@axium/server 0.24.0 → 0.25.0

package/build/server/manifest.js

@@ -10,15 +10,23 @@ return {
 	assets: new Set(["icons/brands.svg","icons/light.svg","icons/regular.svg","icons/solid.svg","styles.css","theme.css"]),
 	mimeTypes: {".svg":"image/svg+xml",".css":"text/css"},
 	_: {
-		client: {start:"_app/immutable/entry/start.CM7y0WAo.js",app:"_app/immutable/entry/app.DJWgFLyv.js",imports:["_app/immutable/entry/start.CM7y0WAo.js","_app/immutable/chunks/NhZR8nmR.js","_app/immutable/chunks/D4Bce_hb.js","_app/immutable/chunks/D9TfJrfD.js","_app/immutable/chunks/Dy1O3iBu.js","_app/immutable/chunks/D3hk2v8y.js","_app/immutable/entry/app.DJWgFLyv.js","_app/immutable/chunks/D9TfJrfD.js","_app/immutable/chunks/Dy1O3iBu.js","_app/immutable/chunks/DsnmJJEf.js","_app/immutable/chunks/D4Bce_hb.js","_app/immutable/chunks/D3hk2v8y.js","_app/immutable/chunks/pba7IodQ.js"],stylesheets:[],fonts:[],uses_env_dynamic_public:false},
+		client: {start:"_app/immutable/entry/start.Dos_Ttds.js",app:"_app/immutable/entry/app.CPF6A_DV.js",imports:["_app/immutable/entry/start.Dos_Ttds.js","_app/immutable/chunks/KNAS5R2A.js","_app/immutable/chunks/CFWAHLsq.js","_app/immutable/chunks/Dnk28BpG.js","_app/immutable/chunks/Bbzjahjl.js","_app/immutable/chunks/D1v6O410.js","_app/immutable/entry/app.CPF6A_DV.js","_app/immutable/chunks/Dnk28BpG.js","_app/immutable/chunks/Bbzjahjl.js","_app/immutable/chunks/DsnmJJEf.js","_app/immutable/chunks/CFWAHLsq.js","_app/immutable/chunks/D1v6O410.js","_app/immutable/chunks/1taVrT-y.js","_app/immutable/chunks/DfUzlYF5.js","_app/immutable/chunks/CTKC36WM.js"],stylesheets:[],fonts:[],uses_env_dynamic_public:false},
 		nodes: [
-			__memo(() => import('./chunks/0-DgHTujtC.js')),
-			__memo(() => import('./chunks/1-k30i-hic.js')),
-			__memo(() => import('./chunks/2-CXlrhpR6.js')),
-			__memo(() => import('./chunks/3-CGT4Ugys.js')),
-			__memo(() => import('./chunks/4-BscEiwUk.js')),
-			__memo(() => import('./chunks/5-H0ePIJBE.js')),
-			__memo(() => import('./chunks/6-BrPpcagX.js'))
+			__memo(() => import('./chunks/0-CZBaNtSI.js')),
+			__memo(() => import('./chunks/1-D_3BtEbe.js')),
+			__memo(() => import('./chunks/2-_1jFrcvz.js')),
+			__memo(() => import('./chunks/3-B1CwnVF_.js')),
+			__memo(() => import('./chunks/4-CcxCcH4F.js')),
+			__memo(() => import('./chunks/5-CrlH6VoB.js')),
+			__memo(() => import('./chunks/6-FkP678Uz.js')),
+			__memo(() => import('./chunks/7-B1iCe7VA.js')),
+			__memo(() => import('./chunks/8-p6n9G-P_.js')),
+			__memo(() => import('./chunks/9-fc3lKB7X.js')),
+			__memo(() => import('./chunks/10-CLkNMKHU.js')),
+			__memo(() => import('./chunks/11-5xPYR_1w.js')),
+			__memo(() => import('./chunks/12-N7UaQj7u.js')),
+			__memo(() => import('./chunks/13-QYVLpXli.js')),
+			__memo(() => import('./chunks/14-CPY578rT.js'))
 		],
 		remotes: {
 			
