@axium/server 0.0.1 → 0.0.2

package/README.md

@@ -0,0 +1 @@
+# Axium Server

package/dist/auth.d.ts

@@ -0,0 +1,22 @@
+import type { Adapter } from '@auth/core/adapters';
+import type { Provider } from '@auth/core/providers';
+import type { AuthConfig } from '@auth/core/types';
+import { Registration } from '@axium/core/api';
+declare module '@auth/core/adapters' {
+    interface AdapterUser {
+        password: string;
+        salt: string;
+    }
+}
+export declare let adapter: Adapter;
+export declare function createAdapter(): Adapter;
+export declare function register(credentials: Registration): Promise<{
+    user: import("@auth/core/adapters").AdapterUser | undefined;
+    session: import("@auth/core/adapters").AdapterSession | undefined;
+}>;
+export declare function authorize(credentials: Partial<Record<string, unknown>>): Promise<Omit<import("@auth/core/adapters").AdapterUser, "password" | "salt"> | null>;
+/**
+ * Get the providers current enabled in the Axium config.
+ */
+export declare function getProviders(): Provider[];
+export declare function getConfig(): AuthConfig;

package/dist/auth.js

@@ -0,0 +1,110 @@
+import { CredentialsSignin } from '@auth/core/errors';
+import Credentials from '@auth/core/providers/credentials';
+import Passkey from '@auth/core/providers/passkey';
+import { KyselyAdapter } from '@auth/kysely-adapter';
+import { Login, Registration } from '@axium/core/api';
+import { genSaltSync, hashSync } from 'bcryptjs';
+import { randomBytes } from 'node:crypto';
+import { omit } from 'utilium';
+import * as config from './config.js';
+import * as db from './database.js';
+export let adapter;
+export function createAdapter() {
+    const conn = db.connect();
+    adapter = Object.assign(KyselyAdapter(conn), {
+        _axium: { config },
+        async getAccount(providerAccountId, provider) {
+            const result = await conn.selectFrom('Account').selectAll().where('providerAccountId', '=', providerAccountId).where('provider', '=', provider).executeTakeFirst();
+            return result ?? null;
+        },
+        async getAuthenticator(credentialID) {
+            const result = await conn.selectFrom('Authenticator').selectAll().where('credentialID', '=', credentialID).executeTakeFirst();
+            return result ?? null;
+        },
+        async createAuthenticator(authenticator) {
+            await conn.insertInto('Authenticator').values(authenticator).executeTakeFirstOrThrow();
+            return authenticator;
+        },
+        async listAuthenticatorsByUserId(userId) {
+            const result = await conn.selectFrom('Authenticator').selectAll().where('userId', '=', userId).execute();
+            return result;
+        },
+        async updateAuthenticatorCounter(credentialID, newCounter) {
+            await conn.updateTable('Authenticator').set({ counter: newCounter }).where('credentialID', '=', credentialID).executeTakeFirstOrThrow();
+            const authenticator = await adapter.getAuthenticator?.(credentialID);
+            if (!authenticator)
+                throw new Error('Authenticator not found');
+            return authenticator;
+        },
+    });
+    return adapter;
+}
+export async function register(credentials) {
+    const { email, password, name } = Registration.parse(credentials);
+    const existing = await adapter.getUserByEmail?.(email);
+    if (existing)
+        throw 'User already exists';
+    let id = crypto.randomUUID();
+    while (await adapter.getUser?.(id))
+        id = crypto.randomUUID();
+    const salt = genSaltSync(10);
+    const user = await adapter.createUser?.({
+        id,
+        name,
+        email,
+        emailVerified: null,
+        salt,
+        password: hashSync(password, salt),
+    });
+    const expires = new Date();
+    expires.setMonth(expires.getMonth() + 1);
+    const session = await adapter.createSession?.({
+        sessionToken: randomBytes(64).toString('base64'),
+        userId: id,
+        expires,
+    });
+    return { user, session };
+}
+export async function authorize(credentials) {
+    const { success, error, data } = Login.safeParse(credentials);
+    if (!success)
+        throw new CredentialsSignin(error);
+    const user = await adapter.getUserByEmail?.(data.email);
+    if (!user)
+        return null;
+    if (user.password !== hashSync(data.password, user.salt))
+        return null;
+    return omit(user, 'password', 'salt');
+}
+/**
+ * Get the providers current enabled in the Axium config.
+ */
+export function getProviders() {
+    const providers = [];
+    if (config.auth.passkeys)
+        providers.push(Passkey);
+    if (config.auth.credentials) {
+        providers.push(Credentials({
+            credentials: {
+                email: { label: 'Email', type: 'email' },
+                password: { label: 'Password', type: 'password' },
+            },
+            authorize,
+        }));
+    }
+    return providers;
+}
+export function getConfig() {
+    createAdapter();
+    return {
+        adapter,
+        providers: getProviders(),
+        debug: config.auth.debug ?? config.debug,
+        experimental: { enableWebAuthn: true },
+        secret: config.auth.secret,
+        useSecureCookies: config.auth.secure_cookies,
+        session: {
+            strategy: 'database',
+        },
+    };
+}

