@axium/core 0.7.0 → 0.9.0

package/dist/api.d.ts

@@ -2,10 +2,21 @@ import type { PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialRequest
 import type z from 'zod';
 import type { AccessControl } from './access.js';
 import type { App } from './apps.js';
+import type { AuditEvent, AuditFilter, Severity } from './audit.js';
 import type { NewSessionResponse, Session, Verification } from './auth.js';
 import type { Passkey, PasskeyAuthenticationResponse, PasskeyChangeable, PasskeyRegistration } from './passkeys.js';
 import type { RequestMethod } from './requests.js';
-import type { LogoutSessions, User, UserAuthOptions, UserChangeable, UserPublic, UserRegistration } from './user.js';
+import type { LogoutSessions, User, UserAuthOptions, UserChangeable, UserInternal, UserPublic, UserRegistration } from './user.js';
+import type { PluginInternal } from './plugins.js';
+export interface AdminSummary {
+    users: number;
+    passkeys: number;
+    sessions: number;
+    auditEvents: Record<keyof typeof Severity, number>;
+    configFiles: number;
+    plugins: number;
+    version: string;
+}
 /**
  * Types for all API endpoints
  * @internal
@@ -88,9 +99,41 @@ export interface $API {
             permission: number;
         }, AccessControl];
     };
+    'admin/summary': {
+        GET: AdminSummary;
+    };
+    'admin/users/all': {
+        GET: UserInternal[];
+    };
+    'admin/users/:userId': {
+        GET: UserInternal & {
+            sessions: Session[];
+        };
+    };
+    'admin/config': {
+        GET: {
+            files: Record<string, object>;
+            config: Record<string, unknown>;
+        };
+    };
+    'admin/plugins': {
+        GET: PluginInternal[];
+    };
+    'admin/audit/events': {
+        OPTIONS: {
+            name: string[];
+            source: string[];
+            tags: string[];
+        } | false;
+        GET: [filter: z.input<typeof AuditFilter>, result: AuditEvent[]];
+    };
+    'admin/audit/:eventId': {
+        GET: AuditEvent;
+    };
 }
 export type Endpoint = keyof $API;
 export type APIFunction<Method extends RequestMethod, E extends Endpoint> = Method extends keyof $API[E] ? $API[E][Method] extends [infer Body, infer Result] ? (body: Body) => Promise<Result> : () => $API[E][Method] : unknown;
 export type RequestBody<Method extends RequestMethod, E extends Endpoint> = Method extends keyof $API[E] ? $API[E][Method] extends [infer Body, unknown] ? Body : any : unknown;
-export type Result<Method extends RequestMethod, E extends Endpoint> = Promise<Method extends keyof $API[E] ? ($API[E][Method] extends [unknown, infer R] ? R : $API[E][Method]) : unknown>;
+export type Result<Method extends RequestMethod & keyof $API[E], E extends Endpoint> = $API[E][Method] extends [unknown, infer R] ? R : $API[E][Method];
+export type AsyncResult<Method extends RequestMethod & keyof $API[E], E extends Endpoint> = Promise<Result<Method, E>>;
 export type APIParameters<S extends string> = S extends `${string}/:${infer Right}` ? [string, ...APIParameters<Right>] : [];

package/dist/apps.d.ts

@@ -7,3 +7,4 @@ export declare const App: z.ZodObject<{
 }, z.core.$strip>;
 export interface App extends z.infer<typeof App> {
 }
+export declare const apps: Map<string, App>;

package/dist/apps.js

@@ -5,3 +5,4 @@ export const App = z.object({
     image: z.string().optional(),
     icon: z.string().optional(),
 });
+export const apps = new Map();

