@djangocfg/api 2.1.456 → 2.1.457

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/clients.cjs CHANGED
@@ -4,9 +4,6 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
4
  var __getOwnPropNames = Object.getOwnPropertyNames;
5
5
  var __hasOwnProp = Object.prototype.hasOwnProperty;
6
6
  var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
7
- var __esm = (fn, res) => function __init() {
8
- return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
9
- };
10
7
  var __export = (target, all) => {
11
8
  for (var name in all)
12
9
  __defProp(target, name, { get: all[name], enumerable: true });
@@ -21,1604 +18,130 @@ var __copyProps = (to, from, except, desc) => {
21
18
  };
22
19
  var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
23
20
 
24
- // src/_api/generated/helpers/errors.ts
25
- var APIError;
26
- var init_errors = __esm({
27
- "src/_api/generated/helpers/errors.ts"() {
28
- APIError = class extends Error {
29
- constructor(statusCode, statusText, response, url, message) {
30
- super(message || `HTTP ${statusCode}: ${statusText}`);
31
- this.statusCode = statusCode;
32
- this.statusText = statusText;
33
- this.response = response;
34
- this.url = url;
35
- this.name = "APIError";
36
- }
37
- static {
38
- __name(this, "APIError");
39
- }
40
- get details() {
41
- if (typeof this.response === "object" && this.response !== null) {
42
- return this.response;
43
- }
44
- return null;
45
- }
46
- get fieldErrors() {
47
- const details = this.details;
48
- if (!details) return null;
49
- const fieldErrors = {};
50
- for (const [key, value] of Object.entries(details)) {
51
- if (Array.isArray(value)) fieldErrors[key] = value;
52
- }
53
- return Object.keys(fieldErrors).length > 0 ? fieldErrors : null;
54
- }
55
- get errorMessage() {
56
- const details = this.details;
57
- if (!details) return this.message;
58
- if (details.detail) {
59
- return Array.isArray(details.detail) ? details.detail.join(", ") : String(details.detail);
60
- }
61
- if (details.error) return String(details.error);
62
- if (details.message) return String(details.message);
63
- const fieldErrors = this.fieldErrors;
64
- if (fieldErrors) {
65
- const firstField = Object.keys(fieldErrors)[0];
66
- if (firstField) return `${firstField}: ${fieldErrors[firstField]?.join(", ")}`;
67
- }
68
- return this.message;
69
- }
70
- get isValidationError() {
71
- return this.statusCode === 400;
72
- }
73
- get isAuthError() {
74
- return this.statusCode === 401;
75
- }
76
- get isPermissionError() {
77
- return this.statusCode === 403;
78
- }
79
- get isNotFoundError() {
80
- return this.statusCode === 404;
81
- }
82
- get isServerError() {
83
- return this.statusCode >= 500 && this.statusCode < 600;
84
- }
85
- };
86
- }
87
- });
88
-
89
- // src/_api/generated/core/bodySerializer.gen.ts
90
- var serializeFormDataPair, formDataBodySerializer, jsonBodySerializer;
91
- var init_bodySerializer_gen = __esm({
92
- "src/_api/generated/core/bodySerializer.gen.ts"() {
93
- serializeFormDataPair = /* @__PURE__ */ __name((data, key, value) => {
94
- if (typeof value === "string" || value instanceof Blob) {
95
- data.append(key, value);
96
- } else if (value instanceof Date) {
97
- data.append(key, value.toISOString());
98
- } else {
99
- data.append(key, JSON.stringify(value));
100
- }
101
- }, "serializeFormDataPair");
102
- formDataBodySerializer = {
103
- bodySerializer: /* @__PURE__ */ __name((body) => {
104
- const data = new FormData();
105
- Object.entries(body).forEach(([key, value]) => {
106
- if (value === void 0 || value === null) {
107
- return;
108
- }
109
- if (Array.isArray(value)) {
110
- value.forEach((v) => serializeFormDataPair(data, key, v));
111
- } else {
112
- serializeFormDataPair(data, key, value);
113
- }
114
- });
115
- return data;
116
- }, "bodySerializer")
117
- };
118
- jsonBodySerializer = {
119
- bodySerializer: /* @__PURE__ */ __name((body) => JSON.stringify(body, (_key, value) => typeof value === "bigint" ? value.toString() : value), "bodySerializer")
120
- };
121
- }
21
+ // src/clients.ts
22
+ var clients_exports = {};
23
+ __export(clients_exports, {
24
+ AccountsAPI: () => API,
25
+ CentrifugoAPI: () => API2,
26
+ TotpAPI: () => API3,
27
+ apiAccounts: () => CfgAccountsApi,
28
+ apiCentrifugo: () => CfgCentrifugoApi,
29
+ apiTotp: () => CfgTotpApi
122
30
  });
31
+ module.exports = __toCommonJS(clients_exports);
123
32
 
124
- // src/_api/generated/core/params.gen.ts
125
- var extraPrefixesMap, extraPrefixes;
126
- var init_params_gen = __esm({
127
- "src/_api/generated/core/params.gen.ts"() {
128
- extraPrefixesMap = {
129
- $body_: "body",
130
- $headers_: "headers",
131
- $path_: "path",
132
- $query_: "query"
133
- };
134
- extraPrefixes = Object.entries(extraPrefixesMap);
33
+ // src/_api/generated/helpers/errors.ts
34
+ var APIError = class extends Error {
35
+ constructor(statusCode, statusText, response, url, message) {
36
+ super(message || `HTTP ${statusCode}: ${statusText}`);
37
+ this.statusCode = statusCode;
38
+ this.statusText = statusText;
39
+ this.response = response;
40
+ this.url = url;
41
+ this.name = "APIError";
135
42
  }
136
- });
137
-
138
- // src/_api/generated/core/queryKeySerializer.gen.ts
139
- var init_queryKeySerializer_gen = __esm({
140
- "src/_api/generated/core/queryKeySerializer.gen.ts"() {
43
+ static {
44
+ __name(this, "APIError");
141
45
  }
142
- });
143
-
144
- // src/_api/generated/core/serverSentEvents.gen.ts
145
- function createSseClient({
146
- onRequest,
147
- onSseError,
148
- onSseEvent,
149
- responseTransformer,
150
- responseValidator,
151
- sseDefaultRetryDelay,
152
- sseMaxRetryAttempts,
153
- sseMaxRetryDelay,
154
- sseSleepFn,
155
- url,
156
- ...options
157
- }) {
158
- let lastEventId;
159
- const sleep = sseSleepFn ?? ((ms) => new Promise((resolve) => setTimeout(resolve, ms)));
160
- const createStream = /* @__PURE__ */ __name(async function* () {
161
- let retryDelay = sseDefaultRetryDelay ?? 3e3;
162
- let attempt = 0;
163
- const signal = options.signal ?? new AbortController().signal;
164
- while (true) {
165
- if (signal.aborted) break;
166
- attempt++;
167
- const headers = options.headers instanceof Headers ? options.headers : new Headers(options.headers);
168
- if (lastEventId !== void 0) {
169
- headers.set("Last-Event-ID", lastEventId);
170
- }
171
- try {
172
- const requestInit = {
173
- redirect: "follow",
174
- ...options,
175
- body: options.serializedBody,
176
- headers,
177
- signal
178
- };
179
- let request = new Request(url, requestInit);
180
- if (onRequest) {
181
- request = await onRequest(url, requestInit);
182
- }
183
- const _fetch = options.fetch ?? globalThis.fetch;
184
- const response = await _fetch(request);
185
- if (!response.ok) throw new Error(`SSE failed: ${response.status} ${response.statusText}`);
186
- if (!response.body) throw new Error("No body in SSE response");
187
- const reader = response.body.pipeThrough(new TextDecoderStream()).getReader();
188
- let buffer = "";
189
- const abortHandler = /* @__PURE__ */ __name(() => {
190
- try {
191
- reader.cancel();
192
- } catch {
193
- }
194
- }, "abortHandler");
195
- signal.addEventListener("abort", abortHandler);
196
- try {
197
- while (true) {
198
- const { done, value } = await reader.read();
199
- if (done) break;
200
- buffer += value;
201
- buffer = buffer.replace(/\r\n?/g, "\n");
202
- const chunks = buffer.split("\n\n");
203
- buffer = chunks.pop() ?? "";
204
- for (const chunk of chunks) {
205
- const lines = chunk.split("\n");
206
- const dataLines = [];
207
- let eventName;
208
- for (const line of lines) {
209
- if (line.startsWith("data:")) {
210
- dataLines.push(line.replace(/^data:\s*/, ""));
211
- } else if (line.startsWith("event:")) {
212
- eventName = line.replace(/^event:\s*/, "");
213
- } else if (line.startsWith("id:")) {
214
- lastEventId = line.replace(/^id:\s*/, "");
215
- } else if (line.startsWith("retry:")) {
216
- const parsed = Number.parseInt(line.replace(/^retry:\s*/, ""), 10);
217
- if (!Number.isNaN(parsed)) {
218
- retryDelay = parsed;
219
- }
220
- }
221
- }
222
- let data;
223
- let parsedJson = false;
224
- if (dataLines.length) {
225
- const rawData = dataLines.join("\n");
226
- try {
227
- data = JSON.parse(rawData);
228
- parsedJson = true;
229
- } catch {
230
- data = rawData;
231
- }
232
- }
233
- if (parsedJson) {
234
- if (responseValidator) {
235
- await responseValidator(data);
236
- }
237
- if (responseTransformer) {
238
- data = await responseTransformer(data);
239
- }
240
- }
241
- onSseEvent?.({
242
- data,
243
- event: eventName,
244
- id: lastEventId,
245
- retry: retryDelay
246
- });
247
- if (dataLines.length) {
248
- yield data;
249
- }
250
- }
251
- }
252
- } finally {
253
- signal.removeEventListener("abort", abortHandler);
254
- reader.releaseLock();
255
- }
256
- break;
257
- } catch (error) {
258
- onSseError?.(error);
259
- if (sseMaxRetryAttempts !== void 0 && attempt >= sseMaxRetryAttempts) {
260
- break;
261
- }
262
- const backoff = Math.min(retryDelay * 2 ** (attempt - 1), sseMaxRetryDelay ?? 3e4);
263
- await sleep(backoff);
264
- }
46
+ get details() {
47
+ if (typeof this.response === "object" && this.response !== null) {
48
+ return this.response;
265
49
  }
266
- }, "createStream");
267
- const stream = createStream();
268
- return { stream };
269
- }
270
- var init_serverSentEvents_gen = __esm({
271
- "src/_api/generated/core/serverSentEvents.gen.ts"() {
272
- __name(createSseClient, "createSseClient");
50
+ return null;
273
51
  }
274
- });
275
-
276
- // src/_api/generated/core/pathSerializer.gen.ts
277
- var separatorArrayExplode, separatorArrayNoExplode, separatorObjectExplode, serializeArrayParam, serializePrimitiveParam, serializeObjectParam;
278
- var init_pathSerializer_gen = __esm({
279
- "src/_api/generated/core/pathSerializer.gen.ts"() {
280
- separatorArrayExplode = /* @__PURE__ */ __name((style) => {
281
- switch (style) {
282
- case "label":
283
- return ".";
284
- case "matrix":
285
- return ";";
286
- case "simple":
287
- return ",";
288
- default:
289
- return "&";
290
- }
291
- }, "separatorArrayExplode");
292
- separatorArrayNoExplode = /* @__PURE__ */ __name((style) => {
293
- switch (style) {
294
- case "form":
295
- return ",";
296
- case "pipeDelimited":
297
- return "|";
298
- case "spaceDelimited":
299
- return "%20";
300
- default:
301
- return ",";
302
- }
303
- }, "separatorArrayNoExplode");
304
- separatorObjectExplode = /* @__PURE__ */ __name((style) => {
305
- switch (style) {
306
- case "label":
307
- return ".";
308
- case "matrix":
309
- return ";";
310
- case "simple":
311
- return ",";
312
- default:
313
- return "&";
314
- }
315
- }, "separatorObjectExplode");
316
- serializeArrayParam = /* @__PURE__ */ __name(({
317
- allowReserved,
318
- explode,
319
- name,
320
- style,
321
- value
322
- }) => {
323
- if (!explode) {
324
- const joinedValues2 = (allowReserved ? value : value.map((v) => encodeURIComponent(v))).join(separatorArrayNoExplode(style));
325
- switch (style) {
326
- case "label":
327
- return `.${joinedValues2}`;
328
- case "matrix":
329
- return `;${name}=${joinedValues2}`;
330
- case "simple":
331
- return joinedValues2;
332
- default:
333
- return `${name}=${joinedValues2}`;
334
- }
335
- }
336
- const separator = separatorArrayExplode(style);
337
- const joinedValues = value.map((v) => {
338
- if (style === "label" || style === "simple") {
339
- return allowReserved ? v : encodeURIComponent(v);
340
- }
341
- return serializePrimitiveParam({
342
- allowReserved,
343
- name,
344
- value: v
345
- });
346
- }).join(separator);
347
- return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
348
- }, "serializeArrayParam");
349
- serializePrimitiveParam = /* @__PURE__ */ __name(({
350
- allowReserved,
351
- name,
352
- value
353
- }) => {
354
- if (value === void 0 || value === null) {
355
- return "";
356
- }
357
- if (typeof value === "object") {
358
- throw new Error(
359
- "Deeply-nested arrays/objects aren\u2019t supported. Provide your own `querySerializer()` to handle these."
360
- );
361
- }
362
- return `${name}=${allowReserved ? value : encodeURIComponent(value)}`;
363
- }, "serializePrimitiveParam");
364
- serializeObjectParam = /* @__PURE__ */ __name(({
365
- allowReserved,
366
- explode,
367
- name,
368
- style,
369
- value,
370
- valueOnly
371
- }) => {
372
- if (value instanceof Date) {
373
- return valueOnly ? value.toISOString() : `${name}=${value.toISOString()}`;
374
- }
375
- if (style !== "deepObject" && !explode) {
376
- let values = [];
377
- Object.entries(value).forEach(([key, v]) => {
378
- values = [...values, key, allowReserved ? v : encodeURIComponent(v)];
379
- });
380
- const joinedValues2 = values.join(",");
381
- switch (style) {
382
- case "form":
383
- return `${name}=${joinedValues2}`;
384
- case "label":
385
- return `.${joinedValues2}`;
386
- case "matrix":
387
- return `;${name}=${joinedValues2}`;
388
- default:
389
- return joinedValues2;
390
- }
391
- }
392
- const separator = separatorObjectExplode(style);
393
- const joinedValues = Object.entries(value).map(
394
- ([key, v]) => serializePrimitiveParam({
395
- allowReserved,
396
- name: style === "deepObject" ? `${name}[${key}]` : key,
397
- value: v
398
- })
399
- ).join(separator);
400
- return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
401
- }, "serializeObjectParam");
52
+ get fieldErrors() {
53
+ const details = this.details;
54
+ if (!details) return null;
55
+ const fieldErrors = {};
56
+ for (const [key, value] of Object.entries(details)) {
57
+ if (Array.isArray(value)) fieldErrors[key] = value;
58
+ }
59
+ return Object.keys(fieldErrors).length > 0 ? fieldErrors : null;
402
60
  }
403
- });
404
-
405
- // src/_api/generated/core/utils.gen.ts
406
- function getValidRequestBody(options) {
407
- const hasBody = options.body !== void 0;
408
- const isSerializedBody = hasBody && options.bodySerializer;
409
- if (isSerializedBody) {
410
- if ("serializedBody" in options) {
411
- const hasSerializedBody = options.serializedBody !== void 0 && options.serializedBody !== "";
412
- return hasSerializedBody ? options.serializedBody : null;
61
+ get errorMessage() {
62
+ const details = this.details;
63
+ if (!details) return this.message;
64
+ if (details.detail) {
65
+ return Array.isArray(details.detail) ? details.detail.join(", ") : String(details.detail);
413
66
  }
414
- return options.body !== "" ? options.body : null;
67
+ if (details.error) return String(details.error);
68
+ if (details.message) return String(details.message);
69
+ const fieldErrors = this.fieldErrors;
70
+ if (fieldErrors) {
71
+ const firstField = Object.keys(fieldErrors)[0];
72
+ if (firstField) return `${firstField}: ${fieldErrors[firstField]?.join(", ")}`;
73
+ }
74
+ return this.message;
415
75
  }
416
- if (hasBody) {
417
- return options.body;
76
+ get isValidationError() {
77
+ return this.statusCode === 400;
418
78
  }
419
- return void 0;
420
- }
421
- var PATH_PARAM_RE, defaultPathSerializer, getUrl;
422
- var init_utils_gen = __esm({
423
- "src/_api/generated/core/utils.gen.ts"() {
424
- init_pathSerializer_gen();
425
- PATH_PARAM_RE = /\{[^{}]+\}/g;
426
- defaultPathSerializer = /* @__PURE__ */ __name(({ path, url: _url }) => {
427
- let url = _url;
428
- const matches = _url.match(PATH_PARAM_RE);
429
- if (matches) {
430
- for (const match of matches) {
431
- let explode = false;
432
- let name = match.substring(1, match.length - 1);
433
- let style = "simple";
434
- if (name.endsWith("*")) {
435
- explode = true;
436
- name = name.substring(0, name.length - 1);
437
- }
438
- if (name.startsWith(".")) {
439
- name = name.substring(1);
440
- style = "label";
441
- } else if (name.startsWith(";")) {
442
- name = name.substring(1);
443
- style = "matrix";
444
- }
445
- const value = path[name];
446
- if (value === void 0 || value === null) {
447
- continue;
448
- }
449
- if (Array.isArray(value)) {
450
- url = url.replace(match, serializeArrayParam({ explode, name, style, value }));
451
- continue;
452
- }
453
- if (typeof value === "object") {
454
- url = url.replace(
455
- match,
456
- serializeObjectParam({
457
- explode,
458
- name,
459
- style,
460
- value,
461
- valueOnly: true
462
- })
463
- );
464
- continue;
465
- }
466
- if (style === "matrix") {
467
- url = url.replace(
468
- match,
469
- `;${serializePrimitiveParam({
470
- name,
471
- value
472
- })}`
473
- );
474
- continue;
475
- }
476
- const replaceValue = encodeURIComponent(
477
- style === "label" ? `.${value}` : value
478
- );
479
- url = url.replace(match, replaceValue);
480
- }
481
- }
482
- return url;
483
- }, "defaultPathSerializer");
484
- getUrl = /* @__PURE__ */ __name(({
485
- baseUrl,
486
- path,
487
- query,
488
- querySerializer,
489
- url: _url
490
- }) => {
491
- const pathUrl = _url.startsWith("/") ? _url : `/${_url}`;
492
- let url = (baseUrl ?? "") + pathUrl;
493
- if (path) {
494
- url = defaultPathSerializer({ path, url });
495
- }
496
- let search = query ? querySerializer(query) : "";
497
- if (search.startsWith("?")) {
498
- search = search.substring(1);
499
- }
500
- if (search) {
501
- url += `?${search}`;
502
- }
503
- return url;
504
- }, "getUrl");
505
- __name(getValidRequestBody, "getValidRequestBody");
79
+ get isAuthError() {
80
+ return this.statusCode === 401;
506
81
  }
507
- });
508
-
509
- // src/_api/generated/core/auth.gen.ts