package/dist/cli.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/cli.js

@@ -1,251 +1,85 @@
 #!/usr/bin/env node
-var __addDisposableResource = (this && this.__addDisposableResource) || function (env, value, async) {
-    if (value !== null && value !== void 0) {
-        if (typeof value !== "object" && typeof value !== "function") throw new TypeError("Object expected.");
-        var dispose, inner;
-        if (async) {
-            if (!Symbol.asyncDispose) throw new TypeError("Symbol.asyncDispose is not defined.");
-            dispose = value[Symbol.asyncDispose];
-        }
-        if (dispose === void 0) {
-            if (!Symbol.dispose) throw new TypeError("Symbol.dispose is not defined.");
-            dispose = value[Symbol.dispose];
-            if (async) inner = dispose;
-        }
-        if (typeof dispose !== "function") throw new TypeError("Object not disposable.");
-        if (inner) dispose = function() { try { inner.call(this); } catch (e) { return Promise.reject(e); } };
-        env.stack.push({ value: value, dispose: dispose, async: async });
-    }
-    else if (async) {
-        env.stack.push({ async: true });
-    }
-    return value;
-};
-var __disposeResources = (this && this.__disposeResources) || (function (SuppressedError) {
-    return function (env) {
-        function fail(e) {
-            env.error = env.hasError ? new SuppressedError(e, env.error, "An error was suppressed during disposal.") : e;
-            env.hasError = true;
-        }
-        var r, s = 0;
-        function next() {
-            while (r = env.stack.pop()) {
-                try {
-                    if (!r.async && s === 1) return s = 0, env.stack.push(r), Promise.resolve().then(next);
-                    if (r.dispose) {
-                        var result = r.dispose.call(r.value);
-                        if (r.async) return s |= 2, Promise.resolve(result).then(next, function(e) { fail(e); return next(); });
-                    }
-                    else s |= 1;
-                }
-                catch (e) {
-                    fail(e);
-                }
-            }
-            if (s === 1) return env.hasError ? Promise.reject(env.error) : Promise.resolve();
-            if (env.hasError) throw env.error;
-        }
-        return next();
-    };
-})(typeof SuppressedError === "function" ? SuppressedError : function (error, suppressed, message) {
-    var e = new Error(message);
-    return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
-});
 import chalk from 'chalk';
 import { Option, program } from 'commander';
-import { sql } from 'kysely';
-import { exec } from 'node:child_process';
-import { randomBytes } from 'node:crypto';
-import * as _db from './database.js';
-program.version('0.0.0').name('axium').description('Axium server CLI');
-// Options shared by multiple commands
+import { getByString, isJSON, pick, setByString } from 'utilium';
+import $pkg from '../package.json' with { type: 'json' };
+import * as config from './config.js';
+import * as db from './database.js';
+import { err, exit } from './io.js';
+program
+    .version($pkg.version)
+    .name('axium')
+    .description('Axium server CLI')
+    .configureHelp({ showGlobalOptions: true })
+    .option('-D, --debug', 'override debug mode', false)
+    .option('-c, --config <path>', 'path to the config file');
+program.on('option:debug', () => config.set(pick(program.opts(), 'debug')));
+program.on('option:config', () => config.load(program.opts().config));
+program.hook('preAction', function (_, action) {
+    config.loadDefaults();
+    const opt = action.optsWithGlobals();
+    opt.force && console.log(chalk.yellow('--force: Protections disabled.'));
+});
+// Options shared by multiple (sub)commands
 const opts = {
-    host: new Option('-H, --host <host>', 'the host of the database.').default('localhost:5432'),
-    timeout: new Option('-t, --timeout <ms>', 'how long to wait for commands to complete.').default(1000),
+    // database specific
+    host: new Option('-H, --host <host>', 'the host of the database.').argParser(value => {
+        const [hostname, port] = value?.split(':') ?? [];
+        config.db.host = hostname || config.db.host;
+        config.db.port = port && Number.isSafeInteger(parseInt(port)) ? parseInt(port) : config.db.port;
+    }),
     force: new Option('-f, --force', 'force the operation').default(false),
-    verbose: new Option('-v, --verbose', 'verbose output').default(false),
 };
-const axiumDB = program.command('db').alias('database').description('manage the database');
-/** Convenience function for `example... [Done. / error]` */
-async function report(promise, message, success = 'done.') {
-    process.stdout.write(message + '... ');
-    try {
-        const result = await promise;
-        console.log(success);
-        return result;
-    }
-    catch (error) {
-        throw typeof error == 'object' && 'message' in error ? error.message : error;
-    }
-}
-/** Convenience function for `sudo -u postgres psql -c "${command}"`, plus `report` coolness */
-async function runSQL(opts, command, message) {
-    let stderr;
-    try {
-        process.stdout.write(message + '... ');
-        const { promise, resolve, reject } = Promise.withResolvers();
-        exec(`sudo -u postgres psql -c "${command}"`, { timeout: 1000, ...opts }, (err, _, _stderr) => {
-            stderr = _stderr.startsWith('ERROR:') ? _stderr.slice(6).trim() : _stderr;
-            if (err)
-                reject('[command]');
-            else
-                resolve();
-        });
-        await promise;
-        console.log('done.');
-    }
-    catch (error) {
-        throw error == '[command]' ? stderr?.slice(0, 100) || 'failed.' : typeof error == 'object' && 'message' in error ? error.message : error;
-    }
-}
-function err(message) {
-    if (message instanceof Error)
-        message = message.message;
-    console.error(message.startsWith('\x1b') ? message : chalk.red(message));
