@chaaskit/server 0.1.0

package/dist/api/auth.js

@@ -0,0 +1,399 @@
+import { Router } from 'express';
+import bcrypt from 'bcryptjs';
+import crypto from 'crypto';
+import { v4 as uuidv4 } from 'uuid';
+import { db } from '@chaaskit/db';
+import { HTTP_STATUS } from '@chaaskit/shared';
+import { AppError } from '../middleware/errorHandler.js';
+import { generateToken, requireAuth } from '../middleware/auth.js';
+import { getConfig } from '../config/loader.js';
+import { z } from 'zod';
+import { isEmailEnabled, sendEmail, generateVerificationEmailHtml, generateVerificationEmailText, } from '../services/email/index.js';
+export const authRouter = Router();
+// Helper function to generate a 6-digit numeric verification code
+function generateVerificationCode(length = 6) {
+    const digits = '0123456789';
+    let code = '';
+    for (let i = 0; i < length; i++) {
+        code += digits[crypto.randomInt(0, digits.length)];
+    }
+    return code;
+}
+// Helper function to check if email verification is required
+function isEmailVerificationRequired() {
+    const config = getConfig();
+    return config.auth.emailVerification?.enabled === true && isEmailEnabled();
+}
+// Helper function to create and send verification code
+async function createAndSendVerificationCode(userId, email) {
+    const config = getConfig();
+    const codeLength = config.auth.emailVerification?.codeLength ?? 6;
+    const expiresInMinutes = config.auth.emailVerification?.expiresInMinutes ?? 15;
+    // Generate plain code
+    const code = generateVerificationCode(codeLength);
+    // Hash the code for storage
+    const codeHash = await bcrypt.hash(code, 10);
+    // Calculate expiration
+    const expiresAt = new Date(Date.now() + expiresInMinutes * 60 * 1000);
+    // Invalidate existing codes for this user
+    await db.emailVerification.updateMany({
+        where: {
+            userId,
+            usedAt: null,
+        },
+        data: {
+            usedAt: new Date(), // Mark as used to invalidate
+        },
+    });
+    // Create new verification record
+    await db.emailVerification.create({
+        data: {
+            code: codeHash,
+            userId,
+            expiresAt,
+        },
+    });
+    // Send verification email
+    const html = generateVerificationEmailHtml(code, config);
+    const text = generateVerificationEmailText(code, config);
+    const result = await sendEmail({
+        to: email,
+        subject: `Your ${config.app.name} verification code: ${code}`,
+        html,
+        text,
+    });
+    if (result) {
+        console.log(`[Auth] Verification email sent to ${email} (messageId: ${result.messageId})`);
+    }
+    else {
+        // Email disabled - log the code for development
+        console.log(`[Auth] Email disabled - verification code for ${email}: ${code}`);
+    }
+}
+const registerSchema = z.object({
+    email: z.string().email(),
+    password: z.string().min(8),
+    name: z.string().optional(),
+});
+const loginSchema = z.object({
+    email: z.string().email(),
+    password: z.string(),
+});
+const magicLinkSchema = z.object({
+    email: z.string().email(),
+});
+// Register with email/password
+authRouter.post('/register', async (req, res, next) => {
+    try {
+        const config = getConfig();
+        if (!config.auth.methods.includes('email-password')) {
+            throw new AppError(HTTP_STATUS.BAD_REQUEST, 'Email/password registration is not enabled');
+        }
+        const { email, password, name } = registerSchema.parse(req.body);
+        // Check if user exists
+        const existingUser = await db.user.findUnique({
+            where: { email },
+        });
+        if (existingUser) {
+            throw new AppError(HTTP_STATUS.CONFLICT, 'Email already registered');
+        }
+        // Hash password
+        const passwordHash = await bcrypt.hash(password, 12);
+        // Determine if email verification is required
+        const requiresVerification = isEmailVerificationRequired();