package/dist/audit.d.ts

@@ -0,0 +1,43 @@
+import * as z from 'zod';
+import type { User } from './user.js';
+export declare enum Severity {
+    Emergency = 0,
+    Alert = 1,
+    Critical = 2,
+    Error = 3,
+    Warning = 4,
+    Notice = 5,
+    Info = 6,
+    Debug = 7
+}
+export declare const severityNames: Lowercase<keyof typeof Severity>[];
+export interface AuditEvent<T extends Record<string, unknown> = Record<string, unknown>> {
+    /** UUID of the event */
+    id: string;
+    /** UUID of the user that triggered the event. `null` for events triggered via the server CLI */
+    userId: string | null;
+    user?: (Pick<User, 'id' | 'name'> & Partial<User>) | null;
+    /** When the event happened */
+    timestamp: Date;
+    /** How severe the event is */
+    severity: Severity;
+    /** Snake case name for the event */
+    name: string;
+    /** The source of the event. This should be a package name */
+    source: string;
+    /** Tags for the event. For example, `auth` for authentication events */
+    tags: string[];
+    /** Additional event specific data. */
+    extra: T;
+}
+export declare const AuditFilter: z.ZodObject<{
+    since: z.ZodOptional<z.ZodCoercedDate<unknown>>;
+    until: z.ZodOptional<z.ZodCoercedDate<unknown>>;
+    user: z.ZodOptional<z.ZodNullable<z.ZodUnion<readonly [z.ZodUUID, z.ZodPipe<z.ZodLiteral<"null">, z.ZodTransform<null, "null">>]>>>;
+    severity: z.ZodOptional<z.ZodPipe<z.ZodLiteral<"debug" | "error" | "emergency" | "alert" | "critical" | "warning" | "notice" | "info">, z.ZodTransform<Severity, "debug" | "error" | "emergency" | "alert" | "critical" | "warning" | "notice" | "info">>>;
+    source: z.ZodOptional<z.ZodString>;
+    tags: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    event: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+export interface AuditFilter extends z.infer<typeof AuditFilter> {
+}

package/dist/audit.js

@@ -0,0 +1,28 @@
+import { capitalize, uncapitalize } from 'utilium/string.js';
+import * as z from 'zod';
+export var Severity;
+(function (Severity) {
+    Severity[Severity["Emergency"] = 0] = "Emergency";
+    Severity[Severity["Alert"] = 1] = "Alert";
+    Severity[Severity["Critical"] = 2] = "Critical";
+    Severity[Severity["Error"] = 3] = "Error";
+    Severity[Severity["Warning"] = 4] = "Warning";
+    Severity[Severity["Notice"] = 5] = "Notice";
+    Severity[Severity["Info"] = 6] = "Info";
+    Severity[Severity["Debug"] = 7] = "Debug";
+})(Severity || (Severity = {}));
+export const severityNames = Object.keys(Severity)
+    .filter(k => isNaN(Number(k)))
+    .map(uncapitalize);
+export const AuditFilter = z.object({
+    since: z.coerce.date().optional(),
+    until: z.coerce.date().optional(),
+    user: z.union([z.uuid(), z.literal(['null']).transform(() => null)]).nullish(),
+    severity: z
+        .literal(severityNames)
+        .transform(v => Severity[capitalize(v)])
+        .optional(),
+    source: z.string().optional(),
+    tags: z.string().array().optional(),
+    event: z.string().optional(),
+});

package/dist/auth.d.ts

@@ -1,9 +1,12 @@
-export interface Session {
-    id: string;
-    userId: string;
-    expires: Date;
-    created: Date;
-    elevated: boolean;
+import * as z from 'zod';
+export declare const Session: z.ZodObject<{
+    id: z.ZodUUID;
+    userId: z.ZodUUID;
+    expires: z.ZodCoercedDate<unknown>;
+    created: z.ZodCoercedDate<unknown>;
+    elevated: z.ZodBoolean;
+}, z.core.$strip>;
+export interface Session extends z.infer<typeof Session> {
 }
 export interface Verification {
     userId: string;

package/dist/auth.js

@@ -1 +1,8 @@
-export {};
+import * as z from 'zod';
+export const Session = z.object({
+    id: z.uuid(),
+    userId: z.uuid(),
+    expires: z.coerce.date(),
+    created: z.coerce.date(),
+    elevated: z.boolean(),
+});

package/dist/color.d.ts

@@ -0,0 +1 @@
+export declare function colorHash(input: string): `rgb(${number}, ${number}, ${number})`;