-}
-/** Yet another convenience function */
-function exit(message, code = 1) {
-    err(message);
-    process.exit(code);
-}
-function shouldRecreate(opt) {
-    if (opt.skip) {
-        console.warn(chalk.yellow('already exists. (skipped)'));
-        return true;
-    }
-    if (opt.force) {
-        console.warn(chalk.yellow('already exists. (re-creating)'));
-        return false;
+const axiumDB = program
+    .command('db')
+    .alias('database')
+    .description('manage the database')
+    .option('-t, --timeout <ms>', 'how long to wait for commands to complete.', '1000')
+    .addOption(opts.host);
+function db_output(state, message) {
+    switch (state) {
+        case 'start':
+            process.stdout.write(message + '... ');
+            break;
+        case 'log':
+        case 'warn':
+            process.stdout.write(chalk.yellow(message));
+            break;
+        case 'error':
+            process.stdout.write(chalk.red(message));
+            break;
+        case 'done':
+            console.log('done.');
+            break;
     }
-    console.warn(chalk.yellow('already exists. Use --skip to skip or --force to re-create.'));
-    process.exit(2);
 }
 axiumDB
     .command('init')
     .description('initialize the database')
-    .addOption(opts.host)
-    .addOption(opts.timeout)
     .addOption(opts.force)
-    .addOption(opts.verbose)
     .option('-s, --skip', 'Skip existing database and/or user')
     .action(async (opt) => {
-    const env_1 = { stack: [], error: void 0, hasError: false };
-    try {
-        opt.verbose && opt.force && console.log(chalk.yellow('--force: Protections disabled.'));
-        const config = _db.normalizeConfig(opt);
-        config.password ??= process.env.PGPASSWORD || randomBytes(32).toString('base64').replaceAll('=', '').replaceAll('/', '_').replaceAll('+', '-');
-        await runSQL(opt, 'CREATE DATABASE axium', 'Creating database')
-            .catch(async (error) => {
-            if (error != 'database "axium" already exists')
-                exit(error);
-            if (shouldRecreate(opt))
-                return;
-            await runSQL(opt, 'DROP DATABASE axium', 'Dropping database');
-            await runSQL(opt, 'CREATE DATABASE axium', 'Re-creating database');
-        })
-            .catch(exit);
-        const createQuery = `CREATE USER axium WITH ENCRYPTED PASSWORD '${config.password}' LOGIN`;
-        await runSQL(opt, createQuery, 'Creating user')
-            .catch(async (error) => {
-            if (error != 'role "axium" already exists')
-                exit(error);
-            if (shouldRecreate(opt))
-                return;
-            await runSQL(opt, 'REVOKE ALL PRIVILEGES ON SCHEMA public FROM axium', 'Revoking schema privileges');
-            await runSQL(opt, 'DROP USER axium', 'Dropping user');
-            await runSQL(opt, createQuery, 'Re-creating user');
-        })
-            .catch(exit);
-        await runSQL(opt, 'GRANT ALL PRIVILEGES ON DATABASE axium TO axium', 'Granting database privileges').catch(exit);
-        await runSQL(opt, 'GRANT ALL PRIVILEGES ON SCHEMA public TO axium', 'Granting schema privileges').catch(exit);
-        await runSQL(opt, 'ALTER DATABASE axium OWNER TO axium', 'Setting database owner').catch(exit);
-        await runSQL(opt, 'SELECT pg_reload_conf()', 'Reloading configuration').catch(exit);
-        const db = __addDisposableResource(env_1, _db.connect(config), true);
-        const relationExists = (table) => (error) => (error == `relation "${table}" already exists` ? console.warn(chalk.yellow('already exists.')) : exit(error));
-        const created = chalk.green('created.');
-        await report(db.schema
-            .createTable('User')
-            .addColumn('id', 'uuid', col => col.primaryKey().defaultTo(sql `gen_random_uuid()`))
-            .addColumn('name', 'text')
-            .addColumn('email', 'text', col => col.unique().notNull())
-            .addColumn('emailVerified', 'timestamptz')
-            .addColumn('image', 'text')
-            .execute(), 'Creating table User', created).catch(relationExists('User'));
-        await report(db.schema
-            .createTable('Account')
-            .addColumn('id', 'uuid', col => col.primaryKey().defaultTo(sql `gen_random_uuid()`))
-            .addColumn('userId', 'uuid', col => col.references('User.id').onDelete('cascade').notNull())
-            .addColumn('type', 'text', col => col.notNull())
-            .addColumn('provider', 'text', col => col.notNull())
-            .addColumn('providerAccountId', 'text', col => col.notNull())
-            .addColumn('refresh_token', 'text')
-            .addColumn('access_token', 'text')
-            .addColumn('expires_at', 'bigint')
-            .addColumn('token_type', 'text')
-            .addColumn('scope', 'text')
-            .addColumn('id_token', 'text')
-            .addColumn('session_state', 'text')
-            .execute(), 'Creating table Account', created).catch(relationExists('Account'));
-        await report(db.schema.createIndex('Account_userId_index').on('Account').column('userId').execute(), 'Creating index for Account.userId', created).catch(relationExists('Account_userId_index'));
-        await report(db.schema
-            .createTable('Session')
-            .addColumn('id', 'uuid', col => col.primaryKey().defaultTo(sql `gen_random_uuid()`))
-            .addColumn('userId', 'uuid', col => col.references('User.id').onDelete('cascade').notNull())
-            .addColumn('sessionToken', 'text', col => col.notNull().unique())
-            .addColumn('expires', 'timestamptz', col => col.notNull())
-            .execute(), 'Creating table Session', created).catch(relationExists('Session'));
-        await report(db.schema.createIndex('Session_userId_index').on('Session').column('userId').execute(), 'Creating index for Session.userId', created).catch(relationExists('Session_userId_index'));