510
- var getAuthToken;
511
- var init_auth_gen = __esm({
512
- "src/_api/generated/core/auth.gen.ts"() {
513
- getAuthToken = /* @__PURE__ */ __name(async (auth2, callback) => {
514
- const token = typeof callback === "function" ? await callback(auth2) : callback;
515
- if (!token) {
516
- return;
517
- }
518
- if (auth2.scheme === "bearer") {
519
- return `Bearer ${token}`;
520
- }
521
- if (auth2.scheme === "basic") {
522
- return `Basic ${btoa(token)}`;
523
- }
524
- return token;
525
- }, "getAuthToken");
82
+ get isPermissionError() {
83
+ return this.statusCode === 403;
526
84
  }
527
- });
85
+ get isNotFoundError() {
86
+ return this.statusCode === 404;
87
+ }
88
+ get isServerError() {
89
+ return this.statusCode >= 500 && this.statusCode < 600;
90
+ }
91
+ };
528
92
 
529
- // src/_api/generated/client/utils.gen.ts
530
- async function setAuthParams(options) {
531
- for (const auth2 of options.security ?? []) {
532
- if (checkForExistence(options, auth2.name)) {
533
- continue;
93
+ // src/_api/generated/helpers/auth.ts
94
+ var ACCESS_KEY = "cfg.access_token";
95
+ var REFRESH_KEY = "cfg.refresh_token";
96
+ var API_KEY_KEY = "cfg.api_key";
97
+ var isBrowser = typeof window !== "undefined";
98
+ var localStorageBackend = {
99
+ get(key) {
100
+ if (!isBrowser) return null;
101
+ try {
102
+ return window.localStorage.getItem(key);
103
+ } catch {
104
+ return null;
534
105
  }
535
- const token = await getAuthToken(auth2, options.auth);
536
- if (!token) {
537
- continue;
106
+ },
107
+ set(key, value) {
108
+ if (!isBrowser) return;
109
+ try {
110
+ if (value === null) window.localStorage.removeItem(key);
111
+ else window.localStorage.setItem(key, value);
112
+ } catch {
538
113
  }
539
- const name = auth2.name ?? "Authorization";
540
- switch (auth2.in) {
541
- case "query":
542
- if (!options.query) {
543
- options.query = {};
544
- }
545
- options.query[name] = token;
546
- break;
547
- case "cookie":
548
- options.headers.append("Cookie", `${name}=${token}`);
549
- break;
550
- case "header":
551
- default:
552
- options.headers.set(name, token);
553
- break;
554
- }
555
- }
556
- }
557
- var createQuerySerializer, getParseAs, checkForExistence, buildUrl, mergeConfigs, headersEntries, mergeHeaders, Interceptors, createInterceptors, defaultQuerySerializer, defaultHeaders, createConfig;
558
- var init_utils_gen2 = __esm({
559
- "src/_api/generated/client/utils.gen.ts"() {
560
- init_auth_gen();
561
- init_bodySerializer_gen();
562
- init_pathSerializer_gen();
563
- init_utils_gen();
564
- createQuerySerializer = /* @__PURE__ */ __name(({
565
- parameters = {},
566
- ...args
567
- } = {}) => {
568
- const querySerializer = /* @__PURE__ */ __name((queryParams) => {
569
- const search = [];
570
- if (queryParams && typeof queryParams === "object") {
571
- for (const name in queryParams) {
572
- const value = queryParams[name];
573
- if (value === void 0 || value === null) {
574
- continue;
575
- }
576
- const options = parameters[name] || args;
577
- if (Array.isArray(value)) {
578
- const serializedArray = serializeArrayParam({
579
- allowReserved: options.allowReserved,
580
- explode: true,
581
- name,
582
- style: "form",
583
- value,
584
- ...options.array
585
- });
586
- if (serializedArray) search.push(serializedArray);
587
- } else if (typeof value === "object") {
588
- const serializedObject = serializeObjectParam({
589
- allowReserved: options.allowReserved,
590
- explode: true,
591
- name,
592
- style: "deepObject",
593
- value,
594
- ...options.object
595
- });
596
- if (serializedObject) search.push(serializedObject);
597
- } else {
598
- const serializedPrimitive = serializePrimitiveParam({
599
- allowReserved: options.allowReserved,
600
- name,
601
- value
602
- });
603
- if (serializedPrimitive) search.push(serializedPrimitive);
604
- }
605
- }
606
- }
607
- return search.join("&");
608
- }, "querySerializer");
609
- return querySerializer;
610
- }, "createQuerySerializer");
611
- getParseAs = /* @__PURE__ */ __name((contentType) => {
612
- if (!contentType) {
613
- return "stream";
614
- }
615
- const cleanContent = contentType.split(";")[0]?.trim();
616
- if (!cleanContent) {
617
- return;
618
- }
619
- if (cleanContent.startsWith("application/json") || cleanContent.endsWith("+json")) {
620
- return "json";
621
- }
622
- if (cleanContent === "multipart/form-data") {
623
- return "formData";
624
- }
625
- if (["application/", "audio/", "image/", "video/"].some((type) => cleanContent.startsWith(type))) {
626
- return "blob";
627
- }
628
- if (cleanContent.startsWith("text/")) {
629
- return "text";
630
- }
631
- return;
632
- }, "getParseAs");
633
- checkForExistence = /* @__PURE__ */ __name((options, name) => {
634
- if (!name) {
635
- return false;
636
- }
637
- if (options.headers.has(name) || options.query?.[name] || options.headers.get("Cookie")?.includes(`${name}=`)) {
638
- return true;
639
- }
640
- return false;
641
- }, "checkForExistence");
642
- __name(setAuthParams, "setAuthParams");
643
- buildUrl = /* @__PURE__ */ __name((options) => getUrl({
644
- baseUrl: options.baseUrl,
645
- path: options.path,
646
- query: options.query,
647
- querySerializer: typeof options.querySerializer === "function" ? options.querySerializer : createQuerySerializer(options.querySerializer),
648
- url: options.url
649
- }), "buildUrl");
650
- mergeConfigs = /* @__PURE__ */ __name((a, b) => {
651
- const config = { ...a, ...b };
652
- if (config.baseUrl?.endsWith("/")) {
653
- config.baseUrl = config.baseUrl.substring(0, config.baseUrl.length - 1);
654
- }
655
- config.headers = mergeHeaders(a.headers, b.headers);
656
- return config;
657
- }, "mergeConfigs");
658
- headersEntries = /* @__PURE__ */ __name((headers) => {
659
- const entries = [];
660
- headers.forEach((value, key) => {
661
- entries.push([key, value]);
662
- });
663
- return entries;
664
- }, "headersEntries");
665
- mergeHeaders = /* @__PURE__ */ __name((...headers) => {
666
- const mergedHeaders = new Headers();
667
- for (const header of headers) {
668
- if (!header) {
669
- continue;
670
- }
671
- const iterator = header instanceof Headers ? headersEntries(header) : Object.entries(header);
672
- for (const [key, value] of iterator) {
673
- if (value === null) {
674
- mergedHeaders.delete(key);
675
- } else if (Array.isArray(value)) {
676
- for (const v of value) {
677
- mergedHeaders.append(key, v);
678
- }
679
- } else if (value !== void 0) {
680
- mergedHeaders.set(
681
- key,
682
- typeof value === "object" ? JSON.stringify(value) : value
683
- );
684
- }
685
- }
686
- }
687
- return mergedHeaders;
688
- }, "mergeHeaders");
689
- Interceptors = class {
690
- static {
691
- __name(this, "Interceptors");
692
- }
693
- fns = [];
694
- clear() {
695
- this.fns = [];
696
- }
697
- eject(id) {
698
- const index = this.getInterceptorIndex(id);
699
- if (this.fns[index]) {
700
- this.fns[index] = null;
701
- }
702
- }
703
- exists(id) {
704
- const index = this.getInterceptorIndex(id);
705
- return Boolean(this.fns[index]);
706
- }
707
- getInterceptorIndex(id) {
708
- if (typeof id === "number") {
709
- return this.fns[id] ? id : -1;
710
- }
711
- return this.fns.indexOf(id);
712
- }
713
- update(id, fn) {
714
- const index = this.getInterceptorIndex(id);
715
- if (this.fns[index]) {
716
- this.fns[index] = fn;
717
- return id;
718
- }
719
- return false;
720
- }
721
- use(fn) {
722
- this.fns.push(fn);
723
- return this.fns.length - 1;
724
- }
725
- };
726
- createInterceptors = /* @__PURE__ */ __name(() => ({
727
- error: new Interceptors(),
728
- request: new Interceptors(),
729
- response: new Interceptors()
730
- }), "createInterceptors");
731
- defaultQuerySerializer = createQuerySerializer({
732
- allowReserved: false,
733
- array: {
734
- explode: true,
735
- style: "form"
736
- },
737
- object: {
738
- explode: true,
739
- style: "deepObject"
740
- }
741
- });
742
- defaultHeaders = {
743
- "Content-Type": "application/json"
744
- };
745
- createConfig = /* @__PURE__ */ __name((override = {}) => ({
746
- ...jsonBodySerializer,
747
- headers: defaultHeaders,
748
- parseAs: "auto",
749
- querySerializer: defaultQuerySerializer,
750
- ...override
751
- }), "createConfig");
752
- }
753
- });
754
-
755
- // src/_api/generated/client/client.gen.ts
756
- var createClient;
757
- var init_client_gen = __esm({
758
- "src/_api/generated/client/client.gen.ts"() {
759
- init_serverSentEvents_gen();
760
- init_utils_gen();
761
- init_utils_gen2();
762
- createClient = /* @__PURE__ */ __name((config = {}) => {
763
- let _config = mergeConfigs(createConfig(), config);
764
- const getConfig = /* @__PURE__ */ __name(() => ({ ..._config }), "getConfig");
765
- const setConfig = /* @__PURE__ */ __name((config2) => {
766
- _config = mergeConfigs(_config, config2);
767
- return getConfig();
768
- }, "setConfig");
769
- const interceptors = createInterceptors();
770
- const beforeRequest = /* @__PURE__ */ __name(async (options) => {
771
- const opts = {
772
- ..._config,
773
- ...options,
774
- fetch: options.fetch ?? _config.fetch ?? globalThis.fetch,
775
- headers: mergeHeaders(_config.headers, options.headers),
776
- serializedBody: void 0
777
- };
778
- if (opts.security) {
779
- await setAuthParams(opts);
780
- }
781
- if (opts.requestValidator) {
782
- await opts.requestValidator(opts);
783
- }
784
- if (opts.body !== void 0 && opts.bodySerializer) {
785
- opts.serializedBody = opts.bodySerializer(opts.body);
786
- }
787
- if (opts.body === void 0 || opts.serializedBody === "") {
788
- opts.headers.delete("Content-Type");
789
- }
790
- const resolvedOpts = opts;
791
- const url = buildUrl(resolvedOpts);
792
- return { opts: resolvedOpts, url };
793
- }, "beforeRequest");
794
- const request = /* @__PURE__ */ __name(async (options) => {
795
- const throwOnError = options.throwOnError ?? _config.throwOnError;
796
- const responseStyle = options.responseStyle ?? _config.responseStyle;
797
- let request2;
798
- let response;
799
- try {
800
- const { opts, url } = await beforeRequest(options);
801
- const requestInit = {
802
- redirect: "follow",
803
- ...opts,
804
- body: getValidRequestBody(opts)
805
- };
806
- request2 = new Request(url, requestInit);
807
- for (const fn of interceptors.request.fns) {
808
- if (fn) {
809
- request2 = await fn(request2, opts);
810
- }
811
- }
812
- const _fetch = opts.fetch;
813
- response = await _fetch(request2);
814
- for (const fn of interceptors.response.fns) {
815
- if (fn) {
816
- response = await fn(response, request2, opts);
817
- }
818
- }
819
- const result = {
820
- request: request2,
821
- response
822
- };
823
- if (response.ok) {
824
- const parseAs = (opts.parseAs === "auto" ? getParseAs(response.headers.get("Content-Type")) : opts.parseAs) ?? "json";
825
- if (response.status === 204 || response.headers.get("Content-Length") === "0") {
826
- let emptyData;
827
- switch (parseAs) {
828
- case "arrayBuffer":
829
- case "blob":
830
- case "text":
831
- emptyData = await response[parseAs]();
832
- break;
833
- case "formData":
834
- emptyData = new FormData();
835
- break;
836
- case "stream":
837
- emptyData = response.body;
838
- break;
839
- case "json":
840
- default:
841
- emptyData = {};
842
- break;
843
- }
844
- return opts.responseStyle === "data" ? emptyData : {
845
- data: emptyData,
846
- ...result
847
- };
848
- }
849
- let data;
850
- switch (parseAs) {
851
- case "arrayBuffer":
852
- case "blob":
853
- case "formData":
854
- case "text":
855
- data = await response[parseAs]();
856
- break;
857
- case "json": {
858
- const text = await response.text();
859
- data = text ? JSON.parse(text) : {};
860
- break;
861
- }
862
- case "stream":
863
- return opts.responseStyle === "data" ? response.body : {
864
- data: response.body,
865
- ...result
866
- };
867
- }
868
- if (parseAs === "json") {
869
- if (opts.responseValidator) {
870
- await opts.responseValidator(data);
871
- }
872
- if (opts.responseTransformer) {
873
- data = await opts.responseTransformer(data);
874
- }
875
- }
876
- return opts.responseStyle === "data" ? data : {
877
- data,
878
- ...result
879
- };
880
- }
881
- const textError = await response.text();
882
- let jsonError;
883
- try {
884
- jsonError = JSON.parse(textError);
885
- } catch {
886
- }
887
- throw jsonError ?? textError;
888
- } catch (error) {
889
- let finalError = error;
890
- for (const fn of interceptors.error.fns) {
891
- if (fn) {
892
- finalError = await fn(finalError, response, request2, options);
893
- }
894
- }
895
- finalError = finalError || {};
896
- if (throwOnError) {
897
- throw finalError;
898
- }
899
- return responseStyle === "data" ? void 0 : {
900
- error: finalError,
901
- request: request2,
902
- response
903
- };
904
- }
905
- }, "request");
906
- const makeMethodFn = /* @__PURE__ */ __name((method) => (options) => request({ ...options, method }), "makeMethodFn");
907
- const makeSseFn = /* @__PURE__ */ __name((method) => async (options) => {
908
- const { opts, url } = await beforeRequest(options);
909
- return createSseClient({
910
- ...opts,
911
- body: opts.body,
912
- method,
913
- onRequest: /* @__PURE__ */ __name(async (url2, init) => {
914
- let request2 = new Request(url2, init);
915
- for (const fn of interceptors.request.fns) {
916
- if (fn) {
917
- request2 = await fn(request2, opts);
918
- }
919
- }
920
- return request2;
921
- }, "onRequest"),
922
- serializedBody: getValidRequestBody(opts),
923
- url
924
- });
925
- }, "makeSseFn");
926
- const _buildUrl = /* @__PURE__ */ __name((options) => buildUrl({ ..._config, ...options }), "_buildUrl");
927
- return {
928
- buildUrl: _buildUrl,
929
- connect: makeMethodFn("CONNECT"),
930
- delete: makeMethodFn("DELETE"),
931
- get: makeMethodFn("GET"),
932
- getConfig,
933
- head: makeMethodFn("HEAD"),
934
- interceptors,
935
- options: makeMethodFn("OPTIONS"),
936
- patch: makeMethodFn("PATCH"),
937
- post: makeMethodFn("POST"),
938
- put: makeMethodFn("PUT"),
939
- request,
940
- setConfig,
941
- sse: {
942
- connect: makeSseFn("CONNECT"),
943
- delete: makeSseFn("DELETE"),
944
- get: makeSseFn("GET"),
945
- head: makeSseFn("HEAD"),
946
- options: makeSseFn("OPTIONS"),
947
- patch: makeSseFn("PATCH"),
948
- post: makeSseFn("POST"),
949
- put: makeSseFn("PUT"),
950
- trace: makeSseFn("TRACE")
951
- },
952
- trace: makeMethodFn("TRACE")
953
- };
954
- }, "createClient");
955
- }
956
- });
957
-
958
- // src/_api/generated/client/index.ts
959
- var init_client = __esm({
960
- "src/_api/generated/client/index.ts"() {
961
- init_bodySerializer_gen();
962
- init_params_gen();
963
- init_queryKeySerializer_gen();
964
- init_client_gen();
965
- init_utils_gen2();
966
- }
967
- });
968
-
969
- // src/_api/generated/client.gen.ts
970
- var client;
971
- var init_client_gen2 = __esm({
972
- "src/_api/generated/client.gen.ts"() {
973
- init_client();
974
- init_auth();
975
- client = createClient(createConfig({ baseUrl: "http://localhost:8000" }));
976
- installAuthOnClient(client);
977
114
  }
978
- });
979
-
980
- // src/_api/generated/sdk.gen.ts
981
- var sdk_gen_exports = {};
982
- __export(sdk_gen_exports, {
983
- CfgAccounts: () => CfgAccounts,
984
- CfgAccountsApiKey: () => CfgAccountsApiKey,
985
- CfgAccountsAuth: () => CfgAccountsAuth,
986
- CfgAccountsOauth: () => CfgAccountsOauth,
987
- CfgAccountsProfile: () => CfgAccountsProfile,
988
- CfgCentrifugo: () => CfgCentrifugo,
989
- CfgTotp: () => CfgTotp,
990
- CfgTotpBackupCodes: () => CfgTotpBackupCodes,
991
- CfgTotpSetup: () => CfgTotpSetup,
992
- CfgTotpVerify: () => CfgTotpVerify
993
- });
994
- var CfgAccountsApiKey, CfgAccountsOauth, CfgAccounts, CfgAccountsProfile, CfgAccountsAuth, CfgCentrifugo, CfgTotpBackupCodes, CfgTotp, CfgTotpSetup, CfgTotpVerify;
995
- var init_sdk_gen = __esm({
996
- "src/_api/generated/sdk.gen.ts"() {
997
- init_client();
998
- init_client_gen2();
999
- CfgAccountsApiKey = class {
1000
- static {
1001
- __name(this, "CfgAccountsApiKey");
1002
- }
1003
- /**
1004
- * Get API key details
1005
- *
1006
- * Retrieve the current user's API key (masked) and metadata.
1007
- */
1008
- static cfgAccountsApiKeyRetrieve(options) {
1009
- return (options?.client ?? client).get({
1010
- security: [
1011
- { scheme: "bearer", type: "http" },
1012
- {
1013
- in: "cookie",
1014
- name: "sessionid",
1015
- type: "apiKey"
1016
- },
1017
- { name: "X-API-Key", type: "apiKey" }
1018
- ],
1019
- url: "/cfg/accounts/api-key/",
1020
- ...options
1021
- });
1022
- }
1023
- /**
1024
- * Regenerate API key
1025
- *
1026
- * Generate a new API key. The full key is returned only once.
1027
- */
1028
- static cfgAccountsApiKeyRegenerateCreate(options) {
1029
- return (options.client ?? client).post({
1030
- security: [
1031
- { scheme: "bearer", type: "http" },
1032
- {
1033
- in: "cookie",
1034
- name: "sessionid",
1035
- type: "apiKey"
1036
- },
1037
- { name: "X-API-Key", type: "apiKey" }
1038
- ],
1039
- url: "/cfg/accounts/api-key/regenerate/",
1040
- ...options,
1041
- headers: {
1042
- "Content-Type": "application/json",
1043
- ...options.headers
1044
- }
1045
- });
1046
- }
1047
- /**
1048
- * Reveal API key
1049
- *
1050
- * Return the current full API key WITHOUT rotating it. The same durable value every one of the user's agents uses — for the signed-in user to copy and paste into agent onboarding. Default GET stays masked; this is the explicit reveal action.