@@ -28,35 +36,84 @@ return {
 				id: "/_axium/default",
 				pattern: /^\/_axium\/default\/?$/,
 				params: [],
-				page: { layouts: [0,], errors: [1,], leaf: 2 },
+				page: { layouts: [0,], errors: [1,], leaf: 3 },
 				endpoint: null
 			},
 			{
 				id: "/account",
 				pattern: /^\/account\/?$/,
 				params: [],
-				page: { layouts: [0,], errors: [1,], leaf: 3 },
+				page: { layouts: [0,], errors: [1,], leaf: 4 },
+				endpoint: null
+			},
+			{
+				id: "/admin",
+				pattern: /^\/admin\/?$/,
+				params: [],
+				page: { layouts: [0,2,], errors: [1,,], leaf: 5 },
+				endpoint: null
+			},
+			{
+				id: "/admin/audit",
+				pattern: /^\/admin\/audit\/?$/,
+				params: [],
+				page: { layouts: [0,2,], errors: [1,,], leaf: 6 },
+				endpoint: null
+			},
+			{
+				id: "/admin/audit/[id]",
+				pattern: /^\/admin\/audit\/([^/]+?)\/?$/,
+				params: [{"name":"id","optional":false,"rest":false,"chained":false}],
+				page: { layouts: [0,2,], errors: [1,,], leaf: 7 },
+				endpoint: null
+			},
+			{
+				id: "/admin/config",
+				pattern: /^\/admin\/config\/?$/,
+				params: [],
+				page: { layouts: [0,2,], errors: [1,,], leaf: 8 },
+				endpoint: null
+			},
+			{
+				id: "/admin/plugins",
+				pattern: /^\/admin\/plugins\/?$/,
+				params: [],
+				page: { layouts: [0,2,], errors: [1,,], leaf: 9 },
+				endpoint: null
+			},
+			{
+				id: "/admin/users",
+				pattern: /^\/admin\/users\/?$/,
+				params: [],
+				page: { layouts: [0,2,], errors: [1,,], leaf: 10 },
+				endpoint: null
+			},
+			{
+				id: "/admin/users/[id]",
+				pattern: /^\/admin\/users\/([^/]+?)\/?$/,
+				params: [{"name":"id","optional":false,"rest":false,"chained":false}],
+				page: { layouts: [0,2,], errors: [1,,], leaf: 11 },
 				endpoint: null
 			},
 			{
 				id: "/login",
 				pattern: /^\/login\/?$/,
 				params: [],
-				page: { layouts: [0,], errors: [1,], leaf: 4 },
+				page: { layouts: [0,], errors: [1,], leaf: 12 },
 				endpoint: null
 			},
 			{
 				id: "/logout",
 				pattern: /^\/logout\/?$/,
 				params: [],
-				page: { layouts: [0,], errors: [1,], leaf: 5 },
+				page: { layouts: [0,], errors: [1,], leaf: 13 },
 				endpoint: null
 			},
 			{
 				id: "/register",
 				pattern: /^\/register\/?$/,
 				params: [],
-				page: { layouts: [0,], errors: [1,], leaf: 6 },
+				page: { layouts: [0,], errors: [1,], leaf: 14 },
 				endpoint: null
 			}
 		],