-        await report(db.schema
-            .createTable('VerificationToken')
-            .addColumn('identifier', 'text', col => col.notNull())
-            .addColumn('token', 'text', col => col.notNull().unique())
-            .addColumn('expires', 'timestamptz', col => col.notNull())
-            .execute(), 'Creating table VerificationToken', created).catch(relationExists('VerificationToken'));
-        await report(db.schema
-            .createTable('Authenticator')
-            .addColumn('credentialID', 'text', col => col.primaryKey().notNull())
-            .addColumn('userId', 'uuid', col => col.notNull().references('User.id').onDelete('cascade').onUpdate('cascade'))
-            .addColumn('providerAccountId', 'text', col => col.notNull())
-            .addColumn('credentialPublicKey', 'text', col => col.notNull())
-            .addColumn('counter', 'integer', col => col.notNull())
-            .addColumn('credentialDeviceType', 'text', col => col.notNull())
-            .addColumn('credentialBackedUp', 'boolean', col => col.notNull())
-            .addColumn('transports', 'text')
-            .execute(), 'Creating table Authenticator', created).catch(relationExists('Authenticator'));
-        await report(db.schema.createIndex('Authenticator_credentialID_key').on('Authenticator').column('credentialID').execute(), 'Creating index for Authenticator.credentialID', created).catch(relationExists('Authenticator_credentialID_key'));
-        console.log('Done!\nPassword: ' + config.password);
-    }
-    catch (e_1) {
-        env_1.error = e_1;
-        env_1.hasError = true;
-    }
-    finally {
-        const result_1 = __disposeResources(env_1);
-        if (result_1)
-            await result_1;
-    }
+    await db.init({ ...opt, output: db_output }).catch((e) => {
+        if (typeof e == 'number')
+            process.exit(e);
+        else
+            exit(e);
+    });
 });
 axiumDB
     .command('status')
     .alias('stats')
     .description('check the status of the database')
-    .addOption(opts.host)
-    .addOption(opts.verbose)
-    .action(async (opt) => _db
-    .statusText(opt)
+    .action(async () => db
+    .statusText()
     .then(console.log)
     .catch(() => exit('Unavailable')));
 axiumDB
     .command('drop')
     .description('drop the database')
-    .addOption(opts.host)
-    .addOption(opts.verbose)
     .addOption(opts.force)
-    .addOption(opts.timeout)
     .action(async (opt) => {
-    opt.verbose && opt.force && console.log(chalk.yellow('--force: Protections disabled.'));
-    _db.normalizeConfig(opt);
-    const stats = await _db.status(opt).catch(exit);
+    const stats = await db.status().catch(exit);
     if (!opt.force)
         for (const key of ['users', 'accounts', 'sessions']) {
             if (stats[key] == 0)
@@ -253,21 +87,78 @@ axiumDB
             console.warn(chalk.yellow(`Database has existing ${key}. Use --force if you really want to drop the database.`));
             process.exit(2);
         }
-    await runSQL(opt, 'DROP DATABASE axium', 'Dropping database').catch(exit);
-    await runSQL(opt, 'REVOKE ALL PRIVILEGES ON SCHEMA public FROM axium', 'Revoking schema privileges').catch(exit);
-    await runSQL(opt, 'DROP USER axium', 'Dropping user').catch(exit);
+    await db.remove({ ...opt, output: db_output }).catch(exit);
+});
+const axiumConfig = program
+    .command('config')
+    .alias('conf')
+    .description('manage the configuration')
+    .option('-j, --json', 'values are JSON encoded')
+    .option('-g, --global', 'apply to the global config');
+axiumConfig
+    .command('dump')
+    .description('Output the entire current configuration')
+    .action(() => {
+    const value = config.get();
+    console.log(axiumConfig.optsWithGlobals().json ? JSON.stringify(value) : value);
+});
+axiumConfig
+    .command('get')
+    .description('get a config value')
+    .argument('<key>', 'the key to get')
+    .action((key) => {
+    const value = getByString(config, key);
+    console.log(axiumConfig.optsWithGlobals().json ? JSON.stringify(value) : value);
+});
+axiumConfig
+    .command('set')
+    .description('Set a config value. Note setting objects is not supported.')
+    .argument('<key>', 'the key to set')
+    .argument('<value>', 'the value')
+    .action((key, value, opt) => {
+    const useJSON = axiumConfig.optsWithGlobals().json;
+    if (useJSON && !isJSON(value))
+        exit('Invalid JSON');
+    const obj = {};
+    setByString(obj, key, useJSON ? JSON.parse(value) : value);
+    config.save(obj, opt.global);
+});
+axiumConfig
+    .command('list')
+    .alias('ls')
+    .alias('files')
+    .description('List loaded config files')
+    .action(() => {
+    for (const path of config.files.keys())
+        console.log(path);
 });
 program
     .command('status')
     .alias('stats')
     .description('get information about the server')
-    .option('-D --db-host <host>', 'the host of the database.', 'localhost:5432')
-    .action(async (opt) => {
+    .addOption(opts.host)
+    .action(async () => {
     console.log('Axium Server v' + program.version());
+    console.log('Debug mode:', config.debug ? chalk.yellow('enabled') : 'disabled');
+    console.log('Loaded config files:', config.files.keys().toArray().join(', '));
     process.stdout.write('Database: ');
-    await _db
-        .statusText({ host: opt.dbHost })
+    await db
+        .statusText()
         .then(console.log)
         .catch(() => err('Unavailable'));
+    console.log('Enabled auth providers:', config.authProviders.filter(provider => config.auth[provider]).join(', '));
+});
+program
+    .command('init')
+    .description('Install Axium server')
+    .addOption(opts.force)
+    .addOption(opts.host)
+    .action(async (opt) => {
+    await db.init({ ...opt, skip: opt.dbSkip, output: db_output }).catch((e) => {
+        if (typeof e == 'number')
+            process.exit(e);
+        else
+            exit(e);
+    });
 });
 program.parse();

