@djangocfg/api 2.1.456 → 2.1.457

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.cjs CHANGED
@@ -3,9 +3,6 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
3
3
  var __getOwnPropNames = Object.getOwnPropertyNames;
4
4
  var __hasOwnProp = Object.prototype.hasOwnProperty;
5
5
  var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
6
- var __esm = (fn, res) => function __init() {
7
- return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
8
- };
9
6
  var __export = (target, all) => {
10
7
  for (var name in all)
11
8
  __defProp(target, name, { get: all[name], enumerable: true });
@@ -20,1615 +17,172 @@ var __copyProps = (to, from, except, desc) => {
20
17
  };
21
18
  var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
22
19
 
23
- // src/_api/generated/helpers/errors.ts
24
- var APIError, NetworkError;
25
- var init_errors = __esm({
26
- "src/_api/generated/helpers/errors.ts"() {
27
- APIError = class extends Error {
28
- constructor(statusCode, statusText, response, url, message) {
29
- super(message || `HTTP ${statusCode}: ${statusText}`);
30
- this.statusCode = statusCode;
31
- this.statusText = statusText;
32
- this.response = response;
33
- this.url = url;
34
- this.name = "APIError";
35
- }
36
- static {
37
- __name(this, "APIError");
38
- }
39
- get details() {
40
- if (typeof this.response === "object" && this.response !== null) {
41
- return this.response;
42
- }
43
- return null;
44
- }
45
- get fieldErrors() {
46
- const details = this.details;
47
- if (!details) return null;
48
- const fieldErrors = {};
49
- for (const [key, value] of Object.entries(details)) {
50
- if (Array.isArray(value)) fieldErrors[key] = value;
51
- }
52
- return Object.keys(fieldErrors).length > 0 ? fieldErrors : null;
53
- }
54
- get errorMessage() {
55
- const details = this.details;
56
- if (!details) return this.message;
57
- if (details.detail) {
58
- return Array.isArray(details.detail) ? details.detail.join(", ") : String(details.detail);
59
- }
60
- if (details.error) return String(details.error);
61
- if (details.message) return String(details.message);
62
- const fieldErrors = this.fieldErrors;
63
- if (fieldErrors) {
64
- const firstField = Object.keys(fieldErrors)[0];
65
- if (firstField) return `${firstField}: ${fieldErrors[firstField]?.join(", ")}`;
66
- }
67
- return this.message;
68
- }
69
- get isValidationError() {
70
- return this.statusCode === 400;
71
- }
72
- get isAuthError() {
73
- return this.statusCode === 401;
74
- }
75
- get isPermissionError() {
76
- return this.statusCode === 403;
77
- }
78
- get isNotFoundError() {
79
- return this.statusCode === 404;
80
- }
81
- get isServerError() {
82
- return this.statusCode >= 500 && this.statusCode < 600;
83
- }
84
- };
85
- NetworkError = class extends Error {
86
- constructor(message, url, originalError) {
87
- super(message);
88
- this.url = url;
89
- this.originalError = originalError;
90
- this.name = "NetworkError";
91
- }
92
- static {
93
- __name(this, "NetworkError");
94
- }
95
- };
96
- }
97
- });
98
-
99
- // src/_api/generated/core/bodySerializer.gen.ts
100
- var serializeFormDataPair, formDataBodySerializer, jsonBodySerializer;
101
- var init_bodySerializer_gen = __esm({
102
- "src/_api/generated/core/bodySerializer.gen.ts"() {
103
- serializeFormDataPair = /* @__PURE__ */ __name((data, key, value) => {
104
- if (typeof value === "string" || value instanceof Blob) {
105
- data.append(key, value);
106
- } else if (value instanceof Date) {
107
- data.append(key, value.toISOString());
108
- } else {
109
- data.append(key, JSON.stringify(value));
110
- }
111
- }, "serializeFormDataPair");
112
- formDataBodySerializer = {
113
- bodySerializer: /* @__PURE__ */ __name((body) => {
114
- const data = new FormData();
115
- Object.entries(body).forEach(([key, value]) => {
116
- if (value === void 0 || value === null) {
117
- return;
118
- }
119
- if (Array.isArray(value)) {
120
- value.forEach((v) => serializeFormDataPair(data, key, v));
121
- } else {
122
- serializeFormDataPair(data, key, value);
123
- }
124
- });
125
- return data;
126
- }, "bodySerializer")
127
- };
128
- jsonBodySerializer = {
129
- bodySerializer: /* @__PURE__ */ __name((body) => JSON.stringify(body, (_key, value) => typeof value === "bigint" ? value.toString() : value), "bodySerializer")
130
- };
131
- }
20
+ // src/index.ts
21
+ var index_exports = {};
22
+ __export(index_exports, {
23
+ APIError: () => APIError,
24
+ APILogger: () => APILogger,
25
+ CfgAccounts: () => CfgAccounts,
26
+ CfgAccountsAPI: () => API,
27
+ CfgAccountsApi: () => CfgAccountsApi,
28
+ CfgAccountsApiKey: () => CfgAccountsApiKey,
29
+ CfgAccountsAuth: () => CfgAccountsAuth,
30
+ CfgAccountsOauth: () => CfgAccountsOauth,
31
+ CfgAccountsProfile: () => CfgAccountsProfile,
32
+ CfgCentrifugo: () => CfgCentrifugo,
33
+ CfgCentrifugoAPI: () => API2,
34
+ CfgCentrifugoApi: () => CfgCentrifugoApi,
35
+ CfgTotp: () => CfgTotp,
36
+ CfgTotpAPI: () => API3,
37
+ CfgTotpApi: () => CfgTotpApi,
38
+ CfgTotpBackupCodes: () => CfgTotpBackupCodes,
39
+ CfgTotpSetup: () => CfgTotpSetup,
40
+ CfgTotpVerify: () => CfgTotpVerify,
41
+ CookieStorageAdapter: () => CookieStorageAdapter,
42
+ LocalStorageAdapter: () => LocalStorageAdapter,
43
+ MemoryStorageAdapter: () => MemoryStorageAdapter,
44
+ NetworkError: () => NetworkError,
45
+ api: () => CfgAccountsApi,
46
+ applyRoleLogPolicy: () => applyRoleLogPolicy,
47
+ auth: () => auth,
48
+ defaultLogger: () => defaultLogger,
49
+ dispatchValidationError: () => dispatchValidationError,
50
+ dpopEnabled: () => dpopEnabled2,
51
+ formatZodError: () => formatZodError,
52
+ getLogLevel: () => getLogLevel,
53
+ isBrowser: () => isBrowser2,
54
+ isDev: () => isDev,
55
+ isProd: () => isProd,
56
+ isStaticBuild: () => isStaticBuild,
57
+ onLogLevelChange: () => onLogLevelChange,
58
+ onValidationError: () => onValidationError,
59
+ setLogLevel: () => setLogLevel
132
60
  });
61
+ module.exports = __toCommonJS(index_exports);
133
62
 
134
- // src/_api/generated/core/params.gen.ts
135
- var extraPrefixesMap, extraPrefixes;
136
- var init_params_gen = __esm({
137
- "src/_api/generated/core/params.gen.ts"() {
138
- extraPrefixesMap = {
139
- $body_: "body",
140
- $headers_: "headers",
141
- $path_: "path",
142
- $query_: "query"
143
- };
144
- extraPrefixes = Object.entries(extraPrefixesMap);
63
+ // src/_api/generated/helpers/errors.ts
64
+ var APIError = class extends Error {
65
+ constructor(statusCode, statusText, response, url, message) {
66
+ super(message || `HTTP ${statusCode}: ${statusText}`);
67
+ this.statusCode = statusCode;
68
+ this.statusText = statusText;
69
+ this.response = response;
70
+ this.url = url;
71
+ this.name = "APIError";
145
72
  }
146
- });
147
-
148
- // src/_api/generated/core/queryKeySerializer.gen.ts
149
- var init_queryKeySerializer_gen = __esm({
150
- "src/_api/generated/core/queryKeySerializer.gen.ts"() {
73
+ static {
74
+ __name(this, "APIError");
151
75
  }
152
- });
153
-
154
- // src/_api/generated/core/serverSentEvents.gen.ts
155
- function createSseClient({
156
- onRequest,
157
- onSseError,
158
- onSseEvent,
159
- responseTransformer,
160
- responseValidator,
161
- sseDefaultRetryDelay,
162
- sseMaxRetryAttempts,
163
- sseMaxRetryDelay,
164
- sseSleepFn,
165
- url,
166
- ...options
167
- }) {
168
- let lastEventId;
169
- const sleep = sseSleepFn ?? ((ms) => new Promise((resolve) => setTimeout(resolve, ms)));
170
- const createStream = /* @__PURE__ */ __name(async function* () {
171
- let retryDelay = sseDefaultRetryDelay ?? 3e3;
172
- let attempt = 0;
173
- const signal = options.signal ?? new AbortController().signal;
174
- while (true) {
175
- if (signal.aborted) break;
176
- attempt++;
177
- const headers = options.headers instanceof Headers ? options.headers : new Headers(options.headers);
178
- if (lastEventId !== void 0) {
179
- headers.set("Last-Event-ID", lastEventId);
180
- }
181
- try {
182
- const requestInit = {
183
- redirect: "follow",
184
- ...options,
185
- body: options.serializedBody,
186
- headers,
187
- signal
188
- };
189
- let request = new Request(url, requestInit);
190
- if (onRequest) {
191
- request = await onRequest(url, requestInit);
192
- }
193
- const _fetch = options.fetch ?? globalThis.fetch;
194
- const response = await _fetch(request);
195
- if (!response.ok) throw new Error(`SSE failed: ${response.status} ${response.statusText}`);
196
- if (!response.body) throw new Error("No body in SSE response");
197
- const reader = response.body.pipeThrough(new TextDecoderStream()).getReader();
198
- let buffer = "";
199
- const abortHandler = /* @__PURE__ */ __name(() => {
200
- try {
201
- reader.cancel();
202
- } catch {
203
- }
204
- }, "abortHandler");
205
- signal.addEventListener("abort", abortHandler);
206
- try {
207
- while (true) {
208
- const { done, value } = await reader.read();
209
- if (done) break;
210
- buffer += value;
211
- buffer = buffer.replace(/\r\n?/g, "\n");
212
- const chunks = buffer.split("\n\n");
213
- buffer = chunks.pop() ?? "";
214
- for (const chunk of chunks) {
215
- const lines = chunk.split("\n");
216
- const dataLines = [];
217
- let eventName;
218
- for (const line of lines) {
219
- if (line.startsWith("data:")) {
220
- dataLines.push(line.replace(/^data:\s*/, ""));
221
- } else if (line.startsWith("event:")) {
222
- eventName = line.replace(/^event:\s*/, "");
223
- } else if (line.startsWith("id:")) {
224
- lastEventId = line.replace(/^id:\s*/, "");
225
- } else if (line.startsWith("retry:")) {
226
- const parsed = Number.parseInt(line.replace(/^retry:\s*/, ""), 10);
227
- if (!Number.isNaN(parsed)) {
228
- retryDelay = parsed;
229
- }
230
- }
231
- }
232
- let data;
233
- let parsedJson = false;
234
- if (dataLines.length) {
235
- const rawData = dataLines.join("\n");
236
- try {
237
- data = JSON.parse(rawData);
238
- parsedJson = true;
239
- } catch {
240
- data = rawData;
241
- }
242
- }
243
- if (parsedJson) {
244
- if (responseValidator) {
245
- await responseValidator(data);
246
- }
247
- if (responseTransformer) {
248
- data = await responseTransformer(data);
249
- }
250
- }
251
- onSseEvent?.({
252
- data,
253
- event: eventName,
254
- id: lastEventId,
255
- retry: retryDelay
256
- });
257
- if (dataLines.length) {
258
- yield data;
259
- }
260
- }
261
- }
262
- } finally {
263
- signal.removeEventListener("abort", abortHandler);
264
- reader.releaseLock();
265
- }
266
- break;
267
- } catch (error) {
268
- onSseError?.(error);
269
- if (sseMaxRetryAttempts !== void 0 && attempt >= sseMaxRetryAttempts) {
270
- break;
271
- }
272
- const backoff = Math.min(retryDelay * 2 ** (attempt - 1), sseMaxRetryDelay ?? 3e4);
273
- await sleep(backoff);
274
- }
76
+ get details() {
77
+ if (typeof this.response === "object" && this.response !== null) {
78
+ return this.response;
275
79
  }
276
- }, "createStream");
277
- const stream = createStream();
278
- return { stream };
279
- }
280
- var init_serverSentEvents_gen = __esm({
281
- "src/_api/generated/core/serverSentEvents.gen.ts"() {
282
- __name(createSseClient, "createSseClient");
80
+ return null;
283
81
  }
284
- });
285
-
286
- // src/_api/generated/core/pathSerializer.gen.ts
287
- var separatorArrayExplode, separatorArrayNoExplode, separatorObjectExplode, serializeArrayParam, serializePrimitiveParam, serializeObjectParam;
288
- var init_pathSerializer_gen = __esm({
289
- "src/_api/generated/core/pathSerializer.gen.ts"() {
290
- separatorArrayExplode = /* @__PURE__ */ __name((style) => {
291
- switch (style) {
292
- case "label":
293
- return ".";
294
- case "matrix":
295
- return ";";
296
- case "simple":
297
- return ",";
298
- default:
299
- return "&";
300
- }
301
- }, "separatorArrayExplode");
302
- separatorArrayNoExplode = /* @__PURE__ */ __name((style) => {
303
- switch (style) {
304
- case "form":
305
- return ",";
306
- case "pipeDelimited":
307
- return "|";
308
- case "spaceDelimited":
309
- return "%20";
310
- default:
311
- return ",";
312
- }
313
- }, "separatorArrayNoExplode");
314
- separatorObjectExplode = /* @__PURE__ */ __name((style) => {
315
- switch (style) {
316
- case "label":
317
- return ".";
318
- case "matrix":
319
- return ";";
320
- case "simple":
321
- return ",";
322
- default:
323
- return "&";
324
- }
325
- }, "separatorObjectExplode");
326
- serializeArrayParam = /* @__PURE__ */ __name(({
327
- allowReserved,
328
- explode,
329
- name,
330
- style,
331
- value
332
- }) => {
333
- if (!explode) {
334
- const joinedValues2 = (allowReserved ? value : value.map((v) => encodeURIComponent(v))).join(separatorArrayNoExplode(style));
335
- switch (style) {
336
- case "label":
337
- return `.${joinedValues2}`;
338
- case "matrix":
339
- return `;${name}=${joinedValues2}`;
340
- case "simple":
341
- return joinedValues2;
342
- default:
343
- return `${name}=${joinedValues2}`;
344
- }
345
- }
346
- const separator = separatorArrayExplode(style);
347
- const joinedValues = value.map((v) => {
348
- if (style === "label" || style === "simple") {
349
- return allowReserved ? v : encodeURIComponent(v);
350
- }
351
- return serializePrimitiveParam({
352
- allowReserved,
353
- name,
354
- value: v
355
- });
356
- }).join(separator);
357
- return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
358
- }, "serializeArrayParam");
359
- serializePrimitiveParam = /* @__PURE__ */ __name(({
360
- allowReserved,
361
- name,
362
- value
363
- }) => {
364
- if (value === void 0 || value === null) {
365
- return "";
366
- }
367
- if (typeof value === "object") {
368
- throw new Error(
369
- "Deeply-nested arrays/objects aren\u2019t supported. Provide your own `querySerializer()` to handle these."