package/build/server/manifest.js.map

@@ -1 +1 @@
-{"version":3,"file":"manifest.js","sources":["../../.svelte-kit/adapter-node/manifest.js"],"sourcesContent":["export const manifest = (() => {\nfunction __memo(fn) {\n\tlet value;\n\treturn () => value ??= (value = fn());\n}\n\nreturn {\n\tappDir: \"_app\",\n\tappPath: \"_app\",\n\tassets: new Set([\"icons/brands.svg\",\"icons/light.svg\",\"icons/regular.svg\",\"icons/solid.svg\",\"styles.css\",\"theme.css\"]),\n\tmimeTypes: {\".svg\":\"image/svg+xml\",\".css\":\"text/css\"},\n\t_: {\n\t\tclient: {start:\"_app/immutable/entry/start.CM7y0WAo.js\",app:\"_app/immutable/entry/app.DJWgFLyv.js\",imports:[\"_app/immutable/entry/start.CM7y0WAo.js\",\"_app/immutable/chunks/NhZR8nmR.js\",\"_app/immutable/chunks/D4Bce_hb.js\",\"_app/immutable/chunks/D9TfJrfD.js\",\"_app/immutable/chunks/Dy1O3iBu.js\",\"_app/immutable/chunks/D3hk2v8y.js\",\"_app/immutable/entry/app.DJWgFLyv.js\",\"_app/immutable/chunks/D9TfJrfD.js\",\"_app/immutable/chunks/Dy1O3iBu.js\",\"_app/immutable/chunks/DsnmJJEf.js\",\"_app/immutable/chunks/D4Bce_hb.js\",\"_app/immutable/chunks/D3hk2v8y.js\",\"_app/immutable/chunks/pba7IodQ.js\"],stylesheets:[],fonts:[],uses_env_dynamic_public:false},\n\t\tnodes: [\n\t\t\t__memo(() => import('./nodes/0.js')),\n\t\t\t__memo(() => import('./nodes/1.js')),\n\t\t\t__memo(() => import('./nodes/2.js')),\n\t\t\t__memo(() => import('./nodes/3.js')),\n\t\t\t__memo(() => import('./nodes/4.js')),\n\t\t\t__memo(() => import('./nodes/5.js')),\n\t\t\t__memo(() => import('./nodes/6.js'))\n\t\t],\n\t\tremotes: {\n\t\t\t\n\t\t},\n\t\troutes: [\n\t\t\t{\n\t\t\t\tid: \"/_axium/default\",\n\t\t\t\tpattern: /^\\/_axium\\/default\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,], errors: [1,], leaf: 2 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/account\",\n\t\t\t\tpattern: /^\\/account\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,], errors: [1,], leaf: 3 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/login\",\n\t\t\t\tpattern: /^\\/login\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,], errors: [1,], leaf: 4 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/logout\",\n\t\t\t\tpattern: /^\\/logout\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,], errors: [1,], leaf: 5 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/register\",\n\t\t\t\tpattern: /^\\/register\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,], errors: [1,], leaf: 6 },\n\t\t\t\tendpoint: null\n\t\t\t}\n\t\t],\n\t\tprerendered_routes: new Set([]),\n\t\tmatchers: async () => {\n\t\t\t\n\t\t\treturn {  };\n\t\t},\n\t\tserver_assets: {}\n\t}\n}\n})();\n\nexport const prerendered = new Set([]);\n\nexport const base = \"\";"],"names":[],"mappings":"AAAY,MAAC,QAAQ,GAAG,CAAC,MAAM;AAC/B,SAAS,MAAM,CAAC,EAAE,EAAE;AACpB,CAAC,IAAI,KAAK;AACV,CAAC,OAAO,MAAM,KAAK,MAAM,KAAK,GAAG,EAAE,EAAE,CAAC;AACtC;;AAEA,OAAO;AACP,CAAC,MAAM,EAAE,MAAM;AACf,CAAC,OAAO,EAAE,MAAM;AAChB,CAAC,MAAM,EAAE,IAAI,GAAG,CAAC,CAAC,kBAAkB,CAAC,iBAAiB,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;AACvH,CAAC,SAAS,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC;AACtD,CAAC,CAAC,EAAE;AACJ,EAAE,MAAM,EAAE,CAAC,KAAK,CAAC,wCAAwC,CAAC,GAAG,CAAC,sCAAsC,CAAC,OAAO,CAAC,CAAC,wCAAwC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,sCAAsC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,uBAAuB,CAAC,KAAK,CAAC;AACjoB,EAAE,KAAK,EAAE;AACT,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC;AACtC,GAAG;AACH,EAAE,OAAO,EAAE;AACX;AACA,GAAG;AACH,EAAE,MAAM,EAAE;AACV,GAAG;AACH,IAAI,EAAE,EAAE,iBAAiB;AACzB,IAAI,OAAO,EAAE,wBAAwB;AACrC,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE;AAClD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,UAAU;AAClB,IAAI,OAAO,EAAE,gBAAgB;AAC7B,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE;AAClD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,QAAQ;AAChB,IAAI,OAAO,EAAE,cAAc;AAC3B,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE;AAClD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,SAAS;AACjB,IAAI,OAAO,EAAE,eAAe;AAC5B,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE;AAClD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,WAAW;AACnB,IAAI,OAAO,EAAE,iBAAiB;AAC9B,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE;AAClD,IAAI,QAAQ,EAAE;AACd;AACA,GAAG;AACH,EAAE,kBAAkB,EAAE,IAAI,GAAG,CAAC,EAAE,CAAC;AACjC,EAAE,QAAQ,EAAE,YAAY;AACxB;AACA,GAAG,OAAO,IAAI;AACd,EAAE,CAAC;AACH,EAAE,aAAa,EAAE;AACjB;AACA;AACA,CAAC;;AAEW,MAAC,WAAW,GAAG,IAAI,GAAG,CAAC,EAAE;;AAEzB,MAAC,IAAI,GAAG;;;;"}