package/dist/config.d.ts

@@ -0,0 +1,237 @@
+import { type PartialRecursive } from 'utilium';
+import * as z from 'zod';
+export declare const Database: z.ZodObject<{
+    host: z.ZodString;
+    port: z.ZodNumber;
+    password: z.ZodString;
+    user: z.ZodString;
+    database: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    host: string;
+    port: number;
+    password: string;
+    user: string;
+    database: string;
+}, {
+    host: string;
+    port: number;
+    password: string;
+    user: string;
+    database: string;
+}>;
+export type Database = z.infer<typeof Database>;
+export declare const db: Database;
+export declare const Auth: z.ZodObject<{
+    credentials: z.ZodBoolean;
+    debug: z.ZodOptional<z.ZodBoolean>;
+    passkeys: z.ZodBoolean;
+    secret: z.ZodString;
+    secure_cookies: z.ZodBoolean;
+}, "strip", z.ZodTypeAny, {
+    credentials: boolean;
+    passkeys: boolean;
+    secret: string;
+    secure_cookies: boolean;
+    debug?: boolean | undefined;
+}, {
+    credentials: boolean;
+    passkeys: boolean;
+    secret: string;
+    secure_cookies: boolean;
+    debug?: boolean | undefined;
+}>;
+export type Auth = z.infer<typeof Auth>;
+export declare const auth: Auth;
+export declare const authProviders: readonly ["credentials", "passkeys"];
+export type AuthProvider = (typeof authProviders)[number];
+export declare const Config: z.ZodObject<{
+    auth: z.ZodObject<{
+        credentials: z.ZodOptional<z.ZodBoolean>;
+        debug: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+        passkeys: z.ZodOptional<z.ZodBoolean>;
+        secret: z.ZodOptional<z.ZodString>;
+        secure_cookies: z.ZodOptional<z.ZodBoolean>;
+    }, "strip", z.ZodTypeAny, {
+        credentials?: boolean | undefined;
+        debug?: boolean | undefined;
+        passkeys?: boolean | undefined;
+        secret?: string | undefined;
+        secure_cookies?: boolean | undefined;
+    }, {
+        credentials?: boolean | undefined;
+        debug?: boolean | undefined;
+        passkeys?: boolean | undefined;
+        secret?: string | undefined;
+        secure_cookies?: boolean | undefined;
+    }>;
+    debug: z.ZodBoolean;
+    db: z.ZodObject<{
+        host: z.ZodOptional<z.ZodString>;
+        port: z.ZodOptional<z.ZodNumber>;
+        password: z.ZodOptional<z.ZodString>;
+        user: z.ZodOptional<z.ZodString>;
+        database: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        host?: string | undefined;
+        port?: number | undefined;
+        password?: string | undefined;
+        user?: string | undefined;
+        database?: string | undefined;
+    }, {
+        host?: string | undefined;
+        port?: number | undefined;
+        password?: string | undefined;
+        user?: string | undefined;
+        database?: string | undefined;
+    }>;
+}, "strip", z.ZodTypeAny, {
+    debug: boolean;
+    auth: {
+        credentials?: boolean | undefined;
+        debug?: boolean | undefined;
+        passkeys?: boolean | undefined;
+        secret?: string | undefined;
+        secure_cookies?: boolean | undefined;
+    };
+    db: {
+        host?: string | undefined;
+        port?: number | undefined;
+        password?: string | undefined;
+        user?: string | undefined;
+        database?: string | undefined;
+    };
+}, {
+    debug: boolean;
+    auth: {
+        credentials?: boolean | undefined;
+        debug?: boolean | undefined;
+        passkeys?: boolean | undefined;
+        secret?: string | undefined;
+        secure_cookies?: boolean | undefined;
+    };
+    db: {
+        host?: string | undefined;
+        port?: number | undefined;
+        password?: string | undefined;
+        user?: string | undefined;
+        database?: string | undefined;
+    };
+}>;
+export declare const File: z.ZodObject<z.objectUtil.extendShape<{
+    auth: z.ZodOptional<z.ZodObject<{
+        credentials: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+        debug: z.ZodOptional<z.ZodOptional<z.ZodOptional<z.ZodBoolean>>>;
+        passkeys: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+        secret: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+        secure_cookies: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
+    }, "strip", z.ZodTypeAny, {
+        credentials?: boolean | undefined;
+        debug?: boolean | undefined;
+        passkeys?: boolean | undefined;
+        secret?: string | undefined;
+        secure_cookies?: boolean | undefined;
+    }, {
+        credentials?: boolean | undefined;
+        debug?: boolean | undefined;
+        passkeys?: boolean | undefined;
+        secret?: string | undefined;
+        secure_cookies?: boolean | undefined;
+    }>>;
+    debug: z.ZodOptional<z.ZodBoolean>;
+    db: z.ZodOptional<z.ZodObject<{
+        host: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+        port: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
+        password: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+        user: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+        database: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    }, "strip", z.ZodTypeAny, {
+        host?: string | undefined;
+        port?: number | undefined;
+        password?: string | undefined;
+        user?: string | undefined;
+        database?: string | undefined;
+    }, {
+        host?: string | undefined;
+        port?: number | undefined;
+        password?: string | undefined;
+        user?: string | undefined;
+        database?: string | undefined;
+    }>>;
+}, {
+    include: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+}>, "strip", z.ZodTypeAny, {
+    debug?: boolean | undefined;
+    auth?: {
+        credentials?: boolean | undefined;
+        debug?: boolean | undefined;
+        passkeys?: boolean | undefined;
+        secret?: string | undefined;
+        secure_cookies?: boolean | undefined;
+    } | undefined;
+    db?: {
+        host?: string | undefined;
+        port?: number | undefined;
+        password?: string | undefined;
+        user?: string | undefined;
+        database?: string | undefined;
+    } | undefined;
+    include?: string[] | undefined;
+}, {
+    debug?: boolean | undefined;
+    auth?: {
+        credentials?: boolean | undefined;
+        debug?: boolean | undefined;
+        passkeys?: boolean | undefined;
+        secret?: string | undefined;
+        secure_cookies?: boolean | undefined;
+    } | undefined;
+    db?: {
+        host?: string | undefined;
+        port?: number | undefined;
+        password?: string | undefined;
+        user?: string | undefined;
+        database?: string | undefined;
+    } | undefined;
+    include?: string[] | undefined;
+}>;
+export type File = z.infer<typeof File>;
+export interface Config extends z.infer<typeof Config> {
+}
+export declare let debug: boolean;
+export declare function get(): Config;
+/**
+ * Update the current config
+ */
+export declare function set(config: PartialRecursive<Config>): void;
+export declare const files: Map<string, PartialRecursive<Config>>;
+export interface LoadOptions {
+    /**
+     * If enabled, the config file will be not be loaded if it does not match the schema.
+     */
+    strict?: boolean;
+    /**
+     * If enabled, the config file will be skipped if it does not exist.
+     */
+    optional?: boolean;
+    /**
+     * If `optional`, this function will be called with the error if the config file is invalid or can't be read.
+     */
+    onError?(error: Error): void;
+}
+/**
+ * Load the config from the provided path
+ */
+export declare function load(path: string, options?: LoadOptions): void;
+export declare function loadDefaults(): void;
+/**
+ * Update the current config and write the updated config to the appropriate file
+ */
+export declare function save(changed: PartialRecursive<Config>, global?: boolean): void;
+/**
+ * Update the current config and write the updated config to the provided path
+ */
+export declare function saveTo(path: string, changed: PartialRecursive<Config>): void;
+/**
+ * Find the path to the config file
+ */
+export declare function findPath(global: boolean): string;