+        // Create user - auto-verify if email verification is not configured
+        const user = await db.user.create({
+            data: {
+                email,
+                passwordHash,
+                name,
+                emailVerified: !requiresVerification,
+            },
+            select: {
+                id: true,
+                email: true,
+                name: true,
+                avatarUrl: true,
+                emailVerified: true,
+                plan: true,
+            },
+        });
+        const token = generateToken(user.id, user.email);
+        res.cookie('token', token, {
+            httpOnly: true,
+            secure: process.env.NODE_ENV === 'production',
+            sameSite: 'lax',
+            maxAge: 7 * 24 * 60 * 60 * 1000, // 7 days
+        });
+        // Send verification email if required
+        if (requiresVerification) {
+            await createAndSendVerificationCode(user.id, user.email);
+        }
+        res.status(HTTP_STATUS.CREATED).json({
+            user,
+            token,
+            requiresVerification,
+        });
+    }
+    catch (error) {
+        next(error);
+    }
+});
+// Login with email/password
+authRouter.post('/login', async (req, res, next) => {
+    try {
+        const config = getConfig();
+        if (!config.auth.methods.includes('email-password')) {
+            throw new AppError(HTTP_STATUS.BAD_REQUEST, 'Email/password login is not enabled');
+        }
+        const { email, password } = loginSchema.parse(req.body);
+        const user = await db.user.findUnique({
+            where: { email },
+        });
+        if (!user || !user.passwordHash) {
+            throw new AppError(HTTP_STATUS.UNAUTHORIZED, 'Invalid credentials');
+        }
+        const isValid = await bcrypt.compare(password, user.passwordHash);
+        if (!isValid) {
+            throw new AppError(HTTP_STATUS.UNAUTHORIZED, 'Invalid credentials');
+        }
+        const token = generateToken(user.id, user.email);
+        res.cookie('token', token, {
+            httpOnly: true,
+            secure: process.env.NODE_ENV === 'production',
+            sameSite: 'lax',
+            maxAge: 7 * 24 * 60 * 60 * 1000,
+        });
+        // Check if user needs to verify email
+        const requiresVerification = isEmailVerificationRequired() && !user.emailVerified;
+        res.json({
+            user: {
+                id: user.id,
+                email: user.email,
+                name: user.name,
+                avatarUrl: user.avatarUrl,
+                emailVerified: user.emailVerified,
+                plan: user.plan,
+            },
+            token,
+            requiresVerification,
+        });
+    }
+    catch (error) {
+        next(error);
+    }
+});
+// Send magic link
+authRouter.post('/magic-link', async (req, res, next) => {
+    try {
+        const config = getConfig();
+        if (!config.auth.magicLink.enabled) {
+            throw new AppError(HTTP_STATUS.BAD_REQUEST, 'Magic link is not enabled');
+        }
+        const { email } = magicLinkSchema.parse(req.body);
+        // Find or create user
+        let user = await db.user.findUnique({ where: { email } });
+        if (!user) {
+            user = await db.user.create({
+                data: { email },
+            });
+        }
+        // Create magic link token
+        const token = uuidv4();
+        const expiresAt = new Date(Date.now() + config.auth.magicLink.expiresInMinutes * 60 * 1000);
+        await db.magicLink.create({
+            data: {
+                token,
+                userId: user.id,
+                expiresAt,
+            },
+        });
+        // TODO: Send email with magic link
+        // In development, log the link
+        console.log(`Magic link for ${email}: ${process.env.APP_URL}/auth/magic-link?token=${token}`);
+        res.json({ message: 'Magic link sent' });
+    }
+    catch (error) {
+        next(error);
+    }
+});
