e=>e.notNull()).addColumn(`permission_name`,`varchar(191)`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`user_permissions_pk`,[`tenant_id`,`user_id`,`resource_server_identifier`,`permission_name`]).execute(),await e.schema.createIndex(`user_permissions_user_fk`).on(`user_permissions`).columns([`tenant_id`,`user_id`]).execute(),await e.schema.createIndex(`user_permissions_permission_fk`).on(`user_permissions`).columns([`tenant_id`,`resource_server_identifier`,`permission_name`]).execute()}async function xu(e){await e.schema.dropTable(`user_permissions`).execute(),await e.schema.dropTable(`role_permissions`).execute()}var Su=t({down:()=>wu,up:()=>Cu});async function Cu(e){await e.schema.createTable(`user_roles`).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`user_id`,`varchar(191)`,e=>e.notNull()).addColumn(`role_id`,`varchar(21)`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`user_roles_pk`,[`tenant_id`,`user_id`,`role_id`]).execute(),await e.schema.createIndex(`user_roles_user_fk`).on(`user_roles`).columns([`tenant_id`,`user_id`]).execute(),await e.schema.createIndex(`user_roles_role_fk`).on(`user_roles`).columns([`tenant_id`,`role_id`]).execute()}async function wu(e){await e.schema.dropTable(`user_roles`).execute()}var Tu=t({down:()=>Du,up:()=>Eu});async function Eu(e){}async function Du(e){await e.schema.alterTable(`keys`).dropColumn(`connection`).execute(),await e.schema.alterTable(`keys`).modifyColumn(`cert`,`varchar(2048)`).execute(),await e.schema.alterTable(`keys`).modifyColumn(`pkcs7`,`varchar(2048)`).execute(),await e.schema.alterTable(`keys`).dropColumn(`type`).execute()}var Ou=t({down:()=>Au,up:()=>ku});async function ku(e){await e.schema.createTable(`organizations`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`name`,`varchar(256)`,e=>e.notNull()).addColumn(`display_name`,`varchar(256)`).addColumn(`branding`,`text`).addColumn(`metadata`,`text`).addColumn(`enabled_connections`,`text`).addColumn(`token_quota`,`text`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).execute(),await e.schema.createIndex(`idx_organizations_tenant_id`).on(`organizations`).column(`tenant_id`).execute(),await e.schema.createIndex(`idx_organizations_tenant_name_unique`).on(`organizations`).columns([`tenant_id`,`name`]).unique().execute()}async function Au(e){await e.schema.dropTable(`organizations`).execute()}var ju=t({down:()=>Nu,up:()=>Mu});async function Mu(e){await e.schema.createTable(`user_organizations`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`user_id`,`varchar(191)`,e=>e.notNull()).addColumn(`organization_id`,`varchar(21)`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addUniqueConstraint(`user_organizations_unique`,[`tenant_id`,`user_id`,`organization_id`]).execute(),await e.schema.createIndex(`idx_user_organizations_tenant_id`).on(`user_organizations`).column(`tenant_id`).execute(),await e.schema.createIndex(`idx_user_organizations_user_id`).on(`user_organizations`).column(`user_id`).execute(),await e.schema.createIndex(`idx_user_organizations_organization_id`).on(`user_organizations`).column(`organization_id`).execute()}async function Nu(e){await e.schema.dropTable(`user_organizations`).execute()}var Pu=t({down:()=>Iu,up:()=>Fu});async function Fu(e){await e.schema.dropTable(`user_permissions`).execute(),await e.schema.dropTable(`user_roles`).execute(),await e.schema.createTable(`user_permissions`).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`user_id`,`varchar(191)`,e=>e.notNull()).addColumn(`resource_server_identifier`,`varchar(21)`,e=>e.notNull()).addColumn(`permission_name`,`varchar(191)`,e=>e.notNull()).addColumn(`organization_id`,`varchar(21)`,e=>e.notNull().defaultTo(``)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`user_permissions_pk`,[`tenant_id`,`user_id`,`resource_server_identifier`,`permission_name`,`organization_id`]).execute(),await e.schema.createIndex(`user_permissions_user_fk`).on(`user_permissions`).columns([`tenant_id`,`user_id`]).execute(),await e.schema.createIndex(`user_permissions_permission_fk`).on(`user_permissions`).columns([`tenant_id`,`resource_server_identifier`,`permission_name`]).execute(),await e.schema.createIndex(`user_permissions_organization_fk`).on(`user_permissions`).column(`organization_id`).execute(),await e.schema.createTable(`user_roles`).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`user_id`,`varchar(191)`,e=>e.notNull()).addColumn(`role_id`,`varchar(21)`,e=>e.notNull()).addColumn(`organization_id`,`varchar(191)`,e=>e.notNull().defaultTo(``)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`user_roles_pk`,[`tenant_id`,`user_id`,`role_id`,`organization_id`]).execute(),await e.schema.createIndex(`user_roles_user_fk`).on(`user_roles`).columns([`tenant_id`,`user_id`]).execute(),await e.schema.createIndex(`user_roles_role_fk`).on(`user_roles`).columns([`tenant_id`,`role_id`]).execute(),await e.schema.createIndex(`user_roles_organization_fk`).on(`user_roles`).column(`organization_id`).execute()}async function Iu(e){await e.schema.dropTable(`user_permissions`).execute(),await e.schema.dropTable(`user_roles`).execute(),await e.schema.createTable(`user_permissions`).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`user_id`,`varchar(191)`,e=>e.notNull()).addColumn(`resource_server_identifier`,`varchar(191)`,e=>e.notNull()).addColumn(`permission_name`,`varchar(191)`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`user_permissions_pk`,[`tenant_id`,`user_id`,`resource_server_identifier`,`permission_name`]).execute(),await e.schema.createIndex(`user_permissions_user_fk`).on(`user_permissions`).columns([`tenant_id`,`user_id`]).execute(),await e.schema.createIndex(`user_permissions_permission_fk`).on(`user_permissions`).columns([`tenant_id`,`resource_server_identifier`,`permission_name`]).execute(),await e.schema.createTable(`user_roles`).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`user_id`,`varchar(191)`,e=>e.notNull()).addColumn(`role_id`,`varchar(21)`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`user_roles_pk`,[`tenant_id`,`user_id`,`role_id`]).execute(),await e.schema.createIndex(`user_roles_user_fk`).on(`user_roles`).columns([`tenant_id`,`user_id`]).execute(),await e.schema.createIndex(`user_roles_role_fk`).on(`user_roles`).columns([`tenant_id`,`role_id`]).execute()}var Lu=t({down:()=>zu,up:()=>Ru});async function Ru(e){await e.schema.createTable(`clients`).addColumn(`client_id`,`varchar(191)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(191)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`description`,`varchar(140)`).addColumn(`global`,`integer`,e=>e.defaultTo(0).notNull()).addColumn(`client_secret`,`varchar(255)`).addColumn(`app_type`,`varchar(64)`,e=>e.defaultTo(`regular_web`)).addColumn(`logo_uri`,`varchar(2083)`).addColumn(`is_first_party`,`integer`,e=>e.defaultTo(0).notNull()).addColumn(`oidc_conformant`,`integer`,e=>e.defaultTo(1).notNull()).addColumn(`callbacks`,`text`,e=>e.notNull()).addColumn(`allowed_origins`,`text`,e=>e.notNull()).addColumn(`web_origins`,`text`,e=>e.notNull()).addColumn(`client_aliases`,`text`,e=>e.notNull()).addColumn(`allowed_clients`,`text`,e=>e.notNull()).addColumn(`allowed_logout_urls`,`text`,e=>e.notNull()).addColumn(`session_transfer`,`text`,e=>e.notNull()).addColumn(`oidc_logout`,`text`,e=>e.notNull()).addColumn(`grant_types`,`text`,e=>e.notNull()).addColumn(`jwt_configuration`,`text`,e=>e.notNull()).addColumn(`signing_keys`,`text`,e=>e.notNull()).addColumn(`encryption_key`,`text`,e=>e.notNull()).addColumn(`sso`,`integer`,e=>e.defaultTo(0).notNull()).addColumn(`sso_disabled`,`integer`,e=>e.defaultTo(1).notNull()).addColumn(`cross_origin_authentication`,`integer`,e=>e.defaultTo(0).notNull()).addColumn(`cross_origin_loc`,`varchar(2083)`).addColumn(`custom_login_page_on`,`integer`,e=>e.defaultTo(0).notNull()).addColumn(`custom_login_page`,`text`).addColumn(`custom_login_page_preview`,`text`).addColumn(`form_template`,`text`).addColumn(`addons`,`text`,e=>e.notNull()).addColumn(`token_endpoint_auth_method`,`varchar(64)`,e=>e.defaultTo(`client_secret_basic`)).addColumn(`client_metadata`,`text`,e=>e.notNull()).addColumn(`mobile`,`text`,e=>e.notNull()).addColumn(`initiate_login_uri`,`varchar(2083)`).addColumn(`native_social_login`,`text`,e=>e.notNull()).addColumn(`refresh_token`,`text`,e=>e.notNull()).addColumn(`default_organization`,`text`,e=>e.notNull()).addColumn(`organization_usage`,`varchar(32)`,e=>e.defaultTo(`deny`)).addColumn(`organization_require_behavior`,`varchar(32)`,e=>e.defaultTo(`no_prompt`)).addColumn(`client_authentication_methods`,`text`,e=>e.notNull()).addColumn(`require_pushed_authorization_requests`,`integer`,e=>e.defaultTo(0).notNull()).addColumn(`require_proof_of_possession`,`integer`,e=>e.defaultTo(0).notNull()).addColumn(`signed_request_object`,`text`,e=>e.notNull()).addColumn(`compliance_level`,`varchar(64)`).addColumn(`par_request_expiry`,`integer`).addColumn(`token_quota`,`text`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`clients_tenant_id_client_id`,[`tenant_id`,`client_id`]).execute()}async function zu(e){await e.schema.dropTable(`clients`).execute()}var Bu=!1;function Vu(e){Bu=e}function q(...e){Bu&&console.log(...e)}function J(...e){console.warn(...e)}var Hu=t({down:()=>qu,up:()=>Wu});async function Uu(e){try{return await i.sql`SELECT VERSION()`.execute(e),`mysql`}catch{return`sqlite`}}async function Wu(e){await Uu(e)===`mysql`?await Gu(e):await Ku(e)}async function Gu(e){await e.transaction().execute(async e=>{let t=await i.sql`
       SELECT
         rc.CONSTRAINT_NAME,
         rc.TABLE_NAME
       FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS rc
       WHERE rc.CONSTRAINT_SCHEMA = DATABASE()
         AND rc.TABLE_NAME IN ('refresh_tokens', 'sessions', 'login_sessions')
-    `.execute(t);for(const o of a.rows){const r=o.CONSTRAINT_NAME,s=o.TABLE_NAME;try{await h.sql`ALTER TABLE ${h.sql.raw(s)} DROP FOREIGN KEY ${h.sql.raw(r)}`.execute(t),w(`Dropped foreign key constraint ${r} from ${s}`)}catch(i){console.warn(`Failed to drop constraint ${r} from ${s}:`,i)}}const n=["sessions_backup","login_sessions_backup","refresh_tokens_backup"];for(const o of n)try{await h.sql`DROP TABLE IF EXISTS ${h.sql.raw(o)}`.execute(t)}catch(r){console.warn(`Failed to drop backup table ${o}:`,r)}await h.sql`CREATE TABLE sessions_backup AS SELECT * FROM sessions`.execute(t),await h.sql`CREATE TABLE login_sessions_backup AS SELECT * FROM login_sessions`.execute(t),await h.sql`CREATE TABLE refresh_tokens_backup AS SELECT * FROM refresh_tokens`.execute(t),await h.sql`DROP TABLE sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await h.sql`DROP TABLE refresh_tokens`.execute(t),await t.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",o=>o.notNull()).addColumn("tenant_id","varchar(255)",o=>o.notNull()).addColumn("client_id","varchar(191)",o=>o.notNull()).addColumn("session_id","varchar(21)",o=>o.notNull()).addColumn("user_id","varchar(255)").addColumn("resource_servers","text",o=>o.notNull()).addColumn("device","text",o=>o.notNull()).addColumn("rotating","boolean",o=>o.notNull()).addColumn("created_at","varchar(35)",o=>o.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addPrimaryKeyConstraint("refresh_tokens_pk",["tenant_id","id"]).execute(),await h.sql`ALTER TABLE refresh_tokens
+    `.execute(e);for(let n of t.rows){let t=n.CONSTRAINT_NAME,r=n.TABLE_NAME;try{await i.sql`ALTER TABLE ${i.sql.raw(r)} DROP FOREIGN KEY ${i.sql.raw(t)}`.execute(e),q(`Dropped foreign key constraint ${t} from ${r}`)}catch(e){console.warn(`Failed to drop constraint ${t} from ${r}:`,e)}}for(let t of[`sessions_backup`,`login_sessions_backup`,`refresh_tokens_backup`])try{await i.sql`DROP TABLE IF EXISTS ${i.sql.raw(t)}`.execute(e)}catch(e){console.warn(`Failed to drop backup table ${t}:`,e)}await i.sql`CREATE TABLE sessions_backup AS SELECT * FROM sessions`.execute(e),await i.sql`CREATE TABLE login_sessions_backup AS SELECT * FROM login_sessions`.execute(e),await i.sql`CREATE TABLE refresh_tokens_backup AS SELECT * FROM refresh_tokens`.execute(e),await i.sql`DROP TABLE sessions`.execute(e),await i.sql`DROP TABLE login_sessions`.execute(e),await i.sql`DROP TABLE refresh_tokens`.execute(e),await e.schema.createTable(`refresh_tokens`).addColumn(`id`,`varchar(21)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.notNull()).addColumn(`client_id`,`varchar(191)`,e=>e.notNull()).addColumn(`session_id`,`varchar(21)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`resource_servers`,`text`,e=>e.notNull()).addColumn(`device`,`text`,e=>e.notNull()).addColumn(`rotating`,`boolean`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`last_exchanged_at`,`varchar(35)`).addPrimaryKeyConstraint(`refresh_tokens_pk`,[`tenant_id`,`id`]).execute(),await i.sql`ALTER TABLE refresh_tokens
       ADD CONSTRAINT refresh_tokens_tenant_fk
-      FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE CASCADE`.execute(t),await h.sql`ALTER TABLE refresh_tokens
+      FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE CASCADE`.execute(e),await i.sql`ALTER TABLE refresh_tokens
       ADD CONSTRAINT refresh_tokens_client_fk
-      FOREIGN KEY (tenant_id, client_id) REFERENCES clients(tenant_id, client_id) ON DELETE CASCADE`.execute(t),await t.schema.createTable("sessions").addColumn("id","varchar(21)",o=>o.notNull()).addColumn("tenant_id","varchar(191)",o=>o.notNull()).addColumn("user_id","varchar(255)").addColumn("created_at","varchar(35)",o=>o.notNull()).addColumn("updated_at","varchar(35)",o=>o.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","text",o=>o.notNull()).addColumn("clients","text",o=>o.notNull()).addColumn("login_session_id","varchar(21)").addPrimaryKeyConstraint("sessions_pk",["tenant_id","id"]).execute(),await h.sql`ALTER TABLE sessions
+      FOREIGN KEY (tenant_id, client_id) REFERENCES clients(tenant_id, client_id) ON DELETE CASCADE`.execute(e),await e.schema.createTable(`sessions`).addColumn(`id`,`varchar(21)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`authenticated_at`,`varchar(35)`).addColumn(`last_interaction_at`,`varchar(35)`).addColumn(`used_at`,`varchar(35)`).addColumn(`revoked_at`,`varchar(35)`).addColumn(`device`,`text`,e=>e.notNull()).addColumn(`clients`,`text`,e=>e.notNull()).addColumn(`login_session_id`,`varchar(21)`).addPrimaryKeyConstraint(`sessions_pk`,[`tenant_id`,`id`]).execute(),await i.sql`ALTER TABLE sessions
       ADD CONSTRAINT sessions_user_fk
-      FOREIGN KEY (user_id, tenant_id) REFERENCES users(user_id, tenant_id) ON DELETE CASCADE`.execute(t),await t.schema.createTable("login_sessions").addColumn("id","varchar(21)",o=>o.notNull()).addColumn("tenant_id","varchar(255)",o=>o.notNull()).addColumn("session_id","varchar(21)").addColumn("csrf_token","varchar(21)",o=>o.notNull()).addColumn("authParams_client_id","varchar(191)",o=>o.notNull()).addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","text").addColumn("authParams_state","text").addColumn("authParams_nonce","varchar(255)").addColumn("authParams_code_challenge_method","varchar(255)").addColumn("authParams_code_challenge","varchar(255)").addColumn("authParams_redirect_uri","text").addColumn("authParams_organization","varchar(255)").addColumn("authParams_prompt","varchar(32)").addColumn("authParams_act_as","varchar(256)").addColumn("authParams_ui_locales","varchar(32)").addColumn("authorization_url","text").addColumn("created_at","varchar(35)",o=>o.notNull()).addColumn("updated_at","varchar(35)",o=>o.notNull()).addColumn("expires_at","varchar(35)",o=>o.notNull()).addColumn("ip","varchar(39)").addColumn("useragent","text").addColumn("auth0Client","varchar(255)").addColumn("login_completed","integer",o=>o.defaultTo(0)).addPrimaryKeyConstraint("login_sessions_pk",["tenant_id","id"]).execute(),await h.sql`ALTER TABLE login_sessions
+      FOREIGN KEY (user_id, tenant_id) REFERENCES users(user_id, tenant_id) ON DELETE CASCADE`.execute(e),await e.schema.createTable(`login_sessions`).addColumn(`id`,`varchar(21)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.notNull()).addColumn(`session_id`,`varchar(21)`).addColumn(`csrf_token`,`varchar(21)`,e=>e.notNull()).addColumn(`authParams_client_id`,`varchar(191)`,e=>e.notNull()).addColumn(`authParams_vendor_id`,`varchar(255)`).addColumn(`authParams_username`,`varchar(255)`).addColumn(`authParams_response_type`,`varchar(255)`).addColumn(`authParams_response_mode`,`varchar(255)`).addColumn(`authParams_audience`,`varchar(255)`).addColumn(`authParams_scope`,`text`).addColumn(`authParams_state`,`text`).addColumn(`authParams_nonce`,`varchar(255)`).addColumn(`authParams_code_challenge_method`,`varchar(255)`).addColumn(`authParams_code_challenge`,`varchar(255)`).addColumn(`authParams_redirect_uri`,`text`).addColumn(`authParams_organization`,`varchar(255)`).addColumn(`authParams_prompt`,`varchar(32)`).addColumn(`authParams_act_as`,`varchar(256)`).addColumn(`authParams_ui_locales`,`varchar(32)`).addColumn(`authorization_url`,`text`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`,e=>e.notNull()).addColumn(`ip`,`varchar(39)`).addColumn(`useragent`,`text`).addColumn(`auth0Client`,`varchar(255)`).addColumn(`login_completed`,`integer`,e=>e.defaultTo(0)).addPrimaryKeyConstraint(`login_sessions_pk`,[`tenant_id`,`id`]).execute(),await i.sql`ALTER TABLE login_sessions
       ADD CONSTRAINT login_sessions_tenant_fk
-      FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE CASCADE`.execute(t),await h.sql`ALTER TABLE login_sessions
+      FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE CASCADE`.execute(e),await i.sql`ALTER TABLE login_sessions
       ADD CONSTRAINT login_sessions_client_fk
-      FOREIGN KEY (tenant_id, authParams_client_id) REFERENCES clients(tenant_id, client_id) ON DELETE CASCADE`.execute(t),await h.sql`ALTER TABLE login_sessions
+      FOREIGN KEY (tenant_id, authParams_client_id) REFERENCES clients(tenant_id, client_id) ON DELETE CASCADE`.execute(e),await i.sql`ALTER TABLE login_sessions
       ADD CONSTRAINT login_sessions_session_fk
-      FOREIGN KEY (tenant_id, session_id) REFERENCES sessions(tenant_id, id) ON DELETE CASCADE`.execute(t),await h.sql`INSERT INTO refresh_tokens
+      FOREIGN KEY (tenant_id, session_id) REFERENCES sessions(tenant_id, id) ON DELETE CASCADE`.execute(e),await i.sql`INSERT INTO refresh_tokens
       SELECT id, tenant_id, client_id, session_id, user_id, resource_servers, device, rotating,
              created_at, expires_at, idle_expires_at, last_exchanged_at
-      FROM refresh_tokens_backup`.execute(t),await h.sql`INSERT INTO sessions
+      FROM refresh_tokens_backup`.execute(e),await i.sql`INSERT INTO sessions
       SELECT id, tenant_id, user_id, created_at, updated_at, expires_at, idle_expires_at,
              authenticated_at, last_interaction_at, used_at, revoked_at, device, clients, login_session_id
-      FROM sessions_backup`.execute(t),await h.sql`INSERT INTO login_sessions
+      FROM sessions_backup`.execute(e),await i.sql`INSERT INTO login_sessions
       SELECT id, tenant_id, session_id, csrf_token, authParams_client_id, authParams_vendor_id, authParams_username,
              authParams_response_type, authParams_response_mode, authParams_audience, authParams_scope, authParams_state,
              authParams_nonce, authParams_code_challenge_method, authParams_code_challenge, authParams_redirect_uri,
              authParams_organization, authParams_prompt, authParams_act_as, authParams_ui_locales, authorization_url,
              created_at, updated_at, expires_at, ip, useragent, auth0Client, login_completed
-      FROM login_sessions_backup`.execute(t),await h.sql`DROP TABLE sessions_backup`.execute(t),await h.sql`DROP TABLE login_sessions_backup`.execute(t),await h.sql`DROP TABLE refresh_tokens_backup`.execute(t)})}async function cu(e){await e.transaction().execute(async t=>{const a=["sessions_backup","login_sessions_backup","refresh_tokens_backup"];for(const n of a)try{await h.sql`DROP TABLE IF EXISTS ${h.sql.raw(n)}`.execute(t)}catch(o){console.warn(`Failed to drop backup table ${n}:`,o)}await h.sql`CREATE TABLE sessions_backup AS SELECT * FROM sessions`.execute(t),await h.sql`CREATE TABLE login_sessions_backup AS SELECT * FROM login_sessions`.execute(t),await h.sql`CREATE TABLE refresh_tokens_backup AS SELECT * FROM refresh_tokens`.execute(t),await h.sql`DROP TABLE sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await h.sql`DROP TABLE refresh_tokens`.execute(t),await t.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",n=>n.notNull()).addColumn("tenant_id","varchar(255)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("client_id","varchar(191)",n=>n.notNull()).addColumn("session_id","varchar(21)",n=>n.notNull()).addColumn("user_id","varchar(255)").addColumn("resource_servers","text",n=>n.notNull()).addColumn("device","text",n=>n.notNull()).addColumn("rotating","boolean",n=>n.notNull()).addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").addPrimaryKeyConstraint("refresh_tokens_pk",["tenant_id","id"]).addForeignKeyConstraint("refresh_tokens_client_fk",["tenant_id","client_id"],"clients",["tenant_id","client_id"],n=>n.onDelete("cascade")).execute(),await t.schema.createTable("sessions").addColumn("id","varchar(21)",n=>n.notNull()).addColumn("tenant_id","varchar(191)",n=>n.notNull()).addColumn("user_id","varchar(255)").addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("authenticated_at","varchar(35)").addColumn("last_interaction_at","varchar(35)").addColumn("used_at","varchar(35)").addColumn("revoked_at","varchar(35)").addColumn("device","text",n=>n.notNull()).addColumn("clients","text",n=>n.notNull()).addColumn("login_session_id","varchar(21)").addPrimaryKeyConstraint("sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("sessions_user_fk",["user_id","tenant_id"],"users",["user_id","tenant_id"],n=>n.onDelete("cascade")).execute(),await t.schema.createTable("login_sessions").addColumn("id","varchar(21)",n=>n.notNull()).addColumn("tenant_id","varchar(255)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)").addColumn("csrf_token","varchar(21)",n=>n.notNull()).addColumn("authParams_client_id","varchar(191)",n=>n.notNull()).addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","text").addColumn("authParams_state","text").addColumn("authParams_nonce","varchar(255)").addColumn("authParams_code_challenge_method","varchar(255)").addColumn("authParams_code_challenge","varchar(255)").addColumn("authParams_redirect_uri","text").addColumn("authParams_organization","varchar(255)").addColumn("authParams_prompt","varchar(32)").addColumn("authParams_act_as","varchar(256)").addColumn("authParams_ui_locales","varchar(32)").addColumn("authorization_url","text").addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addColumn("expires_at","varchar(35)",n=>n.notNull()).addColumn("ip","varchar(39)").addColumn("useragent","text").addColumn("auth0Client","varchar(255)").addColumn("login_completed","integer",n=>n.defaultTo(0)).addPrimaryKeyConstraint("login_sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("login_sessions_client_fk",["tenant_id","authParams_client_id"],"clients",["tenant_id","client_id"],n=>n.onDelete("cascade")).addForeignKeyConstraint("login_sessions_session_fk",["tenant_id","session_id"],"sessions",["tenant_id","id"],n=>n.onDelete("cascade")).execute(),await h.sql`INSERT INTO refresh_tokens
+      FROM login_sessions_backup`.execute(e),await i.sql`DROP TABLE sessions_backup`.execute(e),await i.sql`DROP TABLE login_sessions_backup`.execute(e),await i.sql`DROP TABLE refresh_tokens_backup`.execute(e)})}async function Ku(e){await e.transaction().execute(async e=>{for(let t of[`sessions_backup`,`login_sessions_backup`,`refresh_tokens_backup`])try{await i.sql`DROP TABLE IF EXISTS ${i.sql.raw(t)}`.execute(e)}catch(e){console.warn(`Failed to drop backup table ${t}:`,e)}await i.sql`CREATE TABLE sessions_backup AS SELECT * FROM sessions`.execute(e),await i.sql`CREATE TABLE login_sessions_backup AS SELECT * FROM login_sessions`.execute(e),await i.sql`CREATE TABLE refresh_tokens_backup AS SELECT * FROM refresh_tokens`.execute(e),await i.sql`DROP TABLE sessions`.execute(e),await i.sql`DROP TABLE login_sessions`.execute(e),await i.sql`DROP TABLE refresh_tokens`.execute(e),await e.schema.createTable(`refresh_tokens`).addColumn(`id`,`varchar(21)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`client_id`,`varchar(191)`,e=>e.notNull()).addColumn(`session_id`,`varchar(21)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`resource_servers`,`text`,e=>e.notNull()).addColumn(`device`,`text`,e=>e.notNull()).addColumn(`rotating`,`boolean`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`last_exchanged_at`,`varchar(35)`).addPrimaryKeyConstraint(`refresh_tokens_pk`,[`tenant_id`,`id`]).addForeignKeyConstraint(`refresh_tokens_client_fk`,[`tenant_id`,`client_id`],`clients`,[`tenant_id`,`client_id`],e=>e.onDelete(`cascade`)).execute(),await e.schema.createTable(`sessions`).addColumn(`id`,`varchar(21)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`authenticated_at`,`varchar(35)`).addColumn(`last_interaction_at`,`varchar(35)`).addColumn(`used_at`,`varchar(35)`).addColumn(`revoked_at`,`varchar(35)`).addColumn(`device`,`text`,e=>e.notNull()).addColumn(`clients`,`text`,e=>e.notNull()).addColumn(`login_session_id`,`varchar(21)`).addPrimaryKeyConstraint(`sessions_pk`,[`tenant_id`,`id`]).addForeignKeyConstraint(`sessions_user_fk`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).execute(),await e.schema.createTable(`login_sessions`).addColumn(`id`,`varchar(21)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`session_id`,`varchar(21)`).addColumn(`csrf_token`,`varchar(21)`,e=>e.notNull()).addColumn(`authParams_client_id`,`varchar(191)`,e=>e.notNull()).addColumn(`authParams_vendor_id`,`varchar(255)`).addColumn(`authParams_username`,`varchar(255)`).addColumn(`authParams_response_type`,`varchar(255)`).addColumn(`authParams_response_mode`,`varchar(255)`).addColumn(`authParams_audience`,`varchar(255)`).addColumn(`authParams_scope`,`text`).addColumn(`authParams_state`,`text`).addColumn(`authParams_nonce`,`varchar(255)`).addColumn(`authParams_code_challenge_method`,`varchar(255)`).addColumn(`authParams_code_challenge`,`varchar(255)`).addColumn(`authParams_redirect_uri`,`text`).addColumn(`authParams_organization`,`varchar(255)`).addColumn(`authParams_prompt`,`varchar(32)`).addColumn(`authParams_act_as`,`varchar(256)`).addColumn(`authParams_ui_locales`,`varchar(32)`).addColumn(`authorization_url`,`text`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`,e=>e.notNull()).addColumn(`ip`,`varchar(39)`).addColumn(`useragent`,`text`).addColumn(`auth0Client`,`varchar(255)`).addColumn(`login_completed`,`integer`,e=>e.defaultTo(0)).addPrimaryKeyConstraint(`login_sessions_pk`,[`tenant_id`,`id`]).addForeignKeyConstraint(`login_sessions_client_fk`,[`tenant_id`,`authParams_client_id`],`clients`,[`tenant_id`,`client_id`],e=>e.onDelete(`cascade`)).addForeignKeyConstraint(`login_sessions_session_fk`,[`tenant_id`,`session_id`],`sessions`,[`tenant_id`,`id`],e=>e.onDelete(`cascade`)).execute(),await i.sql`INSERT INTO refresh_tokens