package/dist/config.js

@@ -0,0 +1,110 @@
+/* eslint-disable @typescript-eslint/no-unsafe-assignment */
+import chalk from 'chalk';
+import { readFileSync, writeFileSync } from 'node:fs';
+import { dirname, join } from 'node:path/posix';
+import { assignWithDefaults } from 'utilium';
+import * as z from 'zod';
+import { findDir } from './io.js';
+export const Database = z.object({
+    host: z.string(),
+    port: z.number(),
+    password: z.string(),
+    user: z.string(),
+    database: z.string(),
+});
+export const db = {
+    host: process.env.PGHOST || 'localhost',
+    port: process.env.PGPORT && Number.isSafeInteger(parseInt(process.env.PGPORT)) ? parseInt(process.env.PGPORT) : 5432,
+    password: process.env.PGPASSWORD || '',
+    user: process.env.PGUSER || 'axium',
+    database: process.env.PGDATABASE || 'axium',
+};
+export const Auth = z.object({
+    credentials: z.boolean(),
+    debug: z.boolean().optional(),
+    passkeys: z.boolean(),
+    secret: z.string(),
+    secure_cookies: z.boolean(),
+});
+export const auth = {
+    credentials: true,
+    passkeys: true,
+    secret: '',
+    secure_cookies: false,
+};
+export const authProviders = ['credentials', 'passkeys'];
+export const Config = z.object({
+    auth: Auth.partial(),
+    debug: z.boolean(),
+    db: Database.partial(),
+});
+export const File = Config.deepPartial().extend({
+    include: z.array(z.string()).optional(),
+});
+export let debug = false;
+export function get() {
+    return {
+        auth,
+        db,
+        debug,
+    };
+}
+/**
+ * Update the current config
+ */
+export function set(config) {
+    assignWithDefaults(auth, config.auth ?? {});
+    debug = config.debug ?? debug;
+    assignWithDefaults(db, config.db ?? {});
+}
+export const files = new Map();
+/**
+ * Load the config from the provided path
+ */
+export function load(path, options = {}) {
+    let json;
+    try {
+        json = JSON.parse(readFileSync(path, 'utf8'));
+    }
+    catch (e) {
+        if (!options.optional)
+            throw e;
+        debug && console.debug(chalk.gray(`Skipping config at ${path} (${e.message})`));
+        return;
+    }
+    const config = options.strict ? File.parse(json) : json;
+    files.set(path, config);
+    set(config);
+    for (const include of config.include ?? [])
+        load(join(dirname(path), include), { optional: true });
+}
+export function loadDefaults() {
+    load(findPath(true), { optional: true });
+    load(findPath(false), { optional: true });
+}
+/**
+ * Update the current config and write the updated config to the appropriate file
+ */
+export function save(changed, global = false) {
+    saveTo(process.env.AXIUM_CONFIG ?? findPath(global), changed);
+}
+/**
+ * Update the current config and write the updated config to the provided path
+ */
+export function saveTo(path, changed) {
+    set(changed);
+    const config = files.get(path) ?? {};
+    Object.assign(config, { ...changed, db: { ...config.db, ...changed.db } });
+    debug && console.debug(chalk.gray(`Wrote config to ${path}`));
+    writeFileSync(path, JSON.stringify(config));
+}
+/**
+ * Find the path to the config file
+ */
+export function findPath(global) {
+    if (process.env.AXIUM_CONFIG)
+        return process.env.AXIUM_CONFIG;
+    return join(findDir(global), 'config.json');
+}
+if (process.env.AXIUM_CONFIG)
+    load(process.env.AXIUM_CONFIG);

package/dist/database.d.ts

@@ -0,0 +1,76 @@
+import type { AdapterAccountType as db } from '@auth/core/adapters';
+import { Kysely, type GeneratedAlways } from 'kysely';
+import * as config from './config.js';
+export interface Schema {
+    User: {
+        id: GeneratedAlways<string>;
+        name: string | null;
+        email: string;
+        emailVerified: Date | null;
+        image: string | null;
+        password: string | null;
+        salt: string | null;
+    };
+    Account: {
+        id: GeneratedAlways<string>;
+        userId: string;
+        type: db;
+        provider: string;
+        providerAccountId: string;
+        refresh_token?: string;
+        access_token?: string;
+        expires_at?: number;
+        token_type?: Lowercase<string>;
+        scope?: string;
+        id_token?: string;
+        session_state: string | null;
+    };
+    Session: {
+        id: GeneratedAlways<string>;
+        userId: string;
+        sessionToken: string;
+        expires: Date;
+    };
+    VerificationToken: {
+        identifier: string;
+        token: string;
+        expires: Date;
+    };
+    Authenticator: {
+        credentialID: string;
+        userId: string;
+        providerAccountId: string;
+        credentialPublicKey: string;
+        counter: number;
+        credentialDeviceType: string;
+        credentialBackedUp: boolean;
+        transports: string | null;
+    };
+}
+export declare let database: Kysely<Schema> & AsyncDisposable;
+export declare function connect(): Kysely<Schema> & AsyncDisposable;
+export interface Stats {
+    users: number;
+    accounts: number;
+    sessions: number;
+}
+export declare function status(): Promise<Stats>;
+export declare function statusText(): Promise<string>;
+export type OpOutputState = 'done' | 'log' | 'warn' | 'error' | 'start';
+export type OpOutput = {
+    (state: 'done'): void;
+    (state: Exclude<OpOutputState, 'done'>, message: string): void;
+};
+export interface OpOptions {
+    timeout: number;
+    force: boolean;
+    output?: OpOutput;
+}
+export interface InitOptions extends OpOptions {
+    skip: boolean;
+}
+export declare function init(opt: InitOptions): Promise<config.Database>;
+/**
+ * Completely remove Axium from the database.
+ */
+export declare function remove(opt: OpOptions): Promise<void>;