+{"version":3,"file":"manifest.js","sources":["../../.svelte-kit/adapter-node/manifest.js"],"sourcesContent":["export const manifest = (() => {\nfunction __memo(fn) {\n\tlet value;\n\treturn () => value ??= (value = fn());\n}\n\nreturn {\n\tappDir: \"_app\",\n\tappPath: \"_app\",\n\tassets: new Set([\"icons/brands.svg\",\"icons/light.svg\",\"icons/regular.svg\",\"icons/solid.svg\",\"styles.css\",\"theme.css\"]),\n\tmimeTypes: {\".svg\":\"image/svg+xml\",\".css\":\"text/css\"},\n\t_: {\n\t\tclient: {start:\"_app/immutable/entry/start.Dos_Ttds.js\",app:\"_app/immutable/entry/app.CPF6A_DV.js\",imports:[\"_app/immutable/entry/start.Dos_Ttds.js\",\"_app/immutable/chunks/KNAS5R2A.js\",\"_app/immutable/chunks/CFWAHLsq.js\",\"_app/immutable/chunks/Dnk28BpG.js\",\"_app/immutable/chunks/Bbzjahjl.js\",\"_app/immutable/chunks/D1v6O410.js\",\"_app/immutable/entry/app.CPF6A_DV.js\",\"_app/immutable/chunks/Dnk28BpG.js\",\"_app/immutable/chunks/Bbzjahjl.js\",\"_app/immutable/chunks/DsnmJJEf.js\",\"_app/immutable/chunks/CFWAHLsq.js\",\"_app/immutable/chunks/D1v6O410.js\",\"_app/immutable/chunks/1taVrT-y.js\",\"_app/immutable/chunks/DfUzlYF5.js\",\"_app/immutable/chunks/CTKC36WM.js\"],stylesheets:[],fonts:[],uses_env_dynamic_public:false},\n\t\tnodes: [\n\t\t\t__memo(() => import('./nodes/0.js')),\n\t\t\t__memo(() => import('./nodes/1.js')),\n\t\t\t__memo(() => import('./nodes/2.js')),\n\t\t\t__memo(() => import('./nodes/3.js')),\n\t\t\t__memo(() => import('./nodes/4.js')),\n\t\t\t__memo(() => import('./nodes/5.js')),\n\t\t\t__memo(() => import('./nodes/6.js')),\n\t\t\t__memo(() => import('./nodes/7.js')),\n\t\t\t__memo(() => import('./nodes/8.js')),\n\t\t\t__memo(() => import('./nodes/9.js')),\n\t\t\t__memo(() => import('./nodes/10.js')),\n\t\t\t__memo(() => import('./nodes/11.js')),\n\t\t\t__memo(() => import('./nodes/12.js')),\n\t\t\t__memo(() => import('./nodes/13.js')),\n\t\t\t__memo(() => import('./nodes/14.js'))\n\t\t],\n\t\tremotes: {\n\t\t\t\n\t\t},\n\t\troutes: [\n\t\t\t{\n\t\t\t\tid: \"/_axium/default\",\n\t\t\t\tpattern: /^\\/_axium\\/default\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,], errors: [1,], leaf: 3 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/account\",\n\t\t\t\tpattern: /^\\/account\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,], errors: [1,], leaf: 4 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/admin\",\n\t\t\t\tpattern: /^\\/admin\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,2,], errors: [1,,], leaf: 5 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/admin/audit\",\n\t\t\t\tpattern: /^\\/admin\\/audit\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,2,], errors: [1,,], leaf: 6 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/admin/audit/[id]\",\n\t\t\t\tpattern: /^\\/admin\\/audit\\/([^/]+?)\\/?$/,\n\t\t\t\tparams: [{\"name\":\"id\",\"optional\":false,\"rest\":false,\"chained\":false}],\n\t\t\t\tpage: { layouts: [0,2,], errors: [1,,], leaf: 7 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/admin/config\",\n\t\t\t\tpattern: /^\\/admin\\/config\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,2,], errors: [1,,], leaf: 8 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/admin/plugins\",\n\t\t\t\tpattern: /^\\/admin\\/plugins\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,2,], errors: [1,,], leaf: 9 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/admin/users\",\n\t\t\t\tpattern: /^\\/admin\\/users\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,2,], errors: [1,,], leaf: 10 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/admin/users/[id]\",\n\t\t\t\tpattern: /^\\/admin\\/users\\/([^/]+?)\\/?