package/dist/color.js

@@ -0,0 +1,11 @@
+export function colorHash(input) {
+    let color = input.charCodeAt(0);
+    for (let i = 1; i < input.length; i++) {
+        color *= input.charCodeAt(i);
+    }
+    color &= 0xbfbfbf;
+    const r = (color >> 16) & 0xff;
+    const g = (color >> 8) & 0xff;
+    const b = color & 0xff;
+    return `rgb(${r}, ${g}, ${b})`;
+}

package/dist/index.d.ts

@@ -1,9 +1,11 @@
 export * from './access.js';
 export * from './api.js';
 export * from './apps.js';
+export * from './audit.js';
 export * from './auth.js';
 export * as icons from './icons.js';
 export * from './passkeys.js';
+export * from './plugins.js';
 export * from './preferences.js';
 export * from './requests.js';
 export * from './schemas.js';

package/dist/index.js

@@ -1,9 +1,11 @@
 export * from './access.js';
 export * from './api.js';
 export * from './apps.js';
+export * from './audit.js';
 export * from './auth.js';
 export * as icons from './icons.js';
 export * from './passkeys.js';
+export * from './plugins.js';
 export * from './preferences.js';
 export * from './requests.js';
 export * from './schemas.js';

package/dist/io.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Get a human-readable string for a date that also fits into CLIs well (fixed-width)
+ */
+export declare function prettyDate(date: Date): string;
+export declare let _debugOutput: boolean;
+/**
+ * Enable or disable debug output.
+ */
+export declare function _setDebugOutput(enabled: boolean): void;
+export declare let start: (message: string) => void;
+export declare let progress: (value: number, max: number, message?: any) => void;
+export declare let done: () => void;
+export interface ProgressIO {
+    start(message: string): void;
+    progress(value: number, max: number, message?: any): void;
+    done(): void;
+}
+export declare function useProgressIO(io: ProgressIO): void;
+export declare let debug: (...args: any[]) => void;
+export declare let log: (...args: any[]) => void;
+export declare let info: (...args: any[]) => void;
+export declare let warn: (...args: any[]) => void;
+export declare let error: (...args: any[]) => void;
+export interface ConsoleLike {
+    debug(...args: any[]): void;
+    log(...args: any[]): void;
+    info(...args: any[]): void;
+    warn(...args: any[]): void;
+    error(...args: any[]): void;
+}
+export declare function useOutput(output: ConsoleLike): void;
+/**
+ * This is a factory for handling errors when performing operations.
+ * The handler will allow the parent scope to continue if certain errors occur,
+ * rather than fatally exiting.
+ */
+export declare function someWarnings(...allowList: [RegExp, string?][]): (error: string | Error) => void;
+/** @hidden @internal for Logzen */
+export declare const constructor: {
+    name: string;
+};

package/dist/io.js

@@ -0,0 +1,57 @@
+const months = ['Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'];
+// Shortcut to convert to 2-digit. Mostly used to make the line shorter.
+const _2 = (v) => v.toString().padStart(2, '0');
+/**
+ * Get a human-readable string for a date that also fits into CLIs well (fixed-width)
+ */
+export function prettyDate(date) {
+    return `${date.getFullYear()} ${months[date.getMonth()]} ${_2(date.getDate())} ${_2(date.getHours())}:${_2(date.getMinutes())}:${_2(date.getSeconds())}.${date.getMilliseconds().toString().padStart(3, '0')}`;
+}
+export let _debugOutput = false;
+/**
+ * Enable or disable debug output.
+ */
+export function _setDebugOutput(enabled) {
+    _debugOutput = enabled;
+}
+// I/O for "progressive" actions
+export let start;
+export let progress;
+export let done;
+export function useProgressIO(io) {
+    start = io.start.bind(io);
+    progress = io.progress.bind(io);
+    done = io.done.bind(io);
+}
+// User-facing messaging
+export let debug;
+export let log;
+export let info;
+export let warn;
+export let error;
+export function useOutput(output) {
+    debug = output.debug.bind(output);
+    log = output.log.bind(output);
+    info = output.info.bind(output);
+    warn = output.warn.bind(output);
+    error = output.error.bind(output);
+}
+/**
+ * This is a factory for handling errors when performing operations.
+ * The handler will allow the parent scope to continue if certain errors occur,
+ * rather than fatally exiting.
+ */
+export function someWarnings(...allowList) {
+    return (error) => {
+        error = typeof error == 'object' && 'message' in error ? error.message : error;
+        for (const [pattern, message = error] of allowList) {
+            if (!pattern.test(error))
+                continue;
+            warn(message);
+            return;
+        }
+        throw error;
+    };
+}
+/** @hidden @internal for Logzen */
+export const constructor = { name: 'Console' };