1051
- */
1052
- static cfgAccountsApiKeyRevealCreate(options) {
1053
- return (options.client ?? client).post({
1054
- security: [
1055
- { scheme: "bearer", type: "http" },
1056
- {
1057
- in: "cookie",
1058
- name: "sessionid",
1059
- type: "apiKey"
1060
- },
1061
- { name: "X-API-Key", type: "apiKey" }
1062
- ],
1063
- url: "/cfg/accounts/api-key/reveal/",
1064
- ...options,
1065
- headers: {
1066
- "Content-Type": "application/json",
1067
- ...options.headers
1068
- }
1069
- });
1070
- }
1071
- /**
1072
- * Test API key
1073
- *
1074
- * Test whether an API key is valid without consuming it.
1075
- */
1076
- static cfgAccountsApiKeyTestCreate(options) {
1077
- return (options.client ?? client).post({
1078
- security: [
1079
- { scheme: "bearer", type: "http" },
1080
- {
1081
- in: "cookie",
1082
- name: "sessionid",
1083
- type: "apiKey"
1084
- },
1085
- { name: "X-API-Key", type: "apiKey" }
1086
- ],
1087
- url: "/cfg/accounts/api-key/test/",
1088
- ...options,
1089
- headers: {
1090
- "Content-Type": "application/json",
1091
- ...options.headers
1092
- }
1093
- });
1094
- }
1095
- };
1096
- CfgAccountsOauth = class {
1097
- static {
1098
- __name(this, "CfgAccountsOauth");
1099
- }
1100
- /**
1101
- * List OAuth connections
1102
- *
1103
- * Get all OAuth connections for the current user.
1104
- */
1105
- static cfgAccountsOauthConnectionsList(options) {
1106
- return (options?.client ?? client).get({
1107
- security: [
1108
- { name: "X-API-Key", type: "apiKey" },
1109
- { scheme: "bearer", type: "http" },
1110
- { name: "Authorization", type: "apiKey" }
1111
- ],
1112
- url: "/cfg/accounts/oauth/connections/",
1113
- ...options
1114
- });
1115
- }
1116
- /**
1117
- * Disconnect OAuth provider
1118
- *
1119
- * Remove OAuth connection for the specified provider.
1120
- */
1121
- static cfgAccountsOauthDisconnectCreate(options) {
1122
- return (options.client ?? client).post({
1123
- security: [
1124
- { name: "X-API-Key", type: "apiKey" },
1125
- { scheme: "bearer", type: "http" },
1126
- { name: "Authorization", type: "apiKey" }
1127
- ],
1128
- url: "/cfg/accounts/oauth/disconnect/",
1129
- ...options,
1130
- headers: {
1131
- "Content-Type": "application/json",
1132
- ...options.headers
1133
- }
1134
- });
1135
- }
1136
- /**
1137
- * Start GitHub OAuth
1138
- *
1139
- * Generate GitHub OAuth authorization URL. Redirect user to this URL to start authentication.
1140
- */
1141
- static cfgAccountsOauthGithubAuthorizeCreate(options) {
1142
- return (options?.client ?? client).post({
1143
- url: "/cfg/accounts/oauth/github/authorize/",
1144
- ...options,
1145
- headers: {
1146
- "Content-Type": "application/json",
1147
- ...options?.headers
1148
- }
1149
- });
1150
- }
1151
- /**
1152
- * Complete GitHub OAuth
1153
- *
1154
- * Exchange authorization code for JWT tokens. Call this after GitHub redirects back with code.
1155
- */
1156
- static cfgAccountsOauthGithubCallbackCreate(options) {
1157
- return (options.client ?? client).post({
1158
- url: "/cfg/accounts/oauth/github/callback/",
1159
- ...options,
1160
- headers: {
1161
- "Content-Type": "application/json",
1162
- ...options.headers
1163
- }
1164
- });
1165
- }
1166
- /**
1167
- * List OAuth providers
1168
- *
1169
- * Get list of available OAuth providers for authentication.
1170
- */
1171
- static cfgAccountsOauthProvidersRetrieve(options) {
1172
- return (options?.client ?? client).get({ url: "/cfg/accounts/oauth/providers/", ...options });
1173
- }
1174
- };
1175
- CfgAccounts = class {
1176
- static {
1177
- __name(this, "CfgAccounts");
1178
- }
1179
- /**
1180
- * Request OTP code to email.
1181
- */
1182
- static cfgAccountsOtpRequestCreate(options) {
1183
- return (options.client ?? client).post({
1184
- security: [
1185
- { name: "X-API-Key", type: "apiKey" },
1186
- { scheme: "bearer", type: "http" },
1187
- { name: "Authorization", type: "apiKey" }
1188
- ],
1189
- url: "/cfg/accounts/otp/request/",
1190
- ...options,
1191
- headers: {
1192
- "Content-Type": "application/json",
1193
- ...options.headers
1194
- }
1195
- });
1196
- }
1197
- /**
1198
- * Verify OTP code and return JWT tokens or 2FA session.
1199
- *
1200
- * If user has 2FA enabled:
1201
- * - Returns requires_2fa=True with session_id
1202
- * - Client must complete 2FA verification at /cfg/totp/verify/
1203
- *
1204
- * If user has no 2FA:
1205
- * - Returns JWT tokens and user data directly
1206
- */
1207
- static cfgAccountsOtpVerifyCreate(options) {
1208
- return (options.client ?? client).post({
1209
- security: [
1210
- { name: "X-API-Key", type: "apiKey" },
1211
- { scheme: "bearer", type: "http" },
1212
- { name: "Authorization", type: "apiKey" }
1213
- ],
1214
- url: "/cfg/accounts/otp/verify/",
1215
- ...options,
1216
- headers: {
1217
- "Content-Type": "application/json",
1218
- ...options.headers
1219
- }
1220
- });
1221
- }
1222
- };
1223
- CfgAccountsProfile = class {
1224
- static {
1225
- __name(this, "CfgAccountsProfile");
1226
- }
1227
- /**
1228
- * Get current user profile
1229
- *
1230
- * Retrieve the current authenticated user's profile information.
1231
- */
1232
- static cfgAccountsProfileRetrieve(options) {
1233
- return (options?.client ?? client).get({
1234
- security: [{ scheme: "bearer", type: "http" }, {
1235
- in: "cookie",
1236
- name: "sessionid",
1237
- type: "apiKey"
1238
- }],
1239
- url: "/cfg/accounts/profile/",
1240
- ...options
1241
- });
1242
- }
1243
- /**
1244
- * Upload user avatar
1245
- *
1246
- * Upload avatar image for the current authenticated user. Accepts multipart/form-data with 'avatar' field.
1247
- */
1248
- static cfgAccountsProfileAvatarCreate(options) {
1249
- return (options?.client ?? client).post({
1250
- ...formDataBodySerializer,
1251
- security: [
1252
- { name: "X-API-Key", type: "apiKey" },
1253
- { scheme: "bearer", type: "http" },
1254
- { name: "Authorization", type: "apiKey" }
1255
- ],
1256
- url: "/cfg/accounts/profile/avatar/",
1257
- ...options,
1258
- headers: {
1259
- "Content-Type": null,
1260
- ...options?.headers
1261
- }
1262
- });
1263
- }
1264
- /**
1265
- * Delete user account
1266
- *
1267
- *
1268
- * Permanently delete the current user's account.
1269
- *
1270
- * This operation:
1271
- * - Deactivates the account (user cannot log in)
1272
- * - Anonymizes personal data (GDPR compliance)
1273
- * - Frees up the email address for re-registration
1274
- * - Preserves audit trail
1275
- *
1276
- * The account can be restored by an administrator if needed.
1277
- *
1278
- */
1279
- static cfgAccountsProfileDeleteCreate(options) {
1280
- return (options?.client ?? client).post({
1281
- security: [{ scheme: "bearer", type: "http" }, {
1282
- in: "cookie",
1283
- name: "sessionid",
1284
- type: "apiKey"
1285
- }],
1286
- url: "/cfg/accounts/profile/delete/",
1287
- ...options
1288
- });
1289
- }
1290
- /**
1291
- * Partial update user profile
1292
- *
1293
- * Partially update the current authenticated user's profile information. Supports avatar upload.
1294
- */
1295
- static cfgAccountsProfilePartialPartialUpdate(options) {
1296
- return (options?.client ?? client).patch({
1297
- security: [{ scheme: "bearer", type: "http" }, {
1298
- in: "cookie",
1299
- name: "sessionid",
1300
- type: "apiKey"
1301
- }],
1302
- url: "/cfg/accounts/profile/partial/",
1303
- ...options,
1304
- headers: {
1305
- "Content-Type": "application/json",
1306
- ...options?.headers
1307
- }
1308
- });
1309
- }
1310
- /**
1311
- * Partial update user profile
1312
- *
1313
- * Partially update the current authenticated user's profile information. Supports avatar upload.
1314
- */
1315
- static cfgAccountsProfilePartialUpdate(options) {
1316
- return (options?.client ?? client).put({
1317
- security: [{ scheme: "bearer", type: "http" }, {
1318
- in: "cookie",
1319
- name: "sessionid",
1320
- type: "apiKey"
1321
- }],
1322
- url: "/cfg/accounts/profile/partial/",
1323
- ...options,
1324
- headers: {
1325
- "Content-Type": "application/json",
1326
- ...options?.headers
1327
- }
1328
- });
1329
- }
1330
- /**
1331
- * Update user profile
1332
- *
1333
- * Update the current authenticated user's profile information.
1334
- */
1335
- static cfgAccountsProfileUpdatePartialUpdate(options) {
1336
- return (options?.client ?? client).patch({
1337
- security: [{ scheme: "bearer", type: "http" }, {
1338
- in: "cookie",
1339
- name: "sessionid",
1340
- type: "apiKey"
1341
- }],
1342
- url: "/cfg/accounts/profile/update/",
1343
- ...options,
1344
- headers: {
1345
- "Content-Type": "application/json",
1346
- ...options?.headers
1347
- }
1348
- });
1349
- }
1350
- /**
1351
- * Update user profile
1352
- *
1353
- * Update the current authenticated user's profile information.
1354
- */
1355
- static cfgAccountsProfileUpdateUpdate(options) {
1356
- return (options?.client ?? client).put({
1357
- security: [{ scheme: "bearer", type: "http" }, {
1358
- in: "cookie",
1359
- name: "sessionid",
1360
- type: "apiKey"
1361
- }],
1362
- url: "/cfg/accounts/profile/update/",
1363
- ...options,
1364
- headers: {
1365
- "Content-Type": "application/json",
1366
- ...options?.headers
1367
- }
1368
- });
1369
- }
1370
- };
1371
- CfgAccountsAuth = class {
1372
- static {
1373
- __name(this, "CfgAccountsAuth");
1374
- }
1375
- /**
1376
- * Revoke a refresh token (logout).
1377
- *
1378
- * Blacklists the posted refresh token so it can never mint another access
1379
- * token. Called best-effort by the client's logout — without it, "logout"
1380
- * is purely client-side and a stolen refresh token survives until expiry.
1381
- */
1382
- static cfgAccountsTokenBlacklistCreate(options) {
1383
- return (options.client ?? client).post({
1384
- url: "/cfg/accounts/token/blacklist/",
1385
- ...options,
1386
- headers: {
1387
- "Content-Type": "application/json",
1388
- ...options.headers
1389
- }
1390
- });
1391
- }
1392
- /**
1393
- * Refresh JWT token.
1394
- *
1395
- * DPoP-aware: when the incoming refresh token is key-bound (`cnf.jkt`), the
1396
- * rotated access/refresh in the response are re-stamped with the same `cnf`
1397
- * (stock SimpleJWT drops it from the derived access), and a matching DPoP
1398
- * proof is required on the refresh request — so a stolen refresh token can't
1399
- * be used to mint fresh tokens.
1400
- */
1401
- static cfgAccountsTokenRefreshCreate(options) {
1402
- return (options.client ?? client).post({
1403
- url: "/cfg/accounts/token/refresh/",
1404
- ...options,
1405
- headers: {
1406
- "Content-Type": "application/json",
1407
- ...options.headers
1408
- }
1409
- });
1410
- }
1411
- };
1412
- CfgCentrifugo = class {
1413
- static {
1414
- __name(this, "CfgCentrifugo");
1415
- }
1416
- /**
1417
- * Get Centrifugo connection token
1418
- *
1419
- * Generate JWT token for WebSocket connection to Centrifugo. Token includes user's allowed channels based on their permissions. Requires authentication.
1420
- */
1421
- static cfgCentrifugoAuthTokenRetrieve(options) {
1422
- return (options?.client ?? client).get({
1423
- security: [
1424
- { name: "X-API-Key", type: "apiKey" },
1425
- { scheme: "bearer", type: "http" },
1426
- { name: "Authorization", type: "apiKey" }
1427
- ],
1428
- url: "/cfg/centrifugo/auth/token/",
1429
- ...options
1430
- });
1431
- }
1432
- };
1433
- CfgTotpBackupCodes = class {
1434
- static {
1435
- __name(this, "CfgTotpBackupCodes");
1436
- }
1437
- /**
1438
- * Get backup codes status for user.
1439
- */
1440
- static cfgTotpBackupCodesRetrieve(options) {
1441
- return (options?.client ?? client).get({
1442
- security: [
1443
- { name: "X-API-Key", type: "apiKey" },
1444
- { scheme: "bearer", type: "http" },
1445
- { name: "Authorization", type: "apiKey" }
1446
- ],
1447
- url: "/cfg/totp/backup-codes/",
1448
- ...options
1449
- });
1450
- }
1451
- /**
1452
- * Regenerate backup codes.
1453
- *
1454
- * Requires TOTP code for verification.
1455
- * Invalidates all existing codes.
1456
- */
1457
- static cfgTotpBackupCodesRegenerateCreate(options) {
1458
- return (options.client ?? client).post({
1459
- security: [
1460
- { name: "X-API-Key", type: "apiKey" },
1461
- { scheme: "bearer", type: "http" },
1462
- { name: "Authorization", type: "apiKey" }
1463
- ],
1464
- url: "/cfg/totp/backup-codes/regenerate/",
1465
- ...options,
1466
- headers: {
1467
- "Content-Type": "application/json",
1468
- ...options.headers
1469
- }
1470
- });
1471
- }
1472
- };
1473
- CfgTotp = class {
1474
- static {
1475
- __name(this, "CfgTotp");
1476
- }
1477
- /**
1478
- * List all TOTP devices for user.
1479
- */
1480
- static cfgTotpDevicesRetrieve(options) {
1481
- return (options?.client ?? client).get({
1482
- security: [
1483
- { name: "X-API-Key", type: "apiKey" },
1484
- { scheme: "bearer", type: "http" },
1485
- { name: "Authorization", type: "apiKey" }
1486
- ],
1487
- url: "/cfg/totp/devices/",
1488
- ...options
1489
- });
1490
- }
1491
- /**
1492
- * Delete a TOTP device.
1493
- *
1494
- * Requires verification code if removing the last/primary device.
1495
- */
1496
- static cfgTotpDevicesDestroy(options) {
1497
- return (options.client ?? client).delete({
1498
- security: [
1499
- { name: "X-API-Key", type: "apiKey" },
1500
- { scheme: "bearer", type: "http" },
1501
- { name: "Authorization", type: "apiKey" }
1502
- ],
1503
- url: "/cfg/totp/devices/{id}/",
1504
- ...options
1505
- });
1506
- }
1507
- /**
1508
- * Completely disable 2FA for account.
1509
- *
1510
- * Requires verification code.
1511
- */
1512
- static cfgTotpDisableCreate(options) {
1513
- return (options.client ?? client).post({
1514
- security: [
1515
- { name: "X-API-Key", type: "apiKey" },
1516
- { scheme: "bearer", type: "http" },
1517
- { name: "Authorization", type: "apiKey" }
1518
- ],
1519
- url: "/cfg/totp/disable/",
1520
- ...options,
1521
- headers: {
1522
- "Content-Type": "application/json",
1523
- ...options.headers
1524
- }
1525
- });
1526
- }
1527
- };
1528
- CfgTotpSetup = class {
1529
- static {
1530
- __name(this, "CfgTotpSetup");
1531
- }
1532
- /**
1533
- * Start 2FA setup process.
1534
- *
1535
- * Creates a new TOTP device and returns QR code for scanning.
1536
- */
1537
- static cfgTotpSetupCreate(options) {
1538
- return (options?.client ?? client).post({
1539
- security: [
1540
- { name: "X-API-Key", type: "apiKey" },
1541
- { scheme: "bearer", type: "http" },
1542
- { name: "Authorization", type: "apiKey" }
1543
- ],
1544
- url: "/cfg/totp/setup/",
1545
- ...options,
1546
- headers: {
1547
- "Content-Type": "application/json",
1548
- ...options?.headers
1549
- }
1550
- });
1551
- }
1552
- /**
1553
- * Confirm 2FA setup with first valid code.
1554
- *
1555
- * Activates the device and generates backup codes.
1556
- */
1557
- static cfgTotpSetupConfirmCreate(options) {
1558
- return (options.client ?? client).post({
1559
- security: [
1560
- { name: "X-API-Key", type: "apiKey" },
1561
- { scheme: "bearer", type: "http" },
1562
- { name: "Authorization", type: "apiKey" }
1563
- ],
1564
- url: "/cfg/totp/setup/confirm/",
1565
- ...options,
1566
- headers: {
1567
- "Content-Type": "application/json",
1568
- ...options.headers
1569
- }
1570
- });
1571
- }
1572
- };
1573
- CfgTotpVerify = class {
1574
- static {
1575
- __name(this, "CfgTotpVerify");
1576
- }
1577
- /**
1578
- * Verify TOTP code for 2FA session.
1579
- *
1580
- * Completes authentication and returns JWT tokens on success.
1581
- */
1582
- static cfgTotpVerifyCreate(options) {
1583
- return (options.client ?? client).post({
1584
- security: [
1585
- { name: "X-API-Key", type: "apiKey" },
1586
- { scheme: "bearer", type: "http" },
1587
- { name: "Authorization", type: "apiKey" }
1588
- ],
1589
- url: "/cfg/totp/verify/",
1590
- ...options,
1591
- headers: {
1592
- "Content-Type": "application/json",
1593
- ...options.headers
1594
- }
1595
- });
1596
- }
1597
- /**
1598
- * Verify backup recovery code for 2FA session.
1599
- *
1600
- * Alternative verification method when TOTP device unavailable.
