@crowdedkingdomstudios/crowdyjs 3.0.0 → 4.0.0

package/dist/domains/apps.js

@@ -1,49 +1,72 @@
-import { AppDocument, AppBySlugDocument, MyAppsDocument, AppsForOrgDocument, MarketplaceAppsDocument, CreateAppDocument, UpdateAppDocument, ArchiveAppDocument, SetAppVisibilityDocument, } from '../generated/graphql.js';
 /**
- * App (game / world) lifecycle and discovery. Exposed as `client.apps`.
+ * Apps sub-client. Targets `cks-management-api` (where the apps catalog
+ * lives). After the DB split each app may be served by its own per-tenant
+ * cks-game-api; the marketplace returns `gameApiUrl` for those rows so the
+ * caller can build a per-app `CrowdyClient` against the correct endpoint.
  *
- * `marketplace()` is a public listing (no auth) of every app where
- * visibility = PUBLIC and status = LIVE; the rest of the methods require
- * either org-membership permissions or super admin.
+ * Typical pattern:
+ *
+ *   const baseClient = createCrowdyClient({
+ *     managementUrl: 'https://api.example.com',
+ *     httpUrl: 'https://legacy-game-api.example.com', // pre-split fallback
+ *   });
+ *   await baseClient.auth.login({ email, password });
+ *
+ *   const route = await baseClient.apps.routeFor(appId);
+ *   if (route.splitMode && route.gameApiUrl) {
+ *     const perAppClient = createCrowdyClient({
+ *       managementUrl: 'https://api.example.com',
+ *       httpUrl: route.gameApiUrl,
+ *       wsUrl: route.gameApiUrl.replace(/^https?/, 'wss'),
+ *       tokenStore: baseClient.session.tokenStore,
+ *     });
+ *     // drive gameplay through perAppClient
+ *   }
  */
+import { AppDocument, AppBySlugDocument, MyAppsDocument, } from '../generated/graphql.js';
+function appRouteFromAppRow(row) {
+    if (!row || typeof row !== 'object')
+        return null;
+    const r = row;
+    if (typeof r.appId !== 'string')
+        return null;
+    return {
+        appId: r.appId,
+        splitMode: typeof r.splitMode === 'boolean' ? r.splitMode : false,
+        gameApiUrl: typeof r.gameApiUrl === 'string' && r.gameApiUrl ? r.gameApiUrl : null,
+    };
+}
 export class AppsAPI {
-    constructor(gql) {
-        this.gql = gql;
-    }
-    async marketplace(args = {}) {
-        const data = await this.gql.request(MarketplaceAppsDocument, args);
-        return data.apps;
+    constructor(management) {
+        this.management = management;
     }
-    async byId(appId) {
-        const data = await this.gql.request(AppDocument, { appId });
+    /** Fetch a single app by id. */
+    async app(appId) {
+        const data = await this.management.request(AppDocument, { appId });
         return data.app;
     }
-    async bySlug(args) {
-        const data = await this.gql.request(AppBySlugDocument, args);
+    /** Fetch by org slug + app slug (marketplace links). */
+    async appBySlug(orgSlug, appSlug) {
+        const data = await this.management.request(AppBySlugDocument, { orgSlug, appSlug });
         return data.appBySlug;
     }
+    /** Apps the caller can play (org membership OR active access). */
     async myApps() {
-        const data = await this.gql.request(MyAppsDocument, undefined);
+        const data = await this.management.request(MyAppsDocument, {});
         return data.myApps;
     }
-    async forOrg(orgSlug) {
-        const data = await this.gql.request(AppsForOrgDocument, { orgSlug });
-        return data.appsForOrg;
-    }
-    async create(input) {
-        const data = await this.gql.request(CreateAppDocument, { input });
-        return data.createApp;
-    }
-    async update(args) {
-        const data = await this.gql.request(UpdateAppDocument, args);
-        return data.updateApp;
-    }
-    async archive(appId) {
-        const data = await this.gql.request(ArchiveAppDocument, { appId });
-        return data.archiveApp;
-    }
-    async setVisibility(args) {
-        const data = await this.gql.request(SetAppVisibilityDocument, args);
-        return data.setAppVisibility;
+    /**
+     * Convenience: returns just the routing tuple for a given app. If the
+     * app row is missing or the API does not expose split-mode fields yet,
+     * returns `{ appId, splitMode: false, gameApiUrl: null }` so the caller
+     * keeps using the legacy single-endpoint deployment.
+     */
+    async routeFor(appId) {
+        const row = await this.app(appId);
+        return (appRouteFromAppRow(row) ?? {
+            appId,
+            splitMode: false,
+            gameApiUrl: null,
+        });
     }
 }