package/dist/node/daemon.d.ts

@@ -0,0 +1 @@
+export declare function outputDaemonStatus(name: string): void;

package/dist/node/daemon.js

@@ -0,0 +1,21 @@
+import { styleText } from 'node:util';
+import { spawnSync } from 'node:child_process';
+export function outputDaemonStatus(name) {
+    process.stdout.write(styleText('whiteBright', 'Daemon: '));
+    const daemonIs = (sub) => spawnSync('systemctl', ['is-' + sub, name], { stdio: 'pipe', encoding: 'utf8' });
+    const { status: dNotActive, stdout: dStatus } = daemonIs('active');
+    const { status: dNotFailed } = daemonIs('failed');
+    const { stdout: dEnabled } = daemonIs('enabled');
+    if (dEnabled.trim() == 'not-found')
+        console.log(styleText('dim', 'not found'));
+    else {
+        process.stdout.write(dEnabled.trim() + ', ');
+        const status = dStatus.trim();
+        if (!dNotFailed)
+            console.log(styleText('red', status));
+        else if (!dNotActive)
+            console.log(styleText('green', status));
+        else
+            console.log(styleText('yellow', status));
+    }
+}

package/dist/node/index.d.ts

@@ -0,0 +1,3 @@
+export * from './daemon.js';
+export * as io from './io.js';
+export * from './plugins.js';

package/dist/node/index.js

@@ -0,0 +1,3 @@
+export * from './daemon.js';
+export * as io from './io.js';
+export * from './plugins.js';

package/dist/node/io.d.ts

@@ -0,0 +1,11 @@
+export * from '../io.js';
+export declare function setCommandTimeout(value: number): void;
+/**
+ * Run a system command with the fancy "Example... done."
+ * @internal
+ */
+export declare function run(message: string, command: string): Promise<string>;
+/** Yet another convenience function */
+export declare function exit(message: string | Error, code?: number): never;
+export declare function handleError(e: number | string | Error): void;
+export declare function writeJSON(path: string, data: any): void;

package/dist/node/io.js

@@ -0,0 +1,84 @@
+import { exec } from 'node:child_process';
+import { writeFileSync } from 'node:fs';
+import { styleText } from 'node:util';
+import { _debugOutput, done, error, start, useOutput, useProgressIO } from '../io.js';
+export * from '../io.js';
+useProgressIO({
+    start(message) {
+        process.stdout.write(message + '... \x1b[s');
+    },
+    /** @todo implement additional messaging */
+    progress(value, max, message) {
+        process.stdout.write(`\x1b[u\x1b[K${value.toString().padStart(max.toString().length)}/${max}`);
+        if (value >= max)
+            console.log();
+    },
+    done() {
+        console.log('done.');
+    },
+});
+useOutput({
+    error(message) {
+        console.error(message.startsWith('\x1b') ? message : styleText('red', message));
+    },
+    warn(message) {
+        console.warn(message.startsWith('\x1b') ? message : styleText('yellow', message));
+    },
+    info(message) {
+        console.info(message.startsWith('\x1b') ? message : styleText('blue', message));
+    },
+    log(message) {
+        console.log(message);
+    },
+    debug(message) {
+        _debugOutput && console.debug(message.startsWith('\x1b') ? message : styleText('gray', message));
+    },
+});
+let timeout = 1000;
+export function setCommandTimeout(value) {
+    timeout = value;
+}
+/**
+ * Run a system command with the fancy "Example... done."
+ * @internal
+ */
+export async function run(message, command) {
+    let stderr;
+    try {
+        start(message);
+        const { promise, resolve, reject } = Promise.withResolvers();
+        exec(command, { timeout }, (err, stdout, _stderr) => {
+            stderr = _stderr.startsWith('ERROR:') ? _stderr.slice(6).trim() : _stderr;
+            if (err)
+                reject('[command]');
+            else
+                resolve(stdout);
+        });
+        const value = await promise;
+        done();
+        return value;
+    }
+    catch (error) {
+        throw error == '[command]'
+            ? stderr?.slice(0, 100) || 'failed.'
+            : typeof error == 'object' && 'message' in error
+                ? error.message
+                : error;
+    }
+}
+/** Yet another convenience function */
+export function exit(message, code = 1) {
+    if (message instanceof Error)
+        message = message.message;
+    error(message);
+    process.exit(code);
+}
+export function handleError(e) {
+    if (typeof e == 'number')
+        process.exit(e);
+    else
+        exit(e);
+}
+export function writeJSON(path, data) {
+    writeFileSync(path, JSON.stringify(data, null, 4).replaceAll(/^( {4})+/g, match => '\t'.repeat(match.length / 4)), 'utf-8');
+}