370
- );
371
- }
372
- return `${name}=${allowReserved ? value : encodeURIComponent(value)}`;
373
- }, "serializePrimitiveParam");
374
- serializeObjectParam = /* @__PURE__ */ __name(({
375
- allowReserved,
376
- explode,
377
- name,
378
- style,
379
- value,
380
- valueOnly
381
- }) => {
382
- if (value instanceof Date) {
383
- return valueOnly ? value.toISOString() : `${name}=${value.toISOString()}`;
384
- }
385
- if (style !== "deepObject" && !explode) {
386
- let values = [];
387
- Object.entries(value).forEach(([key, v]) => {
388
- values = [...values, key, allowReserved ? v : encodeURIComponent(v)];
389
- });
390
- const joinedValues2 = values.join(",");
391
- switch (style) {
392
- case "form":
393
- return `${name}=${joinedValues2}`;
394
- case "label":
395
- return `.${joinedValues2}`;
396
- case "matrix":
397
- return `;${name}=${joinedValues2}`;
398
- default:
399
- return joinedValues2;
400
- }
401
- }
402
- const separator = separatorObjectExplode(style);
403
- const joinedValues = Object.entries(value).map(
404
- ([key, v]) => serializePrimitiveParam({
405
- allowReserved,
406
- name: style === "deepObject" ? `${name}[${key}]` : key,
407
- value: v
408
- })
409
- ).join(separator);
410
- return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
411
- }, "serializeObjectParam");
82
+ get fieldErrors() {
83
+ const details = this.details;
84
+ if (!details) return null;
85
+ const fieldErrors = {};
86
+ for (const [key, value] of Object.entries(details)) {
87
+ if (Array.isArray(value)) fieldErrors[key] = value;
88
+ }
89
+ return Object.keys(fieldErrors).length > 0 ? fieldErrors : null;
412
90
  }
413
- });
414
-
415
- // src/_api/generated/core/utils.gen.ts
416
- function getValidRequestBody(options) {
417
- const hasBody = options.body !== void 0;
418
- const isSerializedBody = hasBody && options.bodySerializer;
419
- if (isSerializedBody) {
420
- if ("serializedBody" in options) {
421
- const hasSerializedBody = options.serializedBody !== void 0 && options.serializedBody !== "";
422
- return hasSerializedBody ? options.serializedBody : null;
91
+ get errorMessage() {
92
+ const details = this.details;
93
+ if (!details) return this.message;
94
+ if (details.detail) {
95
+ return Array.isArray(details.detail) ? details.detail.join(", ") : String(details.detail);
423
96
  }
424
- return options.body !== "" ? options.body : null;
97
+ if (details.error) return String(details.error);
98
+ if (details.message) return String(details.message);
99
+ const fieldErrors = this.fieldErrors;
100
+ if (fieldErrors) {
101
+ const firstField = Object.keys(fieldErrors)[0];
102
+ if (firstField) return `${firstField}: ${fieldErrors[firstField]?.join(", ")}`;
103
+ }
104
+ return this.message;
425
105
  }
426
- if (hasBody) {
427
- return options.body;
106
+ get isValidationError() {
107
+ return this.statusCode === 400;
428
108
  }
429
- return void 0;
430
- }
431
- var PATH_PARAM_RE, defaultPathSerializer, getUrl;
432
- var init_utils_gen = __esm({
433
- "src/_api/generated/core/utils.gen.ts"() {
434
- init_pathSerializer_gen();
435
- PATH_PARAM_RE = /\{[^{}]+\}/g;
436
- defaultPathSerializer = /* @__PURE__ */ __name(({ path, url: _url }) => {
437
- let url = _url;
438
- const matches = _url.match(PATH_PARAM_RE);
439
- if (matches) {
440
- for (const match of matches) {
441
- let explode = false;
442
- let name = match.substring(1, match.length - 1);
443
- let style = "simple";
444
- if (name.endsWith("*")) {
445
- explode = true;
446
- name = name.substring(0, name.length - 1);
447
- }
448
- if (name.startsWith(".")) {
449
- name = name.substring(1);
450
- style = "label";
451
- } else if (name.startsWith(";")) {
452
- name = name.substring(1);
453
- style = "matrix";
454
- }
455
- const value = path[name];
456
- if (value === void 0 || value === null) {
457
- continue;
458
- }
459
- if (Array.isArray(value)) {
460
- url = url.replace(match, serializeArrayParam({ explode, name, style, value }));
461
- continue;
462
- }
463
- if (typeof value === "object") {
464
- url = url.replace(
465
- match,
466
- serializeObjectParam({
467
- explode,
468
- name,
469
- style,
470
- value,
471
- valueOnly: true
472
- })
473
- );
474
- continue;
475
- }
476
- if (style === "matrix") {
477
- url = url.replace(
478
- match,
479
- `;${serializePrimitiveParam({
480
- name,
481
- value
482
- })}`
483
- );
484
- continue;
485
- }
486
- const replaceValue = encodeURIComponent(
487
- style === "label" ? `.${value}` : value
488
- );
489
- url = url.replace(match, replaceValue);
490
- }
491
- }
492
- return url;
493
- }, "defaultPathSerializer");
494
- getUrl = /* @__PURE__ */ __name(({
495
- baseUrl,
496
- path,
497
- query,
498
- querySerializer,
499
- url: _url
500
- }) => {
501
- const pathUrl = _url.startsWith("/") ? _url : `/${_url}`;
502
- let url = (baseUrl ?? "") + pathUrl;
503
- if (path) {
504
- url = defaultPathSerializer({ path, url });
505
- }
506
- let search = query ? querySerializer(query) : "";
507
- if (search.startsWith("?")) {
508
- search = search.substring(1);
509
- }
510
- if (search) {
511
- url += `?${search}`;
512
- }
513
- return url;
514
- }, "getUrl");
515
- __name(getValidRequestBody, "getValidRequestBody");
109
+ get isAuthError() {
110
+ return this.statusCode === 401;
516
111
  }
517
- });
518
-
519
- // src/_api/generated/core/auth.gen.ts
520
- var getAuthToken;
521
- var init_auth_gen = __esm({
522
- "src/_api/generated/core/auth.gen.ts"() {
523
- getAuthToken = /* @__PURE__ */ __name(async (auth2, callback) => {
524
- const token = typeof callback === "function" ? await callback(auth2) : callback;
525
- if (!token) {
526
- return;
527
- }
528
- if (auth2.scheme === "bearer") {
529
- return `Bearer ${token}`;
530
- }
531
- if (auth2.scheme === "basic") {
532
- return `Basic ${btoa(token)}`;
533
- }
534
- return token;
535
- }, "getAuthToken");
112
+ get isPermissionError() {
113
+ return this.statusCode === 403;
536
114
  }
537
- });
538
-
539
- // src/_api/generated/client/utils.gen.ts
540
- async function setAuthParams(options) {
541
- for (const auth2 of options.security ?? []) {
542
- if (checkForExistence(options, auth2.name)) {
543
- continue;
544
- }
545
- const token = await getAuthToken(auth2, options.auth);
546
- if (!token) {
547
- continue;
548
- }
549
- const name = auth2.name ?? "Authorization";
550
- switch (auth2.in) {
551
- case "query":
552
- if (!options.query) {
553
- options.query = {};
554
- }
555
- options.query[name] = token;
556
- break;
557
- case "cookie":
558
- options.headers.append("Cookie", `${name}=${token}`);
559
- break;
560
- case "header":
561
- default:
562
- options.headers.set(name, token);
563
- break;
564
- }
115
+ get isNotFoundError() {
116
+ return this.statusCode === 404;
565
117
  }
566
- }
567
- var createQuerySerializer, getParseAs, checkForExistence, buildUrl, mergeConfigs, headersEntries, mergeHeaders, Interceptors, createInterceptors, defaultQuerySerializer, defaultHeaders, createConfig;
568
- var init_utils_gen2 = __esm({
569
- "src/_api/generated/client/utils.gen.ts"() {
570
- init_auth_gen();
571
- init_bodySerializer_gen();
572
- init_pathSerializer_gen();
573
- init_utils_gen();
574
- createQuerySerializer = /* @__PURE__ */ __name(({
575
- parameters = {},
576
- ...args
577
- } = {}) => {
578
- const querySerializer = /* @__PURE__ */ __name((queryParams) => {
579
- const search = [];
580
- if (queryParams && typeof queryParams === "object") {
581
- for (const name in queryParams) {
582
- const value = queryParams[name];
583
- if (value === void 0 || value === null) {
584
- continue;
585
- }
586
- const options = parameters[name] || args;
587
- if (Array.isArray(value)) {
588
- const serializedArray = serializeArrayParam({
589
- allowReserved: options.allowReserved,
590
- explode: true,
591
- name,
592
- style: "form",
593
- value,
594
- ...options.array
595
- });
596
- if (serializedArray) search.push(serializedArray);
597
- } else if (typeof value === "object") {
598
- const serializedObject = serializeObjectParam({
599
- allowReserved: options.allowReserved,
600
- explode: true,
601
- name,
602
- style: "deepObject",
603
- value,
604
- ...options.object
605
- });
606
- if (serializedObject) search.push(serializedObject);
607
- } else {
608
- const serializedPrimitive = serializePrimitiveParam({
609
- allowReserved: options.allowReserved,
610
- name,
611
- value
612
- });
613
- if (serializedPrimitive) search.push(serializedPrimitive);
614
- }
615
- }
616
- }
617
- return search.join("&");
618
- }, "querySerializer");
619
- return querySerializer;
620
- }, "createQuerySerializer");
621
- getParseAs = /* @__PURE__ */ __name((contentType) => {
622
- if (!contentType) {
623
- return "stream";
624
- }
625
- const cleanContent = contentType.split(";")[0]?.trim();
626
- if (!cleanContent) {
627
- return;
628
- }
629
- if (cleanContent.startsWith("application/json") || cleanContent.endsWith("+json")) {
630
- return "json";
631
- }
632
- if (cleanContent === "multipart/form-data") {
633
- return "formData";
634
- }
635
- if (["application/", "audio/", "image/", "video/"].some((type) => cleanContent.startsWith(type))) {
636
- return "blob";
637
- }
638
- if (cleanContent.startsWith("text/")) {
639
- return "text";
640
- }
641
- return;
642
- }, "getParseAs");
643
- checkForExistence = /* @__PURE__ */ __name((options, name) => {
644
- if (!name) {
645
- return false;
646
- }
647
- if (options.headers.has(name) || options.query?.[name] || options.headers.get("Cookie")?.includes(`${name}=`)) {
648
- return true;
649
- }
650
- return false;
651
- }, "checkForExistence");
652
- __name(setAuthParams, "setAuthParams");
653
- buildUrl = /* @__PURE__ */ __name((options) => getUrl({
654
- baseUrl: options.baseUrl,
655
- path: options.path,
656
- query: options.query,
657
- querySerializer: typeof options.querySerializer === "function" ? options.querySerializer : createQuerySerializer(options.querySerializer),
658
- url: options.url
659
- }), "buildUrl");
660
- mergeConfigs = /* @__PURE__ */ __name((a, b) => {
661
- const config = { ...a, ...b };
662
- if (config.baseUrl?.endsWith("/")) {
663
- config.baseUrl = config.baseUrl.substring(0, config.baseUrl.length - 1);
664
- }
665
- config.headers = mergeHeaders(a.headers, b.headers);
666
- return config;
667
- }, "mergeConfigs");
668
- headersEntries = /* @__PURE__ */ __name((headers) => {
669
- const entries = [];
670
- headers.forEach((value, key) => {
671
- entries.push([key, value]);
672
- });
673
- return entries;
674
- }, "headersEntries");
675
- mergeHeaders = /* @__PURE__ */ __name((...headers) => {
676
- const mergedHeaders = new Headers();
677
- for (const header of headers) {
678
- if (!header) {
679
- continue;
680
- }
681
- const iterator = header instanceof Headers ? headersEntries(header) : Object.entries(header);
682
- for (const [key, value] of iterator) {
683
- if (value === null) {
684
- mergedHeaders.delete(key);
685
- } else if (Array.isArray(value)) {
686
- for (const v of value) {
687
- mergedHeaders.append(key, v);
688
- }
689
- } else if (value !== void 0) {
690
- mergedHeaders.set(
691
- key,
692
- typeof value === "object" ? JSON.stringify(value) : value
693
- );
694
- }
695
- }
696
- }
697
- return mergedHeaders;
698
- }, "mergeHeaders");
699
- Interceptors = class {
700
- static {
701
- __name(this, "Interceptors");
702
- }
703
- fns = [];
704
- clear() {
705
- this.fns = [];
706
- }
707
- eject(id) {
708
- const index = this.getInterceptorIndex(id);
709
- if (this.fns[index]) {
710
- this.fns[index] = null;
711
- }
712
- }
713
- exists(id) {
714
- const index = this.getInterceptorIndex(id);
715
- return Boolean(this.fns[index]);
716
- }
717
- getInterceptorIndex(id) {
718
- if (typeof id === "number") {
719
- return this.fns[id] ? id : -1;
720
- }
721
- return this.fns.indexOf(id);
722
- }
723
- update(id, fn) {
724
- const index = this.getInterceptorIndex(id);
725
- if (this.fns[index]) {
726
- this.fns[index] = fn;
727
- return id;
728
- }
729
- return false;
730
- }
731
- use(fn) {
732
- this.fns.push(fn);
733
- return this.fns.length - 1;
734
- }
735
- };
736
- createInterceptors = /* @__PURE__ */ __name(() => ({
737
- error: new Interceptors(),
738
- request: new Interceptors(),
739
- response: new Interceptors()
740
- }), "createInterceptors");
741
- defaultQuerySerializer = createQuerySerializer({
742
- allowReserved: false,
743
- array: {
744
- explode: true,
745
- style: "form"
746
- },
747
- object: {
748
- explode: true,
749
- style: "deepObject"
750
- }
751
- });
752
- defaultHeaders = {
753
- "Content-Type": "application/json"
754
- };
755
- createConfig = /* @__PURE__ */ __name((override = {}) => ({
756
- ...jsonBodySerializer,
757
- headers: defaultHeaders,
758
- parseAs: "auto",
759
- querySerializer: defaultQuerySerializer,
760
- ...override
761
- }), "createConfig");
118
+ get isServerError() {
119
+ return this.statusCode >= 500 && this.statusCode < 600;
762
120
  }
763
- });
764
-
765
- // src/_api/generated/client/client.gen.ts
766
- var createClient;
767
- var init_client_gen = __esm({
768
- "src/_api/generated/client/client.gen.ts"() {
769
- init_serverSentEvents_gen();
770
- init_utils_gen();
771
- init_utils_gen2();
772
- createClient = /* @__PURE__ */ __name((config = {}) => {
773
- let _config = mergeConfigs(createConfig(), config);
774
- const getConfig = /* @__PURE__ */ __name(() => ({ ..._config }), "getConfig");
775
- const setConfig = /* @__PURE__ */ __name((config2) => {
776
- _config = mergeConfigs(_config, config2);
777
- return getConfig();
778
- }, "setConfig");
779
- const interceptors = createInterceptors();
780
- const beforeRequest = /* @__PURE__ */ __name(async (options) => {
781
- const opts = {
782
- ..._config,
783
- ...options,
784
- fetch: options.fetch ?? _config.fetch ?? globalThis.fetch,
785
- headers: mergeHeaders(_config.headers, options.headers),
786
- serializedBody: void 0
787
- };
788
- if (opts.security) {
789
- await setAuthParams(opts);
790
- }
791
- if (opts.requestValidator) {
792
- await opts.requestValidator(opts);
793
- }
794
- if (opts.body !== void 0 && opts.bodySerializer) {
795
- opts.serializedBody = opts.bodySerializer(opts.body);
796
- }
797
- if (opts.body === void 0 || opts.serializedBody === "") {
798
- opts.headers.delete("Content-Type");
799
- }
800
- const resolvedOpts = opts;
801
- const url = buildUrl(resolvedOpts);
802
- return { opts: resolvedOpts, url };
803
- }, "beforeRequest");
804
- const request = /* @__PURE__ */ __name(async (options) => {
805
- const throwOnError = options.throwOnError ?? _config.throwOnError;
806
- const responseStyle = options.responseStyle ?? _config.responseStyle;
807
- let request2;
808
- let response;
809
- try {
810
- const { opts, url } = await beforeRequest(options);
811
- const requestInit = {
812
- redirect: "follow",
813
- ...opts,
814
- body: getValidRequestBody(opts)
815
- };
816
- request2 = new Request(url, requestInit);
817
- for (const fn of interceptors.request.fns) {
818
- if (fn) {
819
- request2 = await fn(request2, opts);
820
- }
821
- }
822
- const _fetch = opts.fetch;
823
- response = await _fetch(request2);
824
- for (const fn of interceptors.response.fns) {
825
- if (fn) {
826
- response = await fn(response, request2, opts);
827
- }
828
- }
829
- const result = {
830
- request: request2,
831
- response
832
- };
833
- if (response.ok) {
834
- const parseAs = (opts.parseAs === "auto" ? getParseAs(response.headers.get("Content-Type")) : opts.parseAs) ?? "json";
835
- if (response.status === 204 || response.headers.get("Content-Length") === "0") {
836
- let emptyData;
837
- switch (parseAs) {
838
- case "arrayBuffer":
839
- case "blob":
840
- case "text":
841
- emptyData = await response[parseAs]();
842
- break;
843
- case "formData":
844
- emptyData = new FormData();
845
- break;
846
- case "stream":
847
- emptyData = response.body;
848
- break;
849
- case "json":
850
- default:
851
- emptyData = {};
852
- break;
853
- }
854
- return opts.responseStyle === "data" ? emptyData : {
855
- data: emptyData,
856
- ...result
857
- };
858
- }
859
- let data;
860
- switch (parseAs) {
861
- case "arrayBuffer":
862
- case "blob":
863
- case "formData":
864
- case "text":
865
- data = await response[parseAs]();
866
- break;
867
- case "json": {
868
- const text = await response.text();
869
- data = text ? JSON.parse(text) : {};
870
- break;
871
- }
872
- case "stream":
873
- return opts.responseStyle === "data" ? response.body : {
874
- data: response.body,
875
- ...result
876
- };
877
- }
878
- if (parseAs === "json") {
879
- if (opts.responseValidator) {
880
- await opts.responseValidator(data);
881
- }
882
- if (opts.responseTransformer) {
883
- data = await opts.responseTransformer(data);
884
- }
885
- }
886
- return opts.responseStyle === "data" ? data : {
887
- data,
888
- ...result
889
- };
890
- }
891
- const textError = await response.text();
892
- let jsonError;
893
- try {
894
- jsonError = JSON.parse(textError);
895
- } catch {
896
- }
897
- throw jsonError ?? textError;
898
- } catch (error) {
899
- let finalError = error;
900
- for (const fn of interceptors.error.fns) {
901
- if (fn) {
902
- finalError = await fn(finalError, response, request2, options);
903
- }
904
- }
905
- finalError = finalError || {};
906
- if (throwOnError) {
907
- throw finalError;
908
- }
909
- return responseStyle === "data" ? void 0 : {
910
- error: finalError,
911
- request: request2,
912
- response
913
- };
914
- }
915
- }, "request");
916
- const makeMethodFn = /* @__PURE__ */ __name((method) => (options) => request({ ...options, method }), "makeMethodFn");
917
- const makeSseFn = /* @__PURE__ */ __name((method) => async (options) => {
918
- const { opts, url } = await beforeRequest(options);
919
- return createSseClient({
920
- ...opts,
921
- body: opts.body,
922
- method,
923
- onRequest: /* @__PURE__ */ __name(async (url2, init) => {
924
- let request2 = new Request(url2, init);
925
- for (const fn of interceptors.request.fns) {
926
- if (fn) {
927
- request2 = await fn(request2, opts);
928
- }
929
- }
930
- return request2;
931
- }, "onRequest"),
932
- serializedBody: getValidRequestBody(opts),
933
- url
934
- });
935
- }, "makeSseFn");
936
- const _buildUrl = /* @__PURE__ */ __name((options) => buildUrl({ ..._config, ...options }), "_buildUrl");
937
- return {
938
- buildUrl: _buildUrl,
939
- connect: makeMethodFn("CONNECT"),
940
- delete: makeMethodFn("DELETE"),
941
- get: makeMethodFn("GET"),
942
- getConfig,
943
- head: makeMethodFn("HEAD"),
944
- interceptors,
945
- options: makeMethodFn("OPTIONS"),
946
- patch: makeMethodFn("PATCH"),
947
- post: makeMethodFn("POST"),
948
- put: makeMethodFn("PUT"),
949
- request,
950
- setConfig,
951
- sse: {
952
- connect: makeSseFn("CONNECT"),
953
- delete: makeSseFn("DELETE"),
954
- get: makeSseFn("GET"),
955
- head: makeSseFn("HEAD"),
956
- options: makeSseFn("OPTIONS"),
957
- patch: makeSseFn("PATCH"),
958
- post: makeSseFn("POST"),
959
- put: makeSseFn("PUT"),
960
- trace: makeSseFn("TRACE")
961
- },
962
- trace: makeMethodFn("TRACE")
963
- };
964
- }, "createClient");
121
+ };
122
+ var NetworkError = class extends Error {
123
+ constructor(message, url, originalError) {
124
+ super(message);
125
+ this.url = url;
126
+ this.originalError = originalError;
127
+ this.name = "NetworkError";
965
128
  }
966
- });
967
-
968
- // src/_api/generated/client/index.ts
969
- var init_client = __esm({
970
- "src/_api/generated/client/index.ts"() {
971
- init_bodySerializer_gen();
972
- init_params_gen();
973
- init_queryKeySerializer_gen();
974
- init_client_gen();
975
- init_utils_gen2();
129
+ static {
130
+ __name(this, "NetworkError");
976
131
  }
977
- });
132
+ };
978
133
 
979
- // src/_api/generated/client.gen.ts
980
- var client;
981
- var init_client_gen2 = __esm({
982
- "src/_api/generated/client.gen.ts"() {
983
- init_client();
984
- init_auth();
985
- client = createClient(createConfig({ baseUrl: "http://localhost:8000" }));
986
- installAuthOnClient(client);
134
+ // src/_api/generated/helpers/auth.ts
135
+ var ACCESS_KEY = "cfg.access_token";
136
+ var REFRESH_KEY = "cfg.refresh_token";
137
+ var API_KEY_KEY = "cfg.api_key";
138
+ var isBrowser = typeof window !== "undefined";
139
+ var localStorageBackend = {
140
+ get(key) {
141
+ if (!isBrowser) return null;
142
+ try {
143
+ return window.localStorage.getItem(key);
144
+ } catch {
145
+ return null;
146
+ }
147
+ },
148
+ set(key, value) {
149
+ if (!isBrowser) return;
150
+ try {
151
+ if (value === null) window.localStorage.removeItem(key);
152
+ else window.localStorage.setItem(key, value);
153
+ } catch {
154
+ }
987
155
  }
988
- });
989
-
990
- // src/_api/generated/sdk.gen.ts
991
- var sdk_gen_exports = {};
992
- __export(sdk_gen_exports, {
993
- CfgAccounts: () => CfgAccounts,
994
- CfgAccountsApiKey: () => CfgAccountsApiKey,
995
- CfgAccountsAuth: () => CfgAccountsAuth,
996
- CfgAccountsOauth: () => CfgAccountsOauth,
997
- CfgAccountsProfile: () => CfgAccountsProfile,
998
- CfgCentrifugo: () => CfgCentrifugo,
999
- CfgTotp: () => CfgTotp,
1000
- CfgTotpBackupCodes: () => CfgTotpBackupCodes,
1001
- CfgTotpSetup: () => CfgTotpSetup,
1002
- CfgTotpVerify: () => CfgTotpVerify
1003
- });
1004
- var CfgAccountsApiKey, CfgAccountsOauth, CfgAccounts, CfgAccountsProfile, CfgAccountsAuth, CfgCentrifugo, CfgTotpBackupCodes, CfgTotp, CfgTotpSetup, CfgTotpVerify;
1005
- var init_sdk_gen = __esm({
1006
- "src/_api/generated/sdk.gen.ts"() {
1007
- init_client();
1008
- init_client_gen2();
1009
- CfgAccountsApiKey = class {
1010
- static {
1011
- __name(this, "CfgAccountsApiKey");
1012
- }
1013
- /**
1014
- * Get API key details
1015
- *
1016
- * Retrieve the current user's API key (masked) and metadata.