package/dist/domains/auth.d.ts

@@ -1,32 +1,43 @@
-import type { GraphQLClient } from '../client.js';
-import type { AuthState } from '../auth-state.js';
-import { type LoginMutation, type LoginMutationVariables, type RegisterMutation, type RegisterMutationVariables, type LogoutMutation, type LogoutAllDevicesMutation, type ConfirmEmailMutationVariables, type RequestPasswordResetMutationVariables, type ResetPasswordMutationVariables, type ResendConfirmationEmailMutationVariables } from '../generated/graphql.js';
 /**
- * Authentication operations. Exposed as `client.auth.<method>`.
+ * Auth sub-client. Talks to `cks-management-api` (NOT the game API) because
+ * the management API owns the `game_tokens` table that backs every login /
+ * register / password / email-confirm flow.
  *
- * `login` / `register` write the returned token into the shared `AuthState`
- * so the WebSocket subscription manager picks it up automatically. `logout`
- * / `logoutAllDevices` clear it.
+ * The returned `token` is a `game_tokens` row that game-api will validate
+ * against the same shared Postgres. Once the SDK has a token, the rest of
+ * the sub-clients (chunks, voxels, actors, udp, ...) use it transparently
+ * via the shared `AuthState`.
  */
+import type { GraphQLClient } from '../client.js';
+import type { AuthState } from '../auth-state.js';
+import { type LoginMutation, type LoginUserInput, type RegisterMutation, type RegisterUserInput, type ResetPasswordInput } from '../generated/graphql.js';
 export declare class AuthAPI {
-    private gql;
-    private authState;
-    constructor(gql: GraphQLClient, authState: AuthState);
-    login(input: LoginMutationVariables['input']): Promise<LoginMutation['login']>;
-    register(input: RegisterMutationVariables['input']): Promise<RegisterMutation['register']>;
-    logout(): Promise<LogoutMutation['logout']>;
-    logoutAllDevices(): Promise<LogoutAllDevicesMutation['logoutAllDevices']>;
+    private readonly graphql;
+    private readonly session;
+    constructor(graphql: GraphQLClient, session: AuthState);
     /**
-     * Manual token override - lets callers seed an existing session token
-     * (e.g. on app reload) or stamp out the in-memory token without firing
-     * a logout mutation. Pass `null` to clear.
+     * Log in and persist the resulting `game_tokens` bearer token via the
+     * shared `AuthState`. All subsequent SDK calls (game-api or
+     * management-api) include it automatically.
      */
+    login(input: LoginUserInput): Promise<LoginMutation['login']>;
+    /** Register a new user. Same token-persistence behaviour as `login`. */
+    register(input: RegisterUserInput): Promise<RegisterMutation['register']>;
+    /**
+     * Single-device logout. Clears the in-memory token after a successful
+     * server-side revoke so other sub-clients don't keep using it.
+     */
+    logout(): Promise<boolean>;
+    /** Revoke every `game_tokens` row for the current user. */
+    logoutAllDevices(): Promise<boolean>;
+    confirmEmail(token: string): Promise<boolean>;
+    requestPasswordReset(email: string): Promise<boolean>;
+    resetPassword(input: ResetPasswordInput): Promise<boolean>;
+    resendConfirmationEmail(email: string): Promise<boolean>;
+    changePassword(currentPassword: string, newPassword: string): Promise<boolean>;
+    /** Imperatively replace the in-memory bearer token (e.g. on rehydrate). */
     setToken(token: string | null): void;
+    /** Read the current bearer token. */
     getToken(): string | null;
-    confirmEmail(token: ConfirmEmailMutationVariables['token']): Promise<boolean>;
-    requestPasswordReset(email: RequestPasswordResetMutationVariables['email']): Promise<boolean>;
-    resetPassword(input: ResetPasswordMutationVariables['input']): Promise<boolean>;
-    resendConfirmationEmail(email: ResendConfirmationEmailMutationVariables['email']): Promise<boolean>;
-    changePassword(currentPassword: string, newPassword: string): Promise<boolean>;
 }
 //# sourceMappingURL=auth.d.ts.map