package/dist/node/plugins.d.ts

@@ -0,0 +1,3 @@
+import { type PluginInternal } from '@axium/core/plugins';
+export declare function pluginText(plugin: PluginInternal): Generator<string>;
+export declare function loadPlugin<const T extends 'client' | 'server'>(mode: T, specifier: string, _loadedBy: string, safeMode?: boolean): Promise<void>;

package/dist/node/plugins.js

@@ -0,0 +1,77 @@
+import * as io from '@axium/core/node/io';
+import { Plugin, plugins } from '@axium/core/plugins';
+import * as fs from 'node:fs';
+import { dirname, join, resolve } from 'node:path/posix';
+import { fileURLToPath } from 'node:url';
+import { styleText } from 'node:util';
+import * as z from 'zod';
+import { apps } from '../apps.js';
+export function* pluginText(plugin) {
+    yield styleText('whiteBright', plugin.name);
+    yield `Version: ${plugin.version}`;
+    yield `Description: ${plugin.description ?? styleText('dim', '(none)')}`;
+    yield `CLI Integration: ${plugin.cli ? 'Yes' : 'No'}`;
+    if (plugin.isServer) {
+        yield `Hooks: ${plugin._hooks ? styleText(['dim', 'bold'], `(${Object.keys(plugin._hooks).length}) `) + Object.keys(plugin._hooks).join(', ') : plugin.server.hooks || styleText('dim', '(none)')}`;
+        yield `HTTP Handler: ${plugin.server.http_handler ?? styleText('dim', '(none)')}`;
+    }
+    else {
+        yield `Hooks: ${plugin._client ? styleText(['dim', 'bold'], `(${Object.keys(plugin._client).length}) `) + Object.keys(plugin._client).join(', ') : plugin.client.hooks || styleText('dim', '(none)')}`;
+    }
+}
+function _locatePlugin(specifier, _loadedBy) {
+    if (specifier[0] == '/' || specifier.startsWith('./') || specifier.startsWith('../')) {
+        return resolve(dirname(_loadedBy), specifier);
+    }
+    let packageDir = dirname(fileURLToPath(import.meta.resolve(specifier)));
+    for (; !fs.existsSync(join(packageDir, 'package.json')); packageDir = dirname(packageDir))
+        ;
+    return join(packageDir, 'package.json');
+}
+export async function loadPlugin(mode, specifier, _loadedBy, safeMode = false) {
+    try {
+        const path = _locatePlugin(specifier, _loadedBy);
+        let imported;
+        try {
+            imported = JSON.parse(fs.readFileSync(path, 'utf8'));
+        }
+        catch {
+            throw new Error('Invalid or missing metadata for ' + specifier);
+        }
+        if ('axium' in imported)
+            Object.assign(imported, imported.axium); // support axium field in package.json
+        const plugin = Object.assign(await Plugin.parseAsync(imported).catch(e => {
+            throw e instanceof z.core.$ZodError ? z.prettifyError(e) : e;
+        }), { path, specifier, _loadedBy, dirname: dirname(path), cli: imported[mode]?.cli, isServer: mode === 'server' });
+        if (!plugin[mode])
+            throw `Plugin does not support running ${mode}-side`;
+        if (!safeMode) {
+            if (plugin.cli)
+                await import(resolve(plugin.dirname, plugin.cli));
+            if (mode == 'client') {
+                if (plugin.client.hooks)
+                    Object.assign(plugin, { _client: await import(resolve(plugin.dirname, plugin.client.hooks)) });
+            }
+            if (mode == 'server') {
+                if (plugin.server.hooks)
+                    Object.assign(plugin, { _hooks: await import(resolve(plugin.dirname, plugin.server.hooks)) });
+            }
+        }
+        Object.freeze(plugin);
+        if (plugins.has(plugin.name))
+            throw 'Plugin already loaded';
+        if (plugin.name.startsWith('#') || plugin.name.includes(' ')) {
+            throw 'Invalid plugin name. Plugin names can not start with a hash or contain spaces.';
+        }
+        for (const app of plugin.apps ?? []) {
+            if (apps.has(app.id))
+                throw new ReferenceError(`App with ID "${app.id}" already exists.`);
+            apps.set(app.id, app);
+        }
+        plugins.set(plugin.name, plugin);
+        io.debug(`Loaded plugin: ${plugin.name} ${plugin.version}`);
+    }
+    catch (e) {
+        io.warn(`Failed to load plugin from ${specifier}: ${e ? (e instanceof Error ? e.message : e.toString()) : e}`);
+    }
+}

