@camstack/core 0.1.20 → 0.1.22

package/dist/builtins/local-auth/local-auth.addon.mjs

@@ -6161,7 +6161,6 @@ var noopLogger = {
 };
 var AuthManager = class {
 	jwtSecret;
-	scopedTokenManager = null;
 	logger;
 	constructor(config, logger = noopLogger) {
 		this.config = config;
@@ -6215,27 +6214,6 @@ var AuthManager = class {
 		const expiresIn = opts.expiresIn ?? "24h";
 		return import_jsonwebtoken.sign(payload, this.jwtSecret, { expiresIn });
 	}
-	/**
-	* Set the scoped token manager for the auth chain.
-	*/
-	setScopedTokenManager(manager) {
-		this.scopedTokenManager = manager;
-	}
-	/**
-	* Validate a scoped token string.
-	* Returns the token record if valid, null otherwise.
-	*/
-	async validateScopedToken(rawToken) {
-		if (!this.scopedTokenManager) return null;
-		return this.scopedTokenManager.validate(rawToken);
-	}
-	/**
-	* Check whether a scoped token grants access to a given addon/route/capability.
-	*/
-	matchesScopedTokenScope(token, addonId, routePath, capability) {
-		if (!this.scopedTokenManager) return false;
-		return this.scopedTokenManager.matchesScope(token, addonId, routePath, capability);
-	}
 };
 //#endregion
 //#region src/auth/parse-record.ts
@@ -6540,6 +6518,39 @@ var ScopedTokenManager = class {
 			}
 		});
 	}
+	/**
+	* One-shot migration: drop tokens whose owner can't be resolved.
+	*
+	* Two ways a token can end up orphan:
+	*   • Pre-fix tokens minted via the CLI were owned by the literal
+	*     string `"system"` (provider hardcode, fixed 2026-05-11).
+	*   • A user gets deleted but their tokens were not cascade-revoked.
+	*
+	* Either way the UI's `listScopedTokens({ userId: u.id })` never
+	* returns them, so the operator can't revoke through the normal flow.
+	* We sweep both classes by passing the live user-id set in.
+	*
+	* Idempotent: if no orphans exist the method is a no-op.
+	* Returns the number of tokens removed.
+	*/
+	async cleanupOrphans(validUserIds) {
+		const all = await this.store.query.query({
+			collection: TOKENS_COLLECTION,
+			filter: {}
+		});
+		let removed = 0;
+		for (const entry of all) {
+			const record = parseToken(entry.data);
+			if (record.userId === "system" || !validUserIds.has(record.userId)) {
+				await this.store.delete.mutate({
+					collection: TOKENS_COLLECTION,
+					key: record.id
+				});
+				removed++;
+			}
+		}
+		return removed;
+	}
 };
 //#endregion
 //#region src/builtins/local-auth/auth-schema.ts
@@ -6757,6 +6768,10 @@ var LocalAuthAddon = class extends BaseAddon {
 			this.scopedTokenManager = new ScopedTokenManager(store);
 			try {
 				await this.userManager.ensureAdminExists();
+				const liveUsers = await this.userManager.listAll();
+				const liveIds = new Set(liveUsers.map((u) => u.id));
+				const removed = await this.scopedTokenManager.cleanupOrphans(liveIds);
+				if (removed > 0) this.ctx.logger.warn(`cleaned up ${removed} orphan scoped-token(s) on boot`);
 			} catch (err) {
 				const detail = err instanceof Error ? err.message : String(err);
 				throw new Error(`local-auth bootstrap failed: ensureAdminExists threw before \`user-management\` could be registered. Most likely a \`users\` collection schema mismatch in the settings-store. Underlying: ${detail}`, { cause: err });
@@ -6843,7 +6858,7 @@ var LocalAuthAddon = class extends BaseAddon {
 			},
 			createScopedToken: async (input) => {
 				if (!this.scopedTokenManager) throw new Error("Scoped token management not available");
-				const { token, record } = await this.scopedTokenManager.create("system", input.name, input.scopes, input.expiresAt);
+				const { token, record } = await this.scopedTokenManager.create(input.userId, input.name, input.scopes, input.expiresAt);
 				return {
 					token,
 					record