1601
- */
1602
- static cfgTotpVerifyBackupCreate(options) {
1603
- return (options.client ?? client).post({
1604
- security: [
1605
- { name: "X-API-Key", type: "apiKey" },
1606
- { scheme: "bearer", type: "http" },
1607
- { name: "Authorization", type: "apiKey" }
1608
- ],
1609
- url: "/cfg/totp/verify/backup/",
1610
- ...options,
1611
- headers: {
1612
- "Content-Type": "application/json",
1613
- ...options.headers
1614
- }
1615
- });
115
+ };
116
+ var COOKIE_MAX_AGE = 60 * 60 * 24 * 30;
117
+ var cookieBackend = {
118
+ get(key) {
119
+ if (!isBrowser) return null;
120
+ try {
121
+ const re = new RegExp(`(?:^|;\\s*)${encodeURIComponent(key)}=([^;]*)`);
122
+ const m = document.cookie.match(re);
123
+ return m ? decodeURIComponent(m[1]) : null;
124
+ } catch {
125
+ return null;
126
+ }
127
+ },
128
+ set(key, value) {
129
+ if (!isBrowser) return;
130
+ try {
131
+ const k = encodeURIComponent(key);
132
+ const secure = window.location.protocol === "https:" ? "; Secure" : "";
133
+ if (value === null) {
134
+ document.cookie = `${k}=; Path=/; Max-Age=0; SameSite=Lax${secure}`;
135
+ } else {
136
+ const v = encodeURIComponent(value);
137
+ document.cookie = `${k}=${v}; Path=/; Max-Age=${COOKIE_MAX_AGE}; SameSite=Lax${secure}`;
1616
138
  }
1617
- };
139
+ } catch {
140
+ }
1618
141
  }
1619
- });
1620
-
1621
- // src/_api/generated/helpers/auth.ts
142
+ };
143
+ var _storage = localStorageBackend;
144
+ var _storageMode = "localStorage";
1622
145
  function detectLocale() {
1623
146
  try {
1624
147
  if (typeof document !== "undefined") {
@@ -1632,6 +155,7 @@ function detectLocale() {
1632
155
  }
1633
156
  return null;
1634
157
  }
158
+ __name(detectLocale, "detectLocale");
1635
159
  function defaultBaseUrl() {
1636
160
  if (typeof window !== "undefined") {
1637
161
  try {
@@ -1654,6 +178,7 @@ function defaultBaseUrl() {
1654
178
  }
1655
179
  return "";
1656
180
  }
181
+ __name(defaultBaseUrl, "defaultBaseUrl");
1657
182
  function defaultApiKey() {
1658
183
  try {
1659
184
  if (typeof process !== "undefined" && process.env?.NEXT_PUBLIC_API_KEY) {
@@ -1663,6 +188,15 @@ function defaultApiKey() {
1663
188
  }
1664
189
  return null;
1665
190
  }
191
+ __name(defaultApiKey, "defaultApiKey");
192
+ var _localeOverride = null;
193
+ var _apiKeyOverride = null;
194
+ var _baseUrlOverride = null;
195
+ var _withCredentials = true;
196
+ var _onUnauthorized = null;
197
+ var _refreshHandler = null;
198
+ var _refreshInflight = null;
199
+ var RETRY_MARKER = "X-Auth-Retry";
1666
200
  function jwtExpMs(token) {
1667
201
  try {
1668
202
  const payload = token.split(".")[1];
@@ -1673,6 +207,7 @@ function jwtExpMs(token) {
1673
207
  return null;
1674
208
  }
1675
209
  }
210
+ __name(jwtExpMs, "jwtExpMs");
1676
211
  function computeSnapshot() {
1677
212
  const access = _storage.get(ACCESS_KEY);
1678
213
  const refresh = _storage.get(REFRESH_KEY);
@@ -1686,6 +221,13 @@ function computeSnapshot() {
1686
221
  accessExpiresAt: accessExp
1687
222
  };
1688
223
  }
224
+ __name(computeSnapshot, "computeSnapshot");
225
+ var SERVER_SNAPSHOT = { status: "anonymous", accessExpiresAt: null };
226
+ var SESSION_SYNC_EVENT = `cfg-auth:changed:${ACCESS_KEY}`;
227
+ var _snapshot = computeSnapshot();
228
+ var _sessionListeners = /* @__PURE__ */ new Set();
229
+ var _expiryTimer = null;
230
+ var _storageListenerInstalled = false;
1689
231
  function scheduleExpiryFlip() {
1690
232
  if (!isBrowser) return;
1691
233
  if (_expiryTimer !== null) {
@@ -1705,6 +247,7 @@ function scheduleExpiryFlip() {
1705
247
  const delay = Math.min(Math.min(...exps) - now + 250, 2147483647);
1706
248
  _expiryTimer = setTimeout(notifySessionChanged, delay);
1707
249
  }
250
+ __name(scheduleExpiryFlip, "scheduleExpiryFlip");
1708
251
  function notifySessionChanged() {
1709
252
  const next = computeSnapshot();
1710
253
  const changed = next.status !== _snapshot.status || next.accessExpiresAt !== _snapshot.accessExpiresAt;
@@ -1724,6 +267,7 @@ function notifySessionChanged() {
1724
267
  }
1725
268
  }
1726
269
  }
270
+ __name(notifySessionChanged, "notifySessionChanged");
1727
271
  function ensureStorageSync() {
1728
272
  if (!isBrowser || _storageListenerInstalled) return;
1729
273
  _storageListenerInstalled = true;
@@ -1734,6 +278,9 @@ function ensureStorageSync() {
1734
278
  });
1735
279
  window.addEventListener(SESSION_SYNC_EVENT, () => notifySessionChanged());
1736
280
  }
281
+ __name(ensureStorageSync, "ensureStorageSync");
282
+ var _sessionExpiredHandlers = /* @__PURE__ */ new Set();
283
+ var _client = null;
1737
284
  function pushClientConfig() {
1738
285
  if (!_client) return;
1739
286
  _client.setConfig({
@@ -1741,6 +288,174 @@ function pushClientConfig() {
1741
288
  credentials: _withCredentials ? "include" : "same-origin"
1742
289
  });
1743
290
  }
291
+ __name(pushClientConfig, "pushClientConfig");
292
+ var auth = {
293
+ // ── Storage mode ──────────────────────────────────────────────────
294
+ getStorageMode() {
295
+ return _storageMode;
296
+ },
297
+ setStorageMode(mode) {
298
+ _storageMode = mode;
299
+ _storage = mode === "cookie" ? cookieBackend : localStorageBackend;
300
+ notifySessionChanged();
301
+ },
302
+ // ── Bearer token ──────────────────────────────────────────────────
303
+ getToken() {
304
+ return _storage.get(ACCESS_KEY);
305
+ },
306
+ setToken(token) {
307
+ _storage.set(ACCESS_KEY, token);
308
+ notifySessionChanged();
309
+ },
310
+ getRefreshToken() {
311
+ return _storage.get(REFRESH_KEY);
312
+ },
313
+ setRefreshToken(token) {
314
+ _storage.set(REFRESH_KEY, token);
315
+ notifySessionChanged();
316
+ },
317
+ clearTokens() {
318
+ _storage.set(ACCESS_KEY, null);
319
+ _storage.set(REFRESH_KEY, null);
320
+ notifySessionChanged();
321
+ },
322
+ /** Session-aware: token PRESENT and not past its `exp` (or a live refresh
323
+ * token exists that can mint one). Prefer `getSnapshot().status` in React. */
324
+ isAuthenticated() {
325
+ return computeSnapshot().status === "authenticated";
326
+ },
327
+ // ── Session (the ONE write path for login/logout flows) ──────────
328
+ /**
329
+ * Persist a token pair atomically. Every login flow (OTP verify, 2FA,
330
+ * OAuth callback) and the refresh handler should end here — do NOT
331
+ * scatter `setToken`/`setRefreshToken` pairs through app code.
332
+ * `refresh: undefined` keeps the current refresh token (access-only
333
+ * rotation); `refresh: null` explicitly drops it.
334
+ */
335
+ setSession(tokens) {
336
+ _storage.set(ACCESS_KEY, tokens.access);
337
+ if (tokens.refresh !== void 0) _storage.set(REFRESH_KEY, tokens.refresh);
338
+ notifySessionChanged();
339
+ },
340
+ clearSession() {
341
+ auth.clearTokens();
342
+ },
343
+ // ── Reactive snapshot (for useSyncExternalStore) ──────────────────
344
+ /**
345
+ * @example React:
346
+ * const session = useSyncExternalStore(
347
+ * auth.subscribe, auth.getSnapshot, auth.getServerSnapshot,
348
+ * );
349
+ * const isAuthenticated = session.status === 'authenticated';
350
+ */
351
+ getSnapshot() {
352
+ return _snapshot;
353
+ },
354
+ getServerSnapshot() {
355
+ return SERVER_SNAPSHOT;
356
+ },
357
+ subscribe(listener) {
358
+ ensureStorageSync();
359
+ _sessionListeners.add(listener);
360
+ notifySessionChanged();
361
+ return () => {
362
+ _sessionListeners.delete(listener);
363
+ if (_sessionListeners.size === 0 && _expiryTimer !== null) {
364
+ clearTimeout(_expiryTimer);
365
+ _expiryTimer = null;
366
+ }
367
+ };
368
+ },
369
+ /**
370
+ * Fired on TERMINAL 401 — after the refresh+retry path is exhausted.
371
+ * The store has already cleared the session before calling back, so
372
+ * handlers only need to route to login (no clear-then-redirect
373
+ * ordering to get wrong). Returns an unsubscribe function; multiple
374
+ * handlers compose (unlike the legacy single-slot `onUnauthorized`).
375
+ */
376
+ onSessionExpired(cb) {
377
+ _sessionExpiredHandlers.add(cb);
378
+ return () => {
379
+ _sessionExpiredHandlers.delete(cb);
380
+ };
381
+ },
382
+ // ── API key ───────────────────────────────────────────────────────
383
+ getApiKey() {
384
+ return _apiKeyOverride ?? _storage.get(API_KEY_KEY) ?? defaultApiKey();
385
+ },
386
+ setApiKey(key) {
387
+ _apiKeyOverride = key;
388
+ },
389
+ setApiKeyPersist(key) {
390
+ _apiKeyOverride = key;
391
+ _storage.set(API_KEY_KEY, key);
392
+ },
393
+ clearApiKey() {
394
+ _apiKeyOverride = null;
395
+ _storage.set(API_KEY_KEY, null);
396
+ },
397
+ // ── Locale ────────────────────────────────────────────────────────
398
+ getLocale() {
399
+ return _localeOverride ?? detectLocale();
400
+ },
401
+ setLocale(locale) {
402
+ _localeOverride = locale;
403
+ },
404
+ // ── Base URL ──────────────────────────────────────────────────────
405
+ getBaseUrl() {
406
+ const url = _baseUrlOverride ?? defaultBaseUrl();
407
+ return url.replace(/\/$/, "");
408
+ },
409
+ setBaseUrl(url) {
410
+ _baseUrlOverride = url ? url.replace(/\/$/, "") : null;
411
+ pushClientConfig();
412
+ },
413
+ // ── Credentials toggle ────────────────────────────────────────────
414
+ getWithCredentials() {
415
+ return _withCredentials;
416
+ },
417
+ setWithCredentials(value) {
418
+ _withCredentials = value;
419
+ pushClientConfig();
420
+ },
421
+ // ── 401 handler ───────────────────────────────────────────────────
422
+ /**
423
+ * Fired when the server returns 401 AND no refresh path recovers it
424
+ * (no refresh token, no refresh handler, refresh failed, or retry
425
+ * still 401). The app should clear local state and redirect to login.
426
+ *
427
+ * NOT fired for 401 that gets transparently recovered by the refresh
428
+ * handler — those are invisible to callers.
429
+ */
430
+ onUnauthorized(cb) {
431
+ _onUnauthorized = cb;
432
+ },
433
+ /**
434
+ * Register the refresh strategy. The handler receives the current
435
+ * refresh token and must call your refresh endpoint, returning
436
+ * `{ access, refresh? }` on success or `null` on failure.
437
+ *
438
+ * @example
439
+ * auth.setRefreshHandler(async (refresh) => {
440
+ * const { data } = await Auth.tokenRefreshCreate({ body: { refresh } });
441
+ * return data ? { access: data.access, refresh: data.refresh } : null;
442
+ * });
443
+ */
444
+ setRefreshHandler(fn) {
445
+ _refreshHandler = fn;
446
+ },
447
+ /**
448
+ * Proactively run the registered refresh handler right now, reusing the
449
+ * SAME single-flight promise as the 401-recovery interceptor. Callers
450
+ * (e.g. an expiry timer / focus / reconnect) get token rotation,
451
+ * de-duplication and rotated-token persistence for free — they must NOT
452
+ * re-implement any of it. Returns the fresh access token, or null if
453
+ * there is no handler / no refresh token / the refresh failed.
454
+ */
455
+ refreshNow() {
456
+ return tryRefresh();
457
+ }
458
+ };
1744
459
  async function tryRefresh() {
1745
460
  if (_refreshInflight) return _refreshInflight;
1746
461
  if (!_refreshHandler) return null;
@@ -1768,6 +483,7 @@ async function tryRefresh() {
1768
483
  })();
1769
484
  return _refreshInflight;
1770
485
  }
486
+ __name(tryRefresh, "tryRefresh");
1771
487
  function expireSession(response) {
1772
488
  auth.clearTokens();
1773
489
  for (const cb of Array.from(_sessionExpiredHandlers)) {
@@ -1783,6 +499,7 @@ function expireSession(response) {
1783
499
  }
1784
500
  }
1785
501
  }
502
+ __name(expireSession, "expireSession");
1786
503
  function dpopEnabled() {
1787
504
  try {
1788
505
  return typeof process !== "undefined" && process.env?.NEXT_PUBLIC_DPOP_ENABLED === "true";
@@ -1790,6 +507,10 @@ function dpopEnabled() {
1790
507
  return false;
1791
508
  }
1792
509
  }
510
+ __name(dpopEnabled, "dpopEnabled");
511
+ var _DPOP_DB = "cfg-auth";
512
+ var _DPOP_STORE = "keys";
513
+ var _DPOP_KEY_ID = "dpop-ec-p256";
1793
514
  function _idbOpen() {
1794
515
  return new Promise((resolve, reject) => {
1795
516
  const req = indexedDB.open(_DPOP_DB, 1);
@@ -1798,6 +519,7 @@ function _idbOpen() {
1798
519
  req.onerror = () => reject(req.error);
1799
520
  });
1800
521
  }
522
+ __name(_idbOpen, "_idbOpen");
1801
523
  function _idbGet(key) {
1802
524
  return _idbOpen().then((db) => new Promise((resolve, reject) => {
1803
525
  const tx = db.transaction(_DPOP_STORE, "readonly");
@@ -1806,6 +528,7 @@ function _idbGet(key) {
1806
528
  req.onerror = () => reject(req.error);
1807
529
  }));
1808
530
  }
531
+ __name(_idbGet, "_idbGet");
1809
532
  function _idbPut(key, value) {
1810
533
  return _idbOpen().then((db) => new Promise((resolve, reject) => {
1811
534
  const tx = db.transaction(_DPOP_STORE, "readwrite");
@@ -1814,6 +537,8 @@ function _idbPut(key, value) {
1814
537
  tx.onerror = () => reject(tx.error);
1815
538
  }));
1816
539
  }
540
+ __name(_idbPut, "_idbPut");
541
+ var _dpopKeyPromise = null;
1817
542
  function _getDpopKeyPair() {
1818
543
  if (_dpopKeyPromise) return _dpopKeyPromise;
1819
544
  _dpopKeyPromise = (async () => {
@@ -1831,19 +556,23 @@ function _getDpopKeyPair() {
1831
556
  })();
1832
557
  return _dpopKeyPromise;
1833
558
  }
559
+ __name(_getDpopKeyPair, "_getDpopKeyPair");
1834
560
  function _b64urlFromBytes(bytes) {
1835
561
  const arr = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes);
1836
562
  let s = "";
1837
563
  for (let i = 0; i < arr.length; i++) s += String.fromCharCode(arr[i]);
1838
564
  return btoa(s).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
1839
565
  }
566
+ __name(_b64urlFromBytes, "_b64urlFromBytes");
1840
567
  function _b64urlFromString(str) {
1841
568
  return _b64urlFromBytes(new TextEncoder().encode(str));
1842
569
  }
570
+ __name(_b64urlFromString, "_b64urlFromString");
1843
571
  async function _publicJwk(pub) {
1844
572
  const jwk = await crypto.subtle.exportKey("jwk", pub);
1845
573
  return { kty: "EC", crv: "P-256", x: jwk.x, y: jwk.y };
1846
574
  }
575
+ __name(_publicJwk, "_publicJwk");
1847
576
  async function _makeDpopProof(method, url) {
1848
577
  try {
1849
578
  const pair = await _getDpopKeyPair();
@@ -1862,464 +591,1628 @@ async function _makeDpopProof(method, url) {
1862
591
  } catch {
1863
592
  return null;
1864
593
  }
1865
- }
1866
- function installAuthOnClient(client2) {
1867
- if (_client) return;
1868
- _client = client2;
1869
- client2.setConfig({
1870
- baseUrl: auth.getBaseUrl(),
1871
- credentials: _withCredentials ? "include" : "same-origin"
1872
- });
1873
- client2.interceptors.request.use(async (request) => {
1874
- const token = auth.getToken();
1875
- if (token) request.headers.set("Authorization", `Bearer ${token}`);
1876
- const locale = auth.getLocale();
1877
- if (locale) request.headers.set("Accept-Language", locale);
1878
- const apiKey = auth.getApiKey();
1879
- if (apiKey && !request.headers.has("X-API-Key")) request.headers.set("X-API-Key", apiKey);
1880
- try {
1881
- const tz = Intl.DateTimeFormat().resolvedOptions().timeZone;
1882
- if (tz) request.headers.set("X-Timezone", tz);
1883
- } catch {
1884
- }
1885
- request.headers.set("X-Client-Time", (/* @__PURE__ */ new Date()).toISOString());
1886
- if (dpopEnabled() && typeof window !== "undefined") {
1887
- const proof = await _makeDpopProof(request.method, request.url);
1888
- if (proof) request.headers.set("DPoP", proof);
1889
- }
1890
- return request;
1891
- });
1892
- client2.interceptors.error.use((err, res, req) => {
1893
- if (err instanceof APIError) return err;
1894
- const url = req?.url ?? "";
1895
- const status = res?.status ?? 0;
1896
- const statusText = res?.statusText ?? "";
1897
- return new APIError(status, statusText, err, url);
1898
- });
1899
- client2.interceptors.response.use(async (response, request) => {
1900
- if (response.status !== 401) return response;
1901
- if (request.headers.get(RETRY_MARKER)) {
1902
- expireSession(response);
1903
- return response;
1904
- }
1905
- const newToken = await tryRefresh();
1906
- if (!newToken) {