package/dist/passkeys.d.ts

@@ -11,12 +11,12 @@ export declare const PasskeyRegistration: z.ZodObject<{
         authenticatorData: z.ZodOptional<z.ZodString>;
         transports: z.ZodOptional<z.ZodArray<z.ZodEnum<{
             ble: "ble";
+            cable: "cable";
             hybrid: "hybrid";
             internal: "internal";
             nfc: "nfc";
-            usb: "usb";
-            cable: "cable";
             "smart-card": "smart-card";
+            usb: "usb";
         }>>>;
         publicKeyAlgorithm: z.ZodOptional<z.ZodNumber>;
         publicKey: z.ZodOptional<z.ZodString>;

package/dist/plugins.d.ts

@@ -0,0 +1,67 @@
+import * as z from 'zod';
+export declare const Plugin: z.ZodObject<{
+    name: z.ZodString;
+    version: z.ZodString;
+    description: z.ZodOptional<z.ZodString>;
+    apps: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        name: z.ZodOptional<z.ZodString>;
+        image: z.ZodOptional<z.ZodString>;
+        icon: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>>;
+    client: z.ZodOptional<z.ZodObject<{
+        cli: z.ZodOptional<z.ZodString>;
+        hooks: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>;
+    server: z.ZodOptional<z.ZodObject<{
+        hooks: z.ZodOptional<z.ZodString>;
+        http_handler: z.ZodOptional<z.ZodString>;
+        routes: z.ZodOptional<z.ZodString>;
+        cli: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>;
+}, z.core.$loose>;
+export type Plugin = z.infer<typeof Plugin>;
+export interface PluginInternal extends Plugin {
+    readonly path: string;
+    readonly dirname: string;
+    readonly specifier: string;
+    readonly _loadedBy: string;
+    readonly cli?: string;
+    /** @internal */
+    readonly _hooks?: ServerHooks;
+    /** @internal */
+    readonly _client?: ClientHooks;
+    readonly isServer: boolean;
+}
+export declare const plugins: Map<string, PluginInternal>;
+/**
+ * @internal
+ */
+export declare function _findPlugin(search: string): PluginInternal;
+export declare const PluginServerHooks: z.ZodObject<{
+    statusText: z.ZodOptional<z.ZodCustom<z.core.$InferInnerFunctionTypeAsync<z.ZodTuple<readonly [], null>, z.ZodString>, z.core.$InferInnerFunctionTypeAsync<z.ZodTuple<readonly [], null>, z.ZodString>>>;
+    db_init: z.ZodOptional<z.ZodCustom<(...args: any[]) => any, (...args: any[]) => any>>;
+    remove: z.ZodOptional<z.ZodCustom<(...args: any[]) => any, (...args: any[]) => any>>;
+    db_wipe: z.ZodOptional<z.ZodCustom<(...args: any[]) => any, (...args: any[]) => any>>;
+    clean: z.ZodOptional<z.ZodCustom<(...args: any[]) => any, (...args: any[]) => any>>;
+}, z.core.$strip>;
+interface _InitOptions {
+    force?: boolean;
+    skip: boolean;
+    check: boolean;
+}
+export interface ServerHooks {
+    statusText?(): string | Promise<string>;
+    db_init?: (opt: _InitOptions) => void | Promise<void>;
+    remove?: (opt: {
+        force?: boolean;
+    }) => void | Promise<void>;
+    db_wipe?: (opt: {
+        force?: boolean;
+    }) => void | Promise<void>;
+    clean?: (opt: Partial<_InitOptions>) => void | Promise<void>;
+}
+export interface ClientHooks {
+    run(): void | Promise<void>;
+}
+export {};