1017
- */
1018
- static cfgAccountsApiKeyRetrieve(options) {
1019
- return (options?.client ?? client).get({
1020
- security: [
1021
- { scheme: "bearer", type: "http" },
1022
- {
1023
- in: "cookie",
1024
- name: "sessionid",
1025
- type: "apiKey"
1026
- },
1027
- { name: "X-API-Key", type: "apiKey" }
1028
- ],
1029
- url: "/cfg/accounts/api-key/",
1030
- ...options
1031
- });
1032
- }
1033
- /**
1034
- * Regenerate API key
1035
- *
1036
- * Generate a new API key. The full key is returned only once.
1037
- */
1038
- static cfgAccountsApiKeyRegenerateCreate(options) {
1039
- return (options.client ?? client).post({
1040
- security: [
1041
- { scheme: "bearer", type: "http" },
1042
- {
1043
- in: "cookie",
1044
- name: "sessionid",
1045
- type: "apiKey"
1046
- },
1047
- { name: "X-API-Key", type: "apiKey" }
1048
- ],
1049
- url: "/cfg/accounts/api-key/regenerate/",
1050
- ...options,
1051
- headers: {
1052
- "Content-Type": "application/json",
1053
- ...options.headers
1054
- }
1055
- });
1056
- }
1057
- /**
1058
- * Reveal API key
1059
- *
1060
- * Return the current full API key WITHOUT rotating it. The same durable value every one of the user's agents uses — for the signed-in user to copy and paste into agent onboarding. Default GET stays masked; this is the explicit reveal action.
1061
- */
1062
- static cfgAccountsApiKeyRevealCreate(options) {
1063
- return (options.client ?? client).post({
1064
- security: [
1065
- { scheme: "bearer", type: "http" },
1066
- {
1067
- in: "cookie",
1068
- name: "sessionid",
1069
- type: "apiKey"
1070
- },
1071
- { name: "X-API-Key", type: "apiKey" }
1072
- ],
1073
- url: "/cfg/accounts/api-key/reveal/",
1074
- ...options,
1075
- headers: {
1076
- "Content-Type": "application/json",
1077
- ...options.headers
1078
- }
1079
- });
1080
- }
1081
- /**
1082
- * Test API key
1083
- *
1084
- * Test whether an API key is valid without consuming it.
1085
- */
1086
- static cfgAccountsApiKeyTestCreate(options) {
1087
- return (options.client ?? client).post({
1088
- security: [
1089
- { scheme: "bearer", type: "http" },
1090
- {
1091
- in: "cookie",
1092
- name: "sessionid",
1093
- type: "apiKey"
1094
- },
1095
- { name: "X-API-Key", type: "apiKey" }
1096
- ],
1097
- url: "/cfg/accounts/api-key/test/",
1098
- ...options,
1099
- headers: {
1100
- "Content-Type": "application/json",
1101
- ...options.headers
1102
- }
1103
- });
1104
- }
1105
- };
1106
- CfgAccountsOauth = class {
1107
- static {
1108
- __name(this, "CfgAccountsOauth");
1109
- }
1110
- /**
1111
- * List OAuth connections
1112
- *
1113
- * Get all OAuth connections for the current user.
1114
- */
1115
- static cfgAccountsOauthConnectionsList(options) {
1116
- return (options?.client ?? client).get({
1117
- security: [
1118
- { name: "X-API-Key", type: "apiKey" },
1119
- { scheme: "bearer", type: "http" },
1120
- { name: "Authorization", type: "apiKey" }
1121
- ],
1122
- url: "/cfg/accounts/oauth/connections/",
1123
- ...options
1124
- });
1125
- }
1126
- /**
1127
- * Disconnect OAuth provider
1128
- *
1129
- * Remove OAuth connection for the specified provider.
1130
- */
1131
- static cfgAccountsOauthDisconnectCreate(options) {
1132
- return (options.client ?? client).post({
1133
- security: [
1134
- { name: "X-API-Key", type: "apiKey" },
1135
- { scheme: "bearer", type: "http" },
1136
- { name: "Authorization", type: "apiKey" }
1137
- ],
1138
- url: "/cfg/accounts/oauth/disconnect/",
1139
- ...options,
1140
- headers: {
1141
- "Content-Type": "application/json",
1142
- ...options.headers
1143
- }
1144
- });
1145
- }
1146
- /**
1147
- * Start GitHub OAuth
1148
- *
1149
- * Generate GitHub OAuth authorization URL. Redirect user to this URL to start authentication.
1150
- */
1151
- static cfgAccountsOauthGithubAuthorizeCreate(options) {
1152
- return (options?.client ?? client).post({
1153
- url: "/cfg/accounts/oauth/github/authorize/",
1154
- ...options,
1155
- headers: {
1156
- "Content-Type": "application/json",
1157
- ...options?.headers
1158
- }
1159
- });
1160
- }
1161
- /**
1162
- * Complete GitHub OAuth
1163
- *
1164
- * Exchange authorization code for JWT tokens. Call this after GitHub redirects back with code.
1165
- */
1166
- static cfgAccountsOauthGithubCallbackCreate(options) {
1167
- return (options.client ?? client).post({
1168
- url: "/cfg/accounts/oauth/github/callback/",
1169
- ...options,
1170
- headers: {
1171
- "Content-Type": "application/json",
1172
- ...options.headers
1173
- }
1174
- });
1175
- }
1176
- /**
1177
- * List OAuth providers
1178
- *
1179
- * Get list of available OAuth providers for authentication.
1180
- */
1181
- static cfgAccountsOauthProvidersRetrieve(options) {
1182
- return (options?.client ?? client).get({ url: "/cfg/accounts/oauth/providers/", ...options });
1183
- }
1184
- };
1185
- CfgAccounts = class {
1186
- static {
1187
- __name(this, "CfgAccounts");
1188
- }
1189
- /**
1190
- * Request OTP code to email.
1191
- */
1192
- static cfgAccountsOtpRequestCreate(options) {
1193
- return (options.client ?? client).post({
1194
- security: [
1195
- { name: "X-API-Key", type: "apiKey" },
1196
- { scheme: "bearer", type: "http" },
1197
- { name: "Authorization", type: "apiKey" }
1198
- ],
1199
- url: "/cfg/accounts/otp/request/",
1200
- ...options,
1201
- headers: {
1202
- "Content-Type": "application/json",
1203
- ...options.headers
1204
- }
1205
- });
1206
- }
1207
- /**
1208
- * Verify OTP code and return JWT tokens or 2FA session.
1209
- *
1210
- * If user has 2FA enabled:
1211
- * - Returns requires_2fa=True with session_id
1212
- * - Client must complete 2FA verification at /cfg/totp/verify/
1213
- *
1214
- * If user has no 2FA:
1215
- * - Returns JWT tokens and user data directly
1216
- */
1217
- static cfgAccountsOtpVerifyCreate(options) {
1218
- return (options.client ?? client).post({
1219
- security: [
1220
- { name: "X-API-Key", type: "apiKey" },
1221
- { scheme: "bearer", type: "http" },
1222
- { name: "Authorization", type: "apiKey" }
1223
- ],
1224
- url: "/cfg/accounts/otp/verify/",
1225
- ...options,
1226
- headers: {
1227
- "Content-Type": "application/json",
1228
- ...options.headers
1229
- }
1230
- });
1231
- }
1232
- };
1233
- CfgAccountsProfile = class {
1234
- static {
1235
- __name(this, "CfgAccountsProfile");
1236
- }
1237
- /**
1238
- * Get current user profile
1239
- *
1240
- * Retrieve the current authenticated user's profile information.
1241
- */
1242
- static cfgAccountsProfileRetrieve(options) {
1243
- return (options?.client ?? client).get({
1244
- security: [{ scheme: "bearer", type: "http" }, {
1245
- in: "cookie",
1246
- name: "sessionid",
1247
- type: "apiKey"
1248
- }],
1249
- url: "/cfg/accounts/profile/",
1250
- ...options
1251
- });
1252
- }
1253
- /**
1254
- * Upload user avatar
1255
- *
1256
- * Upload avatar image for the current authenticated user. Accepts multipart/form-data with 'avatar' field.
1257
- */
1258
- static cfgAccountsProfileAvatarCreate(options) {
1259
- return (options?.client ?? client).post({
1260
- ...formDataBodySerializer,
1261
- security: [
1262
- { name: "X-API-Key", type: "apiKey" },
1263
- { scheme: "bearer", type: "http" },
1264
- { name: "Authorization", type: "apiKey" }
1265
- ],
1266
- url: "/cfg/accounts/profile/avatar/",
1267
- ...options,
1268
- headers: {
1269
- "Content-Type": null,
1270
- ...options?.headers
1271
- }
1272
- });
1273
- }
1274
- /**
1275
- * Delete user account
1276
- *
1277
- *
1278
- * Permanently delete the current user's account.
1279
- *
1280
- * This operation:
1281
- * - Deactivates the account (user cannot log in)
1282
- * - Anonymizes personal data (GDPR compliance)
1283
- * - Frees up the email address for re-registration
1284
- * - Preserves audit trail
1285
- *
1286
- * The account can be restored by an administrator if needed.
1287
- *
1288
- */
1289
- static cfgAccountsProfileDeleteCreate(options) {
1290
- return (options?.client ?? client).post({
1291
- security: [{ scheme: "bearer", type: "http" }, {
1292
- in: "cookie",
1293
- name: "sessionid",
1294
- type: "apiKey"
1295
- }],
1296
- url: "/cfg/accounts/profile/delete/",
1297
- ...options
1298
- });
1299
- }
1300
- /**
1301
- * Partial update user profile
1302
- *
1303
- * Partially update the current authenticated user's profile information. Supports avatar upload.
1304
- */
1305
- static cfgAccountsProfilePartialPartialUpdate(options) {
1306
- return (options?.client ?? client).patch({
1307
- security: [{ scheme: "bearer", type: "http" }, {
1308
- in: "cookie",
1309
- name: "sessionid",
1310
- type: "apiKey"
1311
- }],
1312
- url: "/cfg/accounts/profile/partial/",
1313
- ...options,
1314
- headers: {
1315
- "Content-Type": "application/json",
1316
- ...options?.headers
1317
- }
1318
- });
1319
- }
1320
- /**
1321
- * Partial update user profile
1322
- *
1323
- * Partially update the current authenticated user's profile information. Supports avatar upload.
1324
- */
1325
- static cfgAccountsProfilePartialUpdate(options) {
1326
- return (options?.client ?? client).put({
1327
- security: [{ scheme: "bearer", type: "http" }, {
1328
- in: "cookie",
1329
- name: "sessionid",
1330
- type: "apiKey"
1331
- }],
1332
- url: "/cfg/accounts/profile/partial/",
1333
- ...options,
1334
- headers: {
1335
- "Content-Type": "application/json",
1336
- ...options?.headers
1337
- }
1338
- });
1339
- }
1340
- /**
1341
- * Update user profile
1342
- *
1343
- * Update the current authenticated user's profile information.
1344
- */
1345
- static cfgAccountsProfileUpdatePartialUpdate(options) {
1346
- return (options?.client ?? client).patch({
1347
- security: [{ scheme: "bearer", type: "http" }, {
1348
- in: "cookie",
1349
- name: "sessionid",
1350
- type: "apiKey"
1351
- }],
1352
- url: "/cfg/accounts/profile/update/",
1353
- ...options,
1354
- headers: {
1355
- "Content-Type": "application/json",
1356
- ...options?.headers
1357
- }
1358
- });
1359
- }
1360
- /**
1361
- * Update user profile
1362
- *
1363
- * Update the current authenticated user's profile information.
1364
- */
1365
- static cfgAccountsProfileUpdateUpdate(options) {
1366
- return (options?.client ?? client).put({
1367
- security: [{ scheme: "bearer", type: "http" }, {
1368
- in: "cookie",
1369
- name: "sessionid",
1370
- type: "apiKey"
1371
- }],
1372
- url: "/cfg/accounts/profile/update/",
1373
- ...options,
1374
- headers: {
1375
- "Content-Type": "application/json",
1376
- ...options?.headers
1377
- }
1378
- });
1379
- }
1380
- };
1381
- CfgAccountsAuth = class {
1382
- static {
1383
- __name(this, "CfgAccountsAuth");
1384
- }
1385
- /**
1386
- * Revoke a refresh token (logout).
1387
- *
1388
- * Blacklists the posted refresh token so it can never mint another access
1389
- * token. Called best-effort by the client's logout — without it, "logout"
1390
- * is purely client-side and a stolen refresh token survives until expiry.
1391
- */
1392
- static cfgAccountsTokenBlacklistCreate(options) {
1393
- return (options.client ?? client).post({
1394
- url: "/cfg/accounts/token/blacklist/",
1395
- ...options,
1396
- headers: {
1397
- "Content-Type": "application/json",
1398
- ...options.headers
1399
- }
1400
- });
1401
- }
1402
- /**
1403
- * Refresh JWT token.
1404
- *
1405
- * DPoP-aware: when the incoming refresh token is key-bound (`cnf.jkt`), the
1406
- * rotated access/refresh in the response are re-stamped with the same `cnf`
1407
- * (stock SimpleJWT drops it from the derived access), and a matching DPoP
1408
- * proof is required on the refresh request — so a stolen refresh token can't
1409
- * be used to mint fresh tokens.
1410
- */
1411
- static cfgAccountsTokenRefreshCreate(options) {
1412
- return (options.client ?? client).post({
1413
- url: "/cfg/accounts/token/refresh/",
1414
- ...options,
1415
- headers: {
1416
- "Content-Type": "application/json",
1417
- ...options.headers
1418
- }
1419
- });
1420
- }
1421
- };
1422
- CfgCentrifugo = class {
1423
- static {
1424
- __name(this, "CfgCentrifugo");
1425
- }
1426
- /**
1427
- * Get Centrifugo connection token
1428
- *
1429
- * Generate JWT token for WebSocket connection to Centrifugo. Token includes user's allowed channels based on their permissions. Requires authentication.
1430
- */
1431
- static cfgCentrifugoAuthTokenRetrieve(options) {
1432
- return (options?.client ?? client).get({
1433
- security: [
1434
- { name: "X-API-Key", type: "apiKey" },
1435
- { scheme: "bearer", type: "http" },
1436
- { name: "Authorization", type: "apiKey" }
1437
- ],
1438
- url: "/cfg/centrifugo/auth/token/",
1439
- ...options
1440
- });
1441
- }
1442
- };
1443
- CfgTotpBackupCodes = class {
1444
- static {
1445
- __name(this, "CfgTotpBackupCodes");
1446
- }
1447
- /**
1448
- * Get backup codes status for user.
1449
- */
1450
- static cfgTotpBackupCodesRetrieve(options) {
1451
- return (options?.client ?? client).get({
1452
- security: [
1453
- { name: "X-API-Key", type: "apiKey" },
1454
- { scheme: "bearer", type: "http" },
1455
- { name: "Authorization", type: "apiKey" }
1456
- ],
1457
- url: "/cfg/totp/backup-codes/",
1458
- ...options
1459
- });
1460
- }
1461
- /**
1462
- * Regenerate backup codes.
1463
- *
1464
- * Requires TOTP code for verification.
1465
- * Invalidates all existing codes.
1466
- */
1467
- static cfgTotpBackupCodesRegenerateCreate(options) {
1468
- return (options.client ?? client).post({
1469
- security: [
1470
- { name: "X-API-Key", type: "apiKey" },
1471
- { scheme: "bearer", type: "http" },
1472
- { name: "Authorization", type: "apiKey" }
1473
- ],
1474
- url: "/cfg/totp/backup-codes/regenerate/",
1475
- ...options,
1476
- headers: {
1477
- "Content-Type": "application/json",
1478
- ...options.headers
1479
- }
1480
- });
1481
- }
1482
- };
1483
- CfgTotp = class {
1484
- static {
1485
- __name(this, "CfgTotp");
1486
- }
1487
- /**
1488
- * List all TOTP devices for user.
1489
- */
1490
- static cfgTotpDevicesRetrieve(options) {
1491
- return (options?.client ?? client).get({
1492
- security: [
1493
- { name: "X-API-Key", type: "apiKey" },
1494
- { scheme: "bearer", type: "http" },
1495
- { name: "Authorization", type: "apiKey" }
1496
- ],
1497
- url: "/cfg/totp/devices/",
1498
- ...options
1499
- });
1500
- }
1501
- /**
1502
- * Delete a TOTP device.
1503
- *
1504
- * Requires verification code if removing the last/primary device.
1505
- */
1506
- static cfgTotpDevicesDestroy(options) {
1507
- return (options.client ?? client).delete({
1508
- security: [
1509
- { name: "X-API-Key", type: "apiKey" },
1510
- { scheme: "bearer", type: "http" },
1511
- { name: "Authorization", type: "apiKey" }
1512
- ],
1513
- url: "/cfg/totp/devices/{id}/",
1514
- ...options
1515
- });
1516
- }
1517
- /**
1518
- * Completely disable 2FA for account.
1519
- *
1520
- * Requires verification code.
1521
- */
1522
- static cfgTotpDisableCreate(options) {
1523
- return (options.client ?? client).post({
1524
- security: [
1525
- { name: "X-API-Key", type: "apiKey" },
1526
- { scheme: "bearer", type: "http" },
1527
- { name: "Authorization", type: "apiKey" }
1528
- ],
1529
- url: "/cfg/totp/disable/",
1530
- ...options,
1531
- headers: {
1532
- "Content-Type": "application/json",
1533
- ...options.headers
1534
- }
1535
- });
1536
- }
1537
- };
1538
- CfgTotpSetup = class {
1539
- static {
1540
- __name(this, "CfgTotpSetup");
1541
- }
1542
- /**
1543
- * Start 2FA setup process.
1544
- *
1545
- * Creates a new TOTP device and returns QR code for scanning.
1546
- */
1547
- static cfgTotpSetupCreate(options) {
1548
- return (options?.client ?? client).post({
1549
- security: [
1550
- { name: "X-API-Key", type: "apiKey" },
1551
- { scheme: "bearer", type: "http" },
1552
- { name: "Authorization", type: "apiKey" }
1553
- ],
1554
- url: "/cfg/totp/setup/",
1555
- ...options,
1556
- headers: {
1557
- "Content-Type": "application/json",
1558
- ...options?.headers
1559
- }
1560
- });
1561
- }
1562
- /**
1563
- * Confirm 2FA setup with first valid code.
1564
- *
1565
- * Activates the device and generates backup codes.
1566
- */
1567
- static cfgTotpSetupConfirmCreate(options) {
1568
- return (options.client ?? client).post({
1569
- security: [
1570
- { name: "X-API-Key", type: "apiKey" },
1571
- { scheme: "bearer", type: "http" },
1572
- { name: "Authorization", type: "apiKey" }
1573
- ],
1574
- url: "/cfg/totp/setup/confirm/",
1575
- ...options,
1576
- headers: {
1577
- "Content-Type": "application/json",
1578
- ...options.headers
1579
- }
1580
- });
1581
- }
1582
- };
1583
- CfgTotpVerify = class {
1584
- static {
1585
- __name(this, "CfgTotpVerify");
1586
- }
1587
- /**
1588
- * Verify TOTP code for 2FA session.