1907
- expireSession(response);
1908
- return response;
1909
- }
1910
- const retry = request.clone();
1911
- retry.headers.set("Authorization", `Bearer ${newToken}`);
1912
- retry.headers.set(RETRY_MARKER, "1");
1913
- if (dpopEnabled() && typeof window !== "undefined") {
1914
- const proof = await _makeDpopProof(retry.method, retry.url);
1915
- if (proof) retry.headers.set("DPoP", proof);
1916
- }
1917
- try {
1918
- const retried = await fetch(retry);
1919
- if (retried.status === 401) expireSession(retried);
1920
- return retried;
1921
- } catch {
1922
- return response;
1923
- }
1924
- });
1925
- }
1926
- var ACCESS_KEY, REFRESH_KEY, API_KEY_KEY, isBrowser, localStorageBackend, COOKIE_MAX_AGE, cookieBackend, _storage, _storageMode, _localeOverride, _apiKeyOverride, _baseUrlOverride, _withCredentials, _onUnauthorized, _refreshHandler, _refreshInflight, RETRY_MARKER, SERVER_SNAPSHOT, SESSION_SYNC_EVENT, _snapshot, _sessionListeners, _expiryTimer, _storageListenerInstalled, _sessionExpiredHandlers, _client, auth, _DPOP_DB, _DPOP_STORE, _DPOP_KEY_ID, _dpopKeyPromise;
1927
- var init_auth = __esm({
1928
- "src/_api/generated/helpers/auth.ts"() {
1929
- init_errors();
1930
- ACCESS_KEY = "cfg.access_token";
1931
- REFRESH_KEY = "cfg.refresh_token";
1932
- API_KEY_KEY = "cfg.api_key";
1933
- isBrowser = typeof window !== "undefined";
1934
- localStorageBackend = {
1935
- get(key) {
1936
- if (!isBrowser) return null;
1937
- try {
1938
- return window.localStorage.getItem(key);
1939
- } catch {
1940
- return null;
1941
- }
1942
- },
1943
- set(key, value) {
1944
- if (!isBrowser) return;
1945
- try {
1946
- if (value === null) window.localStorage.removeItem(key);
1947
- else window.localStorage.setItem(key, value);
1948
- } catch {
1949
- }
594
+ }
595
+ __name(_makeDpopProof, "_makeDpopProof");
596
+ function installAuthOnClient(client2) {
597
+ if (_client) return;
598
+ _client = client2;
599
+ client2.setConfig({
600
+ baseUrl: auth.getBaseUrl(),
601
+ credentials: _withCredentials ? "include" : "same-origin"
602
+ });
603
+ client2.interceptors.request.use(async (request) => {
604
+ const token = auth.getToken();
605
+ if (token) request.headers.set("Authorization", `Bearer ${token}`);
606
+ const locale = auth.getLocale();
607
+ if (locale) request.headers.set("Accept-Language", locale);
608
+ const apiKey = auth.getApiKey();
609
+ if (apiKey && !request.headers.has("X-API-Key")) request.headers.set("X-API-Key", apiKey);
610
+ try {
611
+ const tz = Intl.DateTimeFormat().resolvedOptions().timeZone;
612
+ if (tz) request.headers.set("X-Timezone", tz);
613
+ } catch {
614
+ }
615
+ request.headers.set("X-Client-Time", (/* @__PURE__ */ new Date()).toISOString());
616
+ if (dpopEnabled() && typeof window !== "undefined") {
617
+ const proof = await _makeDpopProof(request.method, request.url);
618
+ if (proof) request.headers.set("DPoP", proof);
619
+ }
620
+ return request;
621
+ });
622
+ client2.interceptors.error.use((err, res, req) => {
623
+ if (err instanceof APIError) return err;
624
+ const url = req?.url ?? "";
625
+ const status = res?.status ?? 0;
626
+ const statusText = res?.statusText ?? "";
627
+ return new APIError(status, statusText, err, url);
628
+ });
629
+ client2.interceptors.response.use(async (response, request) => {
630
+ if (response.status !== 401) return response;
631
+ if (request.headers.get(RETRY_MARKER)) {
632
+ expireSession(response);
633
+ return response;
634
+ }
635
+ const newToken = await tryRefresh();
636
+ if (!newToken) {
637
+ expireSession(response);
638
+ return response;
639
+ }
640
+ const retry = request.clone();
641
+ retry.headers.set("Authorization", `Bearer ${newToken}`);
642
+ retry.headers.set(RETRY_MARKER, "1");
643
+ if (dpopEnabled() && typeof window !== "undefined") {
644
+ const proof = await _makeDpopProof(retry.method, retry.url);
645
+ if (proof) retry.headers.set("DPoP", proof);
646
+ }
647
+ try {
648
+ const retried = await fetch(retry);
649
+ if (retried.status === 401) expireSession(retried);
650
+ return retried;
651
+ } catch {
652
+ return response;
653
+ }
654
+ });
655
+ }
656
+ __name(installAuthOnClient, "installAuthOnClient");
657
+ var REFRESH_ENDPOINT = "/cfg/accounts/token/refresh/";
658
+ auth.setRefreshHandler(async (refresh) => {
659
+ try {
660
+ const url = `${auth.getBaseUrl()}${REFRESH_ENDPOINT}`;
661
+ const headers = { "Content-Type": "application/json" };
662
+ if (dpopEnabled() && typeof window !== "undefined") {
663
+ const proof = await _makeDpopProof("POST", url);
664
+ if (proof) headers["DPoP"] = proof;
665
+ }
666
+ const res = await fetch(url, {
667
+ method: "POST",
668
+ headers,
669
+ credentials: auth.getWithCredentials() ? "include" : "same-origin",
670
+ body: JSON.stringify({ refresh })
671
+ });
672
+ if (!res.ok) return null;
673
+ const data = await res.json();
674
+ return data?.access ? { access: data.access, refresh: data.refresh ?? refresh } : null;
675
+ } catch {
676
+ return null;
677
+ }
678
+ });
679
+
680
+ // src/_api/generated/helpers/logger.ts
681
+ var import_consola = require("consola");
682
+ var DEFAULT_CONFIG = {
683
+ enabled: typeof process !== "undefined" && process.env.NODE_ENV !== "production",
684
+ logRequests: true,
685
+ logResponses: true,
686
+ logErrors: true,
687
+ logBodies: true,
688
+ logHeaders: false
689
+ };
690
+ var SENSITIVE_HEADERS = [
691
+ "authorization",
692
+ "cookie",
693
+ "set-cookie",
694
+ "x-api-key",
695
+ "x-csrf-token"
696
+ ];
697
+ var APILogger = class {
698
+ static {
699
+ __name(this, "APILogger");
700
+ }
701
+ config;
702
+ consola;
703
+ constructor(config = {}) {
704
+ this.config = { ...DEFAULT_CONFIG, ...config };
705
+ this.consola = config.consola || (0, import_consola.createConsola)({
706
+ level: this.config.enabled ? 4 : 0
707
+ });
708
+ }
709
+ enable() {
710
+ this.config.enabled = true;
711
+ }
712
+ disable() {
713
+ this.config.enabled = false;
714
+ }
715
+ setConfig(config) {
716
+ this.config = { ...this.config, ...config };
717
+ }
718
+ filterHeaders(headers) {
719
+ if (!headers) return {};
720
+ const filtered = {};
721
+ Object.keys(headers).forEach((key) => {
722
+ filtered[key] = SENSITIVE_HEADERS.includes(key.toLowerCase()) ? "***" : headers[key] || "";
723
+ });
724
+ return filtered;
725
+ }
726
+ logRequest(request) {
727
+ if (!this.config.enabled || !this.config.logRequests) return;
728
+ const { method, url, headers, body } = request;
729
+ this.consola.start(`${method} ${url}`);
730
+ if (this.config.logHeaders && headers) this.consola.debug("Headers:", this.filterHeaders(headers));
731
+ if (this.config.logBodies && body) this.consola.debug("Body:", body);
732
+ }
733
+ logResponse(request, response) {
734
+ if (!this.config.enabled || !this.config.logResponses) return;
735
+ const { method, url } = request;
736
+ const { status, statusText, data, duration } = response;
737
+ this.consola.success(`${method} ${url} ${status} ${statusText} (${duration}ms)`);
738
+ if (this.config.logBodies && data) this.consola.debug("Response:", data);
739
+ }
740
+ logError(request, error) {
741
+ if (!this.config.enabled || !this.config.logErrors) return;
742
+ const { method, url } = request;
743
+ const { message, statusCode, fieldErrors, duration } = error;
744
+ this.consola.error(`${method} ${url} ${statusCode || "Network"} Error (${duration}ms)`);
745
+ this.consola.error("Message:", message);
746
+ if (fieldErrors && Object.keys(fieldErrors).length > 0) {
747
+ this.consola.error("Field Errors:");
748
+ Object.entries(fieldErrors).forEach(([field, errors]) => {
749
+ errors.forEach((err) => this.consola.error(` \u2022 ${field}: ${err}`));
750
+ });
751
+ }
752
+ }
753
+ info(message, ...args) {
754
+ if (this.config.enabled) this.consola.info(message, ...args);
755
+ }
756
+ warn(message, ...args) {
757
+ if (this.config.enabled) this.consola.warn(message, ...args);
758
+ }
759
+ error(message, ...args) {
760
+ if (this.config.enabled) this.consola.error(message, ...args);
761
+ }
762
+ debug(message, ...args) {
763
+ if (this.config.enabled) this.consola.debug(message, ...args);
764
+ }
765
+ success(message, ...args) {
766
+ if (this.config.enabled) this.consola.success(message, ...args);
767
+ }
768
+ withTag(tag) {
769
+ return this.consola.withTag(tag);
770
+ }
771
+ };
772
+ var defaultLogger = new APILogger();
773
+
774
+ // src/_api/generated/core/bodySerializer.gen.ts
775
+ var serializeFormDataPair = /* @__PURE__ */ __name((data, key, value) => {
776
+ if (typeof value === "string" || value instanceof Blob) {
777
+ data.append(key, value);
778
+ } else if (value instanceof Date) {
779
+ data.append(key, value.toISOString());
780
+ } else {
781
+ data.append(key, JSON.stringify(value));
782
+ }
783
+ }, "serializeFormDataPair");
784
+ var formDataBodySerializer = {
785
+ bodySerializer: /* @__PURE__ */ __name((body) => {
786
+ const data = new FormData();
787
+ Object.entries(body).forEach(([key, value]) => {
788
+ if (value === void 0 || value === null) {
789
+ return;
790
+ }
791
+ if (Array.isArray(value)) {
792
+ value.forEach((v) => serializeFormDataPair(data, key, v));
793
+ } else {
794
+ serializeFormDataPair(data, key, value);
795
+ }
796
+ });
797
+ return data;
798
+ }, "bodySerializer")
799
+ };
800
+ var jsonBodySerializer = {
801
+ bodySerializer: /* @__PURE__ */ __name((body) => JSON.stringify(body, (_key, value) => typeof value === "bigint" ? value.toString() : value), "bodySerializer")
802
+ };
803
+
804
+ // src/_api/generated/core/params.gen.ts
805
+ var extraPrefixesMap = {
806
+ $body_: "body",
807
+ $headers_: "headers",
808
+ $path_: "path",
809
+ $query_: "query"
810
+ };
811
+ var extraPrefixes = Object.entries(extraPrefixesMap);
812
+
813
+ // src/_api/generated/core/serverSentEvents.gen.ts
814
+ function createSseClient({
815
+ onRequest,
816
+ onSseError,
817
+ onSseEvent,
818
+ responseTransformer,
819
+ responseValidator,
820
+ sseDefaultRetryDelay,
821
+ sseMaxRetryAttempts,
822
+ sseMaxRetryDelay,
823
+ sseSleepFn,
824
+ url,
825
+ ...options
826
+ }) {
827
+ let lastEventId;
828
+ const sleep = sseSleepFn ?? ((ms) => new Promise((resolve) => setTimeout(resolve, ms)));
829
+ const createStream = /* @__PURE__ */ __name(async function* () {
830
+ let retryDelay = sseDefaultRetryDelay ?? 3e3;
831
+ let attempt = 0;
832
+ const signal = options.signal ?? new AbortController().signal;
833
+ while (true) {
834
+ if (signal.aborted) break;
835
+ attempt++;
836
+ const headers = options.headers instanceof Headers ? options.headers : new Headers(options.headers);
837
+ if (lastEventId !== void 0) {
838
+ headers.set("Last-Event-ID", lastEventId);
839
+ }
840
+ try {
841
+ const requestInit = {
842
+ redirect: "follow",
843
+ ...options,
844
+ body: options.serializedBody,
845
+ headers,
846
+ signal
847
+ };
848
+ let request = new Request(url, requestInit);
849
+ if (onRequest) {
850
+ request = await onRequest(url, requestInit);
851
+ }
852
+ const _fetch = options.fetch ?? globalThis.fetch;
853
+ const response = await _fetch(request);
854
+ if (!response.ok) throw new Error(`SSE failed: ${response.status} ${response.statusText}`);
855
+ if (!response.body) throw new Error("No body in SSE response");
856
+ const reader = response.body.pipeThrough(new TextDecoderStream()).getReader();
857
+ let buffer = "";
858
+ const abortHandler = /* @__PURE__ */ __name(() => {
859
+ try {
860
+ reader.cancel();
861
+ } catch {
862
+ }
863
+ }, "abortHandler");
864
+ signal.addEventListener("abort", abortHandler);
865
+ try {
866
+ while (true) {
867
+ const { done, value } = await reader.read();
868
+ if (done) break;
869
+ buffer += value;
870
+ buffer = buffer.replace(/\r\n?/g, "\n");
871
+ const chunks = buffer.split("\n\n");
872
+ buffer = chunks.pop() ?? "";
873
+ for (const chunk of chunks) {
874
+ const lines = chunk.split("\n");
875
+ const dataLines = [];
876
+ let eventName;
877
+ for (const line of lines) {
878
+ if (line.startsWith("data:")) {
879
+ dataLines.push(line.replace(/^data:\s*/, ""));
880
+ } else if (line.startsWith("event:")) {
881
+ eventName = line.replace(/^event:\s*/, "");
882
+ } else if (line.startsWith("id:")) {
883
+ lastEventId = line.replace(/^id:\s*/, "");
884
+ } else if (line.startsWith("retry:")) {
885
+ const parsed = Number.parseInt(line.replace(/^retry:\s*/, ""), 10);
886
+ if (!Number.isNaN(parsed)) {
887
+ retryDelay = parsed;
888
+ }
889
+ }
890
+ }
891
+ let data;
892
+ let parsedJson = false;
893
+ if (dataLines.length) {
894
+ const rawData = dataLines.join("\n");
895
+ try {
896
+ data = JSON.parse(rawData);
897
+ parsedJson = true;
898
+ } catch {
899
+ data = rawData;
900
+ }
901
+ }
902
+ if (parsedJson) {
903
+ if (responseValidator) {
904
+ await responseValidator(data);
905
+ }
906
+ if (responseTransformer) {
907
+ data = await responseTransformer(data);
908
+ }
909
+ }
910
+ onSseEvent?.({
911
+ data,
912
+ event: eventName,
913
+ id: lastEventId,
914
+ retry: retryDelay
915
+ });
916
+ if (dataLines.length) {
917
+ yield data;
918
+ }
919
+ }
920
+ }
921
+ } finally {
922
+ signal.removeEventListener("abort", abortHandler);
923
+ reader.releaseLock();
924
+ }
925
+ break;
926
+ } catch (error) {
927
+ onSseError?.(error);
928
+ if (sseMaxRetryAttempts !== void 0 && attempt >= sseMaxRetryAttempts) {
929
+ break;
930
+ }
931
+ const backoff = Math.min(retryDelay * 2 ** (attempt - 1), sseMaxRetryDelay ?? 3e4);
932
+ await sleep(backoff);
933
+ }
934
+ }
935
+ }, "createStream");
936
+ const stream = createStream();
937
+ return { stream };
938
+ }
939
+ __name(createSseClient, "createSseClient");
940
+
941
+ // src/_api/generated/core/pathSerializer.gen.ts
942
+ var separatorArrayExplode = /* @__PURE__ */ __name((style) => {
943
+ switch (style) {
944
+ case "label":
945
+ return ".";
946
+ case "matrix":
947
+ return ";";
948
+ case "simple":
949
+ return ",";
950
+ default:
951
+ return "&";
952
+ }
953
+ }, "separatorArrayExplode");
954
+ var separatorArrayNoExplode = /* @__PURE__ */ __name((style) => {
955
+ switch (style) {
956
+ case "form":
957
+ return ",";
958
+ case "pipeDelimited":
959
+ return "|";
960
+ case "spaceDelimited":
961
+ return "%20";
962
+ default:
963
+ return ",";
964
+ }
965
+ }, "separatorArrayNoExplode");
966
+ var separatorObjectExplode = /* @__PURE__ */ __name((style) => {
967
+ switch (style) {
968
+ case "label":
969
+ return ".";
970
+ case "matrix":
971
+ return ";";
972
+ case "simple":
973
+ return ",";
974
+ default:
975
+ return "&";
976
+ }
977
+ }, "separatorObjectExplode");
978
+ var serializeArrayParam = /* @__PURE__ */ __name(({
979
+ allowReserved,
980
+ explode,
981
+ name,
982
+ style,
983
+ value
984
+ }) => {
985
+ if (!explode) {
986
+ const joinedValues2 = (allowReserved ? value : value.map((v) => encodeURIComponent(v))).join(separatorArrayNoExplode(style));
987
+ switch (style) {
988
+ case "label":
989
+ return `.${joinedValues2}`;
990
+ case "matrix":
991
+ return `;${name}=${joinedValues2}`;
992
+ case "simple":
993
+ return joinedValues2;
994
+ default:
995
+ return `${name}=${joinedValues2}`;
996
+ }
997
+ }
998
+ const separator = separatorArrayExplode(style);
999
+ const joinedValues = value.map((v) => {
1000
+ if (style === "label" || style === "simple") {
1001
+ return allowReserved ? v : encodeURIComponent(v);
1002
+ }
1003
+ return serializePrimitiveParam({
1004
+ allowReserved,
1005
+ name,
1006
+ value: v
1007
+ });
1008
+ }).join(separator);
1009
+ return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
1010
+ }, "serializeArrayParam");
1011
+ var serializePrimitiveParam = /* @__PURE__ */ __name(({
1012
+ allowReserved,
1013
+ name,
1014
+ value
1015
+ }) => {
1016
+ if (value === void 0 || value === null) {
1017
+ return "";
1018
+ }
1019
+ if (typeof value === "object") {
1020
+ throw new Error(
1021
+ "Deeply-nested arrays/objects aren\u2019t supported. Provide your own `querySerializer()` to handle these."