       SELECT id, tenant_id, client_id, session_id, user_id, resource_servers, device, rotating,
              created_at, expires_at, idle_expires_at, last_exchanged_at
-      FROM refresh_tokens_backup`.execute(t),await h.sql`INSERT INTO sessions
+      FROM refresh_tokens_backup`.execute(e),await i.sql`INSERT INTO sessions
       SELECT id, tenant_id, user_id, created_at, updated_at, expires_at, idle_expires_at,
              authenticated_at, last_interaction_at, used_at, revoked_at, device, clients, login_session_id
-      FROM sessions_backup`.execute(t),await h.sql`INSERT INTO login_sessions
+      FROM sessions_backup`.execute(e),await i.sql`INSERT INTO login_sessions
       SELECT id, tenant_id, session_id, csrf_token, authParams_client_id, authParams_vendor_id, authParams_username,
              authParams_response_type, authParams_response_mode, authParams_audience, authParams_scope, authParams_state,
              authParams_nonce, authParams_code_challenge_method, authParams_code_challenge, authParams_redirect_uri,
              authParams_organization, authParams_prompt, authParams_act_as, authParams_ui_locales, authorization_url,
              created_at, updated_at, expires_at, ip, useragent, auth0Client, login_completed
-      FROM login_sessions_backup`.execute(t),await h.sql`DROP TABLE sessions_backup`.execute(t),await h.sql`DROP TABLE login_sessions_backup`.execute(t),await h.sql`DROP TABLE refresh_tokens_backup`.execute(t)})}async function lu(e){await Me(e)==="mysql"?await du(e):await uu(e)}async function du(e){await e.transaction().execute(async t=>{await h.sql`ALTER TABLE refresh_tokens DROP FOREIGN KEY refresh_tokens_client_fk`.execute(t),await h.sql`ALTER TABLE login_sessions DROP FOREIGN KEY login_sessions_client_fk`.execute(t),await h.sql`ALTER TABLE refresh_tokens DROP PRIMARY KEY`.execute(t),await h.sql`ALTER TABLE refresh_tokens ADD PRIMARY KEY (id)`.execute(t),await h.sql`ALTER TABLE sessions DROP PRIMARY KEY`.execute(t),await h.sql`ALTER TABLE sessions ADD PRIMARY KEY (id)`.execute(t),await h.sql`ALTER TABLE login_sessions DROP PRIMARY KEY`.execute(t),await h.sql`ALTER TABLE login_sessions ADD PRIMARY KEY (id)`.execute(t),await h.sql`ALTER TABLE refresh_tokens
+      FROM login_sessions_backup`.execute(e),await i.sql`DROP TABLE sessions_backup`.execute(e),await i.sql`DROP TABLE login_sessions_backup`.execute(e),await i.sql`DROP TABLE refresh_tokens_backup`.execute(e)})}async function qu(e){await Uu(e)===`mysql`?await Ju(e):await Yu(e)}async function Ju(e){await e.transaction().execute(async e=>{await i.sql`ALTER TABLE refresh_tokens DROP FOREIGN KEY refresh_tokens_client_fk`.execute(e),await i.sql`ALTER TABLE login_sessions DROP FOREIGN KEY login_sessions_client_fk`.execute(e),await i.sql`ALTER TABLE refresh_tokens DROP PRIMARY KEY`.execute(e),await i.sql`ALTER TABLE refresh_tokens ADD PRIMARY KEY (id)`.execute(e),await i.sql`ALTER TABLE sessions DROP PRIMARY KEY`.execute(e),await i.sql`ALTER TABLE sessions ADD PRIMARY KEY (id)`.execute(e),await i.sql`ALTER TABLE login_sessions DROP PRIMARY KEY`.execute(e),await i.sql`ALTER TABLE login_sessions ADD PRIMARY KEY (id)`.execute(e),await i.sql`ALTER TABLE refresh_tokens
       ADD CONSTRAINT refresh_tokens_application_fk
-      FOREIGN KEY (client_id) REFERENCES applications(id) ON DELETE CASCADE`.execute(t),await h.sql`ALTER TABLE login_sessions
+      FOREIGN KEY (client_id) REFERENCES applications(id) ON DELETE CASCADE`.execute(e),await i.sql`ALTER TABLE login_sessions
       ADD CONSTRAINT login_sessions_application_fk
-      FOREIGN KEY (authParams_client_id) REFERENCES applications(id) ON DELETE CASCADE`.execute(t)})}async function uu(e){await e.transaction().execute(async t=>{await h.sql`CREATE TABLE refresh_tokens_temp AS SELECT * FROM refresh_tokens`.execute(t),await h.sql`DROP TABLE refresh_tokens`.execute(t),await t.schema.createTable("refresh_tokens").addColumn("id","varchar(21)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("client_id","varchar(21)",a=>a.references("applications.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)",a=>a.notNull()).addColumn("user_id","varchar(255)").addColumn("resource_servers","varchar(255)",a=>a.notNull()).addColumn("device","varchar(255)",a=>a.notNull()).addColumn("rotating","boolean",a=>a.notNull()).addColumn("created_at","varchar(35)",a=>a.notNull()).addColumn("expires_at","varchar(35)").addColumn("idle_expires_at","varchar(35)").addColumn("last_exchanged_at","varchar(35)").execute(),await h.sql`INSERT INTO refresh_tokens
+      FOREIGN KEY (authParams_client_id) REFERENCES applications(id) ON DELETE CASCADE`.execute(e)})}async function Yu(e){await e.transaction().execute(async e=>{await i.sql`CREATE TABLE refresh_tokens_temp AS SELECT * FROM refresh_tokens`.execute(e),await i.sql`DROP TABLE refresh_tokens`.execute(e),await e.schema.createTable(`refresh_tokens`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`client_id`,`varchar(21)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).addColumn(`session_id`,`varchar(21)`,e=>e.notNull()).addColumn(`user_id`,`varchar(255)`).addColumn(`resource_servers`,`varchar(255)`,e=>e.notNull()).addColumn(`device`,`varchar(255)`,e=>e.notNull()).addColumn(`rotating`,`boolean`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`).addColumn(`idle_expires_at`,`varchar(35)`).addColumn(`last_exchanged_at`,`varchar(35)`).execute(),await i.sql`INSERT INTO refresh_tokens
       SELECT id, tenant_id, client_id, session_id, user_id, resource_servers, device, rotating,
              created_at, expires_at, idle_expires_at, last_exchanged_at
-      FROM refresh_tokens_temp`.execute(t),await h.sql`DROP TABLE refresh_tokens_temp`.execute(t),await h.sql`CREATE TABLE login_sessions_temp AS SELECT * FROM login_sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await t.schema.createTable("login_sessions").addColumn("id","varchar(21)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(21)").addColumn("csrf_token","varchar(21)",a=>a.notNull()).addColumn("authParams_client_id","varchar(191)",a=>a.references("applications.id").onDelete("cascade").notNull()).execute(),await h.sql`INSERT INTO login_sessions (id, tenant_id, session_id, csrf_token, authParams_client_id)
+      FROM refresh_tokens_temp`.execute(e),await i.sql`DROP TABLE refresh_tokens_temp`.execute(e),await i.sql`CREATE TABLE login_sessions_temp AS SELECT * FROM login_sessions`.execute(e),await i.sql`DROP TABLE login_sessions`.execute(e),await e.schema.createTable(`login_sessions`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`session_id`,`varchar(21)`).addColumn(`csrf_token`,`varchar(21)`,e=>e.notNull()).addColumn(`authParams_client_id`,`varchar(191)`,e=>e.references(`applications.id`).onDelete(`cascade`).notNull()).execute(),await i.sql`INSERT INTO login_sessions (id, tenant_id, session_id, csrf_token, authParams_client_id)
       SELECT id, tenant_id, session_id, csrf_token, authParams_client_id
-      FROM login_sessions_temp`.execute(t),await h.sql`DROP TABLE login_sessions_temp`.execute(t)})}const _u=Object.freeze(Object.defineProperty({__proto__:null,down:lu,up:su},Symbol.toStringTag,{value:"Module"}));async function mu(e){await e.schema.createTable("client_grants").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull().references("tenants.id").onDelete("cascade")).addColumn("client_id","varchar(191)",t=>t.notNull()).addColumn("audience","varchar(191)",t=>t.notNull()).addColumn("scope","text",t=>t.defaultTo("[]")).addColumn("organization_usage","varchar(32)").addColumn("allow_any_organization","integer",t=>t.defaultTo(0)).addColumn("is_system","integer",t=>t.defaultTo(0)).addColumn("subject_type","varchar(32)").addColumn("authorization_details_types","text",t=>t.defaultTo("[]")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("pk_client_grants",["tenant_id","id"]).addForeignKeyConstraint("fk_client_grants_clients",["tenant_id","client_id"],"clients",["tenant_id","client_id"],t=>t.onDelete("cascade")).execute(),await e.schema.createIndex("uq_client_grants_tenant_client_audience").on("client_grants").columns(["tenant_id","client_id","audience"]).unique().execute(),await e.schema.createIndex("idx_client_grants_audience").on("client_grants").columns(["audience"]).execute()}async function hu(e){await e.schema.dropTable("client_grants").execute()}const pu=Object.freeze(Object.defineProperty({__proto__:null,down:hu,up:mu},Symbol.toStringTag,{value:"Module"}));async function fu(e){await e.schema.dropTable("applications").execute()}async function gu(e){await e.schema.createTable("applications").addColumn("id","varchar(21)",t=>t.notNull()).addColumn("tenant_id","varchar(191)",t=>t.notNull().references("tenants.id").onDelete("cascade")).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("client_secret","varchar(255)").addColumn("callbacks","text",t=>t.defaultTo("[]")).addColumn("allowed_origins","text",t=>t.defaultTo("[]")).addColumn("web_origins","text",t=>t.defaultTo("[]")).addColumn("allowed_logout_urls","text",t=>t.defaultTo("[]")).addColumn("allowed_clients","text",t=>t.defaultTo("[]")).addColumn("disable_sign_ups","integer",t=>t.defaultTo(0)).addColumn("addons","text",t=>t.defaultTo("{}")).addColumn("client_metadata","text",t=>t.defaultTo("{}")).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("pk_applications",["tenant_id","id"]).execute(),await e.schema.createIndex("idx_applications_tenant_id").on("applications").columns(["tenant_id"]).execute()}const wu=Object.freeze(Object.defineProperty({__proto__:null,down:gu,up:fu},Symbol.toStringTag,{value:"Module"}));async function yu(e){await e.schema.createIndex("users_phone_tenant_provider_index").on("users").columns(["tenant_id","phone_number","provider"]).execute()}async function vu(e){await e.schema.dropIndex("users_phone_tenant_provider_index").execute()}const Cu=Object.freeze(Object.defineProperty({__proto__:null,down:vu,up:yu},Symbol.toStringTag,{value:"Module"}));async function xu(e){await e.schema.createIndex("login_sessions_id_index").on("login_sessions").column("id").execute()}async function Tu(e){await e.schema.dropIndex("login_sessions_id_index").execute()}const bu=Object.freeze(Object.defineProperty({__proto__:null,down:Tu,up:xu},Symbol.toStringTag,{value:"Module"}));async function Nu(e){await e.schema.createIndex("connections_tenant_id_index").on("connections").column("tenant_id").execute()}async function Su(e){await e.schema.dropIndex("connections_tenant_id_index").execute()}const Ou=Object.freeze(Object.defineProperty({__proto__:null,down:Su,up:Nu},Symbol.toStringTag,{value:"Module"}));async function ku(e){await e.schema.dropIndex("idx_user_organizations_tenant_id").execute()}async function $u(e){await e.schema.createIndex("idx_user_organizations_tenant_id").on("user_organizations").column("tenant_id").execute()}const Eu=Object.freeze(Object.defineProperty({__proto__:null,down:$u,up:ku},Symbol.toStringTag,{value:"Module"}));async function Iu(e){await e.schema.createTable("tenant_settings").addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull().primaryKey()).addColumn("idle_session_lifetime","integer").addColumn("session_lifetime","integer").addColumn("session_cookie","text").addColumn("enable_client_connections","integer").addColumn("default_redirection_uri","text").addColumn("enabled_locales","text").addColumn("default_directory","varchar(255)").addColumn("error_page","text").addColumn("flags","text").addColumn("friendly_name","varchar(255)").addColumn("picture_url","text").addColumn("support_email","varchar(255)").addColumn("support_url","text").addColumn("sandbox_version","varchar(50)").addColumn("sandbox_versions_available","text").addColumn("change_password","text").addColumn("guardian_mfa_page","text").addColumn("default_audience","varchar(255)").addColumn("default_organization","varchar(255)").addColumn("sessions","text").execute()}async function Pu(e){await e.schema.dropTable("tenant_settings").execute()}const zu=Object.freeze(Object.defineProperty({__proto__:null,down:Pu,up:Iu},Symbol.toStringTag,{value:"Module"}));async function Du(e){if(await e.schema.alterTable("tenants").addColumn("idle_session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("session_cookie","text").execute(),await e.schema.alterTable("tenants").addColumn("allowed_logout_urls","text").execute(),await e.schema.alterTable("tenants").addColumn("ephemeral_session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("idle_ephemeral_session_lifetime","integer").execute(),await e.schema.alterTable("tenants").addColumn("default_redirection_uri","text").execute(),await e.schema.alterTable("tenants").addColumn("enabled_locales","text").execute(),await e.schema.alterTable("tenants").addColumn("default_directory","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("error_page","text").execute(),await e.schema.alterTable("tenants").addColumn("flags","text").execute(),await e.schema.alterTable("tenants").addColumn("friendly_name","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("picture_url","text").execute(),await e.schema.alterTable("tenants").addColumn("support_email","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("sandbox_version","varchar(50)").execute(),await e.schema.alterTable("tenants").addColumn("sandbox_versions_available","text").execute(),await e.schema.alterTable("tenants").addColumn("legacy_sandbox_version","varchar(50)").execute(),await e.schema.alterTable("tenants").addColumn("change_password","text").execute(),await e.schema.alterTable("tenants").addColumn("guardian_mfa_page","text").execute(),await e.schema.alterTable("tenants").addColumn("device_flow","text").execute(),await e.schema.alterTable("tenants").addColumn("default_token_quota","text").execute(),await e.schema.alterTable("tenants").addColumn("default_audience","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("default_organization","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("sessions","text").execute(),await e.schema.alterTable("tenants").addColumn("oidc_logout","text").execute(),await e.schema.alterTable("tenants").addColumn("allow_organization_name_in_authentication_api","integer").execute(),await e.schema.alterTable("tenants").addColumn("customize_mfa_in_postlogin_action","integer").execute(),await e.schema.alterTable("tenants").addColumn("acr_values_supported","text").execute(),await e.schema.alterTable("tenants").addColumn("mtls","text").execute(),await e.schema.alterTable("tenants").addColumn("pushed_authorization_requests_supported","integer").execute(),await e.schema.alterTable("tenants").addColumn("authorization_response_iss_parameter_supported","integer").execute(),await e.updateTable("tenants").set({friendly_name:h.sql`name`}).execute(),await e.schema.alterTable("tenants").dropColumn("language").execute(),await e.schema.alterTable("tenants").dropColumn("logo").execute(),await e.schema.alterTable("tenants").dropColumn("primary_color").execute(),await e.schema.alterTable("tenants").dropColumn("secondary_color").execute(),await e.schema.alterTable("tenants").dropColumn("name").execute(),(await e.selectFrom("tenant_settings").select("tenant_id").limit(1).execute()).length>0){const a=await e.selectFrom("tenant_settings").selectAll().execute();for(const n of a)await e.updateTable("tenants").set({idle_session_lifetime:n.idle_session_lifetime,session_lifetime:n.session_lifetime,session_cookie:n.session_cookie,enable_client_connections:n.enable_client_connections,default_redirection_uri:n.default_redirection_uri,enabled_locales:n.enabled_locales,default_directory:n.default_directory,error_page:n.error_page,flags:n.flags,friendly_name:n.friendly_name,picture_url:n.picture_url,support_email:n.support_email,support_url:n.support_url,sandbox_version:n.sandbox_version,sandbox_versions_available:n.sandbox_versions_available,change_password:n.change_password,guardian_mfa_page:n.guardian_mfa_page,default_audience:n.default_audience,default_organization:n.default_organization,sessions:n.sessions}).where("id","=",n.tenant_id).execute()}await e.schema.dropTable("tenant_settings").execute()}async function Au(e){await e.schema.createTable("tenant_settings").addColumn("tenant_id","varchar(191)",a=>a.references("tenants.id").onDelete("cascade").notNull().primaryKey()).addColumn("idle_session_lifetime","integer").addColumn("session_lifetime","integer").addColumn("session_cookie","text").addColumn("enable_client_connections","integer").addColumn("default_redirection_uri","text").addColumn("enabled_locales","text").addColumn("default_directory","varchar(255)").addColumn("error_page","text").addColumn("flags","text").addColumn("friendly_name","varchar(255)").addColumn("picture_url","text").addColumn("support_email","varchar(255)").addColumn("support_url","text").addColumn("sandbox_version","varchar(50)").addColumn("sandbox_versions_available","text").addColumn("change_password","text").addColumn("guardian_mfa_page","text").addColumn("default_audience","varchar(255)").addColumn("default_organization","varchar(255)").addColumn("sessions","text").execute();const t=await e.selectFrom("tenants").select(["id","idle_session_lifetime","session_lifetime","session_cookie","enable_client_connections","default_redirection_uri","enabled_locales","default_directory","error_page","flags","friendly_name","picture_url","support_email","support_url","sandbox_version","sandbox_versions_available","change_password","guardian_mfa_page","default_audience","default_organization","sessions"]).execute();for(const a of t)(a.idle_session_lifetime!==null||a.session_lifetime!==null||a.session_cookie!==null||a.enable_client_connections!==null||a.default_redirection_uri!==null||a.enabled_locales!==null||a.default_directory!==null||a.error_page!==null||a.flags!==null||a.friendly_name!==null||a.picture_url!==null||a.support_email!==null||a.support_url!==null||a.sandbox_version!==null||a.sandbox_versions_available!==null||a.change_password!==null||a.guardian_mfa_page!==null||a.default_audience!==null||a.default_organization!==null||a.sessions!==null)&&await e.insertInto("tenant_settings").values({tenant_id:a.id,idle_session_lifetime:a.idle_session_lifetime,session_lifetime:a.session_lifetime,session_cookie:a.session_cookie,enable_client_connections:a.enable_client_connections,default_redirection_uri:a.default_redirection_uri,enabled_locales:a.enabled_locales,default_directory:a.default_directory,error_page:a.error_page,flags:a.flags,friendly_name:a.friendly_name,picture_url:a.picture_url,support_email:a.support_email,support_url:a.support_url,sandbox_version:a.sandbox_version,sandbox_versions_available:a.sandbox_versions_available,change_password:a.change_password,guardian_mfa_page:a.guardian_mfa_page,default_audience:a.default_audience,default_organization:a.default_organization,sessions:a.sessions}).execute();await e.schema.alterTable("tenants").dropColumn("idle_session_lifetime").dropColumn("session_lifetime").dropColumn("session_cookie").dropColumn("enable_client_connections").dropColumn("default_redirection_uri").dropColumn("enabled_locales").dropColumn("default_directory").dropColumn("error_page").dropColumn("flags").dropColumn("friendly_name").dropColumn("picture_url").dropColumn("support_email").dropColumn("sandbox_version").dropColumn("sandbox_versions_available").dropColumn("change_password").dropColumn("guardian_mfa_page").dropColumn("default_audience").dropColumn("default_organization").dropColumn("sessions").execute(),await e.schema.alterTable("tenants").addColumn("name","varchar(255)").execute(),await e.updateTable("tenants").set({name:h.sql`COALESCE(friendly_name, id)`}).execute(),await e.schema.alterTable("tenants").addColumn("language","varchar(255)").execute(),await e.schema.alterTable("tenants").addColumn("logo","text").execute(),await e.schema.alterTable("tenants").addColumn("primary_color","varchar(50)").execute(),await e.schema.alterTable("tenants").addColumn("secondary_color","varchar(50)").execute()}const Fu=Object.freeze(Object.defineProperty({__proto__:null,down:Au,up:Du},Symbol.toStringTag,{value:"Module"}));async function ju(e){await e.schema.createTable("invites").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull()).addColumn("inviter","text",t=>t.notNull()).addColumn("invitee","text",t=>t.notNull()).addColumn("client_id","varchar(191)",t=>t.notNull()).addColumn("connection_id","varchar(21)").addColumn("invitation_url","text",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("expires_at","varchar(35)",t=>t.notNull()).addColumn("app_metadata","text").addColumn("user_metadata","text").addColumn("roles","text").addColumn("ticket_id","varchar(191)").addColumn("ttl_sec","integer").addColumn("send_invitation_email","integer").execute(),await e.schema.createIndex("idx_invites_tenant_id").on("invites").column("tenant_id").execute(),await e.schema.createIndex("idx_invites_organization_id").on("invites").column("organization_id").execute(),await e.schema.createIndex("idx_invites_expires_at").on("invites").column("expires_at").execute(),await e.schema.createIndex("idx_invites_tenant_created").on("invites").columns(["tenant_id","created_at"]).execute()}async function Ru(e){await e.schema.dropTable("invites").execute()}const qu=Object.freeze(Object.defineProperty({__proto__:null,down:Ru,up:ju},Symbol.toStringTag,{value:"Module"}));async function Mu(e){await e.schema.dropTable("logs").ifExists().execute(),await e.schema.createTable("logs").addColumn("log_id","varchar(21)",t=>t.primaryKey().notNull()).addColumn("category","varchar(255)").addColumn("tenant_id","varchar(64)").addColumn("user_id","varchar(64)").addColumn("ip","varchar(255)").addColumn("type","varchar(8)",t=>t.notNull()).addColumn("date","varchar(25)",t=>t.notNull()).addColumn("client_id","varchar(255)").addColumn("client_name","varchar(255)").addColumn("user_agent","varchar(255)").addColumn("description","varchar(255)").addColumn("details","varchar(2048)").addColumn("isMobile","integer").addColumn("user_name","varchar(255)").addColumn("connection","varchar(255)").addColumn("connection_id","varchar(255)").addColumn("audience","varchar(255)").addColumn("scope","varchar(255)").addColumn("strategy","varchar(255)").addColumn("strategy_type","varchar(255)").addColumn("hostname","varchar(255)").addColumn("auth0_client","varchar(8192)").addColumn("session_connection","varchar(255)").execute()}async function Ju(e){await e.schema.dropTable("logs").ifExists().execute(),await e.schema.createTable("logs").addColumn("id","varchar(255)",t=>t.primaryKey().notNull()).addColumn("category","varchar(255)",t=>t.notNull()).addColumn("tenant_id","varchar(64)").addColumn("user_id","varchar(64)").addColumn("ip","varchar(255)").addColumn("type","varchar(8)",t=>t.notNull()).addColumn("date","varchar(25)",t=>t.notNull()).addColumn("client_id","varchar(255)").addColumn("client_name","varchar(255)").addColumn("user_agent","varchar(255)").addColumn("description","varchar(255)").addColumn("details","varchar(2048)").execute()}const Lu=Object.freeze(Object.defineProperty({__proto__:null,down:Ju,up:Mu},Symbol.toStringTag,{value:"Module"}));async function Uu(e){await e.schema.alterTable("logs").addColumn("country_code","varchar(2)").execute(),await e.schema.alterTable("logs").addColumn("city_name","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("latitude","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("longitude","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("time_zone","varchar(255)").execute(),await e.schema.alterTable("logs").addColumn("continent_code","varchar(2)").execute()}async function Ku(e){await e.schema.alterTable("logs").dropColumn("country_code").execute(),await e.schema.alterTable("logs").dropColumn("city_name").execute(),await e.schema.alterTable("logs").dropColumn("latitude").execute(),await e.schema.alterTable("logs").dropColumn("longitude").execute(),await e.schema.alterTable("logs").dropColumn("time_zone").execute(),await e.schema.alterTable("logs").dropColumn("continent_code").execute()}const Bu=Object.freeze(Object.defineProperty({__proto__:null,down:Ku,up:Uu},Symbol.toStringTag,{value:"Module"})),L=1e3;async function Qu(e){await e.schema.createTable("password_history").addColumn("id","varchar(21)",n=>n.primaryKey()).addColumn("user_id","varchar(191)",n=>n.notNull()).addColumn("tenant_id","varchar(191)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("password","varchar(255)",n=>n.notNull()).addColumn("algorithm","varchar(255)",n=>n.notNull().defaultTo("bcrypt")).addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addColumn("is_current","integer",n=>n.notNull().defaultTo(1)).addForeignKeyConstraint("password_history_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],n=>n.onDelete("cascade")).execute();let t=0,a=!0;for(;a;){const n=await e.selectFrom("passwords").select(["user_id","tenant_id","password","algorithm","created_at","updated_at"]).limit(L).offset(t).execute();if(n.length===0){a=!1;break}for(const o of n)await e.insertInto("password_history").values({id:k.nanoid(),user_id:o.user_id,tenant_id:o.tenant_id,password:o.password,algorithm:o.algorithm??"bcrypt",created_at:o.created_at,updated_at:o.updated_at??o.created_at,is_current:1}).execute();t+=L,n.length<L&&(a=!1)}await e.schema.alterTable("passwords").renameTo("passwords_backup").execute(),await e.schema.alterTable("password_history").renameTo("passwords").execute()}async function Wu(e){await e.schema.alterTable("passwords").renameTo("password_history").execute();try{await e.schema.alterTable("passwords_backup").renameTo("passwords").execute()}catch{await e.schema.createTable("passwords").addColumn("user_id","varchar(255)",n=>n.notNull()).addColumn("tenant_id","varchar(255)",n=>n.references("tenants.id").onDelete("cascade").notNull()).addColumn("password","varchar(255)",n=>n.notNull()).addColumn("algorithm","varchar(255)",n=>n.notNull().defaultTo("bcrypt")).addColumn("created_at","varchar(35)",n=>n.notNull()).addColumn("updated_at","varchar(35)",n=>n.notNull()).addPrimaryKeyConstraint("passwords_pkey",["user_id","tenant_id"]).addForeignKeyConstraint("passwords_user_id_tenant_id_constraint",["user_id","tenant_id"],"users",["user_id","tenant_id"],n=>n.onDelete("cascade")).execute();let t=0,a=!0;for(;a;){const n=await e.selectFrom("password_history").select(["user_id","tenant_id","password","algorithm","created_at","updated_at"]).where("is_current","=",1).limit(L).offset(t).execute();if(n.length===0){a=!1;break}for(const o of n)await e.insertInto("passwords").values({user_id:o.user_id,tenant_id:o.tenant_id,password:o.password,algorithm:o.algorithm,created_at:o.created_at,updated_at:o.updated_at}).execute();t+=L,n.length<L&&(a=!1)}}await e.schema.dropTable("password_history").execute()}const Hu=Object.freeze(Object.defineProperty({__proto__:null,down:Wu,up:Qu},Symbol.toStringTag,{value:"Module"}));async function Yu(e){await e.schema.alterTable("connections").addColumn("display_name","varchar(255)").execute(),await e.schema.alterTable("connections").addColumn("is_domain_connection","integer").execute(),await e.schema.alterTable("connections").addColumn("show_as_button","integer").execute(),await e.schema.alterTable("connections").addColumn("metadata","varchar(4096)").execute()}async function Gu(e){await e.schema.alterTable("connections").dropColumn("display_name").execute(),await e.schema.alterTable("connections").dropColumn("is_domain_connection").execute(),await e.schema.alterTable("connections").dropColumn("show_as_button").execute(),await e.schema.alterTable("connections").dropColumn("metadata").execute()}const Vu=Object.freeze(Object.defineProperty({__proto__:null,down:Gu,up:Yu},Symbol.toStringTag,{value:"Module"}));async function Xu(e){await e.schema.alterTable("clients").addColumn("connections","text",t=>t.notNull().defaultTo("[]")).execute()}async function Zu(e){await e.schema.alterTable("clients").dropColumn("connections").execute()}const e_=Object.freeze(Object.defineProperty({__proto__:null,down:Zu,up:Xu},Symbol.toStringTag,{value:"Module"}));async function t_(e){await e.schema.createTable("flows").addColumn("id","varchar(24)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(150)",t=>t.notNull()).addColumn("actions","text").