package/dist/database.js

@@ -51,31 +51,17 @@ var __disposeResources = (this && this.__disposeResources) || (function (Suppres
     return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
 });
 import { Kysely, PostgresDialect, sql } from 'kysely';
+import { exec } from 'node:child_process';
+import { randomBytes } from 'node:crypto';
 import pg from 'pg';
-export function normalizeConfig(config) {
-    config.host ??= 'localhost';
-    if (!config.port) {
-        const [hostname, port] = config.host.split(':');
-        config.port = port ? parseInt(port) : 5432;
-        config.host = hostname;
-    }
-    if (config.host.includes(':'))
-        config.host = config.host.split(':')[0];
-    return config;
-}
+import * as config from './config.js';
+import { verbose } from './io.js';
 export let database;
-export function connect(config) {
+export function connect() {
     if (database)
         return database;
-    normalizeConfig(config);
     const _db = new Kysely({
-        dialect: new PostgresDialect({
-            pool: new pg.Pool({
-                ...config,
-                user: 'axium',
-                database: 'axium',
-            }),
-        }),
+        dialect: new PostgresDialect({ pool: new pg.Pool(config.db) }),
     });
     database = Object.assign(_db, {
         async [Symbol.asyncDispose]() {
@@ -84,11 +70,10 @@ export function connect(config) {
     });
     return database;
 }
-export async function status(config) {
+export async function status() {
     const env_1 = { stack: [], error: void 0, hasError: false };
     try {
-        normalizeConfig(config);
-        const db = __addDisposableResource(env_1, connect(config), true);
+        const db = __addDisposableResource(env_1, connect(), true);
         return {
             users: (await db.selectFrom('User').select(db.fn.countAll().as('count')).executeTakeFirstOrThrow()).count,
             accounts: (await db.selectFrom('Account').select(db.fn.countAll().as('count')).executeTakeFirstOrThrow()).count,
@@ -105,12 +90,186 @@ export async function status(config) {
             await result_1;
     }
 }
-export async function statusText(config) {
+export async function statusText() {
     try {
-        const stats = await status(config);
+        const stats = await status();
         return `${stats.users} users, ${stats.accounts} accounts, ${stats.sessions} sessions`;
     }
     catch (error) {
         throw typeof error == 'object' && 'message' in error ? error.message : error;
     }
 }
+/**
+ * TS can't tell when we do this inline
+ */
+function _fixOutput(opt) {
+    opt.output ??= () => { };
+}
+/**
+ * Convenience function for `sudo -u postgres psql -c "${command}"`, plus `report` coolness.
+ * @internal
+ */
+async function execSQL(opts, command, message) {
+    let stderr;
+    try {
+        opts.output('start', message);
+        const { promise, resolve, reject } = Promise.withResolvers();
+        exec(`sudo -u postgres psql -c "${command}"`, opts, (err, _, _stderr) => {
+            stderr = _stderr.startsWith('ERROR:') ? _stderr.slice(6).trim() : _stderr;
+            if (err)
+                reject('[command]');
+            else
+                resolve();
+        });
+        await promise;
+        opts.output('done');
+    }
+    catch (error) {
+        throw error == '[command]' ? stderr?.slice(0, 100) || 'failed.' : typeof error == 'object' && 'message' in error ? error.message : error;
+    }
+}
+function shouldRecreate(opt) {
+    if (opt.skip) {
+        opt.output('warn', 'already exists. (skipped)\n');
+        return true;
+    }
+    if (opt.force) {
+        opt.output('warn', 'already exists. (re-creating)\n');
+        return false;
+    }
+    opt.output('warn', 'already exists. Use --skip to skip or --force to re-create.\n');
+    throw 2;
+}
+export async function init(opt) {
+    const env_2 = { stack: [], error: void 0, hasError: false };
+    try {
+        _fixOutput(opt);
+        if (!config.db.password) {
+            config.save({ db: { password: randomBytes(32).toString('base64') } }, true);
+            verbose('Generated password and wrote to global config');
+        }
+        const _sql = (command, message) => execSQL(opt, command, message);
+        await _sql('CREATE DATABASE axium', 'Creating database').catch(async (error) => {
+            if (error != 'database "axium" already exists')
+                throw error;
+            if (shouldRecreate(opt))
+                return;
+            await _sql('DROP DATABASE axium', 'Dropping database');
+            await _sql('CREATE DATABASE axium', 'Re-creating database');
+        });
+        const createQuery = `CREATE USER axium WITH ENCRYPTED PASSWORD '${config.db.password}' LOGIN`;
+        await _sql(createQuery, 'Creating user').catch(async (error) => {
+            if (error != 'role "axium" already exists')
+                throw error;
+            if (shouldRecreate(opt))
+                return;
+            await _sql('REVOKE ALL PRIVILEGES ON SCHEMA public FROM axium', 'Revoking schema privileges');
+            await _sql('DROP USER axium', 'Dropping user');
+            await _sql(createQuery, 'Re-creating user');
+        });
+        await _sql('GRANT ALL PRIVILEGES ON DATABASE axium TO axium', 'Granting database privileges');
+        await _sql('GRANT ALL PRIVILEGES ON SCHEMA public TO axium', 'Granting schema privileges');
+        await _sql('ALTER DATABASE axium OWNER TO axium', 'Setting database owner');
+        await _sql('SELECT pg_reload_conf()', 'Reloading configuration');
+        const db = __addDisposableResource(env_2, connect(), true);
+        const relationExists = (table) => (error) => {
+            error = typeof error == 'object' && 'message' in error ? error.message : error;
+            if (error == `relation "${table}" already exists`)
+                opt.output('warn', 'already exists.');
+            else
+                throw error;
+        };
+        opt.output('start', 'Creating table User');
+        await db.schema
+            .createTable('User')
+            .addColumn('id', 'uuid', col => col.primaryKey().defaultTo(sql `gen_random_uuid()`))
+            .addColumn('name', 'text')
+            .addColumn('email', 'text', col => col.unique().notNull())
+            .addColumn('emailVerified', 'timestamptz')
+            .addColumn('image', 'text')
+            .addColumn('password', 'text')
+            .addColumn('salt', 'text')
+            .execute()
+            .catch(relationExists('User'));
+        opt.output('done');
+        opt.output('start', 'Creating table Account');
+        await db.schema
+            .createTable('Account')
+            .addColumn('id', 'uuid', col => col.primaryKey().defaultTo(sql `gen_random_uuid()`))
+            .addColumn('userId', 'uuid', col => col.references('User.id').onDelete('cascade').notNull())
+            .addColumn('type', 'text', col => col.notNull())
+            .addColumn('provider', 'text', col => col.notNull())
+            .addColumn('providerAccountId', 'text', col => col.notNull())
+            .addColumn('refresh_token', 'text')
+            .addColumn('access_token', 'text')
+            .addColumn('expires_at', 'bigint')
+            .addColumn('token_type', 'text')
+            .addColumn('scope', 'text')
+            .addColumn('id_token', 'text')
+            .addColumn('session_state', 'text')
+            .execute()
+            .catch(relationExists('Account'));
+        opt.output('done');
+        opt.output('start', 'Creating index for Account.userId');
+        db.schema.createIndex('Account_userId_index').on('Account').column('userId').execute().catch(relationExists('Account_userId_index'));
+        opt.output('done');
+        opt.output('start', 'Creating table Session');
+        await db.schema
+            .createTable('Session')
+            .addColumn('id', 'uuid', col => col.primaryKey().defaultTo(sql `gen_random_uuid()`))
+            .addColumn('userId', 'uuid', col => col.references('User.id').onDelete('cascade').notNull())
+            .addColumn('sessionToken', 'text', col => col.notNull().unique())
+            .addColumn('expires', 'timestamptz', col => col.notNull())
+            .execute()
+            .catch(relationExists('Session'));
+        opt.output('done');
+        opt.output('start', 'Creating index for Session.userId');
+        db.schema.createIndex('Session_userId_index').on('Session').column('userId').execute().catch(relationExists('Session_userId_index'));
+        opt.output('done');
+        opt.output('start', 'Creating table VerificationToken');
+        await db.schema
+            .createTable('VerificationToken')
+            .addColumn('identifier', 'text', col => col.notNull())
+            .addColumn('token', 'text', col => col.notNull().unique())
+            .addColumn('expires', 'timestamptz', col => col.notNull())
+            .execute()
+            .catch(relationExists('VerificationToken'));
+        opt.output('done');
+        opt.output('start', 'Creating table Authenticator');
+        await db.schema
+            .createTable('Authenticator')
+            .addColumn('credentialID', 'text', col => col.primaryKey().notNull())
+            .addColumn('userId', 'uuid', col => col.notNull().references('User.id').onDelete('cascade').onUpdate('cascade'))
+            .addColumn('providerAccountId', 'text', col => col.notNull())
+            .addColumn('credentialPublicKey', 'text', col => col.notNull())
+            .addColumn('counter', 'integer', col => col.notNull())
+            .addColumn('credentialDeviceType', 'text', col => col.notNull())
+            .addColumn('credentialBackedUp', 'boolean', col => col.notNull())
+            .addColumn('transports', 'text')
+            .execute()
+            .catch(relationExists('Authenticator'));
+        opt.output('done');
+        opt.output('start', 'Creating index for Authenticator.credentialID');
+        db.schema.createIndex('Authenticator_credentialID_key').on('Authenticator').column('credentialID').execute().catch(relationExists('Authenticator_credentialID_key'));
+        opt.output('done');
+        return config.db;
+    }
+    catch (e_2) {
+        env_2.error = e_2;
+        env_2.hasError = true;
+    }
+    finally {
+        const result_2 = __disposeResources(env_2);
+        if (result_2)
+            await result_2;
+    }
+}
+/**
+ * Completely remove Axium from the database.
+ */
+export async function remove(opt) {
+    _fixOutput(opt);
+    await execSQL(opt, 'DROP DATABASE axium', 'Dropping database');
+    await execSQL(opt, 'REVOKE ALL PRIVILEGES ON SCHEMA public FROM axium', 'Revoking schema privileges');
+    await execSQL(opt, 'DROP USER axium', 'Dropping user');
+}