package/dist/domains/auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/domains/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAElD,OAAO,EAEL,KAAK,aAAa,EAClB,KAAK,sBAAsB,EAE3B,KAAK,gBAAgB,EACrB,KAAK,yBAAyB,EAE9B,KAAK,cAAc,EAEnB,KAAK,wBAAwB,EAE7B,KAAK,6BAA6B,EAElC,KAAK,qCAAqC,EAE1C,KAAK,8BAA8B,EAEnC,KAAK,wCAAwC,EAG9C,MAAM,yBAAyB,CAAC;AAEjC;;;;;;GAMG;AACH,qBAAa,OAAO;IAEhB,OAAO,CAAC,GAAG;IACX,OAAO,CAAC,SAAS;gBADT,GAAG,EAAE,aAAa,EAClB,SAAS,EAAE,SAAS;IAGxB,KAAK,CAAC,KAAK,EAAE,sBAAsB,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IAQ9E,QAAQ,CACZ,KAAK,EAAE,yBAAyB,CAAC,OAAO,CAAC,GACxC,OAAO,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAQlC,MAAM,IAAI,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IAM3C,gBAAgB,IAAI,OAAO,CAAC,wBAAwB,CAAC,kBAAkB,CAAC,CAAC;IAM/E;;;;OAIG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IAIpC,QAAQ,IAAI,MAAM,GAAG,IAAI;IAInB,YAAY,CAAC,KAAK,EAAE,6BAA6B,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;IAK7E,oBAAoB,CACxB,KAAK,EAAE,qCAAqC,CAAC,OAAO,CAAC,GACpD,OAAO,CAAC,OAAO,CAAC;IAKb,aAAa,CACjB,KAAK,EAAE,8BAA8B,CAAC,OAAO,CAAC,GAC7C,OAAO,CAAC,OAAO,CAAC;IAKb,uBAAuB,CAC3B,KAAK,EAAE,wCAAwC,CAAC,OAAO,CAAC,GACvD,OAAO,CAAC,OAAO,CAAC;IAKb,cAAc,CAClB,eAAe,EAAE,MAAM,EACvB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,OAAO,CAAC;CAKpB"}
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/domains/auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAUL,KAAK,aAAa,EAClB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,kBAAkB,EACxB,MAAM,yBAAyB,CAAC;AAEjC,qBAAa,OAAO;IAEhB,OAAO,CAAC,QAAQ,CAAC,OAAO;IACxB,OAAO,CAAC,QAAQ,CAAC,OAAO;gBADP,OAAO,EAAE,aAAa,EACtB,OAAO,EAAE,SAAS;IAGrC;;;;OAIG;IACG,KAAK,CAAC,KAAK,EAAE,cAAc,GAAG,OAAO,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IAQnE,wEAAwE;IAClE,QAAQ,CACZ,KAAK,EAAE,iBAAiB,GACvB,OAAO,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAQxC;;;OAGG;IACG,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC;IAMhC,2DAA2D;IACrD,gBAAgB,IAAI,OAAO,CAAC,OAAO,CAAC;IAKpC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAK7C,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAOrD,aAAa,CAAC,KAAK,EAAE,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC;IAO1D,uBAAuB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAOxD,cAAc,CAClB,eAAe,EAAE,MAAM,EACvB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,OAAO,CAAC;IAQnB,2EAA2E;IAC3E,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IAIpC,qCAAqC;IACrC,QAAQ,IAAI,MAAM,GAAG,IAAI;CAG1B"}

package/dist/domains/auth.js

@@ -1,70 +1,88 @@
-import { LoginDocument, RegisterDocument, LogoutDocument, LogoutAllDevicesDocument, ConfirmEmailDocument, RequestPasswordResetDocument, ResetPasswordDocument, ResendConfirmationEmailDocument, ChangePasswordDocument, } from '../generated/graphql.js';
 /**
- * Authentication operations. Exposed as `client.auth.<method>`.
+ * Auth sub-client. Talks to `cks-management-api` (NOT the game API) because
+ * the management API owns the `game_tokens` table that backs every login /
+ * register / password / email-confirm flow.
  *
- * `login` / `register` write the returned token into the shared `AuthState`
- * so the WebSocket subscription manager picks it up automatically. `logout`
- * / `logoutAllDevices` clear it.
+ * The returned `token` is a `game_tokens` row that game-api will validate
+ * against the same shared Postgres. Once the SDK has a token, the rest of
+ * the sub-clients (chunks, voxels, actors, udp, ...) use it transparently
+ * via the shared `AuthState`.
  */
+import { ChangePasswordDocument, ConfirmEmailDocument, LoginDocument, LogoutAllDevicesDocument, LogoutDocument, RegisterDocument, RequestPasswordResetDocument, ResendConfirmationEmailDocument, ResetPasswordDocument, } from '../generated/graphql.js';
 export class AuthAPI {
-    constructor(gql, authState) {
-        this.gql = gql;
-        this.authState = authState;
+    constructor(graphql, session) {
+        this.graphql = graphql;
+        this.session = session;
     }
+    /**
+     * Log in and persist the resulting `game_tokens` bearer token via the
+     * shared `AuthState`. All subsequent SDK calls (game-api or
+     * management-api) include it automatically.
+     */
     async login(input) {
-        const data = await this.gql.request(LoginDocument, { input });
+        const data = await this.graphql.request(LoginDocument, { input });
         if (data.login?.token) {
-            this.authState.setToken(data.login.token);
+            this.session.setToken(data.login.token);
         }
         return data.login;
     }
+    /** Register a new user. Same token-persistence behaviour as `login`. */
     async register(input) {
-        const data = await this.gql.request(RegisterDocument, { input });
+        const data = await this.graphql.request(RegisterDocument, { input });
         if (data.register?.token) {
-            this.authState.setToken(data.register.token);
+            this.session.setToken(data.register.token);
         }
         return data.register;
     }
+    /**
+     * Single-device logout. Clears the in-memory token after a successful
+     * server-side revoke so other sub-clients don't keep using it.
+     */
     async logout() {
-        const data = await this.gql.request(LogoutDocument, undefined);
-        this.authState.setToken(null);
+        const data = await this.graphql.request(LogoutDocument);
+        this.session.setToken(null);
         return data.logout;
     }
+    /** Revoke every `game_tokens` row for the current user. */
     async logoutAllDevices() {
-        const data = await this.gql.request(LogoutAllDevicesDocument, undefined);
-        this.authState.setToken(null);
+        const data = await this.graphql.request(LogoutAllDevicesDocument);
         return data.logoutAllDevices;
     }
-    /**
-     * Manual token override - lets callers seed an existing session token
-     * (e.g. on app reload) or stamp out the in-memory token without firing
-     * a logout mutation. Pass `null` to clear.
-     */
-    setToken(token) {
-        this.authState.setToken(token);
-    }
-    getToken() {
-        return this.authState.getToken();
-    }
     async confirmEmail(token) {
-        const data = await this.gql.request(ConfirmEmailDocument, { token });
+        const data = await this.graphql.request(ConfirmEmailDocument, { token });
         return data.confirmEmail;
     }
     async requestPasswordReset(email) {
-        const data = await this.gql.request(RequestPasswordResetDocument, { email });
+        const data = await this.graphql.request(RequestPasswordResetDocument, {
+            email,
+        });
         return data.requestPasswordReset;
     }
     async resetPassword(input) {
-        const data = await this.gql.request(ResetPasswordDocument, { input });
+        const data = await this.graphql.request(ResetPasswordDocument, {
+            input,
+        });
         return data.resetPassword;
     }
     async resendConfirmationEmail(email) {
-        const data = await this.gql.request(ResendConfirmationEmailDocument, { email });
+        const data = await this.graphql.request(ResendConfirmationEmailDocument, {
+            email,
+        });
         return data.resendConfirmationEmail;
     }
     async changePassword(currentPassword, newPassword) {
-        const vars = { currentPassword, newPassword };
-        const data = await this.gql.request(ChangePasswordDocument, vars);
+        const data = await this.graphql.request(ChangePasswordDocument, {
+            currentPassword,
+            newPassword,
+        });
         return data.changePassword;
     }
+    /** Imperatively replace the in-memory bearer token (e.g. on rehydrate). */
+    setToken(token) {
+        this.session.setToken(token);
+    }
+    /** Read the current bearer token. */
+    getToken() {
+        return this.session.getToken();
+    }
 }

package/dist/domains/udp.d.ts

@@ -1,6 +1,6 @@
 import type { GraphQLClient } from '../client.js';
 import type { SubscriptionManager, UdpNotificationHandlers } from '../subscriptions.js';
-import { type ConnectUdpProxyMutation, type UdpProxyConnectionStatusQuery, type SendActorUpdateMutationVariables, type SendVoxelUpdateMutationVariables, type SendAudioPacketMutationVariables, type SendTextPacketMutationVariables, type SendClientEventMutationVariables } from '../generated/graphql.js';
+import { type ConnectUdpProxyMutation, type UdpProxyConnectionStatusQuery, type SendActorUpdateMutationVariables, type SendVoxelUpdateMutationVariables, type SendAudioPacketMutationVariables, type SendTextPacketMutationVariables, type SendClientEventMutationVariables, type SendSingleActorMessageMutationVariables } from '../generated/graphql.js';
 import type { SpatialNotification } from '../realtime.js';
 /**
  * UDP proxy access for browser-style clients that can't open raw UDP
@@ -37,6 +37,14 @@ export declare class UdpAPI {
     sendClientEventAndWait(input: SendClientEventMutationVariables['input'], options?: {
         timeoutMs?: number;
     }): Promise<SpatialNotification>;
+    /**
+     * Send a direct actor-to-actor message, delivered only to the actor whose
+     * UUID matches `input.targetUuid` (the sender must know that actor's chunk).
+     * Fire-and-forget: the sender receives no echo, so there is no
+     * `sendSingleActorMessageAndWait` variant. The target receives a
+     * `SingleActorMessageNotification` on its `udpNotifications` subscription.
+     */
+    sendSingleActorMessage(input: SendSingleActorMessageMutationVariables['input']): Promise<boolean>;
     /**
      * Subscribe to udpNotifications. Pass any combination of typename
      * handlers; the returned function detaches all of them. The first

package/dist/domains/udp.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"udp.d.ts","sourceRoot":"","sources":["../../src/domains/udp.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,KAAK,EACV,mBAAmB,EACnB,uBAAuB,EACxB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAEL,KAAK,uBAAuB,EAG5B,KAAK,6BAA6B,EAElC,KAAK,gCAAgC,EAErC,KAAK,gCAAgC,EAErC,KAAK,gCAAgC,EAErC,KAAK,+BAA+B,EAEpC,KAAK,gCAAgC,EACtC,MAAM,yBAAyB,CAAC;AACjC,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAG1D;;;;;;GAMG;AACH,qBAAa,MAAM;IAIf,OAAO,CAAC,GAAG;IACX,OAAO,CAAC,IAAI;IAJd,OAAO,CAAC,QAAQ,CAAC,SAAS,CAA2B;gBAG3C,GAAG,EAAE,aAAa,EAClB,IAAI,EAAE,mBAAmB;IAG7B,OAAO,IAAI,OAAO,CAAC,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;IAK9D,UAAU,IAAI,OAAO,CAAC,OAAO,CAAC;IAK9B,gBAAgB,IAAI,OAAO,CAC/B,6BAA6B,CAAC,0BAA0B,CAAC,CAC1D;IAQK,eAAe,CACnB,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,GAC/C,OAAO,CAAC,OAAO,CAAC;IAKb,sBAAsB,CAC1B,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,EAChD,OAAO,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACnC,OAAO,CAAC,mBAAmB,CAAC;IAOzB,eAAe,CACnB,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,GAC/C,OAAO,CAAC,OAAO,CAAC;IAKb,sBAAsB,CAC1B,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,EAChD,OAAO,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACnC,OAAO,CAAC,mBAAmB,CAAC;IAOzB,eAAe,CACnB,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,GAC/C,OAAO,CAAC,OAAO,CAAC;IAKb,sBAAsB,CAC1B,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,EAChD,OAAO,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACnC,OAAO,CAAC,mBAAmB,CAAC;IAOzB,cAAc,CAClB,KAAK,EAAE,+BAA+B,CAAC,OAAO,CAAC,GAC9C,OAAO,CAAC,OAAO,CAAC;IAKb,qBAAqB,CACzB,KAAK,EAAE,+BAA+B,CAAC,OAAO,CAAC,EAC/C,OAAO,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACnC,OAAO,CAAC,mBAAmB,CAAC;IAOzB,eAAe,CACnB,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,GAC/C,OAAO,CAAC,OAAO,CAAC;IAKb,sBAAsB,CAC1B,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,EAChD,OAAO,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACnC,OAAO,CAAC,mBAAmB,CAAC;IAO/B;;;;;OAKG;IACH,SAAS,CAAC,QAAQ,EAAE,uBAAuB,GAAG,MAAM,IAAI;IAIxD,OAAO,CAAC,YAAY;CAQrB"}
+{"version":3,"file":"udp.d.ts","sourceRoot":"","sources":["../../src/domains/udp.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,KAAK,EACV,mBAAmB,EACnB,uBAAuB,EACxB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAEL,KAAK,uBAAuB,EAG5B,KAAK,6BAA6B,EAElC,KAAK,gCAAgC,EAErC,KAAK,gCAAgC,EAErC,KAAK,gCAAgC,EAErC,KAAK,+BAA+B,EAEpC,KAAK,gCAAgC,EAErC,KAAK,uCAAuC,EAC7C,MAAM,yBAAyB,CAAC;AACjC,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAG1D;;;;;;GAMG;AACH,qBAAa,MAAM;IAIf,OAAO,CAAC,GAAG;IACX,OAAO,CAAC,IAAI;IAJd,OAAO,CAAC,QAAQ,CAAC,SAAS,CAA2B;gBAG3C,GAAG,EAAE,aAAa,EAClB,IAAI,EAAE,mBAAmB;IAG7B,OAAO,IAAI,OAAO,CAAC,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;IAK9D,UAAU,IAAI,OAAO,CAAC,OAAO,CAAC;IAK9B,gBAAgB,IAAI,OAAO,CAC/B,6BAA6B,CAAC,0BAA0B,CAAC,CAC1D;IAQK,eAAe,CACnB,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,GAC/C,OAAO,CAAC,OAAO,CAAC;IAKb,sBAAsB,CAC1B,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,EAChD,OAAO,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACnC,OAAO,CAAC,mBAAmB,CAAC;IAOzB,eAAe,CACnB,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,GAC/C,OAAO,CAAC,OAAO,CAAC;IAKb,sBAAsB,CAC1B,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,EAChD,OAAO,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACnC,OAAO,CAAC,mBAAmB,CAAC;IAOzB,eAAe,CACnB,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,GAC/C,OAAO,CAAC,OAAO,CAAC;IAKb,sBAAsB,CAC1B,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,EAChD,OAAO,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACnC,OAAO,CAAC,mBAAmB,CAAC;IAOzB,cAAc,CAClB,KAAK,EAAE,+BAA+B,CAAC,OAAO,CAAC,GAC9C,OAAO,CAAC,OAAO,CAAC;IAKb,qBAAqB,CACzB,KAAK,EAAE,+BAA+B,CAAC,OAAO,CAAC,EAC/C,OAAO,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACnC,OAAO,CAAC,mBAAmB,CAAC;IAOzB,eAAe,CACnB,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,GAC/C,OAAO,CAAC,OAAO,CAAC;IAKb,sBAAsB,CAC1B,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,EAChD,OAAO,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAO,GACnC,OAAO,CAAC,mBAAmB,CAAC;IAO/B;;;;;;OAMG;IACG,sBAAsB,CAC1B,KAAK,EAAE,uCAAuC,CAAC,OAAO,CAAC,GACtD,OAAO,CAAC,OAAO,CAAC;IAOnB;;;;;OAKG;IACH,SAAS,CAAC,QAAQ,EAAE,uBAAuB,GAAG,MAAM,IAAI;IAIxD,OAAO,CAAC,YAAY;CAQrB"}

package/dist/domains/udp.js

@@ -1,4 +1,4 @@
-import { ConnectUdpProxyDocument, DisconnectUdpProxyDocument, UdpProxyConnectionStatusDocument, SendActorUpdateDocument, SendVoxelUpdateDocument, SendAudioPacketDocument, SendTextPacketDocument, SendClientEventDocument, } from '../generated/graphql.js';
+import { ConnectUdpProxyDocument, DisconnectUdpProxyDocument, UdpProxyConnectionStatusDocument, SendActorUpdateDocument, SendVoxelUpdateDocument, SendAudioPacketDocument, SendTextPacketDocument, SendClientEventDocument, SendSingleActorMessageDocument, } from '../generated/graphql.js';
 import { SequenceAllocator } from '../utils.js';
 /**
  * UDP proxy access for browser-style clients that can't open raw UDP
@@ -75,6 +75,19 @@ export class UdpAPI {
         await this.sendClientEvent(request);
         return wait;
     }
+    /**
+     * Send a direct actor-to-actor message, delivered only to the actor whose
+     * UUID matches `input.targetUuid` (the sender must know that actor's chunk).
+     * Fire-and-forget: the sender receives no echo, so there is no
+     * `sendSingleActorMessageAndWait` variant. The target receives a
+     * `SingleActorMessageNotification` on its `udpNotifications` subscription.
+     */
+    async sendSingleActorMessage(input) {
+        const data = await this.gql.request(SendSingleActorMessageDocument, {
+            input,
+        });
+        return data.sendSingleActorMessage;
+    }
     /**
      * Subscribe to udpNotifications. Pass any combination of typename
      * handlers; the returned function detaches all of them. The first

package/dist/domains/users.d.ts

@@ -1,24 +1,27 @@
-import type { GraphQLClient } from '../client.js';
-import { type MeQuery, type UserQuery, type UserQueryVariables, type UsersPaginatedQuery, type UsersPaginatedQueryVariables, type UpdateGamertagMutation, type UpdateGamertagMutationVariables, type UpdateUserStateMutation, type UpdateUserStateMutationVariables, type SetSuperAdminMutation, type SetSuperAdminMutationVariables, type SetEarlyAccessOverrideMutation, type SetEarlyAccessOverrideMutationVariables, type UpdateUserTypeMutation, type UpdateUserTypeMutationVariables, type ForceLogoutUserMutationVariables } from '../generated/graphql.js';
 /**
- * User profile / directory queries and mutations. Exposed as `client.users`.
+ * Users sub-client. Targets `cks-management-api` — game-api never exposes
+ * identity mutations after the split.
  *
- * The legacy `list` / `byGamertag` / `byEmail` triple has been collapsed
- * into a single super-admin-gated `searchPaginated` (server-side
- * `usersPaginated`).
+ * Only the read/identity surface that game clients realistically need is
+ * here. Super-admin / operator screens use cks-management-ui (Apollo)
+ * directly rather than the SDK.
  */
+import type { GraphQLClient } from '../client.js';
+import { type MeQuery, type UpdateGamertagInput, type UpdateGamertagMutation } from '../generated/graphql.js';
 export declare class UsersAPI {
-    private gql;
-    constructor(gql: GraphQLClient);
+    private readonly graphql;
+    constructor(graphql: GraphQLClient);
+    /**
+     * Validate the current Bearer token and return the user record. Returns
+     * null if the token is expired/revoked. Use this for session restore on
+     * SDK init.
+     */
     me(): Promise<MeQuery['me']>;
-    byId(id: UserQueryVariables['id']): Promise<UserQuery['user']>;
-    searchPaginated(args?: UsersPaginatedQueryVariables): Promise<UsersPaginatedQuery['usersPaginated']>;
-    updateGamertag(input: UpdateGamertagMutationVariables['input']): Promise<UpdateGamertagMutation['updateGamertag']>;
-    updateUserState(input: UpdateUserStateMutationVariables['input']): Promise<UpdateUserStateMutation['updateUserState']>;
-    setSuperAdmin(args: SetSuperAdminMutationVariables): Promise<SetSuperAdminMutation['setSuperAdmin']>;
-    setEarlyAccessOverride(args: SetEarlyAccessOverrideMutationVariables): Promise<SetEarlyAccessOverrideMutation['setEarlyAccessOverride']>;
-    updateUserType(args: UpdateUserTypeMutationVariables): Promise<UpdateUserTypeMutation['updateUserType']>;
-    forceLogoutUser(userId: ForceLogoutUserMutationVariables['userId']): Promise<boolean>;
+    updateGamertag(input: UpdateGamertagInput): Promise<UpdateGamertagMutation['updateGamertag']>;
+    /**
+     * Soft-deletes the current user's account: anonymizes PII and revokes
+     * sessions. Wallet / donation history stays intact via FK.
+     */
     deleteMyAccount(): Promise<boolean>;
 }
 //# sourceMappingURL=users.d.ts.map

package/dist/domains/users.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"users.d.ts","sourceRoot":"","sources":["../../src/domains/users.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAElD,OAAO,EAEL,KAAK,OAAO,EAEZ,KAAK,SAAS,EACd,KAAK,kBAAkB,EAEvB,KAAK,mBAAmB,EACxB,KAAK,4BAA4B,EAEjC,KAAK,sBAAsB,EAC3B,KAAK,+BAA+B,EAEpC,KAAK,uBAAuB,EAC5B,KAAK,gCAAgC,EAErC,KAAK,qBAAqB,EAC1B,KAAK,8BAA8B,EAEnC,KAAK,8BAA8B,EACnC,KAAK,uCAAuC,EAE5C,KAAK,sBAAsB,EAC3B,KAAK,+BAA+B,EAEpC,KAAK,gCAAgC,EAEtC,MAAM,yBAAyB,CAAC;AAEjC;;;;;;GAMG;AACH,qBAAa,QAAQ;IACP,OAAO,CAAC,GAAG;gBAAH,GAAG,EAAE,aAAa;IAEhC,EAAE,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAK5B,IAAI,CAAC,EAAE,EAAE,kBAAkB,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IAK9D,eAAe,CACnB,IAAI,GAAE,4BAAiC,GACtC,OAAO,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;IAK3C,cAAc,CAClB,KAAK,EAAE,+BAA+B,CAAC,OAAO,CAAC,GAC9C,OAAO,CAAC,sBAAsB,CAAC,gBAAgB,CAAC,CAAC;IAK9C,eAAe,CACnB,KAAK,EAAE,gCAAgC,CAAC,OAAO,CAAC,GAC/C,OAAO,CAAC,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;IAKhD,aAAa,CACjB,IAAI,EAAE,8BAA8B,GACnC,OAAO,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC;IAK5C,sBAAsB,CAC1B,IAAI,EAAE,uCAAuC,GAC5C,OAAO,CAAC,8BAA8B,CAAC,wBAAwB,CAAC,CAAC;IAK9D,cAAc,CAClB,IAAI,EAAE,+BAA+B,GACpC,OAAO,CAAC,sBAAsB,CAAC,gBAAgB,CAAC,CAAC;IAK9C,eAAe,CACnB,MAAM,EAAE,gCAAgC,CAAC,QAAQ,CAAC,GACjD,OAAO,CAAC,OAAO,CAAC;IAKb,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;CAI1C"}
+{"version":3,"file":"users.d.ts","sourceRoot":"","sources":["../../src/domains/users.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAIL,KAAK,OAAO,EACZ,KAAK,mBAAmB,EACxB,KAAK,sBAAsB,EAC5B,MAAM,yBAAyB,CAAC;AAEjC,qBAAa,QAAQ;IACP,OAAO,CAAC,QAAQ,CAAC,OAAO;gBAAP,OAAO,EAAE,aAAa;IAEnD;;;;OAIG;IACG,EAAE,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAK5B,cAAc,CAClB,KAAK,EAAE,mBAAmB,GACzB,OAAO,CAAC,sBAAsB,CAAC,gBAAgB,CAAC,CAAC;IAKpD;;;OAGG;IACG,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;CAI1C"}

package/dist/domains/users.js

@@ -1,53 +1,35 @@
-import { MeDocument, UserDocument, UsersPaginatedDocument, UpdateGamertagDocument, UpdateUserStateDocument, SetSuperAdminDocument, SetEarlyAccessOverrideDocument, UpdateUserTypeDocument, ForceLogoutUserDocument, DeleteMyAccountDocument, } from '../generated/graphql.js';
 /**
- * User profile / directory queries and mutations. Exposed as `client.users`.
+ * Users sub-client. Targets `cks-management-api` — game-api never exposes
+ * identity mutations after the split.
  *
- * The legacy `list` / `byGamertag` / `byEmail` triple has been collapsed
- * into a single super-admin-gated `searchPaginated` (server-side
- * `usersPaginated`).
+ * Only the read/identity surface that game clients realistically need is
+ * here. Super-admin / operator screens use cks-management-ui (Apollo)
+ * directly rather than the SDK.
  */
+import { MeDocument, UpdateGamertagDocument, DeleteMyAccountDocument, } from '../generated/graphql.js';
 export class UsersAPI {
-    constructor(gql) {
-        this.gql = gql;
-    }
+    constructor(graphql) {
+        this.graphql = graphql;
+    }
+    /**
+     * Validate the current Bearer token and return the user record. Returns
+     * null if the token is expired/revoked. Use this for session restore on
+     * SDK init.
+     */
     async me() {
-        const data = await this.gql.request(MeDocument, undefined);
+        const data = await this.graphql.request(MeDocument);
         return data.me;
     }
-    async byId(id) {
-        const data = await this.gql.request(UserDocument, { id });
-        return data.user;
-    }
-    async searchPaginated(args = {}) {
-        const data = await this.gql.request(UsersPaginatedDocument, args);
-        return data.usersPaginated;
-    }
     async updateGamertag(input) {
-        const data = await this.gql.request(UpdateGamertagDocument, { input });
+        const data = await this.graphql.request(UpdateGamertagDocument, { input });
         return data.updateGamertag;
     }
-    async updateUserState(input) {
-        const data = await this.gql.request(UpdateUserStateDocument, { input });
-        return data.updateUserState;
-    }
-    async setSuperAdmin(args) {
-        const data = await this.gql.request(SetSuperAdminDocument, args);
-        return data.setSuperAdmin;
-    }
-    async setEarlyAccessOverride(args) {
-        const data = await this.gql.request(SetEarlyAccessOverrideDocument, args);
-        return data.setEarlyAccessOverride;
-    }
-    async updateUserType(args) {
-        const data = await this.gql.request(UpdateUserTypeDocument, args);
-        return data.updateUserType;
-    }
-    async forceLogoutUser(userId) {
-        const data = await this.gql.request(ForceLogoutUserDocument, { userId });
-        return data.forceLogoutUser;
-    }
+    /**
+     * Soft-deletes the current user's account: anonymizes PII and revokes
+     * sessions. Wallet / donation history stays intact via FK.
+     */
     async deleteMyAccount() {
-        const data = await this.gql.request(DeleteMyAccountDocument, undefined);
+        const data = await this.graphql.request(DeleteMyAccountDocument);
         return data.deleteMyAccount;
     }
 }