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.createIndex("flows_tenant_id_idx").on("flows").column("tenant_id").execute(),await e.schema.dropTable("passwords_backup").execute()}async function a_(e){await e.schema.dropTable("flows").execute()}const n_=Object.freeze(Object.defineProperty({__proto__:null,down:a_,up:t_},Symbol.toStringTag,{value:"Module"}));async function o_(e){await e.schema.alterTable("resource_servers").addColumn("is_system","integer",t=>t.defaultTo(0).notNull()).execute(),await e.schema.alterTable("roles").addColumn("is_system","integer",t=>t.defaultTo(0).notNull()).execute(),await e.schema.alterTable("connections").addColumn("is_system","integer",t=>t.defaultTo(0).notNull()).execute()}async function r_(e){await e.schema.alterTable("resource_servers").dropColumn("is_system").execute(),await e.schema.alterTable("roles").dropColumn("is_system").execute(),await e.schema.alterTable("connections").dropColumn("is_system").execute()}const s_=Object.freeze(Object.defineProperty({__proto__:null,down:r_,up:o_},Symbol.toStringTag,{value:"Module"}));async function i_(e){const t=await e.selectFrom("keys").selectAll().execute();await e.schema.dropTable("keys").execute(),await h.sql`ALTER TABLE connections RENAME TO connections_old`.execute(e),await e.schema.createTable("connections").addColumn("id","varchar(255)",a=>a.notNull()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",a=>a.notNull()).addColumn("response_type","varchar(255)").addColumn("response_mode","varchar(255)").addColumn("strategy","varchar(64)").addColumn("options","varchar(8192)",a=>a.defaultTo("{}").notNull()).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("updated_at","varchar(255)",a=>a.notNull()).addColumn("display_name","varchar(255)").addColumn("is_domain_connection","integer").addColumn("show_as_button","integer").addColumn("metadata","varchar(4096)").addColumn("is_system","integer",a=>a.defaultTo(0).notNull()).addPrimaryKeyConstraint("connections_pkey",["tenant_id","id"]).execute(),await h.sql`
+      FROM login_sessions_temp`.execute(e),await i.sql`DROP TABLE login_sessions_temp`.execute(e)})}var Xu=t({down:()=>Qu,up:()=>Zu});async function Zu(e){await e.schema.createTable(`client_grants`).addColumn(`id`,`varchar(21)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull().references(`tenants.id`).onDelete(`cascade`)).addColumn(`client_id`,`varchar(191)`,e=>e.notNull()).addColumn(`audience`,`varchar(191)`,e=>e.notNull()).addColumn(`scope`,`text`,e=>e.defaultTo(`[]`)).addColumn(`organization_usage`,`varchar(32)`).addColumn(`allow_any_organization`,`integer`,e=>e.defaultTo(0)).addColumn(`is_system`,`integer`,e=>e.defaultTo(0)).addColumn(`subject_type`,`varchar(32)`).addColumn(`authorization_details_types`,`text`,e=>e.defaultTo(`[]`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`pk_client_grants`,[`tenant_id`,`id`]).addForeignKeyConstraint(`fk_client_grants_clients`,[`tenant_id`,`client_id`],`clients`,[`tenant_id`,`client_id`],e=>e.onDelete(`cascade`)).execute(),await e.schema.createIndex(`uq_client_grants_tenant_client_audience`).on(`client_grants`).columns([`tenant_id`,`client_id`,`audience`]).unique().execute(),await e.schema.createIndex(`idx_client_grants_audience`).on(`client_grants`).columns([`audience`]).execute()}async function Qu(e){await e.schema.dropTable(`client_grants`).execute()}var $u=t({down:()=>td,up:()=>ed});async function ed(e){await e.schema.dropTable(`applications`).execute()}async function td(e){await e.schema.createTable(`applications`).addColumn(`id`,`varchar(21)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull().references(`tenants.id`).onDelete(`cascade`)).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`client_secret`,`varchar(255)`).addColumn(`callbacks`,`text`,e=>e.defaultTo(`[]`)).addColumn(`allowed_origins`,`text`,e=>e.defaultTo(`[]`)).addColumn(`web_origins`,`text`,e=>e.defaultTo(`[]`)).addColumn(`allowed_logout_urls`,`text`,e=>e.defaultTo(`[]`)).addColumn(`allowed_clients`,`text`,e=>e.defaultTo(`[]`)).addColumn(`disable_sign_ups`,`integer`,e=>e.defaultTo(0)).addColumn(`addons`,`text`,e=>e.defaultTo(`{}`)).addColumn(`client_metadata`,`text`,e=>e.defaultTo(`{}`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`pk_applications`,[`tenant_id`,`id`]).execute(),await e.schema.createIndex(`idx_applications_tenant_id`).on(`applications`).columns([`tenant_id`]).execute()}var nd=t({down:()=>id,up:()=>rd});async function rd(e){await e.schema.createIndex(`users_phone_tenant_provider_index`).on(`users`).columns([`tenant_id`,`phone_number`,`provider`]).execute()}async function id(e){await e.schema.dropIndex(`users_phone_tenant_provider_index`).execute()}var ad=t({down:()=>sd,up:()=>od});async function od(e){await e.schema.createIndex(`login_sessions_id_index`).on(`login_sessions`).column(`id`).execute()}async function sd(e){await e.schema.dropIndex(`login_sessions_id_index`).execute()}var cd=t({down:()=>ud,up:()=>ld});async function ld(e){await e.schema.createIndex(`connections_tenant_id_index`).on(`connections`).column(`tenant_id`).execute()}async function ud(e){await e.schema.dropIndex(`connections_tenant_id_index`).execute()}var dd=t({down:()=>pd,up:()=>fd});async function fd(e){await e.schema.dropIndex(`idx_user_organizations_tenant_id`).execute()}async function pd(e){await e.schema.createIndex(`idx_user_organizations_tenant_id`).on(`user_organizations`).column(`tenant_id`).execute()}var md=t({down:()=>gd,up:()=>hd});async function hd(e){await e.schema.createTable(`tenant_settings`).addColumn(`tenant_id`,`varchar(191)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull().primaryKey()).addColumn(`idle_session_lifetime`,`integer`).addColumn(`session_lifetime`,`integer`).addColumn(`session_cookie`,`text`).addColumn(`enable_client_connections`,`integer`).addColumn(`default_redirection_uri`,`text`).addColumn(`enabled_locales`,`text`).addColumn(`default_directory`,`varchar(255)`).addColumn(`error_page`,`text`).addColumn(`flags`,`text`).addColumn(`friendly_name`,`varchar(255)`).addColumn(`picture_url`,`text`).addColumn(`support_email`,`varchar(255)`).addColumn(`support_url`,`text`).addColumn(`sandbox_version`,`varchar(50)`).addColumn(`sandbox_versions_available`,`text`).addColumn(`change_password`,`text`).addColumn(`guardian_mfa_page`,`text`).addColumn(`default_audience`,`varchar(255)`).addColumn(`default_organization`,`varchar(255)`).addColumn(`sessions`,`text`).execute()}async function gd(e){await e.schema.dropTable(`tenant_settings`).execute()}var _d=t({down:()=>yd,up:()=>vd});async function vd(e){if(await e.schema.alterTable(`tenants`).addColumn(`idle_session_lifetime`,`integer`).execute(),await e.schema.alterTable(`tenants`).addColumn(`session_lifetime`,`integer`).execute(),await e.schema.alterTable(`tenants`).addColumn(`session_cookie`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`allowed_logout_urls`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`ephemeral_session_lifetime`,`integer`).execute(),await e.schema.alterTable(`tenants`).addColumn(`idle_ephemeral_session_lifetime`,`integer`).execute(),await e.schema.alterTable(`tenants`).addColumn(`default_redirection_uri`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`enabled_locales`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`default_directory`,`varchar(255)`).execute(),await e.schema.alterTable(`tenants`).addColumn(`error_page`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`flags`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`friendly_name`,`varchar(255)`).execute(),await e.schema.alterTable(`tenants`).addColumn(`picture_url`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`support_email`,`varchar(255)`).execute(),await e.schema.alterTable(`tenants`).addColumn(`sandbox_version`,`varchar(50)`).execute(),await e.schema.alterTable(`tenants`).addColumn(`sandbox_versions_available`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`legacy_sandbox_version`,`varchar(50)`).execute(),await e.schema.alterTable(`tenants`).addColumn(`change_password`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`guardian_mfa_page`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`device_flow`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`default_token_quota`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`default_audience`,`varchar(255)`).execute(),await e.schema.alterTable(`tenants`).addColumn(`default_organization`,`varchar(255)`).execute(),await e.schema.alterTable(`tenants`).addColumn(`sessions`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`oidc_logout`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`allow_organization_name_in_authentication_api`,`integer`).execute(),await e.schema.alterTable(`tenants`).addColumn(`customize_mfa_in_postlogin_action`,`integer`).execute(),await e.schema.alterTable(`tenants`).addColumn(`acr_values_supported`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`mtls`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`pushed_authorization_requests_supported`,`integer`).execute(),await e.schema.alterTable(`tenants`).addColumn(`authorization_response_iss_parameter_supported`,`integer`).execute(),await e.updateTable(`tenants`).set({friendly_name:i.sql`name`}).execute(),await e.schema.alterTable(`tenants`).dropColumn(`language`).execute(),await e.schema.alterTable(`tenants`).dropColumn(`logo`).execute(),await e.schema.alterTable(`tenants`).dropColumn(`primary_color`).execute(),await e.schema.alterTable(`tenants`).dropColumn(`secondary_color`).execute(),await e.schema.alterTable(`tenants`).dropColumn(`name`).execute(),(await e.selectFrom(`tenant_settings`).select(`tenant_id`).limit(1).execute()).length>0){let t=await e.selectFrom(`tenant_settings`).selectAll().execute();for(let n of t)await e.updateTable(`tenants`).set({idle_session_lifetime:n.idle_session_lifetime,session_lifetime:n.session_lifetime,session_cookie:n.session_cookie,enable_client_connections:n.enable_client_connections,default_redirection_uri:n.default_redirection_uri,enabled_locales:n.enabled_locales,default_directory:n.default_directory,error_page:n.error_page,flags:n.flags,friendly_name:n.friendly_name,picture_url:n.picture_url,support_email:n.support_email,support_url:n.support_url,sandbox_version:n.sandbox_version,sandbox_versions_available:n.sandbox_versions_available,change_password:n.change_password,guardian_mfa_page:n.guardian_mfa_page,default_audience:n.default_audience,default_organization:n.default_organization,sessions:n.sessions}).where(`id`,`=`,n.tenant_id).execute()}await e.schema.dropTable(`tenant_settings`).execute()}async function yd(e){await e.schema.createTable(`tenant_settings`).addColumn(`tenant_id`,`varchar(191)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull().primaryKey()).addColumn(`idle_session_lifetime`,`integer`).addColumn(`session_lifetime`,`integer`).addColumn(`session_cookie`,`text`).addColumn(`enable_client_connections`,`integer`).addColumn(`default_redirection_uri`,`text`).addColumn(`enabled_locales`,`text`).addColumn(`default_directory`,`varchar(255)`).addColumn(`error_page`,`text`).addColumn(`flags`,`text`).addColumn(`friendly_name`,`varchar(255)`).addColumn(`picture_url`,`text`).addColumn(`support_email`,`varchar(255)`).addColumn(`support_url`,`text`).addColumn(`sandbox_version`,`varchar(50)`).addColumn(`sandbox_versions_available`,`text`).addColumn(`change_password`,`text`).addColumn(`guardian_mfa_page`,`text`).addColumn(`default_audience`,`varchar(255)`).addColumn(`default_organization`,`varchar(255)`).addColumn(`sessions`,`text`).execute();let t=await e.selectFrom(`tenants`).select([`id`,`idle_session_lifetime`,`session_lifetime`,`session_cookie`,`enable_client_connections`,`default_redirection_uri`,`enabled_locales`,`default_directory`,`error_page`,`flags`,`friendly_name`,`picture_url`,`support_email`,`support_url`,`sandbox_version`,`sandbox_versions_available`,`change_password`,`guardian_mfa_page`,`default_audience`,`default_organization`,`sessions`]).execute();for(let n of t)(n.idle_session_lifetime!==null||n.session_lifetime!==null||n.session_cookie!==null||n.enable_client_connections!==null||n.default_redirection_uri!==null||n.enabled_locales!==null||n.default_directory!==null||n.error_page!==null||n.flags!==null||n.friendly_name!==null||n.picture_url!==null||n.support_email!==null||n.support_url!==null||n.sandbox_version!==null||n.sandbox_versions_available!==null||n.change_password!==null||n.guardian_mfa_page!==null||n.default_audience!==null||n.default_organization!==null||n.sessions!==null)&&await e.insertInto(`tenant_settings`).values({tenant_id:n.id,idle_session_lifetime:n.idle_session_lifetime,session_lifetime:n.session_lifetime,session_cookie:n.session_cookie,enable_client_connections:n.enable_client_connections,default_redirection_uri:n.default_redirection_uri,enabled_locales:n.enabled_locales,default_directory:n.default_directory,error_page:n.error_page,flags:n.flags,friendly_name:n.friendly_name,picture_url:n.picture_url,support_email:n.support_email,support_url:n.support_url,sandbox_version:n.sandbox_version,sandbox_versions_available:n.sandbox_versions_available,change_password:n.change_password,guardian_mfa_page:n.guardian_mfa_page,default_audience:n.default_audience,default_organization:n.default_organization,sessions:n.sessions}).execute();await e.schema.alterTable(`tenants`).dropColumn(`idle_session_lifetime`).dropColumn(`session_lifetime`).dropColumn(`session_cookie`).dropColumn(`enable_client_connections`).dropColumn(`default_redirection_uri`).dropColumn(`enabled_locales`).dropColumn(`default_directory`).dropColumn(`error_page`).dropColumn(`flags`).dropColumn(`friendly_name`).dropColumn(`picture_url`).dropColumn(`support_email`).dropColumn(`sandbox_version`).dropColumn(`sandbox_versions_available`).dropColumn(`change_password`).dropColumn(`guardian_mfa_page`).dropColumn(`default_audience`).dropColumn(`default_organization`).dropColumn(`sessions`).execute(),await e.schema.alterTable(`tenants`).addColumn(`name`,`varchar(255)`).execute(),await e.updateTable(`tenants`).set({name:i.sql`COALESCE(friendly_name, id)`}).execute(),await e.schema.alterTable(`tenants`).addColumn(`language`,`varchar(255)`).execute(),await e.schema.alterTable(`tenants`).addColumn(`logo`,`text`).execute(),await e.schema.alterTable(`tenants`).addColumn(`primary_color`,`varchar(50)`).execute(),await e.schema.alterTable(`tenants`).addColumn(`secondary_color`,`varchar(50)`).execute()}var bd=t({down:()=>Sd,up:()=>xd});async function xd(e){await e.schema.createTable(`invites`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`organization_id`,`varchar(21)`,e=>e.notNull()).addColumn(`inviter`,`text`,e=>e.notNull()).addColumn(`invitee`,`text`,e=>e.notNull()).addColumn(`client_id`,`varchar(191)`,e=>e.notNull()).addColumn(`connection_id`,`varchar(21)`).addColumn(`invitation_url`,`text`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`expires_at`,`varchar(35)`,e=>e.notNull()).addColumn(`app_metadata`,`text`).addColumn(`user_metadata`,`text`).addColumn(`roles`,`text`).addColumn(`ticket_id`,`varchar(191)`).addColumn(`ttl_sec`,`integer`).addColumn(`send_invitation_email`,`integer`).execute(),await e.schema.createIndex(`idx_invites_tenant_id`).on(`invites`).column(`tenant_id`).execute(),await e.schema.createIndex(`idx_invites_organization_id`).on(`invites`).column(`organization_id`).execute(),await e.schema.createIndex(`idx_invites_expires_at`).on(`invites`).column(`expires_at`).execute(),await e.schema.createIndex(`idx_invites_tenant_created`).on(`invites`).columns([`tenant_id`,`created_at`]).execute()}async function Sd(e){await e.schema.dropTable(`invites`).execute()}var Cd=t({down:()=>Td,up:()=>wd});async function wd(e){await e.schema.dropTable(`logs`).ifExists().execute(),await e.schema.createTable(`logs`).addColumn(`log_id`,`varchar(21)`,e=>e.primaryKey().notNull()).addColumn(`category`,`varchar(255)`).addColumn(`tenant_id`,`varchar(64)`).addColumn(`user_id`,`varchar(64)`).addColumn(`ip`,`varchar(255)`).addColumn(`type`,`varchar(8)`,e=>e.notNull()).addColumn(`date`,`varchar(25)`,e=>e.notNull()).addColumn(`client_id`,`varchar(255)`).addColumn(`client_name`,`varchar(255)`).addColumn(`user_agent`,`varchar(255)`).addColumn(`description`,`varchar(255)`).addColumn(`details`,`varchar(2048)`).addColumn(`isMobile`,`integer`).addColumn(`user_name`,`varchar(255)`).addColumn(`connection`,`varchar(255)`).addColumn(`connection_id`,`varchar(255)`).addColumn(`audience`,`varchar(255)`).addColumn(`scope`,`varchar(255)`).addColumn(`strategy`,`varchar(255)`).addColumn(`strategy_type`,`varchar(255)`).addColumn(`hostname`,`varchar(255)`).addColumn(`auth0_client`,`varchar(8192)`).addColumn(`session_connection`,`varchar(255)`).execute()}async function Td(e){await e.schema.dropTable(`logs`).ifExists().execute(),await e.schema.createTable(`logs`).addColumn(`id`,`varchar(255)`,e=>e.primaryKey().notNull()).addColumn(`category`,`varchar(255)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(64)`).addColumn(`user_id`,`varchar(64)`).addColumn(`ip`,`varchar(255)`).addColumn(`type`,`varchar(8)`,e=>e.notNull()).addColumn(`date`,`varchar(25)`,e=>e.notNull()).addColumn(`client_id`,`varchar(255)`).addColumn(`client_name`,`varchar(255)`).addColumn(`user_agent`,`varchar(255)`).addColumn(`description`,`varchar(255)`).addColumn(`details`,`varchar(2048)`).execute()}var Ed=t({down:()=>Od,up:()=>Dd});async function Dd(e){await e.schema.alterTable(`logs`).addColumn(`country_code`,`varchar(2)`).execute(),await e.schema.alterTable(`logs`).addColumn(`city_name`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`latitude`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`longitude`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`time_zone`,`varchar(255)`).execute(),await e.schema.alterTable(`logs`).addColumn(`continent_code`,`varchar(2)`).execute()}async function Od(e){await e.schema.alterTable(`logs`).dropColumn(`country_code`).execute(),await e.schema.alterTable(`logs`).dropColumn(`city_name`).execute(),await e.schema.alterTable(`logs`).dropColumn(`latitude`).execute(),await e.schema.alterTable(`logs`).dropColumn(`longitude`).execute(),await e.schema.alterTable(`logs`).dropColumn(`time_zone`).execute(),await e.schema.alterTable(`logs`).dropColumn(`continent_code`).execute()}var kd=t({down:()=>jd,up:()=>Ad}),Y=1e3;async function Ad(e){await e.schema.createTable(`password_history`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`user_id`,`varchar(191)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(191)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`password`,`varchar(255)`,e=>e.notNull()).addColumn(`algorithm`,`varchar(255)`,e=>e.notNull().defaultTo(`bcrypt`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addColumn(`is_current`,`integer`,e=>e.notNull().defaultTo(1)).addForeignKeyConstraint(`password_history_user_id_tenant_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).execute();let t=0,r=!0;for(;r;){let i=await e.selectFrom(`passwords`).select([`user_id`,`tenant_id`,`password`,`algorithm`,`created_at`,`updated_at`]).limit(Y).offset(t).execute();if(i.length===0){r=!1;break}for(let t of i)await e.insertInto(`password_history`).values({id:(0,n.nanoid)(),user_id:t.user_id,tenant_id:t.tenant_id,password:t.password,algorithm:t.algorithm??`bcrypt`,created_at:t.created_at,updated_at:t.updated_at??t.created_at,is_current:1}).execute();t+=Y,i.length<Y&&(r=!1)}await e.schema.alterTable(`passwords`).renameTo(`passwords_backup`).execute(),await e.schema.alterTable(`password_history`).renameTo(`passwords`).execute()}async function jd(e){await e.schema.alterTable(`passwords`).renameTo(`password_history`).execute();try{await e.schema.alterTable(`passwords_backup`).renameTo(`passwords`).execute()}catch{await e.schema.createTable(`passwords`).addColumn(`user_id`,`varchar(255)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`password`,`varchar(255)`,e=>e.notNull()).addColumn(`algorithm`,`varchar(255)`,e=>e.notNull().defaultTo(`bcrypt`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`passwords_pkey`,[`user_id`,`tenant_id`]).addForeignKeyConstraint(`passwords_user_id_tenant_id_constraint`,[`user_id`,`tenant_id`],`users`,[`user_id`,`tenant_id`],e=>e.onDelete(`cascade`)).execute();let t=0,n=!0;for(;n;){let r=await e.selectFrom(`password_history`).select([`user_id`,`tenant_id`,`password`,`algorithm`,`created_at`,`updated_at`]).where(`is_current`,`=`,1).limit(Y).offset(t).execute();if(r.length===0){n=!1;break}for(let t of r)await e.insertInto(`passwords`).values({user_id:t.user_id,tenant_id:t.tenant_id,password:t.password,algorithm:t.algorithm,created_at:t.created_at,updated_at:t.updated_at}).execute();t+=Y,r.length<Y&&(n=!1)}}await e.schema.dropTable(`password_history`).execute()}var Md=t({down:()=>Pd,up:()=>Nd});async function Nd(e){await e.schema.alterTable(`connections`).addColumn(`display_name`,`varchar(255)`).execute(),await e.schema.alterTable(`connections`).addColumn(`is_domain_connection`,`integer`).execute(),await e.schema.alterTable(`connections`).addColumn(`show_as_button`,`integer`).execute(),await e.schema.alterTable(`connections`).addColumn(`metadata`,`varchar(4096)`).execute()}async function Pd(e){await e.schema.alterTable(`connections`).dropColumn(`display_name`).execute(),await e.schema.alterTable(`connections`).dropColumn(`is_domain_connection`).execute(),await e.schema.alterTable(`connections`).dropColumn(`show_as_button`).execute(),await e.schema.alterTable(`connections`).dropColumn(`metadata`).execute()}var Fd=t({down:()=>Ld,up:()=>Id});async function Id(e){await e.schema.alterTable(`clients`).addColumn(`connections`,`text`,e=>e.notNull().defaultTo(`[]`)).execute()}async function Ld(e){await e.schema.alterTable(`clients`).dropColumn(`connections`).execute()}var Rd=t({down:()=>Bd,up:()=>zd});async function zd(e){await e.schema.createTable(`flows`).addColumn(`id`,`varchar(24)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`name`,`varchar(150)`,e=>e.notNull()).addColumn(`actions`,`text`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).execute(),await e.schema.createIndex(`flows_tenant_id_idx`).on(`flows`).column(`tenant_id`).execute(),await e.schema.dropTable(`passwords_backup`).execute()}async function Bd(e){await e.schema.dropTable(`flows`).execute()}var Vd=t({down:()=>Ud,up:()=>Hd});async function Hd(e){await e.schema.alterTable(`resource_servers`).addColumn(`is_system`,`integer`,e=>e.defaultTo(0).notNull()).execute(),await e.schema.alterTable(`roles`).addColumn(`is_system`,`integer`,e=>e.defaultTo(0).notNull()).execute(),await e.schema.alterTable(`connections`).addColumn(`is_system`,`integer`,e=>e.defaultTo(0).notNull()).execute()}async function Ud(e){await e.schema.alterTable(`resource_servers`).dropColumn(`is_system`).execute(),await e.schema.alterTable(`roles`).dropColumn(`is_system`).execute(),await e.schema.alterTable(`connections`).dropColumn(`is_system`).execute()}var Wd=t({down:()=>Kd,up:()=>Gd});async function Gd(e){let t=await e.selectFrom(`keys`).selectAll().execute();await e.schema.dropTable(`keys`).execute(),await i.sql`ALTER TABLE connections RENAME TO connections_old`.execute(e),await e.schema.createTable(`connections`).addColumn(`id`,`varchar(255)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`response_type`,`varchar(255)`).addColumn(`response_mode`,`varchar(255)`).addColumn(`strategy`,`varchar(64)`).addColumn(`options`,`varchar(8192)`,e=>e.defaultTo(`{}`).notNull()).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).addColumn(`display_name`,`varchar(255)`).addColumn(`is_domain_connection`,`integer`).addColumn(`show_as_button`,`integer`).addColumn(`metadata`,`varchar(4096)`).addColumn(`is_system`,`integer`,e=>e.defaultTo(0).notNull()).addPrimaryKeyConstraint(`connections_pkey`,[`tenant_id`,`id`]).execute(),await i.sql`
     INSERT INTO connections (
       id, tenant_id, name, response_type, response_mode, strategy, options,
       created_at, updated_at, display_name,