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+export * as auth from './auth.js';
+export * as db from './database.js';
+export * as config from './config.js';

package/dist/index.js

@@ -1 +1,3 @@
+export * as auth from './auth.js';
 export * as db from './database.js';
+export * as config from './config.js';

package/dist/io.d.ts

@@ -0,0 +1,15 @@
+/** Convenience function for `example... [Done. / error]` */
+export declare function report<T>(promise: Promise<T>, message: string, success?: string): Promise<T>;
+export declare function err(message: string | Error): void;
+/** Yet another convenience function */
+export declare function exit(message: string | Error, code?: number): never;
+export declare function verbose(...message: any[]): void;
+/**
+ * Find the Axium directory.
+ * This directory includes things like config files, secrets, etc.
+ */
+export declare function findDir(global: boolean): string;
+/**
+ *
+ */
+export declare function checkDir(path: string): void;

package/dist/io.js

@@ -0,0 +1,55 @@
+import chalk from 'chalk';
+import { existsSync, mkdirSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { join } from 'node:path/posix';
+import { debug } from './config.js';
+/** Convenience function for `example... [Done. / error]` */
+export async function report(promise, message, success = 'done.') {
+    process.stdout.write(message + '... ');
+    try {
+        const result = await promise;
+        console.log(success);
+        return result;
+    }
+    catch (error) {
+        throw typeof error == 'object' && 'message' in error ? error.message : error;
+    }
+}
+export function err(message) {
+    if (message instanceof Error)
+        message = message.message;
+    console.error(message.startsWith('\x1b') ? message : chalk.red(message));
+}
+/** Yet another convenience function */
+export function exit(message, code = 1) {
+    err(message);
+    process.exit(code);
+}
+export function verbose(...message) {
+    if (!debug)
+        return;
+    console.debug(chalk.gray(message));
+}
+/**
+ * Find the Axium directory.
+ * This directory includes things like config files, secrets, etc.
+ */
+export function findDir(global) {
+    if (process.env.AXIUM_DIR)
+        return process.env.AXIUM_DIR;
+    if (process.getuid?.() === 0)
+        return '/etc/axium';
+    if (global)
+        return join(homedir(), '.axium');
+    return '.axium';
+}
+/**
+ *
+ */
+export function checkDir(path) {
+    if (existsSync(path))
+        return;
+    mkdirSync(path, { recursive: true });
+}
+if (process.getuid?.() === 0)
+    checkDir('/etc/axium');

package/package.json

@@ -1,7 +1,6 @@
 {
 	"name": "@axium/server",
-	"version": "0.0.1",
-	"main": "dist/index.js",
+	"version": "0.0.2",
 	"author": "James Prevett <axium@jamespre.dev> (https://jamespre.dev)",
 	"funding": {
 		"type": "individual",
@@ -15,23 +14,38 @@
 	"bugs": {
 		"url": "https://github.com/james-pre/axium/issues"
 	},
-	"types": "dist/index.d.ts",
 	"type": "module",
+	"main": "dist/index.js",
+	"types": "dist/index.d.ts",
 	"files": [
 		"dist"
 	],
 	"bin": {
-		"axium": "./dist/cli.js"
+		"axium": "dist/cli.js"
 	},
 	"scripts": {
 		"build": "tsc"
 	},
+	"peerDependencies": {
+		"@axium/core": ">=0.0.1"
+	},
 	"dependencies": {
+		"@auth/core": "^0.38.0",
+		"@auth/kysely-adapter": "^1.8.0",
 		"@types/pg": "^8.11.11",
+		"bcryptjs": "^3.0.2",
 		"chalk": "^5.4.1",
 		"commander": "^13.1.0",
 		"kysely": "^0.27.5",
 		"pg": "^8.14.1",
-		"@auth/kysely-adapter": "^1.8.0"
+		"utilium": "^2.2.3"
+	},
+	"devDependencies": {
+		"@auth/sveltekit": "^1.8.0",
+		"@sveltejs/adapter-node": "^5.2.12",
+		"@sveltejs/kit": "^2.20.2",
+		"@vitejs/plugin-basic-ssl": "^2.0.0",
+		"svelte": "^5.25.3",
+		"vite-plugin-mkcert": "^1.17.8"
 	}
 }