@checkstack/auth-backend 0.4.2 → 0.4.4

package/CHANGELOG.md

@@ -1,5 +1,28 @@
 # @checkstack/auth-backend
 
+## 0.4.4
+
+### Patch Changes
+
+- Updated dependencies [db1f56f]
+  - @checkstack/common@0.6.0
+  - @checkstack/auth-common@0.5.3
+  - @checkstack/backend-api@0.5.1
+  - @checkstack/command-backend@0.1.7
+  - @checkstack/notification-common@0.2.3
+
+## 0.4.3
+
+### Patch Changes
+
+- 66a3963: Update database types to use SafeDatabase
+
+  - Updated all database type declarations from `NodePgDatabase` to `SafeDatabase` for compile-time safety
+
+- Updated dependencies [66a3963]
+  - @checkstack/backend-api@0.5.0
+  - @checkstack/command-backend@0.1.6
+
 ## 0.4.2
 
 ### Patch Changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@checkstack/auth-backend",
-  "version": "0.4.2",
+  "version": "0.4.4",
   "type": "module",
   "main": "src/index.ts",
   "scripts": {

package/src/index.ts

@@ -18,7 +18,7 @@ import {
 import { NotificationApi } from "@checkstack/notification-common";
 import * as schema from "./schema";
 import { eq, inArray } from "drizzle-orm";
-import { NodePgDatabase } from "drizzle-orm/node-postgres";
+import { SafeDatabase } from "@checkstack/backend-api";
 import { User } from "better-auth/types";
 import { verifyPassword } from "better-auth/crypto";
 import { createExtensionPoint } from "@checkstack/backend-api";
@@ -57,7 +57,7 @@ async function syncAccessRulesToDb({
   accessRules,
   fullSync = false,
 }: {
-  database: NodePgDatabase<typeof schema>;
+  database: SafeDatabase<typeof schema>;
   logger: { debug: (msg: string) => void };
   accessRules: {
     id: string;
@@ -170,7 +170,7 @@ async function syncAuthenticatedDefaultAccessRulesToUsersRole({
   logger,
   accessRules,
 }: {
-  database: NodePgDatabase<typeof schema>;
+  database: SafeDatabase<typeof schema>;
   logger: { debug: (msg: string) => void };
   accessRules: { id: string; isDefault?: boolean }[];
 }) {
@@ -237,7 +237,7 @@ async function syncPublicDefaultAccessRulesToAnonymousRole({
   logger,
   accessRules,
 }: {
-  database: NodePgDatabase<typeof schema>;
+  database: SafeDatabase<typeof schema>;
   logger: { debug: (msg: string) => void };
   accessRules: { id: string; isPublic?: boolean }[];
 }) {
@@ -289,7 +289,7 @@ export default createBackendPlugin({
   metadata: pluginMetadata,
   register(env) {
     let auth: ReturnType<typeof betterAuth> | undefined;
-    let db: NodePgDatabase<typeof schema> | undefined;
+    let db: SafeDatabase<typeof schema> | undefined;
 
     const strategies: AuthStrategy<unknown>[] = [];
 
@@ -702,7 +702,7 @@ export default createBackendPlugin({
 
         // 4. Register oRPC router
         const authRouter = createAuthRouter(
-          database as NodePgDatabase<typeof schema>,
+          database as SafeDatabase<typeof schema>,
           strategyRegistry,
           reloadAuth,
           config,
@@ -770,7 +770,7 @@ export default createBackendPlugin({
           `[auth-backend] afterPluginsReady: syncing ${allAccessRules.length} access rules from all plugins`,
         );
         await syncAccessRulesToDb({
-          database: database as NodePgDatabase<typeof schema>,
+          database: database as SafeDatabase<typeof schema>,
           logger,
           accessRules: allAccessRules,
           fullSync: true,
@@ -782,7 +782,7 @@ export default createBackendPlugin({
           coreHooks.accessRulesRegistered,
           async ({ accessRules }) => {
             await syncAccessRulesToDb({
-              database: database as NodePgDatabase<typeof schema>,
+              database: database as SafeDatabase<typeof schema>,
               logger,
               accessRules,
             });

package/src/router.ts

@@ -12,7 +12,7 @@ import { authContract, passwordSchema } from "@checkstack/auth-common";
 import { hashPassword } from "better-auth/crypto";
 import * as schema from "./schema";
 import { eq, inArray, and } from "drizzle-orm";
-import type { NodePgDatabase } from "drizzle-orm/node-postgres";
+import type { SafeDatabase } from "@checkstack/backend-api";
 import { authHooks } from "./hooks";
 
 /**
@@ -118,7 +118,7 @@ function generateSecret(): string {
 }
 
 export const createAuthRouter = (
-  internalDb: NodePgDatabase<typeof schema>,
+  internalDb: SafeDatabase<typeof schema>,
   strategyRegistry: { getStrategies: () => AuthStrategy<unknown>[] },
   reloadAuthFn: () => Promise<void>,
   configService: ConfigService,

package/src/teams.test.ts

@@ -4,10 +4,10 @@ import { createMockRpcContext } from "@checkstack/backend-api";
 import { call } from "@orpc/server";
 import { z } from "zod";
 import * as schema from "./schema";
-import type { NodePgDatabase } from "drizzle-orm/node-postgres";
+import type { SafeDatabase } from "@checkstack/backend-api";
 
 /** Type alias for the database type used in auth router */
-type AuthDatabase = NodePgDatabase<typeof schema>;
+type AuthDatabase = SafeDatabase<typeof schema>;
 
 /**
  * Tests for Team and Resource-Level Access Control endpoints.
@@ -65,7 +65,7 @@ describe("Teams and Resource Access Control", () => {
 
   /**
    * Creates a fresh mock database for each test.
-   * Uses type assertion to satisfy NodePgDatabase interface for testing.
+   * Uses type assertion to satisfy SafeDatabase interface for testing.
    */
   function createMockDb(): AuthDatabase {
     const mockDb = {

package/src/utils/user.ts

@@ -1,5 +1,5 @@
 import { User } from "better-auth/types";
-import { NodePgDatabase } from "drizzle-orm/node-postgres";
+import { SafeDatabase } from "@checkstack/backend-api";
 import { eq } from "drizzle-orm";
 import type { RealUser } from "@checkstack/backend-api";
 import * as schema from "../schema";
@@ -10,7 +10,7 @@ import * as schema from "../schema";
  */
 export const enrichUser = async (
   user: User,
-  db: NodePgDatabase<typeof schema>
+  db: SafeDatabase<typeof schema>
 ): Promise<RealUser> => {
   // 1. Get Roles
   const userRoles = await db