1022
+ );
1023
+ }
1024
+ return `${name}=${allowReserved ? value : encodeURIComponent(value)}`;
1025
+ }, "serializePrimitiveParam");
1026
+ var serializeObjectParam = /* @__PURE__ */ __name(({
1027
+ allowReserved,
1028
+ explode,
1029
+ name,
1030
+ style,
1031
+ value,
1032
+ valueOnly
1033
+ }) => {
1034
+ if (value instanceof Date) {
1035
+ return valueOnly ? value.toISOString() : `${name}=${value.toISOString()}`;
1036
+ }
1037
+ if (style !== "deepObject" && !explode) {
1038
+ let values = [];
1039
+ Object.entries(value).forEach(([key, v]) => {
1040
+ values = [...values, key, allowReserved ? v : encodeURIComponent(v)];
1041
+ });
1042
+ const joinedValues2 = values.join(",");
1043
+ switch (style) {
1044
+ case "form":
1045
+ return `${name}=${joinedValues2}`;
1046
+ case "label":
1047
+ return `.${joinedValues2}`;
1048
+ case "matrix":
1049
+ return `;${name}=${joinedValues2}`;
1050
+ default:
1051
+ return joinedValues2;
1052
+ }
1053
+ }
1054
+ const separator = separatorObjectExplode(style);
1055
+ const joinedValues = Object.entries(value).map(
1056
+ ([key, v]) => serializePrimitiveParam({
1057
+ allowReserved,
1058
+ name: style === "deepObject" ? `${name}[${key}]` : key,
1059
+ value: v
1060
+ })
1061
+ ).join(separator);
1062
+ return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
1063
+ }, "serializeObjectParam");
1064
+
1065
+ // src/_api/generated/core/utils.gen.ts
1066
+ var PATH_PARAM_RE = /\{[^{}]+\}/g;
1067
+ var defaultPathSerializer = /* @__PURE__ */ __name(({ path, url: _url }) => {
1068
+ let url = _url;
1069
+ const matches = _url.match(PATH_PARAM_RE);
1070
+ if (matches) {
1071
+ for (const match of matches) {
1072
+ let explode = false;
1073
+ let name = match.substring(1, match.length - 1);
1074
+ let style = "simple";
1075
+ if (name.endsWith("*")) {
1076
+ explode = true;
1077
+ name = name.substring(0, name.length - 1);
1078
+ }
1079
+ if (name.startsWith(".")) {
1080
+ name = name.substring(1);
1081
+ style = "label";
1082
+ } else if (name.startsWith(";")) {
1083
+ name = name.substring(1);
1084
+ style = "matrix";
1085
+ }
1086
+ const value = path[name];
1087
+ if (value === void 0 || value === null) {
1088
+ continue;
1089
+ }
1090
+ if (Array.isArray(value)) {
1091
+ url = url.replace(match, serializeArrayParam({ explode, name, style, value }));
1092
+ continue;
1093
+ }
1094
+ if (typeof value === "object") {
1095
+ url = url.replace(
1096
+ match,
1097
+ serializeObjectParam({
1098
+ explode,
1099
+ name,
1100
+ style,
1101
+ value,
1102
+ valueOnly: true
1103
+ })
1104
+ );
1105
+ continue;
1106
+ }
1107
+ if (style === "matrix") {
1108
+ url = url.replace(
1109
+ match,
1110
+ `;${serializePrimitiveParam({
1111
+ name,
1112
+ value
1113
+ })}`
1114
+ );
1115
+ continue;
1116
+ }
1117
+ const replaceValue = encodeURIComponent(
1118
+ style === "label" ? `.${value}` : value
1119
+ );
1120
+ url = url.replace(match, replaceValue);
1121
+ }
1122
+ }
1123
+ return url;
1124
+ }, "defaultPathSerializer");
1125
+ var getUrl = /* @__PURE__ */ __name(({
1126
+ baseUrl,
1127
+ path,
1128
+ query,
1129
+ querySerializer,
1130
+ url: _url
1131
+ }) => {
1132
+ const pathUrl = _url.startsWith("/") ? _url : `/${_url}`;
1133
+ let url = (baseUrl ?? "") + pathUrl;
1134
+ if (path) {
1135
+ url = defaultPathSerializer({ path, url });
1136
+ }
1137
+ let search = query ? querySerializer(query) : "";
1138
+ if (search.startsWith("?")) {
1139
+ search = search.substring(1);
1140
+ }
1141
+ if (search) {
1142
+ url += `?${search}`;
1143
+ }
1144
+ return url;
1145
+ }, "getUrl");
1146
+ function getValidRequestBody(options) {
1147
+ const hasBody = options.body !== void 0;
1148
+ const isSerializedBody = hasBody && options.bodySerializer;
1149
+ if (isSerializedBody) {
1150
+ if ("serializedBody" in options) {
1151
+ const hasSerializedBody = options.serializedBody !== void 0 && options.serializedBody !== "";
1152
+ return hasSerializedBody ? options.serializedBody : null;
1153
+ }
1154
+ return options.body !== "" ? options.body : null;
1155
+ }
1156
+ if (hasBody) {
1157
+ return options.body;
1158
+ }
1159
+ return void 0;
1160
+ }
1161
+ __name(getValidRequestBody, "getValidRequestBody");
1162
+
1163
+ // src/_api/generated/core/auth.gen.ts
1164
+ var getAuthToken = /* @__PURE__ */ __name(async (auth2, callback) => {
1165
+ const token = typeof callback === "function" ? await callback(auth2) : callback;
1166
+ if (!token) {
1167
+ return;
1168
+ }
1169
+ if (auth2.scheme === "bearer") {
1170
+ return `Bearer ${token}`;
1171
+ }
1172
+ if (auth2.scheme === "basic") {
1173
+ return `Basic ${btoa(token)}`;
1174
+ }
1175
+ return token;
1176
+ }, "getAuthToken");
1177
+
1178
+ // src/_api/generated/client/utils.gen.ts
1179
+ var createQuerySerializer = /* @__PURE__ */ __name(({
1180
+ parameters = {},
1181
+ ...args
1182
+ } = {}) => {
1183
+ const querySerializer = /* @__PURE__ */ __name((queryParams) => {
1184
+ const search = [];
1185
+ if (queryParams && typeof queryParams === "object") {
1186
+ for (const name in queryParams) {
1187
+ const value = queryParams[name];
1188
+ if (value === void 0 || value === null) {
1189
+ continue;
1190
+ }
1191
+ const options = parameters[name] || args;
1192
+ if (Array.isArray(value)) {
1193
+ const serializedArray = serializeArrayParam({
1194
+ allowReserved: options.allowReserved,
1195
+ explode: true,
1196
+ name,
1197
+ style: "form",
1198
+ value,
1199
+ ...options.array
1200
+ });
1201
+ if (serializedArray) search.push(serializedArray);
1202
+ } else if (typeof value === "object") {
1203
+ const serializedObject = serializeObjectParam({
1204
+ allowReserved: options.allowReserved,
1205
+ explode: true,
1206
+ name,
1207
+ style: "deepObject",
1208
+ value,
1209
+ ...options.object
1210
+ });
1211
+ if (serializedObject) search.push(serializedObject);
1212
+ } else {
1213
+ const serializedPrimitive = serializePrimitiveParam({
1214
+ allowReserved: options.allowReserved,
1215
+ name,
1216
+ value
1217
+ });
1218
+ if (serializedPrimitive) search.push(serializedPrimitive);
1219
+ }
1220
+ }
1221
+ }
1222
+ return search.join("&");
1223
+ }, "querySerializer");
1224
+ return querySerializer;
1225
+ }, "createQuerySerializer");
1226
+ var getParseAs = /* @__PURE__ */ __name((contentType) => {
1227
+ if (!contentType) {
1228
+ return "stream";
1229
+ }
1230
+ const cleanContent = contentType.split(";")[0]?.trim();
1231
+ if (!cleanContent) {
1232
+ return;
1233
+ }
1234
+ if (cleanContent.startsWith("application/json") || cleanContent.endsWith("+json")) {
1235
+ return "json";
1236
+ }
1237
+ if (cleanContent === "multipart/form-data") {
1238
+ return "formData";
1239
+ }
1240
+ if (["application/", "audio/", "image/", "video/"].some((type) => cleanContent.startsWith(type))) {
1241
+ return "blob";
1242
+ }
1243
+ if (cleanContent.startsWith("text/")) {
1244
+ return "text";
1245
+ }
1246
+ return;
1247
+ }, "getParseAs");
1248
+ var checkForExistence = /* @__PURE__ */ __name((options, name) => {
1249
+ if (!name) {
1250
+ return false;
1251
+ }
1252
+ if (options.headers.has(name) || options.query?.[name] || options.headers.get("Cookie")?.includes(`${name}=`)) {
1253
+ return true;
1254
+ }
1255
+ return false;
1256
+ }, "checkForExistence");
1257
+ async function setAuthParams(options) {
1258
+ for (const auth2 of options.security ?? []) {
1259
+ if (checkForExistence(options, auth2.name)) {
1260
+ continue;
1261
+ }
1262
+ const token = await getAuthToken(auth2, options.auth);
1263
+ if (!token) {
1264
+ continue;
1265
+ }
1266
+ const name = auth2.name ?? "Authorization";
1267
+ switch (auth2.in) {
1268
+ case "query":
1269
+ if (!options.query) {
1270
+ options.query = {};
1271
+ }
1272
+ options.query[name] = token;
1273
+ break;
1274
+ case "cookie":
1275
+ options.headers.append("Cookie", `${name}=${token}`);
1276
+ break;
1277
+ case "header":
1278
+ default:
1279
+ options.headers.set(name, token);
1280
+ break;
1281
+ }
1282
+ }
1283
+ }
1284
+ __name(setAuthParams, "setAuthParams");
1285
+ var buildUrl = /* @__PURE__ */ __name((options) => getUrl({
1286
+ baseUrl: options.baseUrl,
1287
+ path: options.path,
1288
+ query: options.query,
1289
+ querySerializer: typeof options.querySerializer === "function" ? options.querySerializer : createQuerySerializer(options.querySerializer),
1290
+ url: options.url
1291
+ }), "buildUrl");
1292
+ var mergeConfigs = /* @__PURE__ */ __name((a, b) => {
1293
+ const config = { ...a, ...b };
1294
+ if (config.baseUrl?.endsWith("/")) {
1295
+ config.baseUrl = config.baseUrl.substring(0, config.baseUrl.length - 1);
1296
+ }
1297
+ config.headers = mergeHeaders(a.headers, b.headers);
1298
+ return config;
1299
+ }, "mergeConfigs");
1300
+ var headersEntries = /* @__PURE__ */ __name((headers) => {
1301
+ const entries = [];
1302
+ headers.forEach((value, key) => {
1303
+ entries.push([key, value]);
1304
+ });
1305
+ return entries;
1306
+ }, "headersEntries");
1307
+ var mergeHeaders = /* @__PURE__ */ __name((...headers) => {
1308
+ const mergedHeaders = new Headers();
1309
+ for (const header of headers) {
1310
+ if (!header) {
1311
+ continue;
1312
+ }
1313
+ const iterator = header instanceof Headers ? headersEntries(header) : Object.entries(header);
1314
+ for (const [key, value] of iterator) {
1315
+ if (value === null) {
1316
+ mergedHeaders.delete(key);
1317
+ } else if (Array.isArray(value)) {
1318
+ for (const v of value) {
1319
+ mergedHeaders.append(key, v);
1320
+ }
1321
+ } else if (value !== void 0) {
1322
+ mergedHeaders.set(
1323
+ key,
1324
+ typeof value === "object" ? JSON.stringify(value) : value
1325
+ );
1326
+ }
1327
+ }
1328
+ }
1329
+ return mergedHeaders;
1330
+ }, "mergeHeaders");
1331
+ var Interceptors = class {
1332
+ static {
1333
+ __name(this, "Interceptors");
1334
+ }
1335
+ fns = [];
1336
+ clear() {
1337
+ this.fns = [];
1338
+ }
1339
+ eject(id) {
1340
+ const index = this.getInterceptorIndex(id);
1341
+ if (this.fns[index]) {
1342
+ this.fns[index] = null;
1343
+ }
1344
+ }
1345
+ exists(id) {
1346
+ const index = this.getInterceptorIndex(id);
1347
+ return Boolean(this.fns[index]);
1348
+ }
1349
+ getInterceptorIndex(id) {
1350
+ if (typeof id === "number") {
1351
+ return this.fns[id] ? id : -1;
1352
+ }
1353
+ return this.fns.indexOf(id);
1354
+ }
1355
+ update(id, fn) {
1356
+ const index = this.getInterceptorIndex(id);
1357
+ if (this.fns[index]) {
1358
+ this.fns[index] = fn;
1359
+ return id;
1360
+ }
1361
+ return false;
1362
+ }
1363
+ use(fn) {
1364
+ this.fns.push(fn);
1365
+ return this.fns.length - 1;
1366
+ }
1367
+ };
1368
+ var createInterceptors = /* @__PURE__ */ __name(() => ({
1369
+ error: new Interceptors(),
1370
+ request: new Interceptors(),
1371
+ response: new Interceptors()
1372
+ }), "createInterceptors");
1373
+ var defaultQuerySerializer = createQuerySerializer({
1374
+ allowReserved: false,
1375
+ array: {
1376
+ explode: true,
1377
+ style: "form"
1378
+ },
1379
+ object: {
1380
+ explode: true,
1381
+ style: "deepObject"
1382
+ }
1383
+ });
1384
+ var defaultHeaders = {
1385
+ "Content-Type": "application/json"
1386
+ };
1387
+ var createConfig = /* @__PURE__ */ __name((override = {}) => ({
1388
+ ...jsonBodySerializer,
1389
+ headers: defaultHeaders,
1390
+ parseAs: "auto",
1391
+ querySerializer: defaultQuerySerializer,
1392
+ ...override
1393
+ }), "createConfig");
1394
+
1395
+ // src/_api/generated/client/client.gen.ts
1396
+ var createClient = /* @__PURE__ */ __name((config = {}) => {
1397
+ let _config = mergeConfigs(createConfig(), config);
1398
+ const getConfig = /* @__PURE__ */ __name(() => ({ ..._config }), "getConfig");
1399
+ const setConfig = /* @__PURE__ */ __name((config2) => {
1400
+ _config = mergeConfigs(_config, config2);
1401
+ return getConfig();
1402
+ }, "setConfig");
1403
+ const interceptors = createInterceptors();
1404
+ const beforeRequest = /* @__PURE__ */ __name(async (options) => {
1405
+ const opts = {
1406
+ ..._config,
1407
+ ...options,
1408
+ fetch: options.fetch ?? _config.fetch ?? globalThis.fetch,
1409
+ headers: mergeHeaders(_config.headers, options.headers),
1410
+ serializedBody: void 0
1411
+ };
1412
+ if (opts.security) {
1413
+ await setAuthParams(opts);
1414
+ }
1415
+ if (opts.requestValidator) {
1416
+ await opts.requestValidator(opts);
1417
+ }
1418
+ if (opts.body !== void 0 && opts.bodySerializer) {
1419
+ opts.serializedBody = opts.bodySerializer(opts.body);
1420
+ }
1421
+ if (opts.body === void 0 || opts.serializedBody === "") {
1422
+ opts.headers.delete("Content-Type");
1423
+ }
1424
+ const resolvedOpts = opts;
1425
+ const url = buildUrl(resolvedOpts);
1426
+ return { opts: resolvedOpts, url };
1427
+ }, "beforeRequest");
1428
+ const request = /* @__PURE__ */ __name(async (options) => {
1429
+ const throwOnError = options.throwOnError ?? _config.throwOnError;
1430
+ const responseStyle = options.responseStyle ?? _config.responseStyle;
1431
+ let request2;
1432
+ let response;
1433
+ try {
1434
+ const { opts, url } = await beforeRequest(options);
1435
+ const requestInit = {
1436
+ redirect: "follow",
1437
+ ...opts,
1438
+ body: getValidRequestBody(opts)
1439
+ };
1440
+ request2 = new Request(url, requestInit);
1441
+ for (const fn of interceptors.request.fns) {
1442
+ if (fn) {
1443
+ request2 = await fn(request2, opts);
1444
+ }
1445
+ }
1446
+ const _fetch = opts.fetch;
1447
+ response = await _fetch(request2);
1448
+ for (const fn of interceptors.response.fns) {
1449
+ if (fn) {
1450
+ response = await fn(response, request2, opts);
1451
+ }
1452
+ }
1453
+ const result = {
1454
+ request: request2,
1455
+ response
1456
+ };
1457
+ if (response.ok) {
1458
+ const parseAs = (opts.parseAs === "auto" ? getParseAs(response.headers.get("Content-Type")) : opts.parseAs) ?? "json";
1459
+ if (response.status === 204 || response.headers.get("Content-Length") === "0") {
1460
+ let emptyData;
1461
+ switch (parseAs) {
1462
+ case "arrayBuffer":
1463
+ case "blob":
1464
+ case "text":
1465
+ emptyData = await response[parseAs]();
1466
+ break;
1467
+ case "formData":
1468
+ emptyData = new FormData();
1469
+ break;
1470
+ case "stream":
1471
+ emptyData = response.body;
1472
+ break;
1473
+ case "json":
1474
+ default:
1475
+ emptyData = {};
1476
+ break;
1477
+ }
1478
+ return opts.responseStyle === "data" ? emptyData : {
1479
+ data: emptyData,
1480
+ ...result
1481
+ };
1482
+ }
1483
+ let data;
1484
+ switch (parseAs) {
1485
+ case "arrayBuffer":
1486
+ case "blob":
1487
+ case "formData":
1488
+ case "text":
1489
+ data = await response[parseAs]();
1490
+ break;
1491
+ case "json": {
1492
+ const text = await response.text();
1493
+ data = text ? JSON.parse(text) : {};
1494
+ break;
1495
+ }
1496
+ case "stream":
1497
+ return opts.responseStyle === "data" ? response.body : {
1498
+ data: response.body,
1499
+ ...result
1500
+ };
1501
+ }
1502
+ if (parseAs === "json") {
1503
+ if (opts.responseValidator) {
1504
+ await opts.responseValidator(data);
1505
+ }
1506
+ if (opts.responseTransformer) {
1507
+ data = await opts.responseTransformer(data);
1508
+ }
1509
+ }
1510
+ return opts.responseStyle === "data" ? data : {
1511
+ data,
1512
+ ...result
1513
+ };
1514
+ }
1515
+ const textError = await response.text();
1516
+ let jsonError;
1517
+ try {
1518
+ jsonError = JSON.parse(textError);
1519
+ } catch {
1520
+ }
1521
+ throw jsonError ?? textError;
1522
+ } catch (error) {
1523
+ let finalError = error;
1524
+ for (const fn of interceptors.error.fns) {
1525
+ if (fn) {
1526
+ finalError = await fn(finalError, response, request2, options);
1527
+ }
1528
+ }
1529
+ finalError = finalError || {};
1530
+ if (throwOnError) {
1531
+ throw finalError;
1532
+ }
1533
+ return responseStyle === "data" ? void 0 : {
1534
+ error: finalError,
1535
+ request: request2,
1536
+ response
1537
+ };
1538
+ }
1539
+ }, "request");
1540
+ const makeMethodFn = /* @__PURE__ */ __name((method) => (options) => request({ ...options, method }), "makeMethodFn");
1541
+ const makeSseFn = /* @__PURE__ */ __name((method) => async (options) => {
1542
+ const { opts, url } = await beforeRequest(options);
1543
+ return createSseClient({
1544
+ ...opts,
1545
+ body: opts.body,
1546
+ method,
1547
+ onRequest: /* @__PURE__ */ __name(async (url2, init) => {
1548
+ let request2 = new Request(url2, init);
1549
+ for (const fn of interceptors.request.fns) {
1550
+ if (fn) {
1551
+ request2 = await fn(request2, opts);
1552
+ }
1553
+ }
1554
+ return request2;
1555
+ }, "onRequest"),
1556
+ serializedBody: getValidRequestBody(opts),
1557
+ url
1558
+ });
1559
+ }, "makeSseFn");
1560
+ const _buildUrl = /* @__PURE__ */ __name((options) => buildUrl({ ..._config, ...options }), "_buildUrl");
1561
+ return {
1562
+ buildUrl: _buildUrl,
1563
+ connect: makeMethodFn("CONNECT"),
1564
+ delete: makeMethodFn("DELETE"),
1565
+ get: makeMethodFn("GET"),
1566
+ getConfig,
1567
+ head: makeMethodFn("HEAD"),
1568
+ interceptors,
1569
+ options: makeMethodFn("OPTIONS"),
1570
+ patch: makeMethodFn("PATCH"),
1571
+ post: makeMethodFn("POST"),
1572
+ put: makeMethodFn("PUT"),
1573
+ request,
1574
+ setConfig,
1575
+ sse: {
1576
+ connect: makeSseFn("CONNECT"),
1577
+ delete: makeSseFn("DELETE"),
1578
+ get: makeSseFn("GET"),
1579
+ head: makeSseFn("HEAD"),
1580
+ options: makeSseFn("OPTIONS"),
1581
+ patch: makeSseFn("PATCH"),
1582
+ post: makeSseFn("POST"),
1583
+ put: makeSseFn("PUT"),
1584
+ trace: makeSseFn("TRACE")
1585
+ },
1586
+ trace: makeMethodFn("TRACE")
1587
+ };
1588
+ }, "createClient");
1589
+
1590
+ // src/_api/generated/client.gen.ts
1591
+ var client = createClient(createConfig({ baseUrl: "http://localhost:8000" }));
1592
+ installAuthOnClient(client);
1593
+
1594
+ // src/_api/generated/sdk.gen.ts
1595
+ var CfgAccountsApiKey = class {
1596
+ static {
1597
+ __name(this, "CfgAccountsApiKey");
1598
+ }
1599
+ /**
1600
+ * Get API key details
1601
+ *
1602
+ * Retrieve the current user's API key (masked) and metadata.