1589
- *
1590
- * Completes authentication and returns JWT tokens on success.
1591
- */
1592
- static cfgTotpVerifyCreate(options) {
1593
- return (options.client ?? client).post({
1594
- security: [
1595
- { name: "X-API-Key", type: "apiKey" },
1596
- { scheme: "bearer", type: "http" },
1597
- { name: "Authorization", type: "apiKey" }
1598
- ],
1599
- url: "/cfg/totp/verify/",
1600
- ...options,
1601
- headers: {
1602
- "Content-Type": "application/json",
1603
- ...options.headers
1604
- }
1605
- });
1606
- }
1607
- /**
1608
- * Verify backup recovery code for 2FA session.
1609
- *
1610
- * Alternative verification method when TOTP device unavailable.
1611
- */
1612
- static cfgTotpVerifyBackupCreate(options) {
1613
- return (options.client ?? client).post({
1614
- security: [
1615
- { name: "X-API-Key", type: "apiKey" },
1616
- { scheme: "bearer", type: "http" },
1617
- { name: "Authorization", type: "apiKey" }
1618
- ],
1619
- url: "/cfg/totp/verify/backup/",
1620
- ...options,
1621
- headers: {
1622
- "Content-Type": "application/json",
1623
- ...options.headers
1624
- }
1625
- });
156
+ };
157
+ var COOKIE_MAX_AGE = 60 * 60 * 24 * 30;
158
+ var cookieBackend = {
159
+ get(key) {
160
+ if (!isBrowser) return null;
161
+ try {
162
+ const re = new RegExp(`(?:^|;\\s*)${encodeURIComponent(key)}=([^;]*)`);
163
+ const m = document.cookie.match(re);
164
+ return m ? decodeURIComponent(m[1]) : null;
165
+ } catch {
166
+ return null;
167
+ }
168
+ },
169
+ set(key, value) {
170
+ if (!isBrowser) return;
171
+ try {
172
+ const k = encodeURIComponent(key);
173
+ const secure = window.location.protocol === "https:" ? "; Secure" : "";
174
+ if (value === null) {
175
+ document.cookie = `${k}=; Path=/; Max-Age=0; SameSite=Lax${secure}`;
176
+ } else {
177
+ const v = encodeURIComponent(value);
178
+ document.cookie = `${k}=${v}; Path=/; Max-Age=${COOKIE_MAX_AGE}; SameSite=Lax${secure}`;
1626
179
  }
1627
- };
180
+ } catch {
181
+ }
1628
182
  }
1629
- });
1630
-
1631
- // src/_api/generated/helpers/auth.ts
183
+ };
184
+ var _storage = localStorageBackend;
185
+ var _storageMode = "localStorage";
1632
186
  function detectLocale() {
1633
187
  try {
1634
188
  if (typeof document !== "undefined") {
@@ -1642,6 +196,7 @@ function detectLocale() {
1642
196
  }
1643
197
  return null;
1644
198
  }
199
+ __name(detectLocale, "detectLocale");
1645
200
  function defaultBaseUrl() {
1646
201
  if (typeof window !== "undefined") {
1647
202
  try {
@@ -1664,6 +219,7 @@ function defaultBaseUrl() {
1664
219
  }
1665
220
  return "";
1666
221
  }
222
+ __name(defaultBaseUrl, "defaultBaseUrl");
1667
223
  function defaultApiKey() {
1668
224
  try {
1669
225
  if (typeof process !== "undefined" && process.env?.NEXT_PUBLIC_API_KEY) {
@@ -1673,6 +229,15 @@ function defaultApiKey() {
1673
229
  }
1674
230
  return null;
1675
231
  }
232
+ __name(defaultApiKey, "defaultApiKey");
233
+ var _localeOverride = null;
234
+ var _apiKeyOverride = null;
235
+ var _baseUrlOverride = null;
236
+ var _withCredentials = true;
237
+ var _onUnauthorized = null;
238
+ var _refreshHandler = null;
239
+ var _refreshInflight = null;
240
+ var RETRY_MARKER = "X-Auth-Retry";
1676
241
  function jwtExpMs(token) {
1677
242
  try {
1678
243
  const payload = token.split(".")[1];
@@ -1683,6 +248,7 @@ function jwtExpMs(token) {
1683
248
  return null;
1684
249
  }
1685
250
  }
251
+ __name(jwtExpMs, "jwtExpMs");
1686
252
  function computeSnapshot() {
1687
253
  const access = _storage.get(ACCESS_KEY);
1688
254
  const refresh = _storage.get(REFRESH_KEY);
@@ -1696,6 +262,13 @@ function computeSnapshot() {
1696
262
  accessExpiresAt: accessExp
1697
263
  };
1698
264
  }
265
+ __name(computeSnapshot, "computeSnapshot");
266
+ var SERVER_SNAPSHOT = { status: "anonymous", accessExpiresAt: null };
267
+ var SESSION_SYNC_EVENT = `cfg-auth:changed:${ACCESS_KEY}`;
268
+ var _snapshot = computeSnapshot();
269
+ var _sessionListeners = /* @__PURE__ */ new Set();
270
+ var _expiryTimer = null;
271
+ var _storageListenerInstalled = false;
1699
272
  function scheduleExpiryFlip() {
1700
273
  if (!isBrowser) return;
1701
274
  if (_expiryTimer !== null) {
@@ -1715,6 +288,7 @@ function scheduleExpiryFlip() {
1715
288
  const delay = Math.min(Math.min(...exps) - now + 250, 2147483647);
1716
289
  _expiryTimer = setTimeout(notifySessionChanged, delay);
1717
290
  }
291
+ __name(scheduleExpiryFlip, "scheduleExpiryFlip");
1718
292
  function notifySessionChanged() {
1719
293
  const next = computeSnapshot();
1720
294
  const changed = next.status !== _snapshot.status || next.accessExpiresAt !== _snapshot.accessExpiresAt;
@@ -1734,6 +308,7 @@ function notifySessionChanged() {
1734
308
  }
1735
309
  }
1736
310
  }
311
+ __name(notifySessionChanged, "notifySessionChanged");
1737
312
  function ensureStorageSync() {
1738
313
  if (!isBrowser || _storageListenerInstalled) return;
1739
314
  _storageListenerInstalled = true;
@@ -1744,6 +319,9 @@ function ensureStorageSync() {
1744
319
  });
1745
320
  window.addEventListener(SESSION_SYNC_EVENT, () => notifySessionChanged());
1746
321
  }
322
+ __name(ensureStorageSync, "ensureStorageSync");
323
+ var _sessionExpiredHandlers = /* @__PURE__ */ new Set();
324
+ var _client = null;
1747
325
  function pushClientConfig() {
1748
326
  if (!_client) return;
1749
327
  _client.setConfig({
@@ -1751,16 +329,184 @@ function pushClientConfig() {
1751
329
  credentials: _withCredentials ? "include" : "same-origin"
1752
330
  });
1753
331
  }
1754
- async function tryRefresh() {
1755
- if (_refreshInflight) return _refreshInflight;
1756
- if (!_refreshHandler) return null;
1757
- const runRefresh = /* @__PURE__ */ __name(async () => {
1758
- const refresh = auth.getRefreshToken();
1759
- if (!refresh) return null;
1760
- const result = await _refreshHandler(refresh);
1761
- if (!result?.access) return null;
1762
- auth.setToken(result.access);
1763
- if (result.refresh) auth.setRefreshToken(result.refresh);
332
+ __name(pushClientConfig, "pushClientConfig");
333
+ var auth = {
334
+ // ── Storage mode ──────────────────────────────────────────────────
335
+ getStorageMode() {
336
+ return _storageMode;
337
+ },
338
+ setStorageMode(mode) {
339
+ _storageMode = mode;
340
+ _storage = mode === "cookie" ? cookieBackend : localStorageBackend;
341
+ notifySessionChanged();
342
+ },
343
+ // ── Bearer token ──────────────────────────────────────────────────
344
+ getToken() {
345
+ return _storage.get(ACCESS_KEY);
346
+ },
347
+ setToken(token) {
348
+ _storage.set(ACCESS_KEY, token);
349
+ notifySessionChanged();
350
+ },
351
+ getRefreshToken() {
352
+ return _storage.get(REFRESH_KEY);
353
+ },
354
+ setRefreshToken(token) {
355
+ _storage.set(REFRESH_KEY, token);
356
+ notifySessionChanged();
357
+ },
358
+ clearTokens() {
359
+ _storage.set(ACCESS_KEY, null);
360
+ _storage.set(REFRESH_KEY, null);
361
+ notifySessionChanged();
362
+ },
363
+ /** Session-aware: token PRESENT and not past its `exp` (or a live refresh
364
+ * token exists that can mint one). Prefer `getSnapshot().status` in React. */
365
+ isAuthenticated() {
366
+ return computeSnapshot().status === "authenticated";
367
+ },
368
+ // ── Session (the ONE write path for login/logout flows) ──────────
369
+ /**
370
+ * Persist a token pair atomically. Every login flow (OTP verify, 2FA,
371
+ * OAuth callback) and the refresh handler should end here — do NOT
372
+ * scatter `setToken`/`setRefreshToken` pairs through app code.
373
+ * `refresh: undefined` keeps the current refresh token (access-only
374
+ * rotation); `refresh: null` explicitly drops it.
375
+ */
376
+ setSession(tokens) {
377
+ _storage.set(ACCESS_KEY, tokens.access);
378
+ if (tokens.refresh !== void 0) _storage.set(REFRESH_KEY, tokens.refresh);
379
+ notifySessionChanged();
380
+ },
381
+ clearSession() {
382
+ auth.clearTokens();
383
+ },
384
+ // ── Reactive snapshot (for useSyncExternalStore) ──────────────────
385
+ /**
386
+ * @example React:
387
+ * const session = useSyncExternalStore(
388
+ * auth.subscribe, auth.getSnapshot, auth.getServerSnapshot,
389
+ * );
390
+ * const isAuthenticated = session.status === 'authenticated';
391
+ */
392
+ getSnapshot() {
393
+ return _snapshot;
394
+ },
395
+ getServerSnapshot() {
396
+ return SERVER_SNAPSHOT;
397
+ },
398
+ subscribe(listener) {
399
+ ensureStorageSync();
400
+ _sessionListeners.add(listener);
401
+ notifySessionChanged();
402
+ return () => {
403
+ _sessionListeners.delete(listener);
404
+ if (_sessionListeners.size === 0 && _expiryTimer !== null) {
405
+ clearTimeout(_expiryTimer);
406
+ _expiryTimer = null;
407
+ }
408
+ };
409
+ },
410
+ /**
411
+ * Fired on TERMINAL 401 — after the refresh+retry path is exhausted.
412
+ * The store has already cleared the session before calling back, so
413
+ * handlers only need to route to login (no clear-then-redirect
414
+ * ordering to get wrong). Returns an unsubscribe function; multiple
415
+ * handlers compose (unlike the legacy single-slot `onUnauthorized`).
416
+ */
417
+ onSessionExpired(cb) {
418
+ _sessionExpiredHandlers.add(cb);
419
+ return () => {
420
+ _sessionExpiredHandlers.delete(cb);
421
+ };
422
+ },
423
+ // ── API key ───────────────────────────────────────────────────────
424
+ getApiKey() {
425
+ return _apiKeyOverride ?? _storage.get(API_KEY_KEY) ?? defaultApiKey();
426
+ },
427
+ setApiKey(key) {
428
+ _apiKeyOverride = key;
429
+ },
430
+ setApiKeyPersist(key) {
431
+ _apiKeyOverride = key;
432
+ _storage.set(API_KEY_KEY, key);
433
+ },
434
+ clearApiKey() {
435
+ _apiKeyOverride = null;
436
+ _storage.set(API_KEY_KEY, null);
437
+ },
438
+ // ── Locale ────────────────────────────────────────────────────────
439
+ getLocale() {
440
+ return _localeOverride ?? detectLocale();
441
+ },
442
+ setLocale(locale) {
443
+ _localeOverride = locale;
444
+ },
445
+ // ── Base URL ──────────────────────────────────────────────────────
446
+ getBaseUrl() {
447
+ const url = _baseUrlOverride ?? defaultBaseUrl();
448
+ return url.replace(/\/$/, "");
449
+ },
450
+ setBaseUrl(url) {
451
+ _baseUrlOverride = url ? url.replace(/\/$/, "") : null;
452
+ pushClientConfig();
453
+ },
454
+ // ── Credentials toggle ────────────────────────────────────────────
455
+ getWithCredentials() {
456
+ return _withCredentials;
457
+ },
458
+ setWithCredentials(value) {
459
+ _withCredentials = value;
460
+ pushClientConfig();
461
+ },
462
+ // ── 401 handler ───────────────────────────────────────────────────
463
+ /**
464
+ * Fired when the server returns 401 AND no refresh path recovers it
465
+ * (no refresh token, no refresh handler, refresh failed, or retry
466
+ * still 401). The app should clear local state and redirect to login.
467
+ *
468
+ * NOT fired for 401 that gets transparently recovered by the refresh
469
+ * handler — those are invisible to callers.
470
+ */
471
+ onUnauthorized(cb) {
472
+ _onUnauthorized = cb;
473
+ },
474
+ /**
475
+ * Register the refresh strategy. The handler receives the current
476
+ * refresh token and must call your refresh endpoint, returning
477
+ * `{ access, refresh? }` on success or `null` on failure.
478
+ *
479
+ * @example
480
+ * auth.setRefreshHandler(async (refresh) => {
481
+ * const { data } = await Auth.tokenRefreshCreate({ body: { refresh } });
482
+ * return data ? { access: data.access, refresh: data.refresh } : null;
483
+ * });
484
+ */
485
+ setRefreshHandler(fn) {
486
+ _refreshHandler = fn;
487
+ },
488
+ /**
489
+ * Proactively run the registered refresh handler right now, reusing the
490
+ * SAME single-flight promise as the 401-recovery interceptor. Callers
491
+ * (e.g. an expiry timer / focus / reconnect) get token rotation,
492
+ * de-duplication and rotated-token persistence for free — they must NOT
493
+ * re-implement any of it. Returns the fresh access token, or null if
494
+ * there is no handler / no refresh token / the refresh failed.