+// Verify magic link
+authRouter.get('/magic-link/verify', async (req, res, next) => {
+    try {
+        const { token } = req.query;
+        if (!token || typeof token !== 'string') {
+            throw new AppError(HTTP_STATUS.BAD_REQUEST, 'Token is required');
+        }
+        const magicLink = await db.magicLink.findUnique({
+            where: { token },
+            include: { user: true },
+        });
+        if (!magicLink || magicLink.usedAt || magicLink.expiresAt < new Date()) {
+            throw new AppError(HTTP_STATUS.BAD_REQUEST, 'Invalid or expired token');
+        }
+        // Mark as used
+        await db.magicLink.update({
+            where: { id: magicLink.id },
+            data: { usedAt: new Date() },
+        });
+        // Update user as verified
+        await db.user.update({
+            where: { id: magicLink.userId },
+            data: { emailVerified: true },
+        });
+        const authToken = generateToken(magicLink.user.id, magicLink.user.email);
+        res.cookie('token', authToken, {
+            httpOnly: true,
+            secure: process.env.NODE_ENV === 'production',
+            sameSite: 'lax',
+            maxAge: 7 * 24 * 60 * 60 * 1000,
+        });
+        res.json({
+            user: {
+                id: magicLink.user.id,
+                email: magicLink.user.email,
+                name: magicLink.user.name,
+                avatarUrl: magicLink.user.avatarUrl,
+                plan: magicLink.user.plan,
+            },
+            token: authToken,
+        });
+    }
+    catch (error) {
+        next(error);
+    }
+});
+// Logout
+authRouter.post('/logout', (req, res) => {
+    res.clearCookie('token');
+    res.json({ message: 'Logged out' });
+});
+// Get current user
+authRouter.get('/me', requireAuth, (req, res) => {
+    res.json({ user: req.user });
+});
+// OAuth routes (Google, GitHub)
+authRouter.get('/oauth/:provider', (req, res, next) => {
+    const { provider } = req.params;
+    const config = getConfig();
+    if (!config.auth.methods.includes(provider)) {
+        return next(new AppError(HTTP_STATUS.BAD_REQUEST, `OAuth provider ${provider} is not enabled`));
+    }
+    // Redirect to OAuth provider
+    // In a full implementation, this would use passport.js
+    res.redirect(`/api/auth/${provider}/redirect`);
+});
+authRouter.get('/callback/:provider', async (req, res, next) => {
+    // Handle OAuth callback
+    // In a full implementation, this would use passport.js
+    try {
+        const { provider } = req.params;
+        // Placeholder for OAuth callback handling
+        res.redirect(`${process.env.APP_URL}?auth=success`);
+    }
+    catch (error) {
+        next(error);
+    }
+});
+// Verify email with 6-digit code
+const verifyEmailSchema = z.object({
+    code: z.string().min(4).max(8),
+});
+authRouter.post('/verify-email', requireAuth, async (req, res, next) => {
+    try {
+        const { code } = verifyEmailSchema.parse(req.body);
+        const userId = req.user.id;
+        // Check if user is already verified
+        const user = await db.user.findUnique({
+            where: { id: userId },
+            select: { emailVerified: true, email: true },
+        });
+        if (user?.emailVerified) {
+            res.json({ message: 'Email already verified', verified: true });
+            return;
+        }
+        // Find the most recent unused verification code for this user
+        const verification = await db.emailVerification.findFirst({
+            where: {
+                userId,
+                usedAt: null,
+                expiresAt: { gt: new Date() },
+            },
+            orderBy: { createdAt: 'desc' },
+        });
+        if (!verification) {
+            throw new AppError(HTTP_STATUS.BAD_REQUEST, 'No valid verification code found. Please request a new code.');
+        }
+        // Check if too many attempts
+        const MAX_ATTEMPTS = 5;
+        if (verification.attempts >= MAX_ATTEMPTS) {