$/,\n\t\t\t\tparams: [{\"name\":\"id\",\"optional\":false,\"rest\":false,\"chained\":false}],\n\t\t\t\tpage: { layouts: [0,2,], errors: [1,,], leaf: 11 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/login\",\n\t\t\t\tpattern: /^\\/login\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,], errors: [1,], leaf: 12 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/logout\",\n\t\t\t\tpattern: /^\\/logout\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,], errors: [1,], leaf: 13 },\n\t\t\t\tendpoint: null\n\t\t\t},\n\t\t\t{\n\t\t\t\tid: \"/register\",\n\t\t\t\tpattern: /^\\/register\\/?$/,\n\t\t\t\tparams: [],\n\t\t\t\tpage: { layouts: [0,], errors: [1,], leaf: 14 },\n\t\t\t\tendpoint: null\n\t\t\t}\n\t\t],\n\t\tprerendered_routes: new Set([]),\n\t\tmatchers: async () => {\n\t\t\t\n\t\t\treturn {  };\n\t\t},\n\t\tserver_assets: {}\n\t}\n}\n})();\n\nexport const prerendered = new Set([]);\n\nexport const base = \"\";"],"names":[],"mappings":"AAAY,MAAC,QAAQ,GAAG,CAAC,MAAM;AAC/B,SAAS,MAAM,CAAC,EAAE,EAAE;AACpB,CAAC,IAAI,KAAK;AACV,CAAC,OAAO,MAAM,KAAK,MAAM,KAAK,GAAG,EAAE,EAAE,CAAC;AACtC;;AAEA,OAAO;AACP,CAAC,MAAM,EAAE,MAAM;AACf,CAAC,OAAO,EAAE,MAAM;AAChB,CAAC,MAAM,EAAE,IAAI,GAAG,CAAC,CAAC,kBAAkB,CAAC,iBAAiB,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;AACvH,CAAC,SAAS,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC;AACtD,CAAC,CAAC,EAAE;AACJ,EAAE,MAAM,EAAE,CAAC,KAAK,CAAC,wCAAwC,CAAC,GAAG,CAAC,sCAAsC,CAAC,OAAO,CAAC,CAAC,wCAAwC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,sCAAsC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,mCAAmC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,uBAAuB,CAAC,KAAK,CAAC;AACzsB,EAAE,KAAK,EAAE;AACT,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,wBAAc,CAAC,CAAC;AACvC,GAAG,MAAM,CAAC,MAAM,OAAO,yBAAe,CAAC,CAAC;AACxC,GAAG,MAAM,CAAC,MAAM,OAAO,yBAAe,CAAC,CAAC;AACxC,GAAG,MAAM,CAAC,MAAM,OAAO,yBAAe,CAAC,CAAC;AACxC,GAAG,MAAM,CAAC,MAAM,OAAO,yBAAe,CAAC,CAAC;AACxC,GAAG,MAAM,CAAC,MAAM,OAAO,yBAAe,CAAC;AACvC,GAAG;AACH,EAAE,OAAO,EAAE;AACX;AACA,GAAG;AACH,EAAE,MAAM,EAAE;AACV,GAAG;AACH,IAAI,EAAE,EAAE,iBAAiB;AACzB,IAAI,OAAO,EAAE,wBAAwB;AACrC,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE;AAClD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,UAAU;AAClB,IAAI,OAAO,EAAE,gBAAgB;AAC7B,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE;AAClD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,QAAQ;AAChB,IAAI,OAAO,EAAE,cAAc;AAC3B,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE;AACrD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,cAAc;AACtB,IAAI,OAAO,EAAE,qBAAqB;AAClC,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE;AACrD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,mBAAmB;AAC3B,IAAI,OAAO,EAAE,+BAA+B;AAC5C,IAAI,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;AACzE,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE;AACrD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,eAAe;AACvB,IAAI,OAAO,EAAE,sBAAsB;AACnC,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE;AACrD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,gBAAgB;AACxB,IAAI,OAAO,EAAE,uBAAuB;AACpC,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE;AACrD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,cAAc;AACtB,IAAI,OAAO,EAAE,qBAAqB;AAClC,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE;AACtD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,mBAAmB;AAC3B,IAAI,OAAO,EAAE,+BAA+B;AAC5C,IAAI,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;AACzE,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE;AACtD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,QAAQ;AAChB,IAAI,OAAO,EAAE,cAAc;AAC3B,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;AACnD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,SAAS;AACjB,IAAI,OAAO,EAAE,eAAe;AAC5B,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;AACnD,IAAI,QAAQ,EAAE;AACd,IAAI;AACJ,GAAG;AACH,IAAI,EAAE,EAAE,WAAW;AACnB,IAAI,OAAO,EAAE,iBAAiB;AAC9B,IAAI,MAAM,EAAE,EAAE;AACd,IAAI,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;AACnD,IAAI,QAAQ,EAAE;AACd;AACA,GAAG;AACH,EAAE,kBAAkB,EAAE,IAAI,GAAG,CAAC,EAAE,CAAC;AACjC,EAAE,QAAQ,EAAE,YAAY;AACxB;AACA,GAAG,OAAO,IAAI;AACd,EAAE,CAAC;AACH,EAAE,aAAa,EAAE;AACjB;AACA;AACA,CAAC;;AAEW,MAAC,WAAW,GAAG,IAAI,GAAG,CAAC,EAAE;;AAEzB,MAAC,IAAI,GAAG;;;;"}