@@ -61,7 +61,7 @@
       created_at, updated_at, display_name,
       is_domain_connection, show_as_button, metadata, is_system
     FROM connections_old
-  `.execute(e),await e.schema.dropTable("connections_old").execute(),await e.schema.createIndex("connections_tenant_id_idx").on("connections").column("tenant_id").execute(),await e.schema.createTable("keys").addColumn("kid","varchar(255)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade")).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("revoked_at","varchar(255)").addColumn("cert","varchar(4096)").addColumn("pkcs7","varchar(4096)").addColumn("fingerprint","varchar(256)").addColumn("thumbprint","varchar(256)").addColumn("current_since","varchar(256)").addColumn("current_until","varchar(256)").addColumn("type","varchar(50)",a=>a.notNull().defaultTo("jwt_signing")).addColumn("connection","varchar(255)").execute();for(const a of t)await e.insertInto("keys").values(a).execute()}async function c_(e){const t=await e.selectFrom("keys").selectAll().execute();await e.schema.dropTable("keys").execute(),await h.sql`ALTER TABLE connections RENAME TO connections_new`.execute(e),await e.schema.createTable("connections").addColumn("id","varchar(255)",a=>a.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("name","varchar(255)",a=>a.notNull()).addColumn("response_type","varchar(255)").addColumn("response_mode","varchar(255)").addColumn("strategy","varchar(64)").addColumn("options","varchar(8192)",a=>a.defaultTo("{}").notNull()).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("updated_at","varchar(255)",a=>a.notNull()).addColumn("display_name","varchar(255)").addColumn("is_domain_connection","integer").addColumn("show_as_button","integer").addColumn("metadata","varchar(4096)").addColumn("is_system","integer",a=>a.defaultTo(0).notNull()).execute(),await h.sql`
+  `.execute(e),await e.schema.dropTable(`connections_old`).execute(),await e.schema.createIndex(`connections_tenant_id_idx`).on(`connections`).column(`tenant_id`).execute(),await e.schema.createTable(`keys`).addColumn(`kid`,`varchar(255)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`)).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`revoked_at`,`varchar(255)`).addColumn(`cert`,`varchar(4096)`).addColumn(`pkcs7`,`varchar(4096)`).addColumn(`fingerprint`,`varchar(256)`).addColumn(`thumbprint`,`varchar(256)`).addColumn(`current_since`,`varchar(256)`).addColumn(`current_until`,`varchar(256)`).addColumn(`type`,`varchar(50)`,e=>e.notNull().defaultTo(`jwt_signing`)).addColumn(`connection`,`varchar(255)`).execute();for(let n of t)await e.insertInto(`keys`).values(n).execute()}async function Kd(e){let t=await e.selectFrom(`keys`).selectAll().execute();await e.schema.dropTable(`keys`).execute(),await i.sql`ALTER TABLE connections RENAME TO connections_new`.execute(e),await e.schema.createTable(`connections`).addColumn(`id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`response_type`,`varchar(255)`).addColumn(`response_mode`,`varchar(255)`).addColumn(`strategy`,`varchar(64)`).addColumn(`options`,`varchar(8192)`,e=>e.defaultTo(`{}`).notNull()).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).addColumn(`display_name`,`varchar(255)`).addColumn(`is_domain_connection`,`integer`).addColumn(`show_as_button`,`integer`).addColumn(`metadata`,`varchar(4096)`).addColumn(`is_system`,`integer`,e=>e.defaultTo(0).notNull()).execute(),await i.sql`
     INSERT INTO connections (
       id, tenant_id, name, response_type, response_mode, strategy, options,
       created_at, updated_at, display_name,
@@ -72,44 +72,44 @@
       created_at, updated_at, display_name,
       is_domain_connection, show_as_button, metadata, is_system
     FROM connections_new
-  `.execute(e),await e.schema.dropTable("connections_new").execute(),await e.schema.createIndex("connections_tenant_id_idx").on("connections").column("tenant_id").execute(),await e.schema.createTable("keys").addColumn("kid","varchar(255)",a=>a.primaryKey()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade")).addColumn("created_at","varchar(255)",a=>a.notNull()).addColumn("revoked_at","varchar(255)").addColumn("cert","varchar(4096)").addColumn("pkcs7","varchar(4096)").addColumn("fingerprint","varchar(256)").addColumn("thumbprint","varchar(256)").addColumn("current_since","varchar(256)").addColumn("current_until","varchar(256)").addColumn("type","varchar(50)",a=>a.notNull().defaultTo("jwt_signing")).addColumn("connection","varchar(255)",a=>a.references("connections.id").onDelete("cascade")).execute();for(const a of t)await e.insertInto("keys").values(a).execute()}const l_=Object.freeze(Object.defineProperty({__proto__:null,down:c_,up:i_},Symbol.toStringTag,{value:"Module"}));async function d_(e){await e.schema.alterTable("login_sessions").addColumn("state","varchar(50)",t=>t.defaultTo("pending")).execute(),await e.schema.alterTable("login_sessions").addColumn("state_data","text").execute(),await e.schema.alterTable("login_sessions").addColumn("failure_reason","text").execute(),await e.schema.alterTable("login_sessions").addColumn("user_id","varchar(255)").execute(),await e.schema.createIndex("login_sessions_tenant_user_idx").on("login_sessions").columns(["tenant_id","user_id"]).execute(),await e.updateTable("login_sessions").set({state:h.sql`CASE
+  `.execute(e),await e.schema.dropTable(`connections_new`).execute(),await e.schema.createIndex(`connections_tenant_id_idx`).on(`connections`).column(`tenant_id`).execute(),await e.schema.createTable(`keys`).addColumn(`kid`,`varchar(255)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`)).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`revoked_at`,`varchar(255)`).addColumn(`cert`,`varchar(4096)`).addColumn(`pkcs7`,`varchar(4096)`).addColumn(`fingerprint`,`varchar(256)`).addColumn(`thumbprint`,`varchar(256)`).addColumn(`current_since`,`varchar(256)`).addColumn(`current_until`,`varchar(256)`).addColumn(`type`,`varchar(50)`,e=>e.notNull().defaultTo(`jwt_signing`)).addColumn(`connection`,`varchar(255)`,e=>e.references(`connections.id`).onDelete(`cascade`)).execute();for(let n of t)await e.insertInto(`keys`).values(n).execute()}var qd=t({down:()=>Yd,up:()=>Jd});async function Jd(e){await e.schema.alterTable(`login_sessions`).addColumn(`state`,`varchar(50)`,e=>e.defaultTo(`pending`)).execute(),await e.schema.alterTable(`login_sessions`).addColumn(`state_data`,`text`).execute(),await e.schema.alterTable(`login_sessions`).addColumn(`failure_reason`,`text`).execute(),await e.schema.alterTable(`login_sessions`).addColumn(`user_id`,`varchar(255)`).execute(),await e.schema.createIndex(`login_sessions_tenant_user_idx`).on(`login_sessions`).columns([`tenant_id`,`user_id`]).execute(),await e.updateTable(`login_sessions`).set({state:i.sql`CASE
         WHEN login_completed = 1 THEN 'completed'
         WHEN expires_at < CURRENT_TIMESTAMP THEN 'expired'
         ELSE 'pending'
-      END`}).execute(),await e.schema.alterTable("login_sessions").dropColumn("login_completed").execute(),await e.schema.createIndex("login_sessions_state_idx").on("login_sessions").column("state").execute(),await e.schema.createIndex("login_sessions_state_updated_idx").on("login_sessions").columns(["state","updated_at"]).execute()}async function u_(e){await e.schema.alterTable("login_sessions").addColumn("login_completed","integer",t=>t.defaultTo(0)).execute(),await e.updateTable("login_sessions").set({login_completed:h.sql`CASE WHEN state = 'completed' THEN 1 ELSE 0 END`}).execute(),await e.schema.dropIndex("login_sessions_state_updated_idx").execute(),await e.schema.dropIndex("login_sessions_state_idx").execute(),await e.schema.dropIndex("login_sessions_tenant_user_idx").execute(),await e.schema.alterTable("login_sessions").dropColumn("state").dropColumn("state_data").dropColumn("failure_reason").dropColumn("user_id").execute()}const __=Object.freeze(Object.defineProperty({__proto__:null,down:u_,up:d_},Symbol.toStringTag,{value:"Module"}));async function m_(e){await e.schema.alterTable("roles").addColumn("metadata","varchar(4096)").execute(),await e.schema.alterTable("resource_servers").addColumn("metadata","varchar(4096)").execute()}async function h_(e){await e.schema.alterTable("roles").dropColumn("metadata").execute(),await e.schema.alterTable("resource_servers").dropColumn("metadata").execute()}const p_=Object.freeze(Object.defineProperty({__proto__:null,down:h_,up:m_},Symbol.toStringTag,{value:"Module"}));async function f_(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function I(e,t,a,n){try{await e.schema.alterTable(t).addColumn(a,n).execute()}catch(o){if(o instanceof Error&&(o.message.includes("1060")||o.message.includes("duplicate column"))){w(`  Column ${t}.${a} already exists, skipping`);return}throw o}}async function g_(e){const t=await f_(e);await I(e,"refresh_tokens","created_at_ts","bigint"),await I(e,"refresh_tokens","expires_at_ts","bigint"),await I(e,"refresh_tokens","idle_expires_at_ts","bigint"),await I(e,"refresh_tokens","last_exchanged_at_ts","bigint"),await I(e,"sessions","created_at_ts","bigint"),await I(e,"sessions","updated_at_ts","bigint"),await I(e,"sessions","expires_at_ts","bigint"),await I(e,"sessions","idle_expires_at_ts","bigint"),await I(e,"sessions","authenticated_at_ts","bigint"),await I(e,"sessions","last_interaction_at_ts","bigint"),await I(e,"sessions","used_at_ts","bigint"),await I(e,"sessions","revoked_at_ts","bigint"),await I(e,"login_sessions","created_at_ts","bigint"),await I(e,"login_sessions","updated_at_ts","bigint"),await I(e,"login_sessions","expires_at_ts","bigint"),t==="mysql"&&(await e.schema.alterTable("refresh_tokens").modifyColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("sessions").modifyColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("sessions").modifyColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("sessions").modifyColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("expires_at","varchar(35)").execute()),await e.schema.createIndex("idx_sessions_user_id").on("sessions").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("idx_refresh_tokens_user_id").on("refresh_tokens").columns(["tenant_id","user_id"]).execute(),await e.schema.createIndex("idx_refresh_tokens_session_id").on("refresh_tokens").column("session_id").execute(),await e.schema.createIndex("idx_refresh_tokens_expires_at_ts").on("refresh_tokens").column("expires_at_ts").execute(),await e.schema.createIndex("idx_sessions_expires_at_ts").on("sessions").column("expires_at_ts").execute(),await e.schema.createIndex("idx_login_sessions_expires_at_ts").on("login_sessions").column("expires_at_ts").execute()}async function J(e,t,a){try{await e.schema.dropIndex(t).on(a).execute()}catch(n){if(n instanceof Error&&n.message.includes("1091"))return;throw n}}async function P(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){if(n instanceof Error&&n.message.includes("1091"))return;throw n}}async function w_(e){await J(e,"idx_sessions_user_id","sessions"),await J(e,"idx_refresh_tokens_user_id","refresh_tokens"),await J(e,"idx_refresh_tokens_session_id","refresh_tokens"),await J(e,"idx_refresh_tokens_expires_at_ts","refresh_tokens"),await J(e,"idx_sessions_expires_at_ts","sessions"),await J(e,"idx_login_sessions_expires_at_ts","login_sessions"),await P(e,"refresh_tokens","created_at_ts"),await P(e,"refresh_tokens","expires_at_ts"),await P(e,"refresh_tokens","idle_expires_at_ts"),await P(e,"refresh_tokens","last_exchanged_at_ts"),await P(e,"sessions","created_at_ts"),await P(e,"sessions","updated_at_ts"),await P(e,"sessions","expires_at_ts"),await P(e,"sessions","idle_expires_at_ts"),await P(e,"sessions","authenticated_at_ts"),await P(e,"sessions","last_interaction_at_ts"),await P(e,"sessions","used_at_ts"),await P(e,"sessions","revoked_at_ts"),await P(e,"login_sessions","created_at_ts"),await P(e,"login_sessions","updated_at_ts"),await P(e,"login_sessions","expires_at_ts")}const y_=Object.freeze(Object.defineProperty({__proto__:null,down:w_,up:g_},Symbol.toStringTag,{value:"Module"}));async function Je(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function z(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){const o=n instanceof Error?n.message:String(n);if(o.includes("1091")||o.includes("no such column")){w(`  Column ${t}.${a} doesn't exist, skipping`);return}throw n}}async function v_(e){const t=await Je(e);w("Dropping indexes that depend on old date columns...");try{await h.sql`DROP INDEX IF EXISTS login_sessions_state_updated_idx`.execute(e),w("  Dropped index login_sessions_state_updated_idx")}catch(a){A(`  Warning: Failed to drop index login_sessions_state_updated_idx: ${a instanceof Error?a.message:String(a)}`)}w("Dropping old date columns..."),await z(e,"refresh_tokens","created_at"),await z(e,"refresh_tokens","expires_at"),await z(e,"refresh_tokens","idle_expires_at"),await z(e,"refresh_tokens","last_exchanged_at"),await z(e,"sessions","created_at"),await z(e,"sessions","updated_at"),await z(e,"sessions","expires_at"),await z(e,"sessions","idle_expires_at"),await z(e,"sessions","authenticated_at"),await z(e,"sessions","last_interaction_at"),await z(e,"sessions","used_at"),await z(e,"sessions","revoked_at"),await z(e,"login_sessions","created_at"),await z(e,"login_sessions","updated_at"),await z(e,"login_sessions","expires_at"),t==="mysql"&&(w("Increasing ID column sizes for ULID support..."),await e.schema.alterTable("login_sessions").modifyColumn("id","varchar(26)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("session_id","varchar(26)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("csrf_token","varchar(26)").execute(),await e.schema.alterTable("sessions").modifyColumn("id","varchar(26)").execute(),await e.schema.alterTable("sessions").modifyColumn("login_session_id","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("id","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("session_id","varchar(26)").execute()),w("Migration completed successfully")}async function C_(e){await Je(e)==="mysql"&&(w("Restoring ID column sizes to varchar(21)..."),await e.schema.alterTable("login_sessions").modifyColumn("id","varchar(21)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("session_id","varchar(21)").execute(),await e.schema.alterTable("login_sessions").modifyColumn("csrf_token","varchar(21)").execute(),await e.schema.alterTable("sessions").modifyColumn("id","varchar(21)").execute(),await e.schema.alterTable("sessions").modifyColumn("login_session_id","varchar(21)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("id","varchar(21)").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("session_id","varchar(21)").execute()),w("Re-adding old date columns (data will be empty)..."),await e.schema.alterTable("refresh_tokens").addColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("idle_expires_at","varchar(35)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("last_exchanged_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("expires_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("idle_expires_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("authenticated_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("last_interaction_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("used_at","varchar(35)").execute(),await e.schema.alterTable("sessions").addColumn("revoked_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").addColumn("created_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").addColumn("updated_at","varchar(35)").execute(),await e.schema.alterTable("login_sessions").addColumn("expires_at","varchar(35)").execute(),w("Rollback completed")}const x_=Object.freeze(Object.defineProperty({__proto__:null,down:C_,up:v_},Symbol.toStringTag,{value:"Module"}));async function T_(e){await e.schema.alterTable("users").dropColumn("user_metadata").execute(),await e.schema.alterTable("users").addColumn("user_metadata","text").execute(),await e.schema.alterTable("users").addColumn("middle_name","varchar(100)").execute(),await e.schema.alterTable("users").addColumn("profile","text").execute(),await e.schema.alterTable("users").addColumn("website","text").execute(),await e.schema.alterTable("users").addColumn("gender","varchar(50)").execute(),await e.schema.alterTable("users").addColumn("birthdate","varchar(10)").execute(),await e.schema.alterTable("users").addColumn("zoneinfo","varchar(100)").execute()}async function b_(e){await e.schema.alterTable("users").dropColumn("middle_name").execute(),await e.schema.alterTable("users").dropColumn("profile").execute(),await e.schema.alterTable("users").dropColumn("website").execute(),await e.schema.alterTable("users").dropColumn("gender").execute(),await e.schema.alterTable("users").dropColumn("birthdate").execute(),await e.schema.alterTable("users").dropColumn("zoneinfo").execute(),await e.schema.alterTable("users").dropColumn("user_metadata").execute(),await e.schema.alterTable("users").addColumn("user_metadata","varchar(4096)").execute()}const N_=Object.freeze(Object.defineProperty({__proto__:null,down:b_,up:T_},Symbol.toStringTag,{value:"Module"}));async function S_(e){await e.schema.alterTable("users").addColumn("preferred_username","varchar(255)").execute()}async function O_(e){await e.schema.alterTable("users").dropColumn("preferred_username").execute()}const k_=Object.freeze(Object.defineProperty({__proto__:null,down:O_,up:S_},Symbol.toStringTag,{value:"Module"}));async function $_(e){await e.schema.alterTable("users").addColumn("address","text").execute()}async function E_(e){await e.schema.alterTable("users").dropColumn("address").execute()}const I_=Object.freeze(Object.defineProperty({__proto__:null,down:E_,up:$_},Symbol.toStringTag,{value:"Module"}));async function P_(e){try{await e.schema.alterTable("login_sessions").addColumn("authParams_max_age","integer").execute(),w("  Added column authParams_max_age to login_sessions")}catch(t){A(`  Warning: Could not add authParams_max_age column: ${t instanceof Error?t.message:String(t)}`)}try{await e.schema.alterTable("login_sessions").addColumn("authParams_acr_values","text").execute(),w("  Added column authParams_acr_values to login_sessions")}catch(t){A(`  Warning: Could not add authParams_acr_values column: ${t instanceof Error?t.message:String(t)}`)}}async function z_(e){try{await e.schema.alterTable("login_sessions").dropColumn("authParams_max_age").execute()}catch(t){A(`  Warning: Could not drop authParams_max_age column: ${t instanceof Error?t.message:String(t)}`)}try{await e.schema.alterTable("login_sessions").dropColumn("authParams_acr_values").execute()}catch(t){A(`  Warning: Could not drop authParams_acr_values column: ${t instanceof Error?t.message:String(t)}`)}}const D_=Object.freeze(Object.defineProperty({__proto__:null,down:z_,up:P_},Symbol.toStringTag,{value:"Module"}));async function A_(e){await e.schema.alterTable("clients").addColumn("auth0_conformant","integer",t=>t.defaultTo(1)).execute()}async function F_(e){await e.schema.alterTable("clients").dropColumn("auth0_conformant").execute()}const j_=Object.freeze(Object.defineProperty({__proto__:null,down:F_,up:A_},Symbol.toStringTag,{value:"Module"}));async function R_(e){await e.schema.createTable("universal_login_templates").addColumn("tenant_id","varchar(191)",t=>t.primaryKey().references("tenants.id").onDelete("cascade")).addColumn("body","text",t=>t.notNull()).addColumn("updated_at_ts","integer",t=>t.notNull()).addColumn("created_at_ts","integer",t=>t.notNull()).execute()}async function q_(e){await e.schema.dropTable("universal_login_templates").execute()}const M_=Object.freeze(Object.defineProperty({__proto__:null,down:q_,up:R_},Symbol.toStringTag,{value:"Module"}));async function J_(e){await e.schema.createTable("custom_text").addColumn("tenant_id","varchar(191)",t=>t.notNull().references("tenants.id").onDelete("cascade")).addColumn("prompt","varchar(64)",t=>t.notNull()).addColumn("language","varchar(16)",t=>t.notNull()).addColumn("custom_text","text",t=>t.notNull()).addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).addPrimaryKeyConstraint("custom_text_pk",["tenant_id","prompt","language"]).execute()}async function L_(e){await e.schema.dropTable("custom_text").execute()}const U_=Object.freeze(Object.defineProperty({__proto__:null,down:L_,up:J_},Symbol.toStringTag,{value:"Module"}));async function K_(e){await e.schema.alterTable("tenants").addColumn("mfa","text").execute()}async function B_(e){await e.schema.alterTable("tenants").dropColumn("mfa").execute()}const Q_=Object.freeze(Object.defineProperty({__proto__:null,down:B_,up:K_},Symbol.toStringTag,{value:"Module"}));async function W_(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function oe(e,t,a,n){try{await e.schema.alterTable(t).addColumn(a,h.sql.raw(n)).execute()}catch(o){if(o instanceof Error&&(o.message.includes("1060")||o.message.includes("duplicate column"))){w(`  Column ${t}.${a} already exists, skipping`);return}throw o}}async function H_(e){const t=await W_(e);await oe(e,"hooks","template_id","text"),await oe(e,"hooks","created_at_ts","bigint"),await oe(e,"hooks","updated_at_ts","bigint"),t==="mysql"?await h.sql`
+      END`}).execute(),await e.schema.alterTable(`login_sessions`).dropColumn(`login_completed`).execute(),await e.schema.createIndex(`login_sessions_state_idx`).on(`login_sessions`).column(`state`).execute(),await e.schema.createIndex(`login_sessions_state_updated_idx`).on(`login_sessions`).columns([`state`,`updated_at`]).execute()}async function Yd(e){await e.schema.alterTable(`login_sessions`).addColumn(`login_completed`,`integer`,e=>e.defaultTo(0)).execute(),await e.updateTable(`login_sessions`).set({login_completed:i.sql`CASE WHEN state = 'completed' THEN 1 ELSE 0 END`}).execute(),await e.schema.dropIndex(`login_sessions_state_updated_idx`).execute(),await e.schema.dropIndex(`login_sessions_state_idx`).execute(),await e.schema.dropIndex(`login_sessions_tenant_user_idx`).execute(),await e.schema.alterTable(`login_sessions`).dropColumn(`state`).dropColumn(`state_data`).dropColumn(`failure_reason`).dropColumn(`user_id`).execute()}var Xd=t({down:()=>Qd,up:()=>Zd});async function Zd(e){await e.schema.alterTable(`roles`).addColumn(`metadata`,`varchar(4096)`).execute(),await e.schema.alterTable(`resource_servers`).addColumn(`metadata`,`varchar(4096)`).execute()}async function Qd(e){await e.schema.alterTable(`roles`).dropColumn(`metadata`).execute(),await e.schema.alterTable(`resource_servers`).dropColumn(`metadata`).execute()}var $d=t({down:()=>nf,up:()=>tf});async function ef(e){try{return await i.sql`SELECT VERSION()`.execute(e),`mysql`}catch{return`sqlite`}}async function X(e,t,n,r){try{await e.schema.alterTable(t).addColumn(n,r).execute()}catch(e){if(e instanceof Error&&(e.message.includes(`1060`)||e.message.includes(`duplicate column`))){q(`  Column ${t}.${n} already exists, skipping`);return}throw e}}async function tf(e){let t=await ef(e);await X(e,`refresh_tokens`,`created_at_ts`,`bigint`),await X(e,`refresh_tokens`,`expires_at_ts`,`bigint`),await X(e,`refresh_tokens`,`idle_expires_at_ts`,`bigint`),await X(e,`refresh_tokens`,`last_exchanged_at_ts`,`bigint`),await X(e,`sessions`,`created_at_ts`,`bigint`),await X(e,`sessions`,`updated_at_ts`,`bigint`),await X(e,`sessions`,`expires_at_ts`,`bigint`),await X(e,`sessions`,`idle_expires_at_ts`,`bigint`),await X(e,`sessions`,`authenticated_at_ts`,`bigint`),await X(e,`sessions`,`last_interaction_at_ts`,`bigint`),await X(e,`sessions`,`used_at_ts`,`bigint`),await X(e,`sessions`,`revoked_at_ts`,`bigint`),await X(e,`login_sessions`,`created_at_ts`,`bigint`),await X(e,`login_sessions`,`updated_at_ts`,`bigint`),await X(e,`login_sessions`,`expires_at_ts`,`bigint`),t===`mysql`&&(await e.schema.alterTable(`refresh_tokens`).modifyColumn(`created_at`,`varchar(35)`).execute(),await e.schema.alterTable(`refresh_tokens`).modifyColumn(`expires_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).modifyColumn(`created_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).modifyColumn(`updated_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).modifyColumn(`expires_at`,`varchar(35)`).execute(),await e.schema.alterTable(`login_sessions`).modifyColumn(`created_at`,`varchar(35)`).execute(),await e.schema.alterTable(`login_sessions`).modifyColumn(`updated_at`,`varchar(35)`).execute(),await e.schema.alterTable(`login_sessions`).modifyColumn(`expires_at`,`varchar(35)`).execute()),await e.schema.createIndex(`idx_sessions_user_id`).on(`sessions`).columns([`tenant_id`,`user_id`]).execute(),await e.schema.createIndex(`idx_refresh_tokens_user_id`).on(`refresh_tokens`).columns([`tenant_id`,`user_id`]).execute(),await e.schema.createIndex(`idx_refresh_tokens_session_id`).on(`refresh_tokens`).column(`session_id`).execute(),await e.schema.createIndex(`idx_refresh_tokens_expires_at_ts`).on(`refresh_tokens`).column(`expires_at_ts`).execute(),await e.schema.createIndex(`idx_sessions_expires_at_ts`).on(`sessions`).column(`expires_at_ts`).execute(),await e.schema.createIndex(`idx_login_sessions_expires_at_ts`).on(`login_sessions`).column(`expires_at_ts`).execute()}async function Z(e,t,n){try{await e.schema.dropIndex(t).on(n).execute()}catch(e){if(e instanceof Error&&e.message.includes(`1091`))return;throw e}}async function Q(e,t,n){try{await e.schema.alterTable(t).dropColumn(n).execute()}catch(e){if(e instanceof Error&&e.message.includes(`1091`))return;throw e}}async function nf(e){await Z(e,`idx_sessions_user_id`,`sessions`),await Z(e,`idx_refresh_tokens_user_id`,`refresh_tokens`),await Z(e,`idx_refresh_tokens_session_id`,`refresh_tokens`),await Z(e,`idx_refresh_tokens_expires_at_ts`,`refresh_tokens`),await Z(e,`idx_sessions_expires_at_ts`,`sessions`),await Z(e,`idx_login_sessions_expires_at_ts`,`login_sessions`),await Q(e,`refresh_tokens`,`created_at_ts`),await Q(e,`refresh_tokens`,`expires_at_ts`),await Q(e,`refresh_tokens`,`idle_expires_at_ts`),await Q(e,`refresh_tokens`,`last_exchanged_at_ts`),await Q(e,`sessions`,`created_at_ts`),await Q(e,`sessions`,`updated_at_ts`),await Q(e,`sessions`,`expires_at_ts`),await Q(e,`sessions`,`idle_expires_at_ts`),await Q(e,`sessions`,`authenticated_at_ts`),await Q(e,`sessions`,`last_interaction_at_ts`),await Q(e,`sessions`,`used_at_ts`),await Q(e,`sessions`,`revoked_at_ts`),await Q(e,`login_sessions`,`created_at_ts`),await Q(e,`login_sessions`,`updated_at_ts`),await Q(e,`login_sessions`,`expires_at_ts`)}var rf=t({down:()=>sf,up:()=>of});async function af(e){try{return await i.sql`SELECT VERSION()`.execute(e),`mysql`}catch{return`sqlite`}}async function $(e,t,n){try{await e.schema.alterTable(t).dropColumn(n).execute()}catch(e){let r=e instanceof Error?e.message:String(e);if(r.includes(`1091`)||r.includes(`no such column`)){q(`  Column ${t}.