+            throw new AppError(HTTP_STATUS.TOO_MANY_REQUESTS, 'Too many attempts. Please request a new code.');
+        }
+        // Increment attempt counter
+        await db.emailVerification.update({
+            where: { id: verification.id },
+            data: { attempts: { increment: 1 } },
+        });
+        // Verify the code
+        const isValid = await bcrypt.compare(code, verification.code);
+        if (!isValid) {
+            const remainingAttempts = MAX_ATTEMPTS - verification.attempts - 1;
+            throw new AppError(HTTP_STATUS.BAD_REQUEST, `Invalid verification code. ${remainingAttempts} attempts remaining.`);
+        }
+        // Mark code as used and verify user's email
+        await db.$transaction([
+            db.emailVerification.update({
+                where: { id: verification.id },
+                data: { usedAt: new Date() },
+            }),
+            db.user.update({
+                where: { id: userId },
+                data: { emailVerified: true },
+            }),
+        ]);
+        console.log(`[Auth] Email verified for user ${userId}`);
+        res.json({ message: 'Email verified successfully', verified: true });
+    }
+    catch (error) {
+        next(error);
+    }
+});
+// Resend verification email
+authRouter.post('/resend-verification', requireAuth, async (req, res, next) => {
+    try {
+        const config = getConfig();
+        const userId = req.user.id;
+        // Check if user is already verified
+        const user = await db.user.findUnique({
+            where: { id: userId },
+            select: { emailVerified: true, email: true },
+        });
+        if (user?.emailVerified) {
+            res.json({ message: 'Email already verified' });
+            return;
+        }
+        // Check rate limiting - find the most recent verification code
+        const recentCode = await db.emailVerification.findFirst({
+            where: {
+                userId,
+                usedAt: null,
+            },
+            orderBy: { createdAt: 'desc' },
+        });
+        if (recentCode) {
+            const cooldownSeconds = config.auth.emailVerification?.allowResendAfterSeconds ?? 60;
+            const cooldownTime = new Date(recentCode.createdAt.getTime() + cooldownSeconds * 1000);
+            if (new Date() < cooldownTime) {
+                const remainingSeconds = Math.ceil((cooldownTime.getTime() - Date.now()) / 1000);
+                throw new AppError(HTTP_STATUS.TOO_MANY_REQUESTS, `Please wait ${remainingSeconds} seconds before requesting a new code`);
+            }
+        }
+        // Create and send new verification code
+        await createAndSendVerificationCode(userId, user.email);
+        res.json({ message: 'Verification code sent' });
+    }
+    catch (error) {
+        next(error);
+    }
+});
+//# sourceMappingURL=auth.js.map

package/dist/api/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/api/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,MAAM,MAAM,UAAU,CAAC;AAC9B,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,EAAE,IAAI,MAAM,EAAE,MAAM,MAAM,CAAC;AACpC,OAAO,EAAE,EAAE,EAAE,MAAM,cAAc,CAAC;AAClC,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,+BAA+B,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACnE,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EACL,cAAc,EACd,SAAS,EACT,6BAA6B,EAC7B,6BAA6B,GAC9B,MAAM,4BAA4B,CAAC;AAEpC,MAAM,CAAC,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC;AAEnC,kEAAkE;AAClE,SAAS,wBAAwB,CAAC,SAAiB,CAAC;IAClD,MAAM,MAAM,GAAG,YAAY,CAAC;IAC5B,IAAI,IAAI,GAAG,EAAE,CAAC;IACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAChC,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC;IACrD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,6DAA6D;AAC7D,SAAS,2BAA2B;IAClC,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,OAAO,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,OAAO,KAAK,IAAI,IAAI,cAAc,EAAE,CAAC;AAC7E,CAAC;AAED,uDAAuD;AACvD,KAAK,UAAU,6BAA6B,CAC1C,MAAc,EACd,KAAa;IAEb,