package/dist/acl.d.ts

@@ -1,6 +1,5 @@
-import type { AccessControl, Permission } from '@axium/core';
+import type { AccessControl, Permission, UserInternal } from '@axium/core';
 import type { AliasedRawBuilder, Expression, ExpressionBuilder, Selectable } from 'kysely';
-import type { UserInternal } from './auth.js';
 import * as db from './database.js';
 export interface Target {
     userId: string;

package/dist/api/acl.js

@@ -8,10 +8,10 @@ addRoute({
         itemType: z.string(),
         itemId: z.uuid(),
     },
-    async PUT(event) {
-        const type = event.params.itemType;
-        const itemId = event.params.itemId;
-        const data = await parseBody(event, z.object({
+    async PUT(request, params) {
+        const type = params.itemType;
+        const itemId = params.itemId;
+        const data = await parseBody(request, z.object({
             userId: z.uuid(),
             permission: z.number().int().min(0).max(5),
         }));

package/dist/api/admin.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/api/admin.js

@@ -0,0 +1,135 @@
+import { AuditFilter, Severity } from '@axium/core';
+import { jsonArrayFrom, jsonObjectFrom } from 'kysely/helpers/postgres';
+import { omit } from 'utilium';
+import * as z from 'zod';
+import { audit, getEvents } from '../audit.js';
+import { getSessionAndUser } from '../auth.js';
+import { config } from '../config.js';
+import { count, database as db } from '../database.js';
+import { error, getToken, withError } from '../requests.js';
+import { addRoute } from '../routes.js';
+import { plugins } from '../plugins.js';
+import pkg from '../../package.json' with { type: 'json' };
+async function assertAdmin(route, req) {
+    const token = getToken(req);
+    if (!token)
+        error(401, 'Missing token');
+    const admin = await getSessionAndUser(token).catch(withError('Invalid session', 400));
+    if (!admin.user.isAdmin)
+        error(403, 'Not an administrator');
+    if (!config.admin_api)
+        error(503, 'Admin API is disabled');
+    await audit('admin_api', admin.userId, { route: route.path, session: admin.id });
+    return admin.user;
+}
+addRoute({
+    path: '/api/admin/summary',
+    async GET(req) {
+        await assertAdmin(this, req);
+        const groups = Object.groupBy(await getEvents({}).execute(), e => e.severity);
+        const auditEvents = Object.fromEntries(Object.entries(groups).map(([sev, events]) => [sev, events.length]));
+        return {
+            ...(await count('users', 'passkeys', 'sessions')),
+            auditEvents,
+            configFiles: config.files.size,
+            plugins: plugins.size,
+            version: pkg.version,
+        };
+    },
+});
+addRoute({
+    path: '/api/admin/plugins',
+    async GET(req) {
+        await assertAdmin(this, req);
+        return Array.from(plugins.values()).map(p => omit(p, '_hooks'));
+    },
+});
+addRoute({
+    path: '/api/admin/users/all',
+    async GET(req) {
+        await assertAdmin(this, req);
+        const users = await db.selectFrom('users').selectAll().execute();
+        return users;
+    },
+});
+addRoute({
+    path: '/api/admin/users/:userId',
+    params: { userId: z.uuid() },
+    async GET(req, params) {
+        await assertAdmin(this, req);
+        if (!params.userId)
+            error(400, 'Missing user ID');
+        const user = await db
+            .selectFrom('users')
+            .selectAll()
+            .select(eb => jsonArrayFrom(eb.selectFrom('sessions').whereRef('sessions.userId', '=', 'users.id').selectAll())
+            .$castTo()
+            .as('sessions'))
+            .where('id', '=', params.userId)
+            .executeTakeFirstOrThrow()
+            .catch(withError('User not found', 404));
+        return {
+            ...user,
+            sessions: user.sessions.map(s => ({
+                ...omit(s, 'token'),
+                created: new Date(s.created),
+                expires: new Date(s.expires),
+            })),
+        };
+    },
+});
+/**
+ * Redacts critical information that we don't want to send over the API, even to admins.
+ */
+function _redactConfig(config) {
+    if (config.db?.password) {
+        config.db.password = '*'.repeat(config.db.password.length);
+    }
+    return config;
+}
+addRoute({
+    path: '/api/admin/config',
+    async GET(req) {
+        await assertAdmin(this, req);
+        return {
+            config: _redactConfig(config.plain()),
+            files: Object.fromEntries(config.files.entries().map(([path, cfg]) => [path, _redactConfig(cfg)])),
+        };
+    },
+});
+addRoute({
+    path: '/api/admin/audit/events',
+    async GET(req) {
+        await assertAdmin(this, req);
+        const filter = { severity: Severity.Info };
+        try {
+            const search = Object.fromEntries(new URL(req.url).searchParams);
+            Object.assign(filter, AuditFilter.parse(search));
+        }
+        catch (e) {
+            error(400, e instanceof z.core.$ZodError ? z.prettifyError(e) : 'invalid body');
+        }
+        return await getEvents(filter)
+            .select(eb => jsonObjectFrom(eb.selectFrom('users').whereRef('users.id', '=', 'audit_log.userId').select(['id', 'name'])).as('user'))
+            .execute();
+    },
+});
+addRoute({
+    path: '/api/admin/audit/:eventId',
+    params: { eventId: z.uuid() },
+    async GET(req, params) {
+        await assertAdmin(this, req);
+        if (!params.eventId)
+            error(400, 'Missing event ID');
+        const event = await db
+            .selectFrom('audit_log')
+            .selectAll()
+            .select(eb => jsonObjectFrom(eb.selectFrom('users').whereRef('users.id', '=', 'audit_log.userId').selectAll())
+            .$castTo()
+            .as('user'))
+            .where('id', '=', params.eventId)
+            .executeTakeFirstOrThrow()
+            .catch(withError('Audit event not found', 404));
+        return event;
+    },
+});

package/dist/api/index.d.ts

@@ -1,3 +1,5 @@
+import './acl.js';
+import './admin.js';
 import './metadata.js';
 import './passkeys.js';
 import './register.js';

package/dist/api/index.js

@@ -1,3 +1,5 @@
+import './acl.js';
+import './admin.js';
 import './metadata.js';
 import './passkeys.js';
 import './register.js';

package/dist/api/metadata.js

@@ -8,9 +8,9 @@ import { error, getToken } from '../requests.js';
 import { addRoute, routes } from '../routes.js';
 addRoute({
     path: '/api/metadata',
-    async GET(event) {
+    async GET(request) {
         if (!config.debug) {
-            const token = getToken(event);
+            const token = getToken(request);
             if (!token)
                 error(401, 'Missing session token');
             const session = await getSessionAndUser(token);
@@ -39,7 +39,7 @@ addRoute({
 });
 addRoute({
     path: '/api/apps',
-    async GET(event) {
+    async GET() {
         const result = [];
         for (const app of apps.values()) {
             if (config.apps.disabled.includes(app.id))

package/dist/api/passkeys.js

@@ -10,15 +10,15 @@ addRoute({
     params: {
         id: z.string(),
     },
-    async GET(event) {
-        const passkey = await getPasskey(event.params.id);
-        await checkAuthForUser(event, passkey.userId);
+    async GET(request, params) {
+        const passkey = await getPasskey(params.id);
+        await checkAuthForUser(request, passkey.userId);
         return omit(passkey, 'counter', 'publicKey');
     },
-    async PATCH(event) {
-        const body = await parseBody(event, PasskeyChangeable);
-        const passkey = await getPasskey(event.params.id);
-        await checkAuthForUser(event, passkey.userId);
+    async PATCH(request, params) {
+        const body = await parseBody(request, PasskeyChangeable);
+        const passkey = await getPasskey(params.id);
+        await checkAuthForUser(request, passkey.userId);
         const result = await db
             .updateTable('passkeys')
             .set(body)
@@ -28,9 +28,9 @@ addRoute({
             .catch(withError('Could not update passkey'));
         return omit(result, 'counter', 'publicKey');
     },
-    async DELETE(event) {
-        const passkey = await getPasskey(event.params.id);
-        await checkAuthForUser(event, passkey.userId);
+    async DELETE(request, params) {
+        const passkey = await getPasskey(params.id);
+        await checkAuthForUser(request, passkey.userId);
         const { count } = await db
             .selectFrom('passkeys')
             .select(db.fn.countAll().as('count'))