${n} doesn't exist, skipping`);return}throw e}}async function of(e){let t=await af(e);q(`Dropping indexes that depend on old date columns...`);try{await i.sql`DROP INDEX IF EXISTS login_sessions_state_updated_idx`.execute(e),q(`  Dropped index login_sessions_state_updated_idx`)}catch(e){J(`  Warning: Failed to drop index login_sessions_state_updated_idx: ${e instanceof Error?e.message:String(e)}`)}q(`Dropping old date columns...`),await $(e,`refresh_tokens`,`created_at`),await $(e,`refresh_tokens`,`expires_at`),await $(e,`refresh_tokens`,`idle_expires_at`),await $(e,`refresh_tokens`,`last_exchanged_at`),await $(e,`sessions`,`created_at`),await $(e,`sessions`,`updated_at`),await $(e,`sessions`,`expires_at`),await $(e,`sessions`,`idle_expires_at`),await $(e,`sessions`,`authenticated_at`),await $(e,`sessions`,`last_interaction_at`),await $(e,`sessions`,`used_at`),await $(e,`sessions`,`revoked_at`),await $(e,`login_sessions`,`created_at`),await $(e,`login_sessions`,`updated_at`),await $(e,`login_sessions`,`expires_at`),t===`mysql`&&(q(`Increasing ID column sizes for ULID support...`),await e.schema.alterTable(`login_sessions`).modifyColumn(`id`,`varchar(26)`).execute(),await e.schema.alterTable(`login_sessions`).modifyColumn(`session_id`,`varchar(26)`).execute(),await e.schema.alterTable(`login_sessions`).modifyColumn(`csrf_token`,`varchar(26)`).execute(),await e.schema.alterTable(`sessions`).modifyColumn(`id`,`varchar(26)`).execute(),await e.schema.alterTable(`sessions`).modifyColumn(`login_session_id`,`varchar(26)`).execute(),await e.schema.alterTable(`refresh_tokens`).modifyColumn(`id`,`varchar(26)`).execute(),await e.schema.alterTable(`refresh_tokens`).modifyColumn(`session_id`,`varchar(26)`).execute()),q(`Migration completed successfully`)}async function sf(e){await af(e)===`mysql`&&(q(`Restoring ID column sizes to varchar(21)...`),await e.schema.alterTable(`login_sessions`).modifyColumn(`id`,`varchar(21)`).execute(),await e.schema.alterTable(`login_sessions`).modifyColumn(`session_id`,`varchar(21)`).execute(),await e.schema.alterTable(`login_sessions`).modifyColumn(`csrf_token`,`varchar(21)`).execute(),await e.schema.alterTable(`sessions`).modifyColumn(`id`,`varchar(21)`).execute(),await e.schema.alterTable(`sessions`).modifyColumn(`login_session_id`,`varchar(21)`).execute(),await e.schema.alterTable(`refresh_tokens`).modifyColumn(`id`,`varchar(21)`).execute(),await e.schema.alterTable(`refresh_tokens`).modifyColumn(`session_id`,`varchar(21)`).execute()),q(`Re-adding old date columns (data will be empty)...`),await e.schema.alterTable(`refresh_tokens`).addColumn(`created_at`,`varchar(35)`).execute(),await e.schema.alterTable(`refresh_tokens`).addColumn(`expires_at`,`varchar(35)`).execute(),await e.schema.alterTable(`refresh_tokens`).addColumn(`idle_expires_at`,`varchar(35)`).execute(),await e.schema.alterTable(`refresh_tokens`).addColumn(`last_exchanged_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).addColumn(`created_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).addColumn(`updated_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).addColumn(`expires_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).addColumn(`idle_expires_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).addColumn(`authenticated_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).addColumn(`last_interaction_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).addColumn(`used_at`,`varchar(35)`).execute(),await e.schema.alterTable(`sessions`).addColumn(`revoked_at`,`varchar(35)`).execute(),await e.schema.alterTable(`login_sessions`).addColumn(`created_at`,`varchar(35)`).execute(),await e.schema.alterTable(`login_sessions`).addColumn(`updated_at`,`varchar(35)`).execute(),await e.schema.alterTable(`login_sessions`).addColumn(`expires_at`,`varchar(35)`).execute(),q(`Rollback completed`)}var cf=t({down:()=>uf,up:()=>lf});async function lf(e){await e.schema.alterTable(`users`).dropColumn(`user_metadata`).execute(),await e.schema.alterTable(`users`).addColumn(`user_metadata`,`text`).execute(),await e.schema.alterTable(`users`).addColumn(`middle_name`,`varchar(100)`).execute(),await e.schema.alterTable(`users`).addColumn(`profile`,`text`).execute(),await e.schema.alterTable(`users`).addColumn(`website`,`text`).execute(),await e.schema.alterTable(`users`).addColumn(`gender`,`varchar(50)`).execute(),await e.schema.alterTable(`users`).addColumn(`birthdate`,`varchar(10)`).execute(),await e.schema.alterTable(`users`).addColumn(`zoneinfo`,`varchar(100)`).execute()}async function uf(e){await e.schema.alterTable(`users`).dropColumn(`middle_name`).execute(),await e.schema.alterTable(`users`).dropColumn(`profile`).execute(),await e.schema.alterTable(`users`).dropColumn(`website`).execute(),await e.schema.alterTable(`users`).dropColumn(`gender`).execute(),await e.schema.alterTable(`users`).dropColumn(`birthdate`).execute(),await e.schema.alterTable(`users`).dropColumn(`zoneinfo`).execute(),await e.schema.alterTable(`users`).dropColumn(`user_metadata`).execute(),await e.schema.alterTable(`users`).addColumn(`user_metadata`,`varchar(4096)`).execute()}var df=t({down:()=>pf,up:()=>ff});async function ff(e){await e.schema.alterTable(`users`).addColumn(`preferred_username`,`varchar(255)`).execute()}async function pf(e){await e.schema.alterTable(`users`).dropColumn(`preferred_username`).execute()}var mf=t({down:()=>gf,up:()=>hf});async function hf(e){await e.schema.alterTable(`users`).addColumn(`address`,`text`).execute()}async function gf(e){await e.schema.alterTable(`users`).dropColumn(`address`).execute()}var _f=t({down:()=>yf,up:()=>vf});async function vf(e){try{await e.schema.alterTable(`login_sessions`).addColumn(`authParams_max_age`,`integer`).execute(),q(`  Added column authParams_max_age to login_sessions`)}catch(e){J(`  Warning: Could not add authParams_max_age column: ${e instanceof Error?e.message:String(e)}`)}try{await e.schema.alterTable(`login_sessions`).addColumn(`authParams_acr_values`,`text`).execute(),q(`  Added column authParams_acr_values to login_sessions`)}catch(e){J(`  Warning: Could not add authParams_acr_values column: ${e instanceof Error?e.message:String(e)}`)}}async function yf(e){try{await e.schema.alterTable(`login_sessions`).dropColumn(`authParams_max_age`).execute()}catch(e){J(`  Warning: Could not drop authParams_max_age column: ${e instanceof Error?e.message:String(e)}`)}try{await e.schema.alterTable(`login_sessions`).dropColumn(`authParams_acr_values`).execute()}catch(e){J(`  Warning: Could not drop authParams_acr_values column: ${e instanceof Error?e.message:String(e)}`)}}var bf=t({down:()=>Sf,up:()=>xf});async function xf(e){await e.schema.alterTable(`clients`).addColumn(`auth0_conformant`,`integer`,e=>e.defaultTo(1)).execute()}async function Sf(e){await e.schema.alterTable(`clients`).dropColumn(`auth0_conformant`).execute()}var Cf=t({down:()=>Tf,up:()=>wf});async function wf(e){await e.schema.createTable(`universal_login_templates`).addColumn(`tenant_id`,`varchar(191)`,e=>e.primaryKey().references(`tenants.id`).onDelete(`cascade`)).addColumn(`body`,`text`,e=>e.notNull()).addColumn(`updated_at_ts`,`integer`,e=>e.notNull()).addColumn(`created_at_ts`,`integer`,e=>e.notNull()).execute()}async function Tf(e){await e.schema.dropTable(`universal_login_templates`).execute()}var Ef=t({down:()=>Of,up:()=>Df});async function Df(e){await e.schema.createTable(`custom_text`).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull().references(`tenants.id`).onDelete(`cascade`)).addColumn(`prompt`,`varchar(64)`,e=>e.notNull()).addColumn(`language`,`varchar(16)`,e=>e.notNull()).addColumn(`custom_text`,`text`,e=>e.notNull()).addColumn(`created_at_ts`,`bigint`,e=>e.notNull()).addColumn(`updated_at_ts`,`bigint`,e=>e.notNull()).addPrimaryKeyConstraint(`custom_text_pk`,[`tenant_id`,`prompt`,`language`]).execute()}async function Of(e){await e.schema.dropTable(`custom_text`).execute()}var kf=t({down:()=>jf,up:()=>Af});async function Af(e){await e.schema.alterTable(`tenants`).addColumn(`mfa`,`text`).execute()}async function jf(e){await e.schema.alterTable(`tenants`).dropColumn(`mfa`).execute()}var Mf=t({down:()=>Lf,up:()=>Ff});async function Nf(e){try{return await i.sql`SELECT VERSION()`.execute(e),`mysql`}catch{return`sqlite`}}async function Pf(e,t,n,r){try{await e.schema.alterTable(t).addColumn(n,i.sql.raw(r)).execute()}catch(e){if(e instanceof Error&&(e.message.includes(`1060`)||e.message.includes(`duplicate column`))){q(`  Column ${t}.${n} already exists, skipping`);return}throw e}}async function Ff(e){let t=await Nf(e);await Pf(e,`hooks`,`template_id`,`text`),await Pf(e,`hooks`,`created_at_ts`,`bigint`),await Pf(e,`hooks`,`updated_at_ts`,`bigint`),t===`mysql`?await i.sql`
       UPDATE hooks
       SET created_at_ts = UNIX_TIMESTAMP(created_at) * 1000,
           updated_at_ts = UNIX_TIMESTAMP(updated_at) * 1000
       WHERE created_at_ts IS NULL AND created_at IS NOT NULL
-    `.execute(e):await h.sql`
+    `.execute(e):await i.sql`
       UPDATE hooks
       SET created_at_ts = CAST(strftime('%s', created_at) AS INTEGER) * 1000,
           updated_at_ts = CAST(strftime('%s', updated_at) AS INTEGER) * 1000
       WHERE created_at_ts IS NULL AND created_at IS NOT NULL
-    `.execute(e),t==="mysql"&&(await e.schema.alterTable("hooks").modifyColumn("created_at","varchar(255)").execute(),await e.schema.alterTable("hooks").modifyColumn("updated_at","varchar(255)").execute())}async function re(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){if(n instanceof Error&&(n.message.includes("1091")||n.message.includes("no such column")))return;throw n}}async function Y_(e){await re(e,"hooks","template_id"),await re(e,"hooks","created_at_ts"),await re(e,"hooks","updated_at_ts")}const G_=Object.freeze(Object.defineProperty({__proto__:null,down:Y_,up:H_},Symbol.toStringTag,{value:"Module"}));async function Le(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function Ce(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){const o=n instanceof Error?n.message:String(n);if(o.includes("1091")||o.includes("no such column")){w(`  Column ${t}.${a} doesn't exist, skipping`);return}throw n}}async function V_(e){var r,s,i,l,d;const t=await Le(e);w("Running preflight integrity check on hooks timestamp columns...");const{rows:a}=await h.sql`SELECT
+    `.execute(e),t===`mysql`&&(await e.schema.alterTable(`hooks`).modifyColumn(`created_at`,`varchar(255)`).execute(),await e.schema.alterTable(`hooks`).modifyColumn(`updated_at`,`varchar(255)`).execute())}async function If(e,t,n){try{await e.schema.alterTable(t).dropColumn(n).execute()}catch(e){if(e instanceof Error&&(e.message.includes(`1091`)||e.message.includes(`no such column`)))return;throw e}}async function Lf(e){await If(e,`hooks`,`template_id`),await If(e,`hooks`,`created_at_ts`),await If(e,`hooks`,`updated_at_ts`)}var Rf=t({down:()=>Hf,up:()=>Vf});async function zf(e){try{return await i.sql`SELECT VERSION()`.execute(e),`mysql`}catch{return`sqlite`}}async function Bf(e,t,n){try{await e.schema.alterTable(t).dropColumn(n).execute()}catch(e){let r=e instanceof Error?e.message:String(e);if(r.includes(`1091`)||r.includes(`no such column`)){q(`  Column ${t}.${n} doesn't exist, skipping`);return}throw e}}async function Vf(e){let t=await zf(e);q(`Running preflight integrity check on hooks timestamp columns...`);let{rows:n}=await i.sql`SELECT
       SUM(CASE WHEN created_at_ts IS NULL THEN 1 ELSE 0 END) AS null_created,
       SUM(CASE WHEN updated_at_ts IS NULL THEN 1 ELSE 0 END) AS null_updated
-    FROM hooks`.execute(e),n=Number(((r=a[0])==null?void 0:r.null_created)??0),o=Number(((s=a[0])==null?void 0:s.null_updated)??0);if(n>0||o>0)throw new Error(`Preflight check failed: ${n} row(s) with NULL created_at_ts, ${o} row(s) with NULL updated_at_ts. All timestamp data must be migrated to _ts columns before dropping legacy columns.`);if(w("  Preflight check passed — all _ts columns are populated."),t==="mysql"){w("Running preflight length check on columns being narrowed...");const{rows:_}=await h.sql`SELECT
+    FROM hooks`.execute(e),r=Number(n[0]?.null_created??0),a=Number(n[0]?.null_updated??0);if(r>0||a>0)throw Error(`Preflight check failed: ${r} row(s) with NULL created_at_ts, ${a} row(s) with NULL updated_at_ts. All timestamp data must be migrated to _ts columns before dropping legacy columns.`);if(q(`  Preflight check passed — all _ts columns are populated.`),t===`mysql`){q(`Running preflight length check on columns being narrowed...`);let{rows:t}=await i.sql`SELECT
         SUM(CASE WHEN CHAR_LENGTH(hook_id) > 21 THEN 1 ELSE 0 END) AS long_hook_id,
         SUM(CASE WHEN CHAR_LENGTH(form_id) > 128 THEN 1 ELSE 0 END) AS long_form_id,
         SUM(CASE WHEN CHAR_LENGTH(template_id) > 64 THEN 1 ELSE 0 END) AS long_template_id
-      FROM hooks`.execute(e),c=Number(((i=_[0])==null?void 0:i.long_hook_id)??0),m=Number(((l=_[0])==null?void 0:l.long_form_id)??0),u=Number(((d=_[0])==null?void 0:d.long_template_id)??0),f=[];if(c>0&&f.push(`${c} row(s) with hook_id longer than 21 chars`),m>0&&f.push(`${m} row(s) with form_id longer than 128 chars`),u>0&&f.push(`${u} row(s) with template_id longer than 64 chars`),f.length>0)throw new Error(`Preflight length check failed: ${f.join("; ")}. Truncate or fix oversized values before running this migration.`);w("  Preflight length check passed — all values fit within new column sizes.")}w("Dropping old date columns from hooks..."),await Ce(e,"hooks","created_at"),await Ce(e,"hooks","updated_at"),t==="mysql"&&(w("Fixing hook column types..."),await e.schema.alterTable("hooks").modifyColumn("hook_id","varchar(21)",_=>_.notNull().primaryKey()).execute(),await e.schema.alterTable("hooks").modifyColumn("form_id","varchar(128)").execute(),await e.schema.alterTable("hooks").modifyColumn("template_id","varchar(64)").execute())}async function X_(e){const t=await Le(e);await e.schema.alterTable("hooks").addColumn("created_at","varchar(255)").execute(),await e.schema.alterTable("hooks").addColumn("updated_at","varchar(255)").execute(),t==="mysql"?await h.sql`
+      FROM hooks`.execute(e),n=Number(t[0]?.long_hook_id??0),r=Number(t[0]?.long_form_id??0),a=Number(t[0]?.long_template_id??0),o=[];if(n>0&&o.push(`${n} row(s) with hook_id longer than 21 chars`),r>0&&o.push(`${r} row(s) with form_id longer than 128 chars`),a>0&&o.push(`${a} row(s) with template_id longer than 64 chars`),o.length>0)throw Error(`Preflight length check failed: ${o.join(`; `)}. Truncate or fix oversized values before running this migration.`);q(`  Preflight length check passed — all values fit within new column sizes.`)}q(`Dropping old date columns from hooks...`),await Bf(e,`hooks`,`created_at`),await Bf(e,`hooks`,`updated_at`),t===`mysql`&&(q(`Fixing hook column types...`),await e.schema.alterTable(`hooks`).modifyColumn(`hook_id`,`varchar(21)`,e=>e.notNull().primaryKey()).execute(),await e.schema.alterTable(`hooks`).modifyColumn(`form_id`,`varchar(128)`).execute(),await e.schema.alterTable(`hooks`).modifyColumn(`template_id`,`varchar(64)`).execute())}async function Hf(e){let t=await zf(e);await e.schema.alterTable(`hooks`).addColumn(`created_at`,`varchar(255)`).execute(),await e.schema.alterTable(`hooks`).addColumn(`updated_at`,`varchar(255)`).execute(),t===`mysql`?await i.sql`
       UPDATE hooks
       SET created_at = DATE_FORMAT(CONVERT_TZ(FROM_UNIXTIME(created_at_ts / 1000), @@session.time_zone, '+00:00'), '%Y-%m-%dT%H:%i:%s.000Z'),
           updated_at = DATE_FORMAT(CONVERT_TZ(FROM_UNIXTIME(updated_at_ts / 1000), @@session.time_zone, '+00:00'), '%Y-%m-%dT%H:%i:%s.000Z')
       WHERE created_at_ts IS NOT NULL
-    `.execute(e):await h.sql`
+    `.execute(e):await i.sql`
       UPDATE hooks
       SET created_at = strftime('%Y-%m-%dT%H:%M:%fZ', created_at_ts / 1000, 'unixepoch'),
           updated_at = strftime('%Y-%m-%dT%H:%M:%fZ', updated_at_ts / 1000, 'unixepoch')
       WHERE created_at_ts IS NOT NULL
-    `.execute(e),t==="mysql"&&(await e.schema.alterTable("hooks").modifyColumn("hook_id","varchar(255)",a=>a.notNull().primaryKey()).execute(),await e.schema.alterTable("hooks").modifyColumn("form_id","text").execute(),await e.schema.alterTable("hooks").modifyColumn("template_id","text").execute())}const Z_=Object.freeze(Object.defineProperty({__proto__:null,down:X_,up:V_},Symbol.toStringTag,{value:"Module"}));async function em(e){const{rows:t}=await h.sql`
+    `.execute(e),t===`mysql`&&(await e.schema.alterTable(`hooks`).modifyColumn(`hook_id`,`varchar(255)`,e=>e.notNull().primaryKey()).execute(),await e.schema.alterTable(`hooks`).modifyColumn(`form_id`,`text`).execute(),await e.schema.alterTable(`hooks`).modifyColumn(`template_id`,`text`).execute())}var Uf=t({down:()=>Gf,up:()=>Wf});async function Wf(e){let{rows:t}=await i.sql`
     SELECT username, provider, tenant_id, COUNT(*) AS cnt
     FROM users
     WHERE username IS NOT NULL
     GROUP BY username, provider, tenant_id
     HAVING COUNT(*) > 1
-  `.execute(e);if(t.length>0){w(`Found ${t.length} duplicate (username, provider, tenant_id) group(s) – cleaning up…`);for(const a of t)w(`  provider=${a.provider} count=${a.cnt}`);await h.sql`
+  `.execute(e);if(t.length>0){q(`Found ${t.length} duplicate (username, provider, tenant_id) group(s) – cleaning up…`);for(let e of t)q(`  provider=${e.provider} count=${e.cnt}`);await i.sql`
       DELETE FROM users
       WHERE username IS NOT NULL
         AND (user_id, tenant_id) NOT IN (
@@ -125,7 +125,7 @@
           GROUP BY username, provider, tenant_id
           HAVING COUNT(*) > 1
         )
-    `.execute(e),w("Duplicate rows removed.")}await e.schema.createIndex("unique_username_provider").on("users").unique().columns(["username","provider","tenant_id"]).execute()}async function tm(e){await e.schema.dropIndex("unique_username_provider").execute()}const am=Object.freeze(Object.defineProperty({__proto__:null,down:tm,up:em},Symbol.toStringTag,{value:"Module"}));async function nm(e){await e.schema.alterTable("refresh_tokens").addColumn("login_id","varchar(26)").execute(),await e.schema.createIndex("idx_refresh_tokens_login_id").on("refresh_tokens").column("login_id").execute()}async function om(e){await e.schema.dropIndex("idx_refresh_tokens_login_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("login_id").execute()}const rm=Object.freeze(Object.defineProperty({__proto__:null,down:om,up:nm},Symbol.toStringTag,{value:"Module"}));async function Ue(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function sm(e){await Ue(e)==="mysql"?(await e.schema.alterTable("refresh_tokens").modifyColumn("login_id","varchar(26)",a=>a.notNull()).execute(),await e.schema.dropIndex("idx_refresh_tokens_session_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("session_id").execute()):(await e.schema.dropIndex("idx_refresh_tokens_session_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("session_id").execute())}async function im(e){await Ue(e)==="mysql"?(await e.schema.alterTable("refresh_tokens").addColumn("session_id","varchar(26)").execute(),await e.schema.createIndex("idx_refresh_tokens_session_id").on("refresh_tokens").column("session_id").execute(),await e.schema.alterTable("refresh_tokens").modifyColumn("login_id","varchar(26)").execute()):await e.schema.alterTable("refresh_tokens").addColumn("session_id","varchar(21)").execute()}const cm=Object.freeze(Object.defineProperty({__proto__:null,down:im,up:sm},Symbol.toStringTag,{value:"Module"}));async function lm(e){await e.schema.createIndex("idx_sessions_idle_expires_at_ts").on("sessions").column("idle_expires_at_ts").execute(),await e.schema.createIndex("idx_refresh_tokens_idle_expires_at_ts").on("refresh_tokens").column("idle_expires_at_ts").execute()}async function dm(e){await e.schema.dropIndex("idx_sessions_idle_expires_at_ts").on("sessions").execute(),await e.schema.dropIndex("idx_refresh_tokens_idle_expires_at_ts").on("refresh_tokens").execute()}const um=Object.freeze(Object.defineProperty({__proto__:null,down:dm,up:lm},Symbol.toStringTag,{value:"Module"}));async function _m(e){await e.schema.alterTable("login_sessions").addColumn("auth_connection","varchar(255)").execute()}async function mm(e){await e.schema.alterTable("login_sessions").dropColumn("auth_connection").execute()}const hm=Object.freeze(Object.defineProperty({__proto__:null,down:mm,up:_m},Symbol.toStringTag,{value:"Module"}));async function pm(e){await e.schema.createTable("mfa_enrollments").addColumn("id","varchar(26)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("user_id","varchar(255)",t=>t.notNull()).addColumn("type","varchar(32)",t=>t.notNull()).addColumn("phone_number","varchar(32)").addColumn("totp_secret","varchar(255)").addColumn("confirmed","integer",t=>t.notNull().defaultTo(0)).addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("mfa_enrollments_tenant_user_idx").on("mfa_enrollments").columns(["tenant_id","user_id"]).execute()}async function fm(e){await e.schema.dropTable("mfa_enrollments").execute()}const gm=Object.freeze(Object.defineProperty({__proto__:null,down:fm,up:pm},Symbol.toStringTag,{value:"Module"}));async function wm(e){await e.schema.alterTable("codes").addColumn("otp","varchar(32)").execute()}async function ym(e){await e.schema.alterTable("codes").dropColumn("otp").execute()}const vm=Object.freeze(Object.defineProperty({__proto__:null,down:ym,up:wm},Symbol.toStringTag,{value:"Module"}));async function Cm(e){await e.schema.alterTable("mfa_enrollments").renameTo("authentication_methods").execute(),await e.schema.alterTable("authentication_methods").addColumn("credential_id","varchar(512)").execute(),await e.schema.alterTable("authentication_methods").addColumn("public_key","text").execute(),await e.schema.alterTable("authentication_methods").addColumn("sign_count","integer").execute(),await e.schema.alterTable("authentication_methods").addColumn("credential_backed_up","integer").execute(),await e.schema.alterTable("authentication_methods").addColumn("transports","varchar(512)").execute(),await e.schema.alterTable("authentication_methods").addColumn("friendly_name","varchar(255)").execute(),await e.schema.createIndex("authentication_methods_credential_id_idx").on("authentication_methods").column("credential_id").execute()}async function xm(e){await e.schema.dropIndex("authentication_methods_credential_id_idx").execute(),await e.schema.alterTable("authentication_methods").dropColumn("friendly_name").execute(),await e.schema.alterTable("authentication_methods").dropColumn("transports").execute(),await e.schema.alterTable("authentication_methods").dropColumn("credential_backed_up").execute(),await e.schema.alterTable("authentication_methods").dropColumn("sign_count").execute(),await e.schema.alterTable("authentication_methods").dropColumn("public_key").execute(),await e.schema.alterTable("authentication_methods").dropColumn("credential_id").execute(),await e.schema.alterTable("authentication_methods").renameTo("mfa_enrollments").execute()}const Tm=Object.freeze(Object.defineProperty({__proto__:null,down:xm,up:Cm},Symbol.toStringTag,{value:"Module"}));async function bm(e){await e.schema.createTable("outbox_events").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("event_type","varchar(255)",t=>t.notNull()).addColumn("log_type","varchar(64)",t=>t.notNull()).addColumn("aggregate_type","varchar(64)",t=>t.notNull()).addColumn("aggregate_id","varchar(255)",t=>t.notNull()).addColumn("payload","text",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("processed_at","varchar(35)").addColumn("retry_count","integer",t=>t.notNull().defaultTo(0)).addColumn("next_retry_at","varchar(35)").addColumn("error","text").execute(),await e.schema.createIndex("idx_outbox_unprocessed").on("outbox_events").columns(["processed_at","created_at"]).execute(),await e.schema.createIndex("idx_outbox_tenant_type").on("outbox_events").columns(["tenant_id","event_type","created_at"]).execute()}async function Nm(e){await e.schema.dropTable("outbox_events").execute()}const Sm=Object.freeze(Object.defineProperty({__proto__:null,down:Nm,up:bm},Symbol.toStringTag,{value:"Module"}));async function Om(e){await e.schema.alterTable("outbox_events").addColumn("claimed_by","varchar(64)").execute(),await e.schema.alterTable("outbox_events").addColumn("claim_expires_at","varchar(35)").execute()}async function km(e){await e.schema.alterTable("outbox_events").dropColumn("claimed_by").execute(),await e.schema.alterTable("outbox_events").dropColumn("claim_expires_at").execute()}const $m=Object.freeze(Object.defineProperty({__proto__:null,down:km,up:Om},Symbol.toStringTag,{value:"Module"}));async function Em(e){await e.schema.createIndex("idx_outbox_claim").on("outbox_events").columns(["processed_at","claim_expires_at","next_retry_at","created_at"]).execute()}async function Im(e){await e.schema.dropIndex("idx_outbox_claim").on("outbox_events").execute()}const Pm=Object.freeze(Object.defineProperty({__proto__:null,down:Im,up:Em},Symbol.toStringTag,{value:"Module"}));async function zm(e){await e.schema.createTable("hook_code").addColumn("id","varchar(21)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("code","text",t=>t.notNull()).addColumn("secrets","text").addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("idx_hook_code_tenant").on("hook_code").columns(["tenant_id"]).execute(),await e.schema.alterTable("hooks").addColumn("code_id","varchar(21)").execute()}async function Dm(e){await e.schema.alterTable("hooks").dropColumn("code_id").execute(),await e.schema.dropTable("hook_code").execute()}const Am=Object.freeze(Object.defineProperty({__proto__:null,down:Dm,up:zm},Symbol.toStringTag,{value:"Module"}));async function Fm(e){await e.schema.createTable("actions").