1603
+ */
1604
+ static cfgAccountsApiKeyRetrieve(options) {
1605
+ return (options?.client ?? client).get({
1606
+ security: [
1607
+ { scheme: "bearer", type: "http" },
1608
+ {
1609
+ in: "cookie",
1610
+ name: "sessionid",
1611
+ type: "apiKey"
1612
+ },
1613
+ { name: "X-API-Key", type: "apiKey" }
1614
+ ],
1615
+ url: "/cfg/accounts/api-key/",
1616
+ ...options
1617
+ });
1618
+ }
1619
+ /**
1620
+ * Regenerate API key
1621
+ *
1622
+ * Generate a new API key. The full key is returned only once.
1623
+ */
1624
+ static cfgAccountsApiKeyRegenerateCreate(options) {
1625
+ return (options.client ?? client).post({
1626
+ security: [
1627
+ { scheme: "bearer", type: "http" },
1628
+ {
1629
+ in: "cookie",
1630
+ name: "sessionid",
1631
+ type: "apiKey"
1632
+ },
1633
+ { name: "X-API-Key", type: "apiKey" }
1634
+ ],
1635
+ url: "/cfg/accounts/api-key/regenerate/",
1636
+ ...options,
1637
+ headers: {
1638
+ "Content-Type": "application/json",
1639
+ ...options.headers
1640
+ }
1641
+ });
1642
+ }
1643
+ /**
1644
+ * Reveal API key
1645
+ *
1646
+ * Return the current full API key WITHOUT rotating it. The same durable value every one of the user's agents uses — for the signed-in user to copy and paste into agent onboarding. Default GET stays masked; this is the explicit reveal action.
1647
+ */
1648
+ static cfgAccountsApiKeyRevealCreate(options) {
1649
+ return (options.client ?? client).post({
1650
+ security: [
1651
+ { scheme: "bearer", type: "http" },
1652
+ {
1653
+ in: "cookie",
1654
+ name: "sessionid",
1655
+ type: "apiKey"
1656
+ },
1657
+ { name: "X-API-Key", type: "apiKey" }
1658
+ ],
1659
+ url: "/cfg/accounts/api-key/reveal/",
1660
+ ...options,
1661
+ headers: {
1662
+ "Content-Type": "application/json",
1663
+ ...options.headers
1664
+ }
1665
+ });
1666
+ }
1667
+ /**
1668
+ * Test API key
1669
+ *
1670
+ * Test whether an API key is valid without consuming it.
1671
+ */
1672
+ static cfgAccountsApiKeyTestCreate(options) {
1673
+ return (options.client ?? client).post({
1674
+ security: [
1675
+ { scheme: "bearer", type: "http" },
1676
+ {
1677
+ in: "cookie",
1678
+ name: "sessionid",
1679
+ type: "apiKey"
1680
+ },
1681
+ { name: "X-API-Key", type: "apiKey" }
1682
+ ],
1683
+ url: "/cfg/accounts/api-key/test/",
1684
+ ...options,
1685
+ headers: {
1686
+ "Content-Type": "application/json",
1687
+ ...options.headers
1688
+ }
1689
+ });
1690
+ }
1691
+ };
1692
+ var CfgAccountsOauth = class {
1693
+ static {
1694
+ __name(this, "CfgAccountsOauth");
1695
+ }
1696
+ /**
1697
+ * List OAuth connections
1698
+ *
1699
+ * Get all OAuth connections for the current user.
1700
+ */
1701
+ static cfgAccountsOauthConnectionsList(options) {
1702
+ return (options?.client ?? client).get({
1703
+ security: [
1704
+ { name: "X-API-Key", type: "apiKey" },
1705
+ { scheme: "bearer", type: "http" },
1706
+ { name: "Authorization", type: "apiKey" }
1707
+ ],
1708
+ url: "/cfg/accounts/oauth/connections/",
1709
+ ...options
1710
+ });
1711
+ }
1712
+ /**
1713
+ * Disconnect OAuth provider
1714
+ *
1715
+ * Remove OAuth connection for the specified provider.
1716
+ */
1717
+ static cfgAccountsOauthDisconnectCreate(options) {
1718
+ return (options.client ?? client).post({
1719
+ security: [
1720
+ { name: "X-API-Key", type: "apiKey" },
1721
+ { scheme: "bearer", type: "http" },
1722
+ { name: "Authorization", type: "apiKey" }
1723
+ ],
1724
+ url: "/cfg/accounts/oauth/disconnect/",
1725
+ ...options,
1726
+ headers: {
1727
+ "Content-Type": "application/json",
1728
+ ...options.headers
1729
+ }
1730
+ });
1731
+ }
1732
+ /**
1733
+ * Start GitHub OAuth
1734
+ *
1735
+ * Generate GitHub OAuth authorization URL. Redirect user to this URL to start authentication.
1736
+ */
1737
+ static cfgAccountsOauthGithubAuthorizeCreate(options) {
1738
+ return (options?.client ?? client).post({
1739
+ url: "/cfg/accounts/oauth/github/authorize/",
1740
+ ...options,
1741
+ headers: {
1742
+ "Content-Type": "application/json",
1743
+ ...options?.headers
1744
+ }
1745
+ });
1746
+ }
1747
+ /**
1748
+ * Complete GitHub OAuth
1749
+ *
1750
+ * Exchange authorization code for JWT tokens. Call this after GitHub redirects back with code.
1751
+ */
1752
+ static cfgAccountsOauthGithubCallbackCreate(options) {
1753
+ return (options.client ?? client).post({
1754
+ url: "/cfg/accounts/oauth/github/callback/",
1755
+ ...options,
1756
+ headers: {
1757
+ "Content-Type": "application/json",
1758
+ ...options.headers
1759
+ }
1760
+ });
1761
+ }
1762
+ /**
1763
+ * List OAuth providers
1764
+ *
1765
+ * Get list of available OAuth providers for authentication.
1766
+ */
1767
+ static cfgAccountsOauthProvidersRetrieve(options) {
1768
+ return (options?.client ?? client).get({ url: "/cfg/accounts/oauth/providers/", ...options });
1769
+ }
1770
+ };
1771
+ var CfgAccounts = class {
1772
+ static {
1773
+ __name(this, "CfgAccounts");
1774
+ }
1775
+ /**
1776
+ * Request OTP code to email.
1777
+ */
1778
+ static cfgAccountsOtpRequestCreate(options) {
1779
+ return (options.client ?? client).post({
1780
+ security: [
1781
+ { name: "X-API-Key", type: "apiKey" },
1782
+ { scheme: "bearer", type: "http" },
1783
+ { name: "Authorization", type: "apiKey" }
1784
+ ],
1785
+ url: "/cfg/accounts/otp/request/",
1786
+ ...options,
1787
+ headers: {
1788
+ "Content-Type": "application/json",
1789
+ ...options.headers
1790
+ }
1791
+ });
1792
+ }
1793
+ /**
1794
+ * Verify OTP code and return JWT tokens or 2FA session.
1795
+ *
1796
+ * If user has 2FA enabled:
1797
+ * - Returns requires_2fa=True with session_id
1798
+ * - Client must complete 2FA verification at /cfg/totp/verify/
1799
+ *
1800
+ * If user has no 2FA:
1801
+ * - Returns JWT tokens and user data directly
1802
+ */
1803
+ static cfgAccountsOtpVerifyCreate(options) {
1804
+ return (options.client ?? client).post({
1805
+ security: [
1806
+ { name: "X-API-Key", type: "apiKey" },
1807
+ { scheme: "bearer", type: "http" },
1808
+ { name: "Authorization", type: "apiKey" }
1809
+ ],
1810
+ url: "/cfg/accounts/otp/verify/",
1811
+ ...options,
1812
+ headers: {
1813
+ "Content-Type": "application/json",
1814
+ ...options.headers
1815
+ }
1816
+ });
1817
+ }
1818
+ };
1819
+ var CfgAccountsProfile = class {
1820
+ static {
1821
+ __name(this, "CfgAccountsProfile");
1822
+ }
1823
+ /**
1824
+ * Get current user profile
1825
+ *
1826
+ * Retrieve the current authenticated user's profile information.
1827
+ */
1828
+ static cfgAccountsProfileRetrieve(options) {
1829
+ return (options?.client ?? client).get({
1830
+ security: [{ scheme: "bearer", type: "http" }, {
1831
+ in: "cookie",
1832
+ name: "sessionid",
1833
+ type: "apiKey"
1834
+ }],
1835
+ url: "/cfg/accounts/profile/",
1836
+ ...options
1837
+ });
1838
+ }
1839
+ /**
1840
+ * Upload user avatar
1841
+ *
1842
+ * Upload avatar image for the current authenticated user. Accepts multipart/form-data with 'avatar' field.
1843
+ */
1844
+ static cfgAccountsProfileAvatarCreate(options) {
1845
+ return (options?.client ?? client).post({
1846
+ ...formDataBodySerializer,
1847
+ security: [
1848
+ { name: "X-API-Key", type: "apiKey" },
1849
+ { scheme: "bearer", type: "http" },
1850
+ { name: "Authorization", type: "apiKey" }
1851
+ ],
1852
+ url: "/cfg/accounts/profile/avatar/",
1853
+ ...options,
1854
+ headers: {
1855
+ "Content-Type": null,
1856
+ ...options?.headers
1950
1857
  }
1951
- };
1952
- COOKIE_MAX_AGE = 60 * 60 * 24 * 30;
1953
- cookieBackend = {
1954
- get(key) {
1955
- if (!isBrowser) return null;
1956
- try {
1957
- const re = new RegExp(`(?:^|;\\s*)${encodeURIComponent(key)}=([^;]*)`);
1958
- const m = document.cookie.match(re);
1959
- return m ? decodeURIComponent(m[1]) : null;
1960
- } catch {
1961
- return null;
1962
- }
1963
- },
1964
- set(key, value) {
1965
- if (!isBrowser) return;
1966
- try {
1967
- const k = encodeURIComponent(key);
1968
- const secure = window.location.protocol === "https:" ? "; Secure" : "";
1969
- if (value === null) {
1970
- document.cookie = `${k}=; Path=/; Max-Age=0; SameSite=Lax${secure}`;
1971
- } else {
1972
- const v = encodeURIComponent(value);
1973
- document.cookie = `${k}=${v}; Path=/; Max-Age=${COOKIE_MAX_AGE}; SameSite=Lax${secure}`;
1974
- }
1975
- } catch {
1976
- }
1858
+ });
1859
+ }
1860
+ /**
1861
+ * Delete user account
1862
+ *
1863
+ *
1864
+ * Permanently delete the current user's account.
1865
+ *
1866
+ * This operation:
1867
+ * - Deactivates the account (user cannot log in)
1868
+ * - Anonymizes personal data (GDPR compliance)
1869
+ * - Frees up the email address for re-registration
1870
+ * - Preserves audit trail
1871
+ *
1872
+ * The account can be restored by an administrator if needed.
1873
+ *
1874
+ */
1875
+ static cfgAccountsProfileDeleteCreate(options) {
1876
+ return (options?.client ?? client).post({
1877
+ security: [{ scheme: "bearer", type: "http" }, {
1878
+ in: "cookie",
1879
+ name: "sessionid",
1880
+ type: "apiKey"
1881
+ }],
1882
+ url: "/cfg/accounts/profile/delete/",
1883
+ ...options
1884
+ });
1885
+ }
1886
+ /**
1887
+ * Partial update user profile
1888
+ *
1889
+ * Partially update the current authenticated user's profile information. Supports avatar upload.
1890
+ */
1891
+ static cfgAccountsProfilePartialPartialUpdate(options) {
1892
+ return (options?.client ?? client).patch({
1893
+ security: [{ scheme: "bearer", type: "http" }, {
1894
+ in: "cookie",
1895
+ name: "sessionid",
1896
+ type: "apiKey"
1897
+ }],
1898
+ url: "/cfg/accounts/profile/partial/",
1899
+ ...options,
1900
+ headers: {
1901
+ "Content-Type": "application/json",
1902
+ ...options?.headers
1977
1903
  }
1978
- };
1979
- _storage = localStorageBackend;
1980
- _storageMode = "localStorage";
1981
- __name(detectLocale, "detectLocale");
1982
- __name(defaultBaseUrl, "defaultBaseUrl");
1983
- __name(defaultApiKey, "defaultApiKey");
1984
- _localeOverride = null;
1985
- _apiKeyOverride = null;
1986
- _baseUrlOverride = null;
1987
- _withCredentials = true;
1988
- _onUnauthorized = null;
1989
- _refreshHandler = null;
1990
- _refreshInflight = null;
1991
- RETRY_MARKER = "X-Auth-Retry";
1992
- __name(jwtExpMs, "jwtExpMs");
1993
- __name(computeSnapshot, "computeSnapshot");
1994
- SERVER_SNAPSHOT = { status: "anonymous", accessExpiresAt: null };
1995
- SESSION_SYNC_EVENT = `cfg-auth:changed:${ACCESS_KEY}`;
1996
- _snapshot = computeSnapshot();
1997
- _sessionListeners = /* @__PURE__ */ new Set();
1998
- _expiryTimer = null;
1999
- _storageListenerInstalled = false;
2000
- __name(scheduleExpiryFlip, "scheduleExpiryFlip");
2001
- __name(notifySessionChanged, "notifySessionChanged");
2002
- __name(ensureStorageSync, "ensureStorageSync");
2003
- _sessionExpiredHandlers = /* @__PURE__ */ new Set();
2004
- _client = null;
2005
- __name(pushClientConfig, "pushClientConfig");
2006
- auth = {
2007
- // ── Storage mode ──────────────────────────────────────────────────
2008
- getStorageMode() {
2009
- return _storageMode;
2010
- },
2011
- setStorageMode(mode) {
2012
- _storageMode = mode;
2013
- _storage = mode === "cookie" ? cookieBackend : localStorageBackend;
2014
- notifySessionChanged();
2015
- },
2016
- // ── Bearer token ──────────────────────────────────────────────────
2017
- getToken() {
2018
- return _storage.get(ACCESS_KEY);
2019
- },
2020
- setToken(token) {
2021
- _storage.set(ACCESS_KEY, token);
2022
- notifySessionChanged();
2023
- },
2024
- getRefreshToken() {
2025
- return _storage.get(REFRESH_KEY);
2026
- },
2027
- setRefreshToken(token) {
2028
- _storage.set(REFRESH_KEY, token);
2029
- notifySessionChanged();
2030
- },
2031
- clearTokens() {
2032
- _storage.set(ACCESS_KEY, null);
2033
- _storage.set(REFRESH_KEY, null);
2034
- notifySessionChanged();
2035
- },
2036
- /** Session-aware: token PRESENT and not past its `exp` (or a live refresh
2037
- * token exists that can mint one). Prefer `getSnapshot().status` in React. */
2038
- isAuthenticated() {
2039
- return computeSnapshot().status === "authenticated";
2040
- },
2041
- // ── Session (the ONE write path for login/logout flows) ──────────
2042
- /**
2043
- * Persist a token pair atomically. Every login flow (OTP verify, 2FA,
2044
- * OAuth callback) and the refresh handler should end here — do NOT
2045
- * scatter `setToken`/`setRefreshToken` pairs through app code.
2046
- * `refresh: undefined` keeps the current refresh token (access-only
2047
- * rotation); `refresh: null` explicitly drops it.
2048
- */
2049
- setSession(tokens) {
2050
- _storage.set(ACCESS_KEY, tokens.access);
2051
- if (tokens.refresh !== void 0) _storage.set(REFRESH_KEY, tokens.refresh);
2052
- notifySessionChanged();
2053
- },
2054
- clearSession() {
2055
- auth.clearTokens();
2056
- },
2057
- // ── Reactive snapshot (for useSyncExternalStore) ──────────────────
2058
- /**
2059
- * @example React:
2060
- * const session = useSyncExternalStore(
2061
- * auth.subscribe, auth.getSnapshot, auth.getServerSnapshot,
2062
- * );
2063
- * const isAuthenticated = session.status === 'authenticated';
2064
- */
2065
- getSnapshot() {
2066
- return _snapshot;
2067
- },
2068
- getServerSnapshot() {
2069
- return SERVER_SNAPSHOT;
2070
- },
2071
- subscribe(listener) {
2072
- ensureStorageSync();
2073
- _sessionListeners.add(listener);
2074
- notifySessionChanged();
2075
- return () => {
2076
- _sessionListeners.delete(listener);
2077
- if (_sessionListeners.size === 0 && _expiryTimer !== null) {
2078
- clearTimeout(_expiryTimer);
2079
- _expiryTimer = null;
2080
- }
2081
- };
2082
- },
2083
- /**
2084
- * Fired on TERMINAL 401 — after the refresh+retry path is exhausted.
2085
- * The store has already cleared the session before calling back, so
2086
- * handlers only need to route to login (no clear-then-redirect
2087
- * ordering to get wrong). Returns an unsubscribe function; multiple
2088
- * handlers compose (unlike the legacy single-slot `onUnauthorized`).
2089
- */
2090
- onSessionExpired(cb) {
2091
- _sessionExpiredHandlers.add(cb);
2092
- return () => {
2093
- _sessionExpiredHandlers.delete(cb);
2094
- };
2095
- },
2096
- // ── API key ───────────────────────────────────────────────────────
2097
- getApiKey() {
2098
- return _apiKeyOverride ?? _storage.get(API_KEY_KEY) ?? defaultApiKey();
2099
- },
2100
- setApiKey(key) {
2101
- _apiKeyOverride = key;
2102
- },
2103
- setApiKeyPersist(key) {
2104
- _apiKeyOverride = key;
2105
- _storage.set(API_KEY_KEY, key);
2106
- },
2107
- clearApiKey() {
2108
- _apiKeyOverride = null;
2109
- _storage.set(API_KEY_KEY, null);
2110
- },
2111
- // ── Locale ────────────────────────────────────────────────────────
2112
- getLocale() {
2113
- return _localeOverride ?? detectLocale();
2114
- },
2115
- setLocale(locale) {
2116
- _localeOverride = locale;
2117
- },
2118
- // ── Base URL ──────────────────────────────────────────────────────
2119
- getBaseUrl() {
2120
- const url = _baseUrlOverride ?? defaultBaseUrl();
2121
- return url.replace(/\/$/, "");
2122
- },
2123
- setBaseUrl(url) {
2124
- _baseUrlOverride = url ? url.replace(/\/$/, "") : null;
2125
- pushClientConfig();
2126
- },
2127
- // ── Credentials toggle ────────────────────────────────────────────
2128
- getWithCredentials() {
2129
- return _withCredentials;
2130
- },
2131
- setWithCredentials(value) {
2132
- _withCredentials = value;
2133
- pushClientConfig();
2134
- },
2135
- // ── 401 handler ───────────────────────────────────────────────────
2136
- /**
2137
- * Fired when the server returns 401 AND no refresh path recovers it
2138
- * (no refresh token, no refresh handler, refresh failed, or retry
2139
- * still 401). The app should clear local state and redirect to login.
2140
- *
2141
- * NOT fired for 401 that gets transparently recovered by the refresh
2142
- * handler — those are invisible to callers.