package/dist/plugins.js

@@ -0,0 +1,46 @@
+import * as z from 'zod';
+import { zAsyncFunction } from './schemas.js';
+import { App } from './apps.js';
+export const Plugin = z.looseObject({
+    name: z.string(),
+    version: z.string(),
+    description: z.string().optional(),
+    apps: z.array(App).optional(),
+    client: z
+        .object({
+        /** CLI mixin path */
+        cli: z.string().optional(),
+        /** The path to the hooks script */
+        hooks: z.string().optional(),
+    })
+        .optional(),
+    server: z
+        .object({
+        /** The path to the hooks script */
+        hooks: z.string().optional(),
+        http_handler: z.string().optional(),
+        /** The path to the HTTP handler used by the server */
+        routes: z.string().optional(),
+        /** CLI mixin path */
+        cli: z.string().optional(),
+    })
+        .optional(),
+});
+export const plugins = new Map();
+/**
+ * @internal
+ */
+export function _findPlugin(search) {
+    const plugin = plugins.get(search) ?? plugins.values().find(p => p.specifier.toLowerCase() == search.toLowerCase());
+    if (!plugin)
+        throw `Can't find a plugin matching "${search}"`;
+    return plugin;
+}
+const fn = z.custom(data => typeof data === 'function');
+export const PluginServerHooks = z.object({
+    statusText: zAsyncFunction(z.function({ input: [], output: z.string() })).optional(),
+    db_init: fn.optional(),
+    remove: fn.optional(),
+    db_wipe: fn.optional(),
+    clean: fn.optional(),
+});

package/dist/user.d.ts

@@ -8,16 +8,22 @@ export declare const User: z.ZodObject<{
     image: z.ZodOptional<z.ZodNullable<z.ZodURL>>;
     preferences: z.ZodRecord<z.ZodString, z.ZodAny>;
     roles: z.ZodArray<z.ZodString>;
-    registeredAt: z.ZodDate;
+    registeredAt: z.ZodCoercedDate<unknown>;
+    isAdmin: z.ZodBoolean;
 }, z.core.$strip>;
 export interface User extends z.infer<typeof User> {
     preferences: Preferences;
 }
+export interface UserInternal extends User {
+    isSuspended: boolean;
+    /** Tags are internal, roles are public */
+    tags: string[];
+}
 export declare const userPublicFields: ["id", "image", "name", "registeredAt", "roles"];
 type UserPublicField = (typeof userPublicFields)[number];
 export interface UserPublic extends Pick<User, UserPublicField> {
 }
-export declare const userProtectedFields: ["email", "emailVerified", "preferences"];
+export declare const userProtectedFields: ["email", "emailVerified", "preferences", "isAdmin"];
 export declare const UserChangeable: z.ZodObject<{
     email: z.ZodOptional<z.ZodEmail>;
     name: z.ZodOptional<z.ZodString>;
@@ -41,12 +47,12 @@ export declare const UserRegistration: z.ZodObject<{
             authenticatorData: z.ZodOptional<z.ZodString>;
             transports: z.ZodOptional<z.ZodArray<z.ZodEnum<{
                 ble: "ble";
+                cable: "cable";
                 hybrid: "hybrid";
                 internal: "internal";
                 nfc: "nfc";
-                usb: "usb";
-                cable: "cable";
                 "smart-card": "smart-card";
+                usb: "usb";
             }>>>;
             publicKeyAlgorithm: z.ZodOptional<z.ZodNumber>;
             publicKey: z.ZodOptional<z.ZodString>;
@@ -57,7 +63,7 @@ export declare const UserRegistration: z.ZodObject<{
     }, z.core.$strip>;
 }, z.core.$strip>;
 export declare const UserAuthOptions: z.ZodObject<{
-    type: z.ZodLiteral<"login" | "action">;
+    type: z.ZodLiteral<"login" | "action" | "client_login">;
 }, z.core.$strip>;
 export type UserAuthOptions = z.infer<typeof UserAuthOptions>;
 export declare const LogoutSessions: z.ZodObject<{