package/dist/api/register.js

@@ -10,10 +10,10 @@ import { createSessionData, error, parseBody, withError } from '../requests.js';
 import { addRoute } from '../routes.js';
 // Map of user ID => challenge
 const registrations = new Map();
-async function OPTIONS(event) {
+async function OPTIONS(request) {
     if (!config.allow_new_users)
         error(409, 'New user registration is disabled');
-    const { name, email } = await parseBody(event, z.object({ name: z.string().optional(), email: z.email().optional() }));
+    const { name, email } = await parseBody(request, z.object({ name: z.string().optional(), email: z.email().optional() }));
     const userId = randomUUID();
     const user = await getUser(userId).catch(() => null);
     if (user)
@@ -34,10 +34,10 @@ async function OPTIONS(event) {
     registrations.set(userId, options.challenge);
     return { userId, options };
 }
-async function POST(event) {
+async function POST(request) {
     if (!config.allow_new_users)
         error(409, 'New user registration is disabled');
-    const { userId, email, name, response } = await parseBody(event, UserRegistration);
+    const { userId, email, name, response } = await parseBody(request, UserRegistration);
     const existing = await db.selectFrom('users').selectAll().where('email', '=', email.toLowerCase()).executeTakeFirst();
     if (existing)
         error(409, 'Email already in use');

package/dist/api/session.js

@@ -1,13 +1,13 @@
 import { omit } from 'utilium';
+import { audit } from '../audit.js';
 import { getSessionAndUser } from '../auth.js';
 import { database as db } from '../database.js';
 import { error, getToken, stripUser, withError } from '../requests.js';
 import { addRoute } from '../routes.js';
-import { audit } from '../audit.js';
 addRoute({
     path: '/api/session',
-    async GET(event) {
-        const token = getToken(event);
+    async GET(request) {
+        const token = getToken(request);
         if (!token)
             error(401, 'Missing token');
         const result = await getSessionAndUser(token).catch(withError('Invalid session', 400));
@@ -16,8 +16,8 @@ addRoute({
             user: stripUser(result.user, true),
         };
     },
-    async DELETE(event) {
-        const token = getToken(event);
+    async DELETE(request) {
+        const token = getToken(request);
         if (!token)
             error(401, 'Missing token');
         const result = await db