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("code","text",t=>t.notNull()).addColumn("runtime","varchar(50)").addColumn("status","varchar(50)",t=>t.defaultTo("built")).addColumn("secrets","text").addColumn("dependencies","text").addColumn("supported_triggers","text").addColumn("deployed_at_ts","bigint").addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("idx_actions_tenant").on("actions").columns(["tenant_id"]).execute()}async function jm(e){await e.schema.dropTable("actions").execute()}const Rm=Object.freeze(Object.defineProperty({__proto__:null,down:jm,up:Fm},Symbol.toStringTag,{value:"Module"}));async function qm(e){await e.schema.alterTable("outbox_events").addColumn("dead_lettered_at","varchar(35)").execute(),await e.schema.alterTable("outbox_events").addColumn("final_error","text").execute()}async function Mm(e){await e.schema.alterTable("outbox_events").dropColumn("dead_lettered_at").execute(),await e.schema.alterTable("outbox_events").dropColumn("final_error").execute()}const Jm=Object.freeze(Object.defineProperty({__proto__:null,down:Mm,up:qm},Symbol.toStringTag,{value:"Module"}));async function Lm(e){await e.schema.alterTable("users").addColumn("registration_completed_at","varchar(35)").execute(),await e.updateTable("users").set({registration_completed_at:h.sql`created_at`}).where("registration_completed_at","is",null).execute()}async function Um(e){await e.schema.alterTable("users").dropColumn("registration_completed_at").execute()}const Km=Object.freeze(Object.defineProperty({__proto__:null,down:Um,up:Lm},Symbol.toStringTag,{value:"Module"}));async function Bm(e){await e.schema.createIndex("idx_outbox_events_tenant_dead_lettered").on("outbox_events").columns(["tenant_id","dead_lettered_at"]).execute()}async function Qm(e){await e.schema.dropIndex("idx_outbox_events_tenant_dead_lettered").execute()}const Wm=Object.freeze(Object.defineProperty({__proto__:null,down:Qm,up:Bm},Symbol.toStringTag,{value:"Module"}));async function Hm(e){await e.schema.alterTable("login_sessions").addColumn("auth_strategy_strategy","varchar(64)").execute(),await e.schema.alterTable("login_sessions").addColumn("auth_strategy_strategy_type","varchar(64)").execute(),await e.schema.alterTable("login_sessions").addColumn("authenticated_at","varchar(35)").execute()}async function Ym(e){await e.schema.alterTable("login_sessions").dropColumn("auth_strategy_strategy").execute(),await e.schema.alterTable("login_sessions").dropColumn("auth_strategy_strategy_type").execute(),await e.schema.alterTable("login_sessions").dropColumn("authenticated_at").execute()}const Gm=Object.freeze(Object.defineProperty({__proto__:null,down:Ym,up:Hm},Symbol.toStringTag,{value:"Module"}));async function Ke(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function Vm(e){const t=await Ke(e);try{await e.schema.alterTable("login_sessions").addColumn("auth_params","text").execute(),w("  Added column auth_params to login_sessions")}catch(a){A(`  Warning: Could not add auth_params column: ${a instanceof Error?a.message:String(a)}`)}if(t==="mysql")try{await e.schema.alterTable("login_sessions").modifyColumn("authorization_url","text").execute(),w("  Widened authorization_url to text")}catch(a){A(`  Warning: Could not widen authorization_url: ${a instanceof Error?a.message:String(a)}`)}}async function Xm(e){const t=await Ke(e);try{await e.schema.alterTable("login_sessions").dropColumn("auth_params").execute()}catch(a){A(`  Warning: Could not drop auth_params column: ${a instanceof Error?a.message:String(a)}`)}if(t==="mysql")try{await e.schema.alterTable("login_sessions").modifyColumn("authorization_url","varchar(1024)").execute()}catch(a){A(`  Warning: Could not narrow authorization_url: ${a instanceof Error?a.message:String(a)}`)}}const Zm=Object.freeze(Object.defineProperty({__proto__:null,down:Xm,up:Vm},Symbol.toStringTag,{value:"Module"})),eh=["client_id","act_as","response_type","response_mode","redirect_uri","audience","organization","state","nonce","scope","prompt","code_challenge_method","code_challenge","username","ui_locales","max_age","acr_values","vendor_id"],xe=500,Te=20;async function th(e){try{let t=0;for(;;){const a=await e.selectFrom("login_sessions").where("auth_params","is",null).selectAll().limit(xe).execute();if(a.length===0)break;for(let n=0;n<a.length;n+=Te){const o=a.slice(n,n+Te);await Promise.all(o.map(async r=>{const s={};for(const i of eh){const l=r[`authParams_${i}`];l!=null&&(s[i]=l)}await e.updateTable("login_sessions").set({auth_params:JSON.stringify(s)}).where("tenant_id","=",r.tenant_id).where("id","=",r.id).execute()}))}if(t+=a.length,w(`  Backfilled auth_params for ${t} login_sessions row(s)...`),a.length<xe)break}w(t===0?"  No login_sessions rows to backfill (auth_params all set)":`  Backfilled auth_params for ${t} login_sessions row(s) total`)}catch(t){A(`  Warning: Could not backfill auth_params: ${t instanceof Error?t.message:String(t)}`)}}async function ah(e){}const nh=Object.freeze(Object.defineProperty({__proto__:null,down:ah,up:th},Symbol.toStringTag,{value:"Module"}));async function oh(e){try{return await h.sql`SELECT @@version_comment`.execute(e),"mysql"}catch{return"sqlite"}}async function rh(e){await oh(e)==="mysql"?await sh(e):await ih(e)}async function sh(e){try{await h.sql`ALTER TABLE login_sessions DROP FOREIGN KEY login_sessions_client_fk`.execute(e),w("  Dropped FK login_sessions_client_fk")}catch(t){const a=t instanceof Error?t.message:String(t);a.includes("1091")||a.includes("doesn't exist")?w("  FK login_sessions_client_fk already absent, skipping"):A(`  Warning: could not drop login_sessions_client_fk: ${a}`)}try{await h.sql`ALTER TABLE login_sessions MODIFY authParams_client_id varchar(191) NULL`.execute(e),w("  Relaxed NOT NULL on login_sessions.authParams_client_id")}catch(t){const a=t instanceof Error?t.message:String(t);throw A(`  Failed to relax authParams_client_id NOT NULL: ${a}`),t}}async function ih(e){await e.transaction().execute(async t=>{await t.schema.createTable("login_sessions_new").addColumn("id","varchar(26)",a=>a.notNull()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(26)").addColumn("csrf_token","varchar(26)",a=>a.notNull()).addColumn("authParams_client_id","varchar(191)").addColumn("authParams_vendor_id","varchar(255)").addColumn("authParams_username","varchar(255)").addColumn("authParams_response_type","varchar(255)").addColumn("authParams_response_mode","varchar(255)").addColumn("authParams_audience","varchar(255)").addColumn("authParams_scope","text").addColumn("authParams_state","text").addColumn("authParams_nonce","varchar(255)").addColumn("authParams_code_challenge_method","varchar(255)").addColumn("authParams_code_challenge","varchar(255)").addColumn("authParams_redirect_uri","text").addColumn("authParams_organization","varchar(255)").addColumn("authParams_prompt","varchar(32)").addColumn("authParams_act_as","varchar(256)").addColumn("authParams_ui_locales","varchar(32)").addColumn("authParams_max_age","integer").addColumn("authParams_acr_values","varchar(255)").addColumn("authorization_url","text").addColumn("ip","varchar(39)").addColumn("useragent","text").addColumn("auth0Client","varchar(255)").addColumn("state","varchar(50)",a=>a.defaultTo("pending")).addColumn("state_data","text").addColumn("failure_reason","text").addColumn("user_id","varchar(255)").addColumn("created_at_ts","bigint").addColumn("updated_at_ts","bigint").addColumn("expires_at_ts","bigint").addColumn("auth_connection","varchar(255)").addColumn("auth_strategy_strategy","varchar(64)").addColumn("auth_strategy_strategy_type","varchar(64)").addColumn("authenticated_at","varchar(35)").addColumn("auth_params","text").addPrimaryKeyConstraint("login_sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("login_sessions_session_fk",["tenant_id","session_id"],"sessions",["tenant_id","id"],a=>a.onDelete("cascade")).execute(),await h.sql`INSERT INTO login_sessions_new (
+    `.execute(e),q(`Duplicate rows removed.`)}await e.schema.createIndex(`unique_username_provider`).on(`users`).unique().columns([`username`,`provider`,`tenant_id`]).execute()}async function Gf(e){await e.schema.dropIndex(`unique_username_provider`).execute()}var Kf=t({down:()=>Jf,up:()=>qf});async function qf(e){await e.schema.alterTable(`refresh_tokens`).addColumn(`login_id`,`varchar(26)`).execute(),await e.schema.createIndex(`idx_refresh_tokens_login_id`).on(`refresh_tokens`).column(`login_id`).execute()}async function Jf(e){await e.schema.dropIndex(`idx_refresh_tokens_login_id`).execute(),await e.schema.alterTable(`refresh_tokens`).dropColumn(`login_id`).execute()}var Yf=t({down:()=>Qf,up:()=>Zf});async function Xf(e){try{return await i.sql`SELECT VERSION()`.execute(e),`mysql`}catch{return`sqlite`}}async function Zf(e){await Xf(e)===`mysql`?(await e.schema.alterTable(`refresh_tokens`).modifyColumn(`login_id`,`varchar(26)`,e=>e.notNull()).execute(),await e.schema.dropIndex(`idx_refresh_tokens_session_id`).execute(),await e.schema.alterTable(`refresh_tokens`).dropColumn(`session_id`).execute()):(await e.schema.dropIndex(`idx_refresh_tokens_session_id`).execute(),await e.schema.alterTable(`refresh_tokens`).dropColumn(`session_id`).execute())}async function Qf(e){await Xf(e)===`mysql`?(await e.schema.alterTable(`refresh_tokens`).addColumn(`session_id`,`varchar(26)`).execute(),await e.schema.createIndex(`idx_refresh_tokens_session_id`).on(`refresh_tokens`).column(`session_id`).execute(),await e.schema.alterTable(`refresh_tokens`).modifyColumn(`login_id`,`varchar(26)`).execute()):await e.schema.alterTable(`refresh_tokens`).addColumn(`session_id`,`varchar(21)`).execute()}var $f=t({down:()=>tp,up:()=>ep});async function ep(e){await e.schema.createIndex(`idx_sessions_idle_expires_at_ts`).on(`sessions`).column(`idle_expires_at_ts`).execute(),await e.schema.createIndex(`idx_refresh_tokens_idle_expires_at_ts`).on(`refresh_tokens`).column(`idle_expires_at_ts`).execute()}async function tp(e){await e.schema.dropIndex(`idx_sessions_idle_expires_at_ts`).on(`sessions`).execute(),await e.schema.dropIndex(`idx_refresh_tokens_idle_expires_at_ts`).on(`refresh_tokens`).execute()}var np=t({down:()=>ip,up:()=>rp});async function rp(e){await e.schema.alterTable(`login_sessions`).addColumn(`auth_connection`,`varchar(255)`).execute()}async function ip(e){await e.schema.alterTable(`login_sessions`).dropColumn(`auth_connection`).execute()}var ap=t({down:()=>sp,up:()=>op});async function op(e){await e.schema.createTable(`mfa_enrollments`).addColumn(`id`,`varchar(26)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`user_id`,`varchar(255)`,e=>e.notNull()).addColumn(`type`,`varchar(32)`,e=>e.notNull()).addColumn(`phone_number`,`varchar(32)`).addColumn(`totp_secret`,`varchar(255)`).addColumn(`confirmed`,`integer`,e=>e.notNull().defaultTo(0)).addColumn(`created_at_ts`,`bigint`,e=>e.notNull()).addColumn(`updated_at_ts`,`bigint`,e=>e.notNull()).execute(),await e.schema.createIndex(`mfa_enrollments_tenant_user_idx`).on(`mfa_enrollments`).columns([`tenant_id`,`user_id`]).execute()}async function sp(e){await e.schema.dropTable(`mfa_enrollments`).execute()}var cp=t({down:()=>up,up:()=>lp});async function lp(e){await e.schema.alterTable(`codes`).addColumn(`otp`,`varchar(32)`).execute()}async function up(e){await e.schema.alterTable(`codes`).dropColumn(`otp`).execute()}var dp=t({down:()=>pp,up:()=>fp});async function fp(e){await e.schema.alterTable(`mfa_enrollments`).renameTo(`authentication_methods`).execute(),await e.schema.alterTable(`authentication_methods`).addColumn(`credential_id`,`varchar(512)`).execute(),await e.schema.alterTable(`authentication_methods`).addColumn(`public_key`,`text`).execute(),await e.schema.alterTable(`authentication_methods`).addColumn(`sign_count`,`integer`).execute(),await e.schema.alterTable(`authentication_methods`).addColumn(`credential_backed_up`,`integer`).execute(),await e.schema.alterTable(`authentication_methods`).addColumn(`transports`,`varchar(512)`).execute(),await e.schema.alterTable(`authentication_methods`).addColumn(`friendly_name`,`varchar(255)`).execute(),await e.schema.createIndex(`authentication_methods_credential_id_idx`).on(`authentication_methods`).column(`credential_id`).execute()}async function pp(e){await e.schema.dropIndex(`authentication_methods_credential_id_idx`).execute(),await e.schema.alterTable(`authentication_methods`).dropColumn(`friendly_name`).execute(),await e.schema.alterTable(`authentication_methods`).dropColumn(`transports`).execute(),await e.schema.alterTable(`authentication_methods`).dropColumn(`credential_backed_up`).execute(),await e.schema.alterTable(`authentication_methods`).dropColumn(`sign_count`).execute(),await e.schema.alterTable(`authentication_methods`).dropColumn(`public_key`).execute(),await e.schema.alterTable(`authentication_methods`).dropColumn(`credential_id`).execute(),await e.schema.alterTable(`authentication_methods`).renameTo(`mfa_enrollments`).execute()}var mp=t({down:()=>gp,up:()=>hp});async function hp(e){await e.schema.createTable(`outbox_events`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`event_type`,`varchar(255)`,e=>e.notNull()).addColumn(`log_type`,`varchar(64)`,e=>e.notNull()).addColumn(`aggregate_type`,`varchar(64)`,e=>e.notNull()).addColumn(`aggregate_id`,`varchar(255)`,e=>e.notNull()).addColumn(`payload`,`text`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`processed_at`,`varchar(35)`).addColumn(`retry_count`,`integer`,e=>e.notNull().defaultTo(0)).addColumn(`next_retry_at`,`varchar(35)`).addColumn(`error`,`text`).execute(),await e.schema.createIndex(`idx_outbox_unprocessed`).on(`outbox_events`).columns([`processed_at`,`created_at`]).execute(),await e.schema.createIndex(`idx_outbox_tenant_type`).on(`outbox_events`).columns([`tenant_id`,`event_type`,`created_at`]).execute()}async function gp(e){await e.schema.dropTable(`outbox_events`).execute()}var _p=t({down:()=>yp,up:()=>vp});async function vp(e){await e.schema.alterTable(`outbox_events`).addColumn(`claimed_by`,`varchar(64)`).execute(),await e.schema.alterTable(`outbox_events`).addColumn(`claim_expires_at`,`varchar(35)`).execute()}async function yp(e){await e.schema.alterTable(`outbox_events`).dropColumn(`claimed_by`).execute(),await e.schema.alterTable(`outbox_events`).dropColumn(`claim_expires_at`).execute()}var bp=t({down:()=>Sp,up:()=>xp});async function xp(e){await e.schema.createIndex(`idx_outbox_claim`).on(`outbox_events`).columns([`processed_at`,`claim_expires_at`,`next_retry_at`,`created_at`]).execute()}async function Sp(e){await e.schema.dropIndex(`idx_outbox_claim`).on(`outbox_events`).execute()}var Cp=t({down:()=>Tp,up:()=>wp});async function wp(e){await e.schema.createTable(`hook_code`).addColumn(`id`,`varchar(21)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`code`,`text`,e=>e.notNull()).addColumn(`secrets`,`text`).addColumn(`created_at_ts`,`bigint`,e=>e.notNull()).addColumn(`updated_at_ts`,`bigint`,e=>e.notNull()).execute(),await e.schema.createIndex(`idx_hook_code_tenant`).on(`hook_code`).columns([`tenant_id`]).execute(),await e.schema.alterTable(`hooks`).addColumn(`code_id`,`varchar(21)`).execute()}async function Tp(e){await e.schema.alterTable(`hooks`).dropColumn(`code_id`).execute(),await e.schema.dropTable(`hook_code`).execute()}var Ep=t({down:()=>Op,up:()=>Dp});async function Dp(e){await e.schema.createTable(`actions`).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`code`,`text`,e=>e.notNull()).addColumn(`runtime`,`varchar(50)`).addColumn(`status`,`varchar(50)`,e=>e.defaultTo(`built`)).addColumn(`secrets`,`text`).addColumn(`dependencies`,`text`).addColumn(`supported_triggers`,`text`).addColumn(`deployed_at_ts`,`bigint`).addColumn(`created_at_ts`,`bigint`,e=>e.notNull()).addColumn(`updated_at_ts`,`bigint`,e=>e.notNull()).execute(),await e.schema.createIndex(`idx_actions_tenant`).on(`actions`).columns([`tenant_id`]).execute()}async function Op(e){await e.schema.dropTable(`actions`).execute()}var kp=t({down:()=>jp,up:()=>Ap});async function Ap(e){await e.schema.alterTable(`outbox_events`).addColumn(`dead_lettered_at`,`varchar(35)`).execute(),await e.schema.alterTable(`outbox_events`).addColumn(`final_error`,`text`).execute()}async function jp(e){await e.schema.alterTable(`outbox_events`).dropColumn(`dead_lettered_at`).execute(),await e.schema.alterTable(`outbox_events`).dropColumn(`final_error`).execute()}var Mp=t({down:()=>Pp,up:()=>Np});async function Np(e){await e.schema.alterTable(`users`).addColumn(`registration_completed_at`,`varchar(35)`).execute(),await e.updateTable(`users`).set({registration_completed_at:i.sql`created_at`}).where(`registration_completed_at`,`is`,null).execute()}async function Pp(e){await e.schema.alterTable(`users`).dropColumn(`registration_completed_at`).execute()}var Fp=t({down:()=>Lp,up:()=>Ip});async function Ip(e){await e.schema.createIndex(`idx_outbox_events_tenant_dead_lettered`).on(`outbox_events`).columns([`tenant_id`,`dead_lettered_at`]).execute()}async function Lp(e){await e.schema.dropIndex(`idx_outbox_events_tenant_dead_lettered`).execute()}var Rp=t({down:()=>Bp,up:()=>zp});async function zp(e){await e.schema.alterTable(`login_sessions`).addColumn(`auth_strategy_strategy`,`varchar(64)`).execute(),await e.schema.alterTable(`login_sessions`).addColumn(`auth_strategy_strategy_type`,`varchar(64)`).execute(),await e.schema.alterTable(`login_sessions`).addColumn(`authenticated_at`,`varchar(35)`).execute()}async function Bp(e){await e.schema.alterTable(`login_sessions`).dropColumn(`auth_strategy_strategy`).execute(),await e.schema.alterTable(`login_sessions`).dropColumn(`auth_strategy_strategy_type`).execute(),await e.schema.alterTable(`login_sessions`).dropColumn(`authenticated_at`).execute()}var Vp=t({down:()=>Wp,up:()=>Up});async function Hp(e){try{return await i.sql`SELECT VERSION()`.execute(e),`mysql`}catch{return`sqlite`}}async function Up(e){let t=await Hp(e);try{await e.schema.alterTable(`login_sessions`).addColumn(`auth_params`,`text`).execute(),q(`  Added column auth_params to login_sessions`)}catch(e){J(`  Warning: Could not add auth_params column: ${e instanceof Error?e.message:String(e)}`)}if(t===`mysql`)try{await e.schema.alterTable(`login_sessions`).modifyColumn(`authorization_url`,`text`).execute(),q(`  Widened authorization_url to text`)}catch(e){J(`  Warning: Could not widen authorization_url: ${e instanceof Error?e.message:String(e)}`)}}async function Wp(e){let t=await Hp(e);try{await e.schema.alterTable(`login_sessions`).dropColumn(`auth_params`).execute()}catch(e){J(`  Warning: Could not drop auth_params column: ${e instanceof Error?e.message:String(e)}`)}if(t===`mysql`)try{await e.schema.alterTable(`login_sessions`).modifyColumn(`authorization_url`,`varchar(1024)`).execute()}catch(e){J(`  Warning: Could not narrow authorization_url: ${e instanceof Error?e.message:String(e)}`)}}var Gp=t({down:()=>Xp,up:()=>Yp}),Kp=[`client_id`,`act_as`,`response_type`,`response_mode`,`redirect_uri`,`audience`,`organization`,`state`,`nonce`,`scope`,`prompt`,`code_challenge_method`,`code_challenge`,`username`,`ui_locales`,`max_age`,`acr_values`,`vendor_id`],qp=500,Jp=20;async function Yp(e){try{let t=0;for(;;){let n=await e.selectFrom(`login_sessions`).where(`auth_params`,`is`,null).selectAll().limit(qp).execute();if(n.length===0)break;for(let t=0;t<n.length;t+=Jp){let r=n.slice(t,t+Jp);await Promise.all(r.map(async t=>{let n={};for(let e of Kp){let r=t[`authParams_${e}`];r!=null&&(n[e]=r)}await e.updateTable(`login_sessions`).set({auth_params:JSON.stringify(n)}).where(`tenant_id`,`=`,t.tenant_id).where(`id`,`=`,t.id).execute()}))}if(t+=n.length,q(`  Backfilled auth_params for ${t} login_sessions row(s)...`),n.length<qp)break}q(t===0?`  No login_sessions rows to backfill (auth_params all set)`:`  Backfilled auth_params for ${t} login_sessions row(s) total`)}catch(e){J(`  Warning: Could not backfill auth_params: ${e instanceof Error?e.message:String(e)}`)}}async function Xp(e){}var Zp=t({down:()=>nm,up:()=>$p});async function Qp(e){try{return await i.sql`SELECT @@version_comment`.execute(e),`mysql`}catch{return`sqlite`}}async function $p(e){await Qp(e)===`mysql`?await em(e):await tm(e)}async function em(e){try{await i.sql`ALTER TABLE login_sessions DROP FOREIGN KEY login_sessions_client_fk`.execute(e),q(`  Dropped FK login_sessions_client_fk`)}catch(e){let t=e instanceof Error?e.message:String(e);t.includes(`1091`)||t.includes(`doesn't exist`)?q(`  FK login_sessions_client_fk already absent, skipping`):J(`  Warning: could not drop login_sessions_client_fk: ${t}`)}try{await i.sql`ALTER TABLE login_sessions MODIFY authParams_client_id varchar(191) NULL`.execute(e),q(`  Relaxed NOT NULL on login_sessions.authParams_client_id`)}catch(e){throw J(`  Failed to relax authParams_client_id NOT NULL: ${e instanceof Error?e.message:String(e)}`),e}}async function tm(e){await e.transaction().execute(async e=>{await e.schema.createTable(`login_sessions_new`).addColumn(`id`,`varchar(26)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`session_id`,`varchar(26)`).addColumn(`csrf_token`,`varchar(26)`,e=>e.notNull()).addColumn(`authParams_client_id`,`varchar(191)`).addColumn(`authParams_vendor_id`,`varchar(255)`).addColumn(`authParams_username`,`varchar(255)`).addColumn(`authParams_response_type`,`varchar(255)`).addColumn(`authParams_response_mode`,`varchar(255)`).addColumn(`authParams_audience`,`varchar(255)`).addColumn(`authParams_scope`,`text`).addColumn(`authParams_state`,`text`).addColumn(`authParams_nonce`,`varchar(255)`).addColumn(`authParams_code_challenge_method`,`varchar(255)`).addColumn(`authParams_code_challenge`,`varchar(255)`).addColumn(`authParams_redirect_uri`,`text`).addColumn(`authParams_organization`,`varchar(255)`).addColumn(`authParams_prompt`,`varchar(32)`).addColumn(`authParams_act_as`,`varchar(256)`).addColumn(`authParams_ui_locales`,`varchar(32)`).addColumn(`authParams_max_age`,`integer`).addColumn(`authParams_acr_values`,`varchar(255)`).addColumn(`authorization_url`,`text`).addColumn(`ip`,`varchar(39)`).addColumn(`useragent`,`text`).addColumn(`auth0Client`,`varchar(255)`).addColumn(`state`,`varchar(50)`,e=>e.defaultTo(`pending`)).addColumn(`state_data`,`text`).addColumn(`failure_reason`,`text`).addColumn(`user_id`,`varchar(255)`).addColumn(`created_at_ts`,`bigint`).addColumn(`updated_at_ts`,`bigint`).addColumn(`expires_at_ts`,`bigint`).addColumn(`auth_connection`,`varchar(255)`).addColumn(`auth_strategy_strategy`,`varchar(64)`).addColumn(`auth_strategy_strategy_type`,`varchar(64)`).addColumn(`authenticated_at`,`varchar(35)`).addColumn(`auth_params`,`text`).addPrimaryKeyConstraint(`login_sessions_pk`,[`tenant_id`,`id`]).addForeignKeyConstraint(`login_sessions_session_fk`,[`tenant_id`,`session_id`],`sessions`,[`tenant_id`,`id`],e=>e.onDelete(`cascade`)).execute(),await i.sql`INSERT INTO login_sessions_new (
       id, tenant_id, session_id, csrf_token,
       authParams_client_id, authParams_vendor_id, authParams_username,
       authParams_response_type, authParams_response_mode, authParams_audience,
@@ -151,7 +151,7 @@
       user_id, created_at_ts, updated_at_ts, expires_at_ts,
       auth_connection, auth_strategy_strategy, auth_strategy_strategy_type,
       authenticated_at, auth_params
-    FROM login_sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await h.sql`ALTER TABLE login_sessions_new RENAME TO login_sessions`.execute(t),await t.schema.createIndex("login_sessions_id_index").on("login_sessions").column("id").execute(),await t.schema.createIndex("idx_login_sessions_session_id").on("login_sessions").column("session_id").execute(),await t.schema.createIndex("login_sessions_tenant_user_idx").on("login_sessions").columns(["tenant_id","user_id"]).execute(),await t.schema.createIndex("login_sessions_state_idx").on("login_sessions").column("state").execute(),await t.schema.createIndex("idx_login_sessions_expires_at_ts").on("login_sessions").column("expires_at_ts").execute()}),w("  Rebuilt login_sessions with FK dropped and authParams_client_id nullable")}async function ch(e){}const lh=Object.freeze(Object.defineProperty({__proto__:null,down:ch,up:rh},Symbol.toStringTag,{value:"Module"})),be=["authParams_client_id","authParams_vendor_id","authParams_username","authParams_response_type","authParams_response_mode","authParams_audience","authParams_scope","authParams_state","authParams_nonce","authParams_code_challenge_method","authParams_code_challenge","authParams_redirect_uri","authParams_organization","authParams_prompt","authParams_act_as","authParams_ui_locales","authParams_max_age","authParams_acr_values"];async function dh(e){try{return await h.sql`SELECT @@version_comment`.execute(e),"mysql"}catch{return"sqlite"}}async function uh(e,t,a){try{await e.schema.alterTable(t).dropColumn(a).execute()}catch(n){const o=n instanceof Error?n.message:String(n);if(o.includes("1091")||o.includes("no such column")){w(`  ${t}.${a} already absent, skipping`);return}throw n}}async function _h(e){await dh(e)==="mysql"?await mh(e):await hh(e)}async function mh(e){for(const t of be)await uh(e,"login_sessions",t);w(`  Dropped ${be.length} hoisted authParams_* columns from login_sessions`)}async function hh(e){await e.transaction().execute(async t=>{await t.schema.createTable("login_sessions_new").addColumn("id","varchar(26)",a=>a.notNull()).addColumn("tenant_id","varchar(255)",a=>a.references("tenants.id").onDelete("cascade").notNull()).addColumn("session_id","varchar(26)").addColumn("csrf_token","varchar(26)",a=>a.notNull()).addColumn("authorization_url","text").addColumn("ip","varchar(39)").addColumn("useragent","text").addColumn("auth0Client","varchar(255)").addColumn("state","varchar(50)",a=>a.defaultTo("pending")).addColumn("state_data","text").addColumn("failure_reason","text").addColumn("user_id","varchar(255)").addColumn("created_at_ts","bigint").addColumn("updated_at_ts","bigint").addColumn("expires_at_ts","bigint").addColumn("auth_connection","varchar(255)").addColumn("auth_strategy_strategy","varchar(64)").addColumn("auth_strategy_strategy_type","varchar(64)").addColumn("authenticated_at","varchar(35)").addColumn("auth_params","text").addPrimaryKeyConstraint("login_sessions_pk",["tenant_id","id"]).addForeignKeyConstraint("login_sessions_session_fk",["tenant_id","session_id"],"sessions",["tenant_id","id"],a=>a.onDelete("cascade")).execute(),await h.sql`INSERT INTO login_sessions_new (