495
+ */
496
+ refreshNow() {
497
+ return tryRefresh();
498
+ }
499
+ };
500
+ async function tryRefresh() {
501
+ if (_refreshInflight) return _refreshInflight;
502
+ if (!_refreshHandler) return null;
503
+ const runRefresh = /* @__PURE__ */ __name(async () => {
504
+ const refresh = auth.getRefreshToken();
505
+ if (!refresh) return null;
506
+ const result = await _refreshHandler(refresh);
507
+ if (!result?.access) return null;
508
+ auth.setToken(result.access);
509
+ if (result.refresh) auth.setRefreshToken(result.refresh);
1764
510
  return result.access;
1765
511
  }, "runRefresh");
1766
512
  _refreshInflight = (async () => {
@@ -1778,6 +524,7 @@ async function tryRefresh() {
1778
524
  })();
1779
525
  return _refreshInflight;
1780
526
  }
527
+ __name(tryRefresh, "tryRefresh");
1781
528
  function expireSession(response) {
1782
529
  auth.clearTokens();
1783
530
  for (const cb of Array.from(_sessionExpiredHandlers)) {
@@ -1793,6 +540,7 @@ function expireSession(response) {
1793
540
  }
1794
541
  }
1795
542
  }
543
+ __name(expireSession, "expireSession");
1796
544
  function dpopEnabled() {
1797
545
  try {
1798
546
  return typeof process !== "undefined" && process.env?.NEXT_PUBLIC_DPOP_ENABLED === "true";
@@ -1800,6 +548,10 @@ function dpopEnabled() {
1800
548
  return false;
1801
549
  }
1802
550
  }
551
+ __name(dpopEnabled, "dpopEnabled");
552
+ var _DPOP_DB = "cfg-auth";
553
+ var _DPOP_STORE = "keys";
554
+ var _DPOP_KEY_ID = "dpop-ec-p256";
1803
555
  function _idbOpen() {
1804
556
  return new Promise((resolve, reject) => {
1805
557
  const req = indexedDB.open(_DPOP_DB, 1);
@@ -1808,6 +560,7 @@ function _idbOpen() {
1808
560
  req.onerror = () => reject(req.error);
1809
561
  });
1810
562
  }
563
+ __name(_idbOpen, "_idbOpen");
1811
564
  function _idbGet(key) {
1812
565
  return _idbOpen().then((db) => new Promise((resolve, reject) => {
1813
566
  const tx = db.transaction(_DPOP_STORE, "readonly");
@@ -1816,6 +569,7 @@ function _idbGet(key) {
1816
569
  req.onerror = () => reject(req.error);
1817
570
  }));
1818
571
  }
572
+ __name(_idbGet, "_idbGet");
1819
573
  function _idbPut(key, value) {
1820
574
  return _idbOpen().then((db) => new Promise((resolve, reject) => {
1821
575
  const tx = db.transaction(_DPOP_STORE, "readwrite");
@@ -1824,6 +578,8 @@ function _idbPut(key, value) {
1824
578
  tx.onerror = () => reject(tx.error);
1825
579
  }));
1826
580
  }
581
+ __name(_idbPut, "_idbPut");
582
+ var _dpopKeyPromise = null;
1827
583
  function _getDpopKeyPair() {
1828
584
  if (_dpopKeyPromise) return _dpopKeyPromise;
1829
585
  _dpopKeyPromise = (async () => {
@@ -1841,19 +597,23 @@ function _getDpopKeyPair() {
1841
597
  })();
1842
598
  return _dpopKeyPromise;
1843
599
  }
600
+ __name(_getDpopKeyPair, "_getDpopKeyPair");
1844
601
  function _b64urlFromBytes(bytes) {
1845
602
  const arr = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);
1846
603
  let s = "";
1847
604
  for (let i = 0; i < arr.length; i++) s += String.fromCharCode(arr[i]);
1848
605
  return btoa(s).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
1849
606
  }
607
+ __name(_b64urlFromBytes, "_b64urlFromBytes");
1850
608
  function _b64urlFromString(str) {
1851
609
  return _b64urlFromBytes(new TextEncoder().encode(str));
1852
610
  }
611
+ __name(_b64urlFromString, "_b64urlFromString");
1853
612
  async function _publicJwk(pub) {
1854
613
  const jwk = await crypto.subtle.exportKey("jwk", pub);
1855
614
  return { kty: "EC", crv: "P-256", x: jwk.x, y: jwk.y };
1856
615
  }
616
+ __name(_publicJwk, "_publicJwk");
1857
617
  async function _makeDpopProof(method, url) {
1858
618
  try {
1859
619
  const pair = await _getDpopKeyPair();
@@ -1873,6 +633,7 @@ async function _makeDpopProof(method, url) {
1873
633
  return null;
1874
634
  }
1875
635
  }
636
+ __name(_makeDpopProof, "_makeDpopProof");
1876
637
  function installAuthOnClient(client2) {
1877
638
  if (_client) return;
1878
639
  _client = client2;
@@ -1933,434 +694,1566 @@ function installAuthOnClient(client2) {
1933
694
  }
1934
695
  });
1935
696
  }
1936
- var ACCESS_KEY, REFRESH_KEY, API_KEY_KEY, isBrowser, localStorageBackend, COOKIE_MAX_AGE, cookieBackend, _storage, _storageMode, _localeOverride, _apiKeyOverride, _baseUrlOverride, _withCredentials, _onUnauthorized, _refreshHandler, _refreshInflight, RETRY_MARKER, SERVER_SNAPSHOT, SESSION_SYNC_EVENT, _snapshot, _sessionListeners, _expiryTimer, _storageListenerInstalled, _sessionExpiredHandlers, _client, auth, _DPOP_DB, _DPOP_STORE, _DPOP_KEY_ID, _dpopKeyPromise;
1937
- var init_auth = __esm({
1938
- "src/_api/generated/helpers/auth.ts"() {
1939
- init_errors();
1940
- ACCESS_KEY = "cfg.access_token";
1941
- REFRESH_KEY = "cfg.refresh_token";
1942
- API_KEY_KEY = "cfg.api_key";
1943
- isBrowser = typeof window !== "undefined";
1944
- localStorageBackend = {
1945
- get(key) {
1946
- if (!isBrowser) return null;
1947
- try {
1948
- return window.localStorage.getItem(key);
1949
- } catch {
1950
- return null;
697
+ __name(installAuthOnClient, "installAuthOnClient");
698
+ var REFRESH_ENDPOINT = "/cfg/accounts/token/refresh/";
699
+ auth.setRefreshHandler(async (refresh) => {
700
+ try {
701
+ const url = `${auth.getBaseUrl()}${REFRESH_ENDPOINT}`;
702
+ const headers = { "Content-Type": "application/json" };
703
+ if (dpopEnabled() && typeof window !== "undefined") {
704
+ const proof = await _makeDpopProof("POST", url);
705
+ if (proof) headers["DPoP"] = proof;
706
+ }
707
+ const res = await fetch(url, {
708
+ method: "POST",
709
+ headers,
710
+ credentials: auth.getWithCredentials() ? "include" : "same-origin",
711
+ body: JSON.stringify({ refresh })
712
+ });
713
+ if (!res.ok) return null;
714
+ const data = await res.json();
715
+ return data?.access ? { access: data.access, refresh: data.refresh ?? refresh } : null;
716
+ } catch {
717
+ return null;
718
+ }
719
+ });
720
+
721
+ // src/_api/generated/helpers/logger.ts
722
+ var import_consola = require("consola");
723
+ var DEFAULT_CONFIG = {
724
+ enabled: typeof process !== "undefined" && process.env.NODE_ENV !== "production",
725
+ logRequests: true,
726
+ logResponses: true,
727
+ logErrors: true,
728
+ logBodies: true,
729
+ logHeaders: false
730
+ };
731
+ var SENSITIVE_HEADERS = [
732
+ "authorization",
733
+ "cookie",
734
+ "set-cookie",
735
+ "x-api-key",
736
+ "x-csrf-token"
737
+ ];
738
+ var APILogger = class {
739
+ static {
740
+ __name(this, "APILogger");
741
+ }
742
+ config;
743
+ consola;
744
+ constructor(config = {}) {
745
+ this.config = { ...DEFAULT_CONFIG, ...config };
746
+ this.consola = config.consola || (0, import_consola.createConsola)({
747
+ level: this.config.enabled ? 4 : 0
748
+ });
749
+ }
750
+ enable() {
751
+ this.config.enabled = true;
752
+ }
753
+ disable() {
754
+ this.config.enabled = false;
755
+ }
756
+ setConfig(config) {
757
+ this.config = { ...this.config, ...config };
758
+ }
759
+ filterHeaders(headers) {
760
+ if (!headers) return {};
761
+ const filtered = {};
762
+ Object.keys(headers).forEach((key) => {
763
+ filtered[key] = SENSITIVE_HEADERS.includes(key.toLowerCase()) ? "***" : headers[key] || "";
764
+ });
765
+ return filtered;
766
+ }
767
+ logRequest(request) {
768
+ if (!this.config.enabled || !this.config.logRequests) return;
769
+ const { method, url, headers, body } = request;
770
+ this.consola.start(`${method} ${url}`);
771
+ if (this.config.logHeaders && headers) this.consola.debug("Headers:", this.filterHeaders(headers));
772
+ if (this.config.logBodies && body) this.consola.debug("Body:", body);
773
+ }
774
+ logResponse(request, response) {
775
+ if (!this.config.enabled || !this.config.logResponses) return;
776
+ const { method, url } = request;
777
+ const { status, statusText, data, duration } = response;
778
+ this.consola.success(`${method} ${url} ${status} ${statusText} (${duration}ms)`);
779
+ if (this.config.logBodies && data) this.consola.debug("Response:", data);
780
+ }
781
+ logError(request, error) {
782
+ if (!this.config.enabled || !this.config.logErrors) return;
783
+ const { method, url } = request;
784
+ const { message, statusCode, fieldErrors, duration } = error;
785
+ this.consola.error(`${method} ${url} ${statusCode || "Network"} Error (${duration}ms)`);
786
+ this.consola.error("Message:", message);
787
+ if (fieldErrors && Object.keys(fieldErrors).length > 0) {
788
+ this.consola.error("Field Errors:");
789
+ Object.entries(fieldErrors).forEach(([field, errors]) => {
790
+ errors.forEach((err) => this.consola.error(` \u2022 ${field}: ${err}`));
791
+ });
792
+ }
793
+ }
794
+ info(message, ...args) {
795
+ if (this.config.enabled) this.consola.info(message, ...args);
796
+ }
797
+ warn(message, ...args) {
798
+ if (this.config.enabled) this.consola.warn(message, ...args);
799
+ }
800
+ error(message, ...args) {
801
+ if (this.config.enabled) this.consola.error(message, ...args);
802
+ }
803
+ debug(message, ...args) {
804
+ if (this.config.enabled) this.consola.debug(message, ...args);
805
+ }
806
+ success(message, ...args) {
807
+ if (this.config.enabled) this.consola.success(message, ...args);
808
+ }
809
+ withTag(tag) {
810
+ return this.consola.withTag(tag);
811
+ }
812
+ };
813
+ var defaultLogger = new APILogger();
814
+
815
+ // src/_api/generated/core/bodySerializer.gen.ts
816
+ var serializeFormDataPair = /* @__PURE__ */ __name((data, key, value) => {
817
+ if (typeof value === "string" || value instanceof Blob) {
818
+ data.append(key, value);
819
+ } else if (value instanceof Date) {
820
+ data.append(key, value.toISOString());
821
+ } else {
822
+ data.append(key, JSON.stringify(value));
823
+ }
824
+ }, "serializeFormDataPair");
825
+ var formDataBodySerializer = {
826
+ bodySerializer: /* @__PURE__ */ __name((body) => {
827
+ const data = new FormData();
828
+ Object.entries(body).forEach(([key, value]) => {
829
+ if (value === void 0 || value === null) {
830
+ return;
831
+ }
832
+ if (Array.isArray(value)) {
833
+ value.forEach((v) => serializeFormDataPair(data, key, v));
834
+ } else {
835
+ serializeFormDataPair(data, key, value);
836
+ }
837
+ });
838
+ return data;
839
+ }, "bodySerializer")
840
+ };
841
+ var jsonBodySerializer = {
842
+ bodySerializer: /* @__PURE__ */ __name((body) => JSON.stringify(body, (_key, value) => typeof value === "bigint" ? value.toString() : value), "bodySerializer")
843
+ };
844
+
845
+ // src/_api/generated/core/params.gen.ts
846
+ var extraPrefixesMap = {
847
+ $body_: "body",
848
+ $headers_: "headers",
849
+ $path_: "path",
850
+ $query_: "query"
851
+ };
852
+ var extraPrefixes = Object.entries(extraPrefixesMap);
853
+
854
+ // src/_api/generated/core/serverSentEvents.gen.ts
855
+ function createSseClient({
856
+ onRequest,
857
+ onSseError,
858
+ onSseEvent,
859
+ responseTransformer,
860
+ responseValidator,
861
+ sseDefaultRetryDelay,
862
+ sseMaxRetryAttempts,
863
+ sseMaxRetryDelay,
864
+ sseSleepFn,
865
+ url,
866
+ ...options
867
+ }) {
868
+ let lastEventId;
869
+ const sleep = sseSleepFn ?? ((ms) => new Promise((resolve) => setTimeout(resolve, ms)));
870
+ const createStream = /* @__PURE__ */ __name(async function* () {
871
+ let retryDelay = sseDefaultRetryDelay ?? 3e3;
872
+ let attempt = 0;
873
+ const signal = options.signal ?? new AbortController().signal;
874
+ while (true) {
875
+ if (signal.aborted) break;
876
+ attempt++;
877
+ const headers = options.headers instanceof Headers ? options.headers : new Headers(options.headers);
878
+ if (lastEventId !== void 0) {
879
+ headers.set("Last-Event-ID", lastEventId);
880
+ }
881
+ try {
882
+ const requestInit = {
883
+ redirect: "follow",
884
+ ...options,
885
+ body: options.serializedBody,
886
+ headers,
887
+ signal
888
+ };
889
+ let request = new Request(url, requestInit);
890
+ if (onRequest) {
891
+ request = await onRequest(url, requestInit);
1951
892
  }
1952
- },
1953
- set(key, value) {
1954
- if (!isBrowser) return;
893
+ const _fetch = options.fetch ?? globalThis.fetch;
894
+ const response = await _fetch(request);
895
+ if (!response.ok) throw new Error(`SSE failed: ${response.status} ${response.statusText}`);
896
+ if (!response.body) throw new Error("No body in SSE response");
897
+ const reader = response.body.pipeThrough(new TextDecoderStream()).getReader();
898
+ let buffer = "";
899
+ const abortHandler = /* @__PURE__ */ __name(() => {
900
+ try {
901
+ reader.cancel();
902
+ } catch {
903
+ }
904
+ }, "abortHandler");
905
+ signal.addEventListener("abort", abortHandler);
1955
906
  try {
1956
- if (value === null) window.localStorage.removeItem(key);
1957
- else window.localStorage.setItem(key, value);
1958
- } catch {
907
+ while (true) {
908
+ const { done, value } = await reader.read();
909
+ if (done) break;
910
+ buffer += value;
911
+ buffer = buffer.replace(/\r\n?/g, "\n");
912
+ const chunks = buffer.split("\n\n");
913
+ buffer = chunks.pop() ?? "";
914
+ for (const chunk of chunks) {
915
+ const lines = chunk.split("\n");
916
+ const dataLines = [];
917
+ let eventName;
918
+ for (const line of lines) {
919
+ if (line.startsWith("data:")) {
920
+ dataLines.push(line.replace(/^data:\s*/, ""));
921
+ } else if (line.startsWith("event:")) {
922
+ eventName = line.replace(/^event:\s*/, "");
923
+ } else if (line.startsWith("id:")) {
924
+ lastEventId = line.replace(/^id:\s*/, "");
925
+ } else if (line.startsWith("retry:")) {
926
+ const parsed = Number.parseInt(line.replace(/^retry:\s*/, ""), 10);
927
+ if (!Number.isNaN(parsed)) {
928
+ retryDelay = parsed;
929
+ }
930
+ }
931
+ }
932
+ let data;
933
+ let parsedJson = false;
934
+ if (dataLines.length) {
935
+ const rawData = dataLines.join("\n");
936
+ try {
937
+ data = JSON.parse(rawData);
938
+ parsedJson = true;
939
+ } catch {
940
+ data = rawData;
941
+ }
942
+ }
943
+ if (parsedJson) {
944
+ if (responseValidator) {
945
+ await responseValidator(data);
946
+ }
947
+ if (responseTransformer) {
948
+ data = await responseTransformer(data);
949
+ }
950
+ }
951
+ onSseEvent?.({
952
+ data,
953
+ event: eventName,
954
+ id: lastEventId,
955
+ retry: retryDelay
956
+ });
957
+ if (dataLines.length) {
958
+ yield data;
959
+ }
960
+ }
961
+ }
962
+ } finally {
963
+ signal.removeEventListener("abort", abortHandler);
964
+ reader.releaseLock();
965
+ }
966
+ break;
967
+ } catch (error) {
968
+ onSseError?.(error);
969
+ if (sseMaxRetryAttempts !== void 0 && attempt >= sseMaxRetryAttempts) {
970
+ break;
971
+ }
972
+ const backoff = Math.min(retryDelay * 2 ** (attempt - 1), sseMaxRetryDelay ?? 3e4);
973
+ await sleep(backoff);
974
+ }
975
+ }
976
+ }, "createStream");
977
+ const stream = createStream();
978
+ return { stream };
979
+ }
980
+ __name(createSseClient, "createSseClient");
981
+
982
+ // src/_api/generated/core/pathSerializer.gen.ts
983
+ var separatorArrayExplode = /* @__PURE__ */ __name((style) => {
984
+ switch (style) {
985
+ case "label":
986
+ return ".";
987
+ case "matrix":
988
+ return ";";
989
+ case "simple":
990
+ return ",";
991
+ default:
992
+ return "&";
993
+ }
994
+ }, "separatorArrayExplode");
995
+ var separatorArrayNoExplode = /* @__PURE__ */ __name((style) => {
996
+ switch (style) {
997
+ case "form":
998
+ return ",";
999
+ case "pipeDelimited":
1000
+ return "|";
1001
+ case "spaceDelimited":
1002
+ return "%20";
1003
+ default:
1004
+ return ",";
1005
+ }
1006
+ }, "separatorArrayNoExplode");
1007
+ var separatorObjectExplode = /* @__PURE__ */ __name((style) => {
1008
+ switch (style) {
1009
+ case "label":
1010
+ return ".";
1011
+ case "matrix":
1012
+ return ";";
1013
+ case "simple":
1014
+ return ",";
1015
+ default:
1016
+ return "&";
1017
+ }
1018
+ }, "separatorObjectExplode");
1019
+ var serializeArrayParam = /* @__PURE__ */ __name(({
1020
+ allowReserved,
1021
+ explode,
1022
+ name,
1023
+ style,
1024
+ value
1025
+ }) => {
1026
+ if (!explode) {
1027
+ const joinedValues2 = (allowReserved ? value : value.map((v) => encodeURIComponent(v))).join(separatorArrayNoExplode(style));
1028
+ switch (style) {
1029
+ case "label":
1030
+ return `.${joinedValues2}`;
1031
+ case "matrix":
1032
+ return `;${name}=${joinedValues2}`;
1033
+ case "simple":
1034
+ return joinedValues2;
1035
+ default:
1036
+ return `${name}=${joinedValues2}`;
1037
+ }
1038
+ }
1039
+ const separator = separatorArrayExplode(style);
1040
+ const joinedValues = value.map((v) => {
1041
+ if (style === "label" || style === "simple") {
1042
+ return allowReserved ? v : encodeURIComponent(v);
1043
+ }
1044
+ return serializePrimitiveParam({
1045
+ allowReserved,
1046
+ name,
1047
+ value: v
1048
+ });
1049
+ }).join(separator);
1050
+ return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
1051
+ }, "serializeArrayParam");
1052
+ var serializePrimitiveParam = /* @__PURE__ */ __name(({
1053
+ allowReserved,
1054
+ name,
1055
+ value
1056
+ }) => {
1057
+ if (value === void 0 || value === null) {
1058
+ return "";
1059
+ }
1060
+ if (typeof value === "object") {
1061
+ throw new Error(
1062
+ "Deeply-nested arrays/objects aren\u2019t supported. Provide your own `querySerializer()` to handle these."