2143
- */
2144
- onUnauthorized(cb) {
2145
- _onUnauthorized = cb;
2146
- },
2147
- /**
2148
- * Register the refresh strategy. The handler receives the current
2149
- * refresh token and must call your refresh endpoint, returning
2150
- * `{ access, refresh? }` on success or `null` on failure.
2151
- *
2152
- * @example
2153
- * auth.setRefreshHandler(async (refresh) => {
2154
- * const { data } = await Auth.tokenRefreshCreate({ body: { refresh } });
2155
- * return data ? { access: data.access, refresh: data.refresh } : null;
2156
- * });
2157
- */
2158
- setRefreshHandler(fn) {
2159
- _refreshHandler = fn;
2160
- },
2161
- /**
2162
- * Proactively run the registered refresh handler right now, reusing the
2163
- * SAME single-flight promise as the 401-recovery interceptor. Callers
2164
- * (e.g. an expiry timer / focus / reconnect) get token rotation,
2165
- * de-duplication and rotated-token persistence for free — they must NOT
2166
- * re-implement any of it. Returns the fresh access token, or null if
2167
- * there is no handler / no refresh token / the refresh failed.
2168
- */
2169
- refreshNow() {
2170
- return tryRefresh();
1904
+ });
1905
+ }
1906
+ /**
1907
+ * Partial update user profile
1908
+ *
1909
+ * Partially update the current authenticated user's profile information. Supports avatar upload.
1910
+ */
1911
+ static cfgAccountsProfilePartialUpdate(options) {
1912
+ return (options?.client ?? client).put({
1913
+ security: [{ scheme: "bearer", type: "http" }, {
1914
+ in: "cookie",
1915
+ name: "sessionid",
1916
+ type: "apiKey"
1917
+ }],
1918
+ url: "/cfg/accounts/profile/partial/",
1919
+ ...options,
1920
+ headers: {
1921
+ "Content-Type": "application/json",
1922
+ ...options?.headers
2171
1923
  }
2172
- };
2173
- __name(tryRefresh, "tryRefresh");
2174
- __name(expireSession, "expireSession");
2175
- __name(dpopEnabled, "dpopEnabled");
2176
- _DPOP_DB = "cfg-auth";
2177
- _DPOP_STORE = "keys";
2178
- _DPOP_KEY_ID = "dpop-ec-p256";
2179
- __name(_idbOpen, "_idbOpen");
2180
- __name(_idbGet, "_idbGet");
2181
- __name(_idbPut, "_idbPut");
2182
- _dpopKeyPromise = null;
2183
- __name(_getDpopKeyPair, "_getDpopKeyPair");
2184
- __name(_b64urlFromBytes, "_b64urlFromBytes");
2185
- __name(_b64urlFromString, "_b64urlFromString");
2186
- __name(_publicJwk, "_publicJwk");
2187
- __name(_makeDpopProof, "_makeDpopProof");
2188
- __name(installAuthOnClient, "installAuthOnClient");
2189
- auth.setRefreshHandler(async (refresh) => {
2190
- try {
2191
- const { CfgAccountsAuth: CfgAccountsAuth2 } = await Promise.resolve().then(() => (init_sdk_gen(), sdk_gen_exports));
2192
- const { data } = await CfgAccountsAuth2.cfgAccountsTokenRefreshCreate({
2193
- body: { refresh },
2194
- throwOnError: true
2195
- });
2196
- return data?.access ? { access: data.access, refresh: data.refresh ?? refresh } : null;
2197
- } catch {
2198
- return null;
1924
+ });
1925
+ }
1926
+ /**
1927
+ * Update user profile
1928
+ *
1929
+ * Update the current authenticated user's profile information.
1930
+ */
1931
+ static cfgAccountsProfileUpdatePartialUpdate(options) {
1932
+ return (options?.client ?? client).patch({
1933
+ security: [{ scheme: "bearer", type: "http" }, {
1934
+ in: "cookie",
1935
+ name: "sessionid",
1936
+ type: "apiKey"
1937
+ }],
1938
+ url: "/cfg/accounts/profile/update/",
1939
+ ...options,
1940
+ headers: {
1941
+ "Content-Type": "application/json",
1942
+ ...options?.headers
1943
+ }
1944
+ });
1945
+ }
1946
+ /**
1947
+ * Update user profile
1948
+ *
1949
+ * Update the current authenticated user's profile information.
1950
+ */
1951
+ static cfgAccountsProfileUpdateUpdate(options) {
1952
+ return (options?.client ?? client).put({
1953
+ security: [{ scheme: "bearer", type: "http" }, {
1954
+ in: "cookie",
1955
+ name: "sessionid",
1956
+ type: "apiKey"
1957
+ }],
1958
+ url: "/cfg/accounts/profile/update/",
1959
+ ...options,
1960
+ headers: {
1961
+ "Content-Type": "application/json",
1962
+ ...options?.headers
2199
1963
  }
2200
1964
  });
2201
1965
  }
2202
- });
2203
-
2204
- // src/clients.ts
2205
- var clients_exports = {};
2206
- __export(clients_exports, {
2207
- AccountsAPI: () => API,
2208
- CentrifugoAPI: () => API2,
2209
- TotpAPI: () => API3,
2210
- apiAccounts: () => CfgAccountsApi,
2211
- apiCentrifugo: () => CfgCentrifugoApi,
2212
- apiTotp: () => CfgTotpApi
2213
- });
2214
- module.exports = __toCommonJS(clients_exports);
2215
-
2216
- // src/_api/generated/index.ts
2217
- init_auth();
2218
- init_auth();
2219
-
2220
- // src/_api/generated/_cfg_accounts/api.ts
2221
- init_auth();
2222
-
2223
- // src/_api/generated/helpers/logger.ts
2224
- var import_consola = require("consola");
2225
- var DEFAULT_CONFIG = {
2226
- enabled: typeof process !== "undefined" && process.env.NODE_ENV !== "production",
2227
- logRequests: true,
2228
- logResponses: true,
2229
- logErrors: true,
2230
- logBodies: true,
2231
- logHeaders: false
2232
1966
  };
2233
- var SENSITIVE_HEADERS = [
2234
- "authorization",
2235
- "cookie",
2236
- "set-cookie",
2237
- "x-api-key",
2238
- "x-csrf-token"
2239
- ];
2240
- var APILogger = class {
1967
+ var CfgAccountsAuth = class {
2241
1968
  static {
2242
- __name(this, "APILogger");
1969
+ __name(this, "CfgAccountsAuth");
2243
1970
  }
2244
- config;
2245
- consola;
2246
- constructor(config = {}) {
2247
- this.config = { ...DEFAULT_CONFIG, ...config };
2248
- this.consola = config.consola || (0, import_consola.createConsola)({
2249
- level: this.config.enabled ? 4 : 0
1971
+ /**
1972
+ * Revoke a refresh token (logout).
1973
+ *
1974
+ * Blacklists the posted refresh token so it can never mint another access
1975
+ * token. Called best-effort by the client's logout — without it, "logout"
1976
+ * is purely client-side and a stolen refresh token survives until expiry.
1977
+ */
1978
+ static cfgAccountsTokenBlacklistCreate(options) {
1979
+ return (options.client ?? client).post({
1980
+ url: "/cfg/accounts/token/blacklist/",
1981
+ ...options,
1982
+ headers: {
1983
+ "Content-Type": "application/json",
1984
+ ...options.headers
1985
+ }
2250
1986
  });
2251
1987
  }
2252
- enable() {
2253
- this.config.enabled = true;
1988
+ /**
1989
+ * Refresh JWT token.
1990
+ *
1991
+ * DPoP-aware: when the incoming refresh token is key-bound (`cnf.jkt`), the
1992
+ * rotated access/refresh in the response are re-stamped with the same `cnf`
1993
+ * (stock SimpleJWT drops it from the derived access), and a matching DPoP
1994
+ * proof is required on the refresh request — so a stolen refresh token can't
1995
+ * be used to mint fresh tokens.
1996
+ */
1997
+ static cfgAccountsTokenRefreshCreate(options) {
1998
+ return (options.client ?? client).post({
1999
+ url: "/cfg/accounts/token/refresh/",
2000
+ ...options,
2001
+ headers: {
2002
+ "Content-Type": "application/json",
2003
+ ...options.headers
2004
+ }
2005
+ });
2254
2006
  }
2255
- disable() {
2256
- this.config.enabled = false;
2007
+ };
2008
+ var CfgCentrifugo = class {
2009
+ static {
2010
+ __name(this, "CfgCentrifugo");
2257
2011
  }
2258
- setConfig(config) {
2259
- this.config = { ...this.config, ...config };
2012
+ /**
2013
+ * Get Centrifugo connection token
2014
+ *
2015
+ * Generate JWT token for WebSocket connection to Centrifugo. Token includes user's allowed channels based on their permissions. Requires authentication.
2016
+ */
2017
+ static cfgCentrifugoAuthTokenRetrieve(options) {
2018
+ return (options?.client ?? client).get({
2019
+ security: [
2020
+ { name: "X-API-Key", type: "apiKey" },
2021
+ { scheme: "bearer", type: "http" },
2022
+ { name: "Authorization", type: "apiKey" }
2023
+ ],
2024
+ url: "/cfg/centrifugo/auth/token/",
2025
+ ...options
2026
+ });
2260
2027
  }
2261
- filterHeaders(headers) {
2262
- if (!headers) return {};
2263
- const filtered = {};
2264
- Object.keys(headers).forEach((key) => {
2265
- filtered[key] = SENSITIVE_HEADERS.includes(key.toLowerCase()) ? "***" : headers[key] || "";
2028
+ };
2029
+ var CfgTotpBackupCodes = class {
2030
+ static {
2031
+ __name(this, "CfgTotpBackupCodes");
2032
+ }
2033
+ /**
2034
+ * Get backup codes status for user.
2035
+ */
2036
+ static cfgTotpBackupCodesRetrieve(options) {
2037
+ return (options?.client ?? client).get({
2038
+ security: [
2039
+ { name: "X-API-Key", type: "apiKey" },
2040
+ { scheme: "bearer", type: "http" },
2041
+ { name: "Authorization", type: "apiKey" }
2042
+ ],
2043
+ url: "/cfg/totp/backup-codes/",
2044
+ ...options
2266
2045
  });
2267
- return filtered;
2268
2046
  }
2269
- logRequest(request) {
2270
- if (!this.config.enabled || !this.config.logRequests) return;
2271
- const { method, url, headers, body } = request;
2272
- this.consola.start(`${method} ${url}`);
2273
- if (this.config.logHeaders && headers) this.consola.debug("Headers:", this.filterHeaders(headers));
2274
- if (this.config.logBodies && body) this.consola.debug("Body:", body);
2047
+ /**
2048
+ * Regenerate backup codes.
2049
+ *
2050
+ * Requires TOTP code for verification.
2051
+ * Invalidates all existing codes.
2052
+ */
2053
+ static cfgTotpBackupCodesRegenerateCreate(options) {
2054
+ return (options.client ?? client).post({
2055
+ security: [
2056
+ { name: "X-API-Key", type: "apiKey" },
2057
+ { scheme: "bearer", type: "http" },
2058
+ { name: "Authorization", type: "apiKey" }
2059
+ ],
2060
+ url: "/cfg/totp/backup-codes/regenerate/",
2061
+ ...options,
2062
+ headers: {
2063
+ "Content-Type": "application/json",
2064
+ ...options.headers
2065
+ }
2066
+ });
2275
2067
  }
2276
- logResponse(request, response) {
2277
- if (!this.config.enabled || !this.config.logResponses) return;
2278
- const { method, url } = request;
2279
- const { status, statusText, data, duration } = response;
2280
- this.consola.success(`${method} ${url} ${status} ${statusText} (${duration}ms)`);
2281
- if (this.config.logBodies && data) this.consola.debug("Response:", data);
2068
+ };
2069
+ var CfgTotp = class {
2070
+ static {
2071
+ __name(this, "CfgTotp");
2282
2072
  }
2283
- logError(request, error) {
2284
- if (!this.config.enabled || !this.config.logErrors) return;
2285
- const { method, url } = request;
2286
- const { message, statusCode, fieldErrors, duration } = error;
2287
- this.consola.error(`${method} ${url} ${statusCode || "Network"} Error (${duration}ms)`);
2288
- this.consola.error("Message:", message);
2289
- if (fieldErrors && Object.keys(fieldErrors).length > 0) {
2290
- this.consola.error("Field Errors:");
2291
- Object.entries(fieldErrors).forEach(([field, errors]) => {
2292
- errors.forEach((err) => this.consola.error(` \u2022 ${field}: ${err}`));
2293
- });
2294
- }
2073
+ /**
2074
+ * List all TOTP devices for user.
2075
+ */
2076
+ static cfgTotpDevicesRetrieve(options) {
2077
+ return (options?.client ?? client).get({
2078
+ security: [
2079
+ { name: "X-API-Key", type: "apiKey" },
2080
+ { scheme: "bearer", type: "http" },
2081
+ { name: "Authorization", type: "apiKey" }
2082
+ ],
2083
+ url: "/cfg/totp/devices/",
2084
+ ...options
2085
+ });
2295
2086
  }
2296
- info(message, ...args) {
2297
- if (this.config.enabled) this.consola.info(message, ...args);
2087
+ /**
2088
+ * Delete a TOTP device.
2089
+ *
2090
+ * Requires verification code if removing the last/primary device.
2091
+ */
2092
+ static cfgTotpDevicesDestroy(options) {
2093
+ return (options.client ?? client).delete({
2094
+ security: [
2095
+ { name: "X-API-Key", type: "apiKey" },
2096
+ { scheme: "bearer", type: "http" },
2097
+ { name: "Authorization", type: "apiKey" }
2098
+ ],
2099
+ url: "/cfg/totp/devices/{id}/",
2100
+ ...options
2101
+ });
2298
2102
  }
2299
- warn(message, ...args) {
2300
- if (this.config.enabled) this.consola.warn(message, ...args);
2103
+ /**
2104
+ * Completely disable 2FA for account.
2105
+ *
2106
+ * Requires verification code.
2107
+ */
2108
+ static cfgTotpDisableCreate(options) {
2109
+ return (options.client ?? client).post({
2110
+ security: [
2111
+ { name: "X-API-Key", type: "apiKey" },
2112
+ { scheme: "bearer", type: "http" },
2113
+ { name: "Authorization", type: "apiKey" }
2114
+ ],
2115
+ url: "/cfg/totp/disable/",
2116
+ ...options,
2117
+ headers: {
2118
+ "Content-Type": "application/json",
2119
+ ...options.headers
2120
+ }
2121
+ });
2301
2122
  }
2302
- error(message, ...args) {
2303
- if (this.config.enabled) this.consola.error(message, ...args);
2123
+ };
2124
+ var CfgTotpSetup = class {
2125
+ static {
2126
+ __name(this, "CfgTotpSetup");
2304
2127
  }
2305
- debug(message, ...args) {
2306
- if (this.config.enabled) this.consola.debug(message, ...args);
2128
+ /**
2129
+ * Start 2FA setup process.
2130
+ *
2131
+ * Creates a new TOTP device and returns QR code for scanning.
2132
+ */
2133
+ static cfgTotpSetupCreate(options) {
2134
+ return (options?.client ?? client).post({
2135
+ security: [
2136
+ { name: "X-API-Key", type: "apiKey" },
2137
+ { scheme: "bearer", type: "http" },
2138
+ { name: "Authorization", type: "apiKey" }
2139
+ ],
2140
+ url: "/cfg/totp/setup/",
2141
+ ...options,
2142
+ headers: {
2143
+ "Content-Type": "application/json",
2144
+ ...options?.headers
2145
+ }
2146
+ });
2307
2147
  }
2308
- success(message, ...args) {
2309
- if (this.config.enabled) this.consola.success(message, ...args);
2148
+ /**
2149
+ * Confirm 2FA setup with first valid code.
2150
+ *
2151
+ * Activates the device and generates backup codes.
2152
+ */
2153
+ static cfgTotpSetupConfirmCreate(options) {
2154
+ return (options.client ?? client).post({
2155
+ security: [
2156
+ { name: "X-API-Key", type: "apiKey" },
2157
+ { scheme: "bearer", type: "http" },
2158
+ { name: "Authorization", type: "apiKey" }
2159
+ ],
2160
+ url: "/cfg/totp/setup/confirm/",
2161
+ ...options,
2162
+ headers: {
2163
+ "Content-Type": "application/json",
2164
+ ...options.headers
2165
+ }
2166
+ });
2310
2167
  }
2311
- withTag(tag) {
2312
- return this.consola.withTag(tag);
2168
+ };
2169
+ var CfgTotpVerify = class {
2170
+ static {
2171
+ __name(this, "CfgTotpVerify");
2172
+ }
2173
+ /**
2174
+ * Verify TOTP code for 2FA session.
2175
+ *
2176
+ * Completes authentication and returns JWT tokens on success.
2177
+ */
2178
+ static cfgTotpVerifyCreate(options) {
2179
+ return (options.client ?? client).post({
2180
+ security: [
2181
+ { name: "X-API-Key", type: "apiKey" },
2182
+ { scheme: "bearer", type: "http" },
2183
+ { name: "Authorization", type: "apiKey" }
2184
+ ],
2185
+ url: "/cfg/totp/verify/",
2186
+ ...options,
2187
+ headers: {
2188
+ "Content-Type": "application/json",
2189
+ ...options.headers
2190
+ }
2191
+ });
2192
+ }
2193
+ /**
2194
+ * Verify backup recovery code for 2FA session.
2195
+ *
2196
+ * Alternative verification method when TOTP device unavailable.
2197
+ */
2198
+ static cfgTotpVerifyBackupCreate(options) {
2199
+ return (options.client ?? client).post({
2200
+ security: [
2201
+ { name: "X-API-Key", type: "apiKey" },
2202
+ { scheme: "bearer", type: "http" },
2203
+ { name: "Authorization", type: "apiKey" }
2204
+ ],
2205
+ url: "/cfg/totp/verify/backup/",
2206
+ ...options,
2207
+ headers: {
2208
+ "Content-Type": "application/json",
2209
+ ...options.headers
2210
+ }
2211
+ });
2313
2212
  }
2314
2213
  };
2315
- var defaultLogger = new APILogger();
2316
2214
 
2317
2215
  // src/_api/generated/_cfg_accounts/api.ts
2318
- init_sdk_gen();
2319
- init_sdk_gen();
2320
- init_sdk_gen();
2321
- init_sdk_gen();
2322
- init_sdk_gen();
2323
2216
  var API = class {
2324
2217
  static {
2325
2218
  __name(this, "API");
@@ -2395,13 +2288,7 @@ var API = class {
2395
2288
  }
2396
2289
  };
2397
2290
 
2398
- // src/_api/generated/helpers/index.ts
2399
- init_auth();
2400
- init_errors();
2401
-
2402
2291
  // src/_api/generated/_cfg_centrifugo/api.ts
2403
- init_auth();
2404
- init_sdk_gen();
2405
2292
  var API2 = class {
2406
2293
  static {
2407
2294
  __name(this, "API");
@@ -2474,11 +2361,6 @@ var API2 = class {
2474
2361
  };
2475
2362
 
2476
2363
  // src/_api/generated/_cfg_totp/api.ts
2477
- init_auth();
2478
- init_sdk_gen();
2479
- init_sdk_gen();
2480
- init_sdk_gen();
2481
- init_sdk_gen();
2482
2364
  var API3 = class {
2483
2365
  static {
2484
2366
  __name(this, "API");