+    FROM login_sessions`.execute(e),await i.sql`DROP TABLE login_sessions`.execute(e),await i.sql`ALTER TABLE login_sessions_new RENAME TO login_sessions`.execute(e),await e.schema.createIndex(`login_sessions_id_index`).on(`login_sessions`).column(`id`).execute(),await e.schema.createIndex(`idx_login_sessions_session_id`).on(`login_sessions`).column(`session_id`).execute(),await e.schema.createIndex(`login_sessions_tenant_user_idx`).on(`login_sessions`).columns([`tenant_id`,`user_id`]).execute(),await e.schema.createIndex(`login_sessions_state_idx`).on(`login_sessions`).column(`state`).execute(),await e.schema.createIndex(`idx_login_sessions_expires_at_ts`).on(`login_sessions`).column(`expires_at_ts`).execute()}),q(`  Rebuilt login_sessions with FK dropped and authParams_client_id nullable`)}async function nm(e){}var rm=t({down:()=>um,up:()=>sm}),im=[`authParams_client_id`,`authParams_vendor_id`,`authParams_username`,`authParams_response_type`,`authParams_response_mode`,`authParams_audience`,`authParams_scope`,`authParams_state`,`authParams_nonce`,`authParams_code_challenge_method`,`authParams_code_challenge`,`authParams_redirect_uri`,`authParams_organization`,`authParams_prompt`,`authParams_act_as`,`authParams_ui_locales`,`authParams_max_age`,`authParams_acr_values`];async function am(e){try{return await i.sql`SELECT @@version_comment`.execute(e),`mysql`}catch{return`sqlite`}}async function om(e,t,n){try{await e.schema.alterTable(t).dropColumn(n).execute()}catch(e){let r=e instanceof Error?e.message:String(e);if(r.includes(`1091`)||r.includes(`no such column`)){q(`  ${t}.${n} already absent, skipping`);return}throw e}}async function sm(e){await am(e)===`mysql`?await cm(e):await lm(e)}async function cm(e){for(let t of im)await om(e,`login_sessions`,t);q(`  Dropped ${im.length} hoisted authParams_* columns from login_sessions`)}async function lm(e){await e.transaction().execute(async e=>{await e.schema.createTable(`login_sessions_new`).addColumn(`id`,`varchar(26)`,e=>e.notNull()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`session_id`,`varchar(26)`).addColumn(`csrf_token`,`varchar(26)`,e=>e.notNull()).addColumn(`authorization_url`,`text`).addColumn(`ip`,`varchar(39)`).addColumn(`useragent`,`text`).addColumn(`auth0Client`,`varchar(255)`).addColumn(`state`,`varchar(50)`,e=>e.defaultTo(`pending`)).addColumn(`state_data`,`text`).addColumn(`failure_reason`,`text`).addColumn(`user_id`,`varchar(255)`).addColumn(`created_at_ts`,`bigint`).addColumn(`updated_at_ts`,`bigint`).addColumn(`expires_at_ts`,`bigint`).addColumn(`auth_connection`,`varchar(255)`).addColumn(`auth_strategy_strategy`,`varchar(64)`).addColumn(`auth_strategy_strategy_type`,`varchar(64)`).addColumn(`authenticated_at`,`varchar(35)`).addColumn(`auth_params`,`text`).addPrimaryKeyConstraint(`login_sessions_pk`,[`tenant_id`,`id`]).addForeignKeyConstraint(`login_sessions_session_fk`,[`tenant_id`,`session_id`],`sessions`,[`tenant_id`,`id`],e=>e.onDelete(`cascade`)).execute(),await i.sql`INSERT INTO login_sessions_new (
       id, tenant_id, session_id, csrf_token, authorization_url,
       ip, useragent, auth0Client, state, state_data, failure_reason,
       user_id, created_at_ts, updated_at_ts, expires_at_ts,
@@ -163,22 +163,22 @@
       user_id, created_at_ts, updated_at_ts, expires_at_ts,
       auth_connection, auth_strategy_strategy, auth_strategy_strategy_type,
       authenticated_at, auth_params
-    FROM login_sessions`.execute(t),await h.sql`DROP TABLE login_sessions`.execute(t),await h.sql`ALTER TABLE login_sessions_new RENAME TO login_sessions`.execute(t),await t.schema.createIndex("login_sessions_id_index").on("login_sessions").column("id").execute(),await t.schema.createIndex("idx_login_sessions_session_id").on("login_sessions").column("session_id").execute(),await t.schema.createIndex("login_sessions_tenant_user_idx").on("login_sessions").columns(["tenant_id","user_id"]).execute(),await t.schema.createIndex("login_sessions_state_idx").on("login_sessions").column("state").execute(),await t.schema.createIndex("idx_login_sessions_expires_at_ts").on("login_sessions").column("expires_at_ts").execute()}),w("  Recreated login_sessions without hoisted authParams_* columns")}async function ph(e){}const fh=Object.freeze(Object.defineProperty({__proto__:null,down:ph,up:_h},Symbol.toStringTag,{value:"Module"}));async function gh(e){await e.schema.alterTable("refresh_tokens").addColumn("revoked_at_ts","bigint").execute()}async function wh(e){await e.schema.alterTable("refresh_tokens").dropColumn("revoked_at_ts").execute()}const yh=Object.freeze(Object.defineProperty({__proto__:null,down:wh,up:gh},Symbol.toStringTag,{value:"Module"}));async function vh(e){await e.schema.alterTable("clients").addColumn("owner_user_id","varchar(255)").execute(),await e.schema.alterTable("clients").addColumn("registration_type","varchar(32)").execute(),await e.schema.alterTable("clients").addColumn("registration_metadata","text").execute(),await e.schema.createIndex("idx_clients_owner_user_id").on("clients").columns(["tenant_id","owner_user_id"]).execute(),await e.schema.createTable("client_registration_tokens").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("token_hash","varchar(64)",t=>t.notNull()).addColumn("type","varchar(8)",t=>t.notNull()).addColumn("client_id","varchar(191)").addColumn("sub","varchar(255)").addColumn("constraints","text").addColumn("single_use","integer",t=>t.defaultTo(0).notNull()).addColumn("used_at_ts","bigint").addColumn("expires_at_ts","bigint").addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("revoked_at_ts","bigint").execute(),await e.schema.createIndex("idx_client_registration_tokens_hash").on("client_registration_tokens").columns(["tenant_id","token_hash"]).unique().execute(),await e.schema.createIndex("idx_client_registration_tokens_client").on("client_registration_tokens").columns(["tenant_id","client_id"]).execute()}async function Ch(e){await e.schema.dropTable("client_registration_tokens").execute(),await e.schema.dropIndex("idx_clients_owner_user_id").execute(),await e.schema.alterTable("clients").dropColumn("registration_metadata").execute(),await e.schema.alterTable("clients").dropColumn("registration_type").execute(),await e.schema.alterTable("clients").dropColumn("owner_user_id").execute()}const xh=Object.freeze(Object.defineProperty({__proto__:null,down:Ch,up:vh},Symbol.toStringTag,{value:"Module"}));async function Th(e){try{return await h.sql`SELECT @@version_comment`.execute(e),"mysql"}catch{return"sqlite"}}const bh=[{index:"connections_tenant_id_idx",table:"connections",reason:"composite PK (tenant_id, id)"},{index:"idx_invites_tenant_id",table:"invites",reason:"idx_invites_tenant_created (tenant_id, created_at)"},{index:"idx_organizations_tenant_id",table:"organizations",reason:"idx_organizations_tenant_name_unique (tenant_id, name)"},{index:"role_permissions_role_fk",table:"role_permissions",reason:"role_permissions_pk (tenant_id, role_id, ...)"},{index:"themes_tenant_id_idx",table:"themes",reason:"themes_pkey (tenant_id, themeId)"},{index:"users_tenant_index",table:"users",reason:"stale on PlanetScale only; commented out locally in 2024"},{index:"idx_user_organizations_tenant_id",table:"user_organizations",reason:"already dropped locally; may linger on PlanetScale"}];async function Nh(e,t,a,n){try{t==="mysql"?await h.sql.raw(`DROP INDEX IF EXISTS \`${a}\` ON \`${n}\``).execute(e):await h.sql.raw(`DROP INDEX IF EXISTS "${a}"`).execute(e)}catch(o){const r=o instanceof Error?o.message:String(o);A(`  Warning: failed to drop index ${a} on ${n}: ${r}`)}}async function Sh(e){const t=await Th(e);for(const{index:a,table:n}of bh)await Nh(e,t,a,n);await e.schema.dropTable("members").ifExists().execute()}async function Oh(e){await e.schema.createTable("members").addColumn("id","varchar(255)",t=>t.notNull().primaryKey()).addColumn("tenant_id","varchar(255)",t=>t.references("tenants.id").onDelete("cascade").notNull()).addColumn("sub","varchar(255)").addColumn("email","varchar(255)").addColumn("name","varchar(255)").addColumn("status","varchar(255)").addColumn("role","varchar(255)").addColumn("picture","varchar(2083)").addColumn("created_at","varchar(255)",t=>t.notNull()).addColumn("updated_at","varchar(255)",t=>t.notNull()).execute(),await e.schema.createIndex("idx_user_organizations_tenant_id").on("user_organizations").column("tenant_id").execute(),await e.schema.createIndex("themes_tenant_id_idx").on("themes").column("tenant_id").execute(),await e.schema.createIndex("role_permissions_role_fk").on("role_permissions").columns(["tenant_id","role_id"]).execute(),await e.schema.createIndex("idx_organizations_tenant_id").on("organizations").column("tenant_id").execute(),await e.schema.createIndex("idx_invites_tenant_id").on("invites").column("tenant_id").execute(),await e.schema.createIndex("connections_tenant_id_idx").on("connections").column("tenant_id").execute()}const kh=Object.freeze(Object.defineProperty({__proto__:null,down:Oh,up:Sh},Symbol.toStringTag,{value:"Module"}));async function $h(e){await e.schema.alterTable("clients").addColumn("user_linking_mode","varchar(16)").execute()}async function Eh(e){await e.schema.alterTable("clients").dropColumn("user_linking_mode").execute()}const Ih=Object.freeze(Object.defineProperty({__proto__:null,down:Eh,up:$h},Symbol.toStringTag,{value:"Module"}));async function Ph(e){await e.schema.alterTable("hooks").addColumn("metadata","text").execute()}async function zh(e){await e.schema.alterTable("hooks").dropColumn("metadata").execute()}const Dh=Object.freeze(Object.defineProperty({__proto__:null,down:zh,up:Ph},Symbol.toStringTag,{value:"Module"}));async function Ah(e){await e.schema.alterTable("refresh_tokens").addColumn("token_lookup","varchar(16)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("token_hash","varchar(64)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("family_id","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("rotated_to","varchar(26)").execute(),await e.schema.alterTable("refresh_tokens").addColumn("rotated_at_ts","bigint").execute(),await e.schema.createIndex("idx_refresh_tokens_token_lookup").on("refresh_tokens").columns(["tenant_id","token_lookup"]).execute(),await e.schema.createIndex("idx_refresh_tokens_family_id").on("refresh_tokens").columns(["tenant_id","family_id"]).execute()}async function Fh(e){await e.schema.dropIndex("idx_refresh_tokens_family_id").on("refresh_tokens").execute(),await e.schema.dropIndex("idx_refresh_tokens_token_lookup").on("refresh_tokens").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("rotated_at_ts").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("rotated_to").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("family_id").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("token_hash").execute(),await e.schema.alterTable("refresh_tokens").dropColumn("token_lookup").execute()}const jh=Object.freeze(Object.defineProperty({__proto__:null,down:Fh,up:Ah},Symbol.toStringTag,{value:"Module"}));async function Rh(e){await e.schema.createTable("organization_connections").addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("organization_id","varchar(21)",t=>t.notNull()).addColumn("connection_id","varchar(191)",t=>t.notNull()).addColumn("assign_membership_on_login","boolean",t=>t.notNull().defaultTo(0)).addColumn("show_as_button","boolean",t=>t.notNull().defaultTo(1)).addColumn("is_signup_enabled","boolean",t=>t.notNull().defaultTo(1)).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addUniqueConstraint("organization_connections_unique",["tenant_id","organization_id","connection_id"]).addForeignKeyConstraint("organization_connections_organization_fk",["organization_id"],"organizations",["id"],t=>t.onDelete("cascade")).addForeignKeyConstraint("organization_connections_connection_fk",["tenant_id","connection_id"],"connections",["tenant_id","id"],t=>t.onDelete("cascade")).execute(),await e.schema.createIndex("idx_organization_connections_tenant_org").on("organization_connections").columns(["tenant_id","organization_id"]).execute(),await e.schema.createIndex("idx_organization_connections_tenant_connection").on("organization_connections").columns(["tenant_id","connection_id"]).execute()}async function qh(e){await e.schema.dropTable("organization_connections").execute()}const Mh=Object.freeze(Object.defineProperty({__proto__:null,down:qh,up:Rh},Symbol.toStringTag,{value:"Module"}));async function Jh(e){await e.schema.createTable("log_streams").addColumn("id","varchar(64)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("type","varchar(64)",t=>t.notNull()).addColumn("status","varchar(32)",t=>t.notNull()).addColumn("sink","text",t=>t.notNull()).addColumn("filters","text").addColumn("is_priority","boolean").addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.createIndex("idx_log_streams_tenant_id").on("log_streams").columns(["tenant_id"]).execute()}async function Lh(e){await e.schema.dropTable("log_streams").execute()}const Uh=Object.freeze(Object.defineProperty({__proto__:null,down:Lh,up:Jh},Symbol.toStringTag,{value:"Module"}));async function Kh(e){await e.schema.alterTable("tenants").addColumn("attack_protection","text").execute()}async function Bh(e){await e.schema.alterTable("tenants").dropColumn("attack_protection").execute()}const Qh=Object.freeze(Object.defineProperty({__proto__:null,down:Bh,up:Kh},Symbol.toStringTag,{value:"Module"}));async function Wh(e){await e.schema.alterTable("tenants").addColumn("default_client_id","varchar(255)").execute()}async function Hh(e){await e.schema.alterTable("tenants").dropColumn("default_client_id").execute()}const Yh=Object.freeze(Object.defineProperty({__proto__:null,down:Hh,up:Wh},Symbol.toStringTag,{value:"Module"}));async function Gh(e){await e.schema.createTable("email_templates").addColumn("tenant_id","varchar(255)",t=>t.notNull()).addColumn("template","varchar(64)",t=>t.notNull()).addColumn("body","text",t=>t.notNull()).addColumn("from","varchar(255)",t=>t.notNull()).addColumn("subject","varchar(255)",t=>t.notNull()).addColumn("syntax","varchar(16)",t=>t.notNull().defaultTo("liquid")).addColumn("result_url","varchar(2048)").addColumn("url_lifetime_in_seconds","integer").addColumn("include_email_in_redirect","integer",t=>t.notNull().defaultTo(0).check(h.sql`include_email_in_redirect IN (0, 1)`)).addColumn("enabled","integer",t=>t.notNull().defaultTo(1).check(h.sql`enabled IN (0, 1)`)).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).addPrimaryKeyConstraint("email_templates_pk",["tenant_id","template"]).addForeignKeyConstraint("email_templates_tenant_fk",["tenant_id"],"tenants",["id"],t=>t.onDelete("cascade")).execute()}async function Vh(e){await e.schema.dropTable("email_templates").execute()}const Xh=Object.freeze(Object.defineProperty({__proto__:null,down:Vh,up:Gh},Symbol.toStringTag,{value:"Module"}));async function Zh(e){await e.schema.createTable("action_versions").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("action_id","varchar(255)",t=>t.notNull()).addColumn("number","integer",t=>t.notNull()).addColumn("code","text",t=>t.notNull()).addColumn("runtime","varchar(50)").addColumn("secrets","text").addColumn("dependencies","text").addColumn("supported_triggers","text").addColumn("deployed","integer",t=>t.notNull().defaultTo(0)).addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("idx_action_versions_action").on("action_versions").columns(["tenant_id","action_id"]).execute(),await e.schema.createIndex("uniq_action_versions_action_number").on("action_versions").columns(["tenant_id","action_id","number"]).unique().execute()}async function ep(e){await e.schema.dropTable("action_versions").execute()}const tp=Object.freeze(Object.defineProperty({__proto__:null,down:ep,up:Zh},Symbol.toStringTag,{value:"Module"}));async function ap(e){await e.schema.alterTable("branding").addColumn("dark_mode","varchar(8)").execute()}async function np(e){await e.schema.alterTable("branding").dropColumn("dark_mode").execute()}const op=Object.freeze(Object.defineProperty({__proto__:null,down:np,up:ap},Symbol.toStringTag,{value:"Module"}));async function rp(e){await e.schema.createTable("action_executions").addColumn("id","varchar(255)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("trigger_id","varchar(64)",t=>t.notNull()).addColumn("status","varchar(32)",t=>t.notNull()).addColumn("results","text",t=>t.notNull()).addColumn("logs","text").addColumn("created_at_ts","bigint",t=>t.notNull()).addColumn("updated_at_ts","bigint",t=>t.notNull()).execute(),await e.schema.createIndex("idx_action_executions_tenant").on("action_executions").columns(["tenant_id","id"]).execute()}async function sp(e){await e.schema.dropTable("action_executions").execute()}const ip=Object.freeze(Object.defineProperty({__proto__:null,down:sp,up:rp},Symbol.toStringTag,{value:"Module"}));async function cp(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function lp(e){await e.schema.alterTable("clients").addColumn("disable_sign_ups","integer",a=>a.notNull().defaultTo(0)).execute(),await e.schema.alterTable("clients").addColumn("hide_sign_up_disabled_error","integer",a=>a.notNull().defaultTo(0)).execute(),await cp(e)==="mysql"?(await h.sql`
+    FROM login_sessions`.execute(e),await i.sql`DROP TABLE login_sessions`.execute(e),await i.sql`ALTER TABLE login_sessions_new RENAME TO login_sessions`.execute(e),await e.schema.createIndex(`login_sessions_id_index`).on(`login_sessions`).column(`id`).execute(),await e.schema.createIndex(`idx_login_sessions_session_id`).on(`login_sessions`).column(`session_id`).execute(),await e.schema.createIndex(`login_sessions_tenant_user_idx`).on(`login_sessions`).columns([`tenant_id`,`user_id`]).execute(),await e.schema.createIndex(`login_sessions_state_idx`).on(`login_sessions`).column(`state`).execute(),await e.schema.createIndex(`idx_login_sessions_expires_at_ts`).on(`login_sessions`).column(`expires_at_ts`).execute()}),q(`  Recreated login_sessions without hoisted authParams_* columns`)}async function um(e){}var dm=t({down:()=>pm,up:()=>fm});async function fm(e){await e.schema.alterTable(`refresh_tokens`).addColumn(`revoked_at_ts`,`bigint`).execute()}async function pm(e){await e.schema.alterTable(`refresh_tokens`).dropColumn(`revoked_at_ts`).execute()}var mm=t({down:()=>gm,up:()=>hm});async function hm(e){await e.schema.alterTable(`clients`).addColumn(`owner_user_id`,`varchar(255)`).execute(),await e.schema.alterTable(`clients`).addColumn(`registration_type`,`varchar(32)`).execute(),await e.schema.alterTable(`clients`).addColumn(`registration_metadata`,`text`).execute(),await e.schema.createIndex(`idx_clients_owner_user_id`).on(`clients`).columns([`tenant_id`,`owner_user_id`]).execute(),await e.schema.createTable(`client_registration_tokens`).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`token_hash`,`varchar(64)`,e=>e.notNull()).addColumn(`type`,`varchar(8)`,e=>e.notNull()).addColumn(`client_id`,`varchar(191)`).addColumn(`sub`,`varchar(255)`).addColumn(`constraints`,`text`).addColumn(`single_use`,`integer`,e=>e.defaultTo(0).notNull()).addColumn(`used_at_ts`,`bigint`).addColumn(`expires_at_ts`,`bigint`).addColumn(`created_at_ts`,`bigint`,e=>e.notNull()).addColumn(`revoked_at_ts`,`bigint`).execute(),await e.schema.createIndex(`idx_client_registration_tokens_hash`).on(`client_registration_tokens`).columns([`tenant_id`,`token_hash`]).unique().execute(),await e.schema.createIndex(`idx_client_registration_tokens_client`).on(`client_registration_tokens`).columns([`tenant_id`,`client_id`]).execute()}async function gm(e){await e.schema.dropTable(`client_registration_tokens`).execute(),await e.schema.dropIndex(`idx_clients_owner_user_id`).execute(),await e.schema.alterTable(`clients`).dropColumn(`registration_metadata`).execute(),await e.schema.alterTable(`clients`).dropColumn(`registration_type`).execute(),await e.schema.alterTable(`clients`).dropColumn(`owner_user_id`).execute()}var _m=t({down:()=>Sm,up:()=>xm});async function vm(e){try{return await i.sql`SELECT @@version_comment`.execute(e),`mysql`}catch{return`sqlite`}}var ym=[{index:`connections_tenant_id_idx`,table:`connections`,reason:`composite PK (tenant_id, id)`},{index:`idx_invites_tenant_id`,table:`invites`,reason:`idx_invites_tenant_created (tenant_id, created_at)`},{index:`idx_organizations_tenant_id`,table:`organizations`,reason:`idx_organizations_tenant_name_unique (tenant_id, name)`},{index:`role_permissions_role_fk`,table:`role_permissions`,reason:`role_permissions_pk (tenant_id, role_id, ...)`},{index:`themes_tenant_id_idx`,table:`themes`,reason:`themes_pkey (tenant_id, themeId)`},{index:`users_tenant_index`,table:`users`,reason:`stale on PlanetScale only; commented out locally in 2024`},{index:`idx_user_organizations_tenant_id`,table:`user_organizations`,reason:`already dropped locally; may linger on PlanetScale`}];async function bm(e,t,n,r){try{t===`mysql`?await i.sql.raw(`DROP INDEX IF EXISTS \`${n}\` ON \`${r}\``).execute(e):await i.sql.raw(`DROP INDEX IF EXISTS "${n}"`).execute(e)}catch(e){J(`  Warning: failed to drop index ${n} on ${r}: ${e instanceof Error?e.message:String(e)}`)}}async function xm(e){let t=await vm(e);for(let{index:n,table:r}of ym)await bm(e,t,n,r);await e.schema.dropTable(`members`).ifExists().execute()}async function Sm(e){await e.schema.createTable(`members`).addColumn(`id`,`varchar(255)`,e=>e.notNull().primaryKey()).addColumn(`tenant_id`,`varchar(255)`,e=>e.references(`tenants.id`).onDelete(`cascade`).notNull()).addColumn(`sub`,`varchar(255)`).addColumn(`email`,`varchar(255)`).addColumn(`name`,`varchar(255)`).addColumn(`status`,`varchar(255)`).addColumn(`role`,`varchar(255)`).addColumn(`picture`,`varchar(2083)`).addColumn(`created_at`,`varchar(255)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(255)`,e=>e.notNull()).execute(),await e.schema.createIndex(`idx_user_organizations_tenant_id`).on(`user_organizations`).column(`tenant_id`).execute(),await e.schema.createIndex(`themes_tenant_id_idx`).on(`themes`).column(`tenant_id`).execute(),await e.schema.createIndex(`role_permissions_role_fk`).on(`role_permissions`).columns([`tenant_id`,`role_id`]).execute(),await e.schema.createIndex(`idx_organizations_tenant_id`).on(`organizations`).column(`tenant_id`).execute(),await e.schema.createIndex(`idx_invites_tenant_id`).on(`invites`).column(`tenant_id`).execute(),await e.schema.createIndex(`connections_tenant_id_idx`).on(`connections`).column(`tenant_id`).execute()}var Cm=t({down:()=>Tm,up:()=>wm});async function wm(e){await e.schema.alterTable(`clients`).addColumn(`user_linking_mode`,`varchar(16)`).execute()}async function Tm(e){await e.schema.alterTable(`clients`).dropColumn(`user_linking_mode`).execute()}var Em=t({down:()=>Om,up:()=>Dm});async function Dm(e){await e.schema.alterTable(`hooks`).addColumn(`metadata`,`text`).execute()}async function Om(e){await e.schema.alterTable(`hooks`).dropColumn(`metadata`).execute()}var km=t({down:()=>jm,up:()=>Am});async function Am(e){await e.schema.alterTable(`refresh_tokens`).addColumn(`token_lookup`,`varchar(16)`).execute(),await e.schema.alterTable(`refresh_tokens`).addColumn(`token_hash`,`varchar(64)`).execute(),await e.schema.alterTable(`refresh_tokens`).addColumn(`family_id`,`varchar(26)`).execute(),await e.schema.alterTable(`refresh_tokens`).addColumn(`rotated_to`,`varchar(26)`).execute(),await e.schema.alterTable(`refresh_tokens`).addColumn(`rotated_at_ts`,`bigint`).execute(),await e.schema.createIndex(`idx_refresh_tokens_token_lookup`).on(`refresh_tokens`).columns([`tenant_id`,`token_lookup`]).execute(),await e.schema.createIndex(`idx_refresh_tokens_family_id`).on(`refresh_tokens`).columns([`tenant_id`,`family_id`]).execute()}async function jm(e){await e.schema.dropIndex(`idx_refresh_tokens_family_id`).on(`refresh_tokens`).execute(),await e.schema.dropIndex(`idx_refresh_tokens_token_lookup`).on(`refresh_tokens`).execute(),await e.schema.alterTable(`refresh_tokens`).dropColumn(`rotated_at_ts`).execute(),await e.schema.alterTable(`refresh_tokens`).dropColumn(`rotated_to`).execute(),await e.schema.alterTable(`refresh_tokens`).dropColumn(`family_id`).execute(),await e.schema.alterTable(`refresh_tokens`).dropColumn(`token_hash`).execute(),await e.schema.alterTable(`refresh_tokens`).dropColumn(`token_lookup`).execute()}var Mm=t({down:()=>Pm,up:()=>Nm});async function Nm(e){await e.schema.createTable(`organization_connections`).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`organization_id`,`varchar(21)`,e=>e.notNull()).addColumn(`connection_id`,`varchar(191)`,e=>e.notNull()).addColumn(`assign_membership_on_login`,`boolean`,e=>e.notNull().defaultTo(0)).addColumn(`show_as_button`,`boolean`,e=>e.notNull().defaultTo(1)).addColumn(`is_signup_enabled`,`boolean`,e=>e.notNull().defaultTo(1)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addUniqueConstraint(`organization_connections_unique`,[`tenant_id`,`organization_id`,`connection_id`]).addForeignKeyConstraint(`organization_connections_organization_fk`,[`organization_id`],`organizations`,[`id`],e=>e.onDelete(`cascade`)).addForeignKeyConstraint(`organization_connections_connection_fk`,[`tenant_id`,`connection_id`],`connections`,[`tenant_id`,`id`],e=>e.onDelete(`cascade`)).execute(),await e.schema.createIndex(`idx_organization_connections_tenant_org`).on(`organization_connections`).columns([`tenant_id`,`organization_id`]).execute(),await e.schema.createIndex(`idx_organization_connections_tenant_connection`).on(`organization_connections`).columns([`tenant_id`,`connection_id`]).execute()}async function Pm(e){await e.schema.dropTable(`organization_connections`).execute()}var Fm=t({down:()=>Lm,up:()=>Im});async function Im(e){await e.schema.createTable(`log_streams`).addColumn(`id`,`varchar(64)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`type`,`varchar(64)`,e=>e.notNull()).addColumn(`status`,`varchar(32)`,e=>e.notNull()).addColumn(`sink`,`text`,e=>e.notNull()).addColumn(`filters`,`text`).addColumn(`is_priority`,`boolean`).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).execute(),await e.schema.createIndex(`idx_log_streams_tenant_id`).on(`log_streams`).columns([`tenant_id`]).execute()}async function Lm(e){await e.schema.dropTable(`log_streams`).execute()}var Rm=t({down:()=>Bm,up:()=>zm});async function zm(e){await e.schema.alterTable(`tenants`).addColumn(`attack_protection`,`text`).execute()}async function Bm(e){await e.schema.alterTable(`tenants`).dropColumn(`attack_protection`).execute()}var Vm=t({down:()=>Um,up:()=>Hm});async function Hm(e){await e.schema.alterTable(`tenants`).addColumn(`default_client_id`,`varchar(255)`).execute()}async function Um(e){await e.schema.alterTable(`tenants`).dropColumn(`default_client_id`).execute()}var Wm=t({down:()=>Km,up:()=>Gm});async function Gm(e){await e.schema.createTable(`email_templates`).addColumn(`tenant_id`,`varchar(255)`,e=>e.notNull()).addColumn(`template`,`varchar(64)`,e=>e.notNull()).addColumn(`body`,`text`,e=>e.notNull()).addColumn(`from`,`varchar(255)`,e=>e.notNull()).addColumn(`subject`,`varchar(255)`,e=>e.notNull()).addColumn(`syntax`,`varchar(16)`,e=>e.notNull().defaultTo(`liquid`)).addColumn(`result_url`,`varchar(2048)`).addColumn(`url_lifetime_in_seconds`,`integer`).addColumn(`include_email_in_redirect`,`integer`,e=>e.notNull().defaultTo(0).check(i.sql`include_email_in_redirect IN (0, 1)`)).addColumn(`enabled`,`integer`,e=>e.notNull().defaultTo(1).check(i.sql`enabled IN (0, 1)`)).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).addPrimaryKeyConstraint(`email_templates_pk`,[`tenant_id`,`template`]).addForeignKeyConstraint(`email_templates_tenant_fk`,[`tenant_id`],`tenants`,[`id`],e=>e.onDelete(`cascade`)).execute()}async function Km(e){await e.schema.dropTable(`email_templates`).execute()}var qm=t({down:()=>Ym,up:()=>Jm});async function Jm(e){await e.schema.createTable(`action_versions`).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`action_id`,`varchar(255)`,e=>e.notNull()).addColumn(`number`,`integer`,e=>e.notNull()).addColumn(`code`,`text`,e=>e.notNull()).addColumn(`runtime`,`varchar(50)`).addColumn(`secrets`,`text`).addColumn(`dependencies`,`text`).addColumn(`supported_triggers`,`text`).addColumn(`deployed`,`integer`,e=>e.notNull().defaultTo(0)).addColumn(`created_at_ts`,`bigint`,e=>e.notNull()).addColumn(`updated_at_ts`,`bigint`,e=>e.notNull()).execute(),await e.schema.createIndex(`idx_action_versions_action`).on(`action_versions`).columns([`tenant_id`,`action_id`]).execute(),await e.schema.createIndex(`uniq_action_versions_action_number`).on(`action_versions`).columns([`tenant_id`,`action_id`,`number`]).unique().execute()}async function Ym(e){await e.schema.dropTable(`action_versions`).execute()}var Xm=t({down:()=>Qm,up:()=>Zm});async function Zm(e){await e.schema.alterTable(`branding`).addColumn(`dark_mode`,`varchar(8)`).execute()}async function Qm(e){await e.schema.alterTable(`branding`).dropColumn(`dark_mode`).execute()}var $m=t({down:()=>th,up:()=>eh});async function eh(e){await e.schema.createTable(`action_executions`).addColumn(`id`,`varchar(255)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`trigger_id`,`varchar(64)`,e=>e.notNull()).addColumn(`status`,`varchar(32)`,e=>e.notNull()).addColumn(`results`,`text`,e=>e.notNull()).addColumn(`logs`,`text`).addColumn(`created_at_ts`,`bigint`,e=>e.notNull()).addColumn(`updated_at_ts`,`bigint`,e=>e.notNull()).execute(),await e.schema.createIndex(`idx_action_executions_tenant`).on(`action_executions`).columns([`tenant_id`,`id`]).execute()}async function th(e){await e.schema.dropTable(`action_executions`).execute()}var nh=t({down:()=>ah,up:()=>ih});async function rh(e){try{return await i.sql`SELECT VERSION()`.execute(e),`mysql`}catch{return`sqlite`}}async function ih(e){await e.schema.alterTable(`clients`).addColumn(`disable_sign_ups`,`integer`,e=>e.notNull().defaultTo(0)).execute(),await e.schema.alterTable(`clients`).addColumn(`hide_sign_up_disabled_error`,`integer`,e=>e.notNull().defaultTo(0)).execute(),await rh(e)===`mysql`?(await i.sql`