1063
+ );
1064
+ }
1065
+ return `${name}=${allowReserved ? value : encodeURIComponent(value)}`;
1066
+ }, "serializePrimitiveParam");
1067
+ var serializeObjectParam = /* @__PURE__ */ __name(({
1068
+ allowReserved,
1069
+ explode,
1070
+ name,
1071
+ style,
1072
+ value,
1073
+ valueOnly
1074
+ }) => {
1075
+ if (value instanceof Date) {
1076
+ return valueOnly ? value.toISOString() : `${name}=${value.toISOString()}`;
1077
+ }
1078
+ if (style !== "deepObject" && !explode) {
1079
+ let values = [];
1080
+ Object.entries(value).forEach(([key, v]) => {
1081
+ values = [...values, key, allowReserved ? v : encodeURIComponent(v)];
1082
+ });
1083
+ const joinedValues2 = values.join(",");
1084
+ switch (style) {
1085
+ case "form":
1086
+ return `${name}=${joinedValues2}`;
1087
+ case "label":
1088
+ return `.${joinedValues2}`;
1089
+ case "matrix":
1090
+ return `;${name}=${joinedValues2}`;
1091
+ default:
1092
+ return joinedValues2;
1093
+ }
1094
+ }
1095
+ const separator = separatorObjectExplode(style);
1096
+ const joinedValues = Object.entries(value).map(
1097
+ ([key, v]) => serializePrimitiveParam({
1098
+ allowReserved,
1099
+ name: style === "deepObject" ? `${name}[${key}]` : key,
1100
+ value: v
1101
+ })
1102
+ ).join(separator);
1103
+ return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
1104
+ }, "serializeObjectParam");
1105
+
1106
+ // src/_api/generated/core/utils.gen.ts
1107
+ var PATH_PARAM_RE = /\{[^{}]+\}/g;
1108
+ var defaultPathSerializer = /* @__PURE__ */ __name(({ path, url: _url }) => {
1109
+ let url = _url;
1110
+ const matches = _url.match(PATH_PARAM_RE);
1111
+ if (matches) {
1112
+ for (const match of matches) {
1113
+ let explode = false;
1114
+ let name = match.substring(1, match.length - 1);
1115
+ let style = "simple";
1116
+ if (name.endsWith("*")) {
1117
+ explode = true;
1118
+ name = name.substring(0, name.length - 1);
1119
+ }
1120
+ if (name.startsWith(".")) {
1121
+ name = name.substring(1);
1122
+ style = "label";
1123
+ } else if (name.startsWith(";")) {
1124
+ name = name.substring(1);
1125
+ style = "matrix";
1126
+ }
1127
+ const value = path[name];
1128
+ if (value === void 0 || value === null) {
1129
+ continue;
1130
+ }
1131
+ if (Array.isArray(value)) {
1132
+ url = url.replace(match, serializeArrayParam({ explode, name, style, value }));
1133
+ continue;
1134
+ }
1135
+ if (typeof value === "object") {
1136
+ url = url.replace(
1137
+ match,
1138
+ serializeObjectParam({
1139
+ explode,
1140
+ name,
1141
+ style,
1142
+ value,
1143
+ valueOnly: true
1144
+ })
1145
+ );
1146
+ continue;
1147
+ }
1148
+ if (style === "matrix") {
1149
+ url = url.replace(
1150
+ match,
1151
+ `;${serializePrimitiveParam({
1152
+ name,
1153
+ value
1154
+ })}`
1155
+ );
1156
+ continue;
1157
+ }
1158
+ const replaceValue = encodeURIComponent(
1159
+ style === "label" ? `.${value}` : value
1160
+ );
1161
+ url = url.replace(match, replaceValue);
1162
+ }
1163
+ }
1164
+ return url;
1165
+ }, "defaultPathSerializer");
1166
+ var getUrl = /* @__PURE__ */ __name(({
1167
+ baseUrl,
1168
+ path,
1169
+ query,
1170
+ querySerializer,
1171
+ url: _url
1172
+ }) => {
1173
+ const pathUrl = _url.startsWith("/") ? _url : `/${_url}`;
1174
+ let url = (baseUrl ?? "") + pathUrl;
1175
+ if (path) {
1176
+ url = defaultPathSerializer({ path, url });
1177
+ }
1178
+ let search = query ? querySerializer(query) : "";
1179
+ if (search.startsWith("?")) {
1180
+ search = search.substring(1);
1181
+ }
1182
+ if (search) {
1183
+ url += `?${search}`;
1184
+ }
1185
+ return url;
1186
+ }, "getUrl");
1187
+ function getValidRequestBody(options) {
1188
+ const hasBody = options.body !== void 0;
1189
+ const isSerializedBody = hasBody && options.bodySerializer;
1190
+ if (isSerializedBody) {
1191
+ if ("serializedBody" in options) {
1192
+ const hasSerializedBody = options.serializedBody !== void 0 && options.serializedBody !== "";
1193
+ return hasSerializedBody ? options.serializedBody : null;
1194
+ }
1195
+ return options.body !== "" ? options.body : null;
1196
+ }
1197
+ if (hasBody) {
1198
+ return options.body;
1199
+ }
1200
+ return void 0;
1201
+ }
1202
+ __name(getValidRequestBody, "getValidRequestBody");
1203
+
1204
+ // src/_api/generated/core/auth.gen.ts
1205
+ var getAuthToken = /* @__PURE__ */ __name(async (auth2, callback) => {
1206
+ const token = typeof callback === "function" ? await callback(auth2) : callback;
1207
+ if (!token) {
1208
+ return;
1209
+ }
1210
+ if (auth2.scheme === "bearer") {
1211
+ return `Bearer ${token}`;
1212
+ }
1213
+ if (auth2.scheme === "basic") {
1214
+ return `Basic ${btoa(token)}`;
1215
+ }
1216
+ return token;
1217
+ }, "getAuthToken");
1218
+
1219
+ // src/_api/generated/client/utils.gen.ts
1220
+ var createQuerySerializer = /* @__PURE__ */ __name(({
1221
+ parameters = {},
1222
+ ...args
1223
+ } = {}) => {
1224
+ const querySerializer = /* @__PURE__ */ __name((queryParams) => {
1225
+ const search = [];
1226
+ if (queryParams && typeof queryParams === "object") {
1227
+ for (const name in queryParams) {
1228
+ const value = queryParams[name];
1229
+ if (value === void 0 || value === null) {
1230
+ continue;
1231
+ }
1232
+ const options = parameters[name] || args;
1233
+ if (Array.isArray(value)) {
1234
+ const serializedArray = serializeArrayParam({
1235
+ allowReserved: options.allowReserved,
1236
+ explode: true,
1237
+ name,
1238
+ style: "form",
1239
+ value,
1240
+ ...options.array
1241
+ });
1242
+ if (serializedArray) search.push(serializedArray);
1243
+ } else if (typeof value === "object") {
1244
+ const serializedObject = serializeObjectParam({
1245
+ allowReserved: options.allowReserved,
1246
+ explode: true,
1247
+ name,
1248
+ style: "deepObject",
1249
+ value,
1250
+ ...options.object
1251
+ });
1252
+ if (serializedObject) search.push(serializedObject);
1253
+ } else {
1254
+ const serializedPrimitive = serializePrimitiveParam({
1255
+ allowReserved: options.allowReserved,
1256
+ name,
1257
+ value
1258
+ });
1259
+ if (serializedPrimitive) search.push(serializedPrimitive);
1260
+ }
1261
+ }
1262
+ }
1263
+ return search.join("&");
1264
+ }, "querySerializer");
1265
+ return querySerializer;
1266
+ }, "createQuerySerializer");
1267
+ var getParseAs = /* @__PURE__ */ __name((contentType) => {
1268
+ if (!contentType) {
1269
+ return "stream";
1270
+ }
1271
+ const cleanContent = contentType.split(";")[0]?.trim();
1272
+ if (!cleanContent) {
1273
+ return;
1274
+ }
1275
+ if (cleanContent.startsWith("application/json") || cleanContent.endsWith("+json")) {
1276
+ return "json";
1277
+ }
1278
+ if (cleanContent === "multipart/form-data") {
1279
+ return "formData";
1280
+ }
1281
+ if (["application/", "audio/", "image/", "video/"].some((type) => cleanContent.startsWith(type))) {
1282
+ return "blob";
1283
+ }
1284
+ if (cleanContent.startsWith("text/")) {
1285
+ return "text";
1286
+ }
1287
+ return;
1288
+ }, "getParseAs");
1289
+ var checkForExistence = /* @__PURE__ */ __name((options, name) => {
1290
+ if (!name) {
1291
+ return false;
1292
+ }
1293
+ if (options.headers.has(name) || options.query?.[name] || options.headers.get("Cookie")?.includes(`${name}=`)) {
1294
+ return true;
1295
+ }
1296
+ return false;
1297
+ }, "checkForExistence");
1298
+ async function setAuthParams(options) {
1299
+ for (const auth2 of options.security ?? []) {
1300
+ if (checkForExistence(options, auth2.name)) {
1301
+ continue;
1302
+ }
1303
+ const token = await getAuthToken(auth2, options.auth);
1304
+ if (!token) {
1305
+ continue;
1306
+ }
1307
+ const name = auth2.name ?? "Authorization";
1308
+ switch (auth2.in) {
1309
+ case "query":
1310
+ if (!options.query) {
1311
+ options.query = {};
1312
+ }
1313
+ options.query[name] = token;
1314
+ break;
1315
+ case "cookie":
1316
+ options.headers.append("Cookie", `${name}=${token}`);
1317
+ break;
1318
+ case "header":
1319
+ default:
1320
+ options.headers.set(name, token);
1321
+ break;
1322
+ }
1323
+ }
1324
+ }
1325
+ __name(setAuthParams, "setAuthParams");
1326
+ var buildUrl = /* @__PURE__ */ __name((options) => getUrl({
1327
+ baseUrl: options.baseUrl,
1328
+ path: options.path,
1329
+ query: options.query,
1330
+ querySerializer: typeof options.querySerializer === "function" ? options.querySerializer : createQuerySerializer(options.querySerializer),
1331
+ url: options.url
1332
+ }), "buildUrl");
1333
+ var mergeConfigs = /* @__PURE__ */ __name((a, b) => {
1334
+ const config = { ...a, ...b };
1335
+ if (config.baseUrl?.endsWith("/")) {
1336
+ config.baseUrl = config.baseUrl.substring(0, config.baseUrl.length - 1);
1337
+ }
1338
+ config.headers = mergeHeaders(a.headers, b.headers);
1339
+ return config;
1340
+ }, "mergeConfigs");
1341
+ var headersEntries = /* @__PURE__ */ __name((headers) => {
1342
+ const entries = [];
1343
+ headers.forEach((value, key) => {
1344
+ entries.push([key, value]);
1345
+ });
1346
+ return entries;
1347
+ }, "headersEntries");
1348
+ var mergeHeaders = /* @__PURE__ */ __name((...headers) => {
1349
+ const mergedHeaders = new Headers();
1350
+ for (const header of headers) {
1351
+ if (!header) {
1352
+ continue;
1353
+ }
1354
+ const iterator = header instanceof Headers ? headersEntries(header) : Object.entries(header);
1355
+ for (const [key, value] of iterator) {
1356
+ if (value === null) {
1357
+ mergedHeaders.delete(key);
1358
+ } else if (Array.isArray(value)) {
1359
+ for (const v of value) {
1360
+ mergedHeaders.append(key, v);
1361
+ }
1362
+ } else if (value !== void 0) {
1363
+ mergedHeaders.set(
1364
+ key,
1365
+ typeof value === "object" ? JSON.stringify(value) : value
1366
+ );
1367
+ }
1368
+ }
1369
+ }
1370
+ return mergedHeaders;
1371
+ }, "mergeHeaders");
1372
+ var Interceptors = class {
1373
+ static {
1374
+ __name(this, "Interceptors");
1375
+ }
1376
+ fns = [];
1377
+ clear() {
1378
+ this.fns = [];
1379
+ }
1380
+ eject(id) {
1381
+ const index = this.getInterceptorIndex(id);
1382
+ if (this.fns[index]) {
1383
+ this.fns[index] = null;
1384
+ }
1385
+ }
1386
+ exists(id) {
1387
+ const index = this.getInterceptorIndex(id);
1388
+ return Boolean(this.fns[index]);
1389
+ }
1390
+ getInterceptorIndex(id) {
1391
+ if (typeof id === "number") {
1392
+ return this.fns[id] ? id : -1;
1393
+ }
1394
+ return this.fns.indexOf(id);
1395
+ }
1396
+ update(id, fn) {
1397
+ const index = this.getInterceptorIndex(id);
1398
+ if (this.fns[index]) {
1399
+ this.fns[index] = fn;
1400
+ return id;
1401
+ }
1402
+ return false;
1403
+ }
1404
+ use(fn) {
1405
+ this.fns.push(fn);
1406
+ return this.fns.length - 1;
1407
+ }
1408
+ };
1409
+ var createInterceptors = /* @__PURE__ */ __name(() => ({
1410
+ error: new Interceptors(),
1411
+ request: new Interceptors(),
1412
+ response: new Interceptors()
1413
+ }), "createInterceptors");
1414
+ var defaultQuerySerializer = createQuerySerializer({
1415
+ allowReserved: false,
1416
+ array: {
1417
+ explode: true,
1418
+ style: "form"
1419
+ },
1420
+ object: {
1421
+ explode: true,
1422
+ style: "deepObject"
1423
+ }
1424
+ });
1425
+ var defaultHeaders = {
1426
+ "Content-Type": "application/json"
1427
+ };
1428
+ var createConfig = /* @__PURE__ */ __name((override = {}) => ({
1429
+ ...jsonBodySerializer,
1430
+ headers: defaultHeaders,
1431
+ parseAs: "auto",
1432
+ querySerializer: defaultQuerySerializer,
1433
+ ...override
1434
+ }), "createConfig");
1435
+
1436
+ // src/_api/generated/client/client.gen.ts
1437
+ var createClient = /* @__PURE__ */ __name((config = {}) => {
1438
+ let _config = mergeConfigs(createConfig(), config);
1439
+ const getConfig = /* @__PURE__ */ __name(() => ({ ..._config }), "getConfig");
1440
+ const setConfig = /* @__PURE__ */ __name((config2) => {
1441
+ _config = mergeConfigs(_config, config2);
1442
+ return getConfig();
1443
+ }, "setConfig");
1444
+ const interceptors = createInterceptors();
1445
+ const beforeRequest = /* @__PURE__ */ __name(async (options) => {
1446
+ const opts = {
1447
+ ..._config,
1448
+ ...options,
1449
+ fetch: options.fetch ?? _config.fetch ?? globalThis.fetch,
1450
+ headers: mergeHeaders(_config.headers, options.headers),
1451
+ serializedBody: void 0
1452
+ };
1453
+ if (opts.security) {
1454
+ await setAuthParams(opts);
1455
+ }
1456
+ if (opts.requestValidator) {
1457
+ await opts.requestValidator(opts);
1458
+ }
1459
+ if (opts.body !== void 0 && opts.bodySerializer) {
1460
+ opts.serializedBody = opts.bodySerializer(opts.body);
1461
+ }
1462
+ if (opts.body === void 0 || opts.serializedBody === "") {
1463
+ opts.headers.delete("Content-Type");
1464
+ }
1465
+ const resolvedOpts = opts;
1466
+ const url = buildUrl(resolvedOpts);
1467
+ return { opts: resolvedOpts, url };
1468
+ }, "beforeRequest");
1469
+ const request = /* @__PURE__ */ __name(async (options) => {
1470
+ const throwOnError = options.throwOnError ?? _config.throwOnError;
1471
+ const responseStyle = options.responseStyle ?? _config.responseStyle;
1472
+ let request2;
1473
+ let response;
1474
+ try {
1475
+ const { opts, url } = await beforeRequest(options);
1476
+ const requestInit = {
1477
+ redirect: "follow",
1478
+ ...opts,
1479
+ body: getValidRequestBody(opts)
1480
+ };
1481
+ request2 = new Request(url, requestInit);
1482
+ for (const fn of interceptors.request.fns) {
1483
+ if (fn) {
1484
+ request2 = await fn(request2, opts);
1485
+ }
1486
+ }
1487
+ const _fetch = opts.fetch;
1488
+ response = await _fetch(request2);
1489
+ for (const fn of interceptors.response.fns) {
1490
+ if (fn) {
1491
+ response = await fn(response, request2, opts);
1492
+ }
1493
+ }
1494
+ const result = {
1495
+ request: request2,
1496
+ response
1497
+ };
1498
+ if (response.ok) {
1499
+ const parseAs = (opts.parseAs === "auto" ? getParseAs(response.headers.get("Content-Type")) : opts.parseAs) ?? "json";
1500
+ if (response.status === 204 || response.headers.get("Content-Length") === "0") {
1501
+ let emptyData;
1502
+ switch (parseAs) {
1503
+ case "arrayBuffer":
1504
+ case "blob":
1505
+ case "text":
1506
+ emptyData = await response[parseAs]();
1507
+ break;
1508
+ case "formData":
1509
+ emptyData = new FormData();
1510
+ break;
1511
+ case "stream":
1512
+ emptyData = response.body;
1513
+ break;
1514
+ case "json":
1515
+ default:
1516
+ emptyData = {};
1517
+ break;
1518
+ }
1519
+ return opts.responseStyle === "data" ? emptyData : {
1520
+ data: emptyData,
1521
+ ...result
1522
+ };
1959
1523
  }
1524
+ let data;
1525
+ switch (parseAs) {
1526
+ case "arrayBuffer":
1527
+ case "blob":
1528
+ case "formData":
1529
+ case "text":
1530
+ data = await response[parseAs]();
1531
+ break;
1532
+ case "json": {
1533
+ const text = await response.text();
1534
+ data = text ? JSON.parse(text) : {};
1535
+ break;
1536
+ }
1537
+ case "stream":
1538
+ return opts.responseStyle === "data" ? response.body : {
1539
+ data: response.body,
1540
+ ...result
1541
+ };
1542
+ }
1543
+ if (parseAs === "json") {
1544
+ if (opts.responseValidator) {
1545
+ await opts.responseValidator(data);
1546
+ }
1547
+ if (opts.responseTransformer) {
1548
+ data = await opts.responseTransformer(data);
1549
+ }
1550
+ }
1551
+ return opts.responseStyle === "data" ? data : {
1552
+ data,
1553
+ ...result
1554
+ };
1555
+ }
1556
+ const textError = await response.text();
1557
+ let jsonError;
1558
+ try {
1559
+ jsonError = JSON.parse(textError);
1560
+ } catch {
1561
+ }
1562
+ throw jsonError ?? textError;
1563
+ } catch (error) {
1564
+ let finalError = error;
1565
+ for (const fn of interceptors.error.fns) {
1566
+ if (fn) {
1567
+ finalError = await fn(finalError, response, request2, options);
1568
+ }
1569
+ }
1570
+ finalError = finalError || {};
1571
+ if (throwOnError) {
1572
+ throw finalError;
1573
+ }
1574
+ return responseStyle === "data" ? void 0 : {
1575
+ error: finalError,
1576
+ request: request2,
1577
+ response
1578
+ };
1579
+ }
1580
+ }, "request");
1581
+ const makeMethodFn = /* @__PURE__ */ __name((method) => (options) => request({ ...options, method }), "makeMethodFn");
1582
+ const makeSseFn = /* @__PURE__ */ __name((method) => async (options) => {
1583
+ const { opts, url } = await beforeRequest(options);
1584
+ return createSseClient({
1585
+ ...opts,
1586
+ body: opts.body,
1587
+ method,
1588
+ onRequest: /* @__PURE__ */ __name(async (url2, init) => {
1589
+ let request2 = new Request(url2, init);
1590
+ for (const fn of interceptors.request.fns) {
1591
+ if (fn) {
1592
+ request2 = await fn(request2, opts);
1593
+ }
1594
+ }
1595
+ return request2;
1596
+ }, "onRequest"),
1597
+ serializedBody: getValidRequestBody(opts),
1598
+ url
1599
+ });
1600
+ }, "makeSseFn");
1601
+ const _buildUrl = /* @__PURE__ */ __name((options) => buildUrl({ ..._config, ...options }), "_buildUrl");
1602
+ return {
1603
+ buildUrl: _buildUrl,
1604
+ connect: makeMethodFn("CONNECT"),
1605
+ delete: makeMethodFn("DELETE"),
1606
+ get: makeMethodFn("GET"),
1607
+ getConfig,
1608
+ head: makeMethodFn("HEAD"),
1609
+ interceptors,
1610
+ options: makeMethodFn("OPTIONS"),
1611
+ patch: makeMethodFn("PATCH"),
1612
+ post: makeMethodFn("POST"),
1613
+ put: makeMethodFn("PUT"),
1614
+ request,
1615
+ setConfig,
1616
+ sse: {
1617
+ connect: makeSseFn("CONNECT"),
1618
+ delete: makeSseFn("DELETE"),
1619
+ get: makeSseFn("GET"),
1620
+ head: makeSseFn("HEAD"),
1621
+ options: makeSseFn("OPTIONS"),
1622
+ patch: makeSseFn("PATCH"),
1623
+ post: makeSseFn("POST"),
1624
+ put: makeSseFn("PUT"),
1625
+ trace: makeSseFn("TRACE")
1626
+ },
1627
+ trace: makeMethodFn("TRACE")
1628
+ };
1629
+ }, "createClient");
1630
+
1631
+ // src/_api/generated/client.gen.ts
1632
+ var client = createClient(createConfig({ baseUrl: "http://localhost:8000" }));
1633
+ installAuthOnClient(client);
1634
+
1635
+ // src/_api/generated/sdk.gen.ts
1636
+ var CfgAccountsApiKey = class {
1637
+ static {
1638
+ __name(this, "CfgAccountsApiKey");
1639
+ }
1640
+ /**
1641
+ * Get API key details
1642
+ *
1643
+ * Retrieve the current user's API key (masked) and metadata.
1644
+ */
1645
+ static cfgAccountsApiKeyRetrieve(options) {
1646
+ return (options?.client ?? client).get({
1647
+ security: [
1648
+ { scheme: "bearer", type: "http" },
1649
+ {
1650
+ in: "cookie",
1651
+ name: "sessionid",
1652
+ type: "apiKey"
1653
+ },
1654
+ { name: "X-API-Key", type: "apiKey" }
1655
+ ],
1656
+ url: "/cfg/accounts/api-key/",
1657
+ ...options
1658
+ });
1659
+ }
1660
+ /**
1661
+ * Regenerate API key
1662
+ *
1663
+ * Generate a new API key. The full key is returned only once.
1664
+ */
1665
+ static cfgAccountsApiKeyRegenerateCreate(options) {
1666
+ return (options.client ?? client).post({
1667
+ security: [
1668
+ { scheme: "bearer", type: "http" },
1669
+ {
1670
+ in: "cookie",
1671
+ name: "sessionid",
1672
+ type: "apiKey"
1673
+ },
1674
+ { name: "X-API-Key", type: "apiKey" }
1675
+ ],
1676
+ url: "/cfg/accounts/api-key/regenerate/",
1677
+ ...options,
1678
+ headers: {
1679
+ "Content-Type": "application/json",
1680
+ ...options.headers
1681
+ }
1682
+ });
1683
+ }
1684
+ /**
1685
+ * Reveal API key
1686
+ *
1687
+ * Return the current full API key WITHOUT rotating it. The same durable value every one of the user's agents uses — for the signed-in user to copy and paste into agent onboarding. Default GET stays masked; this is the explicit reveal action.
1688
+ */
1689
+ static cfgAccountsApiKeyRevealCreate(options) {
1690
+ return (options.client ?? client).post({
1691
+ security: [
1692
+ { scheme: "bearer", type: "http" },
1693
+ {
1694
+ in: "cookie",
1695
+ name: "sessionid",
1696
+ type: "apiKey"
1697
+ },
1698
+ { name: "X-API-Key", type: "apiKey" }
1699
+ ],
1700
+ url: "/cfg/accounts/api-key/reveal/",
1701
+ ...options,
1702
+ headers: {
1703
+ "Content-Type": "application/json",
1704
+ ...options.headers
1705
+ }
1706
+ });
1707
+ }
1708
+ /**
1709
+ * Test API key
1710
+ *
1711
+ * Test whether an API key is valid without consuming it.