package/dist/user.js

@@ -1,5 +1,6 @@
 import * as z from 'zod';
 import { PasskeyRegistration } from './passkeys.js';
+import { colorHash } from './color.js';
 export const User = z.object({
     id: z.uuid(),
     name: z.string().min(1, 'Name is required').max(255, 'Name is too long'),
@@ -8,10 +9,11 @@ export const User = z.object({
     image: z.url().nullish(),
     preferences: z.record(z.string(), z.any()),
     roles: z.array(z.string()),
-    registeredAt: z.date(),
+    registeredAt: z.coerce.date(),
+    isAdmin: z.boolean(),
 });
 export const userPublicFields = ['id', 'image', 'name', 'registeredAt', 'roles'];
-export const userProtectedFields = ['email', 'emailVerified', 'preferences'];
+export const userProtectedFields = ['email', 'emailVerified', 'preferences', 'isAdmin'];
 export const UserChangeable = User.pick({
     name: true,
     email: true,
@@ -21,17 +23,9 @@ export const UserChangeable = User.pick({
 export function getUserImage(user) {
     if (user.image)
         return user.image;
-    user.name ??= '\0';
-    let color = user.name.charCodeAt(0);
-    for (let i = 1; i < user.name.length; i++) {
-        color *= user.name.charCodeAt(i);
-    }
-    color &= 0xbfbfbf;
-    const r = (color >> 16) & 0xff;
-    const g = (color >> 8) & 0xff;
-    const b = color & 0xff;
-    return `data:image/svg+xml;utf8,<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 50 50" style="background-color:rgb(${r},${g},${b});display:flex;align-items:center;justify-content:center;">
-		<text x="23" y="28" style="font-family:sans-serif;font-weight:bold;" fill="white">${user.name.replaceAll(/\W/g, '')[0]}</text>
+    const color = colorHash(user.name ?? '\0');
+    return `data:image/svg+xml;utf8,<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 50 50" style="background-color:${color};display:flex;align-items:center;justify-content:center;">
+		<text x="23" y="28" style="font-family:sans-serif;font-weight:bold;" fill="white">${(user.name ?? '?').replaceAll(/\W/g, '')[0]}</text>
 	</svg>`.replaceAll(/[\t\n]/g, '');
 }
 export const UserRegistration = z.object({
@@ -40,7 +34,7 @@ export const UserRegistration = z.object({
     userId: z.uuid(),
     response: PasskeyRegistration,
 });
-export const UserAuthOptions = z.object({ type: z.literal(['login', 'action']) });
+export const UserAuthOptions = z.object({ type: z.literal(['login', 'action', 'client_login']) });
 export const LogoutSessions = z.object({
     id: z.array(z.uuid()).optional(),
     confirm_all: z.boolean().optional(),

package/package.json

@@ -1,7 +1,7 @@
 {
 	"name": "@axium/core",
-	"version": "0.7.0",
-	"author": "James Prevett <axium@jamespre.dev> (https://jamespre.dev)",
+	"version": "0.9.0",
+	"author": "James Prevett <axium@jamespre.dev>",
 	"funding": {
 		"type": "individual",
 		"url": "https://github.com/sponsors/james-pre"
@@ -20,7 +20,8 @@
 	"types": "dist/index.d.ts",
 	"exports": {
 		".": "./dist/index.js",
-		"./*": "./dist/*.js"
+		"./*": "./dist/*.js",
+		"./node": "./dist/node/index.js"
 	},
 	"files": [
 		"dist",