       UPDATE clients
       SET disable_sign_ups = 1,
           client_metadata = JSON_REMOVE(client_metadata, '$.disable_sign_ups')
       WHERE JSON_UNQUOTE(JSON_EXTRACT(client_metadata, '$.disable_sign_ups')) = 'true'
-    `.execute(e),await h.sql`
+    `.execute(e),await i.sql`
       UPDATE clients
       SET client_metadata = JSON_REMOVE(client_metadata, '$.disable_sign_ups')
       WHERE JSON_EXTRACT(client_metadata, '$.disable_sign_ups') IS NOT NULL
-    `.execute(e)):(await h.sql`
+    `.execute(e)):(await i.sql`
       UPDATE clients
       SET disable_sign_ups = 1,
           client_metadata = json_remove(client_metadata, '$.disable_sign_ups')
       WHERE json_extract(client_metadata, '$.disable_sign_ups') = 'true'
-    `.execute(e),await h.sql`
+    `.execute(e),await i.sql`
       UPDATE clients
       SET client_metadata = json_remove(client_metadata, '$.disable_sign_ups')
       WHERE json_extract(client_metadata, '$.disable_sign_ups') IS NOT NULL
-    `.execute(e))}async function dp(e){await e.schema.alterTable("clients").dropColumn("hide_sign_up_disabled_error").execute(),await e.schema.alterTable("clients").dropColumn("disable_sign_ups").execute()}const up=Object.freeze(Object.defineProperty({__proto__:null,down:dp,up:lp},Symbol.toStringTag,{value:"Module"}));async function _p(e){try{return await h.sql`SELECT VERSION()`.execute(e),"mysql"}catch{return"sqlite"}}async function mp(e){await _p(e);const t=await e.selectFrom("clients").select(["tenant_id","connections"]).where("disable_sign_ups","=",1).execute(),a=new Map;for(const n of t){let o=[];try{o=JSON.parse(n.connections||"[]")}catch{o=[]}if(!Array.isArray(o)||o.length===0)continue;let r=a.get(n.tenant_id);r||(r=new Set,a.set(n.tenant_id,r));for(const s of o)r.add(s)}for(const[n,o]of a){const r=await e.selectFrom("connections").select(["id","options"]).where("tenant_id","=",n).where("id","in",[...o]).execute();for(const s of r){let i={};try{i=s.options?JSON.parse(s.options):{}}catch{i={}}i.disable_signup!==!0&&(i.disable_signup=!0,await e.updateTable("connections").set({options:JSON.stringify(i)}).where("tenant_id","=",n).where("id","=",s.id).execute())}}await e.schema.alterTable("clients").dropColumn("disable_sign_ups").execute()}async function hp(e){await e.schema.alterTable("clients").addColumn("disable_sign_ups","integer",t=>t.notNull().defaultTo(0)).execute()}const pp=Object.freeze(Object.defineProperty({__proto__:null,down:hp,up:mp},Symbol.toStringTag,{value:"Module"}));async function fp(e){await e.schema.alterTable("actions").addColumn("is_system","integer",t=>t.notNull().defaultTo(0)).execute(),await e.schema.alterTable("actions").addColumn("inherit","integer",t=>t.notNull().defaultTo(0)).execute()}async function gp(e){await e.schema.alterTable("actions").dropColumn("inherit").execute(),await e.schema.alterTable("actions").dropColumn("is_system").execute()}const wp=Object.freeze(Object.defineProperty({__proto__:null,down:gp,up:fp},Symbol.toStringTag,{value:"Module"})),yp=["token_endpoint","userinfo_endpoint","client_id","client_secret"];function Ne(e){if(!e)return{};try{const t=JSON.parse(e);return t&&typeof t=="object"?t:{}}catch{return{}}}async function vp(e){const t=await e.selectFrom("connections").select(["id","tenant_id","options"]).where("strategy","=","auth0").execute(),a=new Map;for(const o of t){const r=a.get(o.tenant_id)??[];r.push(o),a.set(o.tenant_id,r)}const n=[...a.entries()].filter(([,o])=>o.length!==1);if(n.length>0){const o=n.map(([r,s])=>`${r} (${s.length} rows: ${s.map(i=>i.id).join(", ")})`).join("; ");throw new Error(`[collapse_auth0_source] cannot proceed: the following tenants have more than one strategy="auth0" connection — resolve manually before re-running the migration: ${o}`)}for(const[o,r]of a){const s=r[0],i=await e.selectFrom("connections").select(["id","name","options"]).where("tenant_id","=",o).where("strategy","=","Username-Password-Authentication").execute();if(i.length===0){console.warn(`[collapse_auth0_source] tenant=${o}: auth0 connection ${s.id} has no DB connection to merge into; deleting it`),await e.deleteFrom("connections").where("tenant_id","=",o).where("id","=",s.id).execute();continue}if(i.length>1){console.warn(`[collapse_auth0_source] tenant=${o}: ${i.length} DB connections found; skipping merge — resolve manually before next deploy`);continue}const l=Ne(s.options),d={};for(const u of yp)typeof l[u]=="string"&&(d[u]=l[u]);const _=i[0],c=Ne(_.options),m=c.configuration&&typeof c.configuration=="object"?c.configuration:{};c.configuration={...m,...d},await e.updateTable("connections").set({options:JSON.stringify(c)}).where("tenant_id","=",o).where("id","=",_.id).execute(),await e.deleteFrom("connections").where("tenant_id","=",o).where("id","=",s.id).execute()}}async function Cp(){}const xp=Object.freeze(Object.defineProperty({__proto__:null,down:Cp,up:vp},Symbol.toStringTag,{value:"Module"}));async function Tp(e){await e.schema.createTable("migration_sources").addColumn("id","varchar(64)",t=>t.primaryKey()).addColumn("tenant_id","varchar(191)",t=>t.notNull()).addColumn("name","varchar(255)",t=>t.notNull()).addColumn("provider","varchar(32)",t=>t.notNull()).addColumn("connection","varchar(255)",t=>t.notNull()).addColumn("enabled","boolean",t=>t.notNull()).addColumn("credentials","text",t=>t.notNull()).addColumn("created_at","varchar(35)",t=>t.notNull()).addColumn("updated_at","varchar(35)",t=>t.notNull()).execute(),await e.schema.createIndex("idx_migration_sources_tenant_id").on("migration_sources").columns(["tenant_id"]).execute()}async function bp(e){await e.schema.dropTable("migration_sources").execute()}const Np=Object.freeze(Object.defineProperty({__proto__:null,down:bp,up:Tp},Symbol.toStringTag,{value:"Module"})),Be={m1_init:Jr,m2_magicLink:Kr,m3_updateAt:Wr,m4_logTable:Gr,m5_userProfile:Zr,m6_sessions:as,m7_passwords:rs,m8_logsTableNewFields:cs,m9_passwordTableNewField:us,n01_codesTable:hs,n11_universalLoginSession:gs,n12_userFields:vs,n13_userEmailIndex:Ts,n14_profileDataField:Ss,n15_userEmailIndex:$s,n16_userLocale:Ps,n17_signingKeys:As,n18_logsFields:Rs,n19_connectionsUserinfo:Js,n20_missingFields:Ks,n21_sessionDeletedAt:Ws,n22_dropLogsFields:Gs,n23_dropUsersFields:Zs,n24_logsIndexes:ai,n25_logDescMaxLength:ri,n26_logsTableExtraFields:ci,n27_usersTableNameIndex:ui,n28_usersEmailConstrain:hi,n29_increaseOtpStateLength:gi,n30_increaseTicketStateLength:vi,n31_branding:Ti,n32_indexesAndNotNull:Si,n33_vendorIdInUniversalLoginSession:$i,n34_auth0ClientInUniversalLoginSession:Pi,n35_increaseUniversalSessionStateLength:Ai,n36_authenticationCodes:Ri,n37_disableSignUps:Ji,n38_otpIpAddress:Ki,n39_increaseUserAgentLength:Wi,n40_userId:Gi,n41_hooks:Zi,n42_userIdIndexes:ac,n43_userIdIndexes:rc,n44_codes:cc,n45_hookProperties:uc,n46_loginAuth0Client:hc,n47_loginAuth0Client:gc,n48_saml:vc,n49_removeFields:Tc,n50_authParamsNonce:Sc,n51_connectionid:$c,n52_cert:Pc,n53_codes_primary_key:Ac,n54_cleanup_tables:Rc,n55_logs_index:Jc,n56_application_fields:Kc,n57_prompt_settings:Wc,n58_connection_client_id:Gc,n59_connection_options:Zc,n60_users_metadata:al,n61_userLocales:rl,n62_prompt:cl,n63_connection_cleanup:ul,n64_act_as:hl,n65_code_verifier:gl,n66_email_providers:vl,n67_drop_tickets:Tl,n68_login_useragents:Sl,n70_refresh_tokens:$l,n71_session_new_fields:Pl,n72_session_primary_key:Al,n73_drop_sessions:Rl,n74_custom_domains:Jl,n75_organizations:Kl,n76_authorization_url_length:Wl,n77_drop_sessions:Gl,n78_login_sessions:Zl,n79_drop_sessions_2:ad,n80_recreate_custom_domains:rd,n81_phone:cd,n82_forms:ud,n83_addFormsIdToHooks:hd,n84_login_completed:gd,n85_add_login_session_id_to_sessions:vd,n86_index_sessions_login_session_id:Td,n87_code_challenge:Sd,n88_add_redirect_uri_to_codes:$d,n89_add_nonce_and_state_to_codes:Pd,n90_themes:Ad,n91_resource_servers_rules_permissions:Rd,n92_role_permissions:Jd,n93_add_permissions_to_roles:Kd,n94_keys_connection_and_extend_columns:Wd,n95_create_organizations_table:Gd,n96_create_user_organizations_table:Zd,n97_add_organization_to_user_permissions_and_roles:au,n98_clients:ru,n99_update_client_foreign_keys:_u,o001_client_grants:pu,o002_drop_applications:wu,o003_phone_number_index:Cu,o004_login_sessions_id_index:bu,o005_connections_tenant_index:Ou,o006_remove_redundant_user_organizations_tenant_index:Eu,o007_tenant_settings:zu,o008_merge_tenant_settings_into_tenants:Fu,o009_create_invites_table:qu,o010_add_log_id_to_logs:Lu,o011_add_location_info_to_logs:Bu,o012_add_password_history:Hu,o013_connection_display_name:Vu,o014_client_connections:e_,o015_flows:n_,o016_add_is_system_column:s_,o017_connections_composite_key:l_,o018_login_session_state:__,o019_roles_resource_servers_metadata:p_,o020_session_add_timestamp_columns:y_,o021_session_cleanup_and_ulid:x_,o022_oidc_profile_claims:N_,o023_preferred_username:k_,o024_user_address:I_,o025_authparams_max_age:D_,o026_auth0_conformant:j_,o027_universal_login_templates:M_,o028_custom_text:U_,o029_guardian_mfa:Q_,o030_add_template_id_to_hooks:G_,o031_hooks_cleanup:Z_,o032_unique_username_provider:am,o033_add_login_id_to_refresh_tokens:rm,o034_refresh_tokens_replace_session_id_with_login_id:cm,o035_idle_expires_at_ts_indexes:um,o036_add_connection_to_login_sessions:hm,o037_mfa_enrollments:gm,o038_add_otp_to_codes:vm,o039_rename_mfa_enrollments_to_authentication_methods:Tm,o040_create_outbox_events:Sm,o041_add_outbox_claim_columns:$m,o042_add_outbox_claim_index:Pm,o043_add_code_hooks:Am,o044_create_actions:Rm,o045_outbox_dead_letter:Jm,o046_user_registration_completed_at:Km,o047_outbox_dead_lettered_tenant_index:Wm,o048_add_auth_strategy_to_login_sessions:Gm,o049_login_sessions_auth_params:Zm,o050_login_sessions_auth_params_backfill:nh,o051_relax_login_sessions_authparams:lh,o052_drop_login_sessions_hoisted_authparams:fh,o053_refresh_tokens_revoked_at:yh,o054_client_registration_tokens:xh,o055_planetscale_redundant_indexes_cleanup:kh,o056_client_user_linking_mode:Ih,o057_hooks_metadata:Dh,o058_refresh_tokens_rotation:jh,o059_organization_connections:Mh,o060_log_streams:Uh,o061_tenants_attack_protection:Qh,o062_tenants_default_client_id:Yh,o063_email_templates:Xh,o064_create_action_versions:tp,o065_branding_dark_mode:op,o066_create_action_executions:ip,o067_client_disable_sign_ups:up,o068_move_disable_signup_to_connection:pp,o069_actions_is_system_inherit:wp,o070_collapse_auth0_source_into_db_connection:xp,o071_migration_sources:Np};async function Sp(e,t=!1){qe(t),t&&console.log("migrating...");const a=new je(Be),n=new h.Migrator({db:e,provider:a}),{error:o,results:r}=await n.migrateToLatest();if(r==null||r.forEach(s=>{s.status==="Success"?t&&console.log(`migration "${s.migrationName}" was executed successfully`):s.status==="Error"&&console.error(`failed to execute migration "${s.migrationName}"`)}),o)throw console.error("failed to migrate"),console.error(o),o}async function Op(e,t=!1){qe(t),t&&console.log("migrating...");const a=new je(Be),n=new h.Migrator({db:e,provider:a}),{error:o,results:r}=await n.migrateDown();if(r==null||r.forEach(s=>{s.status==="Success"?t&&console.log(`migration "${s.migrationName}" was reverted successfully`):s.status==="Error"&&console.error(`failed to execute migration "${s.migrationName}"`)}),o)throw console.error("failed to migrate"),console.error(o),o}function Qe(e,t={useTransactions:!0}){const a={actions:mt(e),actionExecutions:ft(e),actionVersions:gt(e),branding:sn(e),clients:Ta(e),clientConnections:$a(e),clientGrants:Aa(e),clientRegistrationTokens:Qa(e),codes:la(e),connections:fa(e),emailProviders:Kn(e),emailTemplates:Gn(e),customDomains:nn(e),flows:zt(e),forms:ho(e),hookCode:xn(e),hooks:gn(e),invites:sr(e),keys:Ga(e),loginSessions:An(e),logs:Bt(e),logStreams:jr(e),migrationSources:Rr(e),authenticationMethods:Nr(e),passwords:aa(e),promptSettings:qn(e),refreshTokens:ro(e),resourceServers:vo(e),rolePermissions:Eo(e),userPermissions:Ao(e),userRoles:Mo(e),roles:So(e),sessions:Vt(e),sessionCleanup:io(e),tenants:Mt(e),themes:On(e),universalLoginTemplates:un(e),customText:yr(e),users:Ot(e),organizations:Qo(e),organizationConnections:Wo(e),userOrganizations:er(e),stats:cr(e),analytics:wr(e),outbox:Fr(e),async transaction(n){return t.useTransactions===!1?n(a):e.transaction().execute(async o=>{const r=Qe(o,{...t,useTransactions:!1});return n(r)})}};return a}exports.default=Qe;exports.migrateDown=Op;exports.migrateToLatest=Sp;
+    `.execute(e))}async function ah(e){await e.schema.alterTable(`clients`).dropColumn(`hide_sign_up_disabled_error`).execute(),await e.schema.alterTable(`clients`).dropColumn(`disable_sign_ups`).execute()}var oh=t({down:()=>lh,up:()=>ch});async function sh(e){try{return await i.sql`SELECT VERSION()`.execute(e),`mysql`}catch{return`sqlite`}}async function ch(e){await sh(e);let t=await e.selectFrom(`clients`).select([`tenant_id`,`connections`]).where(`disable_sign_ups`,`=`,1).execute(),n=new Map;for(let e of t){let t=[];try{t=JSON.parse(e.connections||`[]`)}catch{t=[]}if(!Array.isArray(t)||t.length===0)continue;let r=n.get(e.tenant_id);r||(r=new Set,n.set(e.tenant_id,r));for(let e of t)r.add(e)}for(let[t,r]of n){let n=await e.selectFrom(`connections`).select([`id`,`options`]).where(`tenant_id`,`=`,t).where(`id`,`in`,[...r]).execute();for(let r of n){let n={};try{n=r.options?JSON.parse(r.options):{}}catch{n={}}n.disable_signup!==!0&&(n.disable_signup=!0,await e.updateTable(`connections`).set({options:JSON.stringify(n)}).where(`tenant_id`,`=`,t).where(`id`,`=`,r.id).execute())}}await e.schema.alterTable(`clients`).dropColumn(`disable_sign_ups`).execute()}async function lh(e){await e.schema.alterTable(`clients`).addColumn(`disable_sign_ups`,`integer`,e=>e.notNull().defaultTo(0)).execute()}var uh=t({down:()=>fh,up:()=>dh});async function dh(e){await e.schema.alterTable(`actions`).addColumn(`is_system`,`integer`,e=>e.notNull().defaultTo(0)).execute(),await e.schema.alterTable(`actions`).addColumn(`inherit`,`integer`,e=>e.notNull().defaultTo(0)).execute()}async function fh(e){await e.schema.alterTable(`actions`).dropColumn(`inherit`).execute(),await e.schema.alterTable(`actions`).dropColumn(`is_system`).execute()}var ph=t({down:()=>_h,up:()=>gh}),mh=[`token_endpoint`,`userinfo_endpoint`,`client_id`,`client_secret`];function hh(e){if(!e)return{};try{let t=JSON.parse(e);return t&&typeof t==`object`?t:{}}catch{return{}}}async function gh(e){let t=await e.selectFrom(`connections`).select([`id`,`tenant_id`,`options`]).where(`strategy`,`=`,`auth0`).execute(),n=new Map;for(let e of t){let t=n.get(e.tenant_id)??[];t.push(e),n.set(e.tenant_id,t)}let r=[...n.entries()].filter(([,e])=>e.length!==1);if(r.length>0){let e=r.map(([e,t])=>`${e} (${t.length} rows: ${t.map(e=>e.id).join(`, `)})`).join(`; `);throw Error(`[collapse_auth0_source] cannot proceed: the following tenants have more than one strategy="auth0" connection — resolve manually before re-running the migration: ${e}`)}for(let[t,r]of n){let n=r[0],i=await e.selectFrom(`connections`).select([`id`,`name`,`options`]).where(`tenant_id`,`=`,t).where(`strategy`,`=`,`Username-Password-Authentication`).execute();if(i.length===0){console.warn(`[collapse_auth0_source] tenant=${t}: auth0 connection ${n.id} has no DB connection to merge into; deleting it`),await e.deleteFrom(`connections`).where(`tenant_id`,`=`,t).where(`id`,`=`,n.id).execute();continue}if(i.length>1){console.warn(`[collapse_auth0_source] tenant=${t}: ${i.length} DB connections found; skipping merge — resolve manually before next deploy`);continue}let a=hh(n.options),o={};for(let e of mh)typeof a[e]==`string`&&(o[e]=a[e]);let s=i[0],c=hh(s.options);c.configuration={...c.configuration&&typeof c.configuration==`object`?c.configuration:{},...o},await e.updateTable(`connections`).set({options:JSON.stringify(c)}).where(`tenant_id`,`=`,t).where(`id`,`=`,s.id).execute(),await e.deleteFrom(`connections`).where(`tenant_id`,`=`,t).where(`id`,`=`,n.id).execute()}}async function _h(){}var vh=t({down:()=>bh,up:()=>yh});async function yh(e){await e.schema.createTable(`migration_sources`).addColumn(`id`,`varchar(64)`,e=>e.primaryKey()).addColumn(`tenant_id`,`varchar(191)`,e=>e.notNull()).addColumn(`name`,`varchar(255)`,e=>e.notNull()).addColumn(`provider`,`varchar(32)`,e=>e.notNull()).addColumn(`connection`,`varchar(255)`,e=>e.notNull()).addColumn(`enabled`,`boolean`,e=>e.notNull()).addColumn(`credentials`,`text`,e=>e.notNull()).addColumn(`created_at`,`varchar(35)`,e=>e.notNull()).addColumn(`updated_at`,`varchar(35)`,e=>e.notNull()).execute(),await e.schema.createIndex(`idx_migration_sources_tenant_id`).on(`migration_sources`).columns([`tenant_id`]).execute()}async function bh(e){await e.schema.dropTable(`migration_sources`).execute()}var xh={m1_init:va,m2_magicLink:xa,m3_updateAt:wa,m4_logTable:Da,m5_userProfile:Aa,m6_sessions:Na,m7_passwords:Ia,m8_logsTableNewFields:za,m9_passwordTableNewField:Ha,n01_codesTable:Ga,n11_universalLoginSession:Ja,n12_userFields:Za,n13_userEmailIndex:eo,n14_profileDataField:ro,n15_userEmailIndex:oo,n16_userLocale:lo,n17_signingKeys:po,n18_logsFields:go,n19_connectionsUserinfo:yo,n20_missingFields:So,n21_sessionDeletedAt:To,n22_dropLogsFields:Oo,n23_dropUsersFields:jo,n24_logsIndexes:Po,n25_logDescMaxLength:Lo,n26_logsTableExtraFields:Bo,n27_usersTableNameIndex:Uo,n28_usersEmailConstrain:Ko,n29_increaseOtpStateLength:Yo,n30_increaseTicketStateLength:Qo,n31_branding:ts,n32_indexesAndNotNull:is,n33_vendorIdInUniversalLoginSession:ss,n34_auth0ClientInUniversalLoginSession:us,n35_increaseUniversalSessionStateLength:ps,n36_authenticationCodes:gs,n37_disableSignUps:ys,n38_otpIpAddress:Ss,n39_increaseUserAgentLength:Ts,n40_userId:Os,n41_hooks:js,n42_userIdIndexes:Ps,n43_userIdIndexes:Ls,n44_codes:Bs,n45_hookProperties:Us,n46_loginAuth0Client:Ks,n47_loginAuth0Client:Ys,n48_saml:Qs,n49_removeFields:tc,n50_authParamsNonce:ic,n51_connectionid:sc,n52_cert:uc,n53_codes_primary_key:pc,n54_cleanup_tables:gc,n55_logs_index:yc,n56_application_fields:Sc,n57_prompt_settings:Tc,n58_connection_client_id:Oc,n59_connection_options:jc,n60_users_metadata:Pc,n61_userLocales:Lc,n62_prompt:Bc,n63_connection_cleanup:Uc,n64_act_as:Kc,n65_code_verifier:Yc,n66_email_providers:Qc,n67_drop_tickets:tl,n68_login_useragents:il,n70_refresh_tokens:sl,n71_session_new_fields:ul,n72_session_primary_key:pl,n73_drop_sessions:gl,n74_custom_domains:yl,n75_organizations:Sl,n76_authorization_url_length:Tl,n77_drop_sessions:Ol,n78_login_sessions:jl,n79_drop_sessions_2:Pl,n80_recreate_custom_domains:Ll,n81_phone:Bl,n82_forms:Ul,n83_addFormsIdToHooks:Kl,n84_login_completed:Yl,n85_add_login_session_id_to_sessions:Ql,n86_index_sessions_login_session_id:tu,n87_code_challenge:iu,n88_add_redirect_uri_to_codes:su,n89_add_nonce_and_state_to_codes:uu,n90_themes:pu,n91_resource_servers_rules_permissions:gu,n92_role_permissions:yu,n93_add_permissions_to_roles:Su,n94_keys_connection_and_extend_columns:Tu,n95_create_organizations_table:Ou,n96_create_user_organizations_table:ju,n97_add_organization_to_user_permissions_and_roles:Pu,n98_clients:Lu,n99_update_client_foreign_keys:Hu,o001_client_grants:Xu,o002_drop_applications:$u,o003_phone_number_index:nd,o004_login_sessions_id_index:ad,o005_connections_tenant_index:cd,o006_remove_redundant_user_organizations_tenant_index:dd,o007_tenant_settings:md,o008_merge_tenant_settings_into_tenants:_d,o009_create_invites_table:bd,o010_add_log_id_to_logs:Cd,o011_add_location_info_to_logs:Ed,o012_add_password_history:kd,o013_connection_display_name:Md,o014_client_connections:Fd,o015_flows:Rd,o016_add_is_system_column:Vd,o017_connections_composite_key:Wd,o018_login_session_state:qd,o019_roles_resource_servers_metadata:Xd,o020_session_add_timestamp_columns:$d,o021_session_cleanup_and_ulid:rf,o022_oidc_profile_claims:cf,o023_preferred_username:df,o024_user_address:mf,o025_authparams_max_age:_f,o026_auth0_conformant:bf,o027_universal_login_templates:Cf,o028_custom_text:Ef,o029_guardian_mfa:kf,o030_add_template_id_to_hooks:Mf,o031_hooks_cleanup:Rf,o032_unique_username_provider:Uf,o033_add_login_id_to_refresh_tokens:Kf,o034_refresh_tokens_replace_session_id_with_login_id:Yf,o035_idle_expires_at_ts_indexes:$f,o036_add_connection_to_login_sessions:np,o037_mfa_enrollments:ap,o038_add_otp_to_codes:cp,o039_rename_mfa_enrollments_to_authentication_methods:dp,o040_create_outbox_events:mp,o041_add_outbox_claim_columns:_p,o042_add_outbox_claim_index:bp,o043_add_code_hooks:Cp,o044_create_actions:Ep,o045_outbox_dead_letter:kp,o046_user_registration_completed_at:Mp,o047_outbox_dead_lettered_tenant_index:Fp,o048_add_auth_strategy_to_login_sessions:Rp,o049_login_sessions_auth_params:Vp,o050_login_sessions_auth_params_backfill:Gp,o051_relax_login_sessions_authparams:Zp,o052_drop_login_sessions_hoisted_authparams:rm,o053_refresh_tokens_revoked_at:dm,o054_client_registration_tokens:mm,o055_planetscale_redundant_indexes_cleanup:_m,o056_client_user_linking_mode:Cm,o057_hooks_metadata:Em,o058_refresh_tokens_rotation:km,o059_organization_connections:Mm,o060_log_streams:Fm,o061_tenants_attack_protection:Rm,o062_tenants_default_client_id:Vm,o063_email_templates:Wm,o064_create_action_versions:qm,o065_branding_dark_mode:Xm,o066_create_action_executions:$m,o067_client_disable_sign_ups:nh,o068_move_disable_signup_to_connection:oh,o069_actions_is_system_inherit:uh,o070_collapse_auth0_source_into_db_connection:ph,o071_migration_sources:vh};async function Sh(e,t=!1){Vu(t),t&&console.log(`migrating...`);let{error:n,results:r}=await new ga({db:e,provider:new _a(xh)}).migrateToLatest();if(r?.forEach(e=>{e.status===`Success`?t&&console.log(`migration "${e.migrationName}" was executed successfully`):e.status===`Error`&&console.error(`failed to execute migration "${e.migrationName}"`)}),n)throw console.error(`failed to migrate`),console.error(n),n}async function Ch(e,t=!1){Vu(t),t&&console.log(`migrating...`);let{error:n,results:r}=await new ga({db:e,provider:new _a(xh)}).migrateDown();if(r?.forEach(e=>{e.status===`Success`?t&&console.log(`migration "${e.migrationName}" was reverted successfully`):e.status===`Error`&&console.error(`failed to execute migration "${e.migrationName}"`)}),n)throw console.error(`failed to migrate`),console.error(n),n}function wh(e,t={useTransactions:!0}){let n={actions:se(e),actionExecutions:de(e),actionVersions:me(e),branding:pn(e),clients:kt(e),clientConnections:Ft(e),clientGrants:Vt(e),clientRegistrationTokens:Qt(e),codes:ht(e),connections:St(e),emailProviders:$n(e),emailTemplates:or(e),customDomains:un(e),flows:Ne(e),forms:Cr(e),hookCode:On(e),hooks:Cn(e),invites:hi(e),keys:nn(e),loginSessions:Wn(e),logs:Ze(e),logStreams:Zi(e),migrationSources:Qi(e),authenticationMethods:zi(e),passwords:ct(e),promptSettings:Jn(e),refreshTokens:hr(e),resourceServers:kr(e),rolePermissions:zr(e),userPermissions:Wr(e),userRoles:Yr(e),roles:Fr(e),sessions:rt(e),sessionCleanup:_r(e),tenants:Ue(e),themes:Nn(e),universalLoginTemplates:_n(e),customText:Mi(e),users:Te(e),organizations:ti(e),organizationConnections:ni(e),userOrganizations:li(e),stats:bi(e),analytics:ji(e),outbox:Xi(e),async transaction(r){return t.useTransactions===!1?r(n):e.transaction().execute(async e=>r(wh(e,{...t,useTransactions:!1})))}};return n}exports.default=wh,exports.migrateDown=Ch,exports.migrateToLatest=Sh;