1712
+ */
1713
+ static cfgAccountsApiKeyTestCreate(options) {
1714
+ return (options.client ?? client).post({
1715
+ security: [
1716
+ { scheme: "bearer", type: "http" },
1717
+ {
1718
+ in: "cookie",
1719
+ name: "sessionid",
1720
+ type: "apiKey"
1721
+ },
1722
+ { name: "X-API-Key", type: "apiKey" }
1723
+ ],
1724
+ url: "/cfg/accounts/api-key/test/",
1725
+ ...options,
1726
+ headers: {
1727
+ "Content-Type": "application/json",
1728
+ ...options.headers
1729
+ }
1730
+ });
1731
+ }
1732
+ };
1733
+ var CfgAccountsOauth = class {
1734
+ static {
1735
+ __name(this, "CfgAccountsOauth");
1736
+ }
1737
+ /**
1738
+ * List OAuth connections
1739
+ *
1740
+ * Get all OAuth connections for the current user.
1741
+ */
1742
+ static cfgAccountsOauthConnectionsList(options) {
1743
+ return (options?.client ?? client).get({
1744
+ security: [
1745
+ { name: "X-API-Key", type: "apiKey" },
1746
+ { scheme: "bearer", type: "http" },
1747
+ { name: "Authorization", type: "apiKey" }
1748
+ ],
1749
+ url: "/cfg/accounts/oauth/connections/",
1750
+ ...options
1751
+ });
1752
+ }
1753
+ /**
1754
+ * Disconnect OAuth provider
1755
+ *
1756
+ * Remove OAuth connection for the specified provider.
1757
+ */
1758
+ static cfgAccountsOauthDisconnectCreate(options) {
1759
+ return (options.client ?? client).post({
1760
+ security: [
1761
+ { name: "X-API-Key", type: "apiKey" },
1762
+ { scheme: "bearer", type: "http" },
1763
+ { name: "Authorization", type: "apiKey" }
1764
+ ],
1765
+ url: "/cfg/accounts/oauth/disconnect/",
1766
+ ...options,
1767
+ headers: {
1768
+ "Content-Type": "application/json",
1769
+ ...options.headers
1960
1770
  }
1961
- };
1962
- COOKIE_MAX_AGE = 60 * 60 * 24 * 30;
1963
- cookieBackend = {
1964
- get(key) {
1965
- if (!isBrowser) return null;
1966
- try {
1967
- const re = new RegExp(`(?:^|;\\s*)${encodeURIComponent(key)}=([^;]*)`);
1968
- const m = document.cookie.match(re);
1969
- return m ? decodeURIComponent(m[1]) : null;
1970
- } catch {
1971
- return null;
1972
- }
1973
- },
1974
- set(key, value) {
1975
- if (!isBrowser) return;
1976
- try {
1977
- const k = encodeURIComponent(key);
1978
- const secure = window.location.protocol === "https:" ? "; Secure" : "";
1979
- if (value === null) {
1980
- document.cookie = `${k}=; Path=/; Max-Age=0; SameSite=Lax${secure}`;
1981
- } else {
1982
- const v = encodeURIComponent(value);
1983
- document.cookie = `${k}=${v}; Path=/; Max-Age=${COOKIE_MAX_AGE}; SameSite=Lax${secure}`;
1984
- }
1985
- } catch {
1986
- }
1771
+ });
1772
+ }
1773
+ /**
1774
+ * Start GitHub OAuth
1775
+ *
1776
+ * Generate GitHub OAuth authorization URL. Redirect user to this URL to start authentication.
1777
+ */
1778
+ static cfgAccountsOauthGithubAuthorizeCreate(options) {
1779
+ return (options?.client ?? client).post({
1780
+ url: "/cfg/accounts/oauth/github/authorize/",
1781
+ ...options,
1782
+ headers: {
1783
+ "Content-Type": "application/json",
1784
+ ...options?.headers
1987
1785
  }
1988
- };
1989
- _storage = localStorageBackend;
1990
- _storageMode = "localStorage";
1991
- __name(detectLocale, "detectLocale");
1992
- __name(defaultBaseUrl, "defaultBaseUrl");
1993
- __name(defaultApiKey, "defaultApiKey");
1994
- _localeOverride = null;
1995
- _apiKeyOverride = null;
1996
- _baseUrlOverride = null;
1997
- _withCredentials = true;
1998
- _onUnauthorized = null;
1999
- _refreshHandler = null;
2000
- _refreshInflight = null;
2001
- RETRY_MARKER = "X-Auth-Retry";
2002
- __name(jwtExpMs, "jwtExpMs");
2003
- __name(computeSnapshot, "computeSnapshot");
2004
- SERVER_SNAPSHOT = { status: "anonymous", accessExpiresAt: null };
2005
- SESSION_SYNC_EVENT = `cfg-auth:changed:${ACCESS_KEY}`;
2006
- _snapshot = computeSnapshot();
2007
- _sessionListeners = /* @__PURE__ */ new Set();
2008
- _expiryTimer = null;
2009
- _storageListenerInstalled = false;
2010
- __name(scheduleExpiryFlip, "scheduleExpiryFlip");
2011
- __name(notifySessionChanged, "notifySessionChanged");
2012
- __name(ensureStorageSync, "ensureStorageSync");
2013
- _sessionExpiredHandlers = /* @__PURE__ */ new Set();
2014
- _client = null;
2015
- __name(pushClientConfig, "pushClientConfig");
2016
- auth = {
2017
- // ── Storage mode ──────────────────────────────────────────────────
2018
- getStorageMode() {
2019
- return _storageMode;
2020
- },
2021
- setStorageMode(mode) {
2022
- _storageMode = mode;
2023
- _storage = mode === "cookie" ? cookieBackend : localStorageBackend;
2024
- notifySessionChanged();
2025
- },
2026
- // ── Bearer token ──────────────────────────────────────────────────
2027
- getToken() {
2028
- return _storage.get(ACCESS_KEY);
2029
- },
2030
- setToken(token) {
2031
- _storage.set(ACCESS_KEY, token);
2032
- notifySessionChanged();
2033
- },
2034
- getRefreshToken() {
2035
- return _storage.get(REFRESH_KEY);
2036
- },
2037
- setRefreshToken(token) {
2038
- _storage.set(REFRESH_KEY, token);
2039
- notifySessionChanged();
2040
- },
2041
- clearTokens() {
2042
- _storage.set(ACCESS_KEY, null);
2043
- _storage.set(REFRESH_KEY, null);
2044
- notifySessionChanged();
2045
- },
2046
- /** Session-aware: token PRESENT and not past its `exp` (or a live refresh
2047
- * token exists that can mint one). Prefer `getSnapshot().status` in React. */
2048
- isAuthenticated() {
2049
- return computeSnapshot().status === "authenticated";
2050
- },
2051
- // ── Session (the ONE write path for login/logout flows) ──────────
2052
- /**
2053
- * Persist a token pair atomically. Every login flow (OTP verify, 2FA,
2054
- * OAuth callback) and the refresh handler should end here — do NOT
2055
- * scatter `setToken`/`setRefreshToken` pairs through app code.
2056
- * `refresh: undefined` keeps the current refresh token (access-only
2057
- * rotation); `refresh: null` explicitly drops it.
2058
- */
2059
- setSession(tokens) {
2060
- _storage.set(ACCESS_KEY, tokens.access);
2061
- if (tokens.refresh !== void 0) _storage.set(REFRESH_KEY, tokens.refresh);
2062
- notifySessionChanged();
2063
- },
2064
- clearSession() {
2065
- auth.clearTokens();
2066
- },
2067
- // ── Reactive snapshot (for useSyncExternalStore) ──────────────────
2068
- /**
2069
- * @example React:
2070
- * const session = useSyncExternalStore(
2071
- * auth.subscribe, auth.getSnapshot, auth.getServerSnapshot,
2072
- * );
2073
- * const isAuthenticated = session.status === 'authenticated';
2074
- */
2075
- getSnapshot() {
2076
- return _snapshot;
2077
- },
2078
- getServerSnapshot() {
2079
- return SERVER_SNAPSHOT;
2080
- },
2081
- subscribe(listener) {
2082
- ensureStorageSync();
2083
- _sessionListeners.add(listener);
2084
- notifySessionChanged();
2085
- return () => {
2086
- _sessionListeners.delete(listener);
2087
- if (_sessionListeners.size === 0 && _expiryTimer !== null) {
2088
- clearTimeout(_expiryTimer);
2089
- _expiryTimer = null;
2090
- }
2091
- };
2092
- },
2093
- /**
2094
- * Fired on TERMINAL 401 — after the refresh+retry path is exhausted.
2095
- * The store has already cleared the session before calling back, so
2096
- * handlers only need to route to login (no clear-then-redirect
2097
- * ordering to get wrong). Returns an unsubscribe function; multiple
2098
- * handlers compose (unlike the legacy single-slot `onUnauthorized`).
2099
- */
2100
- onSessionExpired(cb) {
2101
- _sessionExpiredHandlers.add(cb);
2102
- return () => {
2103
- _sessionExpiredHandlers.delete(cb);
2104
- };
2105
- },
2106
- // ── API key ───────────────────────────────────────────────────────
2107
- getApiKey() {
2108
- return _apiKeyOverride ?? _storage.get(API_KEY_KEY) ?? defaultApiKey();
2109
- },
2110
- setApiKey(key) {
2111
- _apiKeyOverride = key;
2112
- },
2113
- setApiKeyPersist(key) {
2114
- _apiKeyOverride = key;
2115
- _storage.set(API_KEY_KEY, key);
2116
- },
2117
- clearApiKey() {
2118
- _apiKeyOverride = null;
2119
- _storage.set(API_KEY_KEY, null);
2120
- },
2121
- // ── Locale ────────────────────────────────────────────────────────
2122
- getLocale() {
2123
- return _localeOverride ?? detectLocale();
2124
- },
2125
- setLocale(locale) {
2126
- _localeOverride = locale;
2127
- },
2128
- // ── Base URL ──────────────────────────────────────────────────────
2129
- getBaseUrl() {
2130
- const url = _baseUrlOverride ?? defaultBaseUrl();
2131
- return url.replace(/\/$/, "");
2132
- },
2133
- setBaseUrl(url) {
2134
- _baseUrlOverride = url ? url.replace(/\/$/, "") : null;
2135
- pushClientConfig();
2136
- },
2137
- // ── Credentials toggle ────────────────────────────────────────────
2138
- getWithCredentials() {
2139
- return _withCredentials;
2140
- },
2141
- setWithCredentials(value) {
2142
- _withCredentials = value;
2143
- pushClientConfig();
2144
- },
2145
- // ── 401 handler ───────────────────────────────────────────────────
2146
- /**
2147
- * Fired when the server returns 401 AND no refresh path recovers it
2148
- * (no refresh token, no refresh handler, refresh failed, or retry
2149
- * still 401). The app should clear local state and redirect to login.
2150
- *
2151
- * NOT fired for 401 that gets transparently recovered by the refresh
2152
- * handler — those are invisible to callers.
2153
- */
2154
- onUnauthorized(cb) {
2155
- _onUnauthorized = cb;
2156
- },
2157
- /**
2158
- * Register the refresh strategy. The handler receives the current
2159
- * refresh token and must call your refresh endpoint, returning
2160
- * `{ access, refresh? }` on success or `null` on failure.
2161
- *
2162
- * @example
2163
- * auth.setRefreshHandler(async (refresh) => {
2164
- * const { data } = await Auth.tokenRefreshCreate({ body: { refresh } });
2165
- * return data ? { access: data.access, refresh: data.refresh } : null;
2166
- * });
2167
- */
2168
- setRefreshHandler(fn) {
2169
- _refreshHandler = fn;
2170
- },
2171
- /**
2172
- * Proactively run the registered refresh handler right now, reusing the
2173
- * SAME single-flight promise as the 401-recovery interceptor. Callers
2174
- * (e.g. an expiry timer / focus / reconnect) get token rotation,
2175
- * de-duplication and rotated-token persistence for free — they must NOT
2176
- * re-implement any of it. Returns the fresh access token, or null if
2177
- * there is no handler / no refresh token / the refresh failed.
2178
- */
2179
- refreshNow() {
2180
- return tryRefresh();
1786
+ });
1787
+ }
1788
+ /**
1789
+ * Complete GitHub OAuth
1790
+ *
1791
+ * Exchange authorization code for JWT tokens. Call this after GitHub redirects back with code.
1792
+ */
1793
+ static cfgAccountsOauthGithubCallbackCreate(options) {
1794
+ return (options.client ?? client).post({
1795
+ url: "/cfg/accounts/oauth/github/callback/",
1796
+ ...options,
1797
+ headers: {
1798
+ "Content-Type": "application/json",
1799
+ ...options.headers
2181
1800
  }
2182
- };
2183
- __name(tryRefresh, "tryRefresh");
2184
- __name(expireSession, "expireSession");
2185
- __name(dpopEnabled, "dpopEnabled");
2186
- _DPOP_DB = "cfg-auth";
2187
- _DPOP_STORE = "keys";
2188
- _DPOP_KEY_ID = "dpop-ec-p256";
2189
- __name(_idbOpen, "_idbOpen");
2190
- __name(_idbGet, "_idbGet");
2191
- __name(_idbPut, "_idbPut");
2192
- _dpopKeyPromise = null;
2193
- __name(_getDpopKeyPair, "_getDpopKeyPair");
2194
- __name(_b64urlFromBytes, "_b64urlFromBytes");
2195
- __name(_b64urlFromString, "_b64urlFromString");
2196
- __name(_publicJwk, "_publicJwk");
2197
- __name(_makeDpopProof, "_makeDpopProof");
2198
- __name(installAuthOnClient, "installAuthOnClient");
2199
- auth.setRefreshHandler(async (refresh) => {
2200
- try {
2201
- const { CfgAccountsAuth: CfgAccountsAuth2 } = await Promise.resolve().then(() => (init_sdk_gen(), sdk_gen_exports));
2202
- const { data } = await CfgAccountsAuth2.cfgAccountsTokenRefreshCreate({
2203
- body: { refresh },
2204
- throwOnError: true
2205
- });
2206
- return data?.access ? { access: data.access, refresh: data.refresh ?? refresh } : null;
2207
- } catch {
2208
- return null;
1801
+ });
1802
+ }
1803
+ /**
1804
+ * List OAuth providers
1805
+ *
1806
+ * Get list of available OAuth providers for authentication.
1807
+ */
1808
+ static cfgAccountsOauthProvidersRetrieve(options) {
1809
+ return (options?.client ?? client).get({ url: "/cfg/accounts/oauth/providers/", ...options });
1810
+ }
1811
+ };
1812
+ var CfgAccounts = class {
1813
+ static {
1814
+ __name(this, "CfgAccounts");
1815
+ }
1816
+ /**
1817
+ * Request OTP code to email.
1818
+ */
1819
+ static cfgAccountsOtpRequestCreate(options) {
1820
+ return (options.client ?? client).post({
1821
+ security: [
1822
+ { name: "X-API-Key", type: "apiKey" },
1823
+ { scheme: "bearer", type: "http" },
1824
+ { name: "Authorization", type: "apiKey" }
1825
+ ],
1826
+ url: "/cfg/accounts/otp/request/",
1827
+ ...options,
1828
+ headers: {
1829
+ "Content-Type": "application/json",
1830
+ ...options.headers
1831
+ }
1832
+ });
1833
+ }
1834
+ /**
1835
+ * Verify OTP code and return JWT tokens or 2FA session.
1836
+ *
1837
+ * If user has 2FA enabled:
1838
+ * - Returns requires_2fa=True with session_id
1839
+ * - Client must complete 2FA verification at /cfg/totp/verify/
1840
+ *
1841
+ * If user has no 2FA:
1842
+ * - Returns JWT tokens and user data directly
1843
+ */
1844
+ static cfgAccountsOtpVerifyCreate(options) {
1845
+ return (options.client ?? client).post({
1846
+ security: [
1847
+ { name: "X-API-Key", type: "apiKey" },
1848
+ { scheme: "bearer", type: "http" },
1849
+ { name: "Authorization", type: "apiKey" }
1850
+ ],
1851
+ url: "/cfg/accounts/otp/verify/",
1852
+ ...options,
1853
+ headers: {
1854
+ "Content-Type": "application/json",
1855
+ ...options.headers
2209
1856
  }
2210
1857
  });
2211
1858
  }
2212
- });
2213
-
2214
- // src/index.ts
2215
- var index_exports = {};
2216
- __export(index_exports, {
2217
- APIError: () => APIError,
2218
- APILogger: () => APILogger,
2219
- CfgAccounts: () => CfgAccounts,
2220
- CfgAccountsAPI: () => API,
2221
- CfgAccountsApi: () => CfgAccountsApi,
2222
- CfgAccountsApiKey: () => CfgAccountsApiKey,
2223
- CfgAccountsAuth: () => CfgAccountsAuth,
2224
- CfgAccountsOauth: () => CfgAccountsOauth,
2225
- CfgAccountsProfile: () => CfgAccountsProfile,
2226
- CfgCentrifugo: () => CfgCentrifugo,
2227
- CfgCentrifugoAPI: () => API2,
2228
- CfgCentrifugoApi: () => CfgCentrifugoApi,
2229
- CfgTotp: () => CfgTotp,
2230
- CfgTotpAPI: () => API3,
2231
- CfgTotpApi: () => CfgTotpApi,
2232
- CfgTotpBackupCodes: () => CfgTotpBackupCodes,
2233
- CfgTotpSetup: () => CfgTotpSetup,
2234
- CfgTotpVerify: () => CfgTotpVerify,
2235
- CookieStorageAdapter: () => CookieStorageAdapter,
2236
- LocalStorageAdapter: () => LocalStorageAdapter,
2237
- MemoryStorageAdapter: () => MemoryStorageAdapter,
2238
- NetworkError: () => NetworkError,
2239
- api: () => CfgAccountsApi,
2240
- applyRoleLogPolicy: () => applyRoleLogPolicy,
2241
- auth: () => auth,
2242
- defaultLogger: () => defaultLogger,
2243
- dispatchValidationError: () => dispatchValidationError,
2244
- dpopEnabled: () => dpopEnabled2,
2245
- formatZodError: () => formatZodError,
2246
- getLogLevel: () => getLogLevel,
2247
- isBrowser: () => isBrowser2,
2248
- isDev: () => isDev,
2249
- isProd: () => isProd,
2250
- isStaticBuild: () => isStaticBuild,
2251
- onLogLevelChange: () => onLogLevelChange,
2252
- onValidationError: () => onValidationError,
2253
- setLogLevel: () => setLogLevel
2254
- });
2255
- module.exports = __toCommonJS(index_exports);
2256
-
2257
- // src/_api/generated/index.ts
2258
- init_auth();
2259
- init_auth();
2260
-
2261
- // src/_api/generated/_cfg_accounts/api.ts
2262
- init_auth();
2263
-
2264
- // src/_api/generated/helpers/logger.ts
2265
- var import_consola = require("consola");
2266
- var DEFAULT_CONFIG = {
2267
- enabled: typeof process !== "undefined" && process.env.NODE_ENV !== "production",
2268
- logRequests: true,
2269
- logResponses: true,
2270
- logErrors: true,
2271
- logBodies: true,
2272
- logHeaders: false
2273
1859
  };
2274
- var SENSITIVE_HEADERS = [
2275
- "authorization",
2276
- "cookie",
2277
- "set-cookie",
2278
- "x-api-key",
2279
- "x-csrf-token"
2280
- ];
2281
- var APILogger = class {
1860
+ var CfgAccountsProfile = class {
2282
1861
  static {
2283
- __name(this, "APILogger");
1862
+ __name(this, "CfgAccountsProfile");
2284
1863
  }
2285
- config;
2286
- consola;
2287
- constructor(config = {}) {
2288
- this.config = { ...DEFAULT_CONFIG, ...config };
2289
- this.consola = config.consola || (0, import_consola.createConsola)({
2290
- level: this.config.enabled ? 4 : 0
1864
+ /**
1865
+ * Get current user profile
1866
+ *
1867
+ * Retrieve the current authenticated user's profile information.