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,UAAU,IAAI,CAAC,CAAC;IAClE,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,gBAAgB,IAAI,EAAE,CAAC;IAE/E,sBAAsB;IACtB,MAAM,IAAI,GAAG,wBAAwB,CAAC,UAAU,CAAC,CAAC;IAElD,4BAA4B;IAC5B,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAE7C,uBAAuB;IACvB,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,gBAAgB,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAEtE,0CAA0C;IAC1C,MAAM,EAAE,CAAC,iBAAiB,CAAC,UAAU,CAAC;QACpC,KAAK,EAAE;YACL,MAAM;YACN,MAAM,EAAE,IAAI;SACb;QACD,IAAI,EAAE;YACJ,MAAM,EAAE,IAAI,IAAI,EAAE,EAAE,6BAA6B;SAClD;KACF,CAAC,CAAC;IAEH,iCAAiC;IACjC,MAAM,EAAE,CAAC,iBAAiB,CAAC,MAAM,CAAC;QAChC,IAAI,EAAE;YACJ,IAAI,EAAE,QAAQ;YACd,MAAM;YACN,SAAS;SACV;KACF,CAAC,CAAC;IAEH,0BAA0B;IAC1B,MAAM,IAAI,GAAG,6BAA6B,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACzD,MAAM,IAAI,GAAG,6BAA6B,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAEzD,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC;QAC7B,EAAE,EAAE,KAAK;QACT,OAAO,EAAE,QAAQ,MAAM,CAAC,GAAG,CAAC,IAAI,uBAAuB,IAAI,EAAE;QAC7D,IAAI;QACJ,IAAI;KACL,CAAC,CAAC;IAEH,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,qCAAqC,KAAK,gBAAgB,MAAM,CAAC,SAAS,GAAG,CAAC,CAAC;IAC7F,CAAC;SAAM,CAAC;QACN,gDAAgD;QAChD,OAAO,CAAC,GAAG,CAAC,iDAAiD,KAAK,KAAK,IAAI,EAAE,CAAC,CAAC;IACjF,CAAC;AACH,CAAC;AAED,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE;IACzB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3B,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC5B,CAAC,CAAC;AAEH,MAAM,WAAW,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE;IACzB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;CACrB,CAAC,CAAC;AAEH,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE;CAC1B,CAAC,CAAC;AAEH,+BAA+B;AAC/B,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IACpD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAE3B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,QAAQ,CAAC,WAAW,CAAC,WAAW,EAAE,4CAA4C,CAAC,CAAC;QAC5F,CAAC;QAED,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAEjE,uBAAuB;QACvB,MAAM,YAAY,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;YAC5C,KAAK,EAAE,EAAE,KAAK,EAAE;SACjB,CAAC,CAAC;QAEH,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,IAAI,QAAQ,CAAC,WAAW,CAAC,QAAQ,EAAE,0BAA0B,CAAC,CAAC;QACvE,CAAC;QAED,gBAAgB;QAChB,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAErD,8CAA8C;QAC9C,MAAM,oBAAoB,GAAG,2BAA2B,EAAE,CAAC;QAE3D,oEAAoE;QACpE,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;YAChC,IAAI,EAAE;gBACJ,KAAK;gBACL,YAAY;gBACZ,IAAI;gBACJ,aAAa,EAAE,CAAC,oBAAoB;aACrC;YACD,MAAM,EAAE;gBACN,EAAE,EAAE,IAAI;gBACR,KAAK,EAAE,IAAI;gBACX,IAAI,EAAE,IAAI;gBACV,SAAS,EAAE,IAAI;gBACf,aAAa,EAAE,IAAI;gBACnB,IAAI,EAAE,IAAI;aACX;SACF,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAEjD,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,EAAE;YACzB,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;YAC7C,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,SAAS;SAC3C,CAAC,CAAC;QAEH,sCAAsC;QACtC,IAAI,oBAAoB,EAAE,CAAC;YACzB,MAAM,6BAA6B,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3D,CAAC;QAED,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC;YACnC,IAAI;YACJ,KAAK;YACL,oBAAoB;SACrB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,4BAA4B;AAC5B,UAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IACjD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAE3B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,QAAQ,CAAC,WAAW,CAAC,WAAW,EAAE,qCAAqC,CAAC,CAAC;QACrF,CAAC;QAED,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAExD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;YACpC,KAAK,EAAE,EAAE,KAAK,EAAE;SACjB,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YAChC,MAAM,IAAI,QAAQ,CAAC,WAAW,CAAC,YAAY,EAAE,qBAAqB,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QAElE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,QAAQ,CAAC,WAAW,CAAC,YAAY,EAAE,qBAAqB,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,KAAK,GAAG,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAEjD,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,EAAE;YACzB,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;YAC7C,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI;SAChC,CAAC,CAAC;QAEH,sCAAsC;QACtC,MAAM,oBAAoB,GAAG,2BAA2B,EAAE,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC;QAElF,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,aAAa,EAAE,IAAI,CAAC,aAAa;gBACjC,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB;YACD,KAAK;YACL,oBAAoB;SACrB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,kBAAkB;AAClB,UAAU,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IACtD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAE3B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YACnC,MAAM,IAAI,QAAQ,CAAC,WAAW,CAAC,WAAW,EAAE,2BAA2B,CAAC,CAAC;QAC3E,CAAC;QAED,MAAM,EAAE,KAAK,EAAE,GAAG,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAElD,sBAAsB;QACtB,IAAI,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;QAE1D,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;gBAC1B,IAAI,EAAE,EAAE,KAAK,EAAE;aAChB,CAAC,CAAC;QACL,CAAC;QAED,0BAA0B;QAC1B,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC;QACvB,MAAM,SAAS,GAAG,IAAI,IAAI,CACxB,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,gBAAgB,GAAG,EAAE,GAAG,IAAI,CAChE,CAAC;QAEF,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC;YACxB,IAAI,EAAE;gBACJ,KAAK;gBACL,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,SAAS;aACV;SACF,CAAC,CAAC;QAEH,mCAAmC;QACnC,+BAA+B;QAC/B,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,KAAK,OAAO,CAAC,GAAG,CAAC,OAAO,0BAA0B,KAAK,EAAE,CAAC,CAAC;QAE9F,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC,CAAC;IAC3C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,oBAAoB;AACpB,UAAU,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAC5D,IAAI,CAAC;QACH,MAAM,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC;QAE5B,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YACxC,MAAM,IAAI,QAAQ,CAAC,WAAW,CAAC,WAAW,EAAE,mBAAmB,CAAC,CAAC;QACnE,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC;YAC9C,KAAK,EAAE,EAAE,KAAK,EAAE;YAChB,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;SACxB,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,IAAI,SAAS,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;YACvE,MAAM,IAAI,QAAQ,CAAC,WAAW,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC;QAC1E,CAAC;QAED,eAAe;QACf,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC;YACxB,KAAK,EAAE,EAAE,EAAE,EAAE,SAAS,CAAC,EAAE,EAAE;YAC3B,IAAI,EAAE,EAAE,MAAM,EAAE,IAAI,IAAI,EAAE,EAAE;SAC7B,CAAC,CAAC;QAEH,0BAA0B;QAC1B,MAAM,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;YACnB,KAAK,EAAE,EAAE,EAAE,EAAE,SAAS,CAAC,MAAM,EAAE;YAC/B,IAAI,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE;SAC9B,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,aAAa,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEzE,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,SAAS,EAAE;YAC7B,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;YAC7C,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI;SAChC,CAAC,CAAC;QAEH,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,EAAE;gBACrB,KAAK,EAAE,SAAS,CAAC,IAAI,CAAC,KAAK;gBAC3B,IAAI,EAAE,SAAS,CAAC,IAAI,CAAC,IAAI;gBACzB,SAAS,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS;gBACnC,IAAI,EAAE,SAAS,CAAC,IAAI,CAAC,IAAI;aAC1B;YACD,KAAK,EAAE,SAAS;SACjB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,SAAS;AACT,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACtC,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IACzB,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC;AACtC,CAAC,CAAC,CAAC;AAEH,mBAAmB;AACnB,UAAU,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC9C,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;AAC/B,CAAC,CAAC,CAAC;AAEH,gCAAgC;AAChC,UAAU,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IACpD,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAChC,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAA+B,CAAC,EAAE,CAAC;QACnE,OAAO,IAAI,CAAC,IAAI,QAAQ,CAAC,WAAW,CAAC,WAAW,EAAE,kBAAkB,QAAQ,iBAAiB,CAAC,CAAC,CAAC;IAClG,CAAC;IAED,6BAA6B;IAC7B,uDAAuD;IACvD,GAAG,CAAC,QAAQ,CAAC,aAAa,QAAQ,WAAW,CAAC,CAAC;AACjD,CAAC,CAAC,CAAC;AAEH,UAAU,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAC7D,wBAAwB;IACxB,uDAAuD;IACvD,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;QAEhC,0CAA0C;QAC1C,GAAG,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,eAAe,CAAC,CAAC;IACtD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,iCAAiC;AACjC,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;CAC/B,CAAC,CAAC;AAEH,UAAU,CAAC,IAAI,CAAC,eAAe,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IACrE,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,iBAAiB,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACnD,MAAM,MAAM,GAAG,GAAG,CAAC,IAAK,CAAC,EAAE,CAAC;QAE5B,oCAAoC;QACpC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;YACpC,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;YACrB,MAAM,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;SAC7C,CAAC,CAAC;QAEH,IAAI,IAAI,EAAE,aAAa,EAAE,CAAC;YACxB,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YAChE,OAAO;QACT,CAAC;QAED,8DAA8D;QAC9D,MAAM,YAAY,GAAG,MAAM,EAAE,CAAC,iBAAiB,CAAC,SAAS,CAAC;YACxD,KAAK,EAAE;gBACL,MAAM;gBACN,MAAM,EAAE,IAAI;gBACZ,SAAS,EAAE,EAAE,EAAE,EAAE,IAAI,IAAI,EAAE,EAAE;aAC9B;YACD,OAAO,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE;SAC/B,CAAC,CAAC;QAEH,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,QAAQ,CAAC,WAAW,CAAC,WAAW,EAAE,8DAA8D,CAAC,CAAC;QAC9G,CAAC;QAED,6BAA6B;QAC7B,MAAM,YAAY,GAAG,CAAC,CAAC;QACvB,IAAI,YAAY,CAAC,QAAQ,IAAI,YAAY,EAAE,CAAC;YAC1C,MAAM,IAAI,QAAQ,CAAC,WAAW,CAAC,iBAAiB,EAAE,+CAA+C,CAAC,CAAC;QACrG,CAAC;QAED,4BAA4B;QAC5B,MAAM,EAAE,CAAC,iBAAiB,CAAC,MAAM,CAAC;YAChC,KAAK,EAAE,EAAE,EAAE,EAAE,YAAY,CAAC,EAAE,EAAE;YAC9B,IAAI,EAAE,EAAE,QAAQ,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,EAAE;SACrC,CAAC,CAAC;QAEH,kBAAkB;QAClB,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,CAAC;QAE9D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,iBAAiB,GAAG,YAAY,GAAG,YAAY,CAAC,QAAQ,GAAG,CAAC,CAAC;YACnE,MAAM,IAAI,QAAQ,CAChB,WAAW,CAAC,WAAW,EACvB,8BAA8B,iBAAiB,sBAAsB,CACtE,CAAC;QACJ,CAAC;QAED,4CAA4C;QAC5C,MAAM,EAAE,CAAC,YAAY,CAAC;YACpB,EAAE,CAAC,iBAAiB,CAAC,MAAM,CAAC;gBAC1B,KAAK,EAAE,EAAE,EAAE,EAAE,YAAY,CAAC,EAAE,EAAE;gBAC9B,IAAI,EAAE,EAAE,MAAM,EAAE,IAAI,IAAI,EAAE,EAAE;aAC7B,CAAC;YACF,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;gBACb,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;gBACrB,IAAI,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE;aAC9B,CAAC;SACH,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,kCAAkC,MAAM,EAAE,CAAC,CAAC;QAExD,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;IACvE,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,4BAA4B;AAC5B,UAAU,CAAC,IAAI,CAAC,sBAAsB,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAC5E,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,GAAG,CAAC,IAAK,CAAC,EAAE,CAAC;QAE5B,oCAAoC;QACpC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;YACpC,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;YACrB,MAAM,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;SAC7C,CAAC,CAAC;QAEH,IAAI,IAAI,EAAE,aAAa,EAAE,CAAC;YACxB,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,+DAA+D;QAC/D,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,iBAAiB,CAAC,SAAS,CAAC;YACtD,KAAK,EAAE;gBACL,MAAM;gBACN,MAAM,EAAE,IAAI;aACb;YACD,OAAO,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE;SAC/B,CAAC,CAAC;QAEH,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,uBAAuB,IAAI,EAAE,CAAC;YACrF,MAAM,YAAY,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,eAAe,GAAG,IAAI,CAAC,CAAC;YAEvF,IAAI,IAAI,IAAI,EAAE,GAAG,YAAY,EAAE,CAAC;gBAC9B,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,YAAY,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;gBACjF,MAAM,IAAI,QAAQ,CAChB,WAAW,CAAC,iBAAiB,EAC7B,eAAe,gBAAgB,uCAAuC,CACvE,CAAC;YACJ,CAAC;QACH,CAAC;QAED,wCAAwC;QACxC,MAAM,6BAA6B,CAAC,MAAM,EAAE,IAAK,CAAC,KAAK,CAAC,CAAC;QAEzD,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC;AACH,CAAC,CAAC,CAAC"}