package/dist/api/users.js

@@ -18,8 +18,8 @@ const params = { id: z.uuid() };
  */
 addRoute({
     path: '/api/user_id',
-    async POST(event) {
-        const { value } = await parseBody(event, z.object({ using: z.literal('email'), value: z.email() }));
+    async POST(request) {
+        const { value } = await parseBody(request, z.object({ using: z.literal('email'), value: z.email() }));
         const { id } = await db
             .selectFrom('users')
             .select('id')
@@ -32,16 +32,16 @@ addRoute({
 addRoute({
     path: '/api/users/:id',
     params,
-    async GET(event) {
-        const userId = event.params.id;
-        const auth = await checkAuthForUser(event, userId).catch(() => null);
+    async GET(request, params) {
+        const userId = params.id;
+        const auth = await checkAuthForUser(request, userId).catch(() => null);
         const user = auth?.user || (await getUser(userId).catch(withError('User does not exist', 404)));
         return stripUser(user, !!auth);
     },
-    async PATCH(event) {
-        const userId = event.params.id;
-        const body = await parseBody(event, UserChangeable);
-        await checkAuthForUser(event, userId);
+    async PATCH(request, params) {
+        const userId = params.id;
+        const body = await parseBody(request, UserChangeable);
+        await checkAuthForUser(request, userId);
         if ('email' in body)
             body.emailVerified = null;
         if ('preferences' in body)
@@ -55,9 +55,9 @@ addRoute({
             .catch(withError('Failed to update user'));
         return stripUser(result, true);
     },
-    async DELETE(event) {
-        const userId = event.params.id;
-        await checkAuthForUser(event, userId, true);
+    async DELETE(request, params) {
+        const userId = params.id;
+        await checkAuthForUser(request, userId, true);
         const result = await db
             .deleteFrom('users')
             .where('id', '=', userId)
@@ -71,9 +71,9 @@ addRoute({
 addRoute({
     path: '/api/users/:id/full',
     params,
-    async GET(event) {
-        const userId = event.params.id;
-        const { user } = await checkAuthForUser(event, userId);
+    async GET(request, params) {
+        const userId = params.id;
+        const { user } = await checkAuthForUser(request, userId);
         const sessions = await getSessions(userId);
         return {
             ...stripUser(user, true),
@@ -84,9 +84,9 @@ addRoute({
 addRoute({
     path: '/api/users/:id/auth',
     params,
-    async OPTIONS(event) {
-        const userId = event.params.id;
-        const { type } = await parseBody(event, UserAuthOptions);
+    async OPTIONS(request, params) {
+        const userId = params.id;
+        const { type } = await parseBody(request, UserAuthOptions);
         const user = await getUser(userId).catch(withError('User does not exist', 404));
         if (user.isSuspended)
             error(403, 'User is suspended');
@@ -100,9 +100,9 @@ addRoute({
         challenges.set(userId, { data: options.challenge, type });
         return options;
     },
-    async POST(event) {
-        const userId = event.params.id;
-        const response = await parseBody(event, PasskeyAuthenticationResponse);
+    async POST(request, params) {
+        const userId = params.id;
+        const response = await parseBody(request, PasskeyAuthenticationResponse);
         const auth = challenges.get(userId);
         if (!auth)
             error(404, 'No challenge');
@@ -140,10 +140,10 @@ addRoute({
     /**
      * Get passkey registration options for a user.
      */
-    async OPTIONS(event) {
-        const userId = event.params.id;
+    async OPTIONS(request, params) {
+        const userId = params.id;
         const existing = await getPasskeysByUserId(userId);
-        const { user } = await checkAuthForUser(event, userId);
+        const { user } = await checkAuthForUser(request, userId);
         const options = await webauthn.generateRegistrationOptions({
             rpName: config.auth.rp_name,
             rpID: config.auth.rp_id,
@@ -163,19 +163,19 @@ addRoute({
     /**
      * Get passkeys for a user.
      */
-    async GET(event) {
-        const userId = event.params.id;
-        await checkAuthForUser(event, userId);
+    async GET(request, params) {
+        const userId = params.id;
+        await checkAuthForUser(request, userId);
         const passkeys = await getPasskeysByUserId(userId);
         return passkeys.map(p => omit(p, 'publicKey', 'counter'));
     },
     /**
      * Register a new passkey for an existing user.
      */
-    async PUT(event) {
-        const userId = event.params.id;
-        const response = await parseBody(event, PasskeyRegistration);
-        await checkAuthForUser(event, userId);
+    async PUT(request, params) {
+        const userId = params.id;
+        const response = await parseBody(request, PasskeyRegistration);
+        await checkAuthForUser(request, userId);
         const expectedChallenge = registrations.get(userId);
         if (!expectedChallenge)
             error(404, 'No registration challenge found for this user');
@@ -202,15 +202,15 @@ addRoute({
 addRoute({
     path: '/api/users/:id/sessions',
     params,
-    async GET(event) {
-        const userId = event.params.id;
-        await checkAuthForUser(event, userId);
+    async GET(request, params) {
+        const userId = params.id;
+        await checkAuthForUser(request, userId);
         return (await getSessions(userId).catch(e => error(503, 'Failed to get sessions' + (config.debug ? ': ' + e : '')))).map(s => omit(s, 'token'));
     },
-    async DELETE(event) {
-        const userId = event.params.id;
-        const body = await parseBody(event, LogoutSessions);
-        await checkAuthForUser(event, userId, body.confirm_all);
+    async DELETE(request, params) {
+        const userId = params.id;
+        const body = await parseBody(request, LogoutSessions);
+        await checkAuthForUser(request, userId, body.confirm_all);
         if (!body.confirm_all && !Array.isArray(body.id))
             error(400, 'Invalid request body');
         const query = body.confirm_all ? db.deleteFrom('sessions') : db.deleteFrom('sessions').where('sessions.id', 'in', body.id);
@@ -226,27 +226,27 @@ addRoute({
 addRoute({
     path: '/api/users/:id/verify_email',
     params,
-    async OPTIONS(event) {
-        const userId = event.params.id;
+    async OPTIONS(request, params) {
+        const userId = params.id;
         if (!config.auth.email_verification)
             return { enabled: false };
-        await checkAuthForUser(event, userId);
+        await checkAuthForUser(request, userId);
         if (!config.auth.email_verification)
             return { enabled: false };
         return { enabled: true };
     },
-    async GET(event) {
-        const userId = event.params.id;
-        const { user } = await checkAuthForUser(event, userId);
+    async GET(request, params) {
+        const userId = params.id;
+        const { user } = await checkAuthForUser(request, userId);
         if (user.emailVerified)
             error(409, 'Email already verified');
         const verification = await createVerification('verify_email', userId, config.auth.verification_timeout * 60);
         return omit(verification, 'token', 'role');
     },
-    async POST(event) {
-        const userId = event.params.id;
-        const { token } = await parseBody(event, z.object({ token: z.string() }));
-        const { user } = await checkAuthForUser(event, userId);
+    async POST(request, params) {
+        const userId = params.id;
+        const { token } = await parseBody(request, z.object({ token: z.string() }));
+        const { user } = await checkAuthForUser(request, userId);
         if (user.emailVerified)
             error(409, 'Email already verified');
         await useVerification('verify_email', userId, token).catch(withError('Invalid or expired verification token', 400));