1868
+ */
1869
+ static cfgAccountsProfileRetrieve(options) {
1870
+ return (options?.client ?? client).get({
1871
+ security: [{ scheme: "bearer", type: "http" }, {
1872
+ in: "cookie",
1873
+ name: "sessionid",
1874
+ type: "apiKey"
1875
+ }],
1876
+ url: "/cfg/accounts/profile/",
1877
+ ...options
2291
1878
  });
2292
1879
  }
2293
- enable() {
2294
- this.config.enabled = true;
1880
+ /**
1881
+ * Upload user avatar
1882
+ *
1883
+ * Upload avatar image for the current authenticated user. Accepts multipart/form-data with 'avatar' field.
1884
+ */
1885
+ static cfgAccountsProfileAvatarCreate(options) {
1886
+ return (options?.client ?? client).post({
1887
+ ...formDataBodySerializer,
1888
+ security: [
1889
+ { name: "X-API-Key", type: "apiKey" },
1890
+ { scheme: "bearer", type: "http" },
1891
+ { name: "Authorization", type: "apiKey" }
1892
+ ],
1893
+ url: "/cfg/accounts/profile/avatar/",
1894
+ ...options,
1895
+ headers: {
1896
+ "Content-Type": null,
1897
+ ...options?.headers
1898
+ }
1899
+ });
2295
1900
  }
2296
- disable() {
2297
- this.config.enabled = false;
1901
+ /**
1902
+ * Delete user account
1903
+ *
1904
+ *
1905
+ * Permanently delete the current user's account.
1906
+ *
1907
+ * This operation:
1908
+ * - Deactivates the account (user cannot log in)
1909
+ * - Anonymizes personal data (GDPR compliance)
1910
+ * - Frees up the email address for re-registration
1911
+ * - Preserves audit trail
1912
+ *
1913
+ * The account can be restored by an administrator if needed.
1914
+ *
1915
+ */
1916
+ static cfgAccountsProfileDeleteCreate(options) {
1917
+ return (options?.client ?? client).post({
1918
+ security: [{ scheme: "bearer", type: "http" }, {
1919
+ in: "cookie",
1920
+ name: "sessionid",
1921
+ type: "apiKey"
1922
+ }],
1923
+ url: "/cfg/accounts/profile/delete/",
1924
+ ...options
1925
+ });
2298
1926
  }
2299
- setConfig(config) {
2300
- this.config = { ...this.config, ...config };
1927
+ /**
1928
+ * Partial update user profile
1929
+ *
1930
+ * Partially update the current authenticated user's profile information. Supports avatar upload.
1931
+ */
1932
+ static cfgAccountsProfilePartialPartialUpdate(options) {
1933
+ return (options?.client ?? client).patch({
1934
+ security: [{ scheme: "bearer", type: "http" }, {
1935
+ in: "cookie",
1936
+ name: "sessionid",
1937
+ type: "apiKey"
1938
+ }],
1939
+ url: "/cfg/accounts/profile/partial/",
1940
+ ...options,
1941
+ headers: {
1942
+ "Content-Type": "application/json",
1943
+ ...options?.headers
1944
+ }
1945
+ });
2301
1946
  }
2302
- filterHeaders(headers) {
2303
- if (!headers) return {};
2304
- const filtered = {};
2305
- Object.keys(headers).forEach((key) => {
2306
- filtered[key] = SENSITIVE_HEADERS.includes(key.toLowerCase()) ? "***" : headers[key] || "";
1947
+ /**
1948
+ * Partial update user profile
1949
+ *
1950
+ * Partially update the current authenticated user's profile information. Supports avatar upload.
1951
+ */
1952
+ static cfgAccountsProfilePartialUpdate(options) {
1953
+ return (options?.client ?? client).put({
1954
+ security: [{ scheme: "bearer", type: "http" }, {
1955
+ in: "cookie",
1956
+ name: "sessionid",
1957
+ type: "apiKey"
1958
+ }],
1959
+ url: "/cfg/accounts/profile/partial/",
1960
+ ...options,
1961
+ headers: {
1962
+ "Content-Type": "application/json",
1963
+ ...options?.headers
1964
+ }
2307
1965
  });
2308
- return filtered;
2309
1966
  }
2310
- logRequest(request) {
2311
- if (!this.config.enabled || !this.config.logRequests) return;
2312
- const { method, url, headers, body } = request;
2313
- this.consola.start(`${method} ${url}`);
2314
- if (this.config.logHeaders && headers) this.consola.debug("Headers:", this.filterHeaders(headers));
2315
- if (this.config.logBodies && body) this.consola.debug("Body:", body);
1967
+ /**
1968
+ * Update user profile
1969
+ *
1970
+ * Update the current authenticated user's profile information.
1971
+ */
1972
+ static cfgAccountsProfileUpdatePartialUpdate(options) {
1973
+ return (options?.client ?? client).patch({
1974
+ security: [{ scheme: "bearer", type: "http" }, {
1975
+ in: "cookie",
1976
+ name: "sessionid",
1977
+ type: "apiKey"
1978
+ }],
1979
+ url: "/cfg/accounts/profile/update/",
1980
+ ...options,
1981
+ headers: {
1982
+ "Content-Type": "application/json",
1983
+ ...options?.headers
1984
+ }
1985
+ });
2316
1986
  }
2317
- logResponse(request, response) {
2318
- if (!this.config.enabled || !this.config.logResponses) return;
2319
- const { method, url } = request;
2320
- const { status, statusText, data, duration } = response;
2321
- this.consola.success(`${method} ${url} ${status} ${statusText} (${duration}ms)`);
2322
- if (this.config.logBodies && data) this.consola.debug("Response:", data);
1987
+ /**
1988
+ * Update user profile
1989
+ *
1990
+ * Update the current authenticated user's profile information.
1991
+ */
1992
+ static cfgAccountsProfileUpdateUpdate(options) {
1993
+ return (options?.client ?? client).put({
1994
+ security: [{ scheme: "bearer", type: "http" }, {
1995
+ in: "cookie",
1996
+ name: "sessionid",
1997
+ type: "apiKey"
1998
+ }],
1999
+ url: "/cfg/accounts/profile/update/",
2000
+ ...options,
2001
+ headers: {
2002
+ "Content-Type": "application/json",
2003
+ ...options?.headers
2004
+ }
2005
+ });
2323
2006
  }
2324
- logError(request, error) {
2325
- if (!this.config.enabled || !this.config.logErrors) return;
2326
- const { method, url } = request;
2327
- const { message, statusCode, fieldErrors, duration } = error;
2328
- this.consola.error(`${method} ${url} ${statusCode || "Network"} Error (${duration}ms)`);
2329
- this.consola.error("Message:", message);
2330
- if (fieldErrors && Object.keys(fieldErrors).length > 0) {
2331
- this.consola.error("Field Errors:");
2332
- Object.entries(fieldErrors).forEach(([field, errors]) => {
2333
- errors.forEach((err) => this.consola.error(` \u2022 ${field}: ${err}`));
2334
- });
2335
- }
2007
+ };
2008
+ var CfgAccountsAuth = class {
2009
+ static {
2010
+ __name(this, "CfgAccountsAuth");
2336
2011
  }
2337
- info(message, ...args) {
2338
- if (this.config.enabled) this.consola.info(message, ...args);
2012
+ /**
2013
+ * Revoke a refresh token (logout).
2014
+ *
2015
+ * Blacklists the posted refresh token so it can never mint another access
2016
+ * token. Called best-effort by the client's logout — without it, "logout"
2017
+ * is purely client-side and a stolen refresh token survives until expiry.
2018
+ */
2019
+ static cfgAccountsTokenBlacklistCreate(options) {
2020
+ return (options.client ?? client).post({
2021
+ url: "/cfg/accounts/token/blacklist/",
2022
+ ...options,
2023
+ headers: {
2024
+ "Content-Type": "application/json",
2025
+ ...options.headers
2026
+ }
2027
+ });
2339
2028
  }
2340
- warn(message, ...args) {
2341
- if (this.config.enabled) this.consola.warn(message, ...args);
2029
+ /**
2030
+ * Refresh JWT token.
2031
+ *
2032
+ * DPoP-aware: when the incoming refresh token is key-bound (`cnf.jkt`), the
2033
+ * rotated access/refresh in the response are re-stamped with the same `cnf`
2034
+ * (stock SimpleJWT drops it from the derived access), and a matching DPoP
2035
+ * proof is required on the refresh request — so a stolen refresh token can't
2036
+ * be used to mint fresh tokens.
2037
+ */
2038
+ static cfgAccountsTokenRefreshCreate(options) {
2039
+ return (options.client ?? client).post({
2040
+ url: "/cfg/accounts/token/refresh/",
2041
+ ...options,
2042
+ headers: {
2043
+ "Content-Type": "application/json",
2044
+ ...options.headers
2045
+ }
2046
+ });
2342
2047
  }
2343
- error(message, ...args) {
2344
- if (this.config.enabled) this.consola.error(message, ...args);
2048
+ };
2049
+ var CfgCentrifugo = class {
2050
+ static {
2051
+ __name(this, "CfgCentrifugo");
2345
2052
  }
2346
- debug(message, ...args) {
2347
- if (this.config.enabled) this.consola.debug(message, ...args);
2053
+ /**
2054
+ * Get Centrifugo connection token
2055
+ *
2056
+ * Generate JWT token for WebSocket connection to Centrifugo. Token includes user's allowed channels based on their permissions. Requires authentication.
2057
+ */
2058
+ static cfgCentrifugoAuthTokenRetrieve(options) {
2059
+ return (options?.client ?? client).get({
2060
+ security: [
2061
+ { name: "X-API-Key", type: "apiKey" },
2062
+ { scheme: "bearer", type: "http" },
2063
+ { name: "Authorization", type: "apiKey" }
2064
+ ],
2065
+ url: "/cfg/centrifugo/auth/token/",
2066
+ ...options
2067
+ });
2348
2068
  }
2349
- success(message, ...args) {
2350
- if (this.config.enabled) this.consola.success(message, ...args);
2069
+ };
2070
+ var CfgTotpBackupCodes = class {
2071
+ static {
2072
+ __name(this, "CfgTotpBackupCodes");
2351
2073
  }
2352
- withTag(tag) {
2353
- return this.consola.withTag(tag);
2074
+ /**
2075
+ * Get backup codes status for user.
2076
+ */
2077
+ static cfgTotpBackupCodesRetrieve(options) {
2078
+ return (options?.client ?? client).get({
2079
+ security: [
2080
+ { name: "X-API-Key", type: "apiKey" },
2081
+ { scheme: "bearer", type: "http" },
2082
+ { name: "Authorization", type: "apiKey" }
2083
+ ],
2084
+ url: "/cfg/totp/backup-codes/",
2085
+ ...options
2086
+ });
2087
+ }
2088
+ /**
2089
+ * Regenerate backup codes.
2090
+ *
2091
+ * Requires TOTP code for verification.
2092
+ * Invalidates all existing codes.
2093
+ */
2094
+ static cfgTotpBackupCodesRegenerateCreate(options) {
2095
+ return (options.client ?? client).post({
2096
+ security: [
2097
+ { name: "X-API-Key", type: "apiKey" },
2098
+ { scheme: "bearer", type: "http" },
2099
+ { name: "Authorization", type: "apiKey" }
2100
+ ],
2101
+ url: "/cfg/totp/backup-codes/regenerate/",
2102
+ ...options,
2103
+ headers: {
2104
+ "Content-Type": "application/json",
2105
+ ...options.headers
2106
+ }
2107
+ });
2108
+ }
2109
+ };
2110
+ var CfgTotp = class {
2111
+ static {
2112
+ __name(this, "CfgTotp");
2113
+ }
2114
+ /**
2115
+ * List all TOTP devices for user.
2116
+ */
2117
+ static cfgTotpDevicesRetrieve(options) {
2118
+ return (options?.client ?? client).get({
2119
+ security: [
2120
+ { name: "X-API-Key", type: "apiKey" },
2121
+ { scheme: "bearer", type: "http" },
2122
+ { name: "Authorization", type: "apiKey" }
2123
+ ],
2124
+ url: "/cfg/totp/devices/",
2125
+ ...options
2126
+ });
2127
+ }
2128
+ /**
2129
+ * Delete a TOTP device.
2130
+ *
2131
+ * Requires verification code if removing the last/primary device.
2132
+ */
2133
+ static cfgTotpDevicesDestroy(options) {
2134
+ return (options.client ?? client).delete({
2135
+ security: [
2136
+ { name: "X-API-Key", type: "apiKey" },
2137
+ { scheme: "bearer", type: "http" },
2138
+ { name: "Authorization", type: "apiKey" }
2139
+ ],
2140
+ url: "/cfg/totp/devices/{id}/",
2141
+ ...options
2142
+ });
2143
+ }
2144
+ /**
2145
+ * Completely disable 2FA for account.
2146
+ *
2147
+ * Requires verification code.
2148
+ */
2149
+ static cfgTotpDisableCreate(options) {
2150
+ return (options.client ?? client).post({
2151
+ security: [
2152
+ { name: "X-API-Key", type: "apiKey" },
2153
+ { scheme: "bearer", type: "http" },
2154
+ { name: "Authorization", type: "apiKey" }
2155
+ ],
2156
+ url: "/cfg/totp/disable/",
2157
+ ...options,
2158
+ headers: {
2159
+ "Content-Type": "application/json",
2160
+ ...options.headers
2161
+ }
2162
+ });
2163
+ }
2164
+ };
2165
+ var CfgTotpSetup = class {
2166
+ static {
2167
+ __name(this, "CfgTotpSetup");
2168
+ }
2169
+ /**
2170
+ * Start 2FA setup process.
2171
+ *
2172
+ * Creates a new TOTP device and returns QR code for scanning.
2173
+ */
2174
+ static cfgTotpSetupCreate(options) {
2175
+ return (options?.client ?? client).post({
2176
+ security: [
2177
+ { name: "X-API-Key", type: "apiKey" },
2178
+ { scheme: "bearer", type: "http" },
2179
+ { name: "Authorization", type: "apiKey" }
2180
+ ],
2181
+ url: "/cfg/totp/setup/",
2182
+ ...options,
2183
+ headers: {
2184
+ "Content-Type": "application/json",
2185
+ ...options?.headers
2186
+ }
2187
+ });
2188
+ }
2189
+ /**
2190
+ * Confirm 2FA setup with first valid code.
2191
+ *
2192
+ * Activates the device and generates backup codes.
2193
+ */
2194
+ static cfgTotpSetupConfirmCreate(options) {
2195
+ return (options.client ?? client).post({
2196
+ security: [
2197
+ { name: "X-API-Key", type: "apiKey" },
2198
+ { scheme: "bearer", type: "http" },
2199
+ { name: "Authorization", type: "apiKey" }
2200
+ ],
2201
+ url: "/cfg/totp/setup/confirm/",
2202
+ ...options,
2203
+ headers: {
2204
+ "Content-Type": "application/json",
2205
+ ...options.headers
2206
+ }
2207
+ });
2208
+ }
2209
+ };
2210
+ var CfgTotpVerify = class {
2211
+ static {
2212
+ __name(this, "CfgTotpVerify");
2213
+ }
2214
+ /**
2215
+ * Verify TOTP code for 2FA session.
2216
+ *
2217
+ * Completes authentication and returns JWT tokens on success.
2218
+ */
2219
+ static cfgTotpVerifyCreate(options) {
2220
+ return (options.client ?? client).post({
2221
+ security: [
2222
+ { name: "X-API-Key", type: "apiKey" },
2223
+ { scheme: "bearer", type: "http" },
2224
+ { name: "Authorization", type: "apiKey" }
2225
+ ],
2226
+ url: "/cfg/totp/verify/",
2227
+ ...options,
2228
+ headers: {
2229
+ "Content-Type": "application/json",
2230
+ ...options.headers
2231
+ }
2232
+ });
2233
+ }
2234
+ /**
2235
+ * Verify backup recovery code for 2FA session.
2236
+ *
2237
+ * Alternative verification method when TOTP device unavailable.
2238
+ */
2239
+ static cfgTotpVerifyBackupCreate(options) {
2240
+ return (options.client ?? client).post({
2241
+ security: [
2242
+ { name: "X-API-Key", type: "apiKey" },
2243
+ { scheme: "bearer", type: "http" },
2244
+ { name: "Authorization", type: "apiKey" }
2245
+ ],
2246
+ url: "/cfg/totp/verify/backup/",
2247
+ ...options,
2248
+ headers: {
2249
+ "Content-Type": "application/json",
2250
+ ...options.headers
2251
+ }
2252
+ });
2354
2253
  }
2355
2254
  };
2356
- var defaultLogger = new APILogger();
2357
2255
 
2358
2256
  // src/_api/generated/_cfg_accounts/api.ts
2359
- init_sdk_gen();
2360
- init_sdk_gen();
2361
- init_sdk_gen();
2362
- init_sdk_gen();
2363
- init_sdk_gen();
2364
2257
  var API = class {
2365
2258
  static {
2366
2259
  __name(this, "API");
@@ -2436,9 +2329,6 @@ var API = class {
2436
2329
  }
2437
2330
  };
2438
2331
 
2439
- // src/_api/generated/helpers/index.ts
2440
- init_auth();
2441
-
2442
2332
  // src/_api/generated/helpers/storage.ts
2443
2333
  var LocalStorageAdapter = class {
2444
2334
  static {
@@ -2529,9 +2419,6 @@ var CookieStorageAdapter = class {
2529
2419
  }
2530
2420
  };
2531
2421
 
2532
- // src/_api/generated/helpers/index.ts
2533
- init_errors();
2534
-
2535
2422
  // src/_api/generated/helpers/validation-events.ts
2536
2423
  function dispatchValidationError(detail) {
2537
2424
  if (typeof window === "undefined") return;
@@ -2570,8 +2457,6 @@ function formatZodError(error) {
2570
2457
  __name(formatZodError, "formatZodError");
2571
2458
 
2572
2459
  // src/_api/generated/_cfg_centrifugo/api.ts
2573
- init_auth();
2574
- init_sdk_gen();
2575
2460
  var API2 = class {
2576
2461
  static {
2577
2462
  __name(this, "API");
@@ -2644,11 +2529,6 @@ var API2 = class {
2644
2529
  };
2645
2530
 
2646
2531
  // src/_api/generated/_cfg_totp/api.ts
2647
- init_auth();
2648
- init_sdk_gen();
2649
- init_sdk_gen();
2650
- init_sdk_gen();
2651
- init_sdk_gen();
2652
2532
  var API3 = class {
2653
2533
  static {
2654
2534
  __name(this, "API");
@@ -2728,9 +2608,6 @@ var CfgAccountsApi = new API();
2728
2608
  var CfgCentrifugoApi = new API2();
2729
2609
  var CfgTotpApi = new API3();
2730
2610
 
2731
- // src/index.ts
2732
- init_sdk_gen();
2733
-
2734
2611
  // src/auth/utils/env.ts
2735
2612
  var isDev = process.env.NODE_ENV === "development";
2736
2